From null at suse.de Thu May 1 20:30:13 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 01 May 2025 20:30:13 -0000 Subject: SUSE-SU-2025:1425-1: important: Security update for the Linux Kernel (Live Patch 32 for SLE 15 SP4) Message-ID: <174613141312.25998.15410041120871711383@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 32 for SLE 15 SP4) Announcement ID: SUSE-SU-2025:1425-1 Release Date: 2025-05-01T19:39:28Z Rating: important References: * bsc#1233294 * bsc#1235431 * bsc#1240840 Cross-References: * CVE-2024-50205 * CVE-2024-56650 * CVE-2024-8805 CVSS scores: * CVE-2024-50205 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50205 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-50205 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56650 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56650 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56650 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-8805 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8805 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8805 ( NVD ): 8.8 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_136 fixes several issues. The following security issues were fixed: * CVE-2024-8805: Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE (bsc#1240840). * CVE-2024-50205: ALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size() (bsc#1233294). * CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check() (bsc#1235431). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1425=1 SUSE-2025-1427=1 SUSE-2025-1424=1 SUSE-2025-1426=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-1426=1 SUSE-SLE- Module-Live-Patching-15-SP4-2025-1425=1 SUSE-SLE-Module-Live- Patching-15-SP4-2025-1427=1 SUSE-SLE-Module-Live-Patching-15-SP4-2025-1424=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_116-default-17-150400.2.1 * kernel-livepatch-5_14_21-150400_24_136-default-debuginfo-7-150400.2.1 * kernel-livepatch-5_14_21-150400_24_128-default-9-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_31-debugsource-7-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_25-debugsource-17-150400.2.1 * kernel-livepatch-5_14_21-150400_24_116-default-debuginfo-17-150400.2.1 * kernel-livepatch-5_14_21-150400_24_133-default-7-150400.2.1 * kernel-livepatch-5_14_21-150400_24_133-default-debuginfo-7-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_32-debugsource-7-150400.2.1 * kernel-livepatch-5_14_21-150400_24_136-default-7-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_29-debugsource-9-150400.2.1 * kernel-livepatch-5_14_21-150400_24_128-default-debuginfo-9-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_116-default-17-150400.2.1 * kernel-livepatch-5_14_21-150400_24_136-default-debuginfo-7-150400.2.1 * kernel-livepatch-5_14_21-150400_24_128-default-9-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_31-debugsource-7-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_25-debugsource-17-150400.2.1 * kernel-livepatch-5_14_21-150400_24_116-default-debuginfo-17-150400.2.1 * kernel-livepatch-5_14_21-150400_24_133-default-7-150400.2.1 * kernel-livepatch-5_14_21-150400_24_133-default-debuginfo-7-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_32-debugsource-7-150400.2.1 * kernel-livepatch-5_14_21-150400_24_136-default-7-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_29-debugsource-9-150400.2.1 * kernel-livepatch-5_14_21-150400_24_128-default-debuginfo-9-150400.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-50205.html * https://www.suse.com/security/cve/CVE-2024-56650.html * https://www.suse.com/security/cve/CVE-2024-8805.html * https://bugzilla.suse.com/show_bug.cgi?id=1233294 * https://bugzilla.suse.com/show_bug.cgi?id=1235431 * https://bugzilla.suse.com/show_bug.cgi?id=1240840 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 1 20:30:21 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 01 May 2025 20:30:21 -0000 Subject: SUSE-SU-2025:1423-1: important: Security update for the Linux Kernel (Live Patch 46 for SLE 15 SP3) Message-ID: <174613142165.25998.15627038020422177952@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 46 for SLE 15 SP3) Announcement ID: SUSE-SU-2025:1423-1 Release Date: 2025-05-01T16:11:35Z Rating: important References: * bsc#1227753 * bsc#1233294 * bsc#1235431 Cross-References: * CVE-2023-52885 * CVE-2024-50205 * CVE-2024-56650 CVSS scores: * CVE-2023-52885 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52885 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50205 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50205 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-50205 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56650 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56650 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56650 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_167 fixes several issues. The following security issues were fixed: * CVE-2023-52885: SUNRPC: Fix UAF in svc_tcp_listen_data_ready() (bsc#1227753). * CVE-2024-50205: ALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size() (bsc#1233294). * CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check() (bsc#1235431). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-1423=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-1423=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_167-default-12-150300.2.1 * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP3_Update_46-debugsource-12-150300.2.1 * kernel-livepatch-5_3_18-150300_59_167-default-12-150300.2.1 * kernel-livepatch-5_3_18-150300_59_167-default-debuginfo-12-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_167-preempt-12-150300.2.1 * kernel-livepatch-5_3_18-150300_59_167-preempt-debuginfo-12-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52885.html * https://www.suse.com/security/cve/CVE-2024-50205.html * https://www.suse.com/security/cve/CVE-2024-56650.html * https://bugzilla.suse.com/show_bug.cgi?id=1227753 * https://bugzilla.suse.com/show_bug.cgi?id=1233294 * https://bugzilla.suse.com/show_bug.cgi?id=1235431 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 2 08:30:04 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 02 May 2025 08:30:04 -0000 Subject: SUSE-RU-2025:1428-1: important: Recommended update for go1.24 Message-ID: <174617460434.17041.4432730778556032884@smelt2.prg2.suse.org> # Recommended update for go1.24 Announcement ID: SUSE-RU-2025:1428-1 Release Date: 2025-05-02T07:55:25Z Rating: important References: * bsc#1240764 Affected Products: * Development Tools Module 15-SP6 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that has one fix can now be installed. ## Description: This update for go1.24 fixes the following issues: * Fixed random segmentation faults (bsc#1240764) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1428=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1428=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1428=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1428=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1428=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1428=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1428=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1428=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-1428=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1428=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1428=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1428=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1428=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1428=1 ## Package List: * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * go1.24-race-1.24.2-150000.1.20.1 * go1.24-1.24.2-150000.1.20.1 * go1.24-doc-1.24.2-150000.1.20.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * go1.24-race-1.24.2-150000.1.20.1 * go1.24-1.24.2-150000.1.20.1 * go1.24-doc-1.24.2-150000.1.20.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * go1.24-race-1.24.2-150000.1.20.1 * go1.24-1.24.2-150000.1.20.1 * go1.24-doc-1.24.2-150000.1.20.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * go1.24-race-1.24.2-150000.1.20.1 * go1.24-1.24.2-150000.1.20.1 * go1.24-doc-1.24.2-150000.1.20.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * go1.24-race-1.24.2-150000.1.20.1 * go1.24-1.24.2-150000.1.20.1 * go1.24-doc-1.24.2-150000.1.20.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * go1.24-race-1.24.2-150000.1.20.1 * go1.24-1.24.2-150000.1.20.1 * go1.24-doc-1.24.2-150000.1.20.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * go1.24-race-1.24.2-150000.1.20.1 * go1.24-1.24.2-150000.1.20.1 * go1.24-doc-1.24.2-150000.1.20.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * go1.24-race-1.24.2-150000.1.20.1 * go1.24-1.24.2-150000.1.20.1 * go1.24-doc-1.24.2-150000.1.20.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * go1.24-race-1.24.2-150000.1.20.1 * go1.24-1.24.2-150000.1.20.1 * go1.24-doc-1.24.2-150000.1.20.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * go1.24-race-1.24.2-150000.1.20.1 * go1.24-1.24.2-150000.1.20.1 * go1.24-doc-1.24.2-150000.1.20.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * go1.24-race-1.24.2-150000.1.20.1 * go1.24-1.24.2-150000.1.20.1 * go1.24-doc-1.24.2-150000.1.20.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * go1.24-race-1.24.2-150000.1.20.1 * go1.24-1.24.2-150000.1.20.1 * go1.24-doc-1.24.2-150000.1.20.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * go1.24-race-1.24.2-150000.1.20.1 * go1.24-1.24.2-150000.1.20.1 * go1.24-doc-1.24.2-150000.1.20.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * go1.24-race-1.24.2-150000.1.20.1 * go1.24-1.24.2-150000.1.20.1 * go1.24-doc-1.24.2-150000.1.20.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1240764 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 2 12:30:07 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 02 May 2025 12:30:07 -0000 Subject: SUSE-SU-2025:1435-1: moderate: Security update for libxml2 Message-ID: <174618900705.25998.4596109229036710574@smelt2.prg2.suse.org> # Security update for libxml2 Announcement ID: SUSE-SU-2025:1435-1 Release Date: 2025-05-02T10:39:17Z Rating: moderate References: * bsc#1241453 * bsc#1241551 Cross-References: * CVE-2025-32414 * CVE-2025-32415 CVSS scores: * CVE-2025-32414 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L * CVE-2025-32414 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L * CVE-2025-32414 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32414 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L * CVE-2025-32415 ( SUSE ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-32415 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-32415 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves two vulnerabilities can now be installed. ## Description: This update for libxml2 fixes the following issues: * CVE-2025-32414: Fixed an out-of-bounds read when parsing text via the Python API. (bsc#1241551) * CVE-2025-32415: Fixed a crafted XML document may lead to a heap-based buffer under-read. (bsc#1241453) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1435=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1435=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1435=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1435=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1435=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libxml2-2-debuginfo-2.9.14-150400.5.41.1 * libxml2-devel-2.9.14-150400.5.41.1 * python3-libxml2-2.9.14-150400.5.41.1 * libxml2-2-2.9.14-150400.5.41.1 * python311-libxml2-2.9.14-150400.5.41.1 * python3-libxml2-debuginfo-2.9.14-150400.5.41.1 * libxml2-tools-debuginfo-2.9.14-150400.5.41.1 * libxml2-python-debugsource-2.9.14-150400.5.41.1 * python311-libxml2-debuginfo-2.9.14-150400.5.41.1 * libxml2-tools-2.9.14-150400.5.41.1 * libxml2-debugsource-2.9.14-150400.5.41.1 * openSUSE Leap 15.4 (x86_64) * libxml2-2-32bit-debuginfo-2.9.14-150400.5.41.1 * libxml2-devel-32bit-2.9.14-150400.5.41.1 * libxml2-2-32bit-2.9.14-150400.5.41.1 * openSUSE Leap 15.4 (noarch) * libxml2-doc-2.9.14-150400.5.41.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libxml2-2-64bit-2.9.14-150400.5.41.1 * libxml2-devel-64bit-2.9.14-150400.5.41.1 * libxml2-2-64bit-debuginfo-2.9.14-150400.5.41.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libxml2-2-debuginfo-2.9.14-150400.5.41.1 * python3-libxml2-2.9.14-150400.5.41.1 * libxml2-2-2.9.14-150400.5.41.1 * python3-libxml2-debuginfo-2.9.14-150400.5.41.1 * libxml2-tools-debuginfo-2.9.14-150400.5.41.1 * libxml2-python-debugsource-2.9.14-150400.5.41.1 * libxml2-tools-2.9.14-150400.5.41.1 * libxml2-debugsource-2.9.14-150400.5.41.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libxml2-2-debuginfo-2.9.14-150400.5.41.1 * python3-libxml2-2.9.14-150400.5.41.1 * libxml2-2-2.9.14-150400.5.41.1 * python3-libxml2-debuginfo-2.9.14-150400.5.41.1 * libxml2-tools-debuginfo-2.9.14-150400.5.41.1 * libxml2-python-debugsource-2.9.14-150400.5.41.1 * libxml2-tools-2.9.14-150400.5.41.1 * libxml2-debugsource-2.9.14-150400.5.41.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libxml2-2-debuginfo-2.9.14-150400.5.41.1 * python3-libxml2-2.9.14-150400.5.41.1 * libxml2-2-2.9.14-150400.5.41.1 * python3-libxml2-debuginfo-2.9.14-150400.5.41.1 * libxml2-tools-debuginfo-2.9.14-150400.5.41.1 * libxml2-python-debugsource-2.9.14-150400.5.41.1 * libxml2-tools-2.9.14-150400.5.41.1 * libxml2-debugsource-2.9.14-150400.5.41.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libxml2-2-debuginfo-2.9.14-150400.5.41.1 * python3-libxml2-2.9.14-150400.5.41.1 * libxml2-2-2.9.14-150400.5.41.1 * python3-libxml2-debuginfo-2.9.14-150400.5.41.1 * libxml2-tools-debuginfo-2.9.14-150400.5.41.1 * libxml2-python-debugsource-2.9.14-150400.5.41.1 * libxml2-tools-2.9.14-150400.5.41.1 * libxml2-debugsource-2.9.14-150400.5.41.1 ## References: * https://www.suse.com/security/cve/CVE-2025-32414.html * https://www.suse.com/security/cve/CVE-2025-32415.html * https://bugzilla.suse.com/show_bug.cgi?id=1241453 * https://bugzilla.suse.com/show_bug.cgi?id=1241551 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 2 12:30:12 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 02 May 2025 12:30:12 -0000 Subject: SUSE-SU-2025:1434-1: moderate: Security update for poppler Message-ID: <174618901276.25998.3262351255240251698@smelt2.prg2.suse.org> # Security update for poppler Announcement ID: SUSE-SU-2025:1434-1 Release Date: 2025-05-02T10:37:11Z Rating: moderate References: * bsc#1241620 Cross-References: * CVE-2025-43903 CVSS scores: * CVE-2025-43903 ( SUSE ): 4.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N * CVE-2025-43903 ( NVD ): 4.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves one vulnerability can now be installed. ## Description: This update for poppler fixes the following issues: * CVE-2025-43903: improper verification of adbe.pkcs7.sha1 signatures allows for signature forgeries. (bsc#1241620) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1434=1 openSUSE-SLE-15.6-2025-1434=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1434=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-1434=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * poppler-tools-24.03.0-150600.3.13.1 * poppler-tools-debuginfo-24.03.0-150600.3.13.1 * libpoppler135-24.03.0-150600.3.13.1 * libpoppler135-debuginfo-24.03.0-150600.3.13.1 * libpoppler-glib8-debuginfo-24.03.0-150600.3.13.1 * poppler-qt6-debugsource-24.03.0-150600.3.13.1 * typelib-1_0-Poppler-0_18-24.03.0-150600.3.13.1 * poppler-debugsource-24.03.0-150600.3.13.1 * libpoppler-qt6-3-24.03.0-150600.3.13.1 * libpoppler-cpp0-24.03.0-150600.3.13.1 * libpoppler-qt5-devel-24.03.0-150600.3.13.1 * libpoppler-devel-24.03.0-150600.3.13.1 * libpoppler-cpp0-debuginfo-24.03.0-150600.3.13.1 * libpoppler-qt5-1-24.03.0-150600.3.13.1 * libpoppler-qt6-devel-24.03.0-150600.3.13.1 * poppler-qt5-debugsource-24.03.0-150600.3.13.1 * libpoppler-qt5-1-debuginfo-24.03.0-150600.3.13.1 * libpoppler-glib8-24.03.0-150600.3.13.1 * libpoppler-qt6-3-debuginfo-24.03.0-150600.3.13.1 * libpoppler-glib-devel-24.03.0-150600.3.13.1 * openSUSE Leap 15.6 (x86_64) * libpoppler135-32bit-24.03.0-150600.3.13.1 * libpoppler-glib8-32bit-24.03.0-150600.3.13.1 * libpoppler-cpp0-32bit-24.03.0-150600.3.13.1 * libpoppler-glib8-32bit-debuginfo-24.03.0-150600.3.13.1 * libpoppler-qt5-1-32bit-24.03.0-150600.3.13.1 * libpoppler135-32bit-debuginfo-24.03.0-150600.3.13.1 * libpoppler-qt5-1-32bit-debuginfo-24.03.0-150600.3.13.1 * libpoppler-cpp0-32bit-debuginfo-24.03.0-150600.3.13.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libpoppler-cpp0-64bit-debuginfo-24.03.0-150600.3.13.1 * libpoppler-qt5-1-64bit-24.03.0-150600.3.13.1 * libpoppler-glib8-64bit-24.03.0-150600.3.13.1 * libpoppler-cpp0-64bit-24.03.0-150600.3.13.1 * libpoppler-glib8-64bit-debuginfo-24.03.0-150600.3.13.1 * libpoppler-qt5-1-64bit-debuginfo-24.03.0-150600.3.13.1 * libpoppler135-64bit-debuginfo-24.03.0-150600.3.13.1 * libpoppler135-64bit-24.03.0-150600.3.13.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * poppler-tools-24.03.0-150600.3.13.1 * poppler-tools-debuginfo-24.03.0-150600.3.13.1 * libpoppler135-24.03.0-150600.3.13.1 * libpoppler135-debuginfo-24.03.0-150600.3.13.1 * libpoppler-glib8-debuginfo-24.03.0-150600.3.13.1 * typelib-1_0-Poppler-0_18-24.03.0-150600.3.13.1 * poppler-debugsource-24.03.0-150600.3.13.1 * libpoppler-cpp0-24.03.0-150600.3.13.1 * libpoppler-devel-24.03.0-150600.3.13.1 * libpoppler-cpp0-debuginfo-24.03.0-150600.3.13.1 * libpoppler-glib8-24.03.0-150600.3.13.1 * libpoppler-glib-devel-24.03.0-150600.3.13.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * poppler-qt6-debugsource-24.03.0-150600.3.13.1 * libpoppler-qt6-3-24.03.0-150600.3.13.1 * poppler-debugsource-24.03.0-150600.3.13.1 * libpoppler-cpp0-24.03.0-150600.3.13.1 * libpoppler-qt5-devel-24.03.0-150600.3.13.1 * libpoppler-devel-24.03.0-150600.3.13.1 * libpoppler-cpp0-debuginfo-24.03.0-150600.3.13.1 * libpoppler-qt5-1-24.03.0-150600.3.13.1 * libpoppler-qt6-devel-24.03.0-150600.3.13.1 * poppler-qt5-debugsource-24.03.0-150600.3.13.1 * libpoppler-qt5-1-debuginfo-24.03.0-150600.3.13.1 * libpoppler-qt6-3-debuginfo-24.03.0-150600.3.13.1 * SUSE Package Hub 15 15-SP6 (x86_64) * libpoppler135-32bit-debuginfo-24.03.0-150600.3.13.1 * libpoppler-glib8-32bit-debuginfo-24.03.0-150600.3.13.1 * libpoppler135-32bit-24.03.0-150600.3.13.1 * libpoppler-glib8-32bit-24.03.0-150600.3.13.1 ## References: * https://www.suse.com/security/cve/CVE-2025-43903.html * https://bugzilla.suse.com/show_bug.cgi?id=1241620 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 2 12:30:16 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 02 May 2025 12:30:16 -0000 Subject: SUSE-SU-2025:1433-1: important: Security update for redis Message-ID: <174618901627.25998.8546164453133030696@smelt2.prg2.suse.org> # Security update for redis Announcement ID: SUSE-SU-2025:1433-1 Release Date: 2025-05-02T10:23:49Z Rating: important References: * bsc#1241708 Cross-References: * CVE-2025-21605 CVSS scores: * CVE-2025-21605 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21605 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21605 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for redis fixes the following issues: * CVE-2025-21605: Fixed an output buffer denial of service. (bsc#1241708) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1433=1 openSUSE-SLE-15.6-2025-1433=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-1433=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * redis-debugsource-7.2.4-150600.3.9.1 * redis-debuginfo-7.2.4-150600.3.9.1 * redis-7.2.4-150600.3.9.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * redis-debugsource-7.2.4-150600.3.9.1 * redis-debuginfo-7.2.4-150600.3.9.1 * redis-7.2.4-150600.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2025-21605.html * https://bugzilla.suse.com/show_bug.cgi?id=1241708 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 2 12:30:18 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 02 May 2025 12:30:18 -0000 Subject: SUSE-SU-2025:1432-1: important: Security update for redis Message-ID: <174618901873.25998.8431898262619765302@smelt2.prg2.suse.org> # Security update for redis Announcement ID: SUSE-SU-2025:1432-1 Release Date: 2025-05-02T10:23:33Z Rating: important References: * bsc#1241708 Cross-References: * CVE-2025-21605 CVSS scores: * CVE-2025-21605 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21605 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21605 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for redis fixes the following issues: * CVE-2025-21605: Fixed an output buffer denial of service. (bsc#1241708) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-1432=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1432=1 openSUSE-SLE-15.6-2025-1432=1 ## Package List: * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * redis7-debuginfo-7.0.8-150600.8.9.1 * redis7-7.0.8-150600.8.9.1 * redis7-debugsource-7.0.8-150600.8.9.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * redis7-debuginfo-7.0.8-150600.8.9.1 * redis7-7.0.8-150600.8.9.1 * redis7-debugsource-7.0.8-150600.8.9.1 ## References: * https://www.suse.com/security/cve/CVE-2025-21605.html * https://bugzilla.suse.com/show_bug.cgi?id=1241708 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 2 12:30:20 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 02 May 2025 12:30:20 -0000 Subject: SUSE-RU-2025:38402-1: important: Recommended update for freetype2 Message-ID: <174618902048.25998.5552659226525109008@smelt2.prg2.suse.org> # Recommended update for freetype2 Announcement ID: SUSE-RU-2025:38402-1 Release Date: 2025-05-02T08:18:45Z Rating: important References: * jsc#PED-12258 Affected Products: * Basesystem Module 15-SP6 * Desktop Applications Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that contains one feature can now be installed. ## Description: This update for freetype2 fixes the following issue: * enable brotli support (jsc#PED-12258) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-38402=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-38402=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-38402=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-38402=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-38402=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-38402=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-38402=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-38402=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-38402=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-38402=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * ftbench-2.10.4-150000.4.22.1 * libfreetype6-2.10.4-150000.4.22.1 * freetype2-devel-2.10.4-150000.4.22.1 * freetype2-debugsource-2.10.4-150000.4.22.1 * ftvalid-2.10.4-150000.4.22.1 * ftlint-2.10.4-150000.4.22.1 * ftdiff-2.10.4-150000.4.22.1 * ftmulti-2.10.4-150000.4.22.1 * ftgamma-2.10.4-150000.4.22.1 * ftgrid-2.10.4-150000.4.22.1 * ftinspect-2.10.4-150000.4.22.1 * ftdump-2.10.4-150000.4.22.1 * libfreetype6-debuginfo-2.10.4-150000.4.22.1 * ftview-2.10.4-150000.4.22.1 * ftstring-2.10.4-150000.4.22.1 * openSUSE Leap 15.6 (x86_64) * libfreetype6-32bit-2.10.4-150000.4.22.1 * freetype2-devel-32bit-2.10.4-150000.4.22.1 * libfreetype6-32bit-debuginfo-2.10.4-150000.4.22.1 * openSUSE Leap 15.6 (noarch) * freetype2-profile-tti35-2.10.4-150000.4.22.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 nosrc) * ft2demos-2.10.4-150000.4.22.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libfreetype6-2.10.4-150000.4.22.1 * freetype2-debugsource-2.10.4-150000.4.22.1 * libfreetype6-debuginfo-2.10.4-150000.4.22.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libfreetype6-2.10.4-150000.4.22.1 * freetype2-debugsource-2.10.4-150000.4.22.1 * libfreetype6-debuginfo-2.10.4-150000.4.22.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libfreetype6-2.10.4-150000.4.22.1 * freetype2-debugsource-2.10.4-150000.4.22.1 * libfreetype6-debuginfo-2.10.4-150000.4.22.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libfreetype6-2.10.4-150000.4.22.1 * freetype2-debugsource-2.10.4-150000.4.22.1 * libfreetype6-debuginfo-2.10.4-150000.4.22.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libfreetype6-2.10.4-150000.4.22.1 * freetype2-debugsource-2.10.4-150000.4.22.1 * libfreetype6-debuginfo-2.10.4-150000.4.22.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libfreetype6-2.10.4-150000.4.22.1 * freetype2-devel-2.10.4-150000.4.22.1 * freetype2-debugsource-2.10.4-150000.4.22.1 * libfreetype6-debuginfo-2.10.4-150000.4.22.1 * Basesystem Module 15-SP6 (x86_64) * libfreetype6-32bit-2.10.4-150000.4.22.1 * libfreetype6-32bit-debuginfo-2.10.4-150000.4.22.1 * Desktop Applications Module 15-SP6 (nosrc) * ft2demos-2.10.4-150000.4.22.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * ftdump-2.10.4-150000.4.22.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * libfreetype6-2.10.4-150000.4.22.1 * freetype2-debugsource-2.10.4-150000.4.22.1 * libfreetype6-debuginfo-2.10.4-150000.4.22.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * libfreetype6-2.10.4-150000.4.22.1 * freetype2-debugsource-2.10.4-150000.4.22.1 * libfreetype6-debuginfo-2.10.4-150000.4.22.1 ## References: * https://jira.suse.com/browse/PED-12258 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 2 12:30:21 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 02 May 2025 12:30:21 -0000 Subject: SUSE-SU-2025:1431-1: important: Security update for govulncheck-vulndb Message-ID: <174618902163.25998.11634414376570292631@smelt2.prg2.suse.org> # Security update for govulncheck-vulndb Announcement ID: SUSE-SU-2025:1431-1 Release Date: 2025-05-02T08:11:11Z Rating: important References: * jsc#PED-11136 Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that contains one feature can now be installed. ## Description: This update for govulncheck-vulndb fixes the following issues: * Update to version 0.0.20250424T181457 (jsc#PED-11136) * GO-2025-3603 * GO-2025-3604 * GO-2025-3607 * GO-2025-3608 * GO-2025-3609 * GO-2025-3610 * GO-2025-3611 * GO-2025-3612 * GO-2025-3615 * GO-2025-3618 * GO-2025-3619 * GO-2025-3620 * GO-2025-3621 * GO-2025-3622 * GO-2025-3623 * GO-2025-3625 * GO-2025-3627 * GO-2025-3630 * GO-2025-3631 * GO-2025-3632 * GO-2025-3633 * GO-2025-3634 * GO-2025-3635 * GO-2025-3636 * GO-2025-3637 * GO-2025-3638 * GO-2025-3639 * GO-2025-3640 * GO-2025-3642 * GO-2025-3643 * GO-2025-3644 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1431=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-1431=1 ## Package List: * openSUSE Leap 15.6 (noarch) * govulncheck-vulndb-0.0.20250424T181457-150000.1.68.1 * SUSE Package Hub 15 15-SP6 (noarch) * govulncheck-vulndb-0.0.20250424T181457-150000.1.68.1 ## References: * https://jira.suse.com/browse/PED-11136 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 2 12:30:29 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 02 May 2025 12:30:29 -0000 Subject: SUSE-SU-2025:1430-1: critical: Security update for python-h11 Message-ID: <174618902998.25998.1130025226387341173@smelt2.prg2.suse.org> # Security update for python-h11 Announcement ID: SUSE-SU-2025:1430-1 Release Date: 2025-05-02T08:11:00Z Rating: critical References: * bsc#1241872 Cross-References: * CVE-2025-43859 CVSS scores: * CVE-2025-43859 ( SUSE ): 9.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-43859 ( SUSE ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2025-43859 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.6 * Python 3 Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for python-h11 fixes the following issues: * CVE-2025-43859: leniency when parsing of line terminators in chunked-coding message bodies can lead to request smuggling. (bsc#1241872) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1430=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1430=1 * Python 3 Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2025-1430=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1430=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1430=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1430=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1430=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1430=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1430=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1430=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1430=1 ## Package List: * openSUSE Leap 15.4 (noarch) * python311-h11-0.14.0-150400.9.6.1 * openSUSE Leap 15.6 (noarch) * python311-h11-0.14.0-150400.9.6.1 * Python 3 Module 15-SP6 (noarch) * python311-h11-0.14.0-150400.9.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * python311-h11-0.14.0-150400.9.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * python311-h11-0.14.0-150400.9.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * python311-h11-0.14.0-150400.9.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * python311-h11-0.14.0-150400.9.6.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * python311-h11-0.14.0-150400.9.6.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * python311-h11-0.14.0-150400.9.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * python311-h11-0.14.0-150400.9.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * python311-h11-0.14.0-150400.9.6.1 ## References: * https://www.suse.com/security/cve/CVE-2025-43859.html * https://bugzilla.suse.com/show_bug.cgi?id=1241872 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 2 12:30:35 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 02 May 2025 12:30:35 -0000 Subject: SUSE-SU-2025:1429-1: important: Security update for java-21-openjdk Message-ID: <174618903554.25998.1363735584968044269@smelt2.prg2.suse.org> # Security update for java-21-openjdk Announcement ID: SUSE-SU-2025:1429-1 Release Date: 2025-05-02T08:10:12Z Rating: important References: * bsc#1241274 * bsc#1241275 * bsc#1241276 Cross-References: * CVE-2025-21587 * CVE-2025-30691 * CVE-2025-30698 CVSS scores: * CVE-2025-21587 ( SUSE ): 9.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-21587 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2025-21587 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2025-30691 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-30691 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-30691 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-30698 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-30698 ( SUSE ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-30698 ( NVD ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves three vulnerabilities can now be installed. ## Description: This update for java-21-openjdk fixes the following issues: Update to upstream tag jdk-21.0.7+6 (April 2025 CPU) CVEs fixed: * CVE-2025-21587: Fixed JSSE unauthorized access, deletion or modification of critical data (bsc#1241274) * CVE-2025-30691: Fixed Oracle Java SE Compiler Unauthorized Data Access (bsc#1241275) * CVE-2025-30698: Fixed Oracle Java 2D unauthorized data access and DoS (bsc#1241276) Changes: + JDK-8198237: [macos] Test java/awt/Frame/ /ExceptionOnSetExtendedStateTest/ /ExceptionOnSetExtendedStateTest.java fails + JDK-8211851: (ch) java/nio/channels/AsynchronousSocketChannel/ /StressLoopback.java times out (aix) + JDK-8226933: [TEST_BUG]GTK L&F: There is no swatches or RGB tab in JColorChooser + JDK-8226938: [TEST_BUG]GTK L&F: There is no Details button in FileChooser Dialog + JDK-8227529: With malformed --app-image the error messages are awful + JDK-8277240: java/awt/Graphics2D/ScaledTransform/ /ScaledTransform.java dialog does not get disposed + JDK-8283664: Remove jtreg tag manual=yesno for java/awt/print/PrinterJob/PrintTextTest.java + JDK-8286875: ProgrammableUpcallHandler::on_entry/on_exit access thread fields from native + JDK-8293345: SunPKCS11 provider checks on PKCS11 Mechanism are problematic + JDK-8294316: SA core file support is broken on macosx-x64 starting with macOS 12.x + JDK-8295159: DSO created with -ffast-math breaks Java floating-point arithmetic + JDK-8302111: Serialization considerations + JDK-8304701: Request with timeout aborts later in-flight request on HTTP/1.1 cxn + JDK-8309841: Jarsigner should print a warning if an entry is removed + JDK-8311546: Certificate name constraints improperly validated with leading period + JDK-8312570: [TESTBUG] Jtreg compiler/loopopts/superword/ /TestDependencyOffsets.java fails on 512-bit SVE + JDK-8313633: [macOS] java/awt/dnd/NextDropActionTest/ /NextDropActionTest.java fails with java.lang.RuntimeException: wrong next drop action! + JDK-8313905: Checked_cast assert in CDS compare_by_loader + JDK-8314752: Use google test string comparison macros + JDK-8314909: tools/jpackage/windows/Win8282351Test.java fails with java.lang.AssertionError: Expected [0]. Actual [1618]: + JDK-8315486: vmTestbase/nsk/jdwp/ThreadReference/ /ForceEarlyReturn/forceEarlyReturn002/forceEarlyReturn002.java timed out + JDK-8315825: Open some swing tests + JDK-8315882: Open some swing tests 2 + JDK-8315883: Open source several Swing JToolbar tests + JDK-8315952: Open source several Swing JToolbar JTooltip JTree tests + JDK-8316056: Open source several Swing JTree tests + JDK-8316146: Open some swing tests 4 + JDK-8316149: Open source several Swing JTree JViewport KeyboardManager tests + JDK-8316218: Open some swing tests 5 + JDK-8316371: Open some swing tests 6 + JDK-8316627: JViewport Test headless failure + JDK-8316885: jcmd: Compiler.CodeHeap_Analytics cmd does not inform about missing aggregate + JDK-8317283: jpackage tests run osx-specific checks on windows and linux + JDK-8317636: Improve heap walking API tests to verify correctness of field indexes + JDK-8317808: HTTP/2 stream cancelImpl may leave subscriber registered + JDK-8317919: pthread_attr_init handle return value and destroy pthread_attr_t object + JDK-8319233: AArch64: Build failure with clang due to -Wformat-nonliteral warning + JDK-8320372: test/jdk/sun/security/x509/DNSName/ /LeadingPeriod.java validity check failed + JDK-8320676: Manual printer tests have no Pass/Fail buttons, instructions close set 1 + JDK-8320691: Timeout handler on Windows takes 2 hours to complete + JDK-8320706: RuntimePackageTest.testUsrInstallDir test fails on Linux + JDK-8320916: jdk/jfr/event/gc/stacktrace/ /TestParallelMarkSweepAllocationPendingStackTrace.java failed with "OutOfMemoryError: GC overhead limit exceeded" + JDK-8321818: vmTestbase/nsk/stress/strace/strace015.java failed with 'Cannot read the array length because "<local4>" is null' + JDK-8322983: Virtual Threads: exclude 2 tests + JDK-8324672: Update jdk/java/time/tck/java/time/ /TCKInstant.java now() to be more robust + JDK-8324807: Manual printer tests have no Pass/Fail buttons, instructions close set 2 + JDK-8324838: test_nmt_locationprinting.cpp broken in the gcc windows build + JDK-8325042: Remove unused JVMDITools test files + JDK-8325529: Remove unused imports from `ModuleGenerator` test file + JDK-8325659: Normalize Random usage by incubator vector tests + JDK-8325937: runtime/handshake/HandshakeDirectTest.java causes "monitor end should be strictly below the frame pointer" assertion failure on AArch64 + JDK-8326421: Add jtreg test for large arrayCopy disjoint case. + JDK-8326525: com/sun/tools/attach/BasicTests.java does not verify AgentLoadException case + JDK-8327098: GTest needs larger combination limit + JDK-8327390: JitTester: Implement temporary folder functionality + JDK-8327460: Compile tests with the same visibility rules as product code + JDK-8327476: Upgrade JLine to 3.26.1 + JDK-8327505: Test com/sun/jmx/remote/ /NotificationMarshalVersions/TestSerializationMismatch.java fails + JDK-8327857: Remove applet usage from JColorChooser tests Test4222508 + JDK-8327859: Remove applet usage from JColorChooser tests Test4319113 + JDK-8327986: ASAN reports use-after-free in DirectivesParserTest.empty_object_vm + JDK-8327994: Update code gen in CallGeneratorHelper + JDK-8328005: Convert java/awt/im/JTextFieldTest.java applet test to main + JDK-8328085: C2: Use after free in PhaseChaitin::Register_Allocate() + JDK-8328121: Remove applet usage from JColorChooser tests Test4759306 + JDK-8328130: Remove applet usage from JColorChooser tests Test4759934 + JDK-8328185: Convert java/awt/image/MemoryLeakTest/ /MemoryLeakTest.java applet test to main + JDK-8328227: Remove applet usage from JColorChooser tests Test4887836 + JDK-8328368: Convert java/awt/image/multiresolution/ /MultiDisplayTest/MultiDisplayTest.java applet test to main + JDK-8328370: Convert java/awt/print/Dialog/PrintApplet.java applet test to main + JDK-8328380: Remove applet usage from JColorChooser tests Test6348456 + JDK-8328387: Convert java/awt/Frame/FrameStateTest/ /FrameStateTest.html applet test to main + JDK-8328403: Remove applet usage from JColorChooser tests Test6977726 + JDK-8328553: Get rid of JApplet in test/jdk/sanity/client/lib/ /SwingSet2/src/DemoModule.java + JDK-8328558: Convert javax/swing/JCheckBox/8032667/ /bug8032667.java applet test to main + JDK-8328717: Convert javax/swing/JColorChooser/8065098/ /bug8065098.java applet test to main + JDK-8328719: Convert java/awt/print/PageFormat/SetOrient.html applet test to main + JDK-8328730: Convert java/awt/print/bug8023392/bug8023392.html applet test to main + JDK-8328753: Open source few Undecorated Frame tests + JDK-8328819: Remove applet usage from JFileChooser tests bug6698013 + JDK-8328827: Convert java/awt/print/PrinterJob/ /PrinterDialogsModalityTest/PrinterDialogsModalityTest.html applet test to main + JDK-8329210: Delete Redundant Printer Dialog Modality Test + JDK-8329320: Simplify awt/print/PageFormat/NullPaper.java test + JDK-8329322: Convert PageFormat/Orient.java to use PassFailJFrame + JDK-8329692: Add more details to FrameStateTest.java test instructions + JDK-8330647: Two CDS tests fail with -UseCompressedOops and UseSerialGC/UseParallelGC + JDK-8330702: Update failure handler to don't generate Error message if cores actions are empty + JDK-8331735: UpcallLinker::on_exit races with GC when copying frame anchor + JDK-8331959: Update PKCS#11 Cryptographic Token Interface to v3.1 + JDK-8331977: Crash: SIGSEGV in dlerror() + JDK-8331993: Add counting leading/trailing zero tests for Integer + JDK-8332158: [XWayland] test/jdk/java/awt/Mouse/ /EnterExitEvents/ResizingFrameTest.java + JDK-8332494: java/util/zip/EntryCount64k.java failing with java.lang.RuntimeException: '\\A\\Z' missing from stderr + JDK-8332917: failure_handler should execute gdb "info threads" command on linux + JDK-8333116: test/jdk/tools/jpackage/share/ServiceTest.java test fails + JDK-8333360: PrintNullString.java doesn't use float arguments + JDK-8333391: Test com/sun/jdi/InterruptHangTest.java failed: Thread was never interrupted during sleep + JDK-8333403: Write a test to check various components events are triggered properly + JDK-8333647: C2 SuperWord: some additional PopulateIndex tests + JDK-8334305: Remove all code for nsk.share.Log verbose mode + JDK-8334371: [AIX] Beginning with AIX 7.3 TL1 mmap() supports 64K memory pages + JDK-8334490: Normalize string with locale invariant `toLowerCase()` + JDK-8334777: Test javax/management/remote/mandatory/notif/ /NotifReconnectDeadlockTest.java failed with NullPointerException + JDK-8335288: SunPKCS11 initialization will call C_GetMechanismInfo on unsupported mechanisms + JDK-8335468: [XWayland] JavaFX hangs when calling java.awt.Robot.getPixelColor + JDK-8335789: [TESTBUG] XparColor.java test fails with Error. Parse Exception: Invalid or unrecognized bugid: @ + JDK-8336012: Fix usages of jtreg-reserved properties + JDK-8336498: [macos] [build]: install-file macro may run into permission denied error + JDK-8336692: Redo fix for JDK-8284620 + JDK-8336942: Improve test coverage for class loading elements with annotations of different retentions + JDK-8337222: gc/TestDisableExplicitGC.java fails due to unexpected CodeCache GC + JDK-8337494: Clarify JarInputStream behavior + JDK-8337660: C2: basic blocks with only BoxLock nodes are wrongly treated as empty + JDK-8337692: Better TLS connection support + JDK-8337886: java/awt/Frame/MaximizeUndecoratedTest.java fails in OEL due to a slight color difference + JDK-8337951: Test sun/security/validator/samedn.sh CertificateNotYetValidException: NotBefore validation + JDK-8337994: [REDO] Native memory leak when not recording any events + JDK-8338100: C2: assert(!n_loop->is_member(get_loop(lca))) failed: control must not be back in the loop + JDK-8338303: Linux ppc64le with toolchain clang - detection failure in early JVM startup + JDK-8338426: Test java/nio/channels/Selector/WakeupNow.java failed + JDK-8338430: Improve compiler transformations + JDK-8338571: [TestBug] DefaultCloseOperation.java test not working as expected wrt instruction after JDK-8325851 fix + JDK-8338595: Add more linesize for MIME decoder in macro bench test Base64Decode + JDK-8338668: Test javax/swing/JFileChooser/8080628/ /bug8080628.java doesn't test for GTK L&F + JDK-8339154: Cleanups and JUnit conversion of test/jdk/java/util/zip/Available.java + JDK-8339261: Logs truncated in test javax/net/ssl/DTLS/DTLSRehandshakeTest.java + JDK-8339356: Test javax/net/ssl/SSLSocket/Tls13PacketSize.java failed with java.net.SocketException: An established connection was aborted by the software in your host machine + JDK-8339475: Clean up return code handling for pthread calls in library coding + JDK-8339524: Clean up a few ExtendedRobot tests + JDK-8339542: compiler/codecache/CheckSegmentedCodeCache.java fails + JDK-8339687: Rearrange reachabilityFence()s in jdk.test.lib.util.ForceGC + JDK-8339728: [Accessibility,Windows,JAWS] Bug in the getKeyChar method of the AccessBridge class + JDK-8339810: Clean up the code in sun.tools.jar.Main to properly close resources and use ZipFile during extract + JDK-8339834: Replace usages of -mx and -ms in some tests + JDK-8339883: Open source several AWT/2D related tests + JDK-8339902: Open source couple TextField related tests + JDK-8339943: Frame not disposed in java/awt/dnd/DropActionChangeTest.java + JDK-8340078: Open source several 2D tests + JDK-8340116: test/jdk/sun/security/tools/jarsigner/ /PreserveRawManifestEntryAndDigest.java can fail due to regex + JDK-8340313: Crash due to invalid oop in nmethod after C1 patching + JDK-8340411: open source several 2D imaging tests + JDK-8340480: Bad copyright notices in changes from JDK-8339902 + JDK-8340687: Open source closed frame tests #1 + JDK-8340719: Open source AWT List tests + JDK-8340824: C2: Memory for TypeInterfaces not reclaimed by hashcons() + JDK-8340969: jdk/jfr/startupargs/TestStartDuration.java should be marked as flagless + JDK-8341037: Use standard layouts in DefaultFrameIconTest.java and MenuCrash.java + JDK-8341111: open source several AWT tests including menu shortcut tests + JDK-8341135: Incorrect format string after JDK-8339475 + JDK-8341194: [REDO] Implement C2 VectorizedHashCode on AArch64 + JDK-8341316: [macos] javax/swing/ProgressMonitor/ /ProgressMonitorEscapeKeyPress.java fails sometimes in macos + JDK-8341412: Various test failures after JDK-8334305 + JDK-8341424: GHA: Collect hs_errs from build time failures + JDK-8341453: java/awt/a11y/AccessibleJTableTest.java fails in some cases where the test tables are not visible + JDK-8341715: PPC64: ObjectMonitor::_owner should be reset unconditionally in nmethod unlocking + JDK-8341820: Check return value of hcreate_r + JDK-8341862: PPC64: C1 unwind_handler fails to unlock synchronized methods with LM_MONITOR + JDK-8341881: [REDO] java/nio/file/attribute/ /BasicFileAttributeView/CreationTime.java#tmp fails on alinux3 + JDK-8341978: Improve JButton/bug4490179.java + JDK-8341982: Simplify JButton/bug4323121.java + JDK-8342098: Write a test to compare the images + JDK-8342145: File libCreationTimeHelper.c compile fails on Alpine + JDK-8342270: Test sun/security/pkcs11/Provider/ /RequiredMechCheck.java needs write access to src tree + JDK-8342498: Add test for Allocation elimination after use as alignment reference by SuperWord + JDK-8342508: Use latch in BasicMenuUI/bug4983388.java instead of delay + JDK-8342541: Exclude List/KeyEventsTest/KeyEventsTest.java from running on macOS + JDK-8342562: Enhance Deflater operations + JDK-8342602: Remove JButton/PressedButtonRightClickTest test + JDK-8342609: jpackage test helper function incorrectly removes a directory instead of its contents only + JDK-8342634: javax/imageio/plugins/wbmp/ /WBMPStreamTruncateTest.java creates temp file in src dir + JDK-8342635: javax/swing/JFileChooser/FileSystemView/ /WindowsDefaultIconSizeTest.java creates tmp file in src dir + JDK-8342704: GHA: Report truncation is broken after JDK-8341424 + JDK-8342811: java/net/httpclient/PlainProxyConnectionTest.java failed: Unexpected connection count: 5 + JDK-8342858: Make target mac-jdk-bundle fails on chmod command + JDK-8342988: GHA: Build JTReg in single step + JDK-8343007: Enhance Buffered Image handling + JDK-8343100: Consolidate EmptyFolderTest and EmptyFolderPackageTest jpackage tests into single java file + JDK-8343101: Rework BasicTest.testTemp test cases + JDK-8343102: Remove `--compress` from jlink command lines from jpackage tests + JDK-8343118: [TESTBUG] java/awt/PrintJob/PrintCheckboxTest/ /PrintCheckboxManualTest.java fails with Error. Can't find HTML file PrintCheckboxManualTest.html + JDK-8343128: PassFailJFrame.java test result: Error. Bad action for script: build} + JDK-8343129: Disable unstable check of ThreadsListHandle.sanity_vm ThreadList values + JDK-8343144: UpcallLinker::on_entry racingly clears pending exception with GC safepoints + JDK-8343149: Cleanup os::print_tos_pc on AIX + JDK-8343178: Test BasicTest.java javac compile fails cannot find symbol + JDK-8343205: CompileBroker::possibly_add_compiler_threads excessively polls available memory + JDK-8343314: Move common properties from jpackage jtreg test declarations to TEST.properties file + JDK-8343343: Misc crash dump improvements on more platforms after JDK-8294160 + JDK-8343378: Exceptions in javax/management DeadLockTest.java do not cause test failure + JDK-8343396: Use OperatingSystem, Architecture, and OSVersion in jpackage tests + JDK-8343491: javax/management/remote/mandatory/connection/ /DeadLockTest.java failing with NoSuchObjectException: no such object in table + JDK-8343599: Kmem limit and max values swapped when printing container information + JDK-8343882: BasicAnnoTests doesn't handle multiple annotations at the same position + JDK-8344275: tools/jpackage/windows/Win8301247Test.java fails on localized Windows platform + JDK-8344326: Move jpackage tests from "jdk.jpackage.tests" package to the default package + JDK-8344581: [TESTBUG] java/awt/Robot/ /ScreenCaptureRobotTest.java failing on macOS + JDK-8344589: Update IANA Language Subtag Registry to Version 2024-11-19 + JDK-8344646: The libjsig deprecation warning should go to stderr not stdout + JDK-8345296: AArch64: VM crashes with SIGILL when prctl is disallowed + JDK-8345368: java/io/File/createTempFile/SpecialTempFile.java fails on Windows Server 2025 + JDK-8345370: Bump update version for OpenJDK: jdk-21.0.7 + JDK-8345375: Improve debuggability of test/jdk/java/net/Socket/CloseAvailable.java + JDK-8345414: Google CAInterop test failures + JDK-8345468: test/jdk/javax/swing/JScrollBar/4865918/ /bug4865918.java fails in ubuntu22.04 + JDK-8345569: [ubsan] adjustments to filemap.cpp and virtualspace.cpp for macOS aarch64 + JDK-8345614: Improve AnnotationFormatError message for duplicate annotation interfaces + JDK-8345676: [ubsan] ProcessImpl_md.c:561:40: runtime error: applying zero offset to null pointer on macOS aarch64 + JDK-8345684: OperatingSystemMXBean.getSystemCpuLoad() throws NPE + JDK-8345750: Shenandoah: Test TestJcmdHeapDump.java#aggressive intermittent assert(gc_cause() == GCCause::_no_gc) failed: Over-writing cause + JDK-8346055: javax/swing/text/StyledEditorKit/4506788/ /bug4506788.java fails in ubuntu22.04 + JDK-8346108: [21u][BACKOUT] 8337994: [REDO] Native memory leak when not recording any events + JDK-8346324: javax/swing/JScrollBar/4865918/bug4865918.java fails in CI + JDK-8346587: Distrust TLS server certificates anchored by Camerfirma Root CAs + JDK-8346671: java/nio/file/Files/probeContentType/Basic.java fails on Windows 2025 + JDK-8346713: [testsuite] NeverActAsServerClassMachine breaks TestPLABAdaptToMinTLABSize.java TestPinnedHumongousFragmentation.java TestPinnedObjectContents.java + JDK-8346828: javax/swing/JScrollBar/4865918/bug4865918.java still fails in CI + JDK-8346847: [s390x] minimal build failure + JDK-8346880: [aix] java/lang/ProcessHandle/InfoTest.java still fails: "reported cputime less than expected" + JDK-8346881: [ubsan] logSelection.cpp:154:24 / logSelectionList.cpp:72:94 : runtime error: applying non-zero offset 1 to null pointer + JDK-8346887: DrawFocusRect() may cause an assertion failure + JDK-8346972: Test java/nio/channels/FileChannel/ /LoopingTruncate.java fails sometimes with IOException: There is not enough space on the disk + JDK-8347038: [JMH] jdk.incubator.vector.SpiltReplicate fails NoClassDefFoundError + JDK-8347129: cpuset cgroups controller is required for no good reason + JDK-8347171: (dc) java/nio/channels/DatagramChannel/ /InterruptibleOrNot.java fails with virtual thread factory + JDK-8347256: Epsilon: Demote heap size and AlwaysPreTouch warnings to info level + JDK-8347267: [macOS]: UnixOperatingSystem.c:67:40: runtime error: division by zero + JDK-8347268: [ubsan] logOutput.cpp:357:21: runtime error: applying non-zero offset 1 to null pointer + JDK-8347424: Fix and rewrite sun/security/x509/DNSName/LeadingPeriod.java test + JDK-8347427: JTabbedPane/8134116/Bug8134116.java has no license header + JDK-8347576: Error output in libjsound has non matching format strings + JDK-8347740: java/io/File/createTempFile/SpecialTempFile.java failing + JDK-8347847: Enhance jar file support + JDK-8347911: Limit the length of inflated text chunks + JDK-8347965: (tz) Update Timezone Data to 2025a + JDK-8348562: ZGC: segmentation fault due to missing node type check in barrier elision analysis + JDK-8348625: [21u, 17u] Revert JDK-8185862 to restore old java.awt.headless behavior on Windows + JDK-8348675: TrayIcon tests fail in Ubuntu 24.10 Wayland + JDK-8349039: Adjust exception No type named <ThreadType> in database + JDK-8349603: [21u, 17u, 11u] Update GHA JDKs after Jan/25 updates + JDK-8349729: [21u] AIX jtreg tests fail to compile with qvisibility=hidden + JDK-8352097: (tz) zone.tab update missed in 2025a backport + JDK-8353904: [21u] Remove designator DEFAULT_PROMOTED_VERSION_PRE=ea for release 21.0.7 * Update to upstream tag jdk-21.0.6+7 (January 2025 CPU) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1429=1 SUSE-2025-1429=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1429=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * java-21-openjdk-debugsource-21.0.7.0-150600.3.12.1 * java-21-openjdk-headless-debuginfo-21.0.7.0-150600.3.12.1 * java-21-openjdk-demo-21.0.7.0-150600.3.12.1 * java-21-openjdk-21.0.7.0-150600.3.12.1 * java-21-openjdk-headless-21.0.7.0-150600.3.12.1 * java-21-openjdk-src-21.0.7.0-150600.3.12.1 * java-21-openjdk-devel-21.0.7.0-150600.3.12.1 * java-21-openjdk-jmods-21.0.7.0-150600.3.12.1 * java-21-openjdk-debuginfo-21.0.7.0-150600.3.12.1 * java-21-openjdk-devel-debuginfo-21.0.7.0-150600.3.12.1 * openSUSE Leap 15.6 (noarch) * java-21-openjdk-javadoc-21.0.7.0-150600.3.12.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * java-21-openjdk-debugsource-21.0.7.0-150600.3.12.1 * java-21-openjdk-headless-debuginfo-21.0.7.0-150600.3.12.1 * java-21-openjdk-demo-21.0.7.0-150600.3.12.1 * java-21-openjdk-21.0.7.0-150600.3.12.1 * java-21-openjdk-headless-21.0.7.0-150600.3.12.1 * java-21-openjdk-devel-21.0.7.0-150600.3.12.1 * java-21-openjdk-debuginfo-21.0.7.0-150600.3.12.1 * java-21-openjdk-devel-debuginfo-21.0.7.0-150600.3.12.1 ## References: * https://www.suse.com/security/cve/CVE-2025-21587.html * https://www.suse.com/security/cve/CVE-2025-30691.html * https://www.suse.com/security/cve/CVE-2025-30698.html * https://bugzilla.suse.com/show_bug.cgi?id=1241274 * https://bugzilla.suse.com/show_bug.cgi?id=1241275 * https://bugzilla.suse.com/show_bug.cgi?id=1241276 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 2 16:30:06 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 02 May 2025 16:30:06 -0000 Subject: SUSE-SU-2025:1440-1: moderate: Security update for libxml2 Message-ID: <174620340610.26033.2062818494853590448@smelt2.prg2.suse.org> # Security update for libxml2 Announcement ID: SUSE-SU-2025:1440-1 Release Date: 2025-05-02T13:44:52Z Rating: moderate References: * bsc#1241453 * bsc#1241551 Cross-References: * CVE-2025-32414 * CVE-2025-32415 CVSS scores: * CVE-2025-32414 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L * CVE-2025-32414 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L * CVE-2025-32414 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32414 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L * CVE-2025-32415 ( SUSE ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-32415 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-32415 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for libxml2 fixes the following issues: * CVE-2025-32414: Fixed an out-of-bounds read when parsing text via the Python API. (bsc#1241551) * CVE-2025-32415: Fixed a crafted XML document may lead to a heap-based buffer under-read. (bsc#1241453) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1440=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libxml2-tools-debuginfo-2.9.4-46.84.1 * libxml2-2-debuginfo-2.9.4-46.84.1 * libxml2-devel-2.9.4-46.84.1 * libxml2-tools-2.9.4-46.84.1 * libxml2-2-debuginfo-32bit-2.9.4-46.84.1 * python-libxml2-debuginfo-2.9.4-46.84.1 * libxml2-2-32bit-2.9.4-46.84.1 * python-libxml2-2.9.4-46.84.1 * libxml2-debugsource-2.9.4-46.84.1 * libxml2-2-2.9.4-46.84.1 * python-libxml2-debugsource-2.9.4-46.84.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * libxml2-doc-2.9.4-46.84.1 ## References: * https://www.suse.com/security/cve/CVE-2025-32414.html * https://www.suse.com/security/cve/CVE-2025-32415.html * https://bugzilla.suse.com/show_bug.cgi?id=1241453 * https://bugzilla.suse.com/show_bug.cgi?id=1241551 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 2 16:30:09 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 02 May 2025 16:30:09 -0000 Subject: SUSE-SU-2025:1439-1: moderate: Security update for libxml2 Message-ID: <174620340901.26033.1350144724099325638@smelt2.prg2.suse.org> # Security update for libxml2 Announcement ID: SUSE-SU-2025:1439-1 Release Date: 2025-05-02T13:44:43Z Rating: moderate References: * bsc#1241453 * bsc#1241551 Cross-References: * CVE-2025-32414 * CVE-2025-32415 CVSS scores: * CVE-2025-32414 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L * CVE-2025-32414 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L * CVE-2025-32414 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32414 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L * CVE-2025-32415 ( SUSE ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-32415 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-32415 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that solves two vulnerabilities can now be installed. ## Description: This update for libxml2 fixes the following issues: * CVE-2025-32414: Fixed an out-of-bounds read when parsing text via the Python API. (bsc#1241551) * CVE-2025-32415: Fixed a crafted XML document may lead to a heap-based buffer under-read. (bsc#1241453) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1439=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-1439=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1439=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1439=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python-libxml2-python-debugsource-2.9.7-150000.3.79.1 * python3-libxml2-python-debuginfo-2.9.7-150000.3.79.1 * python3-libxml2-python-2.9.7-150000.3.79.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * libxml2-tools-debuginfo-2.9.7-150000.3.79.1 * libxml2-2-2.9.7-150000.3.79.1 * libxml2-debugsource-2.9.7-150000.3.79.1 * libxml2-tools-2.9.7-150000.3.79.1 * libxml2-2-debuginfo-2.9.7-150000.3.79.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * python3-libxml2-python-debuginfo-2.9.7-150000.3.79.1 * libxml2-tools-debuginfo-2.9.7-150000.3.79.1 * libxml2-2-2.9.7-150000.3.79.1 * libxml2-debugsource-2.9.7-150000.3.79.1 * python3-libxml2-python-2.9.7-150000.3.79.1 * python-libxml2-python-debugsource-2.9.7-150000.3.79.1 * libxml2-tools-2.9.7-150000.3.79.1 * libxml2-2-debuginfo-2.9.7-150000.3.79.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * python3-libxml2-python-debuginfo-2.9.7-150000.3.79.1 * libxml2-tools-debuginfo-2.9.7-150000.3.79.1 * libxml2-2-2.9.7-150000.3.79.1 * libxml2-debugsource-2.9.7-150000.3.79.1 * python3-libxml2-python-2.9.7-150000.3.79.1 * python-libxml2-python-debugsource-2.9.7-150000.3.79.1 * libxml2-tools-2.9.7-150000.3.79.1 * libxml2-2-debuginfo-2.9.7-150000.3.79.1 ## References: * https://www.suse.com/security/cve/CVE-2025-32414.html * https://www.suse.com/security/cve/CVE-2025-32415.html * https://bugzilla.suse.com/show_bug.cgi?id=1241453 * https://bugzilla.suse.com/show_bug.cgi?id=1241551 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 2 16:30:12 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 02 May 2025 16:30:12 -0000 Subject: SUSE-SU-2025:1438-1: moderate: Security update for libxml2 Message-ID: <174620341211.26033.16908536022390001821@smelt2.prg2.suse.org> # Security update for libxml2 Announcement ID: SUSE-SU-2025:1438-1 Release Date: 2025-05-02T13:44:22Z Rating: moderate References: * bsc#1241453 * bsc#1241551 Cross-References: * CVE-2025-32414 * CVE-2025-32415 CVSS scores: * CVE-2025-32414 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L * CVE-2025-32414 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L * CVE-2025-32414 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32414 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L * CVE-2025-32415 ( SUSE ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-32415 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-32415 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * Python 3 Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for libxml2 fixes the following issues: * CVE-2025-32414: Fixed an out-of-bounds read when parsing text via the Python API. (bsc#1241551) * CVE-2025-32415: Fixed a crafted XML document may lead to a heap-based buffer under-read. (bsc#1241453) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-1438=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1438=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-1438=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1438=1 * Python 3 Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2025-1438=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * libxml2-python-debugsource-2.10.3-150500.5.26.1 * libxml2-2-2.10.3-150500.5.26.1 * libxml2-devel-2.10.3-150500.5.26.1 * python311-libxml2-2.10.3-150500.5.26.1 * libxml2-2-debuginfo-2.10.3-150500.5.26.1 * python3-libxml2-2.10.3-150500.5.26.1 * libxml2-tools-debuginfo-2.10.3-150500.5.26.1 * python311-libxml2-debuginfo-2.10.3-150500.5.26.1 * libxml2-tools-2.10.3-150500.5.26.1 * python3-libxml2-debuginfo-2.10.3-150500.5.26.1 * libxml2-debugsource-2.10.3-150500.5.26.1 * openSUSE Leap 15.5 (x86_64) * libxml2-2-32bit-2.10.3-150500.5.26.1 * libxml2-2-32bit-debuginfo-2.10.3-150500.5.26.1 * libxml2-devel-32bit-2.10.3-150500.5.26.1 * openSUSE Leap 15.5 (noarch) * libxml2-doc-2.10.3-150500.5.26.1 * openSUSE Leap 15.5 (aarch64_ilp32) * libxml2-devel-64bit-2.10.3-150500.5.26.1 * libxml2-2-64bit-2.10.3-150500.5.26.1 * libxml2-2-64bit-debuginfo-2.10.3-150500.5.26.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * libxml2-python-debugsource-2.10.3-150500.5.26.1 * libxml2-2-2.10.3-150500.5.26.1 * libxml2-devel-2.10.3-150500.5.26.1 * python311-libxml2-2.10.3-150500.5.26.1 * libxml2-2-debuginfo-2.10.3-150500.5.26.1 * python3-libxml2-2.10.3-150500.5.26.1 * libxml2-tools-debuginfo-2.10.3-150500.5.26.1 * python311-libxml2-debuginfo-2.10.3-150500.5.26.1 * libxml2-tools-2.10.3-150500.5.26.1 * python3-libxml2-debuginfo-2.10.3-150500.5.26.1 * libxml2-debugsource-2.10.3-150500.5.26.1 * openSUSE Leap 15.6 (x86_64) * libxml2-2-32bit-2.10.3-150500.5.26.1 * libxml2-2-32bit-debuginfo-2.10.3-150500.5.26.1 * libxml2-devel-32bit-2.10.3-150500.5.26.1 * openSUSE Leap 15.6 (noarch) * libxml2-doc-2.10.3-150500.5.26.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libxml2-python-debugsource-2.10.3-150500.5.26.1 * libxml2-2-2.10.3-150500.5.26.1 * libxml2-2-debuginfo-2.10.3-150500.5.26.1 * python3-libxml2-2.10.3-150500.5.26.1 * libxml2-tools-debuginfo-2.10.3-150500.5.26.1 * libxml2-tools-2.10.3-150500.5.26.1 * python3-libxml2-debuginfo-2.10.3-150500.5.26.1 * libxml2-debugsource-2.10.3-150500.5.26.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libxml2-python-debugsource-2.10.3-150500.5.26.1 * libxml2-2-2.10.3-150500.5.26.1 * libxml2-devel-2.10.3-150500.5.26.1 * libxml2-2-debuginfo-2.10.3-150500.5.26.1 * python3-libxml2-2.10.3-150500.5.26.1 * libxml2-tools-debuginfo-2.10.3-150500.5.26.1 * libxml2-tools-2.10.3-150500.5.26.1 * python3-libxml2-debuginfo-2.10.3-150500.5.26.1 * libxml2-debugsource-2.10.3-150500.5.26.1 * Basesystem Module 15-SP6 (x86_64) * libxml2-2-32bit-2.10.3-150500.5.26.1 * libxml2-2-32bit-debuginfo-2.10.3-150500.5.26.1 * Python 3 Module 15-SP6 (aarch64 ppc64le s390x x86_64) * python311-libxml2-debuginfo-2.10.3-150500.5.26.1 * libxml2-python-debugsource-2.10.3-150500.5.26.1 * python311-libxml2-2.10.3-150500.5.26.1 ## References: * https://www.suse.com/security/cve/CVE-2025-32414.html * https://www.suse.com/security/cve/CVE-2025-32415.html * https://bugzilla.suse.com/show_bug.cgi?id=1241453 * https://bugzilla.suse.com/show_bug.cgi?id=1241551 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 2 16:30:15 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 02 May 2025 16:30:15 -0000 Subject: SUSE-RU-2025:1437-1: moderate: Recommended update for clamav Message-ID: <174620341572.26033.15066670922441330496@smelt2.prg2.suse.org> # Recommended update for clamav Announcement ID: SUSE-RU-2025:1437-1 Release Date: 2025-05-02T13:32:52Z Rating: moderate References: * bsc#1239957 Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that has one fix can now be installed. ## Description: This update for clamav fixes the following issues: * Build as position independend executable. (bsc#1239957) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-1437=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1437=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libclamav12-debuginfo-1.4.2-3.42.2 * clamav-debugsource-1.4.2-3.42.2 * clamav-devel-1.4.2-3.42.2 * libclammspack0-debuginfo-1.4.2-3.42.2 * clamav-milter-1.4.2-3.42.2 * clamav-debuginfo-1.4.2-3.42.2 * clamav-milter-debuginfo-1.4.2-3.42.2 * libclammspack0-1.4.2-3.42.2 * libfreshclam3-debuginfo-1.4.2-3.42.2 * libclamav12-1.4.2-3.42.2 * libfreshclam3-1.4.2-3.42.2 * clamav-1.4.2-3.42.2 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * clamav-docs-html-1.4.2-3.42.2 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libclamav12-debuginfo-1.4.2-3.42.2 * clamav-debugsource-1.4.2-3.42.2 * clamav-devel-1.4.2-3.42.2 * libclammspack0-debuginfo-1.4.2-3.42.2 * clamav-milter-1.4.2-3.42.2 * clamav-debuginfo-1.4.2-3.42.2 * clamav-milter-debuginfo-1.4.2-3.42.2 * libclammspack0-1.4.2-3.42.2 * libfreshclam3-debuginfo-1.4.2-3.42.2 * libclamav12-1.4.2-3.42.2 * libfreshclam3-1.4.2-3.42.2 * clamav-1.4.2-3.42.2 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * clamav-docs-html-1.4.2-3.42.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1239957 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 2 16:30:18 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 02 May 2025 16:30:18 -0000 Subject: SUSE-SU-2025:1436-1: important: Security update for MozillaFirefox Message-ID: <174620341862.26033.1548870205691380423@smelt2.prg2.suse.org> # Security update for MozillaFirefox Announcement ID: SUSE-SU-2025:1436-1 Release Date: 2025-05-02T13:15:07Z Rating: important References: * bsc#1241621 Cross-References: * CVE-2025-2817 * CVE-2025-4082 * CVE-2025-4083 * CVE-2025-4084 * CVE-2025-4087 * CVE-2025-4091 * CVE-2025-4093 CVSS scores: * CVE-2025-2817 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-2817 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-2817 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-4082 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-4082 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-4083 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-4083 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-4083 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2025-4084 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-4084 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-4087 ( SUSE ): 2.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-4087 ( SUSE ): 5.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2025-4087 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-4091 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-4091 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-4091 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-4093 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-4093 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-4093 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N Affected Products: * Desktop Applications Module 15-SP6 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves seven vulnerabilities can now be installed. ## Description: This update for MozillaFirefox fixes the following issues: * Firefox Extended Support Release 128.10.0 ESR MFSA 2025-29 (bsc#1241621): * CVE-2025-2817: Potential privilege escalation in Firefox Updater * CVE-2025-4082: WebGL shader attribute memory corruption in Firefox for macOS * CVE-2025-4083: Process isolation bypass using `javascript:` URI links in cross-origin frames * CVE-2025-4084: Potential local code execution in "copy as cURL" command * CVE-2025-4087: Unsafe attribute access during XPath parsing * CVE-2025-4091: Memory safety bugs fixed in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10 * CVE-2025-4093: Memory safety bug fixed in Firefox ESR 128.10 and Thunderbird 128.10 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1436=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-1436=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1436=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1436=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1436=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1436=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1436=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1436=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1436=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1436=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1436=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1436=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1436=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1436=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-128.10.0-150200.152.179.1 * MozillaFirefox-branding-upstream-128.10.0-150200.152.179.1 * MozillaFirefox-translations-other-128.10.0-150200.152.179.1 * MozillaFirefox-translations-common-128.10.0-150200.152.179.1 * MozillaFirefox-128.10.0-150200.152.179.1 * MozillaFirefox-debugsource-128.10.0-150200.152.179.1 * openSUSE Leap 15.6 (noarch) * MozillaFirefox-devel-128.10.0-150200.152.179.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-128.10.0-150200.152.179.1 * MozillaFirefox-translations-other-128.10.0-150200.152.179.1 * MozillaFirefox-translations-common-128.10.0-150200.152.179.1 * MozillaFirefox-128.10.0-150200.152.179.1 * MozillaFirefox-debugsource-128.10.0-150200.152.179.1 * Desktop Applications Module 15-SP6 (noarch) * MozillaFirefox-devel-128.10.0-150200.152.179.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * MozillaFirefox-debuginfo-128.10.0-150200.152.179.1 * MozillaFirefox-translations-other-128.10.0-150200.152.179.1 * MozillaFirefox-translations-common-128.10.0-150200.152.179.1 * MozillaFirefox-128.10.0-150200.152.179.1 * MozillaFirefox-debugsource-128.10.0-150200.152.179.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * MozillaFirefox-devel-128.10.0-150200.152.179.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * MozillaFirefox-debuginfo-128.10.0-150200.152.179.1 * MozillaFirefox-translations-other-128.10.0-150200.152.179.1 * MozillaFirefox-translations-common-128.10.0-150200.152.179.1 * MozillaFirefox-128.10.0-150200.152.179.1 * MozillaFirefox-debugsource-128.10.0-150200.152.179.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * MozillaFirefox-devel-128.10.0-150200.152.179.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * MozillaFirefox-debuginfo-128.10.0-150200.152.179.1 * MozillaFirefox-translations-other-128.10.0-150200.152.179.1 * MozillaFirefox-translations-common-128.10.0-150200.152.179.1 * MozillaFirefox-128.10.0-150200.152.179.1 * MozillaFirefox-debugsource-128.10.0-150200.152.179.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * MozillaFirefox-devel-128.10.0-150200.152.179.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * MozillaFirefox-debuginfo-128.10.0-150200.152.179.1 * MozillaFirefox-translations-other-128.10.0-150200.152.179.1 * MozillaFirefox-translations-common-128.10.0-150200.152.179.1 * MozillaFirefox-128.10.0-150200.152.179.1 * MozillaFirefox-debugsource-128.10.0-150200.152.179.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * MozillaFirefox-devel-128.10.0-150200.152.179.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * MozillaFirefox-debuginfo-128.10.0-150200.152.179.1 * MozillaFirefox-translations-other-128.10.0-150200.152.179.1 * MozillaFirefox-translations-common-128.10.0-150200.152.179.1 * MozillaFirefox-128.10.0-150200.152.179.1 * MozillaFirefox-debugsource-128.10.0-150200.152.179.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * MozillaFirefox-devel-128.10.0-150200.152.179.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-128.10.0-150200.152.179.1 * MozillaFirefox-translations-other-128.10.0-150200.152.179.1 * MozillaFirefox-translations-common-128.10.0-150200.152.179.1 * MozillaFirefox-128.10.0-150200.152.179.1 * MozillaFirefox-debugsource-128.10.0-150200.152.179.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * MozillaFirefox-devel-128.10.0-150200.152.179.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-128.10.0-150200.152.179.1 * MozillaFirefox-translations-other-128.10.0-150200.152.179.1 * MozillaFirefox-translations-common-128.10.0-150200.152.179.1 * MozillaFirefox-128.10.0-150200.152.179.1 * MozillaFirefox-debugsource-128.10.0-150200.152.179.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * MozillaFirefox-devel-128.10.0-150200.152.179.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-128.10.0-150200.152.179.1 * MozillaFirefox-translations-other-128.10.0-150200.152.179.1 * MozillaFirefox-translations-common-128.10.0-150200.152.179.1 * MozillaFirefox-128.10.0-150200.152.179.1 * MozillaFirefox-debugsource-128.10.0-150200.152.179.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * MozillaFirefox-devel-128.10.0-150200.152.179.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * MozillaFirefox-debuginfo-128.10.0-150200.152.179.1 * MozillaFirefox-translations-other-128.10.0-150200.152.179.1 * MozillaFirefox-translations-common-128.10.0-150200.152.179.1 * MozillaFirefox-128.10.0-150200.152.179.1 * MozillaFirefox-debugsource-128.10.0-150200.152.179.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * MozillaFirefox-devel-128.10.0-150200.152.179.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * MozillaFirefox-debuginfo-128.10.0-150200.152.179.1 * MozillaFirefox-translations-other-128.10.0-150200.152.179.1 * MozillaFirefox-translations-common-128.10.0-150200.152.179.1 * MozillaFirefox-128.10.0-150200.152.179.1 * MozillaFirefox-debugsource-128.10.0-150200.152.179.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * MozillaFirefox-devel-128.10.0-150200.152.179.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * MozillaFirefox-debuginfo-128.10.0-150200.152.179.1 * MozillaFirefox-translations-other-128.10.0-150200.152.179.1 * MozillaFirefox-translations-common-128.10.0-150200.152.179.1 * MozillaFirefox-128.10.0-150200.152.179.1 * MozillaFirefox-debugsource-128.10.0-150200.152.179.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * MozillaFirefox-devel-128.10.0-150200.152.179.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * MozillaFirefox-debuginfo-128.10.0-150200.152.179.1 * MozillaFirefox-translations-other-128.10.0-150200.152.179.1 * MozillaFirefox-translations-common-128.10.0-150200.152.179.1 * MozillaFirefox-128.10.0-150200.152.179.1 * MozillaFirefox-debugsource-128.10.0-150200.152.179.1 * SUSE Enterprise Storage 7.1 (noarch) * MozillaFirefox-devel-128.10.0-150200.152.179.1 ## References: * https://www.suse.com/security/cve/CVE-2025-2817.html * https://www.suse.com/security/cve/CVE-2025-4082.html * https://www.suse.com/security/cve/CVE-2025-4083.html * https://www.suse.com/security/cve/CVE-2025-4084.html * https://www.suse.com/security/cve/CVE-2025-4087.html * https://www.suse.com/security/cve/CVE-2025-4091.html * https://www.suse.com/security/cve/CVE-2025-4093.html * https://bugzilla.suse.com/show_bug.cgi?id=1241621 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 5 08:30:10 2025 From: null at suse.de (SLE-UPDATES) Date: Mon, 05 May 2025 08:30:10 -0000 Subject: SUSE-SU-2025:1449-1: important: Security update for the Linux Kernel (Live Patch 34 for SLE 15 SP4) Message-ID: <174643381043.32303.7724101181463304066@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 34 for SLE 15 SP4) Announcement ID: SUSE-SU-2025:1449-1 Release Date: 2025-05-05T07:36:00Z Rating: important References: * bsc#1235431 * bsc#1240840 Cross-References: * CVE-2024-56650 * CVE-2024-8805 CVSS scores: * CVE-2024-56650 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56650 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56650 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-8805 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8805 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8805 ( NVD ): 8.8 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_144 fixes several issues. The following security issues were fixed: * CVE-2024-8805: Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE (bsc#1240840). * CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check() (bsc#1235431). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1449=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-1449=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_144-default-5-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_34-debugsource-5-150400.2.1 * kernel-livepatch-5_14_21-150400_24_144-default-debuginfo-5-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_144-default-5-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_34-debugsource-5-150400.2.1 * kernel-livepatch-5_14_21-150400_24_144-default-debuginfo-5-150400.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-56650.html * https://www.suse.com/security/cve/CVE-2024-8805.html * https://bugzilla.suse.com/show_bug.cgi?id=1235431 * https://bugzilla.suse.com/show_bug.cgi?id=1240840 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 5 08:30:13 2025 From: null at suse.de (SLE-UPDATES) Date: Mon, 05 May 2025 08:30:13 -0000 Subject: SUSE-SU-2025:1444-1: important: Security update for the Linux Kernel (Live Patch 35 for SLE 15 SP4) Message-ID: <174643381355.32303.13871445089858729702@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 35 for SLE 15 SP4) Announcement ID: SUSE-SU-2025:1444-1 Release Date: 2025-05-04T13:39:40Z Rating: important References: * bsc#1235431 Cross-References: * CVE-2024-56650 CVSS scores: * CVE-2024-56650 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56650 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56650 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves one vulnerability can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_147 fixes one issue. The following security issue was fixed: * CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check() (bsc#1235431). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1444=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-1444=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_35-debugsource-5-150400.2.1 * kernel-livepatch-5_14_21-150400_24_147-default-5-150400.2.1 * kernel-livepatch-5_14_21-150400_24_147-default-debuginfo-5-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_35-debugsource-5-150400.2.1 * kernel-livepatch-5_14_21-150400_24_147-default-5-150400.2.1 * kernel-livepatch-5_14_21-150400_24_147-default-debuginfo-5-150400.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-56650.html * https://bugzilla.suse.com/show_bug.cgi?id=1235431 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 5 08:30:22 2025 From: null at suse.de (SLE-UPDATES) Date: Mon, 05 May 2025 08:30:22 -0000 Subject: SUSE-SU-2025:1448-1: important: Security update for the Linux Kernel (Live Patch 45 for SLE 15 SP3) Message-ID: <174643382254.32303.2674023460847107585@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 45 for SLE 15 SP3) Announcement ID: SUSE-SU-2025:1448-1 Release Date: 2025-05-05T06:37:05Z Rating: important References: * bsc#1227753 * bsc#1233294 * bsc#1235431 * bsc#1240840 Cross-References: * CVE-2023-52885 * CVE-2024-50205 * CVE-2024-56650 * CVE-2024-8805 CVSS scores: * CVE-2023-52885 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52885 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50205 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50205 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-50205 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56650 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56650 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56650 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-8805 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8805 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8805 ( NVD ): 8.8 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_164 fixes several issues. The following security issues were fixed: * CVE-2024-8805: Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE (bsc#1240840). * CVE-2023-52885: SUNRPC: Fix UAF in svc_tcp_listen_data_ready() (bsc#1227753). * CVE-2024-50205: ALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size() (bsc#1233294). * CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check() (bsc#1235431). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-1448=1 SUSE-2025-1442=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-1448=1 SUSE-SLE- Module-Live-Patching-15-SP3-2025-1442=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_164-default-13-150300.2.1 * kernel-livepatch-5_3_18-150300_59_158-default-17-150300.2.1 * kernel-livepatch-5_3_18-150300_59_158-default-debuginfo-17-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_45-debugsource-13-150300.2.1 * kernel-livepatch-5_3_18-150300_59_164-default-debuginfo-13-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_43-debugsource-17-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_164-preempt-13-150300.2.1 * kernel-livepatch-5_3_18-150300_59_158-preempt-17-150300.2.1 * kernel-livepatch-5_3_18-150300_59_164-preempt-debuginfo-13-150300.2.1 * kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo-17-150300.2.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_158-default-17-150300.2.1 * kernel-livepatch-5_3_18-150300_59_164-default-13-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52885.html * https://www.suse.com/security/cve/CVE-2024-50205.html * https://www.suse.com/security/cve/CVE-2024-56650.html * https://www.suse.com/security/cve/CVE-2024-8805.html * https://bugzilla.suse.com/show_bug.cgi?id=1227753 * https://bugzilla.suse.com/show_bug.cgi?id=1233294 * https://bugzilla.suse.com/show_bug.cgi?id=1235431 * https://bugzilla.suse.com/show_bug.cgi?id=1240840 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 5 08:30:28 2025 From: null at suse.de (SLE-UPDATES) Date: Mon, 05 May 2025 08:30:28 -0000 Subject: SUSE-SU-2025:1445-1: important: Security update for the Linux Kernel (Live Patch 33 for SLE 15 SP4) Message-ID: <174643382893.32303.3064550898344728381@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 33 for SLE 15 SP4) Announcement ID: SUSE-SU-2025:1445-1 Release Date: 2025-05-04T16:10:06Z Rating: important References: * bsc#1233294 * bsc#1235431 * bsc#1240840 Cross-References: * CVE-2024-50205 * CVE-2024-56650 * CVE-2024-8805 CVSS scores: * CVE-2024-50205 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50205 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-50205 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56650 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56650 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56650 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-8805 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8805 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8805 ( NVD ): 8.8 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_141 fixes several issues. The following security issues were fixed: * CVE-2024-8805: Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE (bsc#1240840). * CVE-2024-50205: ALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size() (bsc#1233294). * CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check() (bsc#1235431). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1445=1 SUSE-2025-1441=1 SUSE-2025-1443=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-1445=1 SUSE-SLE- Module-Live-Patching-15-SP4-2025-1441=1 SUSE-SLE-Module-Live- Patching-15-SP4-2025-1443=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_119-default-debuginfo-16-150400.2.1 * kernel-livepatch-5_14_21-150400_24_125-default-11-150400.2.1 * kernel-livepatch-5_14_21-150400_24_141-default-6-150400.2.1 * kernel-livepatch-5_14_21-150400_24_125-default-debuginfo-11-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_26-debugsource-16-150400.2.1 * kernel-livepatch-5_14_21-150400_24_119-default-16-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_33-debugsource-6-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_28-debugsource-11-150400.2.1 * kernel-livepatch-5_14_21-150400_24_141-default-debuginfo-6-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_119-default-debuginfo-16-150400.2.1 * kernel-livepatch-5_14_21-150400_24_125-default-11-150400.2.1 * kernel-livepatch-5_14_21-150400_24_141-default-6-150400.2.1 * kernel-livepatch-5_14_21-150400_24_125-default-debuginfo-11-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_26-debugsource-16-150400.2.1 * kernel-livepatch-5_14_21-150400_24_119-default-16-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_33-debugsource-6-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_28-debugsource-11-150400.2.1 * kernel-livepatch-5_14_21-150400_24_141-default-debuginfo-6-150400.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-50205.html * https://www.suse.com/security/cve/CVE-2024-56650.html * https://www.suse.com/security/cve/CVE-2024-8805.html * https://bugzilla.suse.com/show_bug.cgi?id=1233294 * https://bugzilla.suse.com/show_bug.cgi?id=1235431 * https://bugzilla.suse.com/show_bug.cgi?id=1240840 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 5 08:30:35 2025 From: null at suse.de (SLE-UPDATES) Date: Mon, 05 May 2025 08:30:35 -0000 Subject: SUSE-SU-2025:1453-1: moderate: Security update for libva Message-ID: <174643383575.32303.2370868115635918931@smelt2.prg2.suse.org> # Security update for libva Announcement ID: SUSE-SU-2025:1453-1 Release Date: 2025-05-05T07:44:16Z Rating: moderate References: * bsc#1202828 * bsc#1217770 * bsc#1224413 * jsc#PED-11066 Cross-References: * CVE-2023-39929 CVSS scores: * CVE-2023-39929 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability, contains one feature and has two security fixes can now be installed. ## Description: This update for libva fixes the following issues: Update to libva version 2.20.0, which includes security fix for: * CVE-2023-39929: uncontrolled search path may allow an authenticated user to escalate privilege via local access (bsc#1224413, jsc#PED-11066) This includes latest version of one of the components needed for Video (processing) hardware support on Intel GPUs (bsc#1217770) Update to version 2.20.0: * av1: Revise offsets comments for av1 encode * drm: * Limit the array size to avoid out of range * Remove no longer used helpers * jpeg: add support for crop and partial decode * trace: * Add trace for vaExportSurfaceHandle * Unlock mutex before return * Fix minor issue about printf data type and value range * va/backend: * Annotate vafool as deprecated * Document the vaGetDriver* APIs * va/x11/va_fglrx: Remove some dead code * va/x11/va_nvctrl: Remove some dead code * va: * Add new VADecodeErrorType to indicate the reset happended in the driver * Add vendor string on va_TraceInitialize * Added Q416 fourcc (three-plane 16-bit YUV 4:4:4) * Drop no longer applicable vaGetDriverNames check * Fix:don't leak driver names, when override is set * Fix:set driver number to be zero if vaGetDriverNames failed * Optimize code of getting driver name for all protocols/os (wayland,x11,drm,win32,android) * Remove legacy code paths * Remove unreachable "DRIVER BUG" * x11/dri2: limit the array handling to avoid out of range access * x11: * Allow disabling DRI3 via LIBVA_DRI3_DISABLE env var * Implement vaGetDriverNames * Remove legacy code paths Update to 2.19.0: * add: Add mono_chrome to VAEncSequenceParameterBufferAV1 * add: Enable support for license acquisition of multiple protected playbacks * fix: use secure_getenv instead of getenv * trace: Improve and add VA trace log for AV1 encode * trace: Unify va log message, replace va_TracePrint with va_TraceMsg. Update to version 2.18.0: * doc: Add build and install libva informatio in home page. * fix: * Add libva.def into distribution package * NULL check before calling strncmp. * Remove reference to non-existent symbol * meson: docs: * Add encoder interface for av1 * Use libva_version over project_version() * va: * Add VAProfileH264High10 * Always build with va-messaging API * Fix the codying style of CHECK_DISPLAY * Remove Android pre Jelly Bean workarounds * Remove dummy isValid() hook * Remove unused drm_sarea.h include & ANDROID references in va_dricommon.h * va/sysdeps.h: remove Android section * x11: * Allow disabling DRI3 via LIBVA_DRI3_DISABLe env var * Use LIBVA_DRI3_DISABLE in GetNumCandidates * Add libva-wayland to baselibs.conf, now that its build have moved to the main part of spec, source validator should no longer complain on SLE. Update to 2.17.0: * win: Simplify signature for driver name loading * win: Rewrite driver registry query and fix some bugs/leaks/inefficiencies * win: Add missing null check after calloc * va: Update security disclaimer * dep:remove the file .cvsignore * pkgconfig: add 'with-legacy' for emgd, nvctrl and fglrx * meson: add 'with-legacy' for emgd, nvctrl and fglrx * x11: move all FGLRX code to va_fglrx.c * x11: move all NVCTRL code to va_nvctrl.c * meson: stop using deprecated meson.source_root() * meson: stop using configure_file copy=true * va: correctly include the win32 (local) headers * win: clean-up the coding style * va: dos2unix all the files * drm: remove unnecessary dri2 version/extension query * trace: annotate internal functions with DLL_HIDDEN * build/sysdeps: Remove HAVE_GNUC_VISIBILITY_ATTRIBUTE and use _GNUC_ support level attribute instead * meson: Check support for -Wl,-version-script and build link_args accordingly * meson: Set va_win32 soversion to '' and remove the install_data rename * fix: resouce check null * va_trace: Add Win32 memory types in va_TraceSurfaceAttributes * va_trace: va_TraceSurfaceAttributes should check the VASurfaceAttribMemoryType * va: Adds Win32 Node and Windows build support * va: Adds compat_win32 abstraction for Windows build and prepares va common code for windows build * pkgconfig: Add Win32 package for when WITH_WIN32 is enabled * meson: Add with_win32 option, makes libdrm non-mandatory on Win * x11: add basic DRI3 support * drm: remove VA_DRM_IsRenderNodeFd() helper * drm: add radeon drm + radeonsi mesa combo ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-1453=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1453=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1453=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1453=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1453=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * libva-x11-2-debuginfo-2.20.0-150500.3.5.1 * libva-devel-2.20.0-150500.3.5.1 * libva-debugsource-2.20.0-150500.3.5.1 * libva2-2.20.0-150500.3.5.1 * libva-gl-debugsource-2.20.0-150500.3.5.1 * libva-glx2-debuginfo-2.20.0-150500.3.5.1 * libva2-debuginfo-2.20.0-150500.3.5.1 * libva-wayland2-debuginfo-2.20.0-150500.3.5.1 * libva-glx2-2.20.0-150500.3.5.1 * libva-drm2-2.20.0-150500.3.5.1 * libva-gl-devel-2.20.0-150500.3.5.1 * libva-wayland2-2.20.0-150500.3.5.1 * libva-x11-2-2.20.0-150500.3.5.1 * libva-drm2-debuginfo-2.20.0-150500.3.5.1 * openSUSE Leap 15.5 (x86_64) * libva-x11-2-32bit-debuginfo-2.20.0-150500.3.5.1 * libva2-32bit-debuginfo-2.20.0-150500.3.5.1 * libva-wayland2-32bit-debuginfo-2.20.0-150500.3.5.1 * libva2-32bit-2.20.0-150500.3.5.1 * libva-wayland2-32bit-2.20.0-150500.3.5.1 * libva-devel-32bit-2.20.0-150500.3.5.1 * libva-drm2-32bit-2.20.0-150500.3.5.1 * libva-glx2-32bit-debuginfo-2.20.0-150500.3.5.1 * libva-glx2-32bit-2.20.0-150500.3.5.1 * libva-gl-devel-32bit-2.20.0-150500.3.5.1 * libva-drm2-32bit-debuginfo-2.20.0-150500.3.5.1 * libva-x11-2-32bit-2.20.0-150500.3.5.1 * openSUSE Leap 15.5 (aarch64_ilp32) * libva2-64bit-2.20.0-150500.3.5.1 * libva-wayland2-64bit-2.20.0-150500.3.5.1 * libva-wayland2-64bit-debuginfo-2.20.0-150500.3.5.1 * libva-drm2-64bit-debuginfo-2.20.0-150500.3.5.1 * libva-drm2-64bit-2.20.0-150500.3.5.1 * libva-devel-64bit-2.20.0-150500.3.5.1 * libva2-64bit-debuginfo-2.20.0-150500.3.5.1 * libva-glx2-64bit-2.20.0-150500.3.5.1 * libva-x11-2-64bit-debuginfo-2.20.0-150500.3.5.1 * libva-x11-2-64bit-2.20.0-150500.3.5.1 * libva-gl-devel-64bit-2.20.0-150500.3.5.1 * libva-glx2-64bit-debuginfo-2.20.0-150500.3.5.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * libva-x11-2-debuginfo-2.20.0-150500.3.5.1 * libva-devel-2.20.0-150500.3.5.1 * libva-debugsource-2.20.0-150500.3.5.1 * libva2-2.20.0-150500.3.5.1 * libva2-debuginfo-2.20.0-150500.3.5.1 * libva-wayland2-debuginfo-2.20.0-150500.3.5.1 * libva-drm2-2.20.0-150500.3.5.1 * libva-wayland2-2.20.0-150500.3.5.1 * libva-x11-2-2.20.0-150500.3.5.1 * libva-drm2-debuginfo-2.20.0-150500.3.5.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * libva-x11-2-debuginfo-2.20.0-150500.3.5.1 * libva-devel-2.20.0-150500.3.5.1 * libva-debugsource-2.20.0-150500.3.5.1 * libva2-2.20.0-150500.3.5.1 * libva2-debuginfo-2.20.0-150500.3.5.1 * libva-wayland2-debuginfo-2.20.0-150500.3.5.1 * libva-drm2-2.20.0-150500.3.5.1 * libva-wayland2-2.20.0-150500.3.5.1 * libva-x11-2-2.20.0-150500.3.5.1 * libva-drm2-debuginfo-2.20.0-150500.3.5.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libva-x11-2-debuginfo-2.20.0-150500.3.5.1 * libva-devel-2.20.0-150500.3.5.1 * libva-debugsource-2.20.0-150500.3.5.1 * libva2-2.20.0-150500.3.5.1 * libva2-debuginfo-2.20.0-150500.3.5.1 * libva-wayland2-debuginfo-2.20.0-150500.3.5.1 * libva-drm2-2.20.0-150500.3.5.1 * libva-wayland2-2.20.0-150500.3.5.1 * libva-x11-2-2.20.0-150500.3.5.1 * libva-drm2-debuginfo-2.20.0-150500.3.5.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * libva-x11-2-debuginfo-2.20.0-150500.3.5.1 * libva-devel-2.20.0-150500.3.5.1 * libva-debugsource-2.20.0-150500.3.5.1 * libva2-2.20.0-150500.3.5.1 * libva2-debuginfo-2.20.0-150500.3.5.1 * libva-wayland2-debuginfo-2.20.0-150500.3.5.1 * libva-drm2-2.20.0-150500.3.5.1 * libva-wayland2-2.20.0-150500.3.5.1 * libva-x11-2-2.20.0-150500.3.5.1 * libva-drm2-debuginfo-2.20.0-150500.3.5.1 ## References: * https://www.suse.com/security/cve/CVE-2023-39929.html * https://bugzilla.suse.com/show_bug.cgi?id=1202828 * https://bugzilla.suse.com/show_bug.cgi?id=1217770 * https://bugzilla.suse.com/show_bug.cgi?id=1224413 * https://jira.suse.com/browse/PED-11066 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 5 08:30:40 2025 From: null at suse.de (SLE-UPDATES) Date: Mon, 05 May 2025 08:30:40 -0000 Subject: SUSE-SU-2025:1452-1: moderate: Security update for libva Message-ID: <174643384019.32303.4236628412731317984@smelt2.prg2.suse.org> # Security update for libva Announcement ID: SUSE-SU-2025:1452-1 Release Date: 2025-05-05T07:44:00Z Rating: moderate References: * bsc#1202828 * bsc#1217770 * bsc#1224413 * jsc#PED-11066 * jsc#PED-1174 Cross-References: * CVE-2023-39929 CVSS scores: * CVE-2023-39929 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves one vulnerability, contains two features and has two security fixes can now be installed. ## Description: This update for libva fixes the following issues: Update to libva version 2.20.0, which includes security fix for: * CVE-2023-39929: Uncontrolled search path may allow an authenticated user to escalate privilege via local access (bsc#1224413, jsc#PED-11066) This includes latest version of one of the components needed for Video (processing) hardware support on Intel GPUs (bsc#1217770) Update to version 2.20.0: * av1: Revise offsets comments for av1 encode * drm: * Limit the array size to avoid out of range * Remove no longer used helpers * jpeg: add support for crop and partial decode * trace: * Add trace for vaExportSurfaceHandle * Unlock mutex before return * Fix minor issue about printf data type and value range * va/backend: * Annotate vafool as deprecated * Document the vaGetDriver* APIs * va/x11/va_fglrx: Remove some dead code * va/x11/va_nvctrl: Remove some dead code * va: * Add new VADecodeErrorType to indicate the reset happended in the driver * Add vendor string on va_TraceInitialize * Added Q416 fourcc (three-plane 16-bit YUV 4:4:4) * Drop no longer applicable vaGetDriverNames check * Fix:don't leak driver names, when override is set * Fix:set driver number to be zero if vaGetDriverNames failed * Optimize code of getting driver name for all protocols/os (wayland,x11,drm,win32,android) * Remove legacy code paths * Remove unreachable "DRIVER BUG" * win32: * Only print win32 driver messages in DEBUG builds * Remove duplicate adapter_luid entry * x11/dri2: limit the array handling to avoid out of range access * x11: * Allow disabling DRI3 via LIBVA_DRI3_DISABLE env var * Implement vaGetDriverNames * Remove legacy code paths Update to 2.19.0: * add: Add mono_chrome to VAEncSequenceParameterBufferAV1 * add: Enable support for license acquisition of multiple protected playbacks * fix: use secure_getenv instead of getenv * trace: Improve and add VA trace log for AV1 encode * trace: Unify va log message, replace va_TracePrint with va_TraceMsg. Update to version 2.18.0: * doc: Add build and install libva informatio in home page. * fix: * Add libva.def into distribution package * NULL check before calling strncmp. * Remove reference to non-existent symbol * meson: docs: * Add encoder interface for av1 * Use libva_version over project_version() * va: * Add VAProfileH264High10 * Always build with va-messaging API * Fix the codying style of CHECK_DISPLAY * Remove Android pre Jelly Bean workarounds * Remove dummy isValid() hook * Remove unused drm_sarea.h include & ANDROID references in va_dricommon.h * va/sysdeps.h: remove Android section * x11: * Allow disabling DRI3 via LIBVA_DRI3_DISABLe env var * Use LIBVA_DRI3_DISABLE in GetNumCandidates update to 2.17.0: * win: Simplify signature for driver name loading * win: Rewrite driver registry query and fix some bugs/leaks/inefficiencies * win: Add missing null check after calloc * va: Update security disclaimer * dep:remove the file .cvsignore * pkgconfig: add 'with-legacy' for emgd, nvctrl and fglrx * meson: add 'with-legacy' for emgd, nvctrl and fglrx * x11: move all FGLRX code to va_fglrx.c * x11: move all NVCTRL code to va_nvctrl.c * meson: stop using deprecated meson.source_root() * meson: stop using configure_file copy=true * va: correctly include the win32 (local) headers * win: clean-up the coding style * va: dos2unix all the files * drm: remove unnecessary dri2 version/extension query * trace: annotate internal functions with DLL_HIDDEN * build/sysdeps: Remove HAVE_GNUC_VISIBILITY_ATTRIBUTE and use _GNUC_ support level attribute instead * meson: Check support for -Wl,-version-script and build link_args accordingly * meson: Set va_win32 soversion to '' and remove the install_data rename * fix: resouce check null * va_trace: Add Win32 memory types in va_TraceSurfaceAttributes * va_trace: va_TraceSurfaceAttributes should check the VASurfaceAttribMemoryType * va: Adds Win32 Node and Windows build support * va: Adds compat_win32 abstraction for Windows build and prepares va common code for windows build * pkgconfig: Add Win32 package for when WITH_WIN32 is enabled * meson: Add with_win32 option, makes libdrm non-mandatory on Win * x11: add basic DRI3 support * drm: remove VA_DRM_IsRenderNodeFd() helper * drm: add radeon drm + radeonsi mesa combo * needed for jira#PED-1174 (Video decoding/encoding support (VA-API, ...) for Intel GPUs is outside of Mesa) Update to 2.16.0: * add: Add HierarchicalFlag & hierarchical_level_plus1 for AV1e. * dep: Update README.md to remove badge links * dep: Removed waffle-io badge from README to fix broken link * dep: Drop mailing list, IRC and Slack * autotools: use wayland-scanner private-code * autotools: use the wayland-scanner.pc to locate the prog * meson: use wayland-scanner private-code * meson: request native wayland-scanner * meson: use the wayland-scanner.pc to locate the prog * meson: set HAVE_VA_X11 when applicable * style:Correct slight coding style in several new commits * trace: add Linux ftrace mode for va trace * trace: Add missing pthread_mutex_destroy * drm: remove no-longer needed X == X mappings * drm: fallback to drm driver name == va driver name * drm: simplify the mapping table * x11: simplify the mapping table Update to version 2.15.0 was part of Intel oneVPL GPU Runtime 2022Q2 Release 22.4.4 Update to 2.15.0: * Add: new display HW attribute to report PCI ID * Add: sample depth related parameters for AV1e * Add: refresh_frame_flags for AV1e * Add: missing fields in va_TraceVAEncSequenceParameterBufferHEVC. * Add: nvidia-drm to the drm driver map * Add: type and buffer for delta qp per block * Deprecation: remove the va_fool support * Fix:Correct the version of meson build on master branch * Fix:X11 DRI2: check if device is a render node * Build:Use also strong stack protection if supported * Trace:print the string for profile/entrypoint/configattrib Update to 2.14.0: * add: Add av1 encode interfaces * add: VA/X11 VAAPI driver mapping for crocus DRI driver * doc: Add description of the fd management for surface importing * ci: fix freebsd build * meson: Copy public headers to build directory to support subproject * CVE-2023-39929: Fixed an issue where an uncontrolled search path may allow authenticated users to escalate privilege via local access. (bsc#1224413) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1452=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1452=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1452=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1452=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1452=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libva-drm2-debuginfo-2.20.0-150400.3.5.1 * libva-devel-2.20.0-150400.3.5.1 * libva-x11-2-2.20.0-150400.3.5.1 * libva2-2.20.0-150400.3.5.1 * libva-gl-devel-2.20.0-150400.3.5.1 * libva-glx2-2.20.0-150400.3.5.1 * libva-x11-2-debuginfo-2.20.0-150400.3.5.1 * libva-gl-debugsource-2.20.0-150400.3.5.1 * libva-glx2-debuginfo-2.20.0-150400.3.5.1 * libva-wayland2-2.20.0-150400.3.5.1 * libva-debugsource-2.20.0-150400.3.5.1 * libva-wayland2-debuginfo-2.20.0-150400.3.5.1 * libva-drm2-2.20.0-150400.3.5.1 * libva2-debuginfo-2.20.0-150400.3.5.1 * openSUSE Leap 15.4 (x86_64) * libva-glx2-32bit-2.20.0-150400.3.5.1 * libva-drm2-32bit-debuginfo-2.20.0-150400.3.5.1 * libva-wayland2-32bit-debuginfo-2.20.0-150400.3.5.1 * libva-devel-32bit-2.20.0-150400.3.5.1 * libva-x11-2-32bit-2.20.0-150400.3.5.1 * libva2-32bit-2.20.0-150400.3.5.1 * libva-x11-2-32bit-debuginfo-2.20.0-150400.3.5.1 * libva-glx2-32bit-debuginfo-2.20.0-150400.3.5.1 * libva-gl-devel-32bit-2.20.0-150400.3.5.1 * libva2-32bit-debuginfo-2.20.0-150400.3.5.1 * libva-wayland2-32bit-2.20.0-150400.3.5.1 * libva-drm2-32bit-2.20.0-150400.3.5.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libva-glx2-64bit-2.20.0-150400.3.5.1 * libva-drm2-64bit-2.20.0-150400.3.5.1 * libva-glx2-64bit-debuginfo-2.20.0-150400.3.5.1 * libva2-64bit-debuginfo-2.20.0-150400.3.5.1 * libva-gl-devel-64bit-2.20.0-150400.3.5.1 * libva-drm2-64bit-debuginfo-2.20.0-150400.3.5.1 * libva-wayland2-64bit-2.20.0-150400.3.5.1 * libva-x11-2-64bit-2.20.0-150400.3.5.1 * libva-devel-64bit-2.20.0-150400.3.5.1 * libva2-64bit-2.20.0-150400.3.5.1 * libva-x11-2-64bit-debuginfo-2.20.0-150400.3.5.1 * libva-wayland2-64bit-debuginfo-2.20.0-150400.3.5.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libva-drm2-debuginfo-2.20.0-150400.3.5.1 * libva-devel-2.20.0-150400.3.5.1 * libva-x11-2-2.20.0-150400.3.5.1 * libva2-2.20.0-150400.3.5.1 * libva-x11-2-debuginfo-2.20.0-150400.3.5.1 * libva-wayland2-2.20.0-150400.3.5.1 * libva-debugsource-2.20.0-150400.3.5.1 * libva-wayland2-debuginfo-2.20.0-150400.3.5.1 * libva-drm2-2.20.0-150400.3.5.1 * libva2-debuginfo-2.20.0-150400.3.5.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libva-drm2-debuginfo-2.20.0-150400.3.5.1 * libva-devel-2.20.0-150400.3.5.1 * libva-x11-2-2.20.0-150400.3.5.1 * libva2-2.20.0-150400.3.5.1 * libva-x11-2-debuginfo-2.20.0-150400.3.5.1 * libva-wayland2-2.20.0-150400.3.5.1 * libva-debugsource-2.20.0-150400.3.5.1 * libva-wayland2-debuginfo-2.20.0-150400.3.5.1 * libva-drm2-2.20.0-150400.3.5.1 * libva2-debuginfo-2.20.0-150400.3.5.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * libva-drm2-debuginfo-2.20.0-150400.3.5.1 * libva-devel-2.20.0-150400.3.5.1 * libva-x11-2-2.20.0-150400.3.5.1 * libva2-2.20.0-150400.3.5.1 * libva-x11-2-debuginfo-2.20.0-150400.3.5.1 * libva-wayland2-2.20.0-150400.3.5.1 * libva-debugsource-2.20.0-150400.3.5.1 * libva-wayland2-debuginfo-2.20.0-150400.3.5.1 * libva-drm2-2.20.0-150400.3.5.1 * libva2-debuginfo-2.20.0-150400.3.5.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libva-drm2-debuginfo-2.20.0-150400.3.5.1 * libva-devel-2.20.0-150400.3.5.1 * libva-x11-2-2.20.0-150400.3.5.1 * libva2-2.20.0-150400.3.5.1 * libva-x11-2-debuginfo-2.20.0-150400.3.5.1 * libva-wayland2-2.20.0-150400.3.5.1 * libva-debugsource-2.20.0-150400.3.5.1 * libva-wayland2-debuginfo-2.20.0-150400.3.5.1 * libva-drm2-2.20.0-150400.3.5.1 * libva2-debuginfo-2.20.0-150400.3.5.1 ## References: * https://www.suse.com/security/cve/CVE-2023-39929.html * https://bugzilla.suse.com/show_bug.cgi?id=1202828 * https://bugzilla.suse.com/show_bug.cgi?id=1217770 * https://bugzilla.suse.com/show_bug.cgi?id=1224413 * https://jira.suse.com/browse/PED-11066 * https://jira.suse.com/browse/PED-1174 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 5 08:30:45 2025 From: null at suse.de (SLE-UPDATES) Date: Mon, 05 May 2025 08:30:45 -0000 Subject: SUSE-SU-2025:1451-1: moderate: Security update for libva Message-ID: <174643384520.32303.14648905012111029529@smelt2.prg2.suse.org> # Security update for libva Announcement ID: SUSE-SU-2025:1451-1 Release Date: 2025-05-05T07:43:42Z Rating: moderate References: * bsc#1202828 * bsc#1217770 * bsc#1224413 * jsc#PED-11066 * jsc#PED-1174 * jsc#SLE-19361 Cross-References: * CVE-2023-39929 CVSS scores: * CVE-2023-39929 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves one vulnerability, contains three features and has two security fixes can now be installed. ## Description: This update for libva fixes the following issues: Update to libva version 2.20.0, which includes security fix for: * uncontrolled search path may allow an authenticated user to escalate privilege via local access (CVE-2023-39929, bsc#1224413, jsc#PED-11066) This includes latest version of one of the components needed for Video (processing) hardware support on Intel GPUs (bsc#1217770) Update to version 2.20.0: * av1: Revise offsets comments for av1 encode * drm: * Limit the array size to avoid out of range * Remove no longer used helpers * jpeg: add support for crop and partial decode * trace: * Add trace for vaExportSurfaceHandle * Unlock mutex before return * Fix minor issue about printf data type and value range * va/backend: * Annotate vafool as deprecated * Document the vaGetDriver* APIs * va/x11/va_fglrx: Remove some dead code * va/x11/va_nvctrl: Remove some dead code * va: * Add new VADecodeErrorType to indicate the reset happended in the driver * Add vendor string on va_TraceInitialize * Added Q416 fourcc (three-plane 16-bit YUV 4:4:4) * Drop no longer applicable vaGetDriverNames check * Fix:don't leak driver names, when override is set * Fix:set driver number to be zero if vaGetDriverNames failed * Optimize code of getting driver name for all protocols/os (wayland,x11,drm,win32,android) * Remove legacy code paths * Remove unreachable "DRIVER BUG" * win32: * Only print win32 driver messages in DEBUG builds * Remove duplicate adapter_luid entry * x11/dri2: limit the array handling to avoid out of range access * x11: * Allow disabling DRI3 via LIBVA_DRI3_DISABLE env var * Implement vaGetDriverNames * Remove legacy code paths Update to 2.19.0: * add: Add mono_chrome to VAEncSequenceParameterBufferAV1 * add: Enable support for license acquisition of multiple protected playbacks * fix: use secure_getenv instead of getenv * trace: Improve and add VA trace log for AV1 encode * trace: Unify va log message, replace va_TracePrint with va_TraceMsg. Update to version 2.18.0: * doc: Add build and install libva informatio in home page. * fix: * Add libva.def into distribution package * NULL check before calling strncmp. * Remove reference to non-existent symbol * meson: docs: * Add encoder interface for av1 * Use libva_version over project_version() * va: * Add VAProfileH264High10 * Always build with va-messaging API * Fix the codying style of CHECK_DISPLAY * Remove Android pre Jelly Bean workarounds * Remove dummy isValid() hook * Remove unused drm_sarea.h include & ANDROID references in va_dricommon.h * va/sysdeps.h: remove Android section * x11: * Allow disabling DRI3 via LIBVA_DRI3_DISABLe env var * Use LIBVA_DRI3_DISABLE in GetNumCandidates Update to 2.17.0: * win: Simplify signature for driver name loading * win: Rewrite driver registry query and fix some bugs/leaks/inefficiencies * win: Add missing null check after calloc * va: Update security disclaimer * dep:remove the file .cvsignore * pkgconfig: add 'with-legacy' for emgd, nvctrl and fglrx * meson: add 'with-legacy' for emgd, nvctrl and fglrx * x11: move all FGLRX code to va_fglrx.c * x11: move all NVCTRL code to va_nvctrl.c * meson: stop using deprecated meson.source_root() * meson: stop using configure_file copy=true * va: correctly include the win32 (local) headers * win: clean-up the coding style * va: dos2unix all the files * drm: remove unnecessary dri2 version/extension query * trace: annotate internal functions with DLL_HIDDEN * build/sysdeps: Remove HAVE_GNUC_VISIBILITY_ATTRIBUTE and use _GNUC_ support level attribute instead * meson: Check support for -Wl,-version-script and build link_args accordingly * meson: Set va_win32 soversion to '' and remove the install_data rename * fix: resouce check null * va_trace: Add Win32 memory types in va_TraceSurfaceAttributes * va_trace: va_TraceSurfaceAttributes should check the VASurfaceAttribMemoryType * va: Adds Win32 Node and Windows build support * va: Adds compat_win32 abstraction for Windows build and prepares va common code for windows build * pkgconfig: Add Win32 package for when WITH_WIN32 is enabled * meson: Add with_win32 option, makes libdrm non-mandatory on Win * x11: add basic DRI3 support * drm: remove VA_DRM_IsRenderNodeFd() helper * drm: add radeon drm + radeonsi mesa combo Needed for jira#PED-1174 (Video decoding/encoding support (VA-API, ...) for Intel GPUs is outside of Mesa) Update to 2.16.0: * add: Add HierarchicalFlag & hierarchical_level_plus1 for AV1e. * dep: Update README.md to remove badge links * dep: Removed waffle-io badge from README to fix broken link * dep: Drop mailing list, IRC and Slack * autotools: use wayland-scanner private-code * autotools: use the wayland-scanner.pc to locate the prog * meson: use wayland-scanner private-code * meson: request native wayland-scanner * meson: use the wayland-scanner.pc to locate the prog * meson: set HAVE_VA_X11 when applicable * style:Correct slight coding style in several new commits * trace: add Linux ftrace mode for va trace * trace: Add missing pthread_mutex_destroy * drm: remove no-longer needed X == X mappings * drm: fallback to drm driver name == va driver name * drm: simplify the mapping table * x11: simplify the mapping table Update to version 2.15.0 was part of Intel oneVPL GPU Runtime 2022Q2 Release 22.4.4 Update to 2.15.0: * Add: new display HW attribute to report PCI ID * Add: sample depth related parameters for AV1e * Add: refresh_frame_flags for AV1e * Add: missing fields in va_TraceVAEncSequenceParameterBufferHEVC. * Add: nvidia-drm to the drm driver map * Add: type and buffer for delta qp per block * Deprecation: remove the va_fool support * Fix:Correct the version of meson build on master branch * Fix:X11 DRI2: check if device is a render node * Build:Use also strong stack protection if supported * Trace:print the string for profile/entrypoint/configattrib Update to 2.14.0: * add: Add av1 encode interfaces * add: VA/X11 VAAPI driver mapping for crocus DRI driver * doc: Add description of the fd management for surface importing * ci: fix freebsd build * meson: Copy public headers to build directory to support subproject Update to 2.13.0 * add new surface format fourcc XYUV * Fix av1 dec doc page link issue * unify the code styles using the style_unify script * Check the function pointer before using (fixes github issue#536) * update NEWS for 2.13.0 Update to 2.12.0: * add: Report the capability of vaCopy support * add: Report the capability of sub device * add: Add config attributes to advertise HEVC/H.265 encoder features * add: Video processing HVS Denoise: Added 4 modes * add: Introduce VASurfaceAttribDRMFormatModifiers * add: Add 3DLUT Filter in Video Processing. * doc: Update log2_tile_column description for vp9enc * trace: Correct av1 film grain trace information * ci: Fix freebsd build by switching to vmactions/freebsd-vm at v0.1.3 Update to 2.11.0: * add: LibVA Protected Content API * add: Add a configuration attribute to advertise AV1d LST feature * fix: wayland: don't try to authenticate with render nodes * autotools: use shell grouping instead of sed to prepend a line * trace: Add details data dump for mpeg2 IQ matrix. * doc: update docs for VASurfaceAttribPixelFormat * doc: Libva documentation edit for AV1 reference frames * doc: Modify AV1 frame_width_minus1 and frame_height_minus1 comment * doc: Remove tile_rows and tile_cols restriction to match AV1 spec * doc: Format code for doxygen output * doc: AV1 decode documentation edit for superres_scale_denominator * ci: upgrade FreeBSD to 12.2 * ci: disable travis build * ci: update cache before attempting to install packages * ci: avoid running workloads on other workloads changes * ci: enable github actions * CVE-2023-39929: Fixed an issue where an uncontrolled search path may allow authenticated users to escalate privilege via local access. (bsc#1224413) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-1451=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1451=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1451=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1451=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1451=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * libva2-debuginfo-2.20.0-150300.3.3.1 * libva-x11-2-debuginfo-2.20.0-150300.3.3.1 * libva-debugsource-2.20.0-150300.3.3.1 * libva-drm2-debuginfo-2.20.0-150300.3.3.1 * libva2-2.20.0-150300.3.3.1 * libva-wayland2-2.20.0-150300.3.3.1 * libva-glx2-2.20.0-150300.3.3.1 * libva-gl-debugsource-2.20.0-150300.3.3.1 * libva-gl-devel-2.20.0-150300.3.3.1 * libva-drm2-2.20.0-150300.3.3.1 * libva-glx2-debuginfo-2.20.0-150300.3.3.1 * libva-wayland2-debuginfo-2.20.0-150300.3.3.1 * libva-x11-2-2.20.0-150300.3.3.1 * libva-devel-2.20.0-150300.3.3.1 * openSUSE Leap 15.3 (x86_64) * libva-drm2-32bit-debuginfo-2.20.0-150300.3.3.1 * libva-wayland2-32bit-2.20.0-150300.3.3.1 * libva-wayland2-32bit-debuginfo-2.20.0-150300.3.3.1 * libva-drm2-32bit-2.20.0-150300.3.3.1 * libva-glx2-32bit-2.20.0-150300.3.3.1 * libva-x11-2-32bit-2.20.0-150300.3.3.1 * libva2-32bit-2.20.0-150300.3.3.1 * libva-x11-2-32bit-debuginfo-2.20.0-150300.3.3.1 * libva-glx2-32bit-debuginfo-2.20.0-150300.3.3.1 * libva-gl-devel-32bit-2.20.0-150300.3.3.1 * libva2-32bit-debuginfo-2.20.0-150300.3.3.1 * libva-devel-32bit-2.20.0-150300.3.3.1 * openSUSE Leap 15.3 (aarch64_ilp32) * libva-drm2-64bit-debuginfo-2.20.0-150300.3.3.1 * libva-wayland2-64bit-debuginfo-2.20.0-150300.3.3.1 * libva-drm2-64bit-2.20.0-150300.3.3.1 * libva-gl-devel-64bit-2.20.0-150300.3.3.1 * libva-x11-2-64bit-debuginfo-2.20.0-150300.3.3.1 * libva-wayland2-64bit-2.20.0-150300.3.3.1 * libva-glx2-64bit-debuginfo-2.20.0-150300.3.3.1 * libva2-64bit-2.20.0-150300.3.3.1 * libva-glx2-64bit-2.20.0-150300.3.3.1 * libva-x11-2-64bit-2.20.0-150300.3.3.1 * libva2-64bit-debuginfo-2.20.0-150300.3.3.1 * libva-devel-64bit-2.20.0-150300.3.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * libva2-debuginfo-2.20.0-150300.3.3.1 * libva-x11-2-debuginfo-2.20.0-150300.3.3.1 * libva-debugsource-2.20.0-150300.3.3.1 * libva-drm2-debuginfo-2.20.0-150300.3.3.1 * libva2-2.20.0-150300.3.3.1 * libva-wayland2-2.20.0-150300.3.3.1 * libva-drm2-2.20.0-150300.3.3.1 * libva-wayland2-debuginfo-2.20.0-150300.3.3.1 * libva-x11-2-2.20.0-150300.3.3.1 * libva-devel-2.20.0-150300.3.3.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * libva2-debuginfo-2.20.0-150300.3.3.1 * libva-x11-2-debuginfo-2.20.0-150300.3.3.1 * libva-debugsource-2.20.0-150300.3.3.1 * libva-drm2-debuginfo-2.20.0-150300.3.3.1 * libva2-2.20.0-150300.3.3.1 * libva-wayland2-2.20.0-150300.3.3.1 * libva-drm2-2.20.0-150300.3.3.1 * libva-wayland2-debuginfo-2.20.0-150300.3.3.1 * libva-x11-2-2.20.0-150300.3.3.1 * libva-devel-2.20.0-150300.3.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * libva2-debuginfo-2.20.0-150300.3.3.1 * libva-x11-2-debuginfo-2.20.0-150300.3.3.1 * libva-debugsource-2.20.0-150300.3.3.1 * libva-drm2-debuginfo-2.20.0-150300.3.3.1 * libva2-2.20.0-150300.3.3.1 * libva-wayland2-2.20.0-150300.3.3.1 * libva-drm2-2.20.0-150300.3.3.1 * libva-wayland2-debuginfo-2.20.0-150300.3.3.1 * libva-x11-2-2.20.0-150300.3.3.1 * libva-devel-2.20.0-150300.3.3.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * libva2-debuginfo-2.20.0-150300.3.3.1 * libva-x11-2-debuginfo-2.20.0-150300.3.3.1 * libva-debugsource-2.20.0-150300.3.3.1 * libva-drm2-debuginfo-2.20.0-150300.3.3.1 * libva2-2.20.0-150300.3.3.1 * libva-wayland2-2.20.0-150300.3.3.1 * libva-drm2-2.20.0-150300.3.3.1 * libva-wayland2-debuginfo-2.20.0-150300.3.3.1 * libva-x11-2-2.20.0-150300.3.3.1 * libva-devel-2.20.0-150300.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2023-39929.html * https://bugzilla.suse.com/show_bug.cgi?id=1202828 * https://bugzilla.suse.com/show_bug.cgi?id=1217770 * https://bugzilla.suse.com/show_bug.cgi?id=1224413 * https://jira.suse.com/browse/PED-11066 * https://jira.suse.com/browse/PED-1174 * https://jira.suse.com/browse/SLE-19361 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 5 08:30:54 2025 From: null at suse.de (SLE-UPDATES) Date: Mon, 05 May 2025 08:30:54 -0000 Subject: SUSE-SU-2025:1450-1: important: Security update for ffmpeg Message-ID: <174643385491.32303.3212367598369269526@smelt2.prg2.suse.org> # Security update for ffmpeg Announcement ID: SUSE-SU-2025:1450-1 Release Date: 2025-05-05T07:43:27Z Rating: important References: * bsc#1223272 * bsc#1234028 * bsc#1235091 * bsc#1235092 * bsc#1236007 * bsc#1237358 * bsc#1237371 * bsc#1237382 Cross-References: * CVE-2023-51793 * CVE-2024-12361 * CVE-2024-35365 * CVE-2024-35368 * CVE-2024-36613 * CVE-2025-0518 * CVE-2025-22919 * CVE-2025-22921 CVSS scores: * CVE-2023-51793 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-12361 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-12361 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-35365 ( SUSE ): 2.0 CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2024-35365 ( SUSE ): 4.6 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L * CVE-2024-35365 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-35368 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-35368 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-35368 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36613 ( SUSE ): 4.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-36613 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L * CVE-2024-36613 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-0518 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2025-0518 ( NVD ): 4.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-22919 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-22919 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-22919 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-22921 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-22921 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-22921 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * Desktop Applications Module 15-SP6 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Workstation Extension 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves eight vulnerabilities can now be installed. ## Description: This update for ffmpeg fixes the following issues: * CVE-2025-22921: Clear array length when freeing it. (bsc#1237382) * CVE-2025-0518: Fix memory data leak when use sscanf(). (bsc#1236007) * CVE-2025-22919: Check for valid sample rate, to fix the invalid sample rate >= 0. (bsc#1237371) * CVE-2024-12361: Add check for av_packet_new_side_data() to avoid null pointer dereference if allocation fails. (bsc#1237358) * CVE-2024-36613: Adjust order of operations around block align. (bsc#1235092) * CVE-2024-35365: Fix double-free on error. (bsc#1235091) * CVE-2024-35368: Fix double-free on the AVFrame is unreferenced. (bsc#1234028) * CVE-2023-51793: Fix out of array access. (bsc#1223272). * CVE-2023-51793: Fixed a heap buffer overflow in the image_copy_plane function in libavutil/imgutils.c (bsc#1223272). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1450=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-1450=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-1450=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1450=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1450=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1450=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1450=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1450=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1450=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1450=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1450=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1450=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1450=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1450=1 * SUSE Linux Enterprise Workstation Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2025-1450=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1450=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * libpostproc54-debuginfo-3.4.2-150200.11.60.1 * libswscale4-debuginfo-3.4.2-150200.11.60.1 * libswresample-devel-3.4.2-150200.11.60.1 * libavutil-devel-3.4.2-150200.11.60.1 * ffmpeg-3.4.2-150200.11.60.1 * libpostproc-devel-3.4.2-150200.11.60.1 * ffmpeg-debugsource-3.4.2-150200.11.60.1 * ffmpeg-debuginfo-3.4.2-150200.11.60.1 * libswresample2-debuginfo-3.4.2-150200.11.60.1 * libavcodec-devel-3.4.2-150200.11.60.1 * libavresample3-debuginfo-3.4.2-150200.11.60.1 * libswscale-devel-3.4.2-150200.11.60.1 * libavcodec57-debuginfo-3.4.2-150200.11.60.1 * libavresample-devel-3.4.2-150200.11.60.1 * libavutil55-debuginfo-3.4.2-150200.11.60.1 * libavresample3-3.4.2-150200.11.60.1 * libavdevice57-debuginfo-3.4.2-150200.11.60.1 * libavfilter-devel-3.4.2-150200.11.60.1 * libavutil55-3.4.2-150200.11.60.1 * libpostproc54-3.4.2-150200.11.60.1 * libavdevice-devel-3.4.2-150200.11.60.1 * libswscale4-3.4.2-150200.11.60.1 * libswresample2-3.4.2-150200.11.60.1 * libavcodec57-3.4.2-150200.11.60.1 * libavdevice57-3.4.2-150200.11.60.1 * libavformat57-3.4.2-150200.11.60.1 * libavfilter6-debuginfo-3.4.2-150200.11.60.1 * ffmpeg-private-devel-3.4.2-150200.11.60.1 * libavfilter6-3.4.2-150200.11.60.1 * libavformat-devel-3.4.2-150200.11.60.1 * libavformat57-debuginfo-3.4.2-150200.11.60.1 * openSUSE Leap 15.6 (x86_64) * libpostproc54-32bit-3.4.2-150200.11.60.1 * libavdevice57-32bit-debuginfo-3.4.2-150200.11.60.1 * libavresample3-32bit-3.4.2-150200.11.60.1 * libavcodec57-32bit-debuginfo-3.4.2-150200.11.60.1 * libavfilter6-32bit-3.4.2-150200.11.60.1 * libavutil55-32bit-debuginfo-3.4.2-150200.11.60.1 * libavformat57-32bit-debuginfo-3.4.2-150200.11.60.1 * libswresample2-32bit-3.4.2-150200.11.60.1 * libavformat57-32bit-3.4.2-150200.11.60.1 * libswresample2-32bit-debuginfo-3.4.2-150200.11.60.1 * libpostproc54-32bit-debuginfo-3.4.2-150200.11.60.1 * libavdevice57-32bit-3.4.2-150200.11.60.1 * libavresample3-32bit-debuginfo-3.4.2-150200.11.60.1 * libavutil55-32bit-3.4.2-150200.11.60.1 * libswscale4-32bit-3.4.2-150200.11.60.1 * libavfilter6-32bit-debuginfo-3.4.2-150200.11.60.1 * libswscale4-32bit-debuginfo-3.4.2-150200.11.60.1 * libavcodec57-32bit-3.4.2-150200.11.60.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libpostproc54-debuginfo-3.4.2-150200.11.60.1 * libavutil55-3.4.2-150200.11.60.1 * libpostproc54-3.4.2-150200.11.60.1 * libpostproc-devel-3.4.2-150200.11.60.1 * ffmpeg-debugsource-3.4.2-150200.11.60.1 * ffmpeg-debuginfo-3.4.2-150200.11.60.1 * libavutil-devel-3.4.2-150200.11.60.1 * libswresample-devel-3.4.2-150200.11.60.1 * libswresample2-debuginfo-3.4.2-150200.11.60.1 * libswscale4-debuginfo-3.4.2-150200.11.60.1 * libavutil55-debuginfo-3.4.2-150200.11.60.1 * libswscale4-3.4.2-150200.11.60.1 * libswresample2-3.4.2-150200.11.60.1 * libavcodec57-3.4.2-150200.11.60.1 * libswscale-devel-3.4.2-150200.11.60.1 * libavcodec57-debuginfo-3.4.2-150200.11.60.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * libavresample3-3.4.2-150200.11.60.1 * libavdevice57-debuginfo-3.4.2-150200.11.60.1 * ffmpeg-debugsource-3.4.2-150200.11.60.1 * ffmpeg-debuginfo-3.4.2-150200.11.60.1 * libavformat57-debuginfo-3.4.2-150200.11.60.1 * libavfilter6-3.4.2-150200.11.60.1 * ffmpeg-3.4.2-150200.11.60.1 * libavdevice57-3.4.2-150200.11.60.1 * libavformat57-3.4.2-150200.11.60.1 * libavresample3-debuginfo-3.4.2-150200.11.60.1 * libavfilter6-debuginfo-3.4.2-150200.11.60.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * libpostproc54-debuginfo-3.4.2-150200.11.60.1 * libswscale4-debuginfo-3.4.2-150200.11.60.1 * libswresample-devel-3.4.2-150200.11.60.1 * libavutil-devel-3.4.2-150200.11.60.1 * libpostproc-devel-3.4.2-150200.11.60.1 * ffmpeg-debugsource-3.4.2-150200.11.60.1 * ffmpeg-debuginfo-3.4.2-150200.11.60.1 * libswresample2-debuginfo-3.4.2-150200.11.60.1 * libavresample3-debuginfo-3.4.2-150200.11.60.1 * libswscale-devel-3.4.2-150200.11.60.1 * libavutil55-debuginfo-3.4.2-150200.11.60.1 * libavcodec57-debuginfo-3.4.2-150200.11.60.1 * libavresample-devel-3.4.2-150200.11.60.1 * libavresample3-3.4.2-150200.11.60.1 * libavutil55-3.4.2-150200.11.60.1 * libpostproc54-3.4.2-150200.11.60.1 * libswscale4-3.4.2-150200.11.60.1 * libswresample2-3.4.2-150200.11.60.1 * libavcodec57-3.4.2-150200.11.60.1 * libavformat57-3.4.2-150200.11.60.1 * libavformat57-debuginfo-3.4.2-150200.11.60.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libavresample3-3.4.2-150200.11.60.1 * libpostproc54-debuginfo-3.4.2-150200.11.60.1 * libavutil55-3.4.2-150200.11.60.1 * libpostproc54-3.4.2-150200.11.60.1 * libpostproc-devel-3.4.2-150200.11.60.1 * ffmpeg-debugsource-3.4.2-150200.11.60.1 * ffmpeg-debuginfo-3.4.2-150200.11.60.1 * libavformat57-debuginfo-3.4.2-150200.11.60.1 * libavutil-devel-3.4.2-150200.11.60.1 * libswresample-devel-3.4.2-150200.11.60.1 * libswresample2-debuginfo-3.4.2-150200.11.60.1 * libswscale4-debuginfo-3.4.2-150200.11.60.1 * libavutil55-debuginfo-3.4.2-150200.11.60.1 * libswscale4-3.4.2-150200.11.60.1 * libswresample2-3.4.2-150200.11.60.1 * libavcodec57-3.4.2-150200.11.60.1 * libavformat57-3.4.2-150200.11.60.1 * libavresample3-debuginfo-3.4.2-150200.11.60.1 * libswscale-devel-3.4.2-150200.11.60.1 * libavcodec57-debuginfo-3.4.2-150200.11.60.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libavresample3-3.4.2-150200.11.60.1 * libpostproc54-debuginfo-3.4.2-150200.11.60.1 * libavutil55-3.4.2-150200.11.60.1 * libpostproc54-3.4.2-150200.11.60.1 * libpostproc-devel-3.4.2-150200.11.60.1 * ffmpeg-debugsource-3.4.2-150200.11.60.1 * ffmpeg-debuginfo-3.4.2-150200.11.60.1 * libavformat57-debuginfo-3.4.2-150200.11.60.1 * libavutil-devel-3.4.2-150200.11.60.1 * libswresample-devel-3.4.2-150200.11.60.1 * libswresample2-debuginfo-3.4.2-150200.11.60.1 * libswscale4-debuginfo-3.4.2-150200.11.60.1 * libavutil55-debuginfo-3.4.2-150200.11.60.1 * libswscale4-3.4.2-150200.11.60.1 * libswresample2-3.4.2-150200.11.60.1 * libavcodec57-3.4.2-150200.11.60.1 * libavformat57-3.4.2-150200.11.60.1 * libavresample3-debuginfo-3.4.2-150200.11.60.1 * libswscale-devel-3.4.2-150200.11.60.1 * libavcodec57-debuginfo-3.4.2-150200.11.60.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * libpostproc54-debuginfo-3.4.2-150200.11.60.1 * libavutil55-3.4.2-150200.11.60.1 * libpostproc54-3.4.2-150200.11.60.1 * libpostproc-devel-3.4.2-150200.11.60.1 * ffmpeg-debugsource-3.4.2-150200.11.60.1 * ffmpeg-debuginfo-3.4.2-150200.11.60.1 * libavutil-devel-3.4.2-150200.11.60.1 * libswresample-devel-3.4.2-150200.11.60.1 * libswresample2-debuginfo-3.4.2-150200.11.60.1 * libswscale4-debuginfo-3.4.2-150200.11.60.1 * libavutil55-debuginfo-3.4.2-150200.11.60.1 * libswscale4-3.4.2-150200.11.60.1 * libswresample2-3.4.2-150200.11.60.1 * libavcodec57-3.4.2-150200.11.60.1 * libswscale-devel-3.4.2-150200.11.60.1 * libavcodec57-debuginfo-3.4.2-150200.11.60.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * libpostproc54-debuginfo-3.4.2-150200.11.60.1 * libavutil55-3.4.2-150200.11.60.1 * libpostproc54-3.4.2-150200.11.60.1 * libpostproc-devel-3.4.2-150200.11.60.1 * ffmpeg-debugsource-3.4.2-150200.11.60.1 * ffmpeg-debuginfo-3.4.2-150200.11.60.1 * libavutil-devel-3.4.2-150200.11.60.1 * libswresample-devel-3.4.2-150200.11.60.1 * libswresample2-debuginfo-3.4.2-150200.11.60.1 * libswscale4-debuginfo-3.4.2-150200.11.60.1 * libavutil55-debuginfo-3.4.2-150200.11.60.1 * libswscale4-3.4.2-150200.11.60.1 * libswresample2-3.4.2-150200.11.60.1 * libavcodec57-3.4.2-150200.11.60.1 * libswscale-devel-3.4.2-150200.11.60.1 * libavcodec57-debuginfo-3.4.2-150200.11.60.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * libpostproc54-debuginfo-3.4.2-150200.11.60.1 * libswscale4-debuginfo-3.4.2-150200.11.60.1 * libswresample-devel-3.4.2-150200.11.60.1 * libavutil-devel-3.4.2-150200.11.60.1 * libpostproc-devel-3.4.2-150200.11.60.1 * ffmpeg-debugsource-3.4.2-150200.11.60.1 * ffmpeg-debuginfo-3.4.2-150200.11.60.1 * libswresample2-debuginfo-3.4.2-150200.11.60.1 * libavresample3-debuginfo-3.4.2-150200.11.60.1 * libswscale-devel-3.4.2-150200.11.60.1 * libavutil55-debuginfo-3.4.2-150200.11.60.1 * libavcodec57-debuginfo-3.4.2-150200.11.60.1 * libavresample-devel-3.4.2-150200.11.60.1 * libavresample3-3.4.2-150200.11.60.1 * libavutil55-3.4.2-150200.11.60.1 * libpostproc54-3.4.2-150200.11.60.1 * libswscale4-3.4.2-150200.11.60.1 * libswresample2-3.4.2-150200.11.60.1 * libavcodec57-3.4.2-150200.11.60.1 * libavformat57-3.4.2-150200.11.60.1 * libavformat57-debuginfo-3.4.2-150200.11.60.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * libavresample3-3.4.2-150200.11.60.1 * libpostproc54-debuginfo-3.4.2-150200.11.60.1 * libavutil55-3.4.2-150200.11.60.1 * libpostproc54-3.4.2-150200.11.60.1 * libpostproc-devel-3.4.2-150200.11.60.1 * ffmpeg-debugsource-3.4.2-150200.11.60.1 * ffmpeg-debuginfo-3.4.2-150200.11.60.1 * libavformat57-debuginfo-3.4.2-150200.11.60.1 * libavutil-devel-3.4.2-150200.11.60.1 * libswresample-devel-3.4.2-150200.11.60.1 * libswresample2-debuginfo-3.4.2-150200.11.60.1 * libswscale4-debuginfo-3.4.2-150200.11.60.1 * libavutil55-debuginfo-3.4.2-150200.11.60.1 * libswscale4-3.4.2-150200.11.60.1 * libswresample2-3.4.2-150200.11.60.1 * libavcodec57-3.4.2-150200.11.60.1 * libavformat57-3.4.2-150200.11.60.1 * libavresample3-debuginfo-3.4.2-150200.11.60.1 * libswscale-devel-3.4.2-150200.11.60.1 * libavcodec57-debuginfo-3.4.2-150200.11.60.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libpostproc54-debuginfo-3.4.2-150200.11.60.1 * libavutil55-3.4.2-150200.11.60.1 * libpostproc54-3.4.2-150200.11.60.1 * libpostproc-devel-3.4.2-150200.11.60.1 * ffmpeg-debugsource-3.4.2-150200.11.60.1 * ffmpeg-debuginfo-3.4.2-150200.11.60.1 * libavutil-devel-3.4.2-150200.11.60.1 * libswresample-devel-3.4.2-150200.11.60.1 * libswresample2-debuginfo-3.4.2-150200.11.60.1 * libswscale4-debuginfo-3.4.2-150200.11.60.1 * libavutil55-debuginfo-3.4.2-150200.11.60.1 * libswscale4-3.4.2-150200.11.60.1 * libswresample2-3.4.2-150200.11.60.1 * libavcodec57-3.4.2-150200.11.60.1 * libswscale-devel-3.4.2-150200.11.60.1 * libavcodec57-debuginfo-3.4.2-150200.11.60.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * libpostproc54-debuginfo-3.4.2-150200.11.60.1 * libswscale4-debuginfo-3.4.2-150200.11.60.1 * libswresample-devel-3.4.2-150200.11.60.1 * libavutil-devel-3.4.2-150200.11.60.1 * libpostproc-devel-3.4.2-150200.11.60.1 * ffmpeg-debugsource-3.4.2-150200.11.60.1 * ffmpeg-debuginfo-3.4.2-150200.11.60.1 * libswresample2-debuginfo-3.4.2-150200.11.60.1 * libavresample3-debuginfo-3.4.2-150200.11.60.1 * libswscale-devel-3.4.2-150200.11.60.1 * libavutil55-debuginfo-3.4.2-150200.11.60.1 * libavcodec57-debuginfo-3.4.2-150200.11.60.1 * libavresample-devel-3.4.2-150200.11.60.1 * libavresample3-3.4.2-150200.11.60.1 * libavutil55-3.4.2-150200.11.60.1 * libpostproc54-3.4.2-150200.11.60.1 * libswscale4-3.4.2-150200.11.60.1 * libswresample2-3.4.2-150200.11.60.1 * libavcodec57-3.4.2-150200.11.60.1 * libavformat57-3.4.2-150200.11.60.1 * libavformat57-debuginfo-3.4.2-150200.11.60.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libavresample3-3.4.2-150200.11.60.1 * libpostproc54-debuginfo-3.4.2-150200.11.60.1 * libavutil55-3.4.2-150200.11.60.1 * libpostproc54-3.4.2-150200.11.60.1 * libpostproc-devel-3.4.2-150200.11.60.1 * ffmpeg-debugsource-3.4.2-150200.11.60.1 * ffmpeg-debuginfo-3.4.2-150200.11.60.1 * libavformat57-debuginfo-3.4.2-150200.11.60.1 * libavutil-devel-3.4.2-150200.11.60.1 * libswresample-devel-3.4.2-150200.11.60.1 * libswresample2-debuginfo-3.4.2-150200.11.60.1 * libswscale4-debuginfo-3.4.2-150200.11.60.1 * libavutil55-debuginfo-3.4.2-150200.11.60.1 * libswscale4-3.4.2-150200.11.60.1 * libswresample2-3.4.2-150200.11.60.1 * libavcodec57-3.4.2-150200.11.60.1 * libavformat57-3.4.2-150200.11.60.1 * libavresample3-debuginfo-3.4.2-150200.11.60.1 * libswscale-devel-3.4.2-150200.11.60.1 * libavcodec57-debuginfo-3.4.2-150200.11.60.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * libpostproc54-debuginfo-3.4.2-150200.11.60.1 * libavutil55-3.4.2-150200.11.60.1 * libpostproc54-3.4.2-150200.11.60.1 * libpostproc-devel-3.4.2-150200.11.60.1 * ffmpeg-debugsource-3.4.2-150200.11.60.1 * ffmpeg-debuginfo-3.4.2-150200.11.60.1 * libavutil-devel-3.4.2-150200.11.60.1 * libswresample-devel-3.4.2-150200.11.60.1 * libswresample2-debuginfo-3.4.2-150200.11.60.1 * libswscale4-debuginfo-3.4.2-150200.11.60.1 * libavutil55-debuginfo-3.4.2-150200.11.60.1 * libswscale4-3.4.2-150200.11.60.1 * libswresample2-3.4.2-150200.11.60.1 * libavcodec57-3.4.2-150200.11.60.1 * libswscale-devel-3.4.2-150200.11.60.1 * libavcodec57-debuginfo-3.4.2-150200.11.60.1 * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64) * libavresample3-3.4.2-150200.11.60.1 * ffmpeg-debugsource-3.4.2-150200.11.60.1 * ffmpeg-debuginfo-3.4.2-150200.11.60.1 * libavformat57-debuginfo-3.4.2-150200.11.60.1 * libavformat57-3.4.2-150200.11.60.1 * libavformat-devel-3.4.2-150200.11.60.1 * libavcodec-devel-3.4.2-150200.11.60.1 * libavresample3-debuginfo-3.4.2-150200.11.60.1 * libavresample-devel-3.4.2-150200.11.60.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * libpostproc54-debuginfo-3.4.2-150200.11.60.1 * libswscale4-debuginfo-3.4.2-150200.11.60.1 * libswresample-devel-3.4.2-150200.11.60.1 * libavutil-devel-3.4.2-150200.11.60.1 * libpostproc-devel-3.4.2-150200.11.60.1 * ffmpeg-debugsource-3.4.2-150200.11.60.1 * ffmpeg-debuginfo-3.4.2-150200.11.60.1 * libswresample2-debuginfo-3.4.2-150200.11.60.1 * libavresample3-debuginfo-3.4.2-150200.11.60.1 * libswscale-devel-3.4.2-150200.11.60.1 * libavutil55-debuginfo-3.4.2-150200.11.60.1 * libavcodec57-debuginfo-3.4.2-150200.11.60.1 * libavresample-devel-3.4.2-150200.11.60.1 * libavresample3-3.4.2-150200.11.60.1 * libavutil55-3.4.2-150200.11.60.1 * libpostproc54-3.4.2-150200.11.60.1 * libswscale4-3.4.2-150200.11.60.1 * libswresample2-3.4.2-150200.11.60.1 * libavcodec57-3.4.2-150200.11.60.1 * libavformat57-3.4.2-150200.11.60.1 * libavformat57-debuginfo-3.4.2-150200.11.60.1 ## References: * https://www.suse.com/security/cve/CVE-2023-51793.html * https://www.suse.com/security/cve/CVE-2024-12361.html * https://www.suse.com/security/cve/CVE-2024-35365.html * https://www.suse.com/security/cve/CVE-2024-35368.html * https://www.suse.com/security/cve/CVE-2024-36613.html * https://www.suse.com/security/cve/CVE-2025-0518.html * https://www.suse.com/security/cve/CVE-2025-22919.html * https://www.suse.com/security/cve/CVE-2025-22921.html * https://bugzilla.suse.com/show_bug.cgi?id=1223272 * https://bugzilla.suse.com/show_bug.cgi?id=1234028 * https://bugzilla.suse.com/show_bug.cgi?id=1235091 * https://bugzilla.suse.com/show_bug.cgi?id=1235092 * https://bugzilla.suse.com/show_bug.cgi?id=1236007 * https://bugzilla.suse.com/show_bug.cgi?id=1237358 * https://bugzilla.suse.com/show_bug.cgi?id=1237371 * https://bugzilla.suse.com/show_bug.cgi?id=1237382 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 5 08:31:00 2025 From: null at suse.de (SLE-UPDATES) Date: Mon, 05 May 2025 08:31:00 -0000 Subject: SUSE-RU-2025:1447-1: important: Recommended update for lvm2 Message-ID: <174643386003.32303.5328246426000708349@smelt2.prg2.suse.org> # Recommended update for lvm2 Announcement ID: SUSE-RU-2025:1447-1 Release Date: 2025-05-05T06:04:34Z Rating: important References: * bsc#1216938 Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Availability Extension 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that has one fix can now be installed. ## Description: This update for lvm2 fixes the following issues: * LVM filter behaves unexpectedly for MPIO devices in SLES15SP5 (bsc#1216938) * set lvm.conf devices.multipath_wwids_file="" ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1447=1 SUSE-2025-1447=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1447=1 * SUSE Linux Enterprise High Availability Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-HA-15-SP6-2025-1447=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * lvm2-debuginfo-2.03.22-150600.3.6.1 * liblvm2cmd2_03-2.03.22-150600.3.6.1 * lvm2-2.03.22-150600.3.6.1 * lvm2-device-mapper-debugsource-2.03.22-150600.3.6.1 * lvm2-lockd-2.03.22-150600.3.6.1 * lvm2-debugsource-2.03.22-150600.3.6.1 * device-mapper-debuginfo-2.03.22_1.02.196-150600.3.6.1 * libdevmapper1_03-debuginfo-2.03.22_1.02.196-150600.3.6.1 * lvm2-devel-2.03.22-150600.3.6.1 * lvm2-testsuite-2.03.22-150600.3.6.1 * lvm2-testsuite-debuginfo-2.03.22-150600.3.6.1 * device-mapper-devel-2.03.22_1.02.196-150600.3.6.1 * libdevmapper-event1_03-debuginfo-2.03.22_1.02.196-150600.3.6.1 * lvm2-lvmlockd-debugsource-2.03.22-150600.3.6.1 * libdevmapper-event1_03-2.03.22_1.02.196-150600.3.6.1 * libdevmapper1_03-2.03.22_1.02.196-150600.3.6.1 * liblvm2cmd2_03-debuginfo-2.03.22-150600.3.6.1 * lvm2-lockd-debuginfo-2.03.22-150600.3.6.1 * device-mapper-2.03.22_1.02.196-150600.3.6.1 * openSUSE Leap 15.6 (x86_64) * libdevmapper-event1_03-32bit-debuginfo-2.03.22_1.02.196-150600.3.6.1 * libdevmapper-event1_03-32bit-2.03.22_1.02.196-150600.3.6.1 * libdevmapper1_03-32bit-debuginfo-2.03.22_1.02.196-150600.3.6.1 * device-mapper-devel-32bit-2.03.22_1.02.196-150600.3.6.1 * libdevmapper1_03-32bit-2.03.22_1.02.196-150600.3.6.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libdevmapper1_03-64bit-2.03.22_1.02.196-150600.3.6.1 * device-mapper-devel-64bit-2.03.22_1.02.196-150600.3.6.1 * libdevmapper1_03-64bit-debuginfo-2.03.22_1.02.196-150600.3.6.1 * libdevmapper-event1_03-64bit-2.03.22_1.02.196-150600.3.6.1 * libdevmapper-event1_03-64bit-debuginfo-2.03.22_1.02.196-150600.3.6.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * lvm2-debuginfo-2.03.22-150600.3.6.1 * liblvm2cmd2_03-2.03.22-150600.3.6.1 * lvm2-2.03.22-150600.3.6.1 * lvm2-debugsource-2.03.22-150600.3.6.1 * device-mapper-debuginfo-2.03.22_1.02.196-150600.3.6.1 * libdevmapper1_03-debuginfo-2.03.22_1.02.196-150600.3.6.1 * lvm2-devel-2.03.22-150600.3.6.1 * device-mapper-devel-2.03.22_1.02.196-150600.3.6.1 * libdevmapper-event1_03-debuginfo-2.03.22_1.02.196-150600.3.6.1 * libdevmapper-event1_03-2.03.22_1.02.196-150600.3.6.1 * libdevmapper1_03-2.03.22_1.02.196-150600.3.6.1 * liblvm2cmd2_03-debuginfo-2.03.22-150600.3.6.1 * device-mapper-2.03.22_1.02.196-150600.3.6.1 * Basesystem Module 15-SP6 (x86_64) * libdevmapper1_03-32bit-2.03.22_1.02.196-150600.3.6.1 * libdevmapper1_03-32bit-debuginfo-2.03.22_1.02.196-150600.3.6.1 * SUSE Linux Enterprise High Availability Extension 15 SP6 (aarch64 ppc64le s390x x86_64) * lvm2-lockd-2.03.22-150600.3.6.1 * lvm2-lockd-debuginfo-2.03.22-150600.3.6.1 * lvm2-lvmlockd-debugsource-2.03.22-150600.3.6.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1216938 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 5 08:31:02 2025 From: null at suse.de (SLE-UPDATES) Date: Mon, 05 May 2025 08:31:02 -0000 Subject: SUSE-RU-2025:1446-1: important: Recommended update for lvm2 Message-ID: <174643386223.32303.627924441223242834@smelt2.prg2.suse.org> # Recommended update for lvm2 Announcement ID: SUSE-RU-2025:1446-1 Release Date: 2025-05-05T06:04:10Z Rating: important References: * bsc#1216938 Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Availability Extension 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has one fix can now be installed. ## Description: This update for lvm2 fixes the following issues: * LVM filter behaves unexpectedly for MPIO devices in SLES15SP5 (bsc#1216938) * set lvm.conf devices.multipath_wwids_file="" ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-1446=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-1446=1 * SUSE Linux Enterprise High Availability Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-HA-15-SP5-2025-1446=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * libdevmapper1_03-2.03.22_1.02.196-150500.7.15.1 * lvm2-lockd-2.03.22-150500.7.15.1 * liblvm2cmd2_03-2.03.22-150500.7.15.1 * device-mapper-2.03.22_1.02.196-150500.7.15.1 * libdevmapper-event1_03-debuginfo-2.03.22_1.02.196-150500.7.15.1 * libdevmapper1_03-debuginfo-2.03.22_1.02.196-150500.7.15.1 * lvm2-2.03.22-150500.7.15.1 * lvm2-testsuite-debuginfo-2.03.22-150500.7.15.1 * lvm2-lockd-debuginfo-2.03.22-150500.7.15.1 * lvm2-testsuite-2.03.22-150500.7.15.1 * lvm2-device-mapper-debugsource-2.03.22-150500.7.15.1 * device-mapper-devel-2.03.22_1.02.196-150500.7.15.1 * lvm2-debugsource-2.03.22-150500.7.15.1 * lvm2-devel-2.03.22-150500.7.15.1 * lvm2-debuginfo-2.03.22-150500.7.15.1 * libdevmapper-event1_03-2.03.22_1.02.196-150500.7.15.1 * lvm2-lvmlockd-debugsource-2.03.22-150500.7.15.1 * liblvm2cmd2_03-debuginfo-2.03.22-150500.7.15.1 * device-mapper-debuginfo-2.03.22_1.02.196-150500.7.15.1 * openSUSE Leap 15.5 (x86_64) * libdevmapper1_03-32bit-debuginfo-2.03.22_1.02.196-150500.7.15.1 * device-mapper-devel-32bit-2.03.22_1.02.196-150500.7.15.1 * libdevmapper-event1_03-32bit-2.03.22_1.02.196-150500.7.15.1 * libdevmapper-event1_03-32bit-debuginfo-2.03.22_1.02.196-150500.7.15.1 * libdevmapper1_03-32bit-2.03.22_1.02.196-150500.7.15.1 * openSUSE Leap 15.5 (aarch64_ilp32) * libdevmapper-event1_03-64bit-debuginfo-2.03.22_1.02.196-150500.7.15.1 * libdevmapper-event1_03-64bit-2.03.22_1.02.196-150500.7.15.1 * libdevmapper1_03-64bit-debuginfo-2.03.22_1.02.196-150500.7.15.1 * libdevmapper1_03-64bit-2.03.22_1.02.196-150500.7.15.1 * device-mapper-devel-64bit-2.03.22_1.02.196-150500.7.15.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * device-mapper-2.03.22_1.02.196-150500.7.15.1 * libdevmapper-event1_03-debuginfo-2.03.22_1.02.196-150500.7.15.1 * liblvm2cmd2_03-2.03.22-150500.7.15.1 * libdevmapper1_03-debuginfo-2.03.22_1.02.196-150500.7.15.1 * lvm2-2.03.22-150500.7.15.1 * liblvm2cmd2_03-debuginfo-2.03.22-150500.7.15.1 * libdevmapper-event1_03-2.03.22_1.02.196-150500.7.15.1 * lvm2-debugsource-2.03.22-150500.7.15.1 * lvm2-debuginfo-2.03.22-150500.7.15.1 * libdevmapper1_03-2.03.22_1.02.196-150500.7.15.1 * device-mapper-debuginfo-2.03.22_1.02.196-150500.7.15.1 * SUSE Linux Enterprise High Availability Extension 15 SP5 (aarch64 ppc64le s390x x86_64) * lvm2-lockd-2.03.22-150500.7.15.1 * lvm2-lockd-debuginfo-2.03.22-150500.7.15.1 * lvm2-lvmlockd-debugsource-2.03.22-150500.7.15.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1216938 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 7 12:09:56 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 07 May 2025 12:09:56 -0000 Subject: SUSE-SU-2025:1490-1: important: Security update for java-17-openjdk Message-ID: <174661979650.24379.8968240067334927720@smelt2.prg2.suse.org> # Security update for java-17-openjdk Announcement ID: SUSE-SU-2025:1490-1 Release Date: 2025-05-06T11:49:02Z Rating: important References: * bsc#1241274 * bsc#1241275 * bsc#1241276 Cross-References: * CVE-2025-21587 * CVE-2025-30691 * CVE-2025-30698 CVSS scores: * CVE-2025-21587 ( SUSE ): 9.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-21587 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2025-21587 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2025-30691 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-30691 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-30691 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-30698 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-30698 ( SUSE ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-30698 ( NVD ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L Affected Products: * Basesystem Module 15-SP6 * Legacy Module 15-SP6 * openSUSE Leap 15.4 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves three vulnerabilities can now be installed. ## Description: This update for java-17-openjdk fixes the following issues: Update to upstream tag jdk-17.0.15+6 (April 2025 CPU) CVEs: * CVE-2025-21587: Fixed JSSE unauthorized access, deletion or modification of critical data (bsc#1241274) * CVE-2025-30691: Fixed Oracle Java SE Compiler Unauthorized Data Access (bsc#1241275) * CVE-2025-30698: Fixed Oracle Java 2D unauthorized data access and DoS (bsc#1241276) Changes: + JDK-6355567: AdobeMarkerSegment causes failure to read valid JPEG + JDK-8065099: [macos] javax/swing/PopupFactory/6276087/ /NonOpaquePopupMenuTest.java fails: no background shine through + JDK-8179502: Enhance OCSP, CRL and Certificate Fetch Timeouts + JDK-8198237: [macos] Test java/awt/Frame/ /ExceptionOnSetExtendedStateTest/ /ExceptionOnSetExtendedStateTest.java fails + JDK-8198666: Many java/awt/Modal/OnTop/ test fails on mac + JDK-8208565: [TEST_BUG] javax/swing/PopupFactory/6276087/ /NonOpaquePopupMenuTest.java throws NPE + JDK-8226933: [TEST_BUG]GTK L&F: There is no swatches or RGB tab in JColorChooser + JDK-8226938: [TEST_BUG]GTK L&F: There is no Details button in FileChooser Dialog + JDK-8266435: WBMPImageReader.read() should not truncate the input stream + JDK-8267893: Improve jtreg test failure handler do get native/mixed stack traces for cores and live processes + JDK-8270961: [TESTBUG] Move GotWrongOOMEException into vm.share.gc package + JDK-8274893: Update java.desktop classes to use try-with-resources + JDK-8276202: LogFileOutput.invalid_file_vm asserts when being executed from a read only working directory + JDK-8277240: java/awt/Graphics2D/ScaledTransform/ /ScaledTransform.java dialog does not get disposed + JDK-8281234: The -protected option is not always checked in keytool and jarsigner + JDK-8282314: nsk/jvmti/SuspendThread/suspendthrd003 may leak memory + JDK-8283387: [macos] a11y : Screen magnifier does not show selected Tab + JDK-8283404: [macos] a11y : Screen magnifier does not show JMenu name + JDK-8283664: Remove jtreg tag manual=yesno for java/awt/print/PrinterJob/PrintTextTest.java + JDK-8286779: javax.crypto.CryptoPolicyParser#isConsistent always returns 'true' + JDK-8286875: ProgrammableUpcallHandler::on_entry/on_exit access thread fields from native + JDK-8290400: Must run exe installers in jpackage jtreg tests without UI + JDK-8292588: [macos] Multiscreen/MultiScreenLocationTest/ /MultiScreenLocationTest.java: Robot.mouseMove test failed on Screen #0 + JDK-8292704: sun/security/tools/jarsigner/compatibility/ /Compatibility.java use wrong key size for EC + JDK-8292848: AWT_Mixing and TrayIcon tests fail on el8 with hard-coded isOel7 + JDK-8293345: SunPKCS11 provider checks on PKCS11 Mechanism are problematic + JDK-8293412: Remove unnecessary java.security.egd overrides + JDK-8294067: [macOS] javax/swing/JComboBox/6559152/ /bug6559152.java Cannot select an item from popup with the ENTER key. + JDK-8294316: SA core file support is broken on macosx-x64 starting with macOS 12.x + JDK-8295087: Manual Test to Automated Test Conversion + JDK-8295176: some langtools test pollutes source tree + JDK-8296591: Signature benchmark + JDK-8296818: Enhance JMH tests java/security/Signatures.java + JDK-8299077: [REDO] JDK-4512626 Non-editable JTextArea provides no visual indication of keyboard focus + JDK-8299127: [REDO] JDK-8194048 Regression automated test '/open/test/jdk/javax/swing/text/DefaultCaret/HidingSelection/ /HidingSelectionTest.java' fails + JDK-8299128: [REDO] JDK-8213562 Test javax/swing/text/ /DefaultCaret/HidingSelection/MultiSelectionTest.java fails + JDK-8299739: HashedPasswordFileTest.java and ExceptionTest.java can fail with java.lang.NullPointerException + JDK-8299994: java/security/Policy/Root/Root.java fails when home directory is read-only + JDK-8301989: new javax.swing.text.DefaultCaret().setBlinkRate(N) results in NPE + JDK-8302111: Serialization considerations + JDK-8305853: java/text/Format/DateFormat/ /DateFormatRegression.java fails with "Uncaught exception thrown in test method Test4089106" + JDK-8306711: Improve diagnosis of `IntlTest` framework + JDK-8308341: JNI_GetCreatedJavaVMs returns a partially initialized JVM + JDK-8309171: Test vmTestbase/nsk/jvmti/scenarios/ /jni_interception/JI05/ji05t001/TestDescription.java fails after JDK-8308341 + JDK-8309231: ProblemList vmTestbase/nsk/jvmti/scenarios/ /jni_interception/JI05/ji05t001/TestDescription.java + JDK-8309740: Expand timeout windows for tests in JDK-8179502 + JDK-8309841: Jarsigner should print a warning if an entry is removed + JDK-8310234: Refactor Locale tests to use JUnit + JDK-8310629: java/security/cert/CertPathValidator/OCSP/ /OCSPTimeout.java fails with RuntimeException: Server not ready + JDK-8311306: Test com/sun/management/ThreadMXBean/ /ThreadCpuTimeArray.java failed: out of expected range + JDK-8311546: Certificate name constraints improperly validated with leading period + JDK-8311663: Additional refactoring of Locale tests to JUnit + JDK-8312416: Tests in Locale should have more descriptive names + JDK-8312518: [macos13] setFullScreenWindow() shows black screen on macOS 13 & above + JDK-8313633: [macOS] java/awt/dnd/NextDropActionTest/ /NextDropActionTest.java fails with java.lang.RuntimeException: wrong next drop action! + JDK-8313710: jcmd: typo in the documentation of JFR.start and JFR.dump + JDK-8314225: SIGSEGV in JavaThread::is_lock_owned + JDK-8314610: hotspot can't compile with the latest of gtest because of <iomanip> + JDK-8314752: Use google test string comparison macros + JDK-8314909: tools/jpackage/windows/Win8282351Test.java fails with java.lang.AssertionError: Expected [0]. Actual [1618]: + JDK-8314975: JavadocTester should set source path if not specified + JDK-8315486: vmTestbase/nsk/jdwp/ThreadReference/ /ForceEarlyReturn/forceEarlyReturn002/forceEarlyReturn002.java timed out + JDK-8315825: Open some swing tests + JDK-8315882: Open some swing tests 2 + JDK-8315883: Open source several Swing JToolbar tests + JDK-8315952: Open source several Swing JToolbar JTooltip JTree tests + JDK-8316056: Open source several Swing JTree tests + JDK-8316146: Open some swing tests 4 + JDK-8316149: Open source several Swing JTree JViewport KeyboardManager tests + JDK-8316218: Open some swing tests 5 + JDK-8316371: Open some swing tests 6 + JDK-8316559: Refactor some util/Calendar tests to JUnit + JDK-8316627: JViewport Test headless failure + JDK-8316696: Remove the testing base classes: IntlTest and CollatorTest + JDK-8317631: Refactor ChoiceFormat tests to use JUnit + JDK-8317636: Improve heap walking API tests to verify correctness of field indexes + JDK-8318442: java/net/httpclient/ManyRequests2.java fails intermittently on Linux + JDK-8319567: Update java/lang/invoke tests to support vm flags + JDK-8319568: Update java/lang/reflect/exeCallerAccessTest/ /CallerAccessTest.java to accept vm flags + JDK-8319569: Several java/util tests should be updated to accept VM flags + JDK-8319647: Few java/lang/System/LoggerFinder/modules tests ignore vm flags + JDK-8319648: java/lang/SecurityManager tests ignore vm flags + JDK-8319672: Several classloader tests ignore VM flags + JDK-8319673: Few security tests ignore VM flags + JDK-8319676: A couple of jdk/modules/incubator/ tests ignore VM flags + JDK-8319677: Test jdk/internal/misc/VM/RuntimeArguments.java should be marked as flagless + JDK-8319818: Address GCC 13.2.0 warnings (stringop-overflow and dangling-pointer) + JDK-8320372: test/jdk/sun/security/x509/DNSName/ /LeadingPeriod.java validity check failed + JDK-8320676: Manual printer tests have no Pass/Fail buttons, instructions close set 1 + JDK-8320691: Timeout handler on Windows takes 2 hours to complete + JDK-8320714: java/util/Locale/LocaleProvidersRun.java and java/util/ResourceBundle/modules/visibility/ /VisibilityTest.java timeout after passing + JDK-8320916: jdk/jfr/event/gc/stacktrace/ /TestParallelMarkSweepAllocationPendingStackTrace.java failed with "OutOfMemoryError: GC overhead limit exceeded" + JDK-8321818: vmTestbase/nsk/stress/strace/strace015.java failed with 'Cannot read the array length because "<local4>" is null' + JDK-8323196: jdk/jfr/api/consumer/filestream/TestOrdered.java failed with "Events are not ordered! Reuse = false" + JDK-8324672: Update jdk/java/time/tck/java/time/TCKInstant.java now() to be more robust + JDK-8324807: Manual printer tests have no Pass/Fail buttons, instructions close set 2 + JDK-8325024: java/security/cert/CertPathValidator/OCSP( /OCSPTimeout.java incorrect comment information + JDK-8325042: Remove unused JVMDITools test files + JDK-8325529: Remove unused imports from `ModuleGenerator` test file + JDK-8325659: Normalize Random usage by incubator vector tests + JDK-8325906: Problemlist vmTestbase/vm/mlvm/meth/stress/ /compiler/deoptimize/Test.java#id1 until JDK-8320865 is fixed + JDK-8325908: Finish removal of IntlTest and CollatorTest + JDK-8325937: runtime/handshake/HandshakeDirectTest.java causes "monitor end should be strictly below the frame pointer" assertion failure on AArch64 + JDK-8326421: Add jtreg test for large arrayCopy disjoint case. + JDK-8326525: com/sun/tools/attach/BasicTests.java does not verify AgentLoadException case + JDK-8327098: GTest needs larger combination limit + JDK-8327476: Upgrade JLine to 3.26.1 + JDK-8327505: Test com/sun/jmx/remote/ /NotificationMarshalVersions/TestSerializationMismatch.java fails + JDK-8327857: Remove applet usage from JColorChooser tests Test4222508 + JDK-8327859: Remove applet usage from JColorChooser tests Test4319113 + JDK-8327986: ASAN reports use-after-free in DirectivesParserTest.empty_object_vm + JDK-8328005: Convert java/awt/im/JTextFieldTest.java applet test to main + JDK-8328085: C2: Use after free in PhaseChaitin::Register_Allocate() + JDK-8328121: Remove applet usage from JColorChooser tests Test4759306 + JDK-8328130: Remove applet usage from JColorChooser tests Test4759934 + JDK-8328185: Convert java/awt/image/MemoryLeakTest/ /MemoryLeakTest.java applet test to main + JDK-8328227: Remove applet usage from JColorChooser tests Test4887836 + JDK-8328368: Convert java/awt/image/multiresolution/ /MultiDisplayTest/MultiDisplayTest.java applet test to main + JDK-8328370: Convert java/awt/print/Dialog/PrintApplet.java applet test to main + JDK-8328380: Remove applet usage from JColorChooser tests Test6348456 + JDK-8328387: Convert java/awt/Frame/FrameStateTest/ /FrameStateTest.html applet test to main + JDK-8328403: Remove applet usage from JColorChooser tests Test6977726 + JDK-8328553: Get rid of JApplet in test/jdk/sanity/client/lib/SwingSet2/src/DemoModule.java + JDK-8328558: Convert javax/swing/JCheckBox/8032667/ /bug8032667.java applet test to main + JDK-8328717: Convert javax/swing/JColorChooser/8065098/ /bug8065098.java applet test to main + JDK-8328719: Convert java/awt/print/PageFormat/SetOrient.html applet test to main + JDK-8328730: Convert java/awt/print/bug8023392/bug8023392.html applet test to main + JDK-8328753: Open source few Undecorated Frame tests + JDK-8328819: Remove applet usage from JFileChooser tests bug6698013 + JDK-8328827: Convert java/awt/print/PrinterJob/ /PrinterDialogsModalityTest/PrinterDialogsModalityTest.html applet test to main + JDK-8329210: Delete Redundant Printer Dialog Modality Test + JDK-8329320: Simplify awt/print/PageFormat/NullPaper.java test + JDK-8329322: Convert PageFormat/Orient.java to use PassFailJFrame + JDK-8329692: Add more details to FrameStateTest.java test instructions + JDK-8330702: Update failure handler to don't generate Error message if cores actions are empty + JDK-8331153: JFR: Improve logging of jdk/jfr/api/consumer/filestream/TestOrdered.java + JDK-8331735: UpcallLinker::on_exit races with GC when copying frame anchor + JDK-8331959: Update PKCS#11 Cryptographic Token Interface to v3.1 + JDK-8332158: [XWayland] test/jdk/java/awt/Mouse/ /EnterExitEvents/ResizingFrameTest.java + JDK-8332917: failure_handler should execute gdb "info threads" command on linux + JDK-8333360: PrintNullString.java doesn't use float arguments + JDK-8333391: Test com/sun/jdi/InterruptHangTest.java failed: Thread was never interrupted during sleep + JDK-8333403: Write a test to check various components events are triggered properly + JDK-8333427: langtools/tools/javac/newlines/NewLineTest.java is failing on Japanese Windows + JDK-8334305: Remove all code for nsk.share.Log verbose mode + JDK-8334490: Normalize string with locale invariant `toLowerCase()` + JDK-8334777: Test javax/management/remote/mandatory/notif/ /NotifReconnectDeadlockTest.java failed with NullPointerException + JDK-8335150: Test LogGeneratedClassesTest.java fails on rpmbuild mock enviroment + JDK-8335172: Add manual steps to run security/auth/callback/ /TextCallbackHandler/Password.java test + JDK-8335789: [TESTBUG] XparColor.java test fails with Error. Parse Exception: Invalid or unrecognized bugid: @ + JDK-8336012: Fix usages of jtreg-reserved properties + JDK-8336498: [macos] [build]: install-file macro may run into permission denied error + JDK-8336692: Redo fix for JDK-8284620 + JDK-8336942: Improve test coverage for class loading elements with annotations of different retentions + JDK-8337222: gc/TestDisableExplicitGC.java fails due to unexpected CodeCache GC + JDK-8337494: Clarify JarInputStream behavior + JDK-8337692: Better TLS connection support + JDK-8337826: Improve logging in OCSPTimeout and SimpleOCSPResponder to help diagnose JDK-8309754 + JDK-8337886: java/awt/Frame/MaximizeUndecoratedTest.java fails in OEL due to a slight color difference + JDK-8337951: Test sun/security/validator/samedn.sh CertificateNotYetValidException: NotBefore validation + JDK-8338100: C2: assert(!n_loop->is_member(get_loop(lca))) failed: control must not be back in the loop + JDK-8338426: Test java/nio/channels/Selector/WakeupNow.java failed + JDK-8338430: Improve compiler transformations + JDK-8338571: [TestBug] DefaultCloseOperation.java test not working as expected wrt instruction after JDK-8325851 fix + JDK-8338595: Add more linesize for MIME decoder in macro bench test Base64Decode + JDK-8338668: Test javax/swing/JFileChooser/8080628/ /bug8080628.java doesn't test for GTK L&F + JDK-8339154: Cleanups and JUnit conversion of test/jdk/java/util/zip/Available.java + JDK-8339261: Logs truncated in test javax/net/ssl/DTLS/DTLSRehandshakeTest.java + JDK-8339356: Test javax/net/ssl/SSLSocket/Tls13PacketSize.java failed with java.net.SocketException: An established connection was aborted by the software in your host machine + JDK-8339524: Clean up a few ExtendedRobot tests + JDK-8339687: Rearrange reachabilityFence()s in jdk.test.lib.util.ForceGC + JDK-8339728: [Accessibility,Windows,JAWS] Bug in the getKeyChar method of the AccessBridge class + JDK-8339810: Clean up the code in sun.tools.jar.Main to properly close resources and use ZipFile during extract + JDK-8339883: Open source several AWT/2D related tests + JDK-8339902: Open source couple TextField related tests + JDK-8339943: Frame not disposed in java/awt/dnd/DropActionChangeTest.java + JDK-8340078: Open source several 2D tests + JDK-8340116: test/jdk/sun/security/tools/jarsigner/ /PreserveRawManifestEntryAndDigest.java can fail due to regex + JDK-8340411: open source several 2D imaging tests + JDK-8340480: Bad copyright notices in changes from JDK-8339902 + JDK-8340687: Open source closed frame tests #1 + JDK-8340719: Open source AWT List tests + JDK-8340969: jdk/jfr/startupargs/TestStartDuration.java should be marked as flagless + JDK-8341037: Use standard layouts in DefaultFrameIconTest.java and MenuCrash.java + JDK-8341111: open source several AWT tests including menu shortcut tests + JDK-8341316: [macos] javax/swing/ProgressMonitor/ /ProgressMonitorEscapeKeyPress.java fails sometimes in macos + JDK-8341412: Various test failures after JDK-8334305 + JDK-8341424: GHA: Collect hs_errs from build time failures + JDK-8341453: java/awt/a11y/AccessibleJTableTest.java fails in some cases where the test tables are not visible + JDK-8341722: Fix some warnings as errors when building on Linux with toolchain clang + JDK-8341881: [REDO] java/nio/file/attribute/ /BasicFileAttributeView/CreationTime.java#tmp fails on alinux3 + JDK-8341978: Improve JButton/bug4490179.java + JDK-8341982: Simplify JButton/bug4323121.java + JDK-8342098: Write a test to compare the images + JDK-8342145: File libCreationTimeHelper.c compile fails on Alpine + JDK-8342270: Test sun/security/pkcs11/Provider/ /RequiredMechCheck.java needs write access to src tree + JDK-8342498: Add test for Allocation elimination after use as alignment reference by SuperWord + JDK-8342508: Use latch in BasicMenuUI/bug4983388.java instead of delay + JDK-8342541: Exclude List/KeyEventsTest/KeyEventsTest.java from running on macOS + JDK-8342562: Enhance Deflater operations + JDK-8342602: Remove JButton/PressedButtonRightClickTest test + JDK-8342607: Enhance register printing on x86_64 platforms + JDK-8342609: jpackage test helper function incorrectly removes a directory instead of its contents only + JDK-8342634: javax/imageio/plugins/wbmp/ /WBMPStreamTruncateTest.java creates temp file in src dir + JDK-8342635: javax/swing/JFileChooser/FileSystemView/ /WindowsDefaultIconSizeTest.java creates tmp file in src dir + JDK-8342704: GHA: Report truncation is broken after JDK-8341424 + JDK-8342811: java/net/httpclient/PlainProxyConnectionTest.java failed: Unexpected connection count: 5 + JDK-8342858: Make target mac-jdk-bundle fails on chmod command + JDK-8342988: GHA: Build JTReg in single step + JDK-8343007: Enhance Buffered Image handling + JDK-8343100: Consolidate EmptyFolderTest and EmptyFolderPackageTest jpackage tests into single java file + JDK-8343101: Rework BasicTest.testTemp test cases + JDK-8343118: [TESTBUG] java/awt/PrintJob/PrintCheckboxTest/ /PrintCheckboxManualTest.java fails with Error. Can't find HTML file PrintCheckboxManualTest.html + JDK-8343128: PassFailJFrame.java test result: Error. Bad action for script: build} + JDK-8343129: Disable unstable check of ThreadsListHandle.sanity_vm ThreadList values + JDK-8343178: Test BasicTest.java javac compile fails cannot find symbol + JDK-8343378: Exceptions in javax/management DeadLockTest.java do not cause test failure + JDK-8343491: javax/management/remote/mandatory/connection/ /DeadLockTest.java failing with NoSuchObjectException: no such object in table + JDK-8343599: Kmem limit and max values swapped when printing container information + JDK-8343724: [PPC64] Disallow OptoScheduling + JDK-8343882: BasicAnnoTests doesn't handle multiple annotations at the same position + JDK-8344581: [TESTBUG] java/awt/Robot/ /ScreenCaptureRobotTest.java failing on macOS + JDK-8344589: Update IANA Language Subtag Registry to Version 2024-11-19 + JDK-8344646: The libjsig deprecation warning should go to stderr not stdout + JDK-8345296: AArch64: VM crashes with SIGILL when prctl is disallowed + JDK-8345368: java/io/File/createTempFile/SpecialTempFile.java fails on Windows Server 2025 + JDK-8345371: Bump update version for OpenJDK: jdk-17.0.15 + JDK-8345375: Improve debuggability of test/jdk/java/net/Socket/CloseAvailable.java + JDK-8345414: Google CAInterop test failures + JDK-8345468: test/jdk/javax/swing/JScrollBar/4865918/ /bug4865918.java fails in ubuntu22.04 + JDK-8346055: javax/swing/text/StyledEditorKit/4506788/ /bug4506788.java fails in ubuntu22.04 + JDK-8346324: javax/swing/JScrollBar/4865918/bug4865918.java fails in CI + JDK-8346587: Distrust TLS server certificates anchored by Camerfirma Root CAs + JDK-8346671: java/nio/file/Files/probeContentType/Basic.java fails on Windows 2025 + JDK-8346828: javax/swing/JScrollBar/4865918/bug4865918.java still fails in CI + JDK-8346887: DrawFocusRect() may cause an assertion failure + JDK-8346908: Update JDK 17 javadoc man page + JDK-8346972: Test java/nio/channels/FileChannel/ /LoopingTruncate.java fails sometimes with IOException: There is not enough space on the disk + JDK-8347424: Fix and rewrite sun/security/x509/DNSName/LeadingPeriod.java test + JDK-8347427: JTabbedPane/8134116/Bug8134116.java has no license header + JDK-8347740: java/io/File/createTempFile/SpecialTempFile.java failing + JDK-8347847: Enhance jar file support + JDK-8347965: (tz) Update Timezone Data to 2025a + JDK-8348625: [21u, 17u] Revert JDK-8185862 to restore old java.awt.headless behavior on Windows + JDK-8348675: TrayIcon tests fail in Ubuntu 24.10 Wayland + JDK-8349603: [21u, 17u, 11u] Update GHA JDKs after Jan/25 updates + JDK-8352097: (tz) zone.tab update missed in 2025a backport + JDK-8353905: [17u] Remove designator DEFAULT_PROMOTED_VERSION_PRE=ea for release 17.0.15 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-1490=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-1490=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1490=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1490=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1490=1 * Legacy Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2025-1490=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1490=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1490=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1490=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1490=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1490=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1490=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1490=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1490=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-1490=1 ## Package List: * SUSE Manager Retail Branch Server 4.3 (x86_64) * java-17-openjdk-devel-debuginfo-17.0.15.0-150400.3.54.1 * java-17-openjdk-debugsource-17.0.15.0-150400.3.54.1 * java-17-openjdk-demo-17.0.15.0-150400.3.54.1 * java-17-openjdk-headless-debuginfo-17.0.15.0-150400.3.54.1 * java-17-openjdk-debuginfo-17.0.15.0-150400.3.54.1 * java-17-openjdk-headless-17.0.15.0-150400.3.54.1 * java-17-openjdk-17.0.15.0-150400.3.54.1 * java-17-openjdk-devel-17.0.15.0-150400.3.54.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * java-17-openjdk-devel-debuginfo-17.0.15.0-150400.3.54.1 * java-17-openjdk-debugsource-17.0.15.0-150400.3.54.1 * java-17-openjdk-demo-17.0.15.0-150400.3.54.1 * java-17-openjdk-headless-debuginfo-17.0.15.0-150400.3.54.1 * java-17-openjdk-debuginfo-17.0.15.0-150400.3.54.1 * java-17-openjdk-headless-17.0.15.0-150400.3.54.1 * java-17-openjdk-17.0.15.0-150400.3.54.1 * java-17-openjdk-devel-17.0.15.0-150400.3.54.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * java-17-openjdk-devel-debuginfo-17.0.15.0-150400.3.54.1 * java-17-openjdk-debugsource-17.0.15.0-150400.3.54.1 * java-17-openjdk-demo-17.0.15.0-150400.3.54.1 * java-17-openjdk-headless-debuginfo-17.0.15.0-150400.3.54.1 * java-17-openjdk-debuginfo-17.0.15.0-150400.3.54.1 * java-17-openjdk-jmods-17.0.15.0-150400.3.54.1 * java-17-openjdk-src-17.0.15.0-150400.3.54.1 * java-17-openjdk-headless-17.0.15.0-150400.3.54.1 * java-17-openjdk-17.0.15.0-150400.3.54.1 * java-17-openjdk-devel-17.0.15.0-150400.3.54.1 * openSUSE Leap 15.4 (noarch) * java-17-openjdk-javadoc-17.0.15.0-150400.3.54.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * java-17-openjdk-devel-debuginfo-17.0.15.0-150400.3.54.1 * java-17-openjdk-debugsource-17.0.15.0-150400.3.54.1 * java-17-openjdk-demo-17.0.15.0-150400.3.54.1 * java-17-openjdk-headless-debuginfo-17.0.15.0-150400.3.54.1 * java-17-openjdk-debuginfo-17.0.15.0-150400.3.54.1 * java-17-openjdk-jmods-17.0.15.0-150400.3.54.1 * java-17-openjdk-src-17.0.15.0-150400.3.54.1 * java-17-openjdk-headless-17.0.15.0-150400.3.54.1 * java-17-openjdk-17.0.15.0-150400.3.54.1 * java-17-openjdk-devel-17.0.15.0-150400.3.54.1 * openSUSE Leap 15.6 (noarch) * java-17-openjdk-javadoc-17.0.15.0-150400.3.54.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * java-17-openjdk-devel-debuginfo-17.0.15.0-150400.3.54.1 * java-17-openjdk-debugsource-17.0.15.0-150400.3.54.1 * java-17-openjdk-headless-debuginfo-17.0.15.0-150400.3.54.1 * java-17-openjdk-debuginfo-17.0.15.0-150400.3.54.1 * java-17-openjdk-headless-17.0.15.0-150400.3.54.1 * java-17-openjdk-17.0.15.0-150400.3.54.1 * java-17-openjdk-devel-17.0.15.0-150400.3.54.1 * Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64) * java-17-openjdk-debuginfo-17.0.15.0-150400.3.54.1 * java-17-openjdk-debugsource-17.0.15.0-150400.3.54.1 * java-17-openjdk-demo-17.0.15.0-150400.3.54.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * java-17-openjdk-devel-debuginfo-17.0.15.0-150400.3.54.1 * java-17-openjdk-debugsource-17.0.15.0-150400.3.54.1 * java-17-openjdk-demo-17.0.15.0-150400.3.54.1 * java-17-openjdk-headless-debuginfo-17.0.15.0-150400.3.54.1 * java-17-openjdk-debuginfo-17.0.15.0-150400.3.54.1 * java-17-openjdk-headless-17.0.15.0-150400.3.54.1 * java-17-openjdk-17.0.15.0-150400.3.54.1 * java-17-openjdk-devel-17.0.15.0-150400.3.54.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * java-17-openjdk-devel-debuginfo-17.0.15.0-150400.3.54.1 * java-17-openjdk-debugsource-17.0.15.0-150400.3.54.1 * java-17-openjdk-demo-17.0.15.0-150400.3.54.1 * java-17-openjdk-headless-debuginfo-17.0.15.0-150400.3.54.1 * java-17-openjdk-debuginfo-17.0.15.0-150400.3.54.1 * java-17-openjdk-headless-17.0.15.0-150400.3.54.1 * java-17-openjdk-17.0.15.0-150400.3.54.1 * java-17-openjdk-devel-17.0.15.0-150400.3.54.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * java-17-openjdk-devel-debuginfo-17.0.15.0-150400.3.54.1 * java-17-openjdk-debugsource-17.0.15.0-150400.3.54.1 * java-17-openjdk-demo-17.0.15.0-150400.3.54.1 * java-17-openjdk-headless-debuginfo-17.0.15.0-150400.3.54.1 * java-17-openjdk-debuginfo-17.0.15.0-150400.3.54.1 * java-17-openjdk-headless-17.0.15.0-150400.3.54.1 * java-17-openjdk-17.0.15.0-150400.3.54.1 * java-17-openjdk-devel-17.0.15.0-150400.3.54.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * java-17-openjdk-devel-debuginfo-17.0.15.0-150400.3.54.1 * java-17-openjdk-debugsource-17.0.15.0-150400.3.54.1 * java-17-openjdk-demo-17.0.15.0-150400.3.54.1 * java-17-openjdk-headless-debuginfo-17.0.15.0-150400.3.54.1 * java-17-openjdk-debuginfo-17.0.15.0-150400.3.54.1 * java-17-openjdk-headless-17.0.15.0-150400.3.54.1 * java-17-openjdk-17.0.15.0-150400.3.54.1 * java-17-openjdk-devel-17.0.15.0-150400.3.54.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * java-17-openjdk-devel-debuginfo-17.0.15.0-150400.3.54.1 * java-17-openjdk-debugsource-17.0.15.0-150400.3.54.1 * java-17-openjdk-demo-17.0.15.0-150400.3.54.1 * java-17-openjdk-headless-debuginfo-17.0.15.0-150400.3.54.1 * java-17-openjdk-debuginfo-17.0.15.0-150400.3.54.1 * java-17-openjdk-headless-17.0.15.0-150400.3.54.1 * java-17-openjdk-17.0.15.0-150400.3.54.1 * java-17-openjdk-devel-17.0.15.0-150400.3.54.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * java-17-openjdk-devel-debuginfo-17.0.15.0-150400.3.54.1 * java-17-openjdk-debugsource-17.0.15.0-150400.3.54.1 * java-17-openjdk-demo-17.0.15.0-150400.3.54.1 * java-17-openjdk-headless-debuginfo-17.0.15.0-150400.3.54.1 * java-17-openjdk-debuginfo-17.0.15.0-150400.3.54.1 * java-17-openjdk-headless-17.0.15.0-150400.3.54.1 * java-17-openjdk-17.0.15.0-150400.3.54.1 * java-17-openjdk-devel-17.0.15.0-150400.3.54.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * java-17-openjdk-devel-debuginfo-17.0.15.0-150400.3.54.1 * java-17-openjdk-debugsource-17.0.15.0-150400.3.54.1 * java-17-openjdk-demo-17.0.15.0-150400.3.54.1 * java-17-openjdk-headless-debuginfo-17.0.15.0-150400.3.54.1 * java-17-openjdk-debuginfo-17.0.15.0-150400.3.54.1 * java-17-openjdk-headless-17.0.15.0-150400.3.54.1 * java-17-openjdk-17.0.15.0-150400.3.54.1 * java-17-openjdk-devel-17.0.15.0-150400.3.54.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * java-17-openjdk-devel-debuginfo-17.0.15.0-150400.3.54.1 * java-17-openjdk-debugsource-17.0.15.0-150400.3.54.1 * java-17-openjdk-demo-17.0.15.0-150400.3.54.1 * java-17-openjdk-headless-debuginfo-17.0.15.0-150400.3.54.1 * java-17-openjdk-debuginfo-17.0.15.0-150400.3.54.1 * java-17-openjdk-headless-17.0.15.0-150400.3.54.1 * java-17-openjdk-17.0.15.0-150400.3.54.1 * java-17-openjdk-devel-17.0.15.0-150400.3.54.1 * SUSE Manager Proxy 4.3 (x86_64) * java-17-openjdk-devel-debuginfo-17.0.15.0-150400.3.54.1 * java-17-openjdk-debugsource-17.0.15.0-150400.3.54.1 * java-17-openjdk-demo-17.0.15.0-150400.3.54.1 * java-17-openjdk-headless-debuginfo-17.0.15.0-150400.3.54.1 * java-17-openjdk-debuginfo-17.0.15.0-150400.3.54.1 * java-17-openjdk-headless-17.0.15.0-150400.3.54.1 * java-17-openjdk-17.0.15.0-150400.3.54.1 * java-17-openjdk-devel-17.0.15.0-150400.3.54.1 ## References: * https://www.suse.com/security/cve/CVE-2025-21587.html * https://www.suse.com/security/cve/CVE-2025-30691.html * https://www.suse.com/security/cve/CVE-2025-30698.html * https://bugzilla.suse.com/show_bug.cgi?id=1241274 * https://bugzilla.suse.com/show_bug.cgi?id=1241275 * https://bugzilla.suse.com/show_bug.cgi?id=1241276 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 7 12:30:04 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 07 May 2025 12:30:04 -0000 Subject: SUSE-SU-2025:1506-1: important: Security update for MozillaThunderbird Message-ID: <174662100484.30275.11627185727560094528@smelt2.prg2.suse.org> # Security update for MozillaThunderbird Announcement ID: SUSE-SU-2025:1506-1 Release Date: 2025-05-07T12:13:22Z Rating: important References: * bsc#1241621 Cross-References: * CVE-2025-2817 * CVE-2025-4082 * CVE-2025-4083 * CVE-2025-4084 * CVE-2025-4087 * CVE-2025-4091 * CVE-2025-4093 CVSS scores: * CVE-2025-2817 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-2817 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-2817 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-4082 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-4082 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-4082 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-4083 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-4083 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-4083 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2025-4084 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-4084 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-4084 ( NVD ): 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N * CVE-2025-4087 ( SUSE ): 2.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-4087 ( SUSE ): 5.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2025-4087 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-4091 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-4091 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-4091 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-4093 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-4093 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-4093 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Workstation Extension 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves seven vulnerabilities can now be installed. ## Description: This update for MozillaThunderbird fixes the following issues: Mozilla Thunderbird ESR 128.10 update (bsc#1241621): * CVE-2025-4082: WebGL shader attribute memory corruption in Thunderbird for macOS. * CVE-2025-4087: Unsafe attribute access during XPath parsing. * CVE-2025-4093: Memory safety bug fixed in Firefox ESR 128.10 and Thunderbird. * CVE-2025-4091: Memory safety bugs fixed in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10. * CVE-2025-4083: Process isolation bypass using "javascript:" URI links in cross-origin frames. * CVE-2025-4084: Potential local code execution in "copy as cURL" command. * CVE-2025-2817: Privilege escalation in Thunderbird Updater. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Workstation Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2025-1506=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1506=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-1506=1 ## Package List: * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64) * MozillaThunderbird-debugsource-128.10.0-150200.8.212.1 * MozillaThunderbird-128.10.0-150200.8.212.1 * MozillaThunderbird-translations-common-128.10.0-150200.8.212.1 * MozillaThunderbird-debuginfo-128.10.0-150200.8.212.1 * MozillaThunderbird-translations-other-128.10.0-150200.8.212.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * MozillaThunderbird-debugsource-128.10.0-150200.8.212.1 * MozillaThunderbird-128.10.0-150200.8.212.1 * MozillaThunderbird-translations-common-128.10.0-150200.8.212.1 * MozillaThunderbird-debuginfo-128.10.0-150200.8.212.1 * MozillaThunderbird-translations-other-128.10.0-150200.8.212.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x) * MozillaThunderbird-debugsource-128.10.0-150200.8.212.1 * MozillaThunderbird-128.10.0-150200.8.212.1 * MozillaThunderbird-translations-common-128.10.0-150200.8.212.1 * MozillaThunderbird-debuginfo-128.10.0-150200.8.212.1 * MozillaThunderbird-translations-other-128.10.0-150200.8.212.1 ## References: * https://www.suse.com/security/cve/CVE-2025-2817.html * https://www.suse.com/security/cve/CVE-2025-4082.html * https://www.suse.com/security/cve/CVE-2025-4083.html * https://www.suse.com/security/cve/CVE-2025-4084.html * https://www.suse.com/security/cve/CVE-2025-4087.html * https://www.suse.com/security/cve/CVE-2025-4091.html * https://www.suse.com/security/cve/CVE-2025-4093.html * https://bugzilla.suse.com/show_bug.cgi?id=1241621 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 7 12:30:08 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 07 May 2025 12:30:08 -0000 Subject: SUSE-SU-2025:1505-1: moderate: Security update for apparmor Message-ID: <174662100884.30275.2530874418622225567@smelt2.prg2.suse.org> # Security update for apparmor Announcement ID: SUSE-SU-2025:1505-1 Release Date: 2025-05-07T12:06:44Z Rating: moderate References: * bsc#1241678 Cross-References: * CVE-2024-10041 CVSS scores: * CVE-2024-10041 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-10041 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-10041 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves one vulnerability can now be installed. ## Description: This update for apparmor fixes the following issues: * Add dac_read_search capability for unix_chkpwd to allow it to read the shadow file even if it has 000 permissions. This is needed after the CVE-2024-10041 fix in PAM. (bsc#1241678) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-1505=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1505=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1505=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1505=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1505=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-1505=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1505=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1505=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * ruby-apparmor-2.13.6-150300.3.24.1 * perl-apparmor-debuginfo-2.13.6-150300.3.24.1 * perl-apparmor-2.13.6-150300.3.24.1 * libapparmor-debugsource-2.13.6-150300.3.24.1 * libapparmor1-2.13.6-150300.3.24.1 * pam_apparmor-2.13.6-150300.3.24.1 * apache2-mod_apparmor-2.13.6-150300.3.24.1 * apparmor-debugsource-2.13.6-150300.3.24.1 * apparmor-parser-2.13.6-150300.3.24.1 * apparmor-parser-debuginfo-2.13.6-150300.3.24.1 * pam_apparmor-debuginfo-2.13.6-150300.3.24.1 * python3-apparmor-2.13.6-150300.3.24.1 * libapparmor1-debuginfo-2.13.6-150300.3.24.1 * ruby-apparmor-debuginfo-2.13.6-150300.3.24.1 * apache2-mod_apparmor-debuginfo-2.13.6-150300.3.24.1 * python3-apparmor-debuginfo-2.13.6-150300.3.24.1 * libapparmor-devel-2.13.6-150300.3.24.1 * openSUSE Leap 15.3 (noarch) * apparmor-profiles-2.13.6-150300.3.24.1 * apparmor-utils-2.13.6-150300.3.24.1 * apparmor-abstractions-2.13.6-150300.3.24.1 * apparmor-parser-lang-2.13.6-150300.3.24.1 * apparmor-docs-2.13.6-150300.3.24.1 * apparmor-utils-lang-2.13.6-150300.3.24.1 * openSUSE Leap 15.3 (x86_64) * libapparmor1-32bit-2.13.6-150300.3.24.1 * pam_apparmor-32bit-2.13.6-150300.3.24.1 * pam_apparmor-32bit-debuginfo-2.13.6-150300.3.24.1 * libapparmor1-32bit-debuginfo-2.13.6-150300.3.24.1 * openSUSE Leap 15.3 (aarch64_ilp32) * pam_apparmor-64bit-2.13.6-150300.3.24.1 * pam_apparmor-64bit-debuginfo-2.13.6-150300.3.24.1 * libapparmor1-64bit-2.13.6-150300.3.24.1 * libapparmor1-64bit-debuginfo-2.13.6-150300.3.24.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * perl-apparmor-debuginfo-2.13.6-150300.3.24.1 * perl-apparmor-2.13.6-150300.3.24.1 * libapparmor1-2.13.6-150300.3.24.1 * pam_apparmor-2.13.6-150300.3.24.1 * apache2-mod_apparmor-2.13.6-150300.3.24.1 * apparmor-debugsource-2.13.6-150300.3.24.1 * apparmor-parser-2.13.6-150300.3.24.1 * apparmor-parser-debuginfo-2.13.6-150300.3.24.1 * libapparmor1-debuginfo-2.13.6-150300.3.24.1 * pam_apparmor-debuginfo-2.13.6-150300.3.24.1 * python3-apparmor-2.13.6-150300.3.24.1 * libapparmor-debugsource-2.13.6-150300.3.24.1 * apache2-mod_apparmor-debuginfo-2.13.6-150300.3.24.1 * python3-apparmor-debuginfo-2.13.6-150300.3.24.1 * libapparmor-devel-2.13.6-150300.3.24.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * apparmor-profiles-2.13.6-150300.3.24.1 * apparmor-utils-2.13.6-150300.3.24.1 * apparmor-abstractions-2.13.6-150300.3.24.1 * apparmor-parser-lang-2.13.6-150300.3.24.1 * apparmor-docs-2.13.6-150300.3.24.1 * apparmor-utils-lang-2.13.6-150300.3.24.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64) * pam_apparmor-32bit-debuginfo-2.13.6-150300.3.24.1 * pam_apparmor-32bit-2.13.6-150300.3.24.1 * libapparmor1-32bit-2.13.6-150300.3.24.1 * libapparmor1-32bit-debuginfo-2.13.6-150300.3.24.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * perl-apparmor-debuginfo-2.13.6-150300.3.24.1 * perl-apparmor-2.13.6-150300.3.24.1 * libapparmor1-2.13.6-150300.3.24.1 * pam_apparmor-2.13.6-150300.3.24.1 * apache2-mod_apparmor-2.13.6-150300.3.24.1 * apparmor-debugsource-2.13.6-150300.3.24.1 * apparmor-parser-2.13.6-150300.3.24.1 * apparmor-parser-debuginfo-2.13.6-150300.3.24.1 * libapparmor1-debuginfo-2.13.6-150300.3.24.1 * pam_apparmor-debuginfo-2.13.6-150300.3.24.1 * python3-apparmor-2.13.6-150300.3.24.1 * libapparmor-debugsource-2.13.6-150300.3.24.1 * apache2-mod_apparmor-debuginfo-2.13.6-150300.3.24.1 * python3-apparmor-debuginfo-2.13.6-150300.3.24.1 * libapparmor-devel-2.13.6-150300.3.24.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * apparmor-profiles-2.13.6-150300.3.24.1 * apparmor-utils-2.13.6-150300.3.24.1 * apparmor-abstractions-2.13.6-150300.3.24.1 * apparmor-parser-lang-2.13.6-150300.3.24.1 * apparmor-docs-2.13.6-150300.3.24.1 * apparmor-utils-lang-2.13.6-150300.3.24.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (x86_64) * pam_apparmor-32bit-debuginfo-2.13.6-150300.3.24.1 * pam_apparmor-32bit-2.13.6-150300.3.24.1 * libapparmor1-32bit-2.13.6-150300.3.24.1 * libapparmor1-32bit-debuginfo-2.13.6-150300.3.24.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * perl-apparmor-debuginfo-2.13.6-150300.3.24.1 * perl-apparmor-2.13.6-150300.3.24.1 * libapparmor1-2.13.6-150300.3.24.1 * pam_apparmor-2.13.6-150300.3.24.1 * apache2-mod_apparmor-2.13.6-150300.3.24.1 * apparmor-debugsource-2.13.6-150300.3.24.1 * apparmor-parser-2.13.6-150300.3.24.1 * apparmor-parser-debuginfo-2.13.6-150300.3.24.1 * libapparmor1-debuginfo-2.13.6-150300.3.24.1 * pam_apparmor-debuginfo-2.13.6-150300.3.24.1 * python3-apparmor-2.13.6-150300.3.24.1 * libapparmor-debugsource-2.13.6-150300.3.24.1 * apache2-mod_apparmor-debuginfo-2.13.6-150300.3.24.1 * python3-apparmor-debuginfo-2.13.6-150300.3.24.1 * libapparmor-devel-2.13.6-150300.3.24.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * apparmor-profiles-2.13.6-150300.3.24.1 * apparmor-utils-2.13.6-150300.3.24.1 * apparmor-abstractions-2.13.6-150300.3.24.1 * apparmor-parser-lang-2.13.6-150300.3.24.1 * apparmor-docs-2.13.6-150300.3.24.1 * apparmor-utils-lang-2.13.6-150300.3.24.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * pam_apparmor-32bit-debuginfo-2.13.6-150300.3.24.1 * pam_apparmor-32bit-2.13.6-150300.3.24.1 * libapparmor1-32bit-2.13.6-150300.3.24.1 * libapparmor1-32bit-debuginfo-2.13.6-150300.3.24.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * perl-apparmor-debuginfo-2.13.6-150300.3.24.1 * perl-apparmor-2.13.6-150300.3.24.1 * libapparmor1-2.13.6-150300.3.24.1 * pam_apparmor-2.13.6-150300.3.24.1 * apache2-mod_apparmor-2.13.6-150300.3.24.1 * apparmor-debugsource-2.13.6-150300.3.24.1 * apparmor-parser-2.13.6-150300.3.24.1 * apparmor-parser-debuginfo-2.13.6-150300.3.24.1 * libapparmor1-debuginfo-2.13.6-150300.3.24.1 * pam_apparmor-debuginfo-2.13.6-150300.3.24.1 * python3-apparmor-2.13.6-150300.3.24.1 * libapparmor-debugsource-2.13.6-150300.3.24.1 * apache2-mod_apparmor-debuginfo-2.13.6-150300.3.24.1 * python3-apparmor-debuginfo-2.13.6-150300.3.24.1 * libapparmor-devel-2.13.6-150300.3.24.1 * SUSE Enterprise Storage 7.1 (noarch) * apparmor-profiles-2.13.6-150300.3.24.1 * apparmor-utils-2.13.6-150300.3.24.1 * apparmor-abstractions-2.13.6-150300.3.24.1 * apparmor-parser-lang-2.13.6-150300.3.24.1 * apparmor-docs-2.13.6-150300.3.24.1 * apparmor-utils-lang-2.13.6-150300.3.24.1 * SUSE Enterprise Storage 7.1 (x86_64) * pam_apparmor-32bit-debuginfo-2.13.6-150300.3.24.1 * pam_apparmor-32bit-2.13.6-150300.3.24.1 * libapparmor1-32bit-2.13.6-150300.3.24.1 * libapparmor1-32bit-debuginfo-2.13.6-150300.3.24.1 * SUSE Linux Enterprise Micro 5.1 (noarch) * apparmor-abstractions-2.13.6-150300.3.24.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * pam_apparmor-2.13.6-150300.3.24.1 * apparmor-parser-debuginfo-2.13.6-150300.3.24.1 * apparmor-debugsource-2.13.6-150300.3.24.1 * apparmor-parser-2.13.6-150300.3.24.1 * libapparmor1-debuginfo-2.13.6-150300.3.24.1 * pam_apparmor-debuginfo-2.13.6-150300.3.24.1 * libapparmor-debugsource-2.13.6-150300.3.24.1 * libapparmor1-2.13.6-150300.3.24.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * pam_apparmor-2.13.6-150300.3.24.1 * apparmor-parser-debuginfo-2.13.6-150300.3.24.1 * apparmor-debugsource-2.13.6-150300.3.24.1 * apparmor-parser-2.13.6-150300.3.24.1 * libapparmor1-debuginfo-2.13.6-150300.3.24.1 * pam_apparmor-debuginfo-2.13.6-150300.3.24.1 * libapparmor-debugsource-2.13.6-150300.3.24.1 * libapparmor1-2.13.6-150300.3.24.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * pam_apparmor-2.13.6-150300.3.24.1 * apparmor-parser-debuginfo-2.13.6-150300.3.24.1 * apparmor-debugsource-2.13.6-150300.3.24.1 * apparmor-parser-2.13.6-150300.3.24.1 * libapparmor1-debuginfo-2.13.6-150300.3.24.1 * pam_apparmor-debuginfo-2.13.6-150300.3.24.1 * libapparmor-debugsource-2.13.6-150300.3.24.1 * libapparmor1-2.13.6-150300.3.24.1 ## References: * https://www.suse.com/security/cve/CVE-2024-10041.html * https://bugzilla.suse.com/show_bug.cgi?id=1241678 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 7 12:30:22 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 07 May 2025 12:30:22 -0000 Subject: SUSE-SU-2025:1504-1: important: Security update for libsoup Message-ID: <174662102209.30275.16505018082125156754@smelt2.prg2.suse.org> # Security update for libsoup Announcement ID: SUSE-SU-2025:1504-1 Release Date: 2025-05-07T12:06:19Z Rating: important References: * bsc#1240750 * bsc#1240752 * bsc#1240754 * bsc#1240756 * bsc#1240757 * bsc#1241162 * bsc#1241164 * bsc#1241214 * bsc#1241222 * bsc#1241223 * bsc#1241226 * bsc#1241238 * bsc#1241252 * bsc#1241263 * bsc#1241686 * bsc#1241688 Cross-References: * CVE-2025-2784 * CVE-2025-32050 * CVE-2025-32051 * CVE-2025-32052 * CVE-2025-32053 * CVE-2025-32906 * CVE-2025-32907 * CVE-2025-32908 * CVE-2025-32909 * CVE-2025-32910 * CVE-2025-32911 * CVE-2025-32912 * CVE-2025-32913 * CVE-2025-32914 * CVE-2025-46420 * CVE-2025-46421 CVSS scores: * CVE-2025-2784 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-2784 ( SUSE ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2025-2784 ( NVD ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2025-32050 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-32050 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32050 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32051 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-32051 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32051 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32052 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-32052 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2025-32052 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2025-32053 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-32053 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2025-32053 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2025-32906 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2025-32906 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32907 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-32907 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32907 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-32908 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-32908 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32908 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32909 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-32909 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2025-32909 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-32910 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-32910 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-32910 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-32911 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-32911 ( NVD ): 9.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H * CVE-2025-32912 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-32912 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-32913 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32913 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32914 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-32914 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2025-46420 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-46420 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-46420 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-46421 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N * CVE-2025-46421 ( NVD ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves 16 vulnerabilities can now be installed. ## Description: This update for libsoup fixes the following issues: * CVE-2025-2784: Fixed heap buffer over-read in `skip_insignificant_space` when sniffing conten (bsc#1240750) * CVE-2025-32050: Fixed integer overflow in append_param_quoted (bsc#1240752) * CVE-2025-32051: Fixed segmentation fault when parsing malformed data URI (bsc#1240754) * CVE-2025-32052: Fixed heap buffer overflow in sniff_unknown() (bsc#1240756) * CVE-2025-32053: Fixed heap buffer overflows in sniff_feed_or_html() and skip_insignificant_space() (bsc#1240757) * CVE-2025-32906: Fixed out of bounds reads in soup_headers_parse_request() (bsc#1241263) * CVE-2025-32907: Fixed excessive memory consumption in server when client requests a large amount of overlapping ranges in a single HTTP request (bsc#1241222) * CVE-2025-32908: Fixed HTTP request may lead to server crash due to HTTP/2 server not fully validating the values of pseudo-headers (bsc#1241223) * CVE-2025-32909: Fixed NULL pointer dereference in the sniff_mp4 function in soup-content-sniffer.c (bsc#1241226) * CVE-2025-32910: Fixed NULL pointer deference on client when server omits the realm parameter in an Unauthorized response with Digest authentication (bsc#1241252) * CVE-2025-32911: Fixed double free on soup_message_headers_get_content_disposition() via "params" (bsc#1241238) * CVE-2025-32912: Fixed NULL pointer dereference in SoupAuthDigest (bsc#1241214) * CVE-2025-32913: Fixed NULL pointer dereference in soup_message_headers_get_content_disposition (bsc#1241162) * CVE-2025-32914: Fixed out of bounds read in `soup_multipart_new_from_message()` (bsc#1241164) * CVE-2025-46420: Fixed memory leak on soup_header_parse_quality_list() via soup-headers.c (bsc#1241686) * CVE-2025-46421: Fixed HTTP Authorization Header leak via an HTTP redirect (bsc#1241688) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1504=1 openSUSE-SLE-15.6-2025-1504=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1504=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libsoup-debugsource-3.4.4-150600.3.7.1 * libsoup-3_0-0-debuginfo-3.4.4-150600.3.7.1 * libsoup-devel-3.4.4-150600.3.7.1 * typelib-1_0-Soup-3_0-3.4.4-150600.3.7.1 * libsoup-3_0-0-3.4.4-150600.3.7.1 * openSUSE Leap 15.6 (x86_64) * libsoup-3_0-0-32bit-3.4.4-150600.3.7.1 * libsoup-devel-32bit-3.4.4-150600.3.7.1 * libsoup-3_0-0-32bit-debuginfo-3.4.4-150600.3.7.1 * openSUSE Leap 15.6 (noarch) * libsoup-lang-3.4.4-150600.3.7.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libsoup-3_0-0-64bit-3.4.4-150600.3.7.1 * libsoup-devel-64bit-3.4.4-150600.3.7.1 * libsoup-3_0-0-64bit-debuginfo-3.4.4-150600.3.7.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libsoup-debugsource-3.4.4-150600.3.7.1 * libsoup-3_0-0-debuginfo-3.4.4-150600.3.7.1 * libsoup-devel-3.4.4-150600.3.7.1 * typelib-1_0-Soup-3_0-3.4.4-150600.3.7.1 * libsoup-3_0-0-3.4.4-150600.3.7.1 * Basesystem Module 15-SP6 (noarch) * libsoup-lang-3.4.4-150600.3.7.1 ## References: * https://www.suse.com/security/cve/CVE-2025-2784.html * https://www.suse.com/security/cve/CVE-2025-32050.html * https://www.suse.com/security/cve/CVE-2025-32051.html * https://www.suse.com/security/cve/CVE-2025-32052.html * https://www.suse.com/security/cve/CVE-2025-32053.html * https://www.suse.com/security/cve/CVE-2025-32906.html * https://www.suse.com/security/cve/CVE-2025-32907.html * https://www.suse.com/security/cve/CVE-2025-32908.html * https://www.suse.com/security/cve/CVE-2025-32909.html * https://www.suse.com/security/cve/CVE-2025-32910.html * https://www.suse.com/security/cve/CVE-2025-32911.html * https://www.suse.com/security/cve/CVE-2025-32912.html * https://www.suse.com/security/cve/CVE-2025-32913.html * https://www.suse.com/security/cve/CVE-2025-32914.html * https://www.suse.com/security/cve/CVE-2025-46420.html * https://www.suse.com/security/cve/CVE-2025-46421.html * https://bugzilla.suse.com/show_bug.cgi?id=1240750 * https://bugzilla.suse.com/show_bug.cgi?id=1240752 * https://bugzilla.suse.com/show_bug.cgi?id=1240754 * https://bugzilla.suse.com/show_bug.cgi?id=1240756 * https://bugzilla.suse.com/show_bug.cgi?id=1240757 * https://bugzilla.suse.com/show_bug.cgi?id=1241162 * https://bugzilla.suse.com/show_bug.cgi?id=1241164 * https://bugzilla.suse.com/show_bug.cgi?id=1241214 * https://bugzilla.suse.com/show_bug.cgi?id=1241222 * https://bugzilla.suse.com/show_bug.cgi?id=1241223 * https://bugzilla.suse.com/show_bug.cgi?id=1241226 * https://bugzilla.suse.com/show_bug.cgi?id=1241238 * https://bugzilla.suse.com/show_bug.cgi?id=1241252 * https://bugzilla.suse.com/show_bug.cgi?id=1241263 * https://bugzilla.suse.com/show_bug.cgi?id=1241686 * https://bugzilla.suse.com/show_bug.cgi?id=1241688 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 7 12:30:29 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 07 May 2025 12:30:29 -0000 Subject: SUSE-SU-2025:1503-1: important: Security update for libsoup2 Message-ID: <174662102972.30275.7658466727685152166@smelt2.prg2.suse.org> # Security update for libsoup2 Announcement ID: SUSE-SU-2025:1503-1 Release Date: 2025-05-07T12:06:08Z Rating: important References: * bsc#1240750 * bsc#1240752 * bsc#1240756 * bsc#1240757 * bsc#1241164 * bsc#1241222 * bsc#1241686 * bsc#1241688 Cross-References: * CVE-2025-2784 * CVE-2025-32050 * CVE-2025-32052 * CVE-2025-32053 * CVE-2025-32907 * CVE-2025-32914 * CVE-2025-46420 * CVE-2025-46421 CVSS scores: * CVE-2025-2784 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-2784 ( SUSE ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2025-2784 ( NVD ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2025-32050 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-32050 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32050 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32052 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-32052 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2025-32052 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2025-32053 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-32053 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2025-32053 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2025-32907 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-32907 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32907 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-32914 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-32914 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2025-46420 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-46420 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-46420 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-46421 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N * CVE-2025-46421 ( NVD ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves eight vulnerabilities can now be installed. ## Description: This update for libsoup2 fixes the following issues: * CVE-2025-2784: Fixed heap buffer over-read in `skip_insignificant_space` when sniffing conten (bsc#1240750) * CVE-2025-32050: Fixed integer overflow in append_param_quoted (bsc#1240752) * CVE-2025-32052: Fixed heap buffer overflow in sniff_unknown() (bsc#1240756) * CVE-2025-32053: Fixed heap buffer overflows in sniff_feed_or_html() and skip_insignificant_space() (bsc#1240757) * CVE-2025-32907: Fixed excessive memory consumption in server when client requests a large amount of overlapping ranges in a single HTTP request (bsc#1241222) * CVE-2025-32914: Fixed out of bounds read in `soup_multipart_new_from_message()` (bsc#1241164) * CVE-2025-46420: Fixed memory leak on soup_header_parse_quality_list() via soup-headers.c (bsc#1241686) * CVE-2025-46421: Fixed HTTP Authorization Header leak via an HTTP redirect (bsc#1241688) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1503=1 openSUSE-SLE-15.6-2025-1503=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1503=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * typelib-1_0-Soup-2_4-2.74.3-150600.4.6.1 * libsoup-2_4-1-2.74.3-150600.4.6.1 * libsoup2-devel-2.74.3-150600.4.6.1 * libsoup2-debugsource-2.74.3-150600.4.6.1 * libsoup-2_4-1-debuginfo-2.74.3-150600.4.6.1 * openSUSE Leap 15.6 (x86_64) * libsoup-2_4-1-32bit-debuginfo-2.74.3-150600.4.6.1 * libsoup2-devel-32bit-2.74.3-150600.4.6.1 * libsoup-2_4-1-32bit-2.74.3-150600.4.6.1 * openSUSE Leap 15.6 (noarch) * libsoup2-lang-2.74.3-150600.4.6.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libsoup-2_4-1-64bit-2.74.3-150600.4.6.1 * libsoup-2_4-1-64bit-debuginfo-2.74.3-150600.4.6.1 * libsoup2-devel-64bit-2.74.3-150600.4.6.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * typelib-1_0-Soup-2_4-2.74.3-150600.4.6.1 * libsoup-2_4-1-2.74.3-150600.4.6.1 * libsoup2-devel-2.74.3-150600.4.6.1 * libsoup2-debugsource-2.74.3-150600.4.6.1 * libsoup-2_4-1-debuginfo-2.74.3-150600.4.6.1 * Basesystem Module 15-SP6 (noarch) * libsoup2-lang-2.74.3-150600.4.6.1 ## References: * https://www.suse.com/security/cve/CVE-2025-2784.html * https://www.suse.com/security/cve/CVE-2025-32050.html * https://www.suse.com/security/cve/CVE-2025-32052.html * https://www.suse.com/security/cve/CVE-2025-32053.html * https://www.suse.com/security/cve/CVE-2025-32907.html * https://www.suse.com/security/cve/CVE-2025-32914.html * https://www.suse.com/security/cve/CVE-2025-46420.html * https://www.suse.com/security/cve/CVE-2025-46421.html * https://bugzilla.suse.com/show_bug.cgi?id=1240750 * https://bugzilla.suse.com/show_bug.cgi?id=1240752 * https://bugzilla.suse.com/show_bug.cgi?id=1240756 * https://bugzilla.suse.com/show_bug.cgi?id=1240757 * https://bugzilla.suse.com/show_bug.cgi?id=1241164 * https://bugzilla.suse.com/show_bug.cgi?id=1241222 * https://bugzilla.suse.com/show_bug.cgi?id=1241686 * https://bugzilla.suse.com/show_bug.cgi?id=1241688 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 7 12:30:34 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 07 May 2025 12:30:34 -0000 Subject: SUSE-SU-2025:1468-1: important: Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP6) Message-ID: <174662103479.30275.16362954825722208647@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:1468-1 Release Date: 2025-05-06T09:06:58Z Rating: important References: * bsc#1233677 * bsc#1235008 * bsc#1235431 * bsc#1240840 Cross-References: * CVE-2024-53082 * CVE-2024-53237 * CVE-2024-56650 * CVE-2024-8805 CVSS scores: * CVE-2024-53082 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53082 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53237 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53237 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53237 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53237 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56650 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56650 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56650 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-8805 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8805 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8805 ( NVD ): 8.8 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_23_25 fixes several issues. The following security issues were fixed: * CVE-2024-53237: Bluetooth: fix use-after-free in device_for_each_child() (bsc#1235008). * CVE-2024-53082: virtio_net: Add hash_key_length check (bsc#1233677). * CVE-2024-8805: Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE (bsc#1240840). * CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check() (bsc#1235431). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-1473=1 SUSE-SLE- Module-Live-Patching-15-SP6-2025-1468=1 SUSE-SLE-Module-Live- Patching-15-SP6-2025-1469=1 SUSE-SLE-Module-Live-Patching-15-SP6-2025-1470=1 SUSE-SLE-Module-Live-Patching-15-SP6-2025-1471=1 SUSE-SLE-Module-Live- Patching-15-SP6-2025-1472=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1468=1 SUSE-2025-1469=1 SUSE-2025-1470=1 SUSE-2025-1471=1 SUSE-2025-1472=1 SUSE-2025-1473=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP6_Update_2-debugsource-13-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_5-debugsource-8-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_0-debugsource-15-150600.4.37.1 * kernel-livepatch-6_4_0-150600_21-default-debuginfo-15-150600.4.37.1 * kernel-livepatch-6_4_0-150600_23_7-default-13-150600.2.1 * kernel-livepatch-6_4_0-150600_23_14-default-13-150600.2.1 * kernel-livepatch-6_4_0-150600_23_22-default-debuginfo-9-150600.2.1 * kernel-livepatch-6_4_0-150600_23_25-default-debuginfo-8-150600.2.1 * kernel-livepatch-6_4_0-150600_23_17-default-13-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_3-debugsource-13-150600.2.1 * kernel-livepatch-6_4_0-150600_23_14-default-debuginfo-13-150600.2.1 * kernel-livepatch-6_4_0-150600_21-default-15-150600.4.37.1 * kernel-livepatch-SLE15-SP6_Update_4-debugsource-9-150600.2.1 * kernel-livepatch-6_4_0-150600_23_17-default-debuginfo-13-150600.2.1 * kernel-livepatch-6_4_0-150600_23_7-default-debuginfo-13-150600.2.1 * kernel-livepatch-6_4_0-150600_23_22-default-9-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_1-debugsource-13-150600.2.1 * kernel-livepatch-6_4_0-150600_23_25-default-8-150600.2.1 * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP6_Update_2-debugsource-13-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_0-debugsource-15-150600.4.37.1 * kernel-livepatch-6_4_0-150600_23_7-default-13-150600.2.1 * kernel-livepatch-6_4_0-150600_21-default-debuginfo-15-150600.4.37.1 * kernel-livepatch-6_4_0-150600_23_14-default-13-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_5-debugsource-8-150600.2.1 * kernel-livepatch-6_4_0-150600_23_17-default-13-150600.2.1 * kernel-livepatch-6_4_0-150600_23_25-default-debuginfo-8-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_3-debugsource-13-150600.2.1 * kernel-livepatch-6_4_0-150600_23_14-default-debuginfo-13-150600.2.1 * kernel-livepatch-6_4_0-150600_21-default-15-150600.4.37.1 * kernel-livepatch-SLE15-SP6_Update_4-debugsource-9-150600.2.1 * kernel-livepatch-6_4_0-150600_23_17-default-debuginfo-13-150600.2.1 * kernel-livepatch-6_4_0-150600_23_25-default-8-150600.2.1 * kernel-livepatch-6_4_0-150600_23_7-default-debuginfo-13-150600.2.1 * kernel-livepatch-6_4_0-150600_23_22-default-9-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_1-debugsource-13-150600.2.1 * kernel-livepatch-6_4_0-150600_23_22-default-debuginfo-9-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-53082.html * https://www.suse.com/security/cve/CVE-2024-53237.html * https://www.suse.com/security/cve/CVE-2024-56650.html * https://www.suse.com/security/cve/CVE-2024-8805.html * https://bugzilla.suse.com/show_bug.cgi?id=1233677 * https://bugzilla.suse.com/show_bug.cgi?id=1235008 * https://bugzilla.suse.com/show_bug.cgi?id=1235431 * https://bugzilla.suse.com/show_bug.cgi?id=1240840 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 7 12:30:37 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 07 May 2025 12:30:37 -0000 Subject: SUSE-SU-2025:1467-1: important: Security update for the Linux Kernel (Live Patch 21 for SLE 15 SP5) Message-ID: <174662103755.30275.1556923131540897151@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 21 for SLE 15 SP5) Announcement ID: SUSE-SU-2025:1467-1 Release Date: 2025-05-06T15:06:15Z Rating: important References: * bsc#1235431 Cross-References: * CVE-2024-56650 CVSS scores: * CVE-2024-56650 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56650 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56650 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_88 fixes one issue. The following security issue was fixed: * CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check() (bsc#1235431). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-1467=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-1467=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-1493=1 SUSE-2025-1485=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-1493=1 SUSE-SLE- Module-Live-Patching-15-SP5-2025-1485=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1475=1 SUSE-2025-1474=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-1474=1 SUSE-SLE- Module-Live-Patching-15-SP6-2025-1475=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP3_Update_51-debugsource-4-150300.2.1 * kernel-livepatch-5_3_18-150300_59_185-default-debuginfo-4-150300.2.1 * kernel-livepatch-5_3_18-150300_59_185-default-4-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_185-preempt-4-150300.2.1 * kernel-livepatch-5_3_18-150300_59_185-preempt-debuginfo-4-150300.2.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_185-default-4-150300.2.1 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_22-debugsource-4-150500.2.1 * kernel-livepatch-5_14_21-150500_55_88-default-4-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_21-debugsource-4-150500.2.1 * kernel-livepatch-5_14_21-150500_55_88-default-debuginfo-4-150500.2.1 * kernel-livepatch-5_14_21-150500_55_91-default-debuginfo-4-150500.2.1 * kernel-livepatch-5_14_21-150500_55_91-default-4-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_22-debugsource-4-150500.2.1 * kernel-livepatch-5_14_21-150500_55_88-default-4-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_21-debugsource-4-150500.2.1 * kernel-livepatch-5_14_21-150500_55_88-default-debuginfo-4-150500.2.1 * kernel-livepatch-5_14_21-150500_55_91-default-debuginfo-4-150500.2.1 * kernel-livepatch-5_14_21-150500_55_91-default-4-150500.2.1 * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_33-default-5-150600.2.1 * kernel-livepatch-6_4_0-150600_23_30-default-debuginfo-5-150600.2.1 * kernel-livepatch-6_4_0-150600_23_30-default-5-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_6-debugsource-5-150600.2.1 * kernel-livepatch-6_4_0-150600_23_33-default-debuginfo-5-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_7-debugsource-5-150600.2.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_33-default-5-150600.2.1 * kernel-livepatch-6_4_0-150600_23_30-default-debuginfo-5-150600.2.1 * kernel-livepatch-6_4_0-150600_23_30-default-5-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_6-debugsource-5-150600.2.1 * kernel-livepatch-6_4_0-150600_23_33-default-debuginfo-5-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_7-debugsource-5-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-56650.html * https://bugzilla.suse.com/show_bug.cgi?id=1235431 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 7 12:30:42 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 07 May 2025 12:30:42 -0000 Subject: SUSE-SU-2025:1463-1: important: Security update for the Linux Kernel (Live Patch 49 for SLE 15 SP3) Message-ID: <174662104220.30275.3334102882030052156@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 49 for SLE 15 SP3) Announcement ID: SUSE-SU-2025:1463-1 Release Date: 2025-05-06T14:35:55Z Rating: important References: * bsc#1233294 * bsc#1235431 Cross-References: * CVE-2024-50205 * CVE-2024-56650 CVSS scores: * CVE-2024-50205 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50205 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-50205 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56650 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56650 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56650 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_179 fixes several issues. The following security issues were fixed: * CVE-2024-50205: ALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size() (bsc#1233294). * CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check() (bsc#1235431). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-1491=1 SUSE-2025-1463=1 SUSE-2025-1458=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-1458=1 SUSE-SLE- Module-Live-Patching-15-SP3-2025-1491=1 SUSE-SLE-Module-Live- Patching-15-SP3-2025-1463=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_174-default-debuginfo-9-150300.2.1 * kernel-livepatch-5_3_18-150300_59_174-default-9-150300.2.1 * kernel-livepatch-5_3_18-150300_59_170-default-10-150300.2.1 * kernel-livepatch-5_3_18-150300_59_179-default-8-150300.2.1 * kernel-livepatch-5_3_18-150300_59_170-default-debuginfo-10-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_48-debugsource-9-150300.2.1 * kernel-livepatch-5_3_18-150300_59_179-default-debuginfo-8-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_49-debugsource-8-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_47-debugsource-10-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_174-preempt-9-150300.2.1 * kernel-livepatch-5_3_18-150300_59_170-preempt-debuginfo-10-150300.2.1 * kernel-livepatch-5_3_18-150300_59_179-preempt-8-150300.2.1 * kernel-livepatch-5_3_18-150300_59_179-preempt-debuginfo-8-150300.2.1 * kernel-livepatch-5_3_18-150300_59_170-preempt-10-150300.2.1 * kernel-livepatch-5_3_18-150300_59_174-preempt-debuginfo-9-150300.2.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_174-default-9-150300.2.1 * kernel-livepatch-5_3_18-150300_59_179-default-8-150300.2.1 * kernel-livepatch-5_3_18-150300_59_170-default-10-150300.2.1 * kernel-livepatch-5_3_18-150300_59_170-default-debuginfo-10-150300.2.1 * kernel-livepatch-5_3_18-150300_59_179-default-debuginfo-8-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_49-debugsource-8-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_47-debugsource-10-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-50205.html * https://www.suse.com/security/cve/CVE-2024-56650.html * https://bugzilla.suse.com/show_bug.cgi?id=1233294 * https://bugzilla.suse.com/show_bug.cgi?id=1235431 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 7 12:30:46 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 07 May 2025 12:30:46 -0000 Subject: SUSE-SU-2025:1454-1: important: Security update for the Linux Kernel (Live Patch 20 for SLE 15 SP5) Message-ID: <174662104617.30275.9488129655315968958@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 20 for SLE 15 SP5) Announcement ID: SUSE-SU-2025:1454-1 Release Date: 2025-05-06T09:44:33Z Rating: important References: * bsc#1233294 * bsc#1235431 * bsc#1240840 Cross-References: * CVE-2024-50205 * CVE-2024-56650 * CVE-2024-8805 CVSS scores: * CVE-2024-50205 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50205 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-50205 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56650 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56650 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56650 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-8805 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8805 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8805 ( NVD ): 8.8 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_83 fixes several issues. The following security issues were fixed: * CVE-2024-8805: Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE (bsc#1240840). * CVE-2024-50205: ALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size() (bsc#1233294). * CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check() (bsc#1235431). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-1482=1 SUSE-SLE- Module-Live-Patching-15-SP5-2025-1483=1 SUSE-SLE-Module-Live- Patching-15-SP5-2025-1484=1 SUSE-SLE-Module-Live-Patching-15-SP5-2025-1478=1 SUSE-SLE-Module-Live-Patching-15-SP5-2025-1479=1 SUSE-SLE-Module-Live- Patching-15-SP5-2025-1480=1 SUSE-SLE-Module-Live-Patching-15-SP5-2025-1481=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-1483=1 SUSE-2025-1484=1 SUSE-2025-1478=1 SUSE-2025-1479=1 SUSE-2025-1480=1 SUSE-2025-1481=1 SUSE-2025-1482=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1454=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-1454=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_12-debugsource-17-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_19-debugsource-7-150500.2.1 * kernel-livepatch-5_14_21-150500_55_65-default-15-150500.2.1 * kernel-livepatch-5_14_21-150500_55_65-default-debuginfo-15-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_13-debugsource-15-150500.2.1 * kernel-livepatch-5_14_21-150500_55_73-default-debuginfo-9-150500.2.1 * kernel-livepatch-5_14_21-150500_55_80-default-7-150500.2.1 * kernel-livepatch-5_14_21-150500_55_62-default-debuginfo-15-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_15-debugsource-14-150500.2.1 * kernel-livepatch-5_14_21-150500_55_83-default-debuginfo-7-150500.2.1 * kernel-livepatch-5_14_21-150500_55_62-default-15-150500.2.1 * kernel-livepatch-5_14_21-150500_55_83-default-7-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_20-debugsource-7-150500.2.1 * kernel-livepatch-5_14_21-150500_55_68-default-14-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_14-debugsource-15-150500.2.1 * kernel-livepatch-5_14_21-150500_55_73-default-9-150500.2.1 * kernel-livepatch-5_14_21-150500_55_68-default-debuginfo-14-150500.2.1 * kernel-livepatch-5_14_21-150500_55_59-default-17-150500.2.1 * kernel-livepatch-5_14_21-150500_55_59-default-debuginfo-17-150500.2.1 * kernel-livepatch-5_14_21-150500_55_80-default-debuginfo-7-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le x86_64) * kernel-livepatch-SLE15-SP5_Update_17-debugsource-9-150500.2.1 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_17-debugsource-9-150500.2.1 * kernel-livepatch-5_14_21-150500_55_80-default-7-150500.2.1 * kernel-livepatch-5_14_21-150500_55_62-default-debuginfo-15-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_15-debugsource-14-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_14-debugsource-15-150500.2.1 * kernel-livepatch-5_14_21-150500_55_80-default-debuginfo-7-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_12-debugsource-17-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_19-debugsource-7-150500.2.1 * kernel-livepatch-5_14_21-150500_55_83-default-7-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_13-debugsource-15-150500.2.1 * kernel-livepatch-5_14_21-150500_55_73-default-debuginfo-9-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_20-debugsource-7-150500.2.1 * kernel-livepatch-5_14_21-150500_55_68-default-debuginfo-14-150500.2.1 * kernel-livepatch-5_14_21-150500_55_73-default-9-150500.2.1 * kernel-livepatch-5_14_21-150500_55_59-default-17-150500.2.1 * kernel-livepatch-5_14_21-150500_55_59-default-debuginfo-17-150500.2.1 * kernel-livepatch-5_14_21-150500_55_65-default-15-150500.2.1 * kernel-livepatch-5_14_21-150500_55_65-default-debuginfo-15-150500.2.1 * kernel-livepatch-5_14_21-150500_55_83-default-debuginfo-7-150500.2.1 * kernel-livepatch-5_14_21-150500_55_62-default-15-150500.2.1 * kernel-livepatch-5_14_21-150500_55_68-default-14-150500.2.1 * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_122-default-debuginfo-14-150400.2.1 * kernel-livepatch-5_14_21-150400_24_122-default-14-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_27-debugsource-14-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_122-default-debuginfo-14-150400.2.1 * kernel-livepatch-5_14_21-150400_24_122-default-14-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_27-debugsource-14-150400.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-50205.html * https://www.suse.com/security/cve/CVE-2024-56650.html * https://www.suse.com/security/cve/CVE-2024-8805.html * https://bugzilla.suse.com/show_bug.cgi?id=1233294 * https://bugzilla.suse.com/show_bug.cgi?id=1235431 * https://bugzilla.suse.com/show_bug.cgi?id=1240840 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 7 12:30:55 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 07 May 2025 12:30:55 -0000 Subject: SUSE-SU-2025:1501-1: moderate: Security update for opensaml Message-ID: <174662105507.30275.14693675389160573344@smelt2.prg2.suse.org> # Security update for opensaml Announcement ID: SUSE-SU-2025:1501-1 Release Date: 2025-05-07T09:42:33Z Rating: moderate References: * bsc#1239889 Cross-References: * CVE-2025-31335 CVSS scores: * CVE-2025-31335 ( SUSE ): 4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N * CVE-2025-31335 ( NVD ): 4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for opensaml fixes the following issues: * CVE-2025-31335: Fixed parameter manipulation allowing forging signed SAML messages (bsc#1239889) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1501=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * opensaml-bin-2.5.5-3.6.1 * libsaml8-debuginfo-2.5.5-3.6.1 * libsaml-devel-2.5.5-3.6.1 * opensaml-schemas-2.5.5-3.6.1 * opensaml-debugsource-2.5.5-3.6.1 * opensaml-bin-debuginfo-2.5.5-3.6.1 * libsaml8-2.5.5-3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2025-31335.html * https://bugzilla.suse.com/show_bug.cgi?id=1239889 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 7 12:30:59 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 07 May 2025 12:30:59 -0000 Subject: SUSE-SU-2025:1500-1: moderate: Security update for opensaml Message-ID: <174662105921.30275.16999279618768904840@smelt2.prg2.suse.org> # Security update for opensaml Announcement ID: SUSE-SU-2025:1500-1 Release Date: 2025-05-07T09:42:25Z Rating: moderate References: * bsc#1239889 Cross-References: * CVE-2025-31335 CVSS scores: * CVE-2025-31335 ( SUSE ): 4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N * CVE-2025-31335 ( NVD ): 4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for opensaml fixes the following issues: * CVE-2025-31335: Fixed a bug where parameter manipulation allows the forging of signed SAML messages. (bsc#1239889) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-1500=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1500=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-1500=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * opensaml-debuginfo-3.1.0-150300.3.3.1 * opensaml-bin-3.1.0-150300.3.3.1 * libsaml11-debuginfo-3.1.0-150300.3.3.1 * libsaml-devel-3.1.0-150300.3.3.1 * opensaml-schemas-3.1.0-150300.3.3.1 * opensaml-debugsource-3.1.0-150300.3.3.1 * opensaml-bin-debuginfo-3.1.0-150300.3.3.1 * libsaml11-3.1.0-150300.3.3.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * opensaml-debuginfo-3.1.0-150300.3.3.1 * opensaml-bin-3.1.0-150300.3.3.1 * libsaml11-debuginfo-3.1.0-150300.3.3.1 * libsaml-devel-3.1.0-150300.3.3.1 * opensaml-schemas-3.1.0-150300.3.3.1 * opensaml-debugsource-3.1.0-150300.3.3.1 * opensaml-bin-debuginfo-3.1.0-150300.3.3.1 * libsaml11-3.1.0-150300.3.3.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * opensaml-debuginfo-3.1.0-150300.3.3.1 * libsaml11-debuginfo-3.1.0-150300.3.3.1 * libsaml-devel-3.1.0-150300.3.3.1 * opensaml-schemas-3.1.0-150300.3.3.1 * opensaml-debugsource-3.1.0-150300.3.3.1 * libsaml11-3.1.0-150300.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-31335.html * https://bugzilla.suse.com/show_bug.cgi?id=1239889 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 7 12:31:04 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 07 May 2025 12:31:04 -0000 Subject: SUSE-RU-2025:1499-1: important: Recommended update for pacemaker Message-ID: <174662106435.30275.7131432989368400047@smelt2.prg2.suse.org> # Recommended update for pacemaker Announcement ID: SUSE-RU-2025:1499-1 Release Date: 2025-05-07T04:23:49Z Rating: important References: * bsc#1238519 * bsc#1239629 * bsc#1239770 Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Availability Extension 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 Business Critical Linux * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Manager Proxy 4.2 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Server 4.2 An update that has three fixes can now be installed. ## Description: This update for pacemaker fixes the following issues: * pacemaker-attrd: use %PRIu32 format specifier instead of %u for node id (bsc#1239629) * libcrmcluster: correctly log node id (bsc#1239629) * pacemaker-attrd: prevent segfault if a peer leaves when its name is unknown yet (bsc#1239629) * spec: create a temporary file in /run directory (bsc#1239770) * libcrmservices: Unref the dbus connection * libcrmservices: Don't leak msg if systemd_proxy is NULL * cts-scheduler: update tests for considering parents of an unmanaged resource active on the node (bsc#1238519) * libpe_status: consider parents of an unmanaged resource active on the node (bsc#1238519) * various: address format-overflow warnings * libpacemaker: set fail-count to INFINITY for fatal failures * libpacemaker: add PCMK__XA_FAILED_START_OFFSET and PCMK__XA_FAILED_STOP_OFFSET ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Availability Extension 15 SP3 zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2025-1499=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-1499=1 ## Package List: * SUSE Linux Enterprise High Availability Extension 15 SP3 (aarch64 ppc64le s390x x86_64) * pacemaker-cli-debuginfo-2.0.5+20201202.ba59be712-150300.4.45.2 * pacemaker-remote-debuginfo-2.0.5+20201202.ba59be712-150300.4.45.2 * pacemaker-debugsource-2.0.5+20201202.ba59be712-150300.4.45.2 * libpacemaker3-debuginfo-2.0.5+20201202.ba59be712-150300.4.45.2 * pacemaker-cli-2.0.5+20201202.ba59be712-150300.4.45.2 * libpacemaker-devel-2.0.5+20201202.ba59be712-150300.4.45.2 * pacemaker-remote-2.0.5+20201202.ba59be712-150300.4.45.2 * pacemaker-debuginfo-2.0.5+20201202.ba59be712-150300.4.45.2 * pacemaker-2.0.5+20201202.ba59be712-150300.4.45.2 * libpacemaker3-2.0.5+20201202.ba59be712-150300.4.45.2 * SUSE Linux Enterprise High Availability Extension 15 SP3 (noarch) * pacemaker-cts-2.0.5+20201202.ba59be712-150300.4.45.2 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * pacemaker-cli-debuginfo-2.0.5+20201202.ba59be712-150300.4.45.2 * pacemaker-remote-debuginfo-2.0.5+20201202.ba59be712-150300.4.45.2 * pacemaker-debugsource-2.0.5+20201202.ba59be712-150300.4.45.2 * libpacemaker3-debuginfo-2.0.5+20201202.ba59be712-150300.4.45.2 * pacemaker-cli-2.0.5+20201202.ba59be712-150300.4.45.2 * libpacemaker-devel-2.0.5+20201202.ba59be712-150300.4.45.2 * pacemaker-remote-2.0.5+20201202.ba59be712-150300.4.45.2 * pacemaker-debuginfo-2.0.5+20201202.ba59be712-150300.4.45.2 * pacemaker-2.0.5+20201202.ba59be712-150300.4.45.2 * libpacemaker3-2.0.5+20201202.ba59be712-150300.4.45.2 * openSUSE Leap 15.3 (noarch) * pacemaker-cts-2.0.5+20201202.ba59be712-150300.4.45.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1238519 * https://bugzilla.suse.com/show_bug.cgi?id=1239629 * https://bugzilla.suse.com/show_bug.cgi?id=1239770 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 7 12:31:07 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 07 May 2025 12:31:07 -0000 Subject: SUSE-RU-2025:1498-1: important: Recommended update for pacemaker Message-ID: <174662106780.30275.2280690231285619799@smelt2.prg2.suse.org> # Recommended update for pacemaker Announcement ID: SUSE-RU-2025:1498-1 Release Date: 2025-05-07T04:23:39Z Rating: important References: * bsc#1238519 * bsc#1239629 * bsc#1239770 Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Availability Extension 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has three fixes can now be installed. ## Description: This update for pacemaker fixes the following issues: * pacemaker-attrd: use %PRIu32 format specifier instead of %u for node id (bsc#1239629) * libcrmcluster: correctly log node id (bsc#1239629) * pacemaker-attrd: prevent segfault if a peer leaves when its name is unknown yet (bsc#1239629) * spec: create a temporary file in /run directory (bsc#1239770) * libcrmservices: Unref the dbus connection * libcrmservices: Don't leak msg if systemd_proxy is NULL * cts-scheduler: update tests for considering parents of an unmanaged resource active on the node (bsc#1238519) * libpe_status: consider parents of an unmanaged resource active on the node (bsc#1238519) * various: address format-overflow warnings * libpacemaker: set fail-count to INFINITY for fatal failures * libpacemaker: add PCMK__XA_FAILED_START_OFFSET and PCMK__XA_FAILED_STOP_OFFSET ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1498=1 * SUSE Linux Enterprise High Availability Extension 15 SP4 zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2025-1498=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libpacemaker-devel-2.1.2+20211124.ada5c3b36-150400.4.26.1 * pacemaker-debuginfo-2.1.2+20211124.ada5c3b36-150400.4.26.1 * pacemaker-remote-2.1.2+20211124.ada5c3b36-150400.4.26.1 * pacemaker-cli-debuginfo-2.1.2+20211124.ada5c3b36-150400.4.26.1 * pacemaker-debugsource-2.1.2+20211124.ada5c3b36-150400.4.26.1 * pacemaker-cli-2.1.2+20211124.ada5c3b36-150400.4.26.1 * pacemaker-2.1.2+20211124.ada5c3b36-150400.4.26.1 * pacemaker-remote-debuginfo-2.1.2+20211124.ada5c3b36-150400.4.26.1 * libpacemaker3-2.1.2+20211124.ada5c3b36-150400.4.26.1 * libpacemaker3-debuginfo-2.1.2+20211124.ada5c3b36-150400.4.26.1 * openSUSE Leap 15.4 (noarch) * pacemaker-cts-2.1.2+20211124.ada5c3b36-150400.4.26.1 * SUSE Linux Enterprise High Availability Extension 15 SP4 (aarch64 ppc64le s390x x86_64) * libpacemaker-devel-2.1.2+20211124.ada5c3b36-150400.4.26.1 * pacemaker-debuginfo-2.1.2+20211124.ada5c3b36-150400.4.26.1 * pacemaker-remote-2.1.2+20211124.ada5c3b36-150400.4.26.1 * pacemaker-cli-debuginfo-2.1.2+20211124.ada5c3b36-150400.4.26.1 * pacemaker-debugsource-2.1.2+20211124.ada5c3b36-150400.4.26.1 * pacemaker-cli-2.1.2+20211124.ada5c3b36-150400.4.26.1 * pacemaker-2.1.2+20211124.ada5c3b36-150400.4.26.1 * pacemaker-remote-debuginfo-2.1.2+20211124.ada5c3b36-150400.4.26.1 * libpacemaker3-2.1.2+20211124.ada5c3b36-150400.4.26.1 * libpacemaker3-debuginfo-2.1.2+20211124.ada5c3b36-150400.4.26.1 * SUSE Linux Enterprise High Availability Extension 15 SP4 (noarch) * pacemaker-cts-2.1.2+20211124.ada5c3b36-150400.4.26.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1238519 * https://bugzilla.suse.com/show_bug.cgi?id=1239629 * https://bugzilla.suse.com/show_bug.cgi?id=1239770 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 7 12:31:13 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 07 May 2025 12:31:13 -0000 Subject: SUSE-RU-2025:1497-1: important: Recommended update for pacemaker Message-ID: <174662107387.30275.16991216713127426206@smelt2.prg2.suse.org> # Recommended update for pacemaker Announcement ID: SUSE-RU-2025:1497-1 Release Date: 2025-05-07T04:23:26Z Rating: important References: * bsc#1238519 * bsc#1239629 * bsc#1239770 Affected Products: * SUSE Linux Enterprise High Availability Extension 12 SP5 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that has three fixes can now be installed. ## Description: This update for pacemaker fixes the following issues: * pacemaker-attrd: use %PRIu32 format specifier instead of %u for node id (bsc#1239629) * libcrmcluster: correctly log node id (bsc#1239629) * pacemaker-attrd: prevent segfault if a peer leaves when its name is unknown yet (bsc#1239629) * spec: create a temporary file in /run directory (bsc#1239770) * libcrmservices: Unref the dbus connection * libcrmservices: Don't leak msg if systemd_proxy is NULL * cts-scheduler: update tests for considering parents of an unmanaged resource active on the node (bsc#1238519) * libpe_status: consider parents of an unmanaged resource active on the node (bsc#1238519) * various: address format-overflow warnings * libpacemaker: set fail-count to INFINITY for fatal failures * libpacemaker: add PCMK__XA_FAILED_START_OFFSET and PCMK__XA_FAILED_STOP_OFFSET ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-HA-12-SP5-2025-1497=1 * SUSE Linux Enterprise High Availability Extension 12 SP5 zypper in -t patch SUSE-SLE-HA-12-SP5-2025-1497=1 * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-1497=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1497=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * pacemaker-cts-debuginfo-1.1.24+20210811.f5abda0ee-3.46.2 * libpacemaker3-1.1.24+20210811.f5abda0ee-3.46.2 * pacemaker-cts-1.1.24+20210811.f5abda0ee-3.46.2 * pacemaker-cli-1.1.24+20210811.f5abda0ee-3.46.2 * pacemaker-debuginfo-1.1.24+20210811.f5abda0ee-3.46.2 * pacemaker-remote-debuginfo-1.1.24+20210811.f5abda0ee-3.46.2 * pacemaker-debugsource-1.1.24+20210811.f5abda0ee-3.46.2 * pacemaker-cli-debuginfo-1.1.24+20210811.f5abda0ee-3.46.2 * pacemaker-1.1.24+20210811.f5abda0ee-3.46.2 * pacemaker-remote-1.1.24+20210811.f5abda0ee-3.46.2 * libpacemaker3-debuginfo-1.1.24+20210811.f5abda0ee-3.46.2 * SUSE Linux Enterprise High Availability Extension 12 SP5 (ppc64le s390x x86_64) * pacemaker-cts-debuginfo-1.1.24+20210811.f5abda0ee-3.46.2 * libpacemaker3-1.1.24+20210811.f5abda0ee-3.46.2 * pacemaker-cts-1.1.24+20210811.f5abda0ee-3.46.2 * pacemaker-cli-1.1.24+20210811.f5abda0ee-3.46.2 * pacemaker-debuginfo-1.1.24+20210811.f5abda0ee-3.46.2 * pacemaker-remote-debuginfo-1.1.24+20210811.f5abda0ee-3.46.2 * pacemaker-debugsource-1.1.24+20210811.f5abda0ee-3.46.2 * pacemaker-cli-debuginfo-1.1.24+20210811.f5abda0ee-3.46.2 * pacemaker-1.1.24+20210811.f5abda0ee-3.46.2 * pacemaker-remote-1.1.24+20210811.f5abda0ee-3.46.2 * libpacemaker3-debuginfo-1.1.24+20210811.f5abda0ee-3.46.2 * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libpacemaker-devel-1.1.24+20210811.f5abda0ee-3.46.2 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libpacemaker-devel-1.1.24+20210811.f5abda0ee-3.46.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1238519 * https://bugzilla.suse.com/show_bug.cgi?id=1239629 * https://bugzilla.suse.com/show_bug.cgi?id=1239770 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 7 12:31:18 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 07 May 2025 12:31:18 -0000 Subject: SUSE-RU-2025:1496-1: important: Recommended update for pacemaker Message-ID: <174662107809.30275.8053611684890126378@smelt2.prg2.suse.org> # Recommended update for pacemaker Announcement ID: SUSE-RU-2025:1496-1 Release Date: 2025-05-07T04:23:00Z Rating: important References: * bsc#1238519 * bsc#1239629 * bsc#1239770 Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Availability Extension 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has three fixes can now be installed. ## Description: This update for pacemaker fixes the following issues: * pacemaker-attrd: use %PRIu32 format specifier instead of %u for node id (bsc#1239629) * libcrmcluster: correctly log node id (bsc#1239629) * pacemaker-attrd: prevent segfault if a peer leaves when its name is unknown yet (bsc#1239629) * spec: create a temporary file in /run directory (bsc#1239770) * libcrmservices: Unref the dbus connection * libcrmservices: Don't leak msg if systemd_proxy is NULL * cts-scheduler: update tests for considering parents of an unmanaged resource active on the node (bsc#1238519) * libpe_status: consider parents of an unmanaged resource active on the node (bsc#1238519) * various: address format-overflow warnings * libpacemaker: set fail-count to INFINITY for fatal failures * libpacemaker: add PCMK__XA_FAILED_START_OFFSET and PCMK__XA_FAILED_STOP_OFFSET ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-1496=1 * SUSE Linux Enterprise High Availability Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-HA-15-SP5-2025-1496=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * pacemaker-devel-2.1.5+20221208.a3f44794f-150500.6.23.1 * pacemaker-debuginfo-2.1.5+20221208.a3f44794f-150500.6.23.1 * pacemaker-cli-2.1.5+20221208.a3f44794f-150500.6.23.1 * pacemaker-remote-2.1.5+20221208.a3f44794f-150500.6.23.1 * pacemaker-remote-debuginfo-2.1.5+20221208.a3f44794f-150500.6.23.1 * pacemaker-debugsource-2.1.5+20221208.a3f44794f-150500.6.23.1 * pacemaker-libs-2.1.5+20221208.a3f44794f-150500.6.23.1 * pacemaker-libs-debuginfo-2.1.5+20221208.a3f44794f-150500.6.23.1 * pacemaker-2.1.5+20221208.a3f44794f-150500.6.23.1 * pacemaker-cli-debuginfo-2.1.5+20221208.a3f44794f-150500.6.23.1 * openSUSE Leap 15.5 (noarch) * pacemaker-cts-2.1.5+20221208.a3f44794f-150500.6.23.1 * SUSE Linux Enterprise High Availability Extension 15 SP5 (aarch64 ppc64le s390x x86_64) * pacemaker-devel-2.1.5+20221208.a3f44794f-150500.6.23.1 * pacemaker-debuginfo-2.1.5+20221208.a3f44794f-150500.6.23.1 * pacemaker-cli-2.1.5+20221208.a3f44794f-150500.6.23.1 * pacemaker-remote-2.1.5+20221208.a3f44794f-150500.6.23.1 * pacemaker-remote-debuginfo-2.1.5+20221208.a3f44794f-150500.6.23.1 * pacemaker-debugsource-2.1.5+20221208.a3f44794f-150500.6.23.1 * pacemaker-libs-2.1.5+20221208.a3f44794f-150500.6.23.1 * pacemaker-libs-debuginfo-2.1.5+20221208.a3f44794f-150500.6.23.1 * pacemaker-2.1.5+20221208.a3f44794f-150500.6.23.1 * pacemaker-cli-debuginfo-2.1.5+20221208.a3f44794f-150500.6.23.1 * SUSE Linux Enterprise High Availability Extension 15 SP5 (noarch) * pacemaker-cts-2.1.5+20221208.a3f44794f-150500.6.23.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1238519 * https://bugzilla.suse.com/show_bug.cgi?id=1239629 * https://bugzilla.suse.com/show_bug.cgi?id=1239770 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 7 12:31:21 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 07 May 2025 12:31:21 -0000 Subject: SUSE-RU-2025:1495-1: important: Recommended update for pacemaker Message-ID: <174662108144.30275.11478483246102102327@smelt2.prg2.suse.org> # Recommended update for pacemaker Announcement ID: SUSE-RU-2025:1495-1 Release Date: 2025-05-07T04:22:50Z Rating: important References: * bsc#1238519 * bsc#1239629 * bsc#1239770 Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise High Availability Extension 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that has three fixes can now be installed. ## Description: This update for pacemaker fixes the following issues: * pacemaker-attrd: use %PRIu32 format specifier instead of %u for node id (bsc#1239629) * libcrmcluster: correctly log node id (bsc#1239629) * pacemaker-attrd: prevent segfault if a peer leaves when its name is unknown yet (bsc#1239629) * spec: create a temporary file in /run directory (bsc#1239770) * libcrmservices: Unref the dbus connection * libcrmservices: Don't leak msg if systemd_proxy is NULL * cts-scheduler: update tests for considering parents of an unmanaged resource active on the node (bsc#1238519) * libpe_status: consider parents of an unmanaged resource active on the node (bsc#1238519) * various: address format-overflow warnings * libpacemaker: set fail-count to INFINITY for fatal failures * libpacemaker: add PCMK__XA_FAILED_START_OFFSET and PCMK__XA_FAILED_STOP_OFFSET ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1495=1 openSUSE-SLE-15.6-2025-1495=1 * SUSE Linux Enterprise High Availability Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-HA-15-SP6-2025-1495=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * pacemaker-devel-2.1.7+20231219.0f7f88312-150600.6.9.2 * pacemaker-debuginfo-2.1.7+20231219.0f7f88312-150600.6.9.2 * pacemaker-cli-debuginfo-2.1.7+20231219.0f7f88312-150600.6.9.2 * pacemaker-remote-2.1.7+20231219.0f7f88312-150600.6.9.2 * pacemaker-2.1.7+20231219.0f7f88312-150600.6.9.2 * pacemaker-debugsource-2.1.7+20231219.0f7f88312-150600.6.9.2 * pacemaker-libs-2.1.7+20231219.0f7f88312-150600.6.9.2 * pacemaker-libs-debuginfo-2.1.7+20231219.0f7f88312-150600.6.9.2 * pacemaker-cli-2.1.7+20231219.0f7f88312-150600.6.9.2 * pacemaker-remote-debuginfo-2.1.7+20231219.0f7f88312-150600.6.9.2 * openSUSE Leap 15.6 (noarch) * pacemaker-schemas-2.1.7+20231219.0f7f88312-150600.6.9.2 * pacemaker-cts-2.1.7+20231219.0f7f88312-150600.6.9.2 * python3-pacemaker-2.1.7+20231219.0f7f88312-150600.6.9.2 * SUSE Linux Enterprise High Availability Extension 15 SP6 (aarch64 ppc64le s390x x86_64) * pacemaker-devel-2.1.7+20231219.0f7f88312-150600.6.9.2 * pacemaker-debuginfo-2.1.7+20231219.0f7f88312-150600.6.9.2 * pacemaker-cli-debuginfo-2.1.7+20231219.0f7f88312-150600.6.9.2 * pacemaker-remote-2.1.7+20231219.0f7f88312-150600.6.9.2 * pacemaker-2.1.7+20231219.0f7f88312-150600.6.9.2 * pacemaker-debugsource-2.1.7+20231219.0f7f88312-150600.6.9.2 * pacemaker-libs-2.1.7+20231219.0f7f88312-150600.6.9.2 * pacemaker-libs-debuginfo-2.1.7+20231219.0f7f88312-150600.6.9.2 * pacemaker-cli-2.1.7+20231219.0f7f88312-150600.6.9.2 * pacemaker-remote-debuginfo-2.1.7+20231219.0f7f88312-150600.6.9.2 * SUSE Linux Enterprise High Availability Extension 15 SP6 (noarch) * pacemaker-schemas-2.1.7+20231219.0f7f88312-150600.6.9.2 * pacemaker-cts-2.1.7+20231219.0f7f88312-150600.6.9.2 * python3-pacemaker-2.1.7+20231219.0f7f88312-150600.6.9.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1238519 * https://bugzilla.suse.com/show_bug.cgi?id=1239629 * https://bugzilla.suse.com/show_bug.cgi?id=1239770 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 7 12:31:26 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 07 May 2025 12:31:26 -0000 Subject: SUSE-SU-2025:1494-1: important: Security update for libxslt Message-ID: <174662108620.30275.2750948076795957803@smelt2.prg2.suse.org> # Security update for libxslt Announcement ID: SUSE-SU-2025:1494-1 Release Date: 2025-05-06T23:46:16Z Rating: important References: * bsc#1239625 * bsc#1239637 Cross-References: * CVE-2024-55549 * CVE-2025-24855 CVSS scores: * CVE-2024-55549 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H * CVE-2024-55549 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H * CVE-2025-24855 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H * CVE-2025-24855 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for libxslt fixes the following issues: * CVE-2025-24855: Fixed use-after-free of XPath context node (bsc#1239625) * CVE-2024-55549: Fixed use-after-free related to excluded namespaces (bsc#1239637) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-1494=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1494=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libxslt-tools-debuginfo-1.1.28-17.18.1 * libxslt-debugsource-1.1.28-17.18.1 * libxslt-devel-1.1.28-17.18.1 * libxslt1-debuginfo-1.1.28-17.18.1 * libxslt-tools-1.1.28-17.18.1 * libxslt1-1.1.28-17.18.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x x86_64) * libxslt1-debuginfo-32bit-1.1.28-17.18.1 * libxslt1-32bit-1.1.28-17.18.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libxslt1-debuginfo-32bit-1.1.28-17.18.1 * libxslt-tools-debuginfo-1.1.28-17.18.1 * libxslt-debugsource-1.1.28-17.18.1 * libxslt-devel-1.1.28-17.18.1 * libxslt1-debuginfo-1.1.28-17.18.1 * libxslt1-32bit-1.1.28-17.18.1 * libxslt-tools-1.1.28-17.18.1 * libxslt1-1.1.28-17.18.1 ## References: * https://www.suse.com/security/cve/CVE-2024-55549.html * https://www.suse.com/security/cve/CVE-2025-24855.html * https://bugzilla.suse.com/show_bug.cgi?id=1239625 * https://bugzilla.suse.com/show_bug.cgi?id=1239637 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 7 12:31:28 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 07 May 2025 12:31:28 -0000 Subject: SUSE-SU-2025:1492-1: moderate: Security update for rubygem-rack-1_6 Message-ID: <174662108850.30275.4029970072787654233@smelt2.prg2.suse.org> # Security update for rubygem-rack-1_6 Announcement ID: SUSE-SU-2025:1492-1 Release Date: 2025-05-06T14:36:05Z Rating: moderate References: * bsc#1238607 Cross-References: * CVE-2025-27111 CVSS scores: * CVE-2025-27111 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-27111 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2025-27111 ( NVD ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * openSUSE Leap 15.6 An update that solves one vulnerability can now be installed. ## Description: This update for rubygem-rack-1_6 fixes the following issues: * CVE-2025-27111: Fixed Escape Sequence Injection vulnerability (bsc#1238607) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1492=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * ruby2.5-rubygem-rack-1_6-1.6.8-150000.3.6.1 * ruby2.5-rubygem-rack-testsuite-1_6-1.6.8-150000.3.6.1 * ruby2.5-rubygem-rack-doc-1_6-1.6.8-150000.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2025-27111.html * https://bugzilla.suse.com/show_bug.cgi?id=1238607 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 7 12:31:30 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 07 May 2025 12:31:30 -0000 Subject: SUSE-SU-2025:1489-1: moderate: Security update for ImageMagick Message-ID: <174662109091.30275.5387918875900627610@smelt2.prg2.suse.org> # Security update for ImageMagick Announcement ID: SUSE-SU-2025:1489-1 Release Date: 2025-05-06T10:57:42Z Rating: moderate References: * bsc#1241659 Cross-References: * CVE-2025-43965 CVSS scores: * CVE-2025-43965 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2025-43965 ( SUSE ): 5.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L * CVE-2025-43965 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for ImageMagick fixes the following issues: * CVE-2025-43965: mishandling of image depth after SetQuantumFormat is used in MIFF image processing. (bsc#1241659) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1489=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libMagickCore-6_Q16-1-6.8.8.1-71.204.1 * ImageMagick-debuginfo-6.8.8.1-71.204.1 * ImageMagick-config-6-SUSE-6.8.8.1-71.204.1 * ImageMagick-config-6-upstream-6.8.8.1-71.204.1 * ImageMagick-debugsource-6.8.8.1-71.204.1 * libMagickWand-6_Q16-1-debuginfo-6.8.8.1-71.204.1 * libMagickWand-6_Q16-1-6.8.8.1-71.204.1 * libMagickCore-6_Q16-1-debuginfo-6.8.8.1-71.204.1 * libMagick++-devel-6.8.8.1-71.204.1 * ImageMagick-devel-6.8.8.1-71.204.1 ## References: * https://www.suse.com/security/cve/CVE-2025-43965.html * https://bugzilla.suse.com/show_bug.cgi?id=1241659 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 7 12:31:35 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 07 May 2025 12:31:35 -0000 Subject: SUSE-SU-2025:1488-1: moderate: Security update for ImageMagick Message-ID: <174662109592.30275.1141755655388033613@smelt2.prg2.suse.org> # Security update for ImageMagick Announcement ID: SUSE-SU-2025:1488-1 Release Date: 2025-05-06T10:57:33Z Rating: moderate References: * bsc#1241658 * bsc#1241659 Cross-References: * CVE-2025-43965 * CVE-2025-46393 CVSS scores: * CVE-2025-43965 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2025-43965 ( SUSE ): 5.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L * CVE-2025-43965 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-46393 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2025-46393 ( SUSE ): 5.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L * CVE-2025-46393 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * Desktop Applications Module 15-SP6 * Development Tools Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for ImageMagick fixes the following issues: * CVE-2025-43965: mishandling of image depth after SetQuantumFormat is used in MIFF image processing. (bsc#1241659) * CVE-2025-46393: mishandling of packet_size leads to rendering of channels in arbitrary order in multispectral MIFF image processing. (bsc#1241658) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-1488=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-1488=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1488=1 openSUSE-SLE-15.6-2025-1488=1 ## Package List: * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * ImageMagick-debugsource-7.1.1.21-150600.3.3.1 * libMagickCore-7_Q16HDRI10-7.1.1.21-150600.3.3.1 * ImageMagick-config-7-upstream-limited-7.1.1.21-150600.3.3.1 * libMagick++-devel-7.1.1.21-150600.3.3.1 * ImageMagick-devel-7.1.1.21-150600.3.3.1 * libMagick++-7_Q16HDRI5-7.1.1.21-150600.3.3.1 * libMagickWand-7_Q16HDRI10-7.1.1.21-150600.3.3.1 * ImageMagick-config-7-upstream-open-7.1.1.21-150600.3.3.1 * ImageMagick-config-7-SUSE-7.1.1.21-150600.3.3.1 * ImageMagick-7.1.1.21-150600.3.3.1 * ImageMagick-config-7-upstream-secure-7.1.1.21-150600.3.3.1 * ImageMagick-config-7-upstream-websafe-7.1.1.21-150600.3.3.1 * libMagick++-7_Q16HDRI5-debuginfo-7.1.1.21-150600.3.3.1 * libMagickWand-7_Q16HDRI10-debuginfo-7.1.1.21-150600.3.3.1 * ImageMagick-debuginfo-7.1.1.21-150600.3.3.1 * libMagickCore-7_Q16HDRI10-debuginfo-7.1.1.21-150600.3.3.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * perl-PerlMagick-debuginfo-7.1.1.21-150600.3.3.1 * ImageMagick-debugsource-7.1.1.21-150600.3.3.1 * ImageMagick-debuginfo-7.1.1.21-150600.3.3.1 * perl-PerlMagick-7.1.1.21-150600.3.3.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * ImageMagick-debugsource-7.1.1.21-150600.3.3.1 * libMagickCore-7_Q16HDRI10-7.1.1.21-150600.3.3.1 * ImageMagick-extra-7.1.1.21-150600.3.3.1 * ImageMagick-config-7-upstream-limited-7.1.1.21-150600.3.3.1 * ImageMagick-extra-debuginfo-7.1.1.21-150600.3.3.1 * ImageMagick-devel-7.1.1.21-150600.3.3.1 * libMagick++-7_Q16HDRI5-7.1.1.21-150600.3.3.1 * libMagick++-devel-7.1.1.21-150600.3.3.1 * ImageMagick-config-7-upstream-open-7.1.1.21-150600.3.3.1 * libMagickWand-7_Q16HDRI10-7.1.1.21-150600.3.3.1 * perl-PerlMagick-7.1.1.21-150600.3.3.1 * perl-PerlMagick-debuginfo-7.1.1.21-150600.3.3.1 * ImageMagick-config-7-SUSE-7.1.1.21-150600.3.3.1 * ImageMagick-7.1.1.21-150600.3.3.1 * ImageMagick-config-7-upstream-secure-7.1.1.21-150600.3.3.1 * ImageMagick-config-7-upstream-websafe-7.1.1.21-150600.3.3.1 * libMagick++-7_Q16HDRI5-debuginfo-7.1.1.21-150600.3.3.1 * libMagickWand-7_Q16HDRI10-debuginfo-7.1.1.21-150600.3.3.1 * ImageMagick-debuginfo-7.1.1.21-150600.3.3.1 * libMagickCore-7_Q16HDRI10-debuginfo-7.1.1.21-150600.3.3.1 * openSUSE Leap 15.6 (x86_64) * libMagick++-devel-32bit-7.1.1.21-150600.3.3.1 * libMagickCore-7_Q16HDRI10-32bit-7.1.1.21-150600.3.3.1 * ImageMagick-devel-32bit-7.1.1.21-150600.3.3.1 * libMagickWand-7_Q16HDRI10-32bit-debuginfo-7.1.1.21-150600.3.3.1 * libMagick++-7_Q16HDRI5-32bit-7.1.1.21-150600.3.3.1 * libMagick++-7_Q16HDRI5-32bit-debuginfo-7.1.1.21-150600.3.3.1 * libMagickCore-7_Q16HDRI10-32bit-debuginfo-7.1.1.21-150600.3.3.1 * libMagickWand-7_Q16HDRI10-32bit-7.1.1.21-150600.3.3.1 * openSUSE Leap 15.6 (noarch) * ImageMagick-doc-7.1.1.21-150600.3.3.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libMagick++-7_Q16HDRI5-64bit-7.1.1.21-150600.3.3.1 * libMagickCore-7_Q16HDRI10-64bit-7.1.1.21-150600.3.3.1 * libMagickCore-7_Q16HDRI10-64bit-debuginfo-7.1.1.21-150600.3.3.1 * libMagickWand-7_Q16HDRI10-64bit-7.1.1.21-150600.3.3.1 * libMagickWand-7_Q16HDRI10-64bit-debuginfo-7.1.1.21-150600.3.3.1 * libMagick++-devel-64bit-7.1.1.21-150600.3.3.1 * libMagick++-7_Q16HDRI5-64bit-debuginfo-7.1.1.21-150600.3.3.1 * ImageMagick-devel-64bit-7.1.1.21-150600.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-43965.html * https://www.suse.com/security/cve/CVE-2025-46393.html * https://bugzilla.suse.com/show_bug.cgi?id=1241658 * https://bugzilla.suse.com/show_bug.cgi?id=1241659 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 7 12:31:41 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 07 May 2025 12:31:41 -0000 Subject: SUSE-SU-2025:1487-1: important: Security update for java-11-openjdk Message-ID: <174662110151.30275.4921592924586629434@smelt2.prg2.suse.org> # Security update for java-11-openjdk Announcement ID: SUSE-SU-2025:1487-1 Release Date: 2025-05-06T10:05:56Z Rating: important References: * bsc#1241274 * bsc#1241275 * bsc#1241276 Cross-References: * CVE-2025-21587 * CVE-2025-30691 * CVE-2025-30698 CVSS scores: * CVE-2025-21587 ( SUSE ): 9.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-21587 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2025-21587 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2025-30691 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-30691 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-30691 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-30698 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-30698 ( SUSE ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-30698 ( NVD ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L Affected Products: * Legacy Module 15-SP6 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Package Hub 15 15-SP6 An update that solves three vulnerabilities can now be installed. ## Description: This update for java-11-openjdk fixes the following issues: Upgrade to upstream tag jdk-11.0.27+6 (April 2025 CPU) CVEs: * CVE-2025-21587: Fixed JSSE unauthorized access, deletion or modification of critical data (bsc#1241274) * CVE-2025-30691: Fixed Oracle Java SE Compiler Unauthorized Data Access (bsc#1241275) * CVE-2025-30698: Fixed Oracle Java 2D unauthorized data access and DoS (bsc#1241276) Changes: + JDK-8195675: Call to insertText with single character from custom Input Method ignored + JDK-8202926: Test java/awt/Focus/ /WindowUpdateFocusabilityTest/ /WindowUpdateFocusabilityTest.html fails + JDK-8216539: tools/jar/modularJar/Basic.java timed out + JDK-8268364: jmethod clearing should be done during unloading + JDK-8273914: Indy string concat changes order of operations + JDK-8294316: SA core file support is broken on macosx-x64 starting with macOS 12.x + JDK-8306408: Fix the format of several tables in building.md + JDK-8309841: Jarsigner should print a warning if an entry is removed + JDK-8312049: runtime/logging/ClassLoadUnloadTest can be improved + JDK-8320916: jdk/jfr/event/gc/stacktrace/ /TestParallelMarkSweepAllocationPendingStackTrace.java failed with "OutOfMemoryError: GC overhead limit exceeded" + JDK-8327650: Test java/nio/channels/DatagramChannel/ /StressNativeSignal.java timed out + JDK-8328242: Add a log area to the PassFailJFrame + JDK-8331863: DUIterator_Fast used before it is constructed + JDK-8336012: Fix usages of jtreg-reserved properties + JDK-8337494: Clarify JarInputStream behavior + JDK-8337692: Better TLS connection support + JDK-8338430: Improve compiler transformations + JDK-8339560: Unaddressed comments during code review of JDK-8337664 + JDK-8339810: Clean up the code in sun.tools.jar.Main to properly close resources and use ZipFile during extract + JDK-8339931: Update problem list for WindowUpdateFocusabilityTest.java + JDK-8340387: Update OS detection code to recognize Windows Server 2025 + JDK-8341424: GHA: Collect hs_errs from build time failures + JDK-8342562: Enhance Deflater operations + JDK-8342704: GHA: Report truncation is broken after JDK-8341424 + JDK-8343007: Enhance Buffered Image handling + JDK-8343474: [updates] Customize README.md to specifics of update project + JDK-8343599: Kmem limit and max values swapped when printing container information + JDK-8343786: [11u] GHA: Bump macOS and Xcode versions to macos-13 and XCode 14.3.1 + JDK-8344589: Update IANA Language Subtag Registry to Version 2024-11-19 + JDK-8345509: Bump update version of OpenJDK: 11.0.27 + JDK-8346587: Distrust TLS server certificates anchored by Camerfirma Root CAs + JDK-8347427: JTabbedPane/8134116/Bug8134116.java has no license header + JDK-8347847: Enhance jar file support + JDK-8347965: (tz) Update Timezone Data to 2025a + JDK-8349603: [21u, 17u, 11u] Update GHA JDKs after Jan/25 updates + JDK-8352097: (tz) zone.tab update missed in 2025a backport + JDK-8354087: [11u] Remove designator DEFAULT_PROMOTED_VERSION_PRE=ea for release 11.0.27 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1487=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1487=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1487=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1487=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1487=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1487=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1487=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1487=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1487=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1487=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-1487=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-1487=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-1487=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1487=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1487=1 * Legacy Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2025-1487=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-1487=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1487=1 ## Package List: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * java-11-openjdk-debugsource-11.0.27.0-150000.3.125.1 * java-11-openjdk-headless-11.0.27.0-150000.3.125.1 * java-11-openjdk-devel-11.0.27.0-150000.3.125.1 * java-11-openjdk-demo-11.0.27.0-150000.3.125.1 * java-11-openjdk-11.0.27.0-150000.3.125.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * java-11-openjdk-debugsource-11.0.27.0-150000.3.125.1 * java-11-openjdk-headless-11.0.27.0-150000.3.125.1 * java-11-openjdk-devel-11.0.27.0-150000.3.125.1 * java-11-openjdk-demo-11.0.27.0-150000.3.125.1 * java-11-openjdk-11.0.27.0-150000.3.125.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * java-11-openjdk-11.0.27.0-150000.3.125.1 * java-11-openjdk-demo-11.0.27.0-150000.3.125.1 * java-11-openjdk-headless-11.0.27.0-150000.3.125.1 * java-11-openjdk-devel-11.0.27.0-150000.3.125.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * java-11-openjdk-11.0.27.0-150000.3.125.1 * java-11-openjdk-demo-11.0.27.0-150000.3.125.1 * java-11-openjdk-headless-11.0.27.0-150000.3.125.1 * java-11-openjdk-devel-11.0.27.0-150000.3.125.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * java-11-openjdk-debugsource-11.0.27.0-150000.3.125.1 * java-11-openjdk-debuginfo-11.0.27.0-150000.3.125.1 * java-11-openjdk-headless-11.0.27.0-150000.3.125.1 * java-11-openjdk-devel-11.0.27.0-150000.3.125.1 * java-11-openjdk-demo-11.0.27.0-150000.3.125.1 * java-11-openjdk-11.0.27.0-150000.3.125.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * java-11-openjdk-debugsource-11.0.27.0-150000.3.125.1 * java-11-openjdk-headless-11.0.27.0-150000.3.125.1 * java-11-openjdk-devel-11.0.27.0-150000.3.125.1 * java-11-openjdk-demo-11.0.27.0-150000.3.125.1 * java-11-openjdk-11.0.27.0-150000.3.125.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * java-11-openjdk-11.0.27.0-150000.3.125.1 * java-11-openjdk-demo-11.0.27.0-150000.3.125.1 * java-11-openjdk-headless-11.0.27.0-150000.3.125.1 * java-11-openjdk-devel-11.0.27.0-150000.3.125.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * java-11-openjdk-debugsource-11.0.27.0-150000.3.125.1 * java-11-openjdk-debuginfo-11.0.27.0-150000.3.125.1 * java-11-openjdk-headless-11.0.27.0-150000.3.125.1 * java-11-openjdk-devel-11.0.27.0-150000.3.125.1 * java-11-openjdk-demo-11.0.27.0-150000.3.125.1 * java-11-openjdk-11.0.27.0-150000.3.125.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * java-11-openjdk-debugsource-11.0.27.0-150000.3.125.1 * java-11-openjdk-headless-11.0.27.0-150000.3.125.1 * java-11-openjdk-devel-11.0.27.0-150000.3.125.1 * java-11-openjdk-demo-11.0.27.0-150000.3.125.1 * java-11-openjdk-11.0.27.0-150000.3.125.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * java-11-openjdk-11.0.27.0-150000.3.125.1 * java-11-openjdk-demo-11.0.27.0-150000.3.125.1 * java-11-openjdk-headless-11.0.27.0-150000.3.125.1 * java-11-openjdk-devel-11.0.27.0-150000.3.125.1 * SUSE Manager Proxy 4.3 (x86_64) * java-11-openjdk-debugsource-11.0.27.0-150000.3.125.1 * java-11-openjdk-headless-11.0.27.0-150000.3.125.1 * java-11-openjdk-devel-11.0.27.0-150000.3.125.1 * java-11-openjdk-demo-11.0.27.0-150000.3.125.1 * java-11-openjdk-11.0.27.0-150000.3.125.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * java-11-openjdk-debugsource-11.0.27.0-150000.3.125.1 * java-11-openjdk-headless-11.0.27.0-150000.3.125.1 * java-11-openjdk-devel-11.0.27.0-150000.3.125.1 * java-11-openjdk-demo-11.0.27.0-150000.3.125.1 * java-11-openjdk-11.0.27.0-150000.3.125.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * java-11-openjdk-debugsource-11.0.27.0-150000.3.125.1 * java-11-openjdk-headless-11.0.27.0-150000.3.125.1 * java-11-openjdk-devel-11.0.27.0-150000.3.125.1 * java-11-openjdk-demo-11.0.27.0-150000.3.125.1 * java-11-openjdk-11.0.27.0-150000.3.125.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * java-11-openjdk-debugsource-11.0.27.0-150000.3.125.1 * java-11-openjdk-debuginfo-11.0.27.0-150000.3.125.1 * java-11-openjdk-headless-11.0.27.0-150000.3.125.1 * java-11-openjdk-devel-11.0.27.0-150000.3.125.1 * java-11-openjdk-demo-11.0.27.0-150000.3.125.1 * java-11-openjdk-11.0.27.0-150000.3.125.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * java-11-openjdk-debugsource-11.0.27.0-150000.3.125.1 * java-11-openjdk-debuginfo-11.0.27.0-150000.3.125.1 * java-11-openjdk-devel-debuginfo-11.0.27.0-150000.3.125.1 * java-11-openjdk-jmods-11.0.27.0-150000.3.125.1 * java-11-openjdk-headless-11.0.27.0-150000.3.125.1 * java-11-openjdk-devel-11.0.27.0-150000.3.125.1 * java-11-openjdk-demo-11.0.27.0-150000.3.125.1 * java-11-openjdk-src-11.0.27.0-150000.3.125.1 * java-11-openjdk-11.0.27.0-150000.3.125.1 * java-11-openjdk-headless-debuginfo-11.0.27.0-150000.3.125.1 * openSUSE Leap 15.6 (noarch) * java-11-openjdk-javadoc-11.0.27.0-150000.3.125.1 * Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64) * java-11-openjdk-debugsource-11.0.27.0-150000.3.125.1 * java-11-openjdk-debuginfo-11.0.27.0-150000.3.125.1 * java-11-openjdk-devel-debuginfo-11.0.27.0-150000.3.125.1 * java-11-openjdk-headless-11.0.27.0-150000.3.125.1 * java-11-openjdk-devel-11.0.27.0-150000.3.125.1 * java-11-openjdk-demo-11.0.27.0-150000.3.125.1 * java-11-openjdk-11.0.27.0-150000.3.125.1 * java-11-openjdk-headless-debuginfo-11.0.27.0-150000.3.125.1 * SUSE Package Hub 15 15-SP6 (noarch) * java-11-openjdk-javadoc-11.0.27.0-150000.3.125.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * java-11-openjdk-debugsource-11.0.27.0-150000.3.125.1 * java-11-openjdk-debuginfo-11.0.27.0-150000.3.125.1 * java-11-openjdk-headless-11.0.27.0-150000.3.125.1 * java-11-openjdk-devel-11.0.27.0-150000.3.125.1 * java-11-openjdk-demo-11.0.27.0-150000.3.125.1 * java-11-openjdk-11.0.27.0-150000.3.125.1 ## References: * https://www.suse.com/security/cve/CVE-2025-21587.html * https://www.suse.com/security/cve/CVE-2025-30691.html * https://www.suse.com/security/cve/CVE-2025-30698.html * https://bugzilla.suse.com/show_bug.cgi?id=1241274 * https://bugzilla.suse.com/show_bug.cgi?id=1241275 * https://bugzilla.suse.com/show_bug.cgi?id=1241276 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 7 12:31:46 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 07 May 2025 12:31:46 -0000 Subject: SUSE-RU-2025:1486-1: important: Recommended update for apparmor Message-ID: <174662110607.30275.3248614725969714164@smelt2.prg2.suse.org> # Recommended update for apparmor Announcement ID: SUSE-RU-2025:1486-1 Release Date: 2025-05-06T10:00:40Z Rating: important References: * bsc#1232234 * bsc#1234452 Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has two fixes can now be installed. ## Description: This update for apparmor fixes the following issues: * Allow pam_unix to execute unix_chkpwd with abi/3.0 (bsc#1234452, bsc#1232234) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1486=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1486=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1486=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1486=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1486=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1486=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1486=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1486=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1486=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-1486=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-1486=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-1486=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * ruby-apparmor-3.0.4-150400.5.15.1 * apache2-mod_apparmor-debuginfo-3.0.4-150400.5.15.1 * libapparmor1-3.0.4-150400.5.15.1 * apparmor-parser-debuginfo-3.0.4-150400.5.15.1 * libapparmor-debugsource-3.0.4-150400.5.15.1 * libapparmor1-debuginfo-3.0.4-150400.5.15.1 * apparmor-parser-3.0.4-150400.5.15.1 * ruby-apparmor-debuginfo-3.0.4-150400.5.15.1 * pam_apparmor-3.0.4-150400.5.15.1 * python3-apparmor-debuginfo-3.0.4-150400.5.15.1 * libapparmor-devel-3.0.4-150400.5.15.1 * apparmor-debugsource-3.0.4-150400.5.15.1 * apache2-mod_apparmor-3.0.4-150400.5.15.1 * python3-apparmor-3.0.4-150400.5.15.1 * perl-apparmor-3.0.4-150400.5.15.1 * pam_apparmor-debuginfo-3.0.4-150400.5.15.1 * perl-apparmor-debuginfo-3.0.4-150400.5.15.1 * openSUSE Leap 15.4 (noarch) * apparmor-abstractions-3.0.4-150400.5.15.1 * apparmor-utils-lang-3.0.4-150400.5.15.1 * apparmor-utils-3.0.4-150400.5.15.1 * apparmor-profiles-3.0.4-150400.5.15.1 * apparmor-parser-lang-3.0.4-150400.5.15.1 * apparmor-docs-3.0.4-150400.5.15.1 * openSUSE Leap 15.4 (x86_64) * pam_apparmor-32bit-debuginfo-3.0.4-150400.5.15.1 * libapparmor1-32bit-3.0.4-150400.5.15.1 * pam_apparmor-32bit-3.0.4-150400.5.15.1 * libapparmor1-32bit-debuginfo-3.0.4-150400.5.15.1 * openSUSE Leap 15.4 (aarch64_ilp32) * pam_apparmor-64bit-3.0.4-150400.5.15.1 * libapparmor1-64bit-debuginfo-3.0.4-150400.5.15.1 * libapparmor1-64bit-3.0.4-150400.5.15.1 * pam_apparmor-64bit-debuginfo-3.0.4-150400.5.15.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libapparmor1-3.0.4-150400.5.15.1 * apparmor-parser-debuginfo-3.0.4-150400.5.15.1 * libapparmor-debugsource-3.0.4-150400.5.15.1 * apparmor-parser-3.0.4-150400.5.15.1 * pam_apparmor-3.0.4-150400.5.15.1 * apparmor-debugsource-3.0.4-150400.5.15.1 * libapparmor1-debuginfo-3.0.4-150400.5.15.1 * pam_apparmor-debuginfo-3.0.4-150400.5.15.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libapparmor1-3.0.4-150400.5.15.1 * apparmor-parser-debuginfo-3.0.4-150400.5.15.1 * libapparmor-debugsource-3.0.4-150400.5.15.1 * apparmor-parser-3.0.4-150400.5.15.1 * pam_apparmor-3.0.4-150400.5.15.1 * apparmor-debugsource-3.0.4-150400.5.15.1 * libapparmor1-debuginfo-3.0.4-150400.5.15.1 * pam_apparmor-debuginfo-3.0.4-150400.5.15.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libapparmor1-3.0.4-150400.5.15.1 * apparmor-parser-debuginfo-3.0.4-150400.5.15.1 * libapparmor-debugsource-3.0.4-150400.5.15.1 * apparmor-parser-3.0.4-150400.5.15.1 * pam_apparmor-3.0.4-150400.5.15.1 * apparmor-debugsource-3.0.4-150400.5.15.1 * libapparmor1-debuginfo-3.0.4-150400.5.15.1 * pam_apparmor-debuginfo-3.0.4-150400.5.15.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libapparmor1-3.0.4-150400.5.15.1 * apparmor-parser-debuginfo-3.0.4-150400.5.15.1 * libapparmor-debugsource-3.0.4-150400.5.15.1 * apparmor-parser-3.0.4-150400.5.15.1 * pam_apparmor-3.0.4-150400.5.15.1 * apparmor-debugsource-3.0.4-150400.5.15.1 * libapparmor1-debuginfo-3.0.4-150400.5.15.1 * pam_apparmor-debuginfo-3.0.4-150400.5.15.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * apache2-mod_apparmor-debuginfo-3.0.4-150400.5.15.1 * libapparmor1-3.0.4-150400.5.15.1 * apparmor-parser-debuginfo-3.0.4-150400.5.15.1 * libapparmor-debugsource-3.0.4-150400.5.15.1 * apparmor-parser-3.0.4-150400.5.15.1 * perl-apparmor-3.0.4-150400.5.15.1 * pam_apparmor-3.0.4-150400.5.15.1 * python3-apparmor-debuginfo-3.0.4-150400.5.15.1 * libapparmor-devel-3.0.4-150400.5.15.1 * apparmor-debugsource-3.0.4-150400.5.15.1 * apache2-mod_apparmor-3.0.4-150400.5.15.1 * python3-apparmor-3.0.4-150400.5.15.1 * libapparmor1-debuginfo-3.0.4-150400.5.15.1 * pam_apparmor-debuginfo-3.0.4-150400.5.15.1 * perl-apparmor-debuginfo-3.0.4-150400.5.15.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * apparmor-abstractions-3.0.4-150400.5.15.1 * apparmor-utils-lang-3.0.4-150400.5.15.1 * apparmor-utils-3.0.4-150400.5.15.1 * apparmor-profiles-3.0.4-150400.5.15.1 * apparmor-parser-lang-3.0.4-150400.5.15.1 * apparmor-docs-3.0.4-150400.5.15.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * pam_apparmor-32bit-debuginfo-3.0.4-150400.5.15.1 * libapparmor1-32bit-3.0.4-150400.5.15.1 * pam_apparmor-32bit-3.0.4-150400.5.15.1 * libapparmor1-32bit-debuginfo-3.0.4-150400.5.15.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * apache2-mod_apparmor-debuginfo-3.0.4-150400.5.15.1 * libapparmor1-3.0.4-150400.5.15.1 * apparmor-parser-debuginfo-3.0.4-150400.5.15.1 * libapparmor-debugsource-3.0.4-150400.5.15.1 * apparmor-parser-3.0.4-150400.5.15.1 * perl-apparmor-3.0.4-150400.5.15.1 * pam_apparmor-3.0.4-150400.5.15.1 * python3-apparmor-debuginfo-3.0.4-150400.5.15.1 * libapparmor-devel-3.0.4-150400.5.15.1 * apparmor-debugsource-3.0.4-150400.5.15.1 * apache2-mod_apparmor-3.0.4-150400.5.15.1 * python3-apparmor-3.0.4-150400.5.15.1 * libapparmor1-debuginfo-3.0.4-150400.5.15.1 * pam_apparmor-debuginfo-3.0.4-150400.5.15.1 * perl-apparmor-debuginfo-3.0.4-150400.5.15.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * apparmor-abstractions-3.0.4-150400.5.15.1 * apparmor-utils-lang-3.0.4-150400.5.15.1 * apparmor-utils-3.0.4-150400.5.15.1 * apparmor-profiles-3.0.4-150400.5.15.1 * apparmor-parser-lang-3.0.4-150400.5.15.1 * apparmor-docs-3.0.4-150400.5.15.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * pam_apparmor-32bit-debuginfo-3.0.4-150400.5.15.1 * libapparmor1-32bit-3.0.4-150400.5.15.1 * pam_apparmor-32bit-3.0.4-150400.5.15.1 * libapparmor1-32bit-debuginfo-3.0.4-150400.5.15.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * apache2-mod_apparmor-debuginfo-3.0.4-150400.5.15.1 * libapparmor1-3.0.4-150400.5.15.1 * apparmor-parser-debuginfo-3.0.4-150400.5.15.1 * libapparmor-debugsource-3.0.4-150400.5.15.1 * apparmor-parser-3.0.4-150400.5.15.1 * perl-apparmor-3.0.4-150400.5.15.1 * pam_apparmor-3.0.4-150400.5.15.1 * python3-apparmor-debuginfo-3.0.4-150400.5.15.1 * libapparmor-devel-3.0.4-150400.5.15.1 * apparmor-debugsource-3.0.4-150400.5.15.1 * apache2-mod_apparmor-3.0.4-150400.5.15.1 * python3-apparmor-3.0.4-150400.5.15.1 * libapparmor1-debuginfo-3.0.4-150400.5.15.1 * pam_apparmor-debuginfo-3.0.4-150400.5.15.1 * perl-apparmor-debuginfo-3.0.4-150400.5.15.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * apparmor-abstractions-3.0.4-150400.5.15.1 * apparmor-utils-lang-3.0.4-150400.5.15.1 * apparmor-utils-3.0.4-150400.5.15.1 * apparmor-profiles-3.0.4-150400.5.15.1 * apparmor-parser-lang-3.0.4-150400.5.15.1 * apparmor-docs-3.0.4-150400.5.15.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64) * pam_apparmor-32bit-debuginfo-3.0.4-150400.5.15.1 * libapparmor1-32bit-3.0.4-150400.5.15.1 * pam_apparmor-32bit-3.0.4-150400.5.15.1 * libapparmor1-32bit-debuginfo-3.0.4-150400.5.15.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * apache2-mod_apparmor-debuginfo-3.0.4-150400.5.15.1 * libapparmor1-3.0.4-150400.5.15.1 * apparmor-parser-debuginfo-3.0.4-150400.5.15.1 * libapparmor-debugsource-3.0.4-150400.5.15.1 * apparmor-parser-3.0.4-150400.5.15.1 * perl-apparmor-3.0.4-150400.5.15.1 * pam_apparmor-3.0.4-150400.5.15.1 * python3-apparmor-debuginfo-3.0.4-150400.5.15.1 * libapparmor-devel-3.0.4-150400.5.15.1 * apparmor-debugsource-3.0.4-150400.5.15.1 * apache2-mod_apparmor-3.0.4-150400.5.15.1 * python3-apparmor-3.0.4-150400.5.15.1 * libapparmor1-debuginfo-3.0.4-150400.5.15.1 * pam_apparmor-debuginfo-3.0.4-150400.5.15.1 * perl-apparmor-debuginfo-3.0.4-150400.5.15.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * apparmor-abstractions-3.0.4-150400.5.15.1 * apparmor-utils-lang-3.0.4-150400.5.15.1 * apparmor-utils-3.0.4-150400.5.15.1 * apparmor-profiles-3.0.4-150400.5.15.1 * apparmor-parser-lang-3.0.4-150400.5.15.1 * apparmor-docs-3.0.4-150400.5.15.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * pam_apparmor-32bit-debuginfo-3.0.4-150400.5.15.1 * libapparmor1-32bit-3.0.4-150400.5.15.1 * pam_apparmor-32bit-3.0.4-150400.5.15.1 * libapparmor1-32bit-debuginfo-3.0.4-150400.5.15.1 * SUSE Manager Proxy 4.3 (x86_64) * pam_apparmor-32bit-debuginfo-3.0.4-150400.5.15.1 * apache2-mod_apparmor-debuginfo-3.0.4-150400.5.15.1 * libapparmor1-32bit-3.0.4-150400.5.15.1 * libapparmor1-3.0.4-150400.5.15.1 * apparmor-parser-debuginfo-3.0.4-150400.5.15.1 * libapparmor-debugsource-3.0.4-150400.5.15.1 * apparmor-parser-3.0.4-150400.5.15.1 * libapparmor1-32bit-debuginfo-3.0.4-150400.5.15.1 * pam_apparmor-3.0.4-150400.5.15.1 * python3-apparmor-debuginfo-3.0.4-150400.5.15.1 * libapparmor-devel-3.0.4-150400.5.15.1 * apparmor-debugsource-3.0.4-150400.5.15.1 * pam_apparmor-32bit-3.0.4-150400.5.15.1 * apache2-mod_apparmor-3.0.4-150400.5.15.1 * python3-apparmor-3.0.4-150400.5.15.1 * libapparmor1-debuginfo-3.0.4-150400.5.15.1 * pam_apparmor-debuginfo-3.0.4-150400.5.15.1 * SUSE Manager Proxy 4.3 (noarch) * apparmor-abstractions-3.0.4-150400.5.15.1 * apparmor-utils-lang-3.0.4-150400.5.15.1 * apparmor-utils-3.0.4-150400.5.15.1 * apparmor-profiles-3.0.4-150400.5.15.1 * apparmor-parser-lang-3.0.4-150400.5.15.1 * apparmor-docs-3.0.4-150400.5.15.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * pam_apparmor-32bit-debuginfo-3.0.4-150400.5.15.1 * apache2-mod_apparmor-debuginfo-3.0.4-150400.5.15.1 * libapparmor1-32bit-3.0.4-150400.5.15.1 * libapparmor1-3.0.4-150400.5.15.1 * apparmor-parser-debuginfo-3.0.4-150400.5.15.1 * libapparmor-debugsource-3.0.4-150400.5.15.1 * apparmor-parser-3.0.4-150400.5.15.1 * libapparmor1-32bit-debuginfo-3.0.4-150400.5.15.1 * pam_apparmor-3.0.4-150400.5.15.1 * python3-apparmor-debuginfo-3.0.4-150400.5.15.1 * libapparmor-devel-3.0.4-150400.5.15.1 * apparmor-debugsource-3.0.4-150400.5.15.1 * pam_apparmor-32bit-3.0.4-150400.5.15.1 * apache2-mod_apparmor-3.0.4-150400.5.15.1 * python3-apparmor-3.0.4-150400.5.15.1 * libapparmor1-debuginfo-3.0.4-150400.5.15.1 * pam_apparmor-debuginfo-3.0.4-150400.5.15.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * apparmor-abstractions-3.0.4-150400.5.15.1 * apparmor-utils-lang-3.0.4-150400.5.15.1 * apparmor-utils-3.0.4-150400.5.15.1 * apparmor-profiles-3.0.4-150400.5.15.1 * apparmor-parser-lang-3.0.4-150400.5.15.1 * apparmor-docs-3.0.4-150400.5.15.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * apache2-mod_apparmor-debuginfo-3.0.4-150400.5.15.1 * libapparmor1-3.0.4-150400.5.15.1 * apparmor-parser-debuginfo-3.0.4-150400.5.15.1 * libapparmor-debugsource-3.0.4-150400.5.15.1 * apparmor-parser-3.0.4-150400.5.15.1 * pam_apparmor-3.0.4-150400.5.15.1 * python3-apparmor-debuginfo-3.0.4-150400.5.15.1 * libapparmor-devel-3.0.4-150400.5.15.1 * apparmor-debugsource-3.0.4-150400.5.15.1 * apache2-mod_apparmor-3.0.4-150400.5.15.1 * python3-apparmor-3.0.4-150400.5.15.1 * libapparmor1-debuginfo-3.0.4-150400.5.15.1 * pam_apparmor-debuginfo-3.0.4-150400.5.15.1 * SUSE Manager Server 4.3 (noarch) * apparmor-abstractions-3.0.4-150400.5.15.1 * apparmor-utils-lang-3.0.4-150400.5.15.1 * apparmor-utils-3.0.4-150400.5.15.1 * apparmor-profiles-3.0.4-150400.5.15.1 * apparmor-parser-lang-3.0.4-150400.5.15.1 * apparmor-docs-3.0.4-150400.5.15.1 * SUSE Manager Server 4.3 (x86_64) * pam_apparmor-32bit-debuginfo-3.0.4-150400.5.15.1 * libapparmor1-32bit-3.0.4-150400.5.15.1 * pam_apparmor-32bit-3.0.4-150400.5.15.1 * libapparmor1-32bit-debuginfo-3.0.4-150400.5.15.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1232234 * https://bugzilla.suse.com/show_bug.cgi?id=1234452 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 7 12:31:51 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 07 May 2025 12:31:51 -0000 Subject: SUSE-SU-2025:1477-1: moderate: Security update for libva Message-ID: <174662111121.30275.12375314298302772716@smelt2.prg2.suse.org> # Security update for libva Announcement ID: SUSE-SU-2025:1477-1 Release Date: 2025-05-06T09:17:19Z Rating: moderate References: * bsc#1202828 * bsc#1217770 * bsc#1224413 * jsc#PED-11066 * jsc#PED-1174 * jsc#PM-1623 * jsc#SLE-12712 * jsc#SLE-19361 * jsc#SLE-8838 Cross-References: * CVE-2023-39929 CVSS scores: * CVE-2023-39929 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability, contains six features and has two security fixes can now be installed. ## Description: This update for libva fixes the following issues: Update to libva version 2.20.0, which includes security fix for: * uncontrolled search path may allow an authenticated user to escalate privilege via local access (CVE-2023-39929, bsc#1224413, jsc#PED-11066) This includes latest version of one of the components needed for Video (processing) hardware support on Intel GPUs (bsc#1217770) Update to version 2.20.0: * av1: Revise offsets comments for av1 encode * drm: * Limit the array size to avoid out of range * Remove no longer used helpers * jpeg: add support for crop and partial decode * trace: * Add trace for vaExportSurfaceHandle * Unlock mutex before return * Fix minor issue about printf data type and value range * va/backend: * Annotate vafool as deprecated * Document the vaGetDriver* APIs * va/x11/va_fglrx: Remove some dead code * va/x11/va_nvctrl: Remove some dead code * va: * Add new VADecodeErrorType to indicate the reset happended in the driver * Add vendor string on va_TraceInitialize * Added Q416 fourcc (three-plane 16-bit YUV 4:4:4) * Drop no longer applicable vaGetDriverNames check * Fix:don't leak driver names, when override is set * Fix:set driver number to be zero if vaGetDriverNames failed * Optimize code of getting driver name for all protocols/os (wayland,x11,drm,win32,android) * Remove legacy code paths * Remove unreachable "DRIVER BUG" * win32: * Only print win32 driver messages in DEBUG builds * Remove duplicate adapter_luid entry * x11/dri2: limit the array handling to avoid out of range access * x11: * Allow disabling DRI3 via LIBVA_DRI3_DISABLE env var * Implement vaGetDriverNames * Remove legacy code paths Update to 2.19.0: * add: Add mono_chrome to VAEncSequenceParameterBufferAV1 * add: Enable support for license acquisition of multiple protected playbacks * fix: use secure_getenv instead of getenv * trace: Improve and add VA trace log for AV1 encode * trace: Unify va log message, replace va_TracePrint with va_TraceMsg. Update to version 2.18.0: * doc: Add build and install libva informatio in home page. * fix: * Add libva.def into distribution package * NULL check before calling strncmp. * Remove reference to non-existent symbol * meson: docs: * Add encoder interface for av1 * Use libva_version over project_version() * va: * Add VAProfileH264High10 * Always build with va-messaging API * Fix the codying style of CHECK_DISPLAY * Remove Android pre Jelly Bean workarounds * Remove dummy isValid() hook * Remove unused drm_sarea.h include & ANDROID references in va_dricommon.h * va/sysdeps.h: remove Android section * x11: * Allow disabling DRI3 via LIBVA_DRI3_DISABLe env var * Use LIBVA_DRI3_DISABLE in GetNumCandidates Update to 2.17.0: * win: Simplify signature for driver name loading * win: Rewrite driver registry query and fix some bugs/leaks/inefficiencies * win: Add missing null check after calloc * va: Update security disclaimer * dep:remove the file .cvsignore * pkgconfig: add 'with-legacy' for emgd, nvctrl and fglrx * meson: add 'with-legacy' for emgd, nvctrl and fglrx * x11: move all FGLRX code to va_fglrx.c * x11: move all NVCTRL code to va_nvctrl.c * meson: stop using deprecated meson.source_root() * meson: stop using configure_file copy=true * va: correctly include the win32 (local) headers * win: clean-up the coding style * va: dos2unix all the files * drm: remove unnecessary dri2 version/extension query * trace: annotate internal functions with DLL_HIDDEN * build/sysdeps: Remove HAVE_GNUC_VISIBILITY_ATTRIBUTE and use _GNUC_ support level attribute instead * meson: Check support for -Wl,-version-script and build link_args accordingly * meson: Set va_win32 soversion to '' and remove the install_data rename * fix: resouce check null * va_trace: Add Win32 memory types in va_TraceSurfaceAttributes * va_trace: va_TraceSurfaceAttributes should check the VASurfaceAttribMemoryType * va: Adds Win32 Node and Windows build support * va: Adds compat_win32 abstraction for Windows build and prepares va common code for windows build * pkgconfig: Add Win32 package for when WITH_WIN32 is enabled * meson: Add with_win32 option, makes libdrm non-mandatory on Win * x11: add basic DRI3 support * drm: remove VA_DRM_IsRenderNodeFd() helper * drm: add radeon drm + radeonsi mesa combo Needed for jira#PED-1174 (Video decoding/encoding support (VA-API, ...) for Intel GPUs is outside of Mesa) update to 2.16.0: * add: Add HierarchicalFlag & hierarchical_level_plus1 for AV1e. * dep: Update README.md to remove badge links * dep: Removed waffle-io badge from README to fix broken link * dep: Drop mailing list, IRC and Slack * autotools: use wayland-scanner private-code * autotools: use the wayland-scanner.pc to locate the prog * meson: use wayland-scanner private-code * meson: request native wayland-scanner * meson: use the wayland-scanner.pc to locate the prog * meson: set HAVE_VA_X11 when applicable * style:Correct slight coding style in several new commits * trace: add Linux ftrace mode for va trace * trace: Add missing pthread_mutex_destroy * drm: remove no-longer needed X == X mappings * drm: fallback to drm driver name == va driver name * drm: simplify the mapping table * x11: simplify the mapping table Update to version 2.15.0 was part of Intel oneVPL GPU Runtime 2022Q2 Release 22.4.4 Update to 2.15.0: * Add: new display HW attribute to report PCI ID * Add: sample depth related parameters for AV1e * Add: refresh_frame_flags for AV1e * Add: missing fields in va_TraceVAEncSequenceParameterBufferHEVC. * Add: nvidia-drm to the drm driver map * Add: type and buffer for delta qp per block * Deprecation: remove the va_fool support * Fix:Correct the version of meson build on master branch * Fix:X11 DRI2: check if device is a render node * Build:Use also strong stack protection if supported * Trace:print the string for profile/entrypoint/configattrib Update to 2.14.0: * add: Add av1 encode interfaces * add: VA/X11 VAAPI driver mapping for crocus DRI driver * doc: Add description of the fd management for surface importing * ci: fix freebsd build * meson: Copy public headers to build directory to support subproject Update to 2.13.0: * add new surface format fourcc XYUV * Fix av1 dec doc page link issue * unify the code styles using the style_unify script * Check the function pointer before using (fixes github issue#536) * update NEWS for 2.13.0 update to 2.12.0: * add: Report the capability of vaCopy support * add: Report the capability of sub device * add: Add config attributes to advertise HEVC/H.265 encoder features * add: Video processing HVS Denoise: Added 4 modes * add: Introduce VASurfaceAttribDRMFormatModifiers * add: Add 3DLUT Filter in Video Processing. * doc: Update log2_tile_column description for vp9enc * trace: Correct av1 film grain trace information * ci: Fix freebsd build by switching to vmactions/freebsd-vm at v0.1.3 update to 2.11.0: * add: LibVA Protected Content API * add: Add a configuration attribute to advertise AV1d LST feature * fix: wayland: don't try to authenticate with render nodes * autotools: use shell grouping instead of sed to prepend a line * trace: Add details data dump for mpeg2 IQ matrix. * doc: update docs for VASurfaceAttribPixelFormat * doc: Libva documentation edit for AV1 reference frames * doc: Modify AV1 frame_width_minus1 and frame_height_minus1 comment * doc: Remove tile_rows and tile_cols restriction to match AV1 spec * doc: Format code for doxygen output * doc: AV1 decode documentation edit for superres_scale_denominator * ci: upgrade FreeBSD to 12.2 * ci: disable travis build * ci: update cache before attempting to install packages * ci: avoid running workloads on other workloads changes * ci: enable github actions update to 2.10.0: * add: Pass offset and size of pred_weight_table * add: add vaCopy interface to copy surface and buffer * add: add definition for different execution * add: New parameters for transport controlled BRC were added * add: add FreeBSD support * add: add a bufer type to adjust context priority dynamically * fix: correct the api version in meson.build * fix: remove deprecated variable from va_trace.c * fix: Use va_deprecated for the deprecate variable * fix: Mark chroma_sample_position as deprecated * doc: va_dec_av1: clarifies CDEF syntax element packing * doc: [AV1] Update documented ranges for loop filter and quantization params. * doc: Update va.h for multi-threaded usages * trace: va/va_trace: ignore system gettid() on Linux Update to 2.9.1: * fix version mismatch between meson and autotools Update to 2.9.0: * trace: Refine the va_TraceVAPictureParameterBufferAV1. * doc: Add comments for backward/forward reference to avoid confusion * doc: Modify comments in av1 decoder interfaces * doc: Update mailing list * Add SCC fields trace for HEVC SCC encoding. * Add FOURCC code for Y212 and Y412 format. * Add interpolation method for scaling. * add attributes for context priority setting * Add vaSyncBuffer for output buffers synchronization * Add vaSyncSurface2 with timeout Update to 2.8.0: * trace: enable return value trace for successful function call * trace: divide va_TraceEndPicture to two seperate function * trace: add support for VAProfileHEVCSccMain444_10 * fix:Fixes file descriptor leak * add fourcc code for P012 format * travis: Add a test that code files don't have the exec bit set * Remove the execute bit from all source code files * meson: Allow for libdir and includedir to be absolute paths * trace: Fix format string warnings * fix:Fix clang warning (reading garbage) * add definition to enforce both reflist not empty * trace: List correct field names in va_TraceVAPictureParameterBufferHEVC * change the return value to be UNIMPLEMENTED when the function pointer is NULL * remove check of vaPutSurface implementation * Add new slice structure flag for CAPS reporting * VA/X11: VAAPI driver mapping for iris DRI driver * VA/X11: enable driver candidate selection for DRI2 * Add SCC flags to enable/disable features * fix: Fix HDR10 MaxCLL and MaxFALL documentation * Add VAProfileHEVCSccMain444_10 for HEVC * change the compatible list to be dynamic one * trace:Convert VAProfileAV1Profile0 VAProfileAV1Profile1 to string Update to version 2.7.0: * trace: av1 decode buffers trace * trace: Add HEVC REXT and SCC trace for decoding. * Add av1 decode interfaces * Fix crashes on system without supported hardware by PR #369. * Add 2 FourCC for 10bit RGB(without Alpha) format: X2R10G10B10 and X2B10G10R10. * Fix android build issue #365 and remove some trailing whitespace * Adjust call sequence to ensure authenticate operation is executed to fix #355 Update to version 2.6.1: * adjust call sequence to ensure authenticate operation is executed this patch is not needed for media-driver, but needed for i965 driver which check authentication. Update to version 2.6.0: * enable the mutiple driver selection logic and enable it for DRM. * drm: Add iHD to driver_name_map * Add missed slice parameter 'slice_data_num_emu_prevn_bytes' * ensure that all meson files are part of the release tarball * configure: use correct comparison operator * trace: support VAConfigAttribMultipleFrame in trace * remove incorrect field of VAConfigAttribValDecJPEG * va/va_trace: Dump VP9 parameters for profile 1~3 * add multiple frame capability report * add variable to indicate layer infromation * trace: fix memory leak on closing the trace * add prediction direction caps report * Add comments for colour primaries and transfer characteristics in VAProcColorProperties This release is needed for latest intel-media-driver update (jsc#SLE-8838) Update to version 2.5.0: * Correct the comment of color_range. * Add VA_FOURCC_A2B10G10R10 for format a2b10g10r10. * Adjust VAEncMiscParameterQuantization structure to be align with VAEncMiscParameterBuffer(possible to impact BC) * Add attribute for max frame size * Add va_footer.html into distribution build * va_trace: hevc profiles added * Add new definition for input/output surface flag * va/va_trace: add trace support for VAEncMiscParameterTypeSkipFrame structure. * va/va_trace: add MPEG2 trace support for MiscParam and SequenceParam * va_openDriver: check strdup return value * Mark some duplicated field as deprecated * Add return value into logs * va/va_trace: add trace support for VAEncMiscParameterEncQuality structure. * Add newformat foucc defination * va_backend: remove unneeded linux/videodev2.h include * va_trace: add missing include * configure: don't build glx if VA/X11 isn't built * va/va_trace: unbreak with C89 after b369467 * [common] Add A2RGB10 fourcc definition * build: meson: enables va messaging and visibility * va/va_trace: add trace support for RIR(rolling intra refresh). * va/va_trace: add trace support for ROI(region of interest) Update to version 2.4.1: * [common] Add A2RGB10 fourcc definition. * build: meson: enables va messaging and visibility. * va/va_trace: * Add trace support for RIR(rolling intra refresh). * Add trace support for ROI(region of interest). Update to version 2.4.0: * va_TraceSurface support for VA_FOURCC_P010 * Add pointer to struct wl_interface for driver to use * (integrate) va: fix new line symbol in error message * av: avoid driver path truncation * Fix compilation warning (uninit and wrong variable types) for Android O MR1 * Allow import of the DRM PRIME 2 memory type * android: ignore unimportant compile warnnings * compile: fix sign/unsign compare in va_trace.c * android: replace utils/Log.h with log/log.h * High Dynamic Range Tone Mapping: Add a new filter for input metadata and some comments * Remove restrictions on vaSetDriverName() ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-1477=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1477=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libva-x11-2-debuginfo-2.20.0-3.3.4 * libva-drm2-debuginfo-2.20.0-3.3.4 * libva2-2.20.0-3.3.4 * libva-devel-2.20.0-3.3.4 * libva-drm2-2.20.0-3.3.4 * libva2-debuginfo-2.20.0-3.3.4 * libva-x11-2-2.20.0-3.3.4 * libva-debugsource-2.20.0-3.3.4 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libva-x11-2-debuginfo-2.20.0-3.3.4 * libva-drm2-debuginfo-2.20.0-3.3.4 * libva2-2.20.0-3.3.4 * libva-devel-2.20.0-3.3.4 * libva-drm2-2.20.0-3.3.4 * libva2-debuginfo-2.20.0-3.3.4 * libva-x11-2-2.20.0-3.3.4 * libva-debugsource-2.20.0-3.3.4 ## References: * https://www.suse.com/security/cve/CVE-2023-39929.html * https://bugzilla.suse.com/show_bug.cgi?id=1202828 * https://bugzilla.suse.com/show_bug.cgi?id=1217770 * https://bugzilla.suse.com/show_bug.cgi?id=1224413 * https://jira.suse.com/browse/PED-11066 * https://jira.suse.com/browse/PED-1174 * https://jira.suse.com/browse/PM-1623 * https://jira.suse.com/browse/SLE-12712 * https://jira.suse.com/browse/SLE-19361 * https://jira.suse.com/browse/SLE-8838 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 7 12:32:02 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 07 May 2025 12:32:02 -0000 Subject: SUSE-SU-2025:1464-1: moderate: Security update for ImageMagick Message-ID: <174662112256.30275.8930461963645467972@smelt2.prg2.suse.org> # Security update for ImageMagick Announcement ID: SUSE-SU-2025:1464-1 Release Date: 2025-05-05T18:49:06Z Rating: moderate References: * bsc#1241658 * bsc#1241659 Cross-References: * CVE-2025-43965 * CVE-2025-46393 CVSS scores: * CVE-2025-43965 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2025-43965 ( SUSE ): 5.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L * CVE-2025-43965 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-46393 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2025-46393 ( SUSE ): 5.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L * CVE-2025-46393 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * Desktop Applications Module 15-SP6 * openSUSE Leap 15.4 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for ImageMagick fixes the following issues: * CVE-2025-43965: Fixed mishandling of image depth after SetQuantumFormat is used in MIFF image processing. (bsc#1241659) * CVE-2025-46393: Fixed mishandling of packet_size leads to rendering of channels in arbitrary order in multispectral MIFF image processing. (bsc#1241658) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1464=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-1464=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * perl-PerlMagick-debuginfo-7.1.0.9-150400.6.30.1 * libMagick++-7_Q16HDRI5-7.1.0.9-150400.6.30.1 * ImageMagick-config-7-upstream-7.1.0.9-150400.6.30.1 * ImageMagick-debugsource-7.1.0.9-150400.6.30.1 * ImageMagick-devel-7.1.0.9-150400.6.30.1 * libMagickWand-7_Q16HDRI10-debuginfo-7.1.0.9-150400.6.30.1 * ImageMagick-debuginfo-7.1.0.9-150400.6.30.1 * libMagickWand-7_Q16HDRI10-7.1.0.9-150400.6.30.1 * libMagick++-7_Q16HDRI5-debuginfo-7.1.0.9-150400.6.30.1 * ImageMagick-7.1.0.9-150400.6.30.1 * libMagickCore-7_Q16HDRI10-debuginfo-7.1.0.9-150400.6.30.1 * ImageMagick-extra-7.1.0.9-150400.6.30.1 * ImageMagick-extra-debuginfo-7.1.0.9-150400.6.30.1 * libMagick++-devel-7.1.0.9-150400.6.30.1 * perl-PerlMagick-7.1.0.9-150400.6.30.1 * libMagickCore-7_Q16HDRI10-7.1.0.9-150400.6.30.1 * ImageMagick-config-7-SUSE-7.1.0.9-150400.6.30.1 * openSUSE Leap 15.4 (x86_64) * ImageMagick-devel-32bit-7.1.0.9-150400.6.30.1 * libMagick++-devel-32bit-7.1.0.9-150400.6.30.1 * libMagickWand-7_Q16HDRI10-32bit-debuginfo-7.1.0.9-150400.6.30.1 * libMagick++-7_Q16HDRI5-32bit-debuginfo-7.1.0.9-150400.6.30.1 * libMagick++-7_Q16HDRI5-32bit-7.1.0.9-150400.6.30.1 * libMagickCore-7_Q16HDRI10-32bit-7.1.0.9-150400.6.30.1 * libMagickCore-7_Q16HDRI10-32bit-debuginfo-7.1.0.9-150400.6.30.1 * libMagickWand-7_Q16HDRI10-32bit-7.1.0.9-150400.6.30.1 * openSUSE Leap 15.4 (noarch) * ImageMagick-doc-7.1.0.9-150400.6.30.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libMagick++-7_Q16HDRI5-64bit-7.1.0.9-150400.6.30.1 * libMagick++-devel-64bit-7.1.0.9-150400.6.30.1 * libMagick++-7_Q16HDRI5-64bit-debuginfo-7.1.0.9-150400.6.30.1 * libMagickWand-7_Q16HDRI10-64bit-7.1.0.9-150400.6.30.1 * libMagickWand-7_Q16HDRI10-64bit-debuginfo-7.1.0.9-150400.6.30.1 * libMagickCore-7_Q16HDRI10-64bit-7.1.0.9-150400.6.30.1 * libMagickCore-7_Q16HDRI10-64bit-debuginfo-7.1.0.9-150400.6.30.1 * ImageMagick-devel-64bit-7.1.0.9-150400.6.30.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * ImageMagick-debuginfo-7.1.0.9-150400.6.30.1 * ImageMagick-config-7-upstream-7.1.0.9-150400.6.30.1 * ImageMagick-debugsource-7.1.0.9-150400.6.30.1 ## References: * https://www.suse.com/security/cve/CVE-2025-43965.html * https://www.suse.com/security/cve/CVE-2025-46393.html * https://bugzilla.suse.com/show_bug.cgi?id=1241658 * https://bugzilla.suse.com/show_bug.cgi?id=1241659 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 7 12:31:54 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 07 May 2025 12:31:54 -0000 Subject: SUSE-SU-2025:1466-1: moderate: Security update for rabbitmq-server Message-ID: <174662111434.30275.16504308943476533612@smelt2.prg2.suse.org> # Security update for rabbitmq-server Announcement ID: SUSE-SU-2025:1466-1 Release Date: 2025-05-06T06:06:40Z Rating: moderate References: * bsc#1240071 Cross-References: * CVE-2025-30219 CVSS scores: * CVE-2025-30219 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-30219 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:L * CVE-2025-30219 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:L Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for rabbitmq-server fixes the following issues: * CVE-2025-30219: Fixed XSS in an error message in Management UI (bsc#1240071) Other fixes: \- Disable parallel make, this causes build failures ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-1466=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1466=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-1466=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * rabbitmq-server-plugins-3.8.11-150300.3.19.1 * erlang-rabbitmq-client-3.8.11-150300.3.19.1 * rabbitmq-server-3.8.11-150300.3.19.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * rabbitmq-server-plugins-3.8.11-150300.3.19.1 * erlang-rabbitmq-client-3.8.11-150300.3.19.1 * rabbitmq-server-3.8.11-150300.3.19.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * rabbitmq-server-plugins-3.8.11-150300.3.19.1 * erlang-rabbitmq-client-3.8.11-150300.3.19.1 * rabbitmq-server-3.8.11-150300.3.19.1 ## References: * https://www.suse.com/security/cve/CVE-2025-30219.html * https://bugzilla.suse.com/show_bug.cgi?id=1240071 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 7 12:31:59 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 07 May 2025 12:31:59 -0000 Subject: SUSE-SU-2025:1465-1: important: Security update for apache2-mod_auth_openidc Message-ID: <174662111923.30275.11460097694317939336@smelt2.prg2.suse.org> # Security update for apache2-mod_auth_openidc Announcement ID: SUSE-SU-2025:1465-1 Release Date: 2025-05-05T21:04:41Z Rating: important References: * bsc#1240893 Cross-References: * CVE-2025-31492 CVSS scores: * CVE-2025-31492 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-31492 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-31492 ( NVD ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for apache2-mod_auth_openidc fixes the following issues: * CVE-2025-31492: Fixed a bug where OIDCProviderAuthRequestMethod POSTs can leak protected data. (bsc#1240893) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-1465=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1465=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * apache2-mod_auth_openidc-debugsource-2.4.0-7.19.1 * apache2-mod_auth_openidc-2.4.0-7.19.1 * apache2-mod_auth_openidc-debuginfo-2.4.0-7.19.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * apache2-mod_auth_openidc-debugsource-2.4.0-7.19.1 * apache2-mod_auth_openidc-2.4.0-7.19.1 * apache2-mod_auth_openidc-debuginfo-2.4.0-7.19.1 ## References: * https://www.suse.com/security/cve/CVE-2025-31492.html * https://bugzilla.suse.com/show_bug.cgi?id=1240893 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 7 12:32:05 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 07 May 2025 12:32:05 -0000 Subject: SUSE-RU-2025:1462-1: moderate: Recommended update for google-cloud-sap-agent Message-ID: <174662112596.30275.14852931011304046886@smelt2.prg2.suse.org> # Recommended update for google-cloud-sap-agent Announcement ID: SUSE-RU-2025:1462-1 Release Date: 2025-05-05T15:10:42Z Rating: moderate References: * bsc#1238831 * bsc#1238833 Affected Products: * Public Cloud Module 12 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that has two fixes can now be installed. ## Description: This update for google-cloud-sap-agent contains the following fixes: * Update to version v3.7: (bsc#1238831, bsc#1238833) * No public description * Moving CG disk validation to CheckPreConditions * Fix issue with filling in ha_hosts in HANA systems * Use updated UAP method for Guest Actions * Fix grep command used for landscape ID discovery * Correct arguments used by HANA disk discovery. * Add tagged disks to discovery data sent to Data Warehouse * Identify disks by mount point in SAP System data. * Auto updated compiled protocol buffers * Add collection for WLM Pacemaker alias IP setting. * Add the Maintenance Events Sample Dashboard * Auto updated compiled protocol buffers * Remove obsolete events proto from sapagent * Auto updated compiled protocol buffers * Add collection for WLM Pacemaker health check and internal load balancer metrics. * Auto updated compiled protocol buffers * Add collection for WLM Pacemaker SAPInstance automatic recover and monitor settings. * Remove restart logic used in configure OTE. Rely on config poller. * fixing TypedValue * migrating from the platform integration/common/shared to sharedlibraries * Default topology to SCALE_UP for non-HANA DBs. * Remove restarting from guestactions * Update to version v3.6: * Removing experimental check. Enable config poller by default. * removing the experimental check from role based awareness in HANA Monitoring * adding oldest_backup_catalog_data_queries in HANA Monitoring * added backup_catalog_size_queries to HANA Monitoring * adding latest_log_backup_queries in HANA Monitoring * adding data backup duration queries * adding data backup log catalog queries * adding backups/log/catalog metric in HANA Monitoring * running the proto compile on push * only building and submitting protocol buffers when .proto files are modified * Auto updated compiled protocol buffers * fixes the build failure notifications, forcing a proto compile on this submit, will update with paths after * compiling protos on submit, removes the need for a submodule doring normal github clone and build * Add collection for whether UEFI is enabled on the OS. * fix panic in HANA Monitoring when Role based awareness is invoked * Moving references to the sharedproto dir * Add collection for WLM Pacemaker SAP HANA failover settings. * Add collection for WLM Pacemaker SAP HANA topology attributes. * Fix bug in parsing of Pacemaker XML resource clone tags. * Don't return before having a chance to discover non HANA DBs * Set "min_version" for Pacemaker metrics newly added for v3.7. * Add db type and host info to app discovery to support discovery of non HANA dbs * Add collection for WLM Pacemaker SAP HANA monitor metrics. * Read HANA landscape ID from nameserver.ini * Enable DR reconciliation for new SAP Agent builds * Fix for number of lines for CheckTopology * Add collection for WLM Pacemaker SAP HANA Topology start/stop timeout metrics. * Add a check to verify if disk names with specified prefix already exist * Update backup and restore logic for scaleout setup * Add support for restoration of disks in scaleout systems * Adding support for backing up disks for scaleout systems. * Use TimeoutSec for all command executions in configureinstance subcommand * Remove configureinstance overrideVersion parameter * allow query overrides to modify RunOn field for a query in HANA Monitoring * Adding new Backint config parameters to the agent status report * fixes issue where the windows service delete can hang until the session is closed * Rename status name to Workload Manager Evaluation * Add object retention optional parameter to Backint - Agent for SAP * Update HANA Disk Restore functions to use revised interface methods. * Using temporary attachDisk interface instead of old interface * Add IAM tests for backint, wlm metrics, system discovery and disk snapshot * Add reference links to status ote * Fix race condition causing flaky unit test. * Change labels var name from "l" to "labels". * Explicitly specify default empty string values for new Pacemaker metrics. * Adds the winservice OTE and fixes the windows install / uninstall * Add functional checks for system discovery status ote. * Move configurablemetrics package into shared repository. * sap/nw/instance/role metric fix for SAP NW Java * Update HANA HA availability metric to account for DR setups. * DR discovery * Adds "-compact" flag to status ote for less verbose output. * Remove extra labels from reliability query * adds a replace for the submodule common code * Add functional checks for Hostmetrics, Processmetrics and Hanamonitoring in Status OTE * updates the go.mod and go.sum for platform changes * Compiles the platform and sapagent protos together * Adds the workloadagentplatform as a submoduile * Correct process names used for Netweaver Role identification * Add the functionality to provide the new disk prefix for group snapshot. * Add utility modules for sapagent IAM permissions * Add WLM collection for Pacemaker ERS metrics. * Update go.mod and sum * No public description * Move shared packages and protos from sapagent to workloadagentplatform * adding the handling for auth errors in case of connection retrial loop in hana monitoring * Add instance_name to labels for live migration metric event * Add log level functionality to metric events. * Add the IAM package with permission checking functionalities for checking permissions on GCP Project, Buckets, Secrets, and Disk * adding collection logic for Pacemkaer HANA clone attributes * Fix discovering virtual hostname for instances * Implements API scope full access check for Status OTE * SAP Events - Prepend full URL for availability metrics * Functional checks for Backint in Status OTE * Add Backint config value parsing/printing to Status OTE * adding WLM pacemaker stonith cluster property metric collection * adding WLM metric collection for OP timeout * Add Insight type for torso workload validation. * Add Insight type for torso workload validation. * Status OTE make service status a "State" type rather than bool. * ConfigureInstance - update SAPTune re-apply logic to support multiple solutions * Add agent health metrics to iam-permissions.yaml * adding retrials for connecting to databases till all are submitted in workerpool * Add network and subnetwork discovery to SAP System discovery process. * Add instance_name label to process metrics * Fix formatting in some log messages * only notifying on build failure for main branch * Add IAM Audit yaml that lists IAM permissions for various agent functionalities * Order labels in metric events * adding a separate check for HANA DB instances not defined in HANA Monitoring Configuration * Use the common rest package in instantsnapshotgroup * Add support for event overview and analysis to aianalyze. * Fix log message * updates to the build process * Only print denied/error IAM permissions in status ote * Fix enqueue_server WLM metric collection. * Status OTE switch IAM "role" to "permission" * Buffer metric event writes to group similar paths and reduce bloat * Add ASCS metrics to WLM collection definition. * Adding helpers and for aianalyze * Adding helpers and for aianalyze * Fix status OTE commandlineexecutor * Configuration validation in status OTE * Move sapagent GCS storage logic to shared * Add support analyzer one time command. * internal change * Ensure that performancediagnosticshandler_test will run quickly * copy /var/log/messages to support bundle * Change status proto `fullyfunctional` from bool to state enum * Get available version and systemd info in Status OTE * Add testable commandlineexecutor to supportbundle and performancediagnostics to address github test waits * Add WLM Pacemaker metric collection category for ASCS metrics. * Config validation in Status OTE * updates the github action notify * Bump sapagent version to 3.7. * Add ping functionality for hdbuserstore connections in databaseconnector * Remove assumption of package name and repo name being the same for getting latest agent version status * Add extra checks around file not existing in configureinstance * Add more states to bools in status OTE * Update the link to the next steps for HANA restore from disk snapshot. * Improvements to Pacemaker metrics tests. * Add identifier to netweaver availability * Simplify Workload Manager Pacemaker tests. * Add proper labels for availability SAP Events. * Add collection for WLM Pacemaker metric `gcpstonith`. * Add logging to cloudmetricreader and fix typo in configurationmetricreader * Skeleton code and agent status checks for status OTE * Configureinstance parameter name fix * Configureinstance parameter name fix for backport * MultipartUpload OTE * Add helpers for agent installation and service status * Improved error handling for GCE operations ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Public Cloud Module 12 zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2025-1462=1 ## Package List: * Public Cloud Module 12 (aarch64 ppc64le s390x x86_64) * google-cloud-sap-agent-3.7-6.46.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1238831 * https://bugzilla.suse.com/show_bug.cgi?id=1238833 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 7 12:32:08 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 07 May 2025 12:32:08 -0000 Subject: SUSE-RU-2025:1461-1: moderate: Recommended update for google-cloud-sap-agent Message-ID: <174662112854.30275.4020693928866633087@smelt2.prg2.suse.org> # Recommended update for google-cloud-sap-agent Announcement ID: SUSE-RU-2025:1461-1 Release Date: 2025-05-05T15:10:30Z Rating: moderate References: * bsc#1238831 * bsc#1238833 Affected Products: * openSUSE Leap 15.6 * Public Cloud Module 15-SP3 * Public Cloud Module 15-SP4 * Public Cloud Module 15-SP5 * Public Cloud Module 15-SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.2 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.2 * SUSE Manager Server 4.3 An update that has two fixes can now be installed. ## Description: This update for google-cloud-sap-agent fixes the following issues: * Update to version v3.7: (bsc#1238831, bsc#1238833) * No public description * Moving CG disk validation to CheckPreConditions * Fix issue with filling in ha_hosts in HANA systems * Use updated UAP method for Guest Actions * Fix grep command used for landscape ID discovery * Correct arguments used by HANA disk discovery. * Add tagged disks to discovery data sent to Data Warehouse * Identify disks by mount point in SAP System data. * Auto updated compiled protocol buffers * Add collection for WLM Pacemaker alias IP setting. * Add the Maintenance Events Sample Dashboard * Auto updated compiled protocol buffers * Remove obsolete events proto from sapagent * Auto updated compiled protocol buffers * Add collection for WLM Pacemaker health check and internal load balancer metrics. * Auto updated compiled protocol buffers * Add collection for WLM Pacemaker SAPInstance automatic recover and monitor settings. * Remove restart logic used in configure OTE. Rely on config poller. * fixing TypedValue * migrating from the platform integration/common/shared to sharedlibraries * Default topology to SCALE_UP for non-HANA DBs. * Remove restarting from guestactions * Update to version v3.6: * Removing experimental check. Enable config poller by default. * removing the experimental check from role based awareness in HANA Monitoring * adding oldest_backup_catalog_data_queries in HANA Monitoring * added backup_catalog_size_queries to HANA Monitoring * adding latest_log_backup_queries in HANA Monitoring * adding data backup duration queries * adding data backup log catalog queries * adding backups/log/catalog metric in HANA Monitoring * running the proto compile on push * only building and submitting protocol buffers when .proto files are modified * Auto updated compiled protocol buffers * fixes the build failure notifications, forcing a proto compile on this submit, will update with paths after * compiling protos on submit, removes the need for a submodule doring normal github clone and build * Add collection for whether UEFI is enabled on the OS. * fix panic in HANA Monitoring when Role based awareness is invoked * Moving references to the sharedproto dir * Add collection for WLM Pacemaker SAP HANA failover settings. * Add collection for WLM Pacemaker SAP HANA topology attributes. * Fix bug in parsing of Pacemaker XML resource clone tags. * Don't return before having a chance to discover non HANA DBs * Set "min_version" for Pacemaker metrics newly added for v3.7. * Add db type and host info to app discovery to support discovery of non HANA dbs * Add collection for WLM Pacemaker SAP HANA monitor metrics. * Read HANA landscape ID from nameserver.ini * Enable DR reconciliation for new SAP Agent builds * Fix for number of lines for CheckTopology * Add collection for WLM Pacemaker SAP HANA Topology start/stop timeout metrics. * Add a check to verify if disk names with specified prefix already exist * Update backup and restore logic for scaleout setup * Add support for restoration of disks in scaleout systems * Adding support for backing up disks for scaleout systems. * Use TimeoutSec for all command executions in configureinstance subcommand * Remove configureinstance overrideVersion parameter * allow query overrides to modify RunOn field for a query in HANA Monitoring * Adding new Backint config parameters to the agent status report * fixes issue where the windows service delete can hang until the session is closed * Rename status name to Workload Manager Evaluation * Add object retention optional parameter to Backint - Agent for SAP * Update HANA Disk Restore functions to use revised interface methods. * Using temporary attachDisk interface instead of old interface * Add IAM tests for backint, wlm metrics, system discovery and disk snapshot * Add reference links to status ote * Fix race condition causing flaky unit test. * Change labels var name from "l" to "labels". * Explicitly specify default empty string values for new Pacemaker metrics. * Adds the winservice OTE and fixes the windows install / uninstall * Add functional checks for system discovery status ote. * Move configurablemetrics package into shared repository. * sap/nw/instance/role metric fix for SAP NW Java * Update HANA HA availability metric to account for DR setups. * DR discovery * Adds "-compact" flag to status ote for less verbose output. * Remove extra labels from reliability query * adds a replace for the submodule common code * Add functional checks for Hostmetrics, Processmetrics and Hanamonitoring in Status OTE * updates the go.mod and go.sum for platform changes * Compiles the platform and sapagent protos together * Adds the workloadagentplatform as a submoduile * Correct process names used for Netweaver Role identification * Add the functionality to provide the new disk prefix for group snapshot. * Add utility modules for sapagent IAM permissions * Add WLM collection for Pacemaker ERS metrics. * Update go.mod and sum * No public description * Move shared packages and protos from sapagent to workloadagentplatform * adding the handling for auth errors in case of connection retrial loop in hana monitoring * Add instance_name to labels for live migration metric event * Add log level functionality to metric events. * Add the IAM package with permission checking functionalities for checking permissions on GCP Project, Buckets, Secrets, and Disk * adding collection logic for Pacemkaer HANA clone attributes * Fix discovering virtual hostname for instances * Implements API scope full access check for Status OTE * SAP Events - Prepend full URL for availability metrics * Functional checks for Backint in Status OTE * Add Backint config value parsing/printing to Status OTE * adding WLM pacemaker stonith cluster property metric collection * adding WLM metric collection for OP timeout * Add Insight type for torso workload validation. * Add Insight type for torso workload validation. * Status OTE make service status a "State" type rather than bool. * ConfigureInstance - update SAPTune re-apply logic to support multiple solutions * Add agent health metrics to iam-permissions.yaml * adding retrials for connecting to databases till all are submitted in workerpool * Add network and subnetwork discovery to SAP System discovery process. * Add instance_name label to process metrics * Fix formatting in some log messages * only notifying on build failure for main branch * Add IAM Audit yaml that lists IAM permissions for various agent functionalities * Order labels in metric events * adding a separate check for HANA DB instances not defined in HANA Monitoring Configuration * Use the common rest package in instantsnapshotgroup * Add support for event overview and analysis to aianalyze. * Fix log message * updates to the build process * Only print denied/error IAM permissions in status ote * Fix enqueue_server WLM metric collection. * Status OTE switch IAM "role" to "permission" * Buffer metric event writes to group similar paths and reduce bloat * Add ASCS metrics to WLM collection definition. * Adding helpers and for aianalyze * Adding helpers and for aianalyze * Fix status OTE commandlineexecutor * Configuration validation in status OTE * Move sapagent GCS storage logic to shared * Add support analyzer one time command. * internal change * Ensure that performancediagnosticshandler_test will run quickly * copy /var/log/messages to support bundle * Change status proto `fullyfunctional` from bool to state enum * Get available version and systemd info in Status OTE * Add testable commandlineexecutor to supportbundle and performancediagnostics to address github test waits * Add WLM Pacemaker metric collection category for ASCS metrics. * Config validation in Status OTE * updates the github action notify * Bump sapagent version to 3.7. * Add ping functionality for hdbuserstore connections in databaseconnector * Remove assumption of package name and repo name being the same for getting latest agent version status * Add extra checks around file not existing in configureinstance * Add more states to bools in status OTE * Update the link to the next steps for HANA restore from disk snapshot. * Improvements to Pacemaker metrics tests. * Add identifier to netweaver availability * Simplify Workload Manager Pacemaker tests. * Add proper labels for availability SAP Events. * Add collection for WLM Pacemaker metric `gcpstonith`. * Add logging to cloudmetricreader and fix typo in configurationmetricreader * Skeleton code and agent status checks for status OTE * Configureinstance parameter name fix * Configureinstance parameter name fix for backport * MultipartUpload OTE * Add helpers for agent installation and service status * Improved error handling for GCE operations ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1461=1 * Public Cloud Module 15-SP3 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2025-1461=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2025-1461=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2025-1461=1 * Public Cloud Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2025-1461=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * google-cloud-sap-agent-3.7-150100.3.47.1 * Public Cloud Module 15-SP3 (aarch64 ppc64le s390x x86_64) * google-cloud-sap-agent-3.7-150100.3.47.1 * Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64) * google-cloud-sap-agent-3.7-150100.3.47.1 * Public Cloud Module 15-SP5 (aarch64 ppc64le s390x x86_64) * google-cloud-sap-agent-3.7-150100.3.47.1 * Public Cloud Module 15-SP6 (aarch64 ppc64le s390x x86_64) * google-cloud-sap-agent-3.7-150100.3.47.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1238831 * https://bugzilla.suse.com/show_bug.cgi?id=1238833 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 7 12:32:11 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 07 May 2025 12:32:11 -0000 Subject: SUSE-RU-2025:1459-1: critical: Recommended update for python-azure-agent Message-ID: <174662113185.30275.289162506117035677@smelt2.prg2.suse.org> # Recommended update for python-azure-agent Announcement ID: SUSE-RU-2025:1459-1 Release Date: 2025-05-05T13:06:58Z Rating: critical References: * bsc#1240385 Affected Products: * Public Cloud Module 12 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that has one fix can now be installed. ## Description: This update for python-azure-agent fixes the following issues: Fix regression for SLE 12 as described below: * Fix %suse_version conditional in spec file so package is built using python2 in SLE 12 (bsc#1240385) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Public Cloud Module 12 zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2025-1459=1 ## Package List: * Public Cloud Module 12 (noarch) * python-azure-agent-2.12.0.4-34.57.1 * python-azure-agent-config-hpc-2.12.0.4-34.57.1 * python-azure-agent-config-default-2.12.0.4-34.57.1 * python-azure-agent-config-micro-2.12.0.4-34.57.1 * python-azure-agent-config-server-2.12.0.4-34.57.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1240385 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 7 12:32:13 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 07 May 2025 12:32:13 -0000 Subject: SUSE-SU-2025:1457-1: moderate: Security update for glib2 Message-ID: <174662113366.30275.7319503081687116336@smelt2.prg2.suse.org> # Security update for glib2 Announcement ID: SUSE-SU-2025:1457-1 Release Date: 2025-05-05T10:56:44Z Rating: moderate References: * bsc#1240897 Cross-References: * CVE-2025-3360 CVSS scores: * CVE-2025-3360 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-3360 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-3360 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that solves one vulnerability can now be installed. ## Description: This update for glib2 fixes the following issues: * CVE-2025-3360: Fixed integer overflow and buffer underread when parsing a very long and invalid ISO 8601 timestamp with g_date_time_new_from_iso8601() (bsc#1240897) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-1457=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1457=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1457=1 ## Package List: * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * libgmodule-2_0-0-2.62.6-150200.3.27.1 * libgobject-2_0-0-2.62.6-150200.3.27.1 * glib2-tools-2.62.6-150200.3.27.1 * glib2-debugsource-2.62.6-150200.3.27.1 * libgmodule-2_0-0-debuginfo-2.62.6-150200.3.27.1 * glib2-tools-debuginfo-2.62.6-150200.3.27.1 * libgobject-2_0-0-debuginfo-2.62.6-150200.3.27.1 * libglib-2_0-0-2.62.6-150200.3.27.1 * libglib-2_0-0-debuginfo-2.62.6-150200.3.27.1 * libgio-2_0-0-2.62.6-150200.3.27.1 * libgio-2_0-0-debuginfo-2.62.6-150200.3.27.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * libgmodule-2_0-0-2.62.6-150200.3.27.1 * libgobject-2_0-0-2.62.6-150200.3.27.1 * glib2-tools-2.62.6-150200.3.27.1 * glib2-debugsource-2.62.6-150200.3.27.1 * libgmodule-2_0-0-debuginfo-2.62.6-150200.3.27.1 * glib2-tools-debuginfo-2.62.6-150200.3.27.1 * libgobject-2_0-0-debuginfo-2.62.6-150200.3.27.1 * libglib-2_0-0-2.62.6-150200.3.27.1 * libglib-2_0-0-debuginfo-2.62.6-150200.3.27.1 * libgio-2_0-0-2.62.6-150200.3.27.1 * libgio-2_0-0-debuginfo-2.62.6-150200.3.27.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * libgmodule-2_0-0-2.62.6-150200.3.27.1 * libgobject-2_0-0-2.62.6-150200.3.27.1 * glib2-tools-2.62.6-150200.3.27.1 * glib2-debugsource-2.62.6-150200.3.27.1 * libgmodule-2_0-0-debuginfo-2.62.6-150200.3.27.1 * glib2-tools-debuginfo-2.62.6-150200.3.27.1 * libgobject-2_0-0-debuginfo-2.62.6-150200.3.27.1 * libglib-2_0-0-2.62.6-150200.3.27.1 * libglib-2_0-0-debuginfo-2.62.6-150200.3.27.1 * libgio-2_0-0-2.62.6-150200.3.27.1 * libgio-2_0-0-debuginfo-2.62.6-150200.3.27.1 ## References: * https://www.suse.com/security/cve/CVE-2025-3360.html * https://bugzilla.suse.com/show_bug.cgi?id=1240897 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 7 12:32:16 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 07 May 2025 12:32:16 -0000 Subject: SUSE-SU-2025:1456-1: moderate: Security update for sqlite3 Message-ID: <174662113670.30275.12642093545818499945@smelt2.prg2.suse.org> # Security update for sqlite3 Announcement ID: SUSE-SU-2025:1456-1 Release Date: 2025-05-05T10:52:31Z Rating: moderate References: * bsc#1241020 * bsc#1241078 * jsc#SLE-16032 Cross-References: * CVE-2025-29087 * CVE-2025-29088 CVSS scores: * CVE-2025-29087 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2025-29087 ( SUSE ): 5.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L * CVE-2025-29087 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-29087 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-29087 ( NVD ): 3.2 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L * CVE-2025-29088 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-29088 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-29088 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-29088 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities and contains one feature can now be installed. ## Description: This update for sqlite3 fixes the following issues: * CVE-2025-29087: Fixed integer overflow in sqlite concat function (bsc#1241020) * CVE-2025-29088: Fixed integer overflow through the SQLITE_DBCONFIG_LOOKASIDE component (bsc#1241078) Other fixes: * Updated to version 3.49.1 from Factory (jsc#SLE-16032) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1456=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1456=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1456=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1456=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1456=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-1456=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1456=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-1456=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1456=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1456=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * sqlite3-tcl-3.49.1-150000.3.27.1 * sqlite3-debugsource-3.49.1-150000.3.27.1 * libsqlite3-0-debuginfo-3.49.1-150000.3.27.1 * sqlite3-tcl-debuginfo-3.49.1-150000.3.27.1 * sqlite3-debuginfo-3.49.1-150000.3.27.1 * sqlite3-3.49.1-150000.3.27.1 * sqlite3-devel-3.49.1-150000.3.27.1 * libsqlite3-0-3.49.1-150000.3.27.1 * openSUSE Leap 15.6 (x86_64) * libsqlite3-0-32bit-debuginfo-3.49.1-150000.3.27.1 * libsqlite3-0-32bit-3.49.1-150000.3.27.1 * openSUSE Leap 15.6 (noarch) * sqlite3-doc-3.49.1-150000.3.27.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * sqlite3-tcl-3.49.1-150000.3.27.1 * sqlite3-debugsource-3.49.1-150000.3.27.1 * libsqlite3-0-debuginfo-3.49.1-150000.3.27.1 * sqlite3-debuginfo-3.49.1-150000.3.27.1 * libsqlite3-0-3.49.1-150000.3.27.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * sqlite3-tcl-3.49.1-150000.3.27.1 * sqlite3-debugsource-3.49.1-150000.3.27.1 * libsqlite3-0-debuginfo-3.49.1-150000.3.27.1 * sqlite3-debuginfo-3.49.1-150000.3.27.1 * libsqlite3-0-3.49.1-150000.3.27.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * sqlite3-tcl-3.49.1-150000.3.27.1 * sqlite3-debugsource-3.49.1-150000.3.27.1 * libsqlite3-0-debuginfo-3.49.1-150000.3.27.1 * sqlite3-tcl-debuginfo-3.49.1-150000.3.27.1 * sqlite3-debuginfo-3.49.1-150000.3.27.1 * libsqlite3-0-3.49.1-150000.3.27.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * sqlite3-tcl-3.49.1-150000.3.27.1 * sqlite3-debugsource-3.49.1-150000.3.27.1 * libsqlite3-0-debuginfo-3.49.1-150000.3.27.1 * sqlite3-tcl-debuginfo-3.49.1-150000.3.27.1 * sqlite3-debuginfo-3.49.1-150000.3.27.1 * libsqlite3-0-3.49.1-150000.3.27.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * sqlite3-tcl-3.49.1-150000.3.27.1 * sqlite3-debugsource-3.49.1-150000.3.27.1 * libsqlite3-0-debuginfo-3.49.1-150000.3.27.1 * sqlite3-tcl-debuginfo-3.49.1-150000.3.27.1 * sqlite3-debuginfo-3.49.1-150000.3.27.1 * libsqlite3-0-3.49.1-150000.3.27.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * sqlite3-tcl-3.49.1-150000.3.27.1 * sqlite3-debugsource-3.49.1-150000.3.27.1 * libsqlite3-0-debuginfo-3.49.1-150000.3.27.1 * sqlite3-tcl-debuginfo-3.49.1-150000.3.27.1 * sqlite3-debuginfo-3.49.1-150000.3.27.1 * sqlite3-3.49.1-150000.3.27.1 * sqlite3-devel-3.49.1-150000.3.27.1 * libsqlite3-0-3.49.1-150000.3.27.1 * Basesystem Module 15-SP6 (x86_64) * libsqlite3-0-32bit-debuginfo-3.49.1-150000.3.27.1 * libsqlite3-0-32bit-3.49.1-150000.3.27.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * sqlite3-debugsource-3.49.1-150000.3.27.1 * libsqlite3-0-debuginfo-3.49.1-150000.3.27.1 * libsqlite3-0-3.49.1-150000.3.27.1 * sqlite3-debuginfo-3.49.1-150000.3.27.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * sqlite3-debugsource-3.49.1-150000.3.27.1 * libsqlite3-0-debuginfo-3.49.1-150000.3.27.1 * libsqlite3-0-3.49.1-150000.3.27.1 * sqlite3-debuginfo-3.49.1-150000.3.27.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * sqlite3-debugsource-3.49.1-150000.3.27.1 * libsqlite3-0-debuginfo-3.49.1-150000.3.27.1 * libsqlite3-0-3.49.1-150000.3.27.1 * sqlite3-debuginfo-3.49.1-150000.3.27.1 ## References: * https://www.suse.com/security/cve/CVE-2025-29087.html * https://www.suse.com/security/cve/CVE-2025-29088.html * https://bugzilla.suse.com/show_bug.cgi?id=1241020 * https://bugzilla.suse.com/show_bug.cgi?id=1241078 * https://jira.suse.com/browse/SLE-16032 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 7 12:32:21 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 07 May 2025 12:32:21 -0000 Subject: SUSE-SU-2025:1455-1: moderate: Security update for sqlite3 Message-ID: <174662114159.30275.16986260224035588554@smelt2.prg2.suse.org> # Security update for sqlite3 Announcement ID: SUSE-SU-2025:1455-1 Release Date: 2025-05-05T10:51:42Z Rating: moderate References: * bsc#1241020 * bsc#1241078 * jsc#SLE-16032 Cross-References: * CVE-2025-29087 * CVE-2025-29088 CVSS scores: * CVE-2025-29087 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2025-29087 ( SUSE ): 5.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L * CVE-2025-29087 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-29087 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-29087 ( NVD ): 3.2 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L * CVE-2025-29088 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-29088 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-29088 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-29088 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves two vulnerabilities and contains one feature can now be installed. ## Description: This update for sqlite3 fixes the following issues: * CVE-2025-29087: Fixed integer overflow in sqlite concat function (bsc#1241020) * CVE-2025-29088: Fixed integer overflow through the SQLITE_DBCONFIG_LOOKASIDE component (bsc#1241078) Other fixes: * Updated to version 3.49.1 from Factory (jsc#SLE-16032) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1455=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libsqlite3-0-32bit-3.49.1-9.33.1 * sqlite3-3.49.1-9.33.1 * libsqlite3-0-debuginfo-32bit-3.49.1-9.33.1 * sqlite3-debuginfo-3.49.1-9.33.1 * libsqlite3-0-debuginfo-3.49.1-9.33.1 * libsqlite3-0-3.49.1-9.33.1 * sqlite3-tcl-3.49.1-9.33.1 * sqlite3-devel-3.49.1-9.33.1 * sqlite3-debugsource-3.49.1-9.33.1 ## References: * https://www.suse.com/security/cve/CVE-2025-29087.html * https://www.suse.com/security/cve/CVE-2025-29088.html * https://bugzilla.suse.com/show_bug.cgi?id=1241020 * https://bugzilla.suse.com/show_bug.cgi?id=1241078 * https://jira.suse.com/browse/SLE-16032 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 7 16:30:16 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 07 May 2025 16:30:16 -0000 Subject: SUSE-SU-2025:1510-1: important: Security update for libsoup Message-ID: <174663541694.30275.16599938524290741291@smelt2.prg2.suse.org> # Security update for libsoup Announcement ID: SUSE-SU-2025:1510-1 Release Date: 2025-05-07T14:38:17Z Rating: important References: * bsc#1240750 * bsc#1240752 * bsc#1240754 * bsc#1240756 * bsc#1240757 * bsc#1241162 * bsc#1241164 * bsc#1241214 * bsc#1241222 * bsc#1241226 * bsc#1241252 * bsc#1241263 * bsc#1241686 * bsc#1241688 Cross-References: * CVE-2025-2784 * CVE-2025-32050 * CVE-2025-32051 * CVE-2025-32052 * CVE-2025-32053 * CVE-2025-32906 * CVE-2025-32907 * CVE-2025-32909 * CVE-2025-32910 * CVE-2025-32912 * CVE-2025-32913 * CVE-2025-32914 * CVE-2025-46420 * CVE-2025-46421 CVSS scores: * CVE-2025-2784 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-2784 ( SUSE ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2025-2784 ( NVD ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2025-32050 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-32050 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32050 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32051 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-32051 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32051 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32052 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-32052 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2025-32052 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2025-32053 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-32053 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2025-32053 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2025-32906 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2025-32906 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32907 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-32907 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32907 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-32909 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-32909 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2025-32909 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-32910 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-32910 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-32910 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-32912 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-32912 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-32913 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32913 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32914 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-32914 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2025-46420 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-46420 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-46420 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-46421 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N * CVE-2025-46421 ( NVD ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves 14 vulnerabilities can now be installed. ## Description: This update for libsoup fixes the following issues: * CVE-2025-2784: Fixed heap buffer over-read in `skip_insignificant_space` when sniffing conten (bsc#1240750) * CVE-2025-32050: Fixed integer overflow in append_param_quoted (bsc#1240752) * CVE-2025-32051: Fixed segmentation fault when parsing malformed data URI (bsc#1240754) * CVE-2025-32052: Fixed heap buffer overflow in sniff_unknown() (bsc#1240756) * CVE-2025-32053: Fixed heap buffer overflows in sniff_feed_or_html() and skip_insignificant_space() (bsc#1240757) * CVE-2025-32906: Fixed out of bounds reads in soup_headers_parse_request() (bsc#1241263) * CVE-2025-32907: Fixed excessive memory consumption in server when client requests a large amount of overlapping ranges in a single HTTP request (bsc#1241222) * CVE-2025-32909: Fixed NULL pointer dereference in the sniff_mp4 function in soup-content-sniffer.c (bsc#1241226) * CVE-2025-32910: Fixed NULL pointer deference on client when server omits the realm parameter in an Unauthorized response with Digest authentication (bsc#1241252) * CVE-2025-32912: Fixed NULL pointer dereference in SoupAuthDigest (bsc#1241214) * CVE-2025-32913: Fixed NULL pointer dereference in soup_message_headers_get_content_disposition (bsc#1241162) * CVE-2025-32914: Fixed out of bounds read in `soup_multipart_new_from_message()` (bsc#1241164) * CVE-2025-46420: Fixed memory leak on soup_header_parse_quality_list() via soup-headers.c (bsc#1241686) * CVE-2025-46421: Fixed HTTP Authorization Header leak via an HTTP redirect (bsc#1241688) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1510=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1510=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1510=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1510=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1510=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1510=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1510=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1510=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1510=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-1510=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-1510=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-1510=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * typelib-1_0-Soup-3_0-3.0.4-150400.3.7.1 * libsoup-devel-3.0.4-150400.3.7.1 * libsoup-3_0-0-3.0.4-150400.3.7.1 * libsoup-debugsource-3.0.4-150400.3.7.1 * libsoup-3_0-0-debuginfo-3.0.4-150400.3.7.1 * openSUSE Leap 15.4 (x86_64) * libsoup-devel-32bit-3.0.4-150400.3.7.1 * libsoup-3_0-0-32bit-3.0.4-150400.3.7.1 * libsoup-3_0-0-32bit-debuginfo-3.0.4-150400.3.7.1 * openSUSE Leap 15.4 (noarch) * libsoup-lang-3.0.4-150400.3.7.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libsoup-devel-64bit-3.0.4-150400.3.7.1 * libsoup-3_0-0-64bit-3.0.4-150400.3.7.1 * libsoup-3_0-0-64bit-debuginfo-3.0.4-150400.3.7.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * typelib-1_0-Soup-3_0-3.0.4-150400.3.7.1 * libsoup-devel-3.0.4-150400.3.7.1 * libsoup-3_0-0-3.0.4-150400.3.7.1 * libsoup-debugsource-3.0.4-150400.3.7.1 * libsoup-3_0-0-debuginfo-3.0.4-150400.3.7.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * libsoup-lang-3.0.4-150400.3.7.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * typelib-1_0-Soup-3_0-3.0.4-150400.3.7.1 * libsoup-devel-3.0.4-150400.3.7.1 * libsoup-3_0-0-3.0.4-150400.3.7.1 * libsoup-debugsource-3.0.4-150400.3.7.1 * libsoup-3_0-0-debuginfo-3.0.4-150400.3.7.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * libsoup-lang-3.0.4-150400.3.7.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * typelib-1_0-Soup-3_0-3.0.4-150400.3.7.1 * libsoup-devel-3.0.4-150400.3.7.1 * libsoup-3_0-0-3.0.4-150400.3.7.1 * libsoup-debugsource-3.0.4-150400.3.7.1 * libsoup-3_0-0-debuginfo-3.0.4-150400.3.7.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * libsoup-lang-3.0.4-150400.3.7.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * typelib-1_0-Soup-3_0-3.0.4-150400.3.7.1 * libsoup-devel-3.0.4-150400.3.7.1 * libsoup-3_0-0-3.0.4-150400.3.7.1 * libsoup-debugsource-3.0.4-150400.3.7.1 * libsoup-3_0-0-debuginfo-3.0.4-150400.3.7.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * libsoup-lang-3.0.4-150400.3.7.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * typelib-1_0-Soup-3_0-3.0.4-150400.3.7.1 * libsoup-devel-3.0.4-150400.3.7.1 * libsoup-3_0-0-3.0.4-150400.3.7.1 * libsoup-debugsource-3.0.4-150400.3.7.1 * libsoup-3_0-0-debuginfo-3.0.4-150400.3.7.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * libsoup-lang-3.0.4-150400.3.7.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * typelib-1_0-Soup-3_0-3.0.4-150400.3.7.1 * libsoup-devel-3.0.4-150400.3.7.1 * libsoup-3_0-0-3.0.4-150400.3.7.1 * libsoup-debugsource-3.0.4-150400.3.7.1 * libsoup-3_0-0-debuginfo-3.0.4-150400.3.7.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * libsoup-lang-3.0.4-150400.3.7.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * typelib-1_0-Soup-3_0-3.0.4-150400.3.7.1 * libsoup-devel-3.0.4-150400.3.7.1 * libsoup-3_0-0-3.0.4-150400.3.7.1 * libsoup-debugsource-3.0.4-150400.3.7.1 * libsoup-3_0-0-debuginfo-3.0.4-150400.3.7.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * libsoup-lang-3.0.4-150400.3.7.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * typelib-1_0-Soup-3_0-3.0.4-150400.3.7.1 * libsoup-devel-3.0.4-150400.3.7.1 * libsoup-3_0-0-3.0.4-150400.3.7.1 * libsoup-debugsource-3.0.4-150400.3.7.1 * libsoup-3_0-0-debuginfo-3.0.4-150400.3.7.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * libsoup-lang-3.0.4-150400.3.7.1 * SUSE Manager Proxy 4.3 (x86_64) * typelib-1_0-Soup-3_0-3.0.4-150400.3.7.1 * libsoup-devel-3.0.4-150400.3.7.1 * libsoup-3_0-0-3.0.4-150400.3.7.1 * libsoup-debugsource-3.0.4-150400.3.7.1 * libsoup-3_0-0-debuginfo-3.0.4-150400.3.7.1 * SUSE Manager Proxy 4.3 (noarch) * libsoup-lang-3.0.4-150400.3.7.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * typelib-1_0-Soup-3_0-3.0.4-150400.3.7.1 * libsoup-devel-3.0.4-150400.3.7.1 * libsoup-3_0-0-3.0.4-150400.3.7.1 * libsoup-debugsource-3.0.4-150400.3.7.1 * libsoup-3_0-0-debuginfo-3.0.4-150400.3.7.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * libsoup-lang-3.0.4-150400.3.7.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * typelib-1_0-Soup-3_0-3.0.4-150400.3.7.1 * libsoup-devel-3.0.4-150400.3.7.1 * libsoup-3_0-0-3.0.4-150400.3.7.1 * libsoup-debugsource-3.0.4-150400.3.7.1 * libsoup-3_0-0-debuginfo-3.0.4-150400.3.7.1 * SUSE Manager Server 4.3 (noarch) * libsoup-lang-3.0.4-150400.3.7.1 ## References: * https://www.suse.com/security/cve/CVE-2025-2784.html * https://www.suse.com/security/cve/CVE-2025-32050.html * https://www.suse.com/security/cve/CVE-2025-32051.html * https://www.suse.com/security/cve/CVE-2025-32052.html * https://www.suse.com/security/cve/CVE-2025-32053.html * https://www.suse.com/security/cve/CVE-2025-32906.html * https://www.suse.com/security/cve/CVE-2025-32907.html * https://www.suse.com/security/cve/CVE-2025-32909.html * https://www.suse.com/security/cve/CVE-2025-32910.html * https://www.suse.com/security/cve/CVE-2025-32912.html * https://www.suse.com/security/cve/CVE-2025-32913.html * https://www.suse.com/security/cve/CVE-2025-32914.html * https://www.suse.com/security/cve/CVE-2025-46420.html * https://www.suse.com/security/cve/CVE-2025-46421.html * https://bugzilla.suse.com/show_bug.cgi?id=1240750 * https://bugzilla.suse.com/show_bug.cgi?id=1240752 * https://bugzilla.suse.com/show_bug.cgi?id=1240754 * https://bugzilla.suse.com/show_bug.cgi?id=1240756 * https://bugzilla.suse.com/show_bug.cgi?id=1240757 * https://bugzilla.suse.com/show_bug.cgi?id=1241162 * https://bugzilla.suse.com/show_bug.cgi?id=1241164 * https://bugzilla.suse.com/show_bug.cgi?id=1241214 * https://bugzilla.suse.com/show_bug.cgi?id=1241222 * https://bugzilla.suse.com/show_bug.cgi?id=1241226 * https://bugzilla.suse.com/show_bug.cgi?id=1241252 * https://bugzilla.suse.com/show_bug.cgi?id=1241263 * https://bugzilla.suse.com/show_bug.cgi?id=1241686 * https://bugzilla.suse.com/show_bug.cgi?id=1241688 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 7 16:30:25 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 07 May 2025 16:30:25 -0000 Subject: SUSE-SU-2025:1509-1: important: Security update for libsoup2 Message-ID: <174663542574.30275.575308426641612290@smelt2.prg2.suse.org> # Security update for libsoup2 Announcement ID: SUSE-SU-2025:1509-1 Release Date: 2025-05-07T14:37:39Z Rating: important References: * bsc#1240750 * bsc#1240752 * bsc#1240756 * bsc#1240757 * bsc#1241164 * bsc#1241222 * bsc#1241686 * bsc#1241688 Cross-References: * CVE-2025-2784 * CVE-2025-32050 * CVE-2025-32052 * CVE-2025-32053 * CVE-2025-32907 * CVE-2025-32914 * CVE-2025-46420 * CVE-2025-46421 CVSS scores: * CVE-2025-2784 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-2784 ( SUSE ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2025-2784 ( NVD ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2025-32050 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-32050 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32050 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32052 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-32052 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2025-32052 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2025-32053 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-32053 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2025-32053 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2025-32907 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-32907 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32907 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-32914 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-32914 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2025-46420 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-46420 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-46420 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-46421 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N * CVE-2025-46421 ( NVD ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves eight vulnerabilities can now be installed. ## Description: This update for libsoup2 fixes the following issues: * CVE-2025-2784: Fixed heap buffer over-read in `skip_insignificant_space` when sniffing conten (bsc#1240750) * CVE-2025-32050: Fixed integer overflow in append_param_quoted (bsc#1240752) * CVE-2025-32052: Fixed heap buffer overflow in sniff_unknown() (bsc#1240756) * CVE-2025-32053: Fixed heap buffer overflows in sniff_feed_or_html() and skip_insignificant_space() (bsc#1240757) * CVE-2025-32907: Fixed excessive memory consumption in server when client requests a large amount of overlapping ranges in a single HTTP request (bsc#1241222) * CVE-2025-32914: Fixed out of bounds read in `soup_multipart_new_from_message()` (bsc#1241164) * CVE-2025-46420: Fixed memory leak on soup_header_parse_quality_list() via soup-headers.c (bsc#1241686) * CVE-2025-46421: Fixed HTTP Authorization Header leak via an HTTP redirect (bsc#1241688) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-1509=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-1509=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-1509=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1509=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1509=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1509=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1509=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1509=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-1509=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1509=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1509=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1509=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1509=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1509=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1509=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1509=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1509=1 ## Package List: * SUSE Manager Proxy 4.3 (x86_64) * libsoup-2_4-1-debuginfo-2.74.2-150400.3.6.1 * libsoup-2_4-1-2.74.2-150400.3.6.1 * typelib-1_0-Soup-2_4-2.74.2-150400.3.6.1 * libsoup2-debugsource-2.74.2-150400.3.6.1 * libsoup2-devel-2.74.2-150400.3.6.1 * SUSE Manager Proxy 4.3 (noarch) * libsoup2-lang-2.74.2-150400.3.6.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * libsoup-2_4-1-debuginfo-2.74.2-150400.3.6.1 * libsoup-2_4-1-2.74.2-150400.3.6.1 * typelib-1_0-Soup-2_4-2.74.2-150400.3.6.1 * libsoup2-debugsource-2.74.2-150400.3.6.1 * libsoup2-devel-2.74.2-150400.3.6.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * libsoup2-lang-2.74.2-150400.3.6.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * libsoup-2_4-1-debuginfo-2.74.2-150400.3.6.1 * libsoup-2_4-1-2.74.2-150400.3.6.1 * typelib-1_0-Soup-2_4-2.74.2-150400.3.6.1 * libsoup2-debugsource-2.74.2-150400.3.6.1 * libsoup2-devel-2.74.2-150400.3.6.1 * SUSE Manager Server 4.3 (noarch) * libsoup2-lang-2.74.2-150400.3.6.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libsoup-2_4-1-debuginfo-2.74.2-150400.3.6.1 * libsoup-2_4-1-2.74.2-150400.3.6.1 * typelib-1_0-Soup-2_4-2.74.2-150400.3.6.1 * libsoup2-debugsource-2.74.2-150400.3.6.1 * libsoup2-devel-2.74.2-150400.3.6.1 * openSUSE Leap 15.4 (x86_64) * libsoup-2_4-1-32bit-2.74.2-150400.3.6.1 * libsoup-2_4-1-32bit-debuginfo-2.74.2-150400.3.6.1 * libsoup2-devel-32bit-2.74.2-150400.3.6.1 * openSUSE Leap 15.4 (noarch) * libsoup2-lang-2.74.2-150400.3.6.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libsoup-2_4-1-64bit-2.74.2-150400.3.6.1 * libsoup-2_4-1-64bit-debuginfo-2.74.2-150400.3.6.1 * libsoup2-devel-64bit-2.74.2-150400.3.6.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libsoup-2_4-1-2.74.2-150400.3.6.1 * libsoup2-debugsource-2.74.2-150400.3.6.1 * libsoup-2_4-1-debuginfo-2.74.2-150400.3.6.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libsoup-2_4-1-2.74.2-150400.3.6.1 * libsoup2-debugsource-2.74.2-150400.3.6.1 * libsoup-2_4-1-debuginfo-2.74.2-150400.3.6.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libsoup-2_4-1-2.74.2-150400.3.6.1 * libsoup2-debugsource-2.74.2-150400.3.6.1 * libsoup-2_4-1-debuginfo-2.74.2-150400.3.6.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libsoup-2_4-1-2.74.2-150400.3.6.1 * libsoup2-debugsource-2.74.2-150400.3.6.1 * libsoup-2_4-1-debuginfo-2.74.2-150400.3.6.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libsoup-2_4-1-2.74.2-150400.3.6.1 * libsoup2-debugsource-2.74.2-150400.3.6.1 * libsoup-2_4-1-debuginfo-2.74.2-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libsoup-2_4-1-debuginfo-2.74.2-150400.3.6.1 * libsoup-2_4-1-2.74.2-150400.3.6.1 * typelib-1_0-Soup-2_4-2.74.2-150400.3.6.1 * libsoup2-debugsource-2.74.2-150400.3.6.1 * libsoup2-devel-2.74.2-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * libsoup2-lang-2.74.2-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libsoup-2_4-1-debuginfo-2.74.2-150400.3.6.1 * libsoup-2_4-1-2.74.2-150400.3.6.1 * typelib-1_0-Soup-2_4-2.74.2-150400.3.6.1 * libsoup2-debugsource-2.74.2-150400.3.6.1 * libsoup2-devel-2.74.2-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * libsoup2-lang-2.74.2-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * libsoup-2_4-1-debuginfo-2.74.2-150400.3.6.1 * libsoup-2_4-1-2.74.2-150400.3.6.1 * typelib-1_0-Soup-2_4-2.74.2-150400.3.6.1 * libsoup2-debugsource-2.74.2-150400.3.6.1 * libsoup2-devel-2.74.2-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * libsoup2-lang-2.74.2-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * libsoup-2_4-1-debuginfo-2.74.2-150400.3.6.1 * libsoup-2_4-1-2.74.2-150400.3.6.1 * typelib-1_0-Soup-2_4-2.74.2-150400.3.6.1 * libsoup2-debugsource-2.74.2-150400.3.6.1 * libsoup2-devel-2.74.2-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * libsoup2-lang-2.74.2-150400.3.6.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * libsoup-2_4-1-debuginfo-2.74.2-150400.3.6.1 * libsoup-2_4-1-2.74.2-150400.3.6.1 * typelib-1_0-Soup-2_4-2.74.2-150400.3.6.1 * libsoup2-debugsource-2.74.2-150400.3.6.1 * libsoup2-devel-2.74.2-150400.3.6.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * libsoup2-lang-2.74.2-150400.3.6.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libsoup-2_4-1-debuginfo-2.74.2-150400.3.6.1 * libsoup-2_4-1-2.74.2-150400.3.6.1 * typelib-1_0-Soup-2_4-2.74.2-150400.3.6.1 * libsoup2-debugsource-2.74.2-150400.3.6.1 * libsoup2-devel-2.74.2-150400.3.6.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * libsoup2-lang-2.74.2-150400.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libsoup-2_4-1-debuginfo-2.74.2-150400.3.6.1 * libsoup-2_4-1-2.74.2-150400.3.6.1 * typelib-1_0-Soup-2_4-2.74.2-150400.3.6.1 * libsoup2-debugsource-2.74.2-150400.3.6.1 * libsoup2-devel-2.74.2-150400.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * libsoup2-lang-2.74.2-150400.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * libsoup-2_4-1-debuginfo-2.74.2-150400.3.6.1 * libsoup-2_4-1-2.74.2-150400.3.6.1 * typelib-1_0-Soup-2_4-2.74.2-150400.3.6.1 * libsoup2-debugsource-2.74.2-150400.3.6.1 * libsoup2-devel-2.74.2-150400.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * libsoup2-lang-2.74.2-150400.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2025-2784.html * https://www.suse.com/security/cve/CVE-2025-32050.html * https://www.suse.com/security/cve/CVE-2025-32052.html * https://www.suse.com/security/cve/CVE-2025-32053.html * https://www.suse.com/security/cve/CVE-2025-32907.html * https://www.suse.com/security/cve/CVE-2025-32914.html * https://www.suse.com/security/cve/CVE-2025-46420.html * https://www.suse.com/security/cve/CVE-2025-46421.html * https://bugzilla.suse.com/show_bug.cgi?id=1240750 * https://bugzilla.suse.com/show_bug.cgi?id=1240752 * https://bugzilla.suse.com/show_bug.cgi?id=1240756 * https://bugzilla.suse.com/show_bug.cgi?id=1240757 * https://bugzilla.suse.com/show_bug.cgi?id=1241164 * https://bugzilla.suse.com/show_bug.cgi?id=1241222 * https://bugzilla.suse.com/show_bug.cgi?id=1241686 * https://bugzilla.suse.com/show_bug.cgi?id=1241688 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 7 16:30:28 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 07 May 2025 16:30:28 -0000 Subject: SUSE-SU-2025:1508-1: moderate: Security update for openvpn Message-ID: <174663542889.30275.9518172105400103991@smelt2.prg2.suse.org> # Security update for openvpn Announcement ID: SUSE-SU-2025:1508-1 Release Date: 2025-05-07T14:02:58Z Rating: moderate References: * bsc#1240392 Cross-References: * CVE-2025-2704 CVSS scores: * CVE-2025-2704 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-2704 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-2704 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for openvpn fixes the following issues: * CVE-2025-2704: Fixed remote DoS due to possible ASSERT() on OpenVPN servers using --tls-crypt-v2 (bsc#1240392) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1508=1 openSUSE-SLE-15.6-2025-1508=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1508=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * openvpn-debuginfo-2.6.8-150600.3.17.1 * openvpn-devel-2.6.8-150600.3.17.1 * openvpn-down-root-plugin-debuginfo-2.6.8-150600.3.17.1 * openvpn-auth-pam-plugin-2.6.8-150600.3.17.1 * openvpn-dco-devel-2.6.8-150600.3.17.1 * openvpn-dco-2.6.8-150600.3.17.1 * openvpn-auth-pam-plugin-debuginfo-2.6.8-150600.3.17.1 * openvpn-dco-debuginfo-2.6.8-150600.3.17.1 * openvpn-dco-debugsource-2.6.8-150600.3.17.1 * openvpn-down-root-plugin-2.6.8-150600.3.17.1 * openvpn-2.6.8-150600.3.17.1 * openvpn-debugsource-2.6.8-150600.3.17.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * openvpn-debuginfo-2.6.8-150600.3.17.1 * openvpn-devel-2.6.8-150600.3.17.1 * openvpn-auth-pam-plugin-2.6.8-150600.3.17.1 * openvpn-dco-devel-2.6.8-150600.3.17.1 * openvpn-dco-2.6.8-150600.3.17.1 * openvpn-auth-pam-plugin-debuginfo-2.6.8-150600.3.17.1 * openvpn-dco-debuginfo-2.6.8-150600.3.17.1 * openvpn-dco-debugsource-2.6.8-150600.3.17.1 * openvpn-2.6.8-150600.3.17.1 * openvpn-debugsource-2.6.8-150600.3.17.1 ## References: * https://www.suse.com/security/cve/CVE-2025-2704.html * https://bugzilla.suse.com/show_bug.cgi?id=1240392 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 8 20:30:14 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 08 May 2025 20:30:14 -0000 Subject: SUSE-SU-2025:1518-1: important: Security update for libsoup Message-ID: <174673621407.28796.14169667659557310727@smelt2.prg2.suse.org> # Security update for libsoup Announcement ID: SUSE-SU-2025:1518-1 Release Date: 2025-05-08T19:36:02Z Rating: important References: * bsc#1233285 * bsc#1233287 * bsc#1233292 * bsc#1240750 * bsc#1240752 * bsc#1240756 * bsc#1240757 * bsc#1241164 * bsc#1241222 * bsc#1241686 * bsc#1241688 Cross-References: * CVE-2024-52530 * CVE-2024-52531 * CVE-2024-52532 * CVE-2025-2784 * CVE-2025-32050 * CVE-2025-32052 * CVE-2025-32053 * CVE-2025-32907 * CVE-2025-32914 * CVE-2025-46420 * CVE-2025-46421 CVSS scores: * CVE-2024-52530 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2024-52530 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-52530 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-52531 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2024-52531 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-52531 ( NVD ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-52531 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L * CVE-2024-52532 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-52532 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-52532 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-2784 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-2784 ( SUSE ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2025-2784 ( NVD ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2025-32050 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-32050 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32050 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32052 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-32052 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2025-32052 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2025-32053 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-32053 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2025-32053 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2025-32907 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-32907 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32907 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-32914 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-32914 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2025-46420 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-46420 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-46420 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-46421 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N * CVE-2025-46421 ( NVD ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves 11 vulnerabilities can now be installed. ## Description: This update for libsoup fixes the following issues: * CVE-2024-52530: Fixed HTTP request smuggling via stripping null bytes from the ends of header names (bsc#1233285) * CVE-2024-52531: Fixed buffer overflow via UTF-8 conversion in soup_header_parse_param_list_strict (bsc#1233292) * CVE-2024-52532: Fixed infinite loop while reading websocket data (bsc#1233287) * CVE-2025-2784: Fixed heap buffer over-read in `skip_insignificant_space` when sniffing content (bsc#1240750) * CVE-2025-32050: Fixed integer overflow in append_param_quoted (bsc#1240752) * CVE-2025-32052: Fixed heap buffer overflow in sniff_unknown() (bsc#1240756) * CVE-2025-32053: Fixed heap buffer overflows in sniff_feed_or_html() and skip_insignificant_space() (bsc#1240757) * CVE-2025-32907: Fixed excessive memory consumption in server when client requests a large amount of overlapping ranges in a single HTTP request (bsc#1241222) * CVE-2025-32914: Fixed out of bounds read in `soup_multipart_new_from_message()` (bsc#1241164) * CVE-2025-46420: Fixed memory leak on soup_header_parse_quality_list() via soup-headers.c (bsc#1241686) * CVE-2025-46421: Fixed HTTP Authorization Header leak via an HTTP redirect (bsc#1241688) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-1518=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1518=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libsoup-devel-2.62.2-5.12.1 * libsoup-2_4-1-debuginfo-2.62.2-5.12.1 * typelib-1_0-Soup-2_4-2.62.2-5.12.1 * libsoup-2_4-1-2.62.2-5.12.1 * libsoup-debugsource-2.62.2-5.12.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * libsoup-lang-2.62.2-5.12.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x x86_64) * libsoup-2_4-1-32bit-2.62.2-5.12.1 * libsoup-2_4-1-debuginfo-32bit-2.62.2-5.12.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libsoup-2_4-1-32bit-2.62.2-5.12.1 * libsoup-devel-2.62.2-5.12.1 * libsoup-2_4-1-debuginfo-2.62.2-5.12.1 * typelib-1_0-Soup-2_4-2.62.2-5.12.1 * libsoup-2_4-1-2.62.2-5.12.1 * libsoup-debugsource-2.62.2-5.12.1 * libsoup-2_4-1-debuginfo-32bit-2.62.2-5.12.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * libsoup-lang-2.62.2-5.12.1 ## References: * https://www.suse.com/security/cve/CVE-2024-52530.html * https://www.suse.com/security/cve/CVE-2024-52531.html * https://www.suse.com/security/cve/CVE-2024-52532.html * https://www.suse.com/security/cve/CVE-2025-2784.html * https://www.suse.com/security/cve/CVE-2025-32050.html * https://www.suse.com/security/cve/CVE-2025-32052.html * https://www.suse.com/security/cve/CVE-2025-32053.html * https://www.suse.com/security/cve/CVE-2025-32907.html * https://www.suse.com/security/cve/CVE-2025-32914.html * https://www.suse.com/security/cve/CVE-2025-46420.html * https://www.suse.com/security/cve/CVE-2025-46421.html * https://bugzilla.suse.com/show_bug.cgi?id=1233285 * https://bugzilla.suse.com/show_bug.cgi?id=1233287 * https://bugzilla.suse.com/show_bug.cgi?id=1233292 * https://bugzilla.suse.com/show_bug.cgi?id=1240750 * https://bugzilla.suse.com/show_bug.cgi?id=1240752 * https://bugzilla.suse.com/show_bug.cgi?id=1240756 * https://bugzilla.suse.com/show_bug.cgi?id=1240757 * https://bugzilla.suse.com/show_bug.cgi?id=1241164 * https://bugzilla.suse.com/show_bug.cgi?id=1241222 * https://bugzilla.suse.com/show_bug.cgi?id=1241686 * https://bugzilla.suse.com/show_bug.cgi?id=1241688 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 8 20:30:16 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 08 May 2025 20:30:16 -0000 Subject: SUSE-SU-2025:1517-1: moderate: Security update for apparmor Message-ID: <174673621678.28796.14402601906632320707@smelt2.prg2.suse.org> # Security update for apparmor Announcement ID: SUSE-SU-2025:1517-1 Release Date: 2025-05-08T19:35:51Z Rating: moderate References: * bsc#1241678 Cross-References: * CVE-2024-10041 CVSS scores: * CVE-2024-10041 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-10041 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-10041 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for apparmor fixes the following issues: * Add dac_read_search capability for unix_chkpwd to allow it to read the shadow file even if it has 000 permissions. This is needed after the CVE-2024-10041 fix in PAM. (bsc#1241678) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-1517=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1517=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * apache2-mod_apparmor-2.8.2-56.26.1 * apparmor-debugsource-2.8.2-56.26.1 * apparmor-parser-2.8.2-56.26.1 * libapparmor1-2.8.2-56.26.1 * perl-apparmor-2.8.2-56.26.1 * libapparmor1-debuginfo-2.8.2-56.26.1 * perl-apparmor-debuginfo-2.8.2-56.26.1 * apparmor-parser-debuginfo-2.8.2-56.26.1 * pam_apparmor-2.8.2-56.26.1 * apache2-mod_apparmor-debuginfo-2.8.2-56.26.1 * libapparmor-devel-2.8.2-56.26.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * apparmor-docs-2.8.2-56.26.1 * apparmor-utils-2.8.2-56.26.1 * apparmor-profiles-2.8.2-56.26.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (ppc64le s390x x86_64) * pam_apparmor-debuginfo-2.8.2-56.26.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x x86_64) * libapparmor1-debuginfo-32bit-2.8.2-56.26.1 * pam_apparmor-32bit-2.8.2-56.26.1 * pam_apparmor-debuginfo-32bit-2.8.2-56.26.1 * libapparmor1-32bit-2.8.2-56.26.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * perl-apparmor-2.8.2-56.26.1 * apache2-mod_apparmor-2.8.2-56.26.1 * pam_apparmor-debuginfo-32bit-2.8.2-56.26.1 * apparmor-debugsource-2.8.2-56.26.1 * libapparmor1-debuginfo-32bit-2.8.2-56.26.1 * apparmor-parser-2.8.2-56.26.1 * libapparmor1-2.8.2-56.26.1 * pam_apparmor-32bit-2.8.2-56.26.1 * libapparmor1-debuginfo-2.8.2-56.26.1 * libapparmor1-32bit-2.8.2-56.26.1 * apparmor-parser-debuginfo-2.8.2-56.26.1 * pam_apparmor-2.8.2-56.26.1 * pam_apparmor-debuginfo-2.8.2-56.26.1 * apache2-mod_apparmor-debuginfo-2.8.2-56.26.1 * libapparmor-devel-2.8.2-56.26.1 * perl-apparmor-debuginfo-2.8.2-56.26.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * apparmor-docs-2.8.2-56.26.1 * apparmor-utils-2.8.2-56.26.1 * apparmor-profiles-2.8.2-56.26.1 ## References: * https://www.suse.com/security/cve/CVE-2024-10041.html * https://bugzilla.suse.com/show_bug.cgi?id=1241678 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 8 20:30:19 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 08 May 2025 20:30:19 -0000 Subject: SUSE-RU-2025:1415-2: moderate: Recommended update for libica Message-ID: <174673621906.28796.2526924872115338300@smelt2.prg2.suse.org> # Recommended update for libica Announcement ID: SUSE-RU-2025:1415-2 Release Date: 2025-05-08T14:12:04Z Rating: moderate References: * bsc#1241953 Affected Products: * Certifications Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that has one fix can now be installed. ## Description: This update for libica fixes the following issues: * FIPS: Added the flavor (openssl3 / openssl-1_1) in the BUILD_VERSION string that is reported for the module. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Certifications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Certifications-15-SP7-2025-1415=1 ## Package List: * Certifications Module 15-SP7 (s390x) * libica4-openssl1_1-debuginfo-4.3.1-150600.4.25.1 * libica4-openssl1_1-4.3.1-150600.4.25.1 * libica4-4.3.1-150600.4.25.1 * libica4-debuginfo-4.3.1-150600.4.25.1 * libica-debugsource-4.3.1-150600.4.25.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1241953 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 8 20:30:21 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 08 May 2025 20:30:21 -0000 Subject: SUSE-SU-2025:0613-2: moderate: Security update for openssl-1_1 Message-ID: <174673622176.28796.4973615635996783234@smelt2.prg2.suse.org> # Security update for openssl-1_1 Announcement ID: SUSE-SU-2025:0613-2 Release Date: 2025-05-08T13:17:52Z Rating: moderate References: * bsc#1236136 * bsc#1236771 Cross-References: * CVE-2024-13176 CVSS scores: * CVE-2024-13176 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-13176 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-13176 ( NVD ): 4.1 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L Affected Products: * Certifications Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for openssl-1_1 fixes the following issues: * CVE-2024-13176: Fixed timing side-channel in the ECDSA signature computation (bsc#1236136). Other bugfixes: * Non approved PBKDF parameters wrongly resulting as approved (bsc#1236771). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Certifications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Certifications-15-SP7-2025-613=1 ## Package List: * Certifications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libopenssl1_1-debuginfo-1.1.1w-150600.5.12.2 * libopenssl1_1-1.1.1w-150600.5.12.2 * openssl-1_1-debugsource-1.1.1w-150600.5.12.2 ## References: * https://www.suse.com/security/cve/CVE-2024-13176.html * https://bugzilla.suse.com/show_bug.cgi?id=1236136 * https://bugzilla.suse.com/show_bug.cgi?id=1236771 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 8 20:30:38 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 08 May 2025 20:30:38 -0000 Subject: SUSE-SU-2025:1516-1: moderate: Security update for openssl-3 Message-ID: <174673623803.28796.13728930150940981717@smelt2.prg2.suse.org> # Security update for openssl-3 Announcement ID: SUSE-SU-2025:1516-1 Release Date: 2025-05-08T13:17:46Z Rating: moderate References: * bsc#1220523 * bsc#1220690 * bsc#1220693 * bsc#1220696 * bsc#1221365 * bsc#1221751 * bsc#1221752 * bsc#1221753 * bsc#1221760 * bsc#1221786 * bsc#1221787 * bsc#1221821 * bsc#1221822 * bsc#1221824 * bsc#1221827 * bsc#1229465 Cross-References: * CVE-2024-6119 CVSS scores: * CVE-2024-6119 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-6119 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Certifications Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability and has 15 security fixes can now be installed. ## Description: This update for openssl-3 fixes the following issues: * CVE-2024-6119: Fixed denial of service in X.509 name checks (bsc#1229465) Other fixes: * FIPS: Deny SHA-1 signature verification in FIPS provider (bsc#1221365). * FIPS: RSA keygen PCT requirements. * FIPS: Check that the fips provider is available before setting it as the default provider in FIPS mode (bsc#1220523). * FIPS: Port openssl to use jitterentropy (bsc#1220523). * FIPS: Block non-Approved Elliptic Curves (bsc#1221786). * FIPS: Service Level Indicator (bsc#1221365). * FIPS: Output the FIPS-validation name and module version which uniquely identify the FIPS validated module (bsc#1221751). * FIPS: Add required selftests: (bsc#1221760). * FIPS: DH: Disable FIPS 186-4 Domain Parameters (bsc#1221821). * FIPS: Recommendation for Password-Based Key Derivation (bsc#1221827). * FIPS: Zero initialization required (bsc#1221752). * FIPS: Reseed DRBG (bsc#1220690, bsc#1220693, bsc#1220696). * FIPS: NIST SP 800-56Brev2 (bsc#1221824). * FIPS: Approved Modulus Sizes for RSA Digital Signature for FIPS 186-4 (bsc#1221787). * FIPS: Port openssl to use jitterentropy (bsc#1220523). * FIPS: NIST SP 800-56Arev3 (bsc#1221822). * FIPS: Error state has to be enforced (bsc#1221753). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Certifications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Certifications-15-SP7-2025-1516=1 ## Package List: * Certifications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * openssl-3-debugsource-3.1.4-150600.5.15.1 * libopenssl-3-fips-provider-3.1.4-150600.5.15.1 * libopenssl-3-fips-provider-debuginfo-3.1.4-150600.5.15.1 ## References: * https://www.suse.com/security/cve/CVE-2024-6119.html * https://bugzilla.suse.com/show_bug.cgi?id=1220523 * https://bugzilla.suse.com/show_bug.cgi?id=1220690 * https://bugzilla.suse.com/show_bug.cgi?id=1220693 * https://bugzilla.suse.com/show_bug.cgi?id=1220696 * https://bugzilla.suse.com/show_bug.cgi?id=1221365 * https://bugzilla.suse.com/show_bug.cgi?id=1221751 * https://bugzilla.suse.com/show_bug.cgi?id=1221752 * https://bugzilla.suse.com/show_bug.cgi?id=1221753 * https://bugzilla.suse.com/show_bug.cgi?id=1221760 * https://bugzilla.suse.com/show_bug.cgi?id=1221786 * https://bugzilla.suse.com/show_bug.cgi?id=1221787 * https://bugzilla.suse.com/show_bug.cgi?id=1221821 * https://bugzilla.suse.com/show_bug.cgi?id=1221822 * https://bugzilla.suse.com/show_bug.cgi?id=1221824 * https://bugzilla.suse.com/show_bug.cgi?id=1221827 * https://bugzilla.suse.com/show_bug.cgi?id=1229465 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 8 20:30:41 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 08 May 2025 20:30:41 -0000 Subject: SUSE-OU-2025:1514-1: low: Optional update for oath-toolkit Message-ID: <174673624110.28796.6891885632114722620@smelt2.prg2.suse.org> # Optional update for oath-toolkit Announcement ID: SUSE-OU-2025:1514-1 Release Date: 2025-05-08T08:58:05Z Rating: low References: * bsc#1237295 Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Workstation Extension 15 SP6 * SUSE Package Hub 15 15-SP6 An update that has one fix can now be installed. ## Description: This update for oath-toolkit provides the following fix: * Add libpskc0 to SLE-Module-Packagehub-Subpackages. (bsc#1237295) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Workstation Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2025-1514=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1514=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1514=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-1514=1 ## Package List: * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64) * libpskc-devel-2.6.2-150000.3.7.1 * oath-toolkit-debuginfo-2.6.2-150000.3.7.1 * oath-toolkit-debugsource-2.6.2-150000.3.7.1 * libpskc0-2.6.2-150000.3.7.1 * libpskc0-debuginfo-2.6.2-150000.3.7.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * libpskc-devel-2.6.2-150000.3.7.1 * liboath0-2.6.2-150000.3.7.1 * pam_oath-debuginfo-2.6.2-150000.3.7.1 * pam_oath-2.6.2-150000.3.7.1 * oath-toolkit-debuginfo-2.6.2-150000.3.7.1 * oath-toolkit-debugsource-2.6.2-150000.3.7.1 * liboath0-debuginfo-2.6.2-150000.3.7.1 * libpskc0-2.6.2-150000.3.7.1 * liboath-devel-2.6.2-150000.3.7.1 * libpskc0-debuginfo-2.6.2-150000.3.7.1 * oath-toolkit-2.6.2-150000.3.7.1 * openSUSE Leap 15.6 (noarch) * oath-toolkit-xml-2.6.2-150000.3.7.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * liboath0-2.6.2-150000.3.7.1 * oath-toolkit-debuginfo-2.6.2-150000.3.7.1 * oath-toolkit-debugsource-2.6.2-150000.3.7.1 * liboath0-debuginfo-2.6.2-150000.3.7.1 * liboath-devel-2.6.2-150000.3.7.1 * Basesystem Module 15-SP6 (noarch) * oath-toolkit-xml-2.6.2-150000.3.7.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * oath-toolkit-debuginfo-2.6.2-150000.3.7.1 * oath-toolkit-2.6.2-150000.3.7.1 * libpskc0-2.6.2-150000.3.7.1 * oath-toolkit-debugsource-2.6.2-150000.3.7.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1237295 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 8 20:30:42 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 08 May 2025 20:30:42 -0000 Subject: SUSE-RU-2025:1513-1: moderate: Recommended update for Multi-Linux Manager 5.0: Server, Proxy and Retail Server Message-ID: <174673624229.28796.16137772427076749024@smelt2.prg2.suse.org> # Recommended update for Multi-Linux Manager 5.0: Server, Proxy and Retail Server Announcement ID: SUSE-RU-2025:1513-1 Release Date: 2025-05-08T08:41:31Z Rating: moderate References: * jsc#MSQA-979 Affected Products: * SUSE Linux Enterprise Micro 5.5 * SUSE Manager Proxy 5.0 Extension * SUSE Manager Retail Branch Server 5.0 Extension * SUSE Manager Server 5.0 Extension An update that contains one feature can now be installed. ## Recommended update 5.0.4 for Multi-Linux Manager Proxy ### Description: This update fixes the following issues: proxy-salt-broker-image: * Image rebuilt with updated dependencies ## Recommended update 5.0.4 for Multi-Linux Manager Server ### Description: This update fixes the following issues: server-image: * Image rebuilt with updated dependencies ## Recommended update 5.0.4 for Multi-Linux Manager Retail Branch Server ### Description: This update fixes the following issues: proxy-salt-broker-image: * Image rebuilt with updated dependencies ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Proxy 5.0 Extension zypper in -t patch SUSE-SUSE-Manager-Proxy-5.0-2025-1513=1 * SUSE Manager Retail Branch Server 5.0 Extension zypper in -t patch SUSE-SUSE-Manager-Retail-Branch-Server-5.0-2025-1513=1 * SUSE Manager Server 5.0 Extension zypper in -t patch SUSE-SUSE-Manager-Server-5.0-2025-1513=1 ## Package List: * SUSE Manager Proxy 5.0 Extension (aarch64) * suse-manager-5.0-aarch64-proxy-salt-broker-image-5.0.4-7.14.1 * SUSE Manager Proxy 5.0 Extension (ppc64le) * suse-manager-5.0-ppc64le-proxy-salt-broker-image-5.0.4-7.14.1 * SUSE Manager Proxy 5.0 Extension (s390x) * suse-manager-5.0-s390x-proxy-salt-broker-image-5.0.4-7.14.1 * SUSE Manager Proxy 5.0 Extension (x86_64) * suse-manager-5.0-x86_64-proxy-salt-broker-image-5.0.4-7.14.1 * SUSE Manager Retail Branch Server 5.0 Extension (aarch64) * suse-manager-5.0-aarch64-proxy-salt-broker-image-5.0.4-7.14.1 * SUSE Manager Retail Branch Server 5.0 Extension (ppc64le) * suse-manager-5.0-ppc64le-proxy-salt-broker-image-5.0.4-7.14.1 * SUSE Manager Retail Branch Server 5.0 Extension (s390x) * suse-manager-5.0-s390x-proxy-salt-broker-image-5.0.4-7.14.1 * SUSE Manager Retail Branch Server 5.0 Extension (x86_64) * suse-manager-5.0-x86_64-proxy-salt-broker-image-5.0.4-7.14.1 * SUSE Manager Server 5.0 Extension (aarch64) * suse-manager-5.0-aarch64-server-image-5.0.4-7.19.1 * SUSE Manager Server 5.0 Extension (ppc64le) * suse-manager-5.0-ppc64le-server-image-5.0.4-7.19.1 * SUSE Manager Server 5.0 Extension (s390x) * suse-manager-5.0-s390x-server-image-5.0.4-7.19.1 * SUSE Manager Server 5.0 Extension (x86_64) * suse-manager-5.0-x86_64-server-image-5.0.4-7.19.1 ## References: * https://jira.suse.com/browse/MSQA-979 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 8 20:30:45 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 08 May 2025 20:30:45 -0000 Subject: SUSE-SU-2025:1512-1: moderate: Security update for apparmor Message-ID: <174673624524.28796.8315564099116850995@smelt2.prg2.suse.org> # Security update for apparmor Announcement ID: SUSE-SU-2025:1512-1 Release Date: 2025-05-07T19:36:39Z Rating: moderate References: * bsc#1241678 Cross-References: * CVE-2024-10041 CVSS scores: * CVE-2024-10041 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-10041 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-10041 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for apparmor fixes the following issues: * Add dac_read_search capability for unix_chkpwd to allow it to read the shadow file even if it has 000 permissions. This is needed after the CVE-2024-10041 fix in PAM. (bsc#1241678) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-1512=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-1512=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1512=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1512=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1512=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1512=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * pam_apparmor-3.0.4-150500.11.18.1 * apparmor-parser-3.0.4-150500.11.18.1 * ruby-apparmor-debuginfo-3.0.4-150500.11.18.1 * libapparmor-debugsource-3.0.4-150500.11.18.1 * libapparmor1-debuginfo-3.0.4-150500.11.18.1 * apparmor-debugsource-3.0.4-150500.11.18.1 * python3-apparmor-3.0.4-150500.11.18.1 * pam_apparmor-debuginfo-3.0.4-150500.11.18.1 * python3-apparmor-debuginfo-3.0.4-150500.11.18.1 * ruby-apparmor-3.0.4-150500.11.18.1 * perl-apparmor-debuginfo-3.0.4-150500.11.18.1 * perl-apparmor-3.0.4-150500.11.18.1 * libapparmor-devel-3.0.4-150500.11.18.1 * libapparmor1-3.0.4-150500.11.18.1 * apparmor-parser-debuginfo-3.0.4-150500.11.18.1 * apache2-mod_apparmor-debuginfo-3.0.4-150500.11.18.1 * apache2-mod_apparmor-3.0.4-150500.11.18.1 * openSUSE Leap 15.5 (noarch) * apparmor-docs-3.0.4-150500.11.18.1 * apparmor-utils-3.0.4-150500.11.18.1 * apparmor-utils-lang-3.0.4-150500.11.18.1 * apparmor-abstractions-3.0.4-150500.11.18.1 * apparmor-parser-lang-3.0.4-150500.11.18.1 * apparmor-profiles-3.0.4-150500.11.18.1 * openSUSE Leap 15.5 (x86_64) * pam_apparmor-32bit-3.0.4-150500.11.18.1 * libapparmor1-32bit-debuginfo-3.0.4-150500.11.18.1 * libapparmor1-32bit-3.0.4-150500.11.18.1 * pam_apparmor-32bit-debuginfo-3.0.4-150500.11.18.1 * openSUSE Leap 15.5 (aarch64_ilp32) * pam_apparmor-64bit-debuginfo-3.0.4-150500.11.18.1 * pam_apparmor-64bit-3.0.4-150500.11.18.1 * libapparmor1-64bit-debuginfo-3.0.4-150500.11.18.1 * libapparmor1-64bit-3.0.4-150500.11.18.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * pam_apparmor-3.0.4-150500.11.18.1 * apparmor-parser-3.0.4-150500.11.18.1 * libapparmor-debugsource-3.0.4-150500.11.18.1 * apparmor-debugsource-3.0.4-150500.11.18.1 * libapparmor1-3.0.4-150500.11.18.1 * pam_apparmor-debuginfo-3.0.4-150500.11.18.1 * apparmor-parser-debuginfo-3.0.4-150500.11.18.1 * libapparmor1-debuginfo-3.0.4-150500.11.18.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * libapparmor1-debuginfo-3.0.4-150500.11.18.1 * apparmor-parser-3.0.4-150500.11.18.1 * pam_apparmor-3.0.4-150500.11.18.1 * libapparmor-debugsource-3.0.4-150500.11.18.1 * apparmor-debugsource-3.0.4-150500.11.18.1 * python3-apparmor-3.0.4-150500.11.18.1 * libapparmor1-3.0.4-150500.11.18.1 * pam_apparmor-debuginfo-3.0.4-150500.11.18.1 * python3-apparmor-debuginfo-3.0.4-150500.11.18.1 * libapparmor-devel-3.0.4-150500.11.18.1 * perl-apparmor-3.0.4-150500.11.18.1 * perl-apparmor-debuginfo-3.0.4-150500.11.18.1 * apparmor-parser-debuginfo-3.0.4-150500.11.18.1 * apache2-mod_apparmor-debuginfo-3.0.4-150500.11.18.1 * apache2-mod_apparmor-3.0.4-150500.11.18.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * apparmor-docs-3.0.4-150500.11.18.1 * apparmor-utils-3.0.4-150500.11.18.1 * apparmor-utils-lang-3.0.4-150500.11.18.1 * apparmor-abstractions-3.0.4-150500.11.18.1 * apparmor-parser-lang-3.0.4-150500.11.18.1 * apparmor-profiles-3.0.4-150500.11.18.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64) * pam_apparmor-32bit-3.0.4-150500.11.18.1 * libapparmor1-32bit-debuginfo-3.0.4-150500.11.18.1 * libapparmor1-32bit-3.0.4-150500.11.18.1 * pam_apparmor-32bit-debuginfo-3.0.4-150500.11.18.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * libapparmor1-debuginfo-3.0.4-150500.11.18.1 * apparmor-parser-3.0.4-150500.11.18.1 * pam_apparmor-3.0.4-150500.11.18.1 * libapparmor-debugsource-3.0.4-150500.11.18.1 * apparmor-debugsource-3.0.4-150500.11.18.1 * python3-apparmor-3.0.4-150500.11.18.1 * libapparmor1-3.0.4-150500.11.18.1 * pam_apparmor-debuginfo-3.0.4-150500.11.18.1 * python3-apparmor-debuginfo-3.0.4-150500.11.18.1 * libapparmor-devel-3.0.4-150500.11.18.1 * perl-apparmor-3.0.4-150500.11.18.1 * perl-apparmor-debuginfo-3.0.4-150500.11.18.1 * apparmor-parser-debuginfo-3.0.4-150500.11.18.1 * apache2-mod_apparmor-debuginfo-3.0.4-150500.11.18.1 * apache2-mod_apparmor-3.0.4-150500.11.18.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * apparmor-docs-3.0.4-150500.11.18.1 * apparmor-utils-3.0.4-150500.11.18.1 * apparmor-utils-lang-3.0.4-150500.11.18.1 * apparmor-abstractions-3.0.4-150500.11.18.1 * apparmor-parser-lang-3.0.4-150500.11.18.1 * apparmor-profiles-3.0.4-150500.11.18.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64) * pam_apparmor-32bit-3.0.4-150500.11.18.1 * libapparmor1-32bit-debuginfo-3.0.4-150500.11.18.1 * libapparmor1-32bit-3.0.4-150500.11.18.1 * pam_apparmor-32bit-debuginfo-3.0.4-150500.11.18.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libapparmor1-debuginfo-3.0.4-150500.11.18.1 * apparmor-parser-3.0.4-150500.11.18.1 * pam_apparmor-3.0.4-150500.11.18.1 * libapparmor-debugsource-3.0.4-150500.11.18.1 * apparmor-debugsource-3.0.4-150500.11.18.1 * python3-apparmor-3.0.4-150500.11.18.1 * libapparmor1-3.0.4-150500.11.18.1 * pam_apparmor-debuginfo-3.0.4-150500.11.18.1 * python3-apparmor-debuginfo-3.0.4-150500.11.18.1 * libapparmor-devel-3.0.4-150500.11.18.1 * perl-apparmor-3.0.4-150500.11.18.1 * perl-apparmor-debuginfo-3.0.4-150500.11.18.1 * apparmor-parser-debuginfo-3.0.4-150500.11.18.1 * apache2-mod_apparmor-debuginfo-3.0.4-150500.11.18.1 * apache2-mod_apparmor-3.0.4-150500.11.18.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * apparmor-docs-3.0.4-150500.11.18.1 * apparmor-utils-3.0.4-150500.11.18.1 * apparmor-utils-lang-3.0.4-150500.11.18.1 * apparmor-abstractions-3.0.4-150500.11.18.1 * apparmor-parser-lang-3.0.4-150500.11.18.1 * apparmor-profiles-3.0.4-150500.11.18.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64) * pam_apparmor-32bit-3.0.4-150500.11.18.1 * libapparmor1-32bit-debuginfo-3.0.4-150500.11.18.1 * libapparmor1-32bit-3.0.4-150500.11.18.1 * pam_apparmor-32bit-debuginfo-3.0.4-150500.11.18.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * libapparmor1-debuginfo-3.0.4-150500.11.18.1 * apparmor-parser-3.0.4-150500.11.18.1 * pam_apparmor-3.0.4-150500.11.18.1 * libapparmor-debugsource-3.0.4-150500.11.18.1 * apparmor-debugsource-3.0.4-150500.11.18.1 * python3-apparmor-3.0.4-150500.11.18.1 * libapparmor1-3.0.4-150500.11.18.1 * pam_apparmor-debuginfo-3.0.4-150500.11.18.1 * python3-apparmor-debuginfo-3.0.4-150500.11.18.1 * libapparmor-devel-3.0.4-150500.11.18.1 * perl-apparmor-3.0.4-150500.11.18.1 * perl-apparmor-debuginfo-3.0.4-150500.11.18.1 * apparmor-parser-debuginfo-3.0.4-150500.11.18.1 * apache2-mod_apparmor-debuginfo-3.0.4-150500.11.18.1 * apache2-mod_apparmor-3.0.4-150500.11.18.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * apparmor-docs-3.0.4-150500.11.18.1 * apparmor-utils-3.0.4-150500.11.18.1 * apparmor-utils-lang-3.0.4-150500.11.18.1 * apparmor-abstractions-3.0.4-150500.11.18.1 * apparmor-parser-lang-3.0.4-150500.11.18.1 * apparmor-profiles-3.0.4-150500.11.18.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64) * pam_apparmor-32bit-3.0.4-150500.11.18.1 * libapparmor1-32bit-debuginfo-3.0.4-150500.11.18.1 * libapparmor1-32bit-3.0.4-150500.11.18.1 * pam_apparmor-32bit-debuginfo-3.0.4-150500.11.18.1 ## References: * https://www.suse.com/security/cve/CVE-2024-10041.html * https://bugzilla.suse.com/show_bug.cgi?id=1241678 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 8 20:30:52 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 08 May 2025 20:30:52 -0000 Subject: SUSE-SU-2025:1511-1: moderate: Security update for apparmor Message-ID: <174673625264.28796.10599275991529209454@smelt2.prg2.suse.org> # Security update for apparmor Announcement ID: SUSE-SU-2025:1511-1 Release Date: 2025-05-07T19:36:15Z Rating: moderate References: * bsc#1241678 Cross-References: * CVE-2024-10041 CVSS scores: * CVE-2024-10041 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-10041 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-10041 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * Basesystem Module 15-SP6 * Development Tools Module 15-SP6 * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for apparmor fixes the following issues: * Add dac_read_search capability for unix_chkpwd to allow it to read the shadow file even if it has 000 permissions. This is needed after the CVE-2024-10041 fix in PAM. (bsc#1241678) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1511=1 SUSE-2025-1511=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1511=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-1511=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-1511=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * pam_apparmor-3.1.7-150600.5.9.1 * pam_apparmor-debuginfo-3.1.7-150600.5.9.1 * apache2-mod_apparmor-debuginfo-3.1.7-150600.5.9.1 * apparmor-parser-3.1.7-150600.5.9.1 * python3-apparmor-3.1.7-150600.5.9.1 * apparmor-parser-debuginfo-3.1.7-150600.5.9.1 * apparmor-debugsource-3.1.7-150600.5.9.1 * perl-apparmor-3.1.7-150600.5.9.1 * libapparmor1-debuginfo-3.1.7-150600.5.9.1 * ruby-apparmor-debuginfo-3.1.7-150600.5.9.1 * apache2-mod_apparmor-3.1.7-150600.5.9.1 * ruby-apparmor-3.1.7-150600.5.9.1 * libapparmor-debugsource-3.1.7-150600.5.9.1 * libapparmor1-3.1.7-150600.5.9.1 * libapparmor-devel-3.1.7-150600.5.9.1 * perl-apparmor-debuginfo-3.1.7-150600.5.9.1 * python3-apparmor-debuginfo-3.1.7-150600.5.9.1 * openSUSE Leap 15.6 (noarch) * apparmor-utils-3.1.7-150600.5.9.1 * apparmor-utils-lang-3.1.7-150600.5.9.1 * apparmor-parser-lang-3.1.7-150600.5.9.1 * apparmor-docs-3.1.7-150600.5.9.1 * apparmor-abstractions-3.1.7-150600.5.9.1 * apparmor-profiles-3.1.7-150600.5.9.1 * openSUSE Leap 15.6 (x86_64) * libapparmor1-32bit-3.1.7-150600.5.9.1 * pam_apparmor-32bit-debuginfo-3.1.7-150600.5.9.1 * libapparmor1-32bit-debuginfo-3.1.7-150600.5.9.1 * pam_apparmor-32bit-3.1.7-150600.5.9.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libapparmor1-64bit-debuginfo-3.1.7-150600.5.9.1 * pam_apparmor-64bit-debuginfo-3.1.7-150600.5.9.1 * libapparmor1-64bit-3.1.7-150600.5.9.1 * pam_apparmor-64bit-3.1.7-150600.5.9.1 * Basesystem Module 15-SP6 (noarch) * apparmor-utils-3.1.7-150600.5.9.1 * apparmor-utils-lang-3.1.7-150600.5.9.1 * apparmor-parser-lang-3.1.7-150600.5.9.1 * apparmor-docs-3.1.7-150600.5.9.1 * apparmor-abstractions-3.1.7-150600.5.9.1 * apparmor-profiles-3.1.7-150600.5.9.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * pam_apparmor-3.1.7-150600.5.9.1 * pam_apparmor-debuginfo-3.1.7-150600.5.9.1 * apparmor-parser-3.1.7-150600.5.9.1 * python3-apparmor-3.1.7-150600.5.9.1 * apparmor-parser-debuginfo-3.1.7-150600.5.9.1 * apparmor-debugsource-3.1.7-150600.5.9.1 * libapparmor1-debuginfo-3.1.7-150600.5.9.1 * libapparmor-debugsource-3.1.7-150600.5.9.1 * libapparmor-devel-3.1.7-150600.5.9.1 * libapparmor1-3.1.7-150600.5.9.1 * python3-apparmor-debuginfo-3.1.7-150600.5.9.1 * Basesystem Module 15-SP6 (x86_64) * pam_apparmor-32bit-debuginfo-3.1.7-150600.5.9.1 * libapparmor1-32bit-debuginfo-3.1.7-150600.5.9.1 * pam_apparmor-32bit-3.1.7-150600.5.9.1 * libapparmor1-32bit-3.1.7-150600.5.9.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * perl-apparmor-3.1.7-150600.5.9.1 * apparmor-debugsource-3.1.7-150600.5.9.1 * perl-apparmor-debuginfo-3.1.7-150600.5.9.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * apache2-mod_apparmor-3.1.7-150600.5.9.1 * apparmor-debugsource-3.1.7-150600.5.9.1 * apache2-mod_apparmor-debuginfo-3.1.7-150600.5.9.1 ## References: * https://www.suse.com/security/cve/CVE-2024-10041.html * https://bugzilla.suse.com/show_bug.cgi?id=1241678 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 9 08:30:05 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 09 May 2025 08:30:05 -0000 Subject: SUSE-SU-2025:1521-1: important: Security update for tomcat Message-ID: <174677940511.20256.992592769124029465@smelt2.prg2.suse.org> # Security update for tomcat Announcement ID: SUSE-SU-2025:1521-1 Release Date: 2025-05-09T04:57:04Z Rating: important References: * bsc#1242008 * bsc#1242009 Cross-References: * CVE-2025-31650 * CVE-2025-31651 CVSS scores: * CVE-2025-31650 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-31650 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-31650 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-31650 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-31651 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-31651 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-31651 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-31651 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Server 4.3 * Web and Scripting Module 15-SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for tomcat fixes the following issues: Update to Tomcat 9.0.104 * CVE-2025-31650: invalid priority field values should be ignored (bsc#1242008) * CVE-2025-31651: Better handling of URLs with literal ';' and '?' (bsc#1242009) Full changelog: https://tomcat.apache.org/tomcat-9.0-doc/changelog.htm ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1521=1 * Web and Scripting Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP6-2025-1521=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1521=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1521=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1521=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1521=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1521=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1521=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1521=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1521=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1521=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1521=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1521=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-1521=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1521=1 ## Package List: * openSUSE Leap 15.6 (noarch) * tomcat-docs-webapp-9.0.104-150200.81.1 * tomcat-el-3_0-api-9.0.104-150200.81.1 * tomcat-lib-9.0.104-150200.81.1 * tomcat-embed-9.0.104-150200.81.1 * tomcat-9.0.104-150200.81.1 * tomcat-jsvc-9.0.104-150200.81.1 * tomcat-servlet-4_0-api-9.0.104-150200.81.1 * tomcat-jsp-2_3-api-9.0.104-150200.81.1 * tomcat-webapps-9.0.104-150200.81.1 * tomcat-admin-webapps-9.0.104-150200.81.1 * tomcat-javadoc-9.0.104-150200.81.1 * Web and Scripting Module 15-SP6 (noarch) * tomcat-el-3_0-api-9.0.104-150200.81.1 * tomcat-9.0.104-150200.81.1 * tomcat-servlet-4_0-api-9.0.104-150200.81.1 * tomcat-jsp-2_3-api-9.0.104-150200.81.1 * tomcat-webapps-9.0.104-150200.81.1 * tomcat-admin-webapps-9.0.104-150200.81.1 * tomcat-lib-9.0.104-150200.81.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * tomcat-el-3_0-api-9.0.104-150200.81.1 * tomcat-9.0.104-150200.81.1 * tomcat-servlet-4_0-api-9.0.104-150200.81.1 * tomcat-jsp-2_3-api-9.0.104-150200.81.1 * tomcat-webapps-9.0.104-150200.81.1 * tomcat-admin-webapps-9.0.104-150200.81.1 * tomcat-lib-9.0.104-150200.81.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * tomcat-el-3_0-api-9.0.104-150200.81.1 * tomcat-9.0.104-150200.81.1 * tomcat-servlet-4_0-api-9.0.104-150200.81.1 * tomcat-jsp-2_3-api-9.0.104-150200.81.1 * tomcat-webapps-9.0.104-150200.81.1 * tomcat-admin-webapps-9.0.104-150200.81.1 * tomcat-lib-9.0.104-150200.81.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * tomcat-el-3_0-api-9.0.104-150200.81.1 * tomcat-9.0.104-150200.81.1 * tomcat-servlet-4_0-api-9.0.104-150200.81.1 * tomcat-jsp-2_3-api-9.0.104-150200.81.1 * tomcat-webapps-9.0.104-150200.81.1 * tomcat-admin-webapps-9.0.104-150200.81.1 * tomcat-lib-9.0.104-150200.81.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * tomcat-el-3_0-api-9.0.104-150200.81.1 * tomcat-9.0.104-150200.81.1 * tomcat-servlet-4_0-api-9.0.104-150200.81.1 * tomcat-jsp-2_3-api-9.0.104-150200.81.1 * tomcat-webapps-9.0.104-150200.81.1 * tomcat-admin-webapps-9.0.104-150200.81.1 * tomcat-lib-9.0.104-150200.81.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * tomcat-el-3_0-api-9.0.104-150200.81.1 * tomcat-9.0.104-150200.81.1 * tomcat-servlet-4_0-api-9.0.104-150200.81.1 * tomcat-jsp-2_3-api-9.0.104-150200.81.1 * tomcat-webapps-9.0.104-150200.81.1 * tomcat-admin-webapps-9.0.104-150200.81.1 * tomcat-lib-9.0.104-150200.81.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * tomcat-el-3_0-api-9.0.104-150200.81.1 * tomcat-9.0.104-150200.81.1 * tomcat-servlet-4_0-api-9.0.104-150200.81.1 * tomcat-jsp-2_3-api-9.0.104-150200.81.1 * tomcat-webapps-9.0.104-150200.81.1 * tomcat-admin-webapps-9.0.104-150200.81.1 * tomcat-lib-9.0.104-150200.81.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * tomcat-el-3_0-api-9.0.104-150200.81.1 * tomcat-9.0.104-150200.81.1 * tomcat-servlet-4_0-api-9.0.104-150200.81.1 * tomcat-jsp-2_3-api-9.0.104-150200.81.1 * tomcat-webapps-9.0.104-150200.81.1 * tomcat-admin-webapps-9.0.104-150200.81.1 * tomcat-lib-9.0.104-150200.81.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * tomcat-el-3_0-api-9.0.104-150200.81.1 * tomcat-9.0.104-150200.81.1 * tomcat-servlet-4_0-api-9.0.104-150200.81.1 * tomcat-jsp-2_3-api-9.0.104-150200.81.1 * tomcat-webapps-9.0.104-150200.81.1 * tomcat-admin-webapps-9.0.104-150200.81.1 * tomcat-lib-9.0.104-150200.81.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * tomcat-el-3_0-api-9.0.104-150200.81.1 * tomcat-9.0.104-150200.81.1 * tomcat-servlet-4_0-api-9.0.104-150200.81.1 * tomcat-jsp-2_3-api-9.0.104-150200.81.1 * tomcat-webapps-9.0.104-150200.81.1 * tomcat-admin-webapps-9.0.104-150200.81.1 * tomcat-lib-9.0.104-150200.81.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * tomcat-el-3_0-api-9.0.104-150200.81.1 * tomcat-9.0.104-150200.81.1 * tomcat-servlet-4_0-api-9.0.104-150200.81.1 * tomcat-jsp-2_3-api-9.0.104-150200.81.1 * tomcat-webapps-9.0.104-150200.81.1 * tomcat-admin-webapps-9.0.104-150200.81.1 * tomcat-lib-9.0.104-150200.81.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * tomcat-el-3_0-api-9.0.104-150200.81.1 * tomcat-9.0.104-150200.81.1 * tomcat-servlet-4_0-api-9.0.104-150200.81.1 * tomcat-jsp-2_3-api-9.0.104-150200.81.1 * tomcat-webapps-9.0.104-150200.81.1 * tomcat-admin-webapps-9.0.104-150200.81.1 * tomcat-lib-9.0.104-150200.81.1 * SUSE Manager Server 4.3 (noarch) * tomcat-el-3_0-api-9.0.104-150200.81.1 * tomcat-9.0.104-150200.81.1 * tomcat-servlet-4_0-api-9.0.104-150200.81.1 * tomcat-jsp-2_3-api-9.0.104-150200.81.1 * tomcat-webapps-9.0.104-150200.81.1 * tomcat-admin-webapps-9.0.104-150200.81.1 * tomcat-lib-9.0.104-150200.81.1 * SUSE Enterprise Storage 7.1 (noarch) * tomcat-el-3_0-api-9.0.104-150200.81.1 * tomcat-9.0.104-150200.81.1 * tomcat-servlet-4_0-api-9.0.104-150200.81.1 * tomcat-jsp-2_3-api-9.0.104-150200.81.1 * tomcat-webapps-9.0.104-150200.81.1 * tomcat-admin-webapps-9.0.104-150200.81.1 * tomcat-lib-9.0.104-150200.81.1 ## References: * https://www.suse.com/security/cve/CVE-2025-31650.html * https://www.suse.com/security/cve/CVE-2025-31651.html * https://bugzilla.suse.com/show_bug.cgi?id=1242008 * https://bugzilla.suse.com/show_bug.cgi?id=1242009 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 9 08:30:07 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 09 May 2025 08:30:07 -0000 Subject: SUSE-SU-2025:1520-1: important: Security update for govulncheck-vulndb Message-ID: <174677940769.20256.12516889226902412441@smelt2.prg2.suse.org> # Security update for govulncheck-vulndb Announcement ID: SUSE-SU-2025:1520-1 Release Date: 2025-05-09T01:08:25Z Rating: important References: * jsc#PED-11136 Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that contains one feature can now be installed. ## Description: This update for govulncheck-vulndb fixes the following issues: * Update to version 0.0.20250506T153719 2025-05-06T15:37:19Z (jsc#PED-11136) * GO-2025-3656 * GO-2025-3661 * GO-2025-3662 * GO-2025-3663 * GO-2025-3665 * Update to version 0.0.20250505T161433 2025-05-05T16:14:33Z (jsc#PED-11136) * GO-2025-3645 * GO-2025-3646 * GO-2025-3647 * GO-2025-3648 * GO-2025-3649 * GO-2025-3650 * GO-2025-3652 * GO-2025-3660 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1520=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-1520=1 ## Package List: * openSUSE Leap 15.6 (noarch) * govulncheck-vulndb-0.0.20250506T153719-150000.1.71.1 * SUSE Package Hub 15 15-SP6 (noarch) * govulncheck-vulndb-0.0.20250506T153719-150000.1.71.1 ## References: * https://jira.suse.com/browse/PED-11136 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 9 08:30:18 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 09 May 2025 08:30:18 -0000 Subject: SUSE-SU-2025:1519-1: important: Security update for libsoup Message-ID: <174677941804.20256.684584390342699799@smelt2.prg2.suse.org> # Security update for libsoup Announcement ID: SUSE-SU-2025:1519-1 Release Date: 2025-05-09T00:07:48Z Rating: important References: * bsc#1240750 * bsc#1240752 * bsc#1240756 * bsc#1240757 * bsc#1241164 * bsc#1241222 * bsc#1241686 * bsc#1241688 Cross-References: * CVE-2025-2784 * CVE-2025-32050 * CVE-2025-32052 * CVE-2025-32053 * CVE-2025-32907 * CVE-2025-32914 * CVE-2025-46420 * CVE-2025-46421 CVSS scores: * CVE-2025-2784 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-2784 ( SUSE ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2025-2784 ( NVD ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2025-32050 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-32050 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32050 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32052 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-32052 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2025-32052 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2025-32053 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-32053 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2025-32053 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2025-32907 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-32907 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32907 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-32914 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-32914 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2025-46420 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-46420 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-46420 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-46421 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N * CVE-2025-46421 ( NVD ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves eight vulnerabilities can now be installed. ## Description: This update for libsoup fixes the following issues: * CVE-2025-2784: Fixed heap buffer over-read in `skip_insignificant_space` when sniffing content (bsc#1240750) * CVE-2025-32050: Fixed Integer overflow in append_param_quoted (bsc#1240752) * CVE-2025-32052: Fixed heap buffer overflow in sniff_unknown() (bsc#1240756) * CVE-2025-32053: Fixed heap buffer overflows in sniff_feed_or_html() and skip_insignificant_space() (bsc#1240757) * CVE-2025-32907: Fixed excessive memory consumption in server when client requests a large amount of overlapping ranges in a single HTTP request (bsc#1241222) * CVE-2025-32914: Fixed out of bounds read in `soup_multipart_new_from_message()` (bsc#1241164) * CVE-2025-46420: Fixed memory leak on soup_header_parse_quality_list() via soup-headers.c (bsc#1241686) * CVE-2025-46421: Fixed HTTP Authorization Header leak via an HTTP redirect (bsc#1241688) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1519=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1519=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1519=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1519=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1519=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1519=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * libsoup-2_4-1-debuginfo-2.68.4-150200.4.6.1 * libsoup-2_4-1-2.68.4-150200.4.6.1 * libsoup-debugsource-2.68.4-150200.4.6.1 * libsoup-devel-2.68.4-150200.4.6.1 * typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * libsoup-lang-2.68.4-150200.4.6.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * libsoup-2_4-1-debuginfo-2.68.4-150200.4.6.1 * libsoup-2_4-1-2.68.4-150200.4.6.1 * libsoup-debugsource-2.68.4-150200.4.6.1 * libsoup-devel-2.68.4-150200.4.6.1 * typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * libsoup-lang-2.68.4-150200.4.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * libsoup-2_4-1-debuginfo-2.68.4-150200.4.6.1 * libsoup-2_4-1-2.68.4-150200.4.6.1 * libsoup-debugsource-2.68.4-150200.4.6.1 * libsoup-devel-2.68.4-150200.4.6.1 * typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * libsoup-lang-2.68.4-150200.4.6.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * libsoup-2_4-1-debuginfo-2.68.4-150200.4.6.1 * libsoup-2_4-1-2.68.4-150200.4.6.1 * libsoup-debugsource-2.68.4-150200.4.6.1 * libsoup-devel-2.68.4-150200.4.6.1 * typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1 * SUSE Enterprise Storage 7.1 (noarch) * libsoup-lang-2.68.4-150200.4.6.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * libsoup-debugsource-2.68.4-150200.4.6.1 * libsoup-2_4-1-debuginfo-2.68.4-150200.4.6.1 * libsoup-2_4-1-2.68.4-150200.4.6.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * libsoup-debugsource-2.68.4-150200.4.6.1 * libsoup-2_4-1-debuginfo-2.68.4-150200.4.6.1 * libsoup-2_4-1-2.68.4-150200.4.6.1 ## References: * https://www.suse.com/security/cve/CVE-2025-2784.html * https://www.suse.com/security/cve/CVE-2025-32050.html * https://www.suse.com/security/cve/CVE-2025-32052.html * https://www.suse.com/security/cve/CVE-2025-32053.html * https://www.suse.com/security/cve/CVE-2025-32907.html * https://www.suse.com/security/cve/CVE-2025-32914.html * https://www.suse.com/security/cve/CVE-2025-46420.html * https://www.suse.com/security/cve/CVE-2025-46421.html * https://bugzilla.suse.com/show_bug.cgi?id=1240750 * https://bugzilla.suse.com/show_bug.cgi?id=1240752 * https://bugzilla.suse.com/show_bug.cgi?id=1240756 * https://bugzilla.suse.com/show_bug.cgi?id=1240757 * https://bugzilla.suse.com/show_bug.cgi?id=1241164 * https://bugzilla.suse.com/show_bug.cgi?id=1241222 * https://bugzilla.suse.com/show_bug.cgi?id=1241686 * https://bugzilla.suse.com/show_bug.cgi?id=1241688 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 9 12:30:06 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 09 May 2025 12:30:06 -0000 Subject: SUSE-SU-2025:1525-1: important: Security update for java-1_8_0-openjdk Message-ID: <174679380658.27840.11305237753759309870@smelt2.prg2.suse.org> # Security update for java-1_8_0-openjdk Announcement ID: SUSE-SU-2025:1525-1 Release Date: 2025-05-09T11:31:06Z Rating: important References: * bsc#1241274 * bsc#1241275 * bsc#1241276 Cross-References: * CVE-2025-21587 * CVE-2025-30691 * CVE-2025-30698 CVSS scores: * CVE-2025-21587 ( SUSE ): 9.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-21587 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2025-21587 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2025-30691 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-30691 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-30691 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-30698 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-30698 ( SUSE ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-30698 ( NVD ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L Affected Products: * Legacy Module 15-SP6 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves three vulnerabilities can now be installed. ## Description: This update for java-1_8_0-openjdk fixes the following issues: Update to version jdk8u452 (icedtea-3.35.0) Security issues fixed: * CVE-2025-21587: unauthorized creation, deletion or modification of critical data through the JSSE component. (bsc#1241274) * CVE-2025-30691: unauthorized update, insert or delete access to a subset of Oracle Java SE data through the Compiler component. (bsc#1241275) * CVE-2025-30698: unauthorized access to Oracle Java SE data and unauthorized ability to cause partial DoS through the 2D component. (bsc#1241276) Non-security issues fixed: * JDK-8212096: javax/net/ssl/ServerName/SSLEngineExplorerMatchedSNI.java failed intermittently due to SSLException: Tag mismatch. * JDK-8261020: wrong format parameter in create_emergency_chunk_path. * JDK-8266881: enable debug log for SSLEngineExplorerMatchedSNI.java. * JDK-8268457: XML Transformer outputs Unicode supplementary character incorrectly to HTML. * JDK-8309841: Jarsigner should print a warning if an entry is removed. * JDK-8337494: clarify JarInputStream behavior. * JDK-8339637: (tz) update Timezone Data to 2024b. * JDK-8339644: improve parsing of Day/Month in tzdata rules * JDK-8339810: clean up the code in sun.tools.jar.Main to properly close resources and use ZipFile during extract. * JDK-8340552: harden TzdbZoneRulesCompiler against missing zone names. * JDK-8342562: enhance Deflater operations. * JDK-8346587: distrust TLS server certificates anchored by Camerfirma Root CAs. * JDK-8347847: enhance jar file support. * JDK-8347965: (tz) update Timezone Data to 2025a. * JDK-8348211: [8u] sun/management/jmxremote/startstop/JMXStartStopTest.java fails after backport of JDK-8066708. * JDK-8350816: [8u] update TzdbZoneRulesCompiler to ignore HST/EST/MST links. * JDK-8352097: (tz) zone.tab update missed in 2025a backport. * JDK-8353433: XCG currency code not recognized in JDK 8u. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1525=1 * Legacy Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2025-1525=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1525=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1525=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1525=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1525=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1525=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1525=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1525=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1525=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1525=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1525=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * java-1_8_0-openjdk-devel-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-accessibility-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-debugsource-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-demo-debuginfo-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-headless-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-headless-debuginfo-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-demo-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-debuginfo-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-devel-debuginfo-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-src-1.8.0.452-150000.3.106.1 * openSUSE Leap 15.6 (noarch) * java-1_8_0-openjdk-javadoc-1.8.0.452-150000.3.106.1 * Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64) * java-1_8_0-openjdk-devel-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-debugsource-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-demo-debuginfo-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-headless-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-headless-debuginfo-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-demo-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-debuginfo-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-devel-debuginfo-1.8.0.452-150000.3.106.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * java-1_8_0-openjdk-devel-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-debugsource-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-demo-debuginfo-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-headless-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-headless-debuginfo-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-demo-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-debuginfo-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-devel-debuginfo-1.8.0.452-150000.3.106.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * java-1_8_0-openjdk-devel-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-debugsource-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-demo-debuginfo-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-headless-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-headless-debuginfo-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-demo-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-debuginfo-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-devel-debuginfo-1.8.0.452-150000.3.106.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * java-1_8_0-openjdk-devel-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-debugsource-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-demo-debuginfo-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-headless-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-headless-debuginfo-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-demo-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-debuginfo-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-devel-debuginfo-1.8.0.452-150000.3.106.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * java-1_8_0-openjdk-devel-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-debugsource-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-demo-debuginfo-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-headless-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-headless-debuginfo-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-demo-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-debuginfo-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-devel-debuginfo-1.8.0.452-150000.3.106.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * java-1_8_0-openjdk-devel-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-debugsource-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-demo-debuginfo-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-headless-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-headless-debuginfo-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-demo-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-debuginfo-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-devel-debuginfo-1.8.0.452-150000.3.106.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * java-1_8_0-openjdk-devel-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-debugsource-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-demo-debuginfo-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-headless-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-headless-debuginfo-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-demo-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-debuginfo-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-devel-debuginfo-1.8.0.452-150000.3.106.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * java-1_8_0-openjdk-devel-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-debugsource-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-demo-debuginfo-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-headless-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-headless-debuginfo-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-demo-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-debuginfo-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-devel-debuginfo-1.8.0.452-150000.3.106.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * java-1_8_0-openjdk-devel-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-debugsource-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-demo-debuginfo-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-headless-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-headless-debuginfo-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-demo-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-debuginfo-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-devel-debuginfo-1.8.0.452-150000.3.106.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * java-1_8_0-openjdk-devel-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-debugsource-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-demo-debuginfo-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-headless-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-headless-debuginfo-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-demo-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-debuginfo-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-devel-debuginfo-1.8.0.452-150000.3.106.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * java-1_8_0-openjdk-devel-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-debugsource-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-demo-debuginfo-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-headless-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-headless-debuginfo-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-demo-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-debuginfo-1.8.0.452-150000.3.106.1 * java-1_8_0-openjdk-devel-debuginfo-1.8.0.452-150000.3.106.1 ## References: * https://www.suse.com/security/cve/CVE-2025-21587.html * https://www.suse.com/security/cve/CVE-2025-30691.html * https://www.suse.com/security/cve/CVE-2025-30698.html * https://bugzilla.suse.com/show_bug.cgi?id=1241274 * https://bugzilla.suse.com/show_bug.cgi?id=1241275 * https://bugzilla.suse.com/show_bug.cgi?id=1241276 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 9 12:30:11 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 09 May 2025 12:30:11 -0000 Subject: SUSE-SU-2025:1524-1: important: Security update for java-1_8_0-openjdk Message-ID: <174679381169.27840.4099883082295348760@smelt2.prg2.suse.org> # Security update for java-1_8_0-openjdk Announcement ID: SUSE-SU-2025:1524-1 Release Date: 2025-05-09T11:29:11Z Rating: important References: * bsc#1241274 * bsc#1241275 * bsc#1241276 Cross-References: * CVE-2025-21587 * CVE-2025-30691 * CVE-2025-30698 CVSS scores: * CVE-2025-21587 ( SUSE ): 9.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-21587 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2025-21587 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2025-30691 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-30691 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-30691 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-30698 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-30698 ( SUSE ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-30698 ( NVD ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for java-1_8_0-openjdk fixes the following issues: Update to version jdk8u452 (icedtea-3.35.0) Security issues fixed: * CVE-2025-21587: unauthorized creation, deletion or modification of critical data through the JSSE component. (bsc#1241274) * CVE-2025-30691: unauthorized update, insert or delete access to a subset of Oracle Java SE data through the Compiler component. (bsc#1241275) * CVE-2025-30698: unauthorized access to Oracle Java SE data and unauthorized ability to cause partial DoS through the 2D component. (bsc#1241276) Non-security issues fixed: * JDK-8212096: javax/net/ssl/ServerName/SSLEngineExplorerMatchedSNI.java failed intermittently due to SSLException: Tag mismatch. * JDK-8261020: wrong format parameter in create_emergency_chunk_path. * JDK-8266881: enable debug log for SSLEngineExplorerMatchedSNI.java. * JDK-8268457: XML Transformer outputs Unicode supplementary character incorrectly to HTML. * JDK-8309841: Jarsigner should print a warning if an entry is removed. * JDK-8337494: clarify JarInputStream behavior. * JDK-8339637: (tz) update Timezone Data to 2024b. * JDK-8339644: improve parsing of Day/Month in tzdata rules * JDK-8339810: clean up the code in sun.tools.jar.Main to properly close resources and use ZipFile during extract. * JDK-8340552: harden TzdbZoneRulesCompiler against missing zone names. * JDK-8342562: enhance Deflater operations. * JDK-8346587: distrust TLS server certificates anchored by Camerfirma Root CAs. * JDK-8347847: enhance jar file support. * JDK-8347965: (tz) update Timezone Data to 2025a. * JDK-8348211: [8u] sun/management/jmxremote/startstop/JMXStartStopTest.java fails after backport of JDK-8066708. * JDK-8350816: [8u] update TzdbZoneRulesCompiler to ignore HST/EST/MST links. * JDK-8352097: (tz) zone.tab update missed in 2025a backport. * JDK-8353433: XCG currency code not recognized in JDK 8u. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-1524=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1524=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * java-1_8_0-openjdk-demo-debuginfo-1.8.0.452-27.114.1 * java-1_8_0-openjdk-debuginfo-1.8.0.452-27.114.1 * java-1_8_0-openjdk-demo-1.8.0.452-27.114.1 * java-1_8_0-openjdk-devel-debuginfo-1.8.0.452-27.114.1 * java-1_8_0-openjdk-1.8.0.452-27.114.1 * java-1_8_0-openjdk-headless-1.8.0.452-27.114.1 * java-1_8_0-openjdk-devel-1.8.0.452-27.114.1 * java-1_8_0-openjdk-headless-debuginfo-1.8.0.452-27.114.1 * java-1_8_0-openjdk-debugsource-1.8.0.452-27.114.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * java-1_8_0-openjdk-demo-debuginfo-1.8.0.452-27.114.1 * java-1_8_0-openjdk-debuginfo-1.8.0.452-27.114.1 * java-1_8_0-openjdk-demo-1.8.0.452-27.114.1 * java-1_8_0-openjdk-devel-debuginfo-1.8.0.452-27.114.1 * java-1_8_0-openjdk-1.8.0.452-27.114.1 * java-1_8_0-openjdk-headless-1.8.0.452-27.114.1 * java-1_8_0-openjdk-devel-1.8.0.452-27.114.1 * java-1_8_0-openjdk-headless-debuginfo-1.8.0.452-27.114.1 * java-1_8_0-openjdk-debugsource-1.8.0.452-27.114.1 ## References: * https://www.suse.com/security/cve/CVE-2025-21587.html * https://www.suse.com/security/cve/CVE-2025-30691.html * https://www.suse.com/security/cve/CVE-2025-30698.html * https://bugzilla.suse.com/show_bug.cgi?id=1241274 * https://bugzilla.suse.com/show_bug.cgi?id=1241275 * https://bugzilla.suse.com/show_bug.cgi?id=1241276 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 9 12:30:14 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 09 May 2025 12:30:14 -0000 Subject: SUSE-SU-2025:1523-1: moderate: Security update for python-Django Message-ID: <174679381405.27840.7477379294826329350@smelt2.prg2.suse.org> # Security update for python-Django Announcement ID: SUSE-SU-2025:1523-1 Release Date: 2025-05-09T11:27:33Z Rating: moderate References: * bsc#1242210 Cross-References: * CVE-2025-32873 CVSS scores: * CVE-2025-32873 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32873 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves one vulnerability can now be installed. ## Description: This update for python-Django fixes the following issues: * CVE-2025-32873: Fixed denial-of-service possibility in `strip_tags()` (bsc#1242210) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1523=1 SUSE-2025-1523=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-1523=1 ## Package List: * openSUSE Leap 15.6 (noarch) * python311-Django-4.2.11-150600.3.21.1 * SUSE Package Hub 15 15-SP6 (noarch) * python311-Django-4.2.11-150600.3.21.1 ## References: * https://www.suse.com/security/cve/CVE-2025-32873.html * https://bugzilla.suse.com/show_bug.cgi?id=1242210 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 9 12:30:16 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 09 May 2025 12:30:16 -0000 Subject: SUSE-SU-2025:1522-1: moderate: Security update for wireshark Message-ID: <174679381672.27840.3786366465175125409@smelt2.prg2.suse.org> # Security update for wireshark Announcement ID: SUSE-SU-2025:1522-1 Release Date: 2025-05-09T09:34:28Z Rating: moderate References: * bsc#1224259 Cross-References: * CVE-2024-4853 CVSS scores: * CVE-2024-4853 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for wireshark fixes the following issues: * CVE-2024-4853: Fixed denial of service in editcap caused by crafted capture file (bsc#1224259) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1522=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libwscodecs1-debuginfo-2.4.16-48.60.1 * wireshark-2.4.16-48.60.1 * libwireshark9-debuginfo-2.4.16-48.60.1 * libwsutil8-debuginfo-2.4.16-48.60.1 * wireshark-gtk-debuginfo-2.4.16-48.60.1 * libwiretap7-2.4.16-48.60.1 * libwiretap7-debuginfo-2.4.16-48.60.1 * libwireshark9-2.4.16-48.60.1 * wireshark-debugsource-2.4.16-48.60.1 * libwsutil8-2.4.16-48.60.1 * wireshark-debuginfo-2.4.16-48.60.1 * wireshark-gtk-2.4.16-48.60.1 * wireshark-devel-2.4.16-48.60.1 * libwscodecs1-2.4.16-48.60.1 ## References: * https://www.suse.com/security/cve/CVE-2024-4853.html * https://bugzilla.suse.com/show_bug.cgi?id=1224259 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 9 16:30:11 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 09 May 2025 16:30:11 -0000 Subject: SUSE-RU-2025:1527-1: important: Recommended update for libsolv, libzypp, zypper Message-ID: <174680821132.14447.12684229471921850335@smelt2.prg2.suse.org> # Recommended update for libsolv, libzypp, zypper Announcement ID: SUSE-RU-2025:1527-1 Release Date: 2025-05-09T15:21:53Z Rating: important References: * bsc#1222044 * bsc#1230267 * bsc#1235598 * bsc#1237172 * bsc#1237587 * bsc#1237949 * bsc#1238315 * bsc#1239809 * bsc#1240529 Affected Products: * Basesystem Module 15-SP6 * Development Tools Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that has nine fixes can now be installed. ## Description: This update for libsolv, libzypp, zypper fixes the following issues: * Support the apk package and repository format (both v2 and v3) * New dataiterator_final_{repo,solvable} functions * Provide a symbol specific for the ruby-version so yast does not break across updates (bsc#1235598) * XmlReader: Fix detection of bad input streams * rpm: Fix detection of %triggerscript starts (bsc#1222044) * RepoindexFileReader: add more related attributes a service may set * Drop workaround for broken rpm-4.18 in Code16 (bsc#1237172) * Drop usage of SHA1 hash algorithm because it will become unavailable in FIPS mode (bsc#1240529) * Fix zypp.conf dupAllowVendorChange to reflect the correct default (false) * zypp.conf: Add `lock_timeout` ($ZYPP_LOCK_TIMEOUT) (bsc#1239809) * Fix computation of RepStatus if Repo URLs change * Fix lost double slash when appending to an absolute FTP url (bsc#1238315) * Add a transaction package preloader * Strip a mediahandler tag from baseUrl querystrings * Updated translations (bsc#1230267) * Do not double encode URL strings passed on the commandline (bsc#1237587) * info,search: add option to search and list Enhances (bsc#1237949) ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1527=1 SUSE-2025-1527=1 * SUSE Linux Enterprise High Performance Computing 15 SP6 zypper in -t patch SUSE-SLE-INSTALLER-15-SP6-2025-1527=1 * SUSE Linux Enterprise Server 15 SP6 zypper in -t patch SUSE-SLE-INSTALLER-15-SP6-2025-1527=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-INSTALLER-15-SP6-2025-1527=1 * SUSE Linux Enterprise Desktop 15 SP6 zypper in -t patch SUSE-SLE-INSTALLER-15-SP6-2025-1527=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1527=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-1527=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * python3-solv-debuginfo-0.7.32-150600.8.10.1 * libsolv-demo-0.7.32-150600.8.10.1 * zypper-1.14.89-150600.10.31.1 * ruby-solv-0.7.32-150600.8.10.1 * zypper-debuginfo-1.14.89-150600.10.31.1 * libsolv-devel-0.7.32-150600.8.10.1 * libsolv-debuginfo-0.7.32-150600.8.10.1 * libsolv-tools-debuginfo-0.7.32-150600.8.10.1 * python311-solv-debuginfo-0.7.32-150600.8.10.1 * libsolv-demo-debuginfo-0.7.32-150600.8.10.1 * ruby-solv-debuginfo-0.7.32-150600.8.10.1 * libzypp-devel-doc-17.36.7-150600.3.53.1 * libsolv-tools-0.7.32-150600.8.10.1 * perl-solv-debuginfo-0.7.32-150600.8.10.1 * python3-solv-0.7.32-150600.8.10.1 * libzypp-devel-17.36.7-150600.3.53.1 * python311-solv-0.7.32-150600.8.10.1 * zypper-debugsource-1.14.89-150600.10.31.1 * libsolv-tools-base-0.7.32-150600.8.10.1 * libsolv-devel-debuginfo-0.7.32-150600.8.10.1 * libsolv-tools-base-debuginfo-0.7.32-150600.8.10.1 * libzypp-17.36.7-150600.3.53.1 * libzypp-debuginfo-17.36.7-150600.3.53.1 * libsolv-debugsource-0.7.32-150600.8.10.1 * perl-solv-0.7.32-150600.8.10.1 * libzypp-debugsource-17.36.7-150600.3.53.1 * openSUSE Leap 15.6 (noarch) * zypper-needs-restarting-1.14.89-150600.10.31.1 * zypper-aptitude-1.14.89-150600.10.31.1 * zypper-log-1.14.89-150600.10.31.1 * SUSE Linux Enterprise High Performance Computing 15 SP6 (aarch64 x86_64) * libzypp-17.36.7-150600.3.53.1 * libsolv-tools-0.7.32-150600.8.10.1 * libsolv-tools-base-0.7.32-150600.8.10.1 * SUSE Linux Enterprise Server 15 SP6 (aarch64 ppc64le s390x x86_64) * libzypp-17.36.7-150600.3.53.1 * libsolv-tools-0.7.32-150600.8.10.1 * libsolv-tools-base-0.7.32-150600.8.10.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * libzypp-17.36.7-150600.3.53.1 * libsolv-tools-0.7.32-150600.8.10.1 * libsolv-tools-base-0.7.32-150600.8.10.1 * SUSE Linux Enterprise Desktop 15 SP6 (x86_64) * libzypp-17.36.7-150600.3.53.1 * libsolv-tools-0.7.32-150600.8.10.1 * libsolv-tools-base-0.7.32-150600.8.10.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libzypp-debuginfo-17.36.7-150600.3.53.1 * libsolv-tools-0.7.32-150600.8.10.1 * libsolv-debugsource-0.7.32-150600.8.10.1 * libsolv-devel-0.7.32-150600.8.10.1 * ruby-solv-0.7.32-150600.8.10.1 * libsolv-debuginfo-0.7.32-150600.8.10.1 * libsolv-tools-debuginfo-0.7.32-150600.8.10.1 * libzypp-devel-17.36.7-150600.3.53.1 * python3-solv-0.7.32-150600.8.10.1 * python3-solv-debuginfo-0.7.32-150600.8.10.1 * ruby-solv-debuginfo-0.7.32-150600.8.10.1 * libsolv-tools-base-0.7.32-150600.8.10.1 * zypper-1.14.89-150600.10.31.1 * zypper-debugsource-1.14.89-150600.10.31.1 * libsolv-devel-debuginfo-0.7.32-150600.8.10.1 * libzypp-debugsource-17.36.7-150600.3.53.1 * libzypp-17.36.7-150600.3.53.1 * zypper-debuginfo-1.14.89-150600.10.31.1 * Basesystem Module 15-SP6 (noarch) * zypper-needs-restarting-1.14.89-150600.10.31.1 * zypper-log-1.14.89-150600.10.31.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libsolv-debugsource-0.7.32-150600.8.10.1 * perl-solv-debuginfo-0.7.32-150600.8.10.1 * perl-solv-0.7.32-150600.8.10.1 * libsolv-debuginfo-0.7.32-150600.8.10.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1222044 * https://bugzilla.suse.com/show_bug.cgi?id=1230267 * https://bugzilla.suse.com/show_bug.cgi?id=1235598 * https://bugzilla.suse.com/show_bug.cgi?id=1237172 * https://bugzilla.suse.com/show_bug.cgi?id=1237587 * https://bugzilla.suse.com/show_bug.cgi?id=1237949 * https://bugzilla.suse.com/show_bug.cgi?id=1238315 * https://bugzilla.suse.com/show_bug.cgi?id=1239809 * https://bugzilla.suse.com/show_bug.cgi?id=1240529 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 9 16:30:23 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 09 May 2025 16:30:23 -0000 Subject: SUSE-RU-2025:1526-1: important: Recommended update for libsolv, libzypp, zypper Message-ID: <174680822356.14447.7230237487060655882@smelt2.prg2.suse.org> # Recommended update for libsolv, libzypp, zypper Announcement ID: SUSE-RU-2025:1526-1 Release Date: 2025-05-09T15:21:26Z Rating: important References: * bsc#1222044 * bsc#1230267 * bsc#1235598 * bsc#1237172 * bsc#1237587 * bsc#1237949 * bsc#1238315 * bsc#1239809 * bsc#1240529 Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that has nine fixes can now be installed. ## Description: This update for libsolv, libzypp, zypper fixes the following issues: * Support the apk package and repository format (both v2 and v3) * New dataiterator_final_{repo,solvable} functions * Provide a symbol specific for the ruby-version so yast does not break across updates (bsc#1235598) * XmlReader: Fix detection of bad input streams * rpm: Fix detection of %triggerscript starts (bsc#1222044) * RepoindexFileReader: add more related attributes a service may set * Drop workaround for broken rpm-4.18 in Code16 (bsc#1237172) * Drop usage of SHA1 hash algorithm because it will become unavailable in FIPS mode (bsc#1240529) * Fix zypp.conf dupAllowVendorChange to reflect the correct default (false) * zypp.conf: Add `lock_timeout` ($ZYPP_LOCK_TIMEOUT) (bsc#1239809) * Fix computation of RepStatus if Repo URLs change * Fix lost double slash when appending to an absolute FTP url (bsc#1238315) * Add a transaction package preloader * Strip a mediahandler tag from baseUrl querystrings * Updated translations (bsc#1230267) * Do not double encode URL strings passed on the commandline (bsc#1237587) * info,search: add option to search and list Enhances (bsc#1237949) ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP3 zypper in -t patch SUSE-SLE-INSTALLER-15-SP3-2025-1526=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1526=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1526=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1526=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1526=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-1526=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1526=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1526=1 ## Package List: * SUSE Linux Enterprise Server 15 SP3 (aarch64 ppc64le s390x x86_64) * libzypp-17.36.7-150200.153.1 * libsolv-tools-base-0.7.32-150200.43.1 * libsolv-tools-0.7.32-150200.43.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * perl-solv-debuginfo-0.7.32-150200.43.1 * libzypp-debugsource-17.36.7-150200.153.1 * perl-solv-0.7.32-150200.43.1 * libsolv-debugsource-0.7.32-150200.43.1 * python3-solv-0.7.32-150200.43.1 * zypper-debuginfo-1.14.89-150200.111.1 * libzypp-devel-17.36.7-150200.153.1 * libsolv-devel-debuginfo-0.7.32-150200.43.1 * libsolv-tools-base-0.7.32-150200.43.1 * zypper-1.14.89-150200.111.1 * libzypp-debuginfo-17.36.7-150200.153.1 * libsolv-tools-debuginfo-0.7.32-150200.43.1 * libsolv-devel-0.7.32-150200.43.1 * ruby-solv-debuginfo-0.7.32-150200.43.1 * libsolv-tools-0.7.32-150200.43.1 * ruby-solv-0.7.32-150200.43.1 * libsolv-tools-base-debuginfo-0.7.32-150200.43.1 * libzypp-17.36.7-150200.153.1 * zypper-debugsource-1.14.89-150200.111.1 * libsolv-debuginfo-0.7.32-150200.43.1 * python3-solv-debuginfo-0.7.32-150200.43.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * zypper-needs-restarting-1.14.89-150200.111.1 * zypper-log-1.14.89-150200.111.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * perl-solv-debuginfo-0.7.32-150200.43.1 * libzypp-debugsource-17.36.7-150200.153.1 * perl-solv-0.7.32-150200.43.1 * libsolv-debugsource-0.7.32-150200.43.1 * python3-solv-0.7.32-150200.43.1 * zypper-debuginfo-1.14.89-150200.111.1 * libzypp-devel-17.36.7-150200.153.1 * libsolv-devel-debuginfo-0.7.32-150200.43.1 * libsolv-tools-base-0.7.32-150200.43.1 * zypper-1.14.89-150200.111.1 * libzypp-debuginfo-17.36.7-150200.153.1 * libsolv-tools-debuginfo-0.7.32-150200.43.1 * libsolv-devel-0.7.32-150200.43.1 * ruby-solv-debuginfo-0.7.32-150200.43.1 * libsolv-tools-0.7.32-150200.43.1 * ruby-solv-0.7.32-150200.43.1 * libsolv-tools-base-debuginfo-0.7.32-150200.43.1 * libzypp-17.36.7-150200.153.1 * zypper-debugsource-1.14.89-150200.111.1 * libsolv-debuginfo-0.7.32-150200.43.1 * python3-solv-debuginfo-0.7.32-150200.43.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * zypper-needs-restarting-1.14.89-150200.111.1 * zypper-log-1.14.89-150200.111.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * perl-solv-debuginfo-0.7.32-150200.43.1 * libzypp-debugsource-17.36.7-150200.153.1 * perl-solv-0.7.32-150200.43.1 * libsolv-debugsource-0.7.32-150200.43.1 * python3-solv-0.7.32-150200.43.1 * zypper-debuginfo-1.14.89-150200.111.1 * libzypp-devel-17.36.7-150200.153.1 * libsolv-devel-debuginfo-0.7.32-150200.43.1 * libsolv-tools-base-0.7.32-150200.43.1 * zypper-1.14.89-150200.111.1 * libzypp-debuginfo-17.36.7-150200.153.1 * libsolv-tools-debuginfo-0.7.32-150200.43.1 * libsolv-devel-0.7.32-150200.43.1 * ruby-solv-debuginfo-0.7.32-150200.43.1 * libsolv-tools-0.7.32-150200.43.1 * ruby-solv-0.7.32-150200.43.1 * libsolv-tools-base-debuginfo-0.7.32-150200.43.1 * libzypp-17.36.7-150200.153.1 * zypper-debugsource-1.14.89-150200.111.1 * libsolv-debuginfo-0.7.32-150200.43.1 * python3-solv-debuginfo-0.7.32-150200.43.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * zypper-needs-restarting-1.14.89-150200.111.1 * zypper-log-1.14.89-150200.111.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * perl-solv-debuginfo-0.7.32-150200.43.1 * libzypp-debugsource-17.36.7-150200.153.1 * perl-solv-0.7.32-150200.43.1 * libsolv-debugsource-0.7.32-150200.43.1 * python3-solv-0.7.32-150200.43.1 * zypper-debuginfo-1.14.89-150200.111.1 * libzypp-devel-17.36.7-150200.153.1 * libsolv-devel-debuginfo-0.7.32-150200.43.1 * libsolv-tools-base-0.7.32-150200.43.1 * zypper-1.14.89-150200.111.1 * libzypp-debuginfo-17.36.7-150200.153.1 * libsolv-tools-debuginfo-0.7.32-150200.43.1 * libsolv-devel-0.7.32-150200.43.1 * ruby-solv-debuginfo-0.7.32-150200.43.1 * libsolv-tools-0.7.32-150200.43.1 * ruby-solv-0.7.32-150200.43.1 * libsolv-tools-base-debuginfo-0.7.32-150200.43.1 * libzypp-17.36.7-150200.153.1 * zypper-debugsource-1.14.89-150200.111.1 * libsolv-debuginfo-0.7.32-150200.43.1 * python3-solv-debuginfo-0.7.32-150200.43.1 * SUSE Enterprise Storage 7.1 (noarch) * zypper-needs-restarting-1.14.89-150200.111.1 * zypper-log-1.14.89-150200.111.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * libzypp-debuginfo-17.36.7-150200.153.1 * libsolv-tools-debuginfo-0.7.32-150200.43.1 * libsolv-debuginfo-0.7.32-150200.43.1 * libzypp-debugsource-17.36.7-150200.153.1 * libsolv-tools-base-0.7.32-150200.43.1 * libsolv-tools-0.7.32-150200.43.1 * libsolv-debugsource-0.7.32-150200.43.1 * zypper-debuginfo-1.14.89-150200.111.1 * zypper-1.14.89-150200.111.1 * libsolv-tools-base-debuginfo-0.7.32-150200.43.1 * libzypp-17.36.7-150200.153.1 * zypper-debugsource-1.14.89-150200.111.1 * SUSE Linux Enterprise Micro 5.1 (noarch) * zypper-needs-restarting-1.14.89-150200.111.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * libzypp-debuginfo-17.36.7-150200.153.1 * libsolv-tools-debuginfo-0.7.32-150200.43.1 * libsolv-debuginfo-0.7.32-150200.43.1 * libzypp-debugsource-17.36.7-150200.153.1 * libsolv-tools-base-0.7.32-150200.43.1 * libsolv-tools-0.7.32-150200.43.1 * libsolv-debugsource-0.7.32-150200.43.1 * zypper-debuginfo-1.14.89-150200.111.1 * zypper-1.14.89-150200.111.1 * libsolv-tools-base-debuginfo-0.7.32-150200.43.1 * libzypp-17.36.7-150200.153.1 * zypper-debugsource-1.14.89-150200.111.1 * SUSE Linux Enterprise Micro 5.2 (noarch) * zypper-needs-restarting-1.14.89-150200.111.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * libzypp-debuginfo-17.36.7-150200.153.1 * libsolv-tools-debuginfo-0.7.32-150200.43.1 * libsolv-debuginfo-0.7.32-150200.43.1 * libzypp-debugsource-17.36.7-150200.153.1 * libsolv-tools-base-0.7.32-150200.43.1 * libsolv-tools-0.7.32-150200.43.1 * libsolv-debugsource-0.7.32-150200.43.1 * zypper-debuginfo-1.14.89-150200.111.1 * zypper-1.14.89-150200.111.1 * libsolv-tools-base-debuginfo-0.7.32-150200.43.1 * libzypp-17.36.7-150200.153.1 * zypper-debugsource-1.14.89-150200.111.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch) * zypper-needs-restarting-1.14.89-150200.111.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1222044 * https://bugzilla.suse.com/show_bug.cgi?id=1230267 * https://bugzilla.suse.com/show_bug.cgi?id=1235598 * https://bugzilla.suse.com/show_bug.cgi?id=1237172 * https://bugzilla.suse.com/show_bug.cgi?id=1237587 * https://bugzilla.suse.com/show_bug.cgi?id=1237949 * https://bugzilla.suse.com/show_bug.cgi?id=1238315 * https://bugzilla.suse.com/show_bug.cgi?id=1239809 * https://bugzilla.suse.com/show_bug.cgi?id=1240529 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 9 20:30:04 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 09 May 2025 20:30:04 -0000 Subject: SUSE-SU-2025:1528-1: moderate: Security update for freetype2 Message-ID: <174682260428.14447.17200032875847183263@smelt2.prg2.suse.org> # Security update for freetype2 Announcement ID: SUSE-SU-2025:1528-1 Release Date: 2025-05-09T17:49:06Z Rating: moderate References: * bsc#1235670 Cross-References: * CVE-2025-23022 CVSS scores: * CVE-2025-23022 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-23022 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23022 ( NVD ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-23022 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for freetype2 fixes the following issues: * CVE-2025-23022: signed integer overflow in cf2_doFlex in cff/cf2intrp.c. (bsc#1235670) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1528=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * freetype2-devel-2.6.3-7.24.1 * libfreetype6-32bit-2.6.3-7.24.1 * libfreetype6-debuginfo-2.6.3-7.24.1 * freetype2-debugsource-2.6.3-7.24.1 * libfreetype6-debuginfo-32bit-2.6.3-7.24.1 * libfreetype6-2.6.3-7.24.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (nosrc x86_64) * ft2demos-2.6.3-7.24.1 ## References: * https://www.suse.com/security/cve/CVE-2025-23022.html * https://bugzilla.suse.com/show_bug.cgi?id=1235670 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 12 12:30:02 2025 From: null at suse.de (SLE-UPDATES) Date: Mon, 12 May 2025 12:30:02 -0000 Subject: SUSE-OU-2025:1531-1: low: Optional update for google-guest-oslogin Message-ID: <174705300277.1665.3930086614955982754@smelt2.prg2.suse.org> # Optional update for google-guest-oslogin Announcement ID: SUSE-OU-2025:1531-1 Release Date: 2025-05-12T10:57:52Z Rating: low References: Affected Products: * openSUSE Leap 15.6 * Public Cloud Module 15-SP3 * Public Cloud Module 15-SP4 * Public Cloud Module 15-SP5 * Public Cloud Module 15-SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.2 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.2 * SUSE Manager Server 4.3 An update that can now be installed. ## Description: This update for google-guest-oslogin fixes the following issue: * Rebuild for consistency across products, no source changes. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2025-1531=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2025-1531=1 * Public Cloud Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2025-1531=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1531=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-1531=1 * Public Cloud Module 15-SP3 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2025-1531=1 ## Package List: * Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64) * google-guest-oslogin-debuginfo-20240311.00-150000.1.50.1 * google-guest-oslogin-debugsource-20240311.00-150000.1.50.1 * google-guest-oslogin-20240311.00-150000.1.50.1 * Public Cloud Module 15-SP5 (aarch64 ppc64le s390x x86_64) * google-guest-oslogin-debuginfo-20240311.00-150000.1.50.1 * google-guest-oslogin-debugsource-20240311.00-150000.1.50.1 * google-guest-oslogin-20240311.00-150000.1.50.1 * Public Cloud Module 15-SP6 (aarch64 ppc64le s390x x86_64) * google-guest-oslogin-debuginfo-20240311.00-150000.1.50.1 * google-guest-oslogin-debugsource-20240311.00-150000.1.50.1 * google-guest-oslogin-20240311.00-150000.1.50.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * google-guest-oslogin-debuginfo-20240311.00-150000.1.50.1 * google-guest-oslogin-debugsource-20240311.00-150000.1.50.1 * google-guest-oslogin-20240311.00-150000.1.50.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * google-guest-oslogin-20240311.00-150000.1.50.1 * Public Cloud Module 15-SP3 (aarch64 ppc64le s390x x86_64) * google-guest-oslogin-debuginfo-20240311.00-150000.1.50.1 * google-guest-oslogin-debugsource-20240311.00-150000.1.50.1 * google-guest-oslogin-20240311.00-150000.1.50.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 12 20:30:04 2025 From: null at suse.de (SLE-UPDATES) Date: Mon, 12 May 2025 20:30:04 -0000 Subject: SUSE-SU-2025:1534-1: low: Security update for augeas Message-ID: <174708180440.12365.15926644825947657999@smelt2.prg2.suse.org> # Security update for augeas Announcement ID: SUSE-SU-2025:1534-1 Release Date: 2025-05-12T16:01:07Z Rating: low References: * bsc#1239909 Cross-References: * CVE-2025-2588 CVSS scores: * CVE-2025-2588 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-2588 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-2588 ( NVD ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-2588 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-2588 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for augeas fixes the following issues: * CVE-2025-2588: Check for NULL pointers when calling re_case_expand in function fa_expand_nocase. (bsc#1239909) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1534=1 openSUSE-SLE-15.6-2025-1534=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1534=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * augeas-devel-1.14.1-150600.3.3.1 * libfa1-debuginfo-1.14.1-150600.3.3.1 * augeas-lense-tests-1.14.1-150600.3.3.1 * augeas-debugsource-1.14.1-150600.3.3.1 * libaugeas0-debuginfo-1.14.1-150600.3.3.1 * augeas-debuginfo-1.14.1-150600.3.3.1 * augeas-bash-completion-1.14.1-150600.3.3.1 * libaugeas0-1.14.1-150600.3.3.1 * augeas-lenses-1.14.1-150600.3.3.1 * libfa1-1.14.1-150600.3.3.1 * augeas-1.14.1-150600.3.3.1 * openSUSE Leap 15.6 (x86_64) * augeas-devel-32bit-1.14.1-150600.3.3.1 * libfa1-32bit-1.14.1-150600.3.3.1 * libaugeas0-32bit-debuginfo-1.14.1-150600.3.3.1 * libaugeas0-32bit-1.14.1-150600.3.3.1 * libfa1-32bit-debuginfo-1.14.1-150600.3.3.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libfa1-64bit-1.14.1-150600.3.3.1 * libaugeas0-64bit-debuginfo-1.14.1-150600.3.3.1 * libfa1-64bit-debuginfo-1.14.1-150600.3.3.1 * libaugeas0-64bit-1.14.1-150600.3.3.1 * augeas-devel-64bit-1.14.1-150600.3.3.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * augeas-devel-1.14.1-150600.3.3.1 * libfa1-debuginfo-1.14.1-150600.3.3.1 * augeas-debugsource-1.14.1-150600.3.3.1 * libaugeas0-debuginfo-1.14.1-150600.3.3.1 * augeas-debuginfo-1.14.1-150600.3.3.1 * libaugeas0-1.14.1-150600.3.3.1 * augeas-lenses-1.14.1-150600.3.3.1 * libfa1-1.14.1-150600.3.3.1 * augeas-1.14.1-150600.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-2588.html * https://bugzilla.suse.com/show_bug.cgi?id=1239909 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 13 08:30:01 2025 From: null at suse.de (SLE-UPDATES) Date: Tue, 13 May 2025 08:30:01 -0000 Subject: SUSE-RU-2025:1539-1: moderate: Recommended update for csp-billing-adapter Message-ID: <174712500165.14443.9230163963485034955@smelt2.prg2.suse.org> # Recommended update for csp-billing-adapter Announcement ID: SUSE-RU-2025:1539-1 Release Date: 2025-05-13T05:40:39Z Rating: moderate References: Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.6 * Public Cloud Module 15-SP4 * Public Cloud Module 15-SP5 * Public Cloud Module 15-SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that can now be installed. ## Description: This update for csp-billing-adapter fixes the following issues: * Update to version 1.3.1 * Fix bug, Make the datetime timezone aware * Update to version 1.3.0 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1539=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1539=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2025-1539=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2025-1539=1 * Public Cloud Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2025-1539=1 ## Package List: * openSUSE Leap 15.4 (noarch) * python311-csp-billing-adapter-1.3.1-150400.9.34.1 * csp-billing-adapter-service-1.3.1-150400.9.34.1 * openSUSE Leap 15.6 (noarch) * python311-csp-billing-adapter-1.3.1-150400.9.34.1 * csp-billing-adapter-service-1.3.1-150400.9.34.1 * Public Cloud Module 15-SP4 (noarch) * python311-csp-billing-adapter-1.3.1-150400.9.34.1 * csp-billing-adapter-service-1.3.1-150400.9.34.1 * Public Cloud Module 15-SP5 (noarch) * python311-csp-billing-adapter-1.3.1-150400.9.34.1 * csp-billing-adapter-service-1.3.1-150400.9.34.1 * Public Cloud Module 15-SP6 (noarch) * python311-csp-billing-adapter-1.3.1-150400.9.34.1 * csp-billing-adapter-service-1.3.1-150400.9.34.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 13 08:30:11 2025 From: null at suse.de (SLE-UPDATES) Date: Tue, 13 May 2025 08:30:11 -0000 Subject: SUSE-RU-2025:1538-1: important: Recommended update for samba Message-ID: <174712501177.14443.13473061720194863516@smelt2.prg2.suse.org> # Recommended update for samba Announcement ID: SUSE-RU-2025:1538-1 Release Date: 2025-05-13T05:39:57Z Rating: important References: * bsc#1234210 Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Availability Extension 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that has one fix can now be installed. ## Description: This update for samba fixes the following issues: * Fix Samba printers reporting invalid sid during print jobs (bsc#1234210). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1538=1 openSUSE-SLE-15.6-2025-1538=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1538=1 * SUSE Linux Enterprise High Availability Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-HA-15-SP6-2025-1538=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libsamba-policy-devel-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-client-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-libs-python3-debuginfo-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-libs-debuginfo-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-winbind-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-winbind-debuginfo-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * libsamba-policy0-python3-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-tool-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-libs-python3-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-winbind-libs-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * libsamba-policy-python3-devel-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-client-libs-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-debuginfo-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-gpupdate-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-dcerpc-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-test-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-debugsource-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-devel-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-dcerpc-debuginfo-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-python3-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-ldb-ldap-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-libs-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-python3-debuginfo-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-winbind-libs-debuginfo-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * ctdb-pcp-pmda-debuginfo-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-ldb-ldap-debuginfo-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * ctdb-pcp-pmda-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * ctdb-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-client-libs-debuginfo-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-client-debuginfo-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * ctdb-debuginfo-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * libsamba-policy0-python3-debuginfo-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-test-debuginfo-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * openSUSE Leap 15.6 (x86_64) * samba-client-32bit-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-libs-python3-32bit-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-libs-python3-32bit-debuginfo-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * libsamba-policy0-python3-32bit-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-winbind-libs-32bit-debuginfo-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-client-32bit-debuginfo-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-devel-32bit-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-client-libs-32bit-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-libs-32bit-debuginfo-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-libs-32bit-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-client-libs-32bit-debuginfo-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-winbind-libs-32bit-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * libsamba-policy0-python3-32bit-debuginfo-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * openSUSE Leap 15.6 (noarch) * samba-doc-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * openSUSE Leap 15.6 (aarch64 x86_64) * samba-ceph-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-ceph-debuginfo-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * openSUSE Leap 15.6 (aarch64_ilp32) * samba-client-libs-64bit-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-libs-64bit-debuginfo-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-winbind-libs-64bit-debuginfo-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * libsamba-policy0-python3-64bit-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-client-libs-64bit-debuginfo-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-libs-python3-64bit-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-client-64bit-debuginfo-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-libs-python3-64bit-debuginfo-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * libsamba-policy0-python3-64bit-debuginfo-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-devel-64bit-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-winbind-libs-64bit-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-client-64bit-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-libs-64bit-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libsamba-policy-devel-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-client-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-libs-python3-debuginfo-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-libs-debuginfo-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-winbind-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-winbind-debuginfo-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * libsamba-policy0-python3-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-tool-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-libs-python3-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-winbind-libs-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * libsamba-policy-python3-devel-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-client-libs-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-debuginfo-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-gpupdate-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-dcerpc-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-debugsource-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-devel-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-dcerpc-debuginfo-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-python3-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-ldb-ldap-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-libs-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-python3-debuginfo-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-winbind-libs-debuginfo-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-ldb-ldap-debuginfo-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-client-libs-debuginfo-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-client-debuginfo-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * libsamba-policy0-python3-debuginfo-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * Basesystem Module 15-SP6 (aarch64 x86_64) * samba-ceph-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-ceph-debuginfo-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * Basesystem Module 15-SP6 (x86_64) * samba-winbind-libs-32bit-debuginfo-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-client-libs-32bit-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-libs-32bit-debuginfo-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-libs-32bit-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-client-libs-32bit-debuginfo-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-winbind-libs-32bit-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * SUSE Linux Enterprise High Availability Extension 15 SP6 (aarch64 ppc64le s390x x86_64) * ctdb-debuginfo-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * ctdb-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-debugsource-4.19.8+git.422.34307c5a3aa-150600.3.15.1 * samba-debuginfo-4.19.8+git.422.34307c5a3aa-150600.3.15.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1234210 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 13 08:30:14 2025 From: null at suse.de (SLE-UPDATES) Date: Tue, 13 May 2025 08:30:14 -0000 Subject: SUSE-SU-2025:1537-1: important: Security update for tomcat10 Message-ID: <174712501487.14443.7319867861939555445@smelt2.prg2.suse.org> # Security update for tomcat10 Announcement ID: SUSE-SU-2025:1537-1 Release Date: 2025-05-13T02:49:24Z Rating: important References: * bsc#1242008 * bsc#1242009 Cross-References: * CVE-2025-31650 * CVE-2025-31651 CVSS scores: * CVE-2025-31650 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-31650 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-31650 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-31650 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-31651 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-31651 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-31651 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-31651 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * Web and Scripting Module 15-SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for tomcat10 fixes the following issues: Update to Tomcat 10.1.40 * CVE-2025-31650: invalid priority field values should be ignored (bsc#1242008) * CVE-2025-31651: Better handling of URLs with literal ';' and '?' (bsc#1242009) Full changelog: https://tomcat.apache.org/tomcat-10.1-doc/changelog.html ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1537=1 * Web and Scripting Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP6-2025-1537=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1537=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1537=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1537=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1537=1 ## Package List: * openSUSE Leap 15.6 (noarch) * tomcat10-jsvc-10.1.40-150200.5.40.1 * tomcat10-embed-10.1.40-150200.5.40.1 * tomcat10-jsp-3_1-api-10.1.40-150200.5.40.1 * tomcat10-admin-webapps-10.1.40-150200.5.40.1 * tomcat10-servlet-6_0-api-10.1.40-150200.5.40.1 * tomcat10-el-5_0-api-10.1.40-150200.5.40.1 * tomcat10-docs-webapp-10.1.40-150200.5.40.1 * tomcat10-lib-10.1.40-150200.5.40.1 * tomcat10-doc-10.1.40-150200.5.40.1 * tomcat10-webapps-10.1.40-150200.5.40.1 * tomcat10-10.1.40-150200.5.40.1 * Web and Scripting Module 15-SP6 (noarch) * tomcat10-jsp-3_1-api-10.1.40-150200.5.40.1 * tomcat10-admin-webapps-10.1.40-150200.5.40.1 * tomcat10-servlet-6_0-api-10.1.40-150200.5.40.1 * tomcat10-el-5_0-api-10.1.40-150200.5.40.1 * tomcat10-lib-10.1.40-150200.5.40.1 * tomcat10-webapps-10.1.40-150200.5.40.1 * tomcat10-10.1.40-150200.5.40.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * tomcat10-jsp-3_1-api-10.1.40-150200.5.40.1 * tomcat10-admin-webapps-10.1.40-150200.5.40.1 * tomcat10-servlet-6_0-api-10.1.40-150200.5.40.1 * tomcat10-el-5_0-api-10.1.40-150200.5.40.1 * tomcat10-lib-10.1.40-150200.5.40.1 * tomcat10-webapps-10.1.40-150200.5.40.1 * tomcat10-10.1.40-150200.5.40.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * tomcat10-jsp-3_1-api-10.1.40-150200.5.40.1 * tomcat10-admin-webapps-10.1.40-150200.5.40.1 * tomcat10-servlet-6_0-api-10.1.40-150200.5.40.1 * tomcat10-el-5_0-api-10.1.40-150200.5.40.1 * tomcat10-lib-10.1.40-150200.5.40.1 * tomcat10-webapps-10.1.40-150200.5.40.1 * tomcat10-10.1.40-150200.5.40.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * tomcat10-jsp-3_1-api-10.1.40-150200.5.40.1 * tomcat10-admin-webapps-10.1.40-150200.5.40.1 * tomcat10-servlet-6_0-api-10.1.40-150200.5.40.1 * tomcat10-el-5_0-api-10.1.40-150200.5.40.1 * tomcat10-lib-10.1.40-150200.5.40.1 * tomcat10-webapps-10.1.40-150200.5.40.1 * tomcat10-10.1.40-150200.5.40.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * tomcat10-jsp-3_1-api-10.1.40-150200.5.40.1 * tomcat10-admin-webapps-10.1.40-150200.5.40.1 * tomcat10-servlet-6_0-api-10.1.40-150200.5.40.1 * tomcat10-el-5_0-api-10.1.40-150200.5.40.1 * tomcat10-lib-10.1.40-150200.5.40.1 * tomcat10-webapps-10.1.40-150200.5.40.1 * tomcat10-10.1.40-150200.5.40.1 ## References: * https://www.suse.com/security/cve/CVE-2025-31650.html * https://www.suse.com/security/cve/CVE-2025-31651.html * https://bugzilla.suse.com/show_bug.cgi?id=1242008 * https://bugzilla.suse.com/show_bug.cgi?id=1242009 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 13 08:30:17 2025 From: null at suse.de (SLE-UPDATES) Date: Tue, 13 May 2025 08:30:17 -0000 Subject: SUSE-RU-2025:1536-1: moderate: Recommended update for libreoffice Message-ID: <174712501795.14443.2193084860506704284@smelt2.prg2.suse.org> # Recommended update for libreoffice Announcement ID: SUSE-RU-2025:1536-1 Release Date: 2025-05-13T02:43:52Z Rating: moderate References: * jsc#PED-10362 Affected Products: * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Workstation Extension 15 SP6 * SUSE Package Hub 15 15-SP6 An update that contains one feature can now be installed. ## Description: This update for libreoffice fixes the following issues: Libreoffice was updated from version 24.8.5.2 to 24.8.6.2 (jsc#PED-10362): * Highlights: * Better file compatibility with Microsoft Office * Fixed issues opening certain files, including password protected ones * Improved Dark/Light Mode * Improved file picker reliability * More consistent spelling suggestions * Various bug fixes affecting stability and usability * Detailed Release Notes: * https://wiki.documentfoundation.org/Releases/24.8.6/RC1 * https://wiki.documentfoundation.org/Releases/24.8.6/RC2 * Updated bundled dependencies: * curl version update from 8.12.0 to 8.12.1 * libassuan version update from 3.0.1 to 3.0.2 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-1536=1 * SUSE Linux Enterprise Workstation Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2025-1536=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-1536=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1536=1 ## Package List: * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le) * libreoffice-gnome-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-base-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-math-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-writer-extensions-24.8.6.2-150500.20.21.2 * libreoffice-sdk-24.8.6.2-150500.20.21.2 * libreoffice-gtk3-24.8.6.2-150500.20.21.2 * libreoffice-writer-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-gnome-24.8.6.2-150500.20.21.2 * libreoffice-math-24.8.6.2-150500.20.21.2 * libreoffice-sdk-doc-24.8.6.2-150500.20.21.2 * libreoffice-draw-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-debugsource-24.8.6.2-150500.20.21.2 * libreoffice-officebean-24.8.6.2-150500.20.21.2 * libreofficekit-devel-24.8.6.2-150500.20.21.2 * libreoffice-qt5-24.8.6.2-150500.20.21.2 * libreoffice-impress-24.8.6.2-150500.20.21.2 * libreoffice-sdk-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-writer-24.8.6.2-150500.20.21.2 * libreoffice-24.8.6.2-150500.20.21.2 * libreoffice-officebean-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-pyuno-24.8.6.2-150500.20.21.2 * libreoffice-filters-optional-24.8.6.2-150500.20.21.2 * libreoffice-impress-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-base-drivers-postgresql-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-librelogo-24.8.6.2-150500.20.21.2 * libreoffice-draw-24.8.6.2-150500.20.21.2 * libreoffice-base-24.8.6.2-150500.20.21.2 * libreoffice-pyuno-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-base-drivers-postgresql-24.8.6.2-150500.20.21.2 * libreoffice-calc-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-gtk3-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-calc-24.8.6.2-150500.20.21.2 * libreoffice-mailmerge-24.8.6.2-150500.20.21.2 * libreofficekit-24.8.6.2-150500.20.21.2 * libreoffice-qt5-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-calc-extensions-24.8.6.2-150500.20.21.2 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le x86_64) * libreoffice-base-drivers-firebird-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-base-drivers-firebird-24.8.6.2-150500.20.21.2 * SUSE Package Hub 15 15-SP6 (noarch) * libreoffice-l10n-lb-24.8.6.2-150500.20.21.2 * libreoffice-l10n-kab-24.8.6.2-150500.20.21.2 * libreoffice-l10n-km-24.8.6.2-150500.20.21.2 * libreoffice-l10n-hu-24.8.6.2-150500.20.21.2 * libreoffice-l10n-eu-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ne-24.8.6.2-150500.20.21.2 * libreoffice-l10n-sd-24.8.6.2-150500.20.21.2 * libreoffice-l10n-sk-24.8.6.2-150500.20.21.2 * libreoffice-l10n-sid-24.8.6.2-150500.20.21.2 * libreoffice-l10n-pt_BR-24.8.6.2-150500.20.21.2 * libreoffice-l10n-be-24.8.6.2-150500.20.21.2 * libreoffice-l10n-fi-24.8.6.2-150500.20.21.2 * libreoffice-l10n-rw-24.8.6.2-150500.20.21.2 * libreoffice-l10n-mk-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ks-24.8.6.2-150500.20.21.2 * libreoffice-l10n-kk-24.8.6.2-150500.20.21.2 * libreoffice-l10n-nl-24.8.6.2-150500.20.21.2 * libreoffice-l10n-nn-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ca-24.8.6.2-150500.20.21.2 * libreoffice-l10n-en-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ar-24.8.6.2-150500.20.21.2 * libreoffice-l10n-hr-24.8.6.2-150500.20.21.2 * libreoffice-l10n-tt-24.8.6.2-150500.20.21.2 * libreoffice-l10n-de-24.8.6.2-150500.20.21.2 * libreoffice-l10n-kn-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ru-24.8.6.2-150500.20.21.2 * libreoffice-l10n-bs-24.8.6.2-150500.20.21.2 * libreoffice-l10n-bn_IN-24.8.6.2-150500.20.21.2 * libreoffice-l10n-dgo-24.8.6.2-150500.20.21.2 * libreoffice-l10n-mni-24.8.6.2-150500.20.21.2 * libreoffice-l10n-lt-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ko-24.8.6.2-150500.20.21.2 * libreoffice-l10n-si-24.8.6.2-150500.20.21.2 * libreoffice-l10n-uk-24.8.6.2-150500.20.21.2 * libreoffice-l10n-el-24.8.6.2-150500.20.21.2 * libreoffice-l10n-lv-24.8.6.2-150500.20.21.2 * libreoffice-l10n-mn-24.8.6.2-150500.20.21.2 * libreoffice-l10n-zh_TW-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ckb-24.8.6.2-150500.20.21.2 * libreoffice-l10n-szl-24.8.6.2-150500.20.21.2 * libreoffice-l10n-gl-24.8.6.2-150500.20.21.2 * libreoffice-l10n-cy-24.8.6.2-150500.20.21.2 * libreoffice-gdb-pretty-printers-24.8.6.2-150500.20.21.2 * libreoffice-l10n-bn-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ca_valencia-24.8.6.2-150500.20.21.2 * libreoffice-l10n-vec-24.8.6.2-150500.20.21.2 * libreoffice-l10n-dsb-24.8.6.2-150500.20.21.2 * libreoffice-l10n-pa-24.8.6.2-150500.20.21.2 * libreoffice-l10n-om-24.8.6.2-150500.20.21.2 * libreoffice-l10n-nr-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ts-24.8.6.2-150500.20.21.2 * libreoffice-l10n-br-24.8.6.2-150500.20.21.2 * libreoffice-l10n-fur-24.8.6.2-150500.20.21.2 * libreoffice-l10n-es-24.8.6.2-150500.20.21.2 * libreoffice-l10n-fa-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ml-24.8.6.2-150500.20.21.2 * libreoffice-l10n-zu-24.8.6.2-150500.20.21.2 * libreoffice-l10n-fy-24.8.6.2-150500.20.21.2 * libreoffice-l10n-oc-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ta-24.8.6.2-150500.20.21.2 * libreoffice-l10n-it-24.8.6.2-150500.20.21.2 * libreoffice-l10n-sl-24.8.6.2-150500.20.21.2 * libreoffice-l10n-mai-24.8.6.2-150500.20.21.2 * libreoffice-l10n-nso-24.8.6.2-150500.20.21.2 * libreoffice-l10n-hsb-24.8.6.2-150500.20.21.2 * libreoffice-l10n-fr-24.8.6.2-150500.20.21.2 * libreoffice-l10n-sa_IN-24.8.6.2-150500.20.21.2 * libreoffice-l10n-or-24.8.6.2-150500.20.21.2 * libreoffice-l10n-zh_CN-24.8.6.2-150500.20.21.2 * libreoffice-l10n-sw_TZ-24.8.6.2-150500.20.21.2 * libreoffice-l10n-kok-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ve-24.8.6.2-150500.20.21.2 * libreoffice-l10n-bo-24.8.6.2-150500.20.21.2 * libreoffice-l10n-pl-24.8.6.2-150500.20.21.2 * libreoffice-icon-themes-24.8.6.2-150500.20.21.2 * libreoffice-l10n-sat-24.8.6.2-150500.20.21.2 * libreoffice-l10n-is-24.8.6.2-150500.20.21.2 * libreoffice-l10n-th-24.8.6.2-150500.20.21.2 * libreoffice-l10n-as-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ro-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ga-24.8.6.2-150500.20.21.2 * libreoffice-l10n-eo-24.8.6.2-150500.20.21.2 * libreoffice-l10n-st-24.8.6.2-150500.20.21.2 * libreoffice-glade-24.8.6.2-150500.20.21.2 * libreoffice-l10n-he-24.8.6.2-150500.20.21.2 * libreoffice-l10n-lo-24.8.6.2-150500.20.21.2 * libreoffice-l10n-af-24.8.6.2-150500.20.21.2 * libreoffice-l10n-vi-24.8.6.2-150500.20.21.2 * libreoffice-l10n-et-24.8.6.2-150500.20.21.2 * libreoffice-l10n-nb-24.8.6.2-150500.20.21.2 * libreoffice-l10n-tn-24.8.6.2-150500.20.21.2 * libreoffice-l10n-bg-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ja-24.8.6.2-150500.20.21.2 * libreoffice-l10n-hi-24.8.6.2-150500.20.21.2 * libreoffice-l10n-sq-24.8.6.2-150500.20.21.2 * libreoffice-l10n-xh-24.8.6.2-150500.20.21.2 * libreoffice-l10n-brx-24.8.6.2-150500.20.21.2 * libreoffice-l10n-da-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ka-24.8.6.2-150500.20.21.2 * libreoffice-l10n-kmr_Latn-24.8.6.2-150500.20.21.2 * libreoffice-l10n-en_ZA-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ast-24.8.6.2-150500.20.21.2 * libreoffice-l10n-cs-24.8.6.2-150500.20.21.2 * libreoffice-l10n-gug-24.8.6.2-150500.20.21.2 * libreoffice-l10n-gu-24.8.6.2-150500.20.21.2 * libreoffice-l10n-am-24.8.6.2-150500.20.21.2 * libreoffice-l10n-te-24.8.6.2-150500.20.21.2 * libreoffice-l10n-mr-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ss-24.8.6.2-150500.20.21.2 * libreoffice-l10n-id-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ug-24.8.6.2-150500.20.21.2 * libreoffice-branding-upstream-24.8.6.2-150500.20.21.2 * libreoffice-l10n-uz-24.8.6.2-150500.20.21.2 * libreoffice-l10n-dz-24.8.6.2-150500.20.21.2 * libreoffice-l10n-tg-24.8.6.2-150500.20.21.2 * libreoffice-l10n-pt_PT-24.8.6.2-150500.20.21.2 * libreoffice-l10n-tr-24.8.6.2-150500.20.21.2 * libreoffice-l10n-gd-24.8.6.2-150500.20.21.2 * libreoffice-l10n-sr-24.8.6.2-150500.20.21.2 * libreoffice-l10n-en_GB-24.8.6.2-150500.20.21.2 * libreoffice-l10n-my-24.8.6.2-150500.20.21.2 * libreoffice-l10n-sv-24.8.6.2-150500.20.21.2 * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64) * libreoffice-gnome-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-base-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-math-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-writer-extensions-24.8.6.2-150500.20.21.2 * libreoffice-gtk3-24.8.6.2-150500.20.21.2 * libreoffice-writer-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-gnome-24.8.6.2-150500.20.21.2 * libreoffice-math-24.8.6.2-150500.20.21.2 * libreoffice-draw-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-debugsource-24.8.6.2-150500.20.21.2 * libreoffice-officebean-24.8.6.2-150500.20.21.2 * libreoffice-impress-24.8.6.2-150500.20.21.2 * libreoffice-writer-24.8.6.2-150500.20.21.2 * libreoffice-24.8.6.2-150500.20.21.2 * libreoffice-officebean-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-pyuno-24.8.6.2-150500.20.21.2 * libreoffice-filters-optional-24.8.6.2-150500.20.21.2 * libreoffice-impress-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-base-drivers-postgresql-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-draw-24.8.6.2-150500.20.21.2 * libreoffice-base-24.8.6.2-150500.20.21.2 * libreoffice-pyuno-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-base-drivers-postgresql-24.8.6.2-150500.20.21.2 * libreoffice-calc-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-gtk3-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-calc-24.8.6.2-150500.20.21.2 * libreoffice-mailmerge-24.8.6.2-150500.20.21.2 * libreofficekit-24.8.6.2-150500.20.21.2 * libreoffice-calc-extensions-24.8.6.2-150500.20.21.2 * SUSE Linux Enterprise Workstation Extension 15 SP6 (noarch) * libreoffice-l10n-ko-24.8.6.2-150500.20.21.2 * libreoffice-l10n-or-24.8.6.2-150500.20.21.2 * libreoffice-l10n-xh-24.8.6.2-150500.20.21.2 * libreoffice-l10n-si-24.8.6.2-150500.20.21.2 * libreoffice-l10n-zh_CN-24.8.6.2-150500.20.21.2 * libreoffice-l10n-hu-24.8.6.2-150500.20.21.2 * libreoffice-l10n-uk-24.8.6.2-150500.20.21.2 * libreoffice-l10n-eu-24.8.6.2-150500.20.21.2 * libreoffice-l10n-da-24.8.6.2-150500.20.21.2 * libreoffice-l10n-el-24.8.6.2-150500.20.21.2 * libreoffice-l10n-lv-24.8.6.2-150500.20.21.2 * libreoffice-l10n-sk-24.8.6.2-150500.20.21.2 * libreoffice-l10n-zh_TW-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ckb-24.8.6.2-150500.20.21.2 * libreoffice-l10n-gl-24.8.6.2-150500.20.21.2 * libreoffice-l10n-pt_BR-24.8.6.2-150500.20.21.2 * libreoffice-l10n-cy-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ve-24.8.6.2-150500.20.21.2 * libreoffice-l10n-pl-24.8.6.2-150500.20.21.2 * libreoffice-icon-themes-24.8.6.2-150500.20.21.2 * libreoffice-l10n-bn-24.8.6.2-150500.20.21.2 * libreoffice-l10n-cs-24.8.6.2-150500.20.21.2 * libreoffice-l10n-pa-24.8.6.2-150500.20.21.2 * libreoffice-l10n-fi-24.8.6.2-150500.20.21.2 * libreoffice-l10n-nr-24.8.6.2-150500.20.21.2 * libreoffice-l10n-gu-24.8.6.2-150500.20.21.2 * libreoffice-l10n-th-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ts-24.8.6.2-150500.20.21.2 * libreoffice-l10n-br-24.8.6.2-150500.20.21.2 * libreoffice-l10n-as-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ro-24.8.6.2-150500.20.21.2 * libreoffice-l10n-kk-24.8.6.2-150500.20.21.2 * libreoffice-l10n-te-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ga-24.8.6.2-150500.20.21.2 * libreoffice-l10n-fur-24.8.6.2-150500.20.21.2 * libreoffice-l10n-mr-24.8.6.2-150500.20.21.2 * libreoffice-l10n-eo-24.8.6.2-150500.20.21.2 * libreoffice-l10n-nl-24.8.6.2-150500.20.21.2 * libreoffice-l10n-nn-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ss-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ca-24.8.6.2-150500.20.21.2 * libreoffice-l10n-st-24.8.6.2-150500.20.21.2 * libreoffice-l10n-es-24.8.6.2-150500.20.21.2 * libreoffice-l10n-en-24.8.6.2-150500.20.21.2 * libreoffice-branding-upstream-24.8.6.2-150500.20.21.2 * libreoffice-l10n-fa-24.8.6.2-150500.20.21.2 * libreoffice-l10n-he-24.8.6.2-150500.20.21.2 * libreoffice-l10n-dz-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ar-24.8.6.2-150500.20.21.2 * libreoffice-l10n-pt_PT-24.8.6.2-150500.20.21.2 * libreoffice-l10n-af-24.8.6.2-150500.20.21.2 * libreoffice-l10n-hr-24.8.6.2-150500.20.21.2 * libreoffice-l10n-tr-24.8.6.2-150500.20.21.2 * libreoffice-l10n-hy-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ml-24.8.6.2-150500.20.21.2 * libreoffice-l10n-et-24.8.6.2-150500.20.21.2 * libreoffice-l10n-de-24.8.6.2-150500.20.21.2 * libreoffice-l10n-zu-24.8.6.2-150500.20.21.2 * libreoffice-l10n-kn-24.8.6.2-150500.20.21.2 * libreoffice-l10n-nb-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ru-24.8.6.2-150500.20.21.2 * libreoffice-l10n-tn-24.8.6.2-150500.20.21.2 * libreoffice-l10n-bg-24.8.6.2-150500.20.21.2 * libreoffice-l10n-sr-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ja-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ta-24.8.6.2-150500.20.21.2 * libreoffice-l10n-it-24.8.6.2-150500.20.21.2 * libreoffice-l10n-hi-24.8.6.2-150500.20.21.2 * libreoffice-l10n-mai-24.8.6.2-150500.20.21.2 * libreoffice-l10n-nso-24.8.6.2-150500.20.21.2 * libreoffice-l10n-sl-24.8.6.2-150500.20.21.2 * libreoffice-l10n-sv-24.8.6.2-150500.20.21.2 * libreoffice-l10n-lt-24.8.6.2-150500.20.21.2 * libreoffice-l10n-fr-24.8.6.2-150500.20.21.2 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * libreoffice-gnome-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-base-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-math-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-base-drivers-firebird-24.8.6.2-150500.20.21.2 * libreoffice-writer-extensions-24.8.6.2-150500.20.21.2 * libreoffice-sdk-24.8.6.2-150500.20.21.2 * libreoffice-gtk3-24.8.6.2-150500.20.21.2 * libreoffice-writer-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-gnome-24.8.6.2-150500.20.21.2 * libreoffice-math-24.8.6.2-150500.20.21.2 * libreoffice-sdk-doc-24.8.6.2-150500.20.21.2 * libreoffice-draw-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-debugsource-24.8.6.2-150500.20.21.2 * libreoffice-officebean-24.8.6.2-150500.20.21.2 * libreofficekit-devel-24.8.6.2-150500.20.21.2 * libreoffice-qt5-24.8.6.2-150500.20.21.2 * libreoffice-impress-24.8.6.2-150500.20.21.2 * libreoffice-sdk-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-writer-24.8.6.2-150500.20.21.2 * libreoffice-24.8.6.2-150500.20.21.2 * libreoffice-officebean-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-pyuno-24.8.6.2-150500.20.21.2 * libreoffice-filters-optional-24.8.6.2-150500.20.21.2 * libreoffice-impress-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-base-drivers-postgresql-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-librelogo-24.8.6.2-150500.20.21.2 * libreoffice-draw-24.8.6.2-150500.20.21.2 * libreoffice-base-24.8.6.2-150500.20.21.2 * libreoffice-pyuno-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-base-drivers-postgresql-24.8.6.2-150500.20.21.2 * libreoffice-base-drivers-firebird-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-calc-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-gtk3-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-calc-24.8.6.2-150500.20.21.2 * libreoffice-mailmerge-24.8.6.2-150500.20.21.2 * libreofficekit-24.8.6.2-150500.20.21.2 * libreoffice-qt5-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-calc-extensions-24.8.6.2-150500.20.21.2 * openSUSE Leap 15.5 (noarch) * libreoffice-l10n-lb-24.8.6.2-150500.20.21.2 * libreoffice-l10n-kab-24.8.6.2-150500.20.21.2 * libreoffice-l10n-km-24.8.6.2-150500.20.21.2 * libreoffice-l10n-hu-24.8.6.2-150500.20.21.2 * libreoffice-l10n-eu-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ne-24.8.6.2-150500.20.21.2 * libreoffice-l10n-sd-24.8.6.2-150500.20.21.2 * libreoffice-l10n-sk-24.8.6.2-150500.20.21.2 * libreoffice-l10n-sid-24.8.6.2-150500.20.21.2 * libreoffice-l10n-pt_BR-24.8.6.2-150500.20.21.2 * libreoffice-l10n-be-24.8.6.2-150500.20.21.2 * libreoffice-l10n-fi-24.8.6.2-150500.20.21.2 * libreoffice-l10n-rw-24.8.6.2-150500.20.21.2 * libreoffice-l10n-mk-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ks-24.8.6.2-150500.20.21.2 * libreoffice-l10n-kk-24.8.6.2-150500.20.21.2 * libreoffice-l10n-nl-24.8.6.2-150500.20.21.2 * libreoffice-l10n-nn-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ca-24.8.6.2-150500.20.21.2 * libreoffice-l10n-en-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ar-24.8.6.2-150500.20.21.2 * libreoffice-l10n-hr-24.8.6.2-150500.20.21.2 * libreoffice-l10n-tt-24.8.6.2-150500.20.21.2 * libreoffice-l10n-de-24.8.6.2-150500.20.21.2 * libreoffice-l10n-kn-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ru-24.8.6.2-150500.20.21.2 * libreoffice-l10n-bs-24.8.6.2-150500.20.21.2 * libreoffice-l10n-bn_IN-24.8.6.2-150500.20.21.2 * libreoffice-l10n-dgo-24.8.6.2-150500.20.21.2 * libreoffice-l10n-mni-24.8.6.2-150500.20.21.2 * libreoffice-l10n-lt-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ko-24.8.6.2-150500.20.21.2 * libreoffice-l10n-si-24.8.6.2-150500.20.21.2 * libreoffice-l10n-uk-24.8.6.2-150500.20.21.2 * libreoffice-l10n-el-24.8.6.2-150500.20.21.2 * libreoffice-l10n-lv-24.8.6.2-150500.20.21.2 * libreoffice-l10n-mn-24.8.6.2-150500.20.21.2 * libreoffice-l10n-zh_TW-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ckb-24.8.6.2-150500.20.21.2 * libreoffice-l10n-szl-24.8.6.2-150500.20.21.2 * libreoffice-l10n-gl-24.8.6.2-150500.20.21.2 * libreoffice-l10n-cy-24.8.6.2-150500.20.21.2 * libreoffice-gdb-pretty-printers-24.8.6.2-150500.20.21.2 * libreoffice-l10n-bn-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ca_valencia-24.8.6.2-150500.20.21.2 * libreoffice-l10n-vec-24.8.6.2-150500.20.21.2 * libreoffice-l10n-dsb-24.8.6.2-150500.20.21.2 * libreoffice-l10n-pa-24.8.6.2-150500.20.21.2 * libreoffice-l10n-om-24.8.6.2-150500.20.21.2 * libreoffice-l10n-nr-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ts-24.8.6.2-150500.20.21.2 * libreoffice-l10n-br-24.8.6.2-150500.20.21.2 * libreoffice-l10n-fur-24.8.6.2-150500.20.21.2 * libreoffice-l10n-es-24.8.6.2-150500.20.21.2 * libreoffice-l10n-fa-24.8.6.2-150500.20.21.2 * libreoffice-l10n-tl-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ml-24.8.6.2-150500.20.21.2 * libreoffice-l10n-zu-24.8.6.2-150500.20.21.2 * libreoffice-l10n-fy-24.8.6.2-150500.20.21.2 * libreoffice-l10n-oc-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ta-24.8.6.2-150500.20.21.2 * libreoffice-l10n-it-24.8.6.2-150500.20.21.2 * libreoffice-l10n-sl-24.8.6.2-150500.20.21.2 * libreoffice-l10n-mai-24.8.6.2-150500.20.21.2 * libreoffice-l10n-nso-24.8.6.2-150500.20.21.2 * libreoffice-l10n-hsb-24.8.6.2-150500.20.21.2 * libreoffice-l10n-fr-24.8.6.2-150500.20.21.2 * libreoffice-l10n-sa_IN-24.8.6.2-150500.20.21.2 * libreoffice-l10n-or-24.8.6.2-150500.20.21.2 * libreoffice-l10n-zh_CN-24.8.6.2-150500.20.21.2 * libreoffice-l10n-sw_TZ-24.8.6.2-150500.20.21.2 * libreoffice-l10n-kok-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ve-24.8.6.2-150500.20.21.2 * libreoffice-l10n-bo-24.8.6.2-150500.20.21.2 * libreoffice-l10n-pl-24.8.6.2-150500.20.21.2 * libreoffice-icon-themes-24.8.6.2-150500.20.21.2 * libreoffice-l10n-sat-24.8.6.2-150500.20.21.2 * libreoffice-l10n-is-24.8.6.2-150500.20.21.2 * libreoffice-l10n-th-24.8.6.2-150500.20.21.2 * libreoffice-l10n-as-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ro-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ga-24.8.6.2-150500.20.21.2 * libreoffice-l10n-eo-24.8.6.2-150500.20.21.2 * libreoffice-kdeintegration-24.8.6.2-150500.20.21.2 * libreoffice-l10n-st-24.8.6.2-150500.20.21.2 * libreoffice-glade-24.8.6.2-150500.20.21.2 * libreoffice-l10n-he-24.8.6.2-150500.20.21.2 * libreoffice-l10n-lo-24.8.6.2-150500.20.21.2 * libreoffice-l10n-af-24.8.6.2-150500.20.21.2 * libreoffice-l10n-vi-24.8.6.2-150500.20.21.2 * libreoffice-l10n-et-24.8.6.2-150500.20.21.2 * libreoffice-l10n-nb-24.8.6.2-150500.20.21.2 * libreoffice-l10n-tn-24.8.6.2-150500.20.21.2 * libreoffice-l10n-bg-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ja-24.8.6.2-150500.20.21.2 * libreoffice-l10n-hi-24.8.6.2-150500.20.21.2 * libreoffice-l10n-sq-24.8.6.2-150500.20.21.2 * libreoffice-l10n-xh-24.8.6.2-150500.20.21.2 * libreoffice-l10n-brx-24.8.6.2-150500.20.21.2 * libreoffice-l10n-da-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ka-24.8.6.2-150500.20.21.2 * libreoffice-l10n-kmr_Latn-24.8.6.2-150500.20.21.2 * libreoffice-l10n-en_ZA-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ast-24.8.6.2-150500.20.21.2 * libreoffice-l10n-cs-24.8.6.2-150500.20.21.2 * libreoffice-l10n-gug-24.8.6.2-150500.20.21.2 * libreoffice-l10n-gu-24.8.6.2-150500.20.21.2 * libreoffice-l10n-am-24.8.6.2-150500.20.21.2 * libreoffice-l10n-te-24.8.6.2-150500.20.21.2 * libreoffice-l10n-mr-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ss-24.8.6.2-150500.20.21.2 * libreoffice-l10n-id-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ug-24.8.6.2-150500.20.21.2 * libreoffice-branding-upstream-24.8.6.2-150500.20.21.2 * libreoffice-l10n-uz-24.8.6.2-150500.20.21.2 * libreoffice-l10n-dz-24.8.6.2-150500.20.21.2 * libreoffice-l10n-tg-24.8.6.2-150500.20.21.2 * libreoffice-l10n-pt_PT-24.8.6.2-150500.20.21.2 * libreoffice-l10n-tr-24.8.6.2-150500.20.21.2 * libreoffice-l10n-hy-24.8.6.2-150500.20.21.2 * libreoffice-l10n-gd-24.8.6.2-150500.20.21.2 * libreoffice-l10n-sr-24.8.6.2-150500.20.21.2 * libreoffice-l10n-en_GB-24.8.6.2-150500.20.21.2 * libreoffice-l10n-my-24.8.6.2-150500.20.21.2 * libreoffice-l10n-sv-24.8.6.2-150500.20.21.2 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * libreoffice-gnome-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-base-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-math-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-base-drivers-firebird-24.8.6.2-150500.20.21.2 * libreoffice-writer-extensions-24.8.6.2-150500.20.21.2 * libreoffice-sdk-24.8.6.2-150500.20.21.2 * libreoffice-gtk3-24.8.6.2-150500.20.21.2 * libreoffice-writer-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-gnome-24.8.6.2-150500.20.21.2 * libreoffice-math-24.8.6.2-150500.20.21.2 * libreoffice-sdk-doc-24.8.6.2-150500.20.21.2 * libreoffice-draw-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-debugsource-24.8.6.2-150500.20.21.2 * libreoffice-officebean-24.8.6.2-150500.20.21.2 * libreofficekit-devel-24.8.6.2-150500.20.21.2 * libreoffice-qt5-24.8.6.2-150500.20.21.2 * libreoffice-impress-24.8.6.2-150500.20.21.2 * libreoffice-sdk-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-writer-24.8.6.2-150500.20.21.2 * libreoffice-24.8.6.2-150500.20.21.2 * libreoffice-officebean-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-pyuno-24.8.6.2-150500.20.21.2 * libreoffice-filters-optional-24.8.6.2-150500.20.21.2 * libreoffice-impress-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-base-drivers-postgresql-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-librelogo-24.8.6.2-150500.20.21.2 * libreoffice-draw-24.8.6.2-150500.20.21.2 * libreoffice-base-24.8.6.2-150500.20.21.2 * libreoffice-pyuno-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-base-drivers-postgresql-24.8.6.2-150500.20.21.2 * libreoffice-base-drivers-firebird-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-calc-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-gtk3-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-calc-24.8.6.2-150500.20.21.2 * libreoffice-mailmerge-24.8.6.2-150500.20.21.2 * libreofficekit-24.8.6.2-150500.20.21.2 * libreoffice-qt5-debuginfo-24.8.6.2-150500.20.21.2 * libreoffice-calc-extensions-24.8.6.2-150500.20.21.2 * openSUSE Leap 15.6 (noarch) * libreoffice-l10n-lb-24.8.6.2-150500.20.21.2 * libreoffice-l10n-kab-24.8.6.2-150500.20.21.2 * libreoffice-l10n-km-24.8.6.2-150500.20.21.2 * libreoffice-l10n-hu-24.8.6.2-150500.20.21.2 * libreoffice-l10n-eu-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ne-24.8.6.2-150500.20.21.2 * libreoffice-l10n-sd-24.8.6.2-150500.20.21.2 * libreoffice-l10n-sk-24.8.6.2-150500.20.21.2 * libreoffice-l10n-sid-24.8.6.2-150500.20.21.2 * libreoffice-l10n-pt_BR-24.8.6.2-150500.20.21.2 * libreoffice-l10n-be-24.8.6.2-150500.20.21.2 * libreoffice-l10n-fi-24.8.6.2-150500.20.21.2 * libreoffice-l10n-rw-24.8.6.2-150500.20.21.2 * libreoffice-l10n-mk-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ks-24.8.6.2-150500.20.21.2 * libreoffice-l10n-kk-24.8.6.2-150500.20.21.2 * libreoffice-l10n-nl-24.8.6.2-150500.20.21.2 * libreoffice-l10n-nn-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ca-24.8.6.2-150500.20.21.2 * libreoffice-l10n-en-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ar-24.8.6.2-150500.20.21.2 * libreoffice-l10n-hr-24.8.6.2-150500.20.21.2 * libreoffice-l10n-tt-24.8.6.2-150500.20.21.2 * libreoffice-l10n-de-24.8.6.2-150500.20.21.2 * libreoffice-l10n-kn-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ru-24.8.6.2-150500.20.21.2 * libreoffice-l10n-bs-24.8.6.2-150500.20.21.2 * libreoffice-l10n-bn_IN-24.8.6.2-150500.20.21.2 * libreoffice-l10n-dgo-24.8.6.2-150500.20.21.2 * libreoffice-l10n-mni-24.8.6.2-150500.20.21.2 * libreoffice-l10n-lt-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ko-24.8.6.2-150500.20.21.2 * libreoffice-l10n-si-24.8.6.2-150500.20.21.2 * libreoffice-l10n-uk-24.8.6.2-150500.20.21.2 * libreoffice-l10n-el-24.8.6.2-150500.20.21.2 * libreoffice-l10n-lv-24.8.6.2-150500.20.21.2 * libreoffice-l10n-mn-24.8.6.2-150500.20.21.2 * libreoffice-l10n-zh_TW-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ckb-24.8.6.2-150500.20.21.2 * libreoffice-l10n-szl-24.8.6.2-150500.20.21.2 * libreoffice-l10n-gl-24.8.6.2-150500.20.21.2 * libreoffice-l10n-cy-24.8.6.2-150500.20.21.2 * libreoffice-gdb-pretty-printers-24.8.6.2-150500.20.21.2 * libreoffice-l10n-bn-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ca_valencia-24.8.6.2-150500.20.21.2 * libreoffice-l10n-vec-24.8.6.2-150500.20.21.2 * libreoffice-l10n-dsb-24.8.6.2-150500.20.21.2 * libreoffice-l10n-pa-24.8.6.2-150500.20.21.2 * libreoffice-l10n-om-24.8.6.2-150500.20.21.2 * libreoffice-l10n-nr-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ts-24.8.6.2-150500.20.21.2 * libreoffice-l10n-br-24.8.6.2-150500.20.21.2 * libreoffice-l10n-fur-24.8.6.2-150500.20.21.2 * libreoffice-l10n-es-24.8.6.2-150500.20.21.2 * libreoffice-l10n-fa-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ml-24.8.6.2-150500.20.21.2 * libreoffice-l10n-zu-24.8.6.2-150500.20.21.2 * libreoffice-l10n-fy-24.8.6.2-150500.20.21.2 * libreoffice-l10n-oc-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ta-24.8.6.2-150500.20.21.2 * libreoffice-l10n-it-24.8.6.2-150500.20.21.2 * libreoffice-l10n-sl-24.8.6.2-150500.20.21.2 * libreoffice-l10n-mai-24.8.6.2-150500.20.21.2 * libreoffice-l10n-nso-24.8.6.2-150500.20.21.2 * libreoffice-l10n-hsb-24.8.6.2-150500.20.21.2 * libreoffice-l10n-fr-24.8.6.2-150500.20.21.2 * libreoffice-l10n-sa_IN-24.8.6.2-150500.20.21.2 * libreoffice-l10n-or-24.8.6.2-150500.20.21.2 * libreoffice-l10n-zh_CN-24.8.6.2-150500.20.21.2 * libreoffice-l10n-sw_TZ-24.8.6.2-150500.20.21.2 * libreoffice-l10n-kok-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ve-24.8.6.2-150500.20.21.2 * libreoffice-l10n-bo-24.8.6.2-150500.20.21.2 * libreoffice-l10n-pl-24.8.6.2-150500.20.21.2 * libreoffice-icon-themes-24.8.6.2-150500.20.21.2 * libreoffice-l10n-sat-24.8.6.2-150500.20.21.2 * libreoffice-l10n-is-24.8.6.2-150500.20.21.2 * libreoffice-l10n-th-24.8.6.2-150500.20.21.2 * libreoffice-l10n-as-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ro-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ga-24.8.6.2-150500.20.21.2 * libreoffice-l10n-eo-24.8.6.2-150500.20.21.2 * libreoffice-l10n-st-24.8.6.2-150500.20.21.2 * libreoffice-glade-24.8.6.2-150500.20.21.2 * libreoffice-l10n-he-24.8.6.2-150500.20.21.2 * libreoffice-l10n-lo-24.8.6.2-150500.20.21.2 * libreoffice-l10n-af-24.8.6.2-150500.20.21.2 * libreoffice-l10n-vi-24.8.6.2-150500.20.21.2 * libreoffice-l10n-et-24.8.6.2-150500.20.21.2 * libreoffice-l10n-nb-24.8.6.2-150500.20.21.2 * libreoffice-l10n-tn-24.8.6.2-150500.20.21.2 * libreoffice-l10n-bg-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ja-24.8.6.2-150500.20.21.2 * libreoffice-l10n-hi-24.8.6.2-150500.20.21.2 * libreoffice-l10n-sq-24.8.6.2-150500.20.21.2 * libreoffice-l10n-xh-24.8.6.2-150500.20.21.2 * libreoffice-l10n-brx-24.8.6.2-150500.20.21.2 * libreoffice-l10n-da-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ka-24.8.6.2-150500.20.21.2 * libreoffice-l10n-kmr_Latn-24.8.6.2-150500.20.21.2 * libreoffice-l10n-en_ZA-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ast-24.8.6.2-150500.20.21.2 * libreoffice-l10n-cs-24.8.6.2-150500.20.21.2 * libreoffice-l10n-gug-24.8.6.2-150500.20.21.2 * libreoffice-l10n-gu-24.8.6.2-150500.20.21.2 * libreoffice-l10n-am-24.8.6.2-150500.20.21.2 * libreoffice-l10n-te-24.8.6.2-150500.20.21.2 * libreoffice-l10n-mr-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ss-24.8.6.2-150500.20.21.2 * libreoffice-l10n-id-24.8.6.2-150500.20.21.2 * libreoffice-l10n-ug-24.8.6.2-150500.20.21.2 * libreoffice-branding-upstream-24.8.6.2-150500.20.21.2 * libreoffice-l10n-uz-24.8.6.2-150500.20.21.2 * libreoffice-l10n-dz-24.8.6.2-150500.20.21.2 * libreoffice-l10n-tg-24.8.6.2-150500.20.21.2 * libreoffice-l10n-pt_PT-24.8.6.2-150500.20.21.2 * libreoffice-l10n-tr-24.8.6.2-150500.20.21.2 * libreoffice-l10n-hy-24.8.6.2-150500.20.21.2 * libreoffice-l10n-gd-24.8.6.2-150500.20.21.2 * libreoffice-l10n-sr-24.8.6.2-150500.20.21.2 * libreoffice-l10n-en_GB-24.8.6.2-150500.20.21.2 * libreoffice-l10n-my-24.8.6.2-150500.20.21.2 * libreoffice-l10n-sv-24.8.6.2-150500.20.21.2 ## References: * https://jira.suse.com/browse/PED-10362 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 13 12:30:11 2025 From: null at suse.de (SLE-UPDATES) Date: Tue, 13 May 2025 12:30:11 -0000 Subject: SUSE-RU-2025:1544-1: moderate: Recommended update for cloud-regionsrv-client Message-ID: <174713941114.14195.2236360840995286406@smelt2.prg2.suse.org> # Recommended update for cloud-regionsrv-client Announcement ID: SUSE-RU-2025:1544-1 Release Date: 2025-05-13T10:43:29Z Rating: moderate References: * bsc#1218345 * bsc#1240310 * bsc#1240311 * bsc#1240997 Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.6 * Public Cloud Module 15-SP3 * Public Cloud Module 15-SP4 * Public Cloud Module 15-SP5 * Public Cloud Module 15-SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.2 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.2 * SUSE Manager Server 4.3 An update that has four fixes can now be installed. ## Description: This update for cloud-regionsrv-client fixes the following issues: * Version update 10.4.0 * Remove repositories when the package is being removed, Don't want to leave repositories behind refering to the plugin that is being removed when the package gets removed (bsc#1240310, bsc#1240311). * Turn docker into an optional setup, this change requires a Recommends, adapt the code accordingly (jsc#PCT-560). * Support flexible licenses in GCE (jsc#PCT-531). * Drop the azure-addon package it is geting replaced by the license-watcher package which has a generic implementation of the same functionality. * Handle cache inconsistencies (bsc#1218345). * Properly handle the zypper root target argument (bsc#1240997). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1544=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1544=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1544=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1544=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1544=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-1544=1 * Public Cloud Module 15-SP3 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2025-1544=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2025-1544=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2025-1544=1 * Public Cloud Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2025-1544=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-1544=1 ## Package List: * openSUSE Leap 15.6 (noarch) * cloud-regionsrv-client-plugin-azure-2.0.0-150300.13.22.2 * cloud-regionsrv-client-plugin-gce-1.0.0-150300.13.22.2 * cloud-regionsrv-client-10.4.0-150300.13.22.2 * cloud-regionsrv-client-generic-config-1.0.0-150300.13.22.2 * cloud-regionsrv-client-plugin-ec2-1.0.5-150300.13.22.2 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * cloud-regionsrv-client-plugin-azure-2.0.0-150300.13.22.2 * cloud-regionsrv-client-plugin-gce-1.0.0-150300.13.22.2 * cloud-regionsrv-client-10.4.0-150300.13.22.2 * cloud-regionsrv-client-generic-config-1.0.0-150300.13.22.2 * cloud-regionsrv-client-plugin-ec2-1.0.5-150300.13.22.2 * SUSE Linux Enterprise Micro 5.3 (noarch) * cloud-regionsrv-client-plugin-azure-2.0.0-150300.13.22.2 * cloud-regionsrv-client-plugin-gce-1.0.0-150300.13.22.2 * cloud-regionsrv-client-10.4.0-150300.13.22.2 * cloud-regionsrv-client-generic-config-1.0.0-150300.13.22.2 * cloud-regionsrv-client-plugin-ec2-1.0.5-150300.13.22.2 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * cloud-regionsrv-client-plugin-azure-2.0.0-150300.13.22.2 * cloud-regionsrv-client-plugin-gce-1.0.0-150300.13.22.2 * cloud-regionsrv-client-10.4.0-150300.13.22.2 * cloud-regionsrv-client-generic-config-1.0.0-150300.13.22.2 * cloud-regionsrv-client-plugin-ec2-1.0.5-150300.13.22.2 * SUSE Linux Enterprise Micro 5.4 (noarch) * cloud-regionsrv-client-plugin-azure-2.0.0-150300.13.22.2 * cloud-regionsrv-client-plugin-gce-1.0.0-150300.13.22.2 * cloud-regionsrv-client-10.4.0-150300.13.22.2 * cloud-regionsrv-client-generic-config-1.0.0-150300.13.22.2 * cloud-regionsrv-client-plugin-ec2-1.0.5-150300.13.22.2 * SUSE Linux Enterprise Micro 5.5 (noarch) * cloud-regionsrv-client-plugin-azure-2.0.0-150300.13.22.2 * cloud-regionsrv-client-plugin-gce-1.0.0-150300.13.22.2 * cloud-regionsrv-client-10.4.0-150300.13.22.2 * cloud-regionsrv-client-generic-config-1.0.0-150300.13.22.2 * cloud-regionsrv-client-plugin-ec2-1.0.5-150300.13.22.2 * Public Cloud Module 15-SP3 (noarch) * cloud-regionsrv-client-plugin-azure-2.0.0-150300.13.22.2 * cloud-regionsrv-client-plugin-gce-1.0.0-150300.13.22.2 * cloud-regionsrv-client-10.4.0-150300.13.22.2 * cloud-regionsrv-client-generic-config-1.0.0-150300.13.22.2 * cloud-regionsrv-client-plugin-ec2-1.0.5-150300.13.22.2 * Public Cloud Module 15-SP4 (noarch) * cloud-regionsrv-client-plugin-azure-2.0.0-150300.13.22.2 * cloud-regionsrv-client-plugin-gce-1.0.0-150300.13.22.2 * cloud-regionsrv-client-10.4.0-150300.13.22.2 * cloud-regionsrv-client-generic-config-1.0.0-150300.13.22.2 * cloud-regionsrv-client-plugin-ec2-1.0.5-150300.13.22.2 * Public Cloud Module 15-SP5 (noarch) * cloud-regionsrv-client-plugin-azure-2.0.0-150300.13.22.2 * cloud-regionsrv-client-plugin-gce-1.0.0-150300.13.22.2 * cloud-regionsrv-client-10.4.0-150300.13.22.2 * cloud-regionsrv-client-generic-config-1.0.0-150300.13.22.2 * cloud-regionsrv-client-plugin-ec2-1.0.5-150300.13.22.2 * Public Cloud Module 15-SP6 (noarch) * cloud-regionsrv-client-plugin-azure-2.0.0-150300.13.22.2 * cloud-regionsrv-client-plugin-gce-1.0.0-150300.13.22.2 * cloud-regionsrv-client-10.4.0-150300.13.22.2 * cloud-regionsrv-client-generic-config-1.0.0-150300.13.22.2 * cloud-regionsrv-client-plugin-ec2-1.0.5-150300.13.22.2 * openSUSE Leap 15.3 (noarch) * cloud-regionsrv-client-plugin-azure-2.0.0-150300.13.22.2 * cloud-regionsrv-client-plugin-gce-1.0.0-150300.13.22.2 * cloud-regionsrv-client-10.4.0-150300.13.22.2 * cloud-regionsrv-client-generic-config-1.0.0-150300.13.22.2 * cloud-regionsrv-client-license-watcher-1.0.0-150300.13.22.2 * cloud-regionsrv-client-plugin-ec2-1.0.5-150300.13.22.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1218345 * https://bugzilla.suse.com/show_bug.cgi?id=1240310 * https://bugzilla.suse.com/show_bug.cgi?id=1240311 * https://bugzilla.suse.com/show_bug.cgi?id=1240997 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 13 12:30:16 2025 From: null at suse.de (SLE-UPDATES) Date: Tue, 13 May 2025 12:30:16 -0000 Subject: SUSE-RU-2025:1543-1: moderate: Recommended update for cloud-regionsrv-client Message-ID: <174713941664.14195.12746561432208456948@smelt2.prg2.suse.org> # Recommended update for cloud-regionsrv-client Announcement ID: SUSE-RU-2025:1543-1 Release Date: 2025-05-13T10:42:26Z Rating: moderate References: * bsc#1218345 * bsc#1240310 * bsc#1240311 * bsc#1240997 Affected Products: * Public Cloud Module 12 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that has four fixes can now be installed. ## Description: This update for cloud-regionsrv-client fixes the following issues: * Version update 10.4.0 * Remove repositories when the package is being removed, Don't want to leave repositories behind refering to the plugin that is being removed when the package gets removed (bsc#1240310, bsc#1240311). * Turn docker into an optional setup, this change requires a Recommends, adapt the code accordingly (jsc#PCT-560). * Support flexible licenses in GCE (jsc#PCT-531). * Drop the azure-addon package it is geting replaced by the license-watcher package which has a generic implementation of the same functionality. * Handle cache inconsistencies (bsc#1218345). * Properly handle the zypper root target argument (bsc#1240997). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Public Cloud Module 12 zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2025-1543=1 ## Package List: * Public Cloud Module 12 (noarch) * cloud-regionsrv-client-10.4.0-52.125.2 * cloud-regionsrv-client-plugin-gce-1.0.0-52.125.2 * cloud-regionsrv-client-plugin-ec2-1.0.5-52.125.2 * cloud-regionsrv-client-plugin-azure-2.0.0-52.125.2 * cloud-regionsrv-client-generic-config-1.0.0-52.125.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1218345 * https://bugzilla.suse.com/show_bug.cgi?id=1240310 * https://bugzilla.suse.com/show_bug.cgi?id=1240311 * https://bugzilla.suse.com/show_bug.cgi?id=1240997 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 13 12:30:18 2025 From: null at suse.de (SLE-UPDATES) Date: Tue, 13 May 2025 12:30:18 -0000 Subject: SUSE-RU-2025:1541-1: moderate: Recommended update for python-entrypoints Message-ID: <174713941853.14195.5523083852315022982@smelt2.prg2.suse.org> # Recommended update for python-entrypoints Announcement ID: SUSE-RU-2025:1541-1 Release Date: 2025-05-13T08:54:39Z Rating: moderate References: * bsc#1240402 Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that has one fix can now be installed. ## Description: This update for python-entrypoints fixes the following issues: * Switch to %{?sle15allpythons} (bsc#1240402) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1541=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1541=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1541=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1541=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * python3-entrypoints-0.3-150100.3.3.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * python3-entrypoints-0.3-150100.3.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * python3-entrypoints-0.3-150100.3.3.1 * SUSE Enterprise Storage 7.1 (noarch) * python3-entrypoints-0.3-150100.3.3.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1240402 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 13 12:30:22 2025 From: null at suse.de (SLE-UPDATES) Date: Tue, 13 May 2025 12:30:22 -0000 Subject: SUSE-SU-2025:1540-1: moderate: Security update for transfig Message-ID: <174713942292.14195.17568510238917843137@smelt2.prg2.suse.org> # Security update for transfig Announcement ID: SUSE-SU-2025:1540-1 Release Date: 2025-05-13T08:54:18Z Rating: moderate References: * bsc#1240379 * bsc#1240380 * bsc#1240381 Cross-References: * CVE-2025-31162 * CVE-2025-31163 * CVE-2025-31164 CVSS scores: * CVE-2025-31162 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-31162 ( NVD ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-31163 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-31163 ( NVD ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-31164 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-31164 ( NVD ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for transfig fixes the following issues: * CVE-2025-31164: Fixed heap-buffer overflow in fig2dev create_line_with_spline() function (bsc#1240379) * CVE-2025-31162: Fixed floating point exception in fig2dev get_slope() function (bsc#1240380) * CVE-2025-31163: Fixed segmentation fault in fig2dev put_patternarc() function (bsc#1240381) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1540=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * transfig-debuginfo-3.2.8b-2.23.1 * transfig-3.2.8b-2.23.1 * transfig-debugsource-3.2.8b-2.23.1 ## References: * https://www.suse.com/security/cve/CVE-2025-31162.html * https://www.suse.com/security/cve/CVE-2025-31163.html * https://www.suse.com/security/cve/CVE-2025-31164.html * https://bugzilla.suse.com/show_bug.cgi?id=1240379 * https://bugzilla.suse.com/show_bug.cgi?id=1240380 * https://bugzilla.suse.com/show_bug.cgi?id=1240381 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 13 16:30:06 2025 From: null at suse.de (SLE-UPDATES) Date: Tue, 13 May 2025 16:30:06 -0000 Subject: SUSE-SU-2025:1546-1: moderate: Security update for gimp Message-ID: <174715380609.14447.182038979461528095@smelt2.prg2.suse.org> # Security update for gimp Announcement ID: SUSE-SU-2025:1546-1 Release Date: 2025-05-13T12:37:05Z Rating: moderate References: * bsc#1241691 Cross-References: * CVE-2025-2761 CVSS scores: * CVE-2025-2761 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H * CVE-2025-2761 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for gimp fixes the following issues: * CVE-2025-2761: unvalidated user input in FLI file parsing may lead to an out-of-bounds write (bsc#1241691). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1546=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * gimp-devel-debuginfo-2.8.18-9.30.1 * gimp-devel-2.8.18-9.30.1 ## References: * https://www.suse.com/security/cve/CVE-2025-2761.html * https://bugzilla.suse.com/show_bug.cgi?id=1241691 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 14 12:30:02 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 14 May 2025 12:30:02 -0000 Subject: SUSE-RU-2025:1372-2: moderate: Recommended update for patterns-base Message-ID: <174722580279.14447.3535437355357659628@smelt2.prg2.suse.org> # Recommended update for patterns-base Announcement ID: SUSE-RU-2025:1372-2 Release Date: 2025-05-14T09:25:03Z Rating: moderate References: * jsc#PED-8375 Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that contains one feature can now be installed. ## Description: This update for patterns-base fixes the following issues: * add bpftool to patterns enhanced base. jsc#PED-8375 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-1372=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1372=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1372=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1372=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1372=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1372=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1372=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1372=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1372=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-1372=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-1372=1 ## Package List: * SUSE Manager Server 4.3 (ppc64le x86_64) * patterns-base-32bit-20200124-150400.20.13.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * patterns-base-apparmor-32bit-20200124-150400.20.13.1 * patterns-base-base-20200124-150400.20.13.1 * patterns-base-base-32bit-20200124-150400.20.13.1 * patterns-base-enhanced_base-32bit-20200124-150400.20.13.1 * patterns-base-x11-32bit-20200124-150400.20.13.1 * patterns-base-basic_desktop-20200124-150400.20.13.1 * patterns-base-x11_enhanced-32bit-20200124-150400.20.13.1 * patterns-base-enhanced_base-20200124-150400.20.13.1 * patterns-base-sw_management-32bit-20200124-150400.20.13.1 * patterns-base-apparmor-20200124-150400.20.13.1 * patterns-base-minimal_base-32bit-20200124-150400.20.13.1 * patterns-base-fips-20200124-150400.20.13.1 * patterns-base-fips-certified-20200124-150400.20.13.1 * patterns-base-minimal_base-20200124-150400.20.13.1 * patterns-base-x11-20200124-150400.20.13.1 * patterns-base-bootloader-20200124-150400.20.13.1 * patterns-base-basesystem-20200124-150400.20.13.1 * patterns-base-x11_enhanced-20200124-150400.20.13.1 * patterns-base-sw_management-20200124-150400.20.13.1 * patterns-base-documentation-20200124-150400.20.13.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * patterns-base-base-20200124-150400.20.13.1 * patterns-base-x11_enhanced-32bit-20200124-150400.20.13.1 * patterns-base-enhanced_base-20200124-150400.20.13.1 * patterns-base-x11-20200124-150400.20.13.1 * patterns-base-apparmor-32bit-20200124-150400.20.13.1 * patterns-base-sw_management-20200124-150400.20.13.1 * patterns-base-basic_desktop-20200124-150400.20.13.1 * patterns-base-sw_management-32bit-20200124-150400.20.13.1 * patterns-base-minimal_base-32bit-20200124-150400.20.13.1 * patterns-base-fips-20200124-150400.20.13.1 * patterns-base-basesystem-20200124-150400.20.13.1 * patterns-base-base-32bit-20200124-150400.20.13.1 * patterns-base-enhanced_base-32bit-20200124-150400.20.13.1 * patterns-base-x11-32bit-20200124-150400.20.13.1 * patterns-base-apparmor-20200124-150400.20.13.1 * patterns-base-fips-certified-20200124-150400.20.13.1 * patterns-base-bootloader-20200124-150400.20.13.1 * patterns-base-documentation-20200124-150400.20.13.1 * patterns-base-32bit-20200124-150400.20.13.1 * patterns-base-minimal_base-20200124-150400.20.13.1 * patterns-base-x11_enhanced-20200124-150400.20.13.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64) * patterns-base-x11_raspberrypi-20200124-150400.20.13.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * patterns-base-base-20200124-150400.20.13.1 * patterns-base-x11_enhanced-32bit-20200124-150400.20.13.1 * patterns-base-enhanced_base-20200124-150400.20.13.1 * patterns-base-x11-20200124-150400.20.13.1 * patterns-base-apparmor-32bit-20200124-150400.20.13.1 * patterns-base-sw_management-20200124-150400.20.13.1 * patterns-base-basic_desktop-20200124-150400.20.13.1 * patterns-base-sw_management-32bit-20200124-150400.20.13.1 * patterns-base-minimal_base-32bit-20200124-150400.20.13.1 * patterns-base-fips-20200124-150400.20.13.1 * patterns-base-basesystem-20200124-150400.20.13.1 * patterns-base-base-32bit-20200124-150400.20.13.1 * patterns-base-enhanced_base-32bit-20200124-150400.20.13.1 * patterns-base-x11-32bit-20200124-150400.20.13.1 * patterns-base-apparmor-20200124-150400.20.13.1 * patterns-base-fips-certified-20200124-150400.20.13.1 * patterns-base-bootloader-20200124-150400.20.13.1 * patterns-base-documentation-20200124-150400.20.13.1 * patterns-base-32bit-20200124-150400.20.13.1 * patterns-base-minimal_base-20200124-150400.20.13.1 * patterns-base-x11_enhanced-20200124-150400.20.13.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64) * patterns-base-x11_raspberrypi-20200124-150400.20.13.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * patterns-base-32bit-20200124-150400.20.13.1 * patterns-base-base-20200124-150400.20.13.1 * patterns-base-base-32bit-20200124-150400.20.13.1 * patterns-base-enhanced_base-32bit-20200124-150400.20.13.1 * patterns-base-x11-32bit-20200124-150400.20.13.1 * patterns-base-basic_desktop-20200124-150400.20.13.1 * patterns-base-x11_enhanced-32bit-20200124-150400.20.13.1 * patterns-base-basesystem-20200124-150400.20.13.1 * patterns-base-enhanced_base-20200124-150400.20.13.1 * patterns-base-sw_management-32bit-20200124-150400.20.13.1 * patterns-base-apparmor-20200124-150400.20.13.1 * patterns-base-minimal_base-32bit-20200124-150400.20.13.1 * patterns-base-fips-20200124-150400.20.13.1 * patterns-base-x11-20200124-150400.20.13.1 * patterns-base-minimal_base-20200124-150400.20.13.1 * patterns-base-bootloader-20200124-150400.20.13.1 * patterns-base-apparmor-32bit-20200124-150400.20.13.1 * patterns-base-x11_enhanced-20200124-150400.20.13.1 * patterns-base-sw_management-20200124-150400.20.13.1 * patterns-base-documentation-20200124-150400.20.13.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64) * patterns-base-x11_raspberrypi-20200124-150400.20.13.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * patterns-base-32bit-20200124-150400.20.13.1 * patterns-base-base-20200124-150400.20.13.1 * patterns-base-base-32bit-20200124-150400.20.13.1 * patterns-base-enhanced_base-32bit-20200124-150400.20.13.1 * patterns-base-x11-32bit-20200124-150400.20.13.1 * patterns-base-basic_desktop-20200124-150400.20.13.1 * patterns-base-x11_enhanced-32bit-20200124-150400.20.13.1 * patterns-base-basesystem-20200124-150400.20.13.1 * patterns-base-enhanced_base-20200124-150400.20.13.1 * patterns-base-sw_management-32bit-20200124-150400.20.13.1 * patterns-base-apparmor-20200124-150400.20.13.1 * patterns-base-minimal_base-32bit-20200124-150400.20.13.1 * patterns-base-fips-20200124-150400.20.13.1 * patterns-base-x11-20200124-150400.20.13.1 * patterns-base-minimal_base-20200124-150400.20.13.1 * patterns-base-bootloader-20200124-150400.20.13.1 * patterns-base-apparmor-32bit-20200124-150400.20.13.1 * patterns-base-x11_enhanced-20200124-150400.20.13.1 * patterns-base-sw_management-20200124-150400.20.13.1 * patterns-base-documentation-20200124-150400.20.13.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64) * patterns-base-x11_raspberrypi-20200124-150400.20.13.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le x86_64) * patterns-base-32bit-20200124-150400.20.13.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * patterns-base-base-20200124-150400.20.13.1 * patterns-base-x11_enhanced-32bit-20200124-150400.20.13.1 * patterns-base-enhanced_base-20200124-150400.20.13.1 * patterns-base-x11-20200124-150400.20.13.1 * patterns-base-apparmor-32bit-20200124-150400.20.13.1 * patterns-base-sw_management-20200124-150400.20.13.1 * patterns-base-basic_desktop-20200124-150400.20.13.1 * patterns-base-sw_management-32bit-20200124-150400.20.13.1 * patterns-base-minimal_base-32bit-20200124-150400.20.13.1 * patterns-base-transactional_base-20200124-150400.20.13.1 * patterns-base-fips-20200124-150400.20.13.1 * patterns-base-basesystem-20200124-150400.20.13.1 * patterns-base-base-32bit-20200124-150400.20.13.1 * patterns-base-enhanced_base-32bit-20200124-150400.20.13.1 * patterns-base-x11-32bit-20200124-150400.20.13.1 * patterns-base-apparmor-20200124-150400.20.13.1 * patterns-base-fips-certified-20200124-150400.20.13.1 * patterns-base-bootloader-20200124-150400.20.13.1 * patterns-base-documentation-20200124-150400.20.13.1 * patterns-base-minimal_base-20200124-150400.20.13.1 * patterns-base-x11_enhanced-20200124-150400.20.13.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64) * patterns-base-x11_raspberrypi-20200124-150400.20.13.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le x86_64) * patterns-base-32bit-20200124-150400.20.13.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * patterns-base-apparmor-32bit-20200124-150400.20.13.1 * patterns-base-base-20200124-150400.20.13.1 * patterns-base-base-32bit-20200124-150400.20.13.1 * patterns-base-enhanced_base-32bit-20200124-150400.20.13.1 * patterns-base-x11-32bit-20200124-150400.20.13.1 * patterns-base-basic_desktop-20200124-150400.20.13.1 * patterns-base-x11_enhanced-32bit-20200124-150400.20.13.1 * patterns-base-enhanced_base-20200124-150400.20.13.1 * patterns-base-sw_management-32bit-20200124-150400.20.13.1 * patterns-base-apparmor-20200124-150400.20.13.1 * patterns-base-minimal_base-32bit-20200124-150400.20.13.1 * patterns-base-fips-20200124-150400.20.13.1 * patterns-base-x11-20200124-150400.20.13.1 * patterns-base-minimal_base-20200124-150400.20.13.1 * patterns-base-bootloader-20200124-150400.20.13.1 * patterns-base-basesystem-20200124-150400.20.13.1 * patterns-base-x11_enhanced-20200124-150400.20.13.1 * patterns-base-sw_management-20200124-150400.20.13.1 * patterns-base-documentation-20200124-150400.20.13.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64) * patterns-base-x11_raspberrypi-20200124-150400.20.13.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * patterns-base-base-20200124-150400.20.13.1 * patterns-base-x11_enhanced-32bit-20200124-150400.20.13.1 * patterns-base-enhanced_base-20200124-150400.20.13.1 * patterns-base-x11-20200124-150400.20.13.1 * patterns-base-apparmor-32bit-20200124-150400.20.13.1 * patterns-base-sw_management-20200124-150400.20.13.1 * patterns-base-basic_desktop-20200124-150400.20.13.1 * patterns-base-sw_management-32bit-20200124-150400.20.13.1 * patterns-base-minimal_base-32bit-20200124-150400.20.13.1 * patterns-base-fips-20200124-150400.20.13.1 * patterns-base-basesystem-20200124-150400.20.13.1 * patterns-base-base-32bit-20200124-150400.20.13.1 * patterns-base-enhanced_base-32bit-20200124-150400.20.13.1 * patterns-base-x11-32bit-20200124-150400.20.13.1 * patterns-base-apparmor-20200124-150400.20.13.1 * patterns-base-fips-certified-20200124-150400.20.13.1 * patterns-base-bootloader-20200124-150400.20.13.1 * patterns-base-documentation-20200124-150400.20.13.1 * patterns-base-32bit-20200124-150400.20.13.1 * patterns-base-minimal_base-20200124-150400.20.13.1 * patterns-base-x11_enhanced-20200124-150400.20.13.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * patterns-base-32bit-20200124-150400.20.13.1 * patterns-base-base-20200124-150400.20.13.1 * patterns-base-base-32bit-20200124-150400.20.13.1 * patterns-base-enhanced_base-32bit-20200124-150400.20.13.1 * patterns-base-x11-32bit-20200124-150400.20.13.1 * patterns-base-basic_desktop-20200124-150400.20.13.1 * patterns-base-x11_enhanced-32bit-20200124-150400.20.13.1 * patterns-base-basesystem-20200124-150400.20.13.1 * patterns-base-enhanced_base-20200124-150400.20.13.1 * patterns-base-sw_management-32bit-20200124-150400.20.13.1 * patterns-base-apparmor-20200124-150400.20.13.1 * patterns-base-minimal_base-32bit-20200124-150400.20.13.1 * patterns-base-fips-20200124-150400.20.13.1 * patterns-base-x11-20200124-150400.20.13.1 * patterns-base-minimal_base-20200124-150400.20.13.1 * patterns-base-bootloader-20200124-150400.20.13.1 * patterns-base-apparmor-32bit-20200124-150400.20.13.1 * patterns-base-x11_enhanced-20200124-150400.20.13.1 * patterns-base-sw_management-20200124-150400.20.13.1 * patterns-base-documentation-20200124-150400.20.13.1 * SUSE Manager Proxy 4.3 (x86_64) * patterns-base-base-20200124-150400.20.13.1 * patterns-base-x11_enhanced-32bit-20200124-150400.20.13.1 * patterns-base-enhanced_base-20200124-150400.20.13.1 * patterns-base-x11-20200124-150400.20.13.1 * patterns-base-apparmor-32bit-20200124-150400.20.13.1 * patterns-base-sw_management-20200124-150400.20.13.1 * patterns-base-basic_desktop-20200124-150400.20.13.1 * patterns-base-sw_management-32bit-20200124-150400.20.13.1 * patterns-base-minimal_base-32bit-20200124-150400.20.13.1 * patterns-base-fips-20200124-150400.20.13.1 * patterns-base-basesystem-20200124-150400.20.13.1 * patterns-base-base-32bit-20200124-150400.20.13.1 * patterns-base-enhanced_base-32bit-20200124-150400.20.13.1 * patterns-base-x11-32bit-20200124-150400.20.13.1 * patterns-base-apparmor-20200124-150400.20.13.1 * patterns-base-fips-certified-20200124-150400.20.13.1 * patterns-base-bootloader-20200124-150400.20.13.1 * patterns-base-documentation-20200124-150400.20.13.1 * patterns-base-32bit-20200124-150400.20.13.1 * patterns-base-minimal_base-20200124-150400.20.13.1 * patterns-base-x11_enhanced-20200124-150400.20.13.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * patterns-base-base-20200124-150400.20.13.1 * patterns-base-x11_enhanced-32bit-20200124-150400.20.13.1 * patterns-base-enhanced_base-20200124-150400.20.13.1 * patterns-base-x11-20200124-150400.20.13.1 * patterns-base-apparmor-32bit-20200124-150400.20.13.1 * patterns-base-sw_management-20200124-150400.20.13.1 * patterns-base-basic_desktop-20200124-150400.20.13.1 * patterns-base-sw_management-32bit-20200124-150400.20.13.1 * patterns-base-minimal_base-32bit-20200124-150400.20.13.1 * patterns-base-fips-20200124-150400.20.13.1 * patterns-base-basesystem-20200124-150400.20.13.1 * patterns-base-base-32bit-20200124-150400.20.13.1 * patterns-base-enhanced_base-32bit-20200124-150400.20.13.1 * patterns-base-x11-32bit-20200124-150400.20.13.1 * patterns-base-apparmor-20200124-150400.20.13.1 * patterns-base-fips-certified-20200124-150400.20.13.1 * patterns-base-bootloader-20200124-150400.20.13.1 * patterns-base-documentation-20200124-150400.20.13.1 * patterns-base-32bit-20200124-150400.20.13.1 * patterns-base-minimal_base-20200124-150400.20.13.1 * patterns-base-x11_enhanced-20200124-150400.20.13.1 ## References: * https://jira.suse.com/browse/PED-8375 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 14 12:30:09 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 14 May 2025 12:30:09 -0000 Subject: SUSE-SU-2025:1549-1: moderate: Security update for apparmor Message-ID: <174722580997.14447.837259865219145077@smelt2.prg2.suse.org> # Security update for apparmor Announcement ID: SUSE-SU-2025:1549-1 Release Date: 2025-05-14T09:06:46Z Rating: moderate References: * bsc#1241678 Cross-References: * CVE-2024-10041 CVSS scores: * CVE-2024-10041 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-10041 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-10041 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for apparmor fixes the following issues: * Add dac_read_search capability for unix_chkpwd to allow it to read the shadow file even if it has 000 permissions. This is needed after the CVE-2024-10041 fix in PAM. (bsc#1241678) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1549=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1549=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1549=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1549=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1549=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1549=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1549=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1549=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1549=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-1549=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-1549=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-1549=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * apparmor-debugsource-3.0.4-150400.5.18.1 * ruby-apparmor-3.0.4-150400.5.18.1 * pam_apparmor-3.0.4-150400.5.18.1 * perl-apparmor-debuginfo-3.0.4-150400.5.18.1 * perl-apparmor-3.0.4-150400.5.18.1 * python3-apparmor-debuginfo-3.0.4-150400.5.18.1 * libapparmor-debugsource-3.0.4-150400.5.18.1 * libapparmor-devel-3.0.4-150400.5.18.1 * ruby-apparmor-debuginfo-3.0.4-150400.5.18.1 * apparmor-parser-debuginfo-3.0.4-150400.5.18.1 * python3-apparmor-3.0.4-150400.5.18.1 * libapparmor1-debuginfo-3.0.4-150400.5.18.1 * libapparmor1-3.0.4-150400.5.18.1 * apache2-mod_apparmor-debuginfo-3.0.4-150400.5.18.1 * apache2-mod_apparmor-3.0.4-150400.5.18.1 * pam_apparmor-debuginfo-3.0.4-150400.5.18.1 * apparmor-parser-3.0.4-150400.5.18.1 * openSUSE Leap 15.4 (noarch) * apparmor-profiles-3.0.4-150400.5.18.1 * apparmor-parser-lang-3.0.4-150400.5.18.1 * apparmor-abstractions-3.0.4-150400.5.18.1 * apparmor-docs-3.0.4-150400.5.18.1 * apparmor-utils-3.0.4-150400.5.18.1 * apparmor-utils-lang-3.0.4-150400.5.18.1 * openSUSE Leap 15.4 (x86_64) * pam_apparmor-32bit-debuginfo-3.0.4-150400.5.18.1 * libapparmor1-32bit-3.0.4-150400.5.18.1 * libapparmor1-32bit-debuginfo-3.0.4-150400.5.18.1 * pam_apparmor-32bit-3.0.4-150400.5.18.1 * openSUSE Leap 15.4 (aarch64_ilp32) * pam_apparmor-64bit-3.0.4-150400.5.18.1 * libapparmor1-64bit-3.0.4-150400.5.18.1 * pam_apparmor-64bit-debuginfo-3.0.4-150400.5.18.1 * libapparmor1-64bit-debuginfo-3.0.4-150400.5.18.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * apparmor-debugsource-3.0.4-150400.5.18.1 * libapparmor-debugsource-3.0.4-150400.5.18.1 * pam_apparmor-3.0.4-150400.5.18.1 * apparmor-parser-debuginfo-3.0.4-150400.5.18.1 * libapparmor1-debuginfo-3.0.4-150400.5.18.1 * libapparmor1-3.0.4-150400.5.18.1 * pam_apparmor-debuginfo-3.0.4-150400.5.18.1 * apparmor-parser-3.0.4-150400.5.18.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * apparmor-debugsource-3.0.4-150400.5.18.1 * libapparmor-debugsource-3.0.4-150400.5.18.1 * pam_apparmor-3.0.4-150400.5.18.1 * apparmor-parser-debuginfo-3.0.4-150400.5.18.1 * libapparmor1-debuginfo-3.0.4-150400.5.18.1 * libapparmor1-3.0.4-150400.5.18.1 * pam_apparmor-debuginfo-3.0.4-150400.5.18.1 * apparmor-parser-3.0.4-150400.5.18.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * apparmor-debugsource-3.0.4-150400.5.18.1 * libapparmor-debugsource-3.0.4-150400.5.18.1 * pam_apparmor-3.0.4-150400.5.18.1 * apparmor-parser-debuginfo-3.0.4-150400.5.18.1 * libapparmor1-debuginfo-3.0.4-150400.5.18.1 * libapparmor1-3.0.4-150400.5.18.1 * pam_apparmor-debuginfo-3.0.4-150400.5.18.1 * apparmor-parser-3.0.4-150400.5.18.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * apparmor-debugsource-3.0.4-150400.5.18.1 * libapparmor-debugsource-3.0.4-150400.5.18.1 * pam_apparmor-3.0.4-150400.5.18.1 * apparmor-parser-debuginfo-3.0.4-150400.5.18.1 * libapparmor1-debuginfo-3.0.4-150400.5.18.1 * libapparmor1-3.0.4-150400.5.18.1 * pam_apparmor-debuginfo-3.0.4-150400.5.18.1 * apparmor-parser-3.0.4-150400.5.18.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * apparmor-debugsource-3.0.4-150400.5.18.1 * libapparmor-debugsource-3.0.4-150400.5.18.1 * libapparmor-devel-3.0.4-150400.5.18.1 * pam_apparmor-3.0.4-150400.5.18.1 * perl-apparmor-3.0.4-150400.5.18.1 * perl-apparmor-debuginfo-3.0.4-150400.5.18.1 * python3-apparmor-debuginfo-3.0.4-150400.5.18.1 * apparmor-parser-debuginfo-3.0.4-150400.5.18.1 * python3-apparmor-3.0.4-150400.5.18.1 * libapparmor1-debuginfo-3.0.4-150400.5.18.1 * libapparmor1-3.0.4-150400.5.18.1 * apache2-mod_apparmor-debuginfo-3.0.4-150400.5.18.1 * apache2-mod_apparmor-3.0.4-150400.5.18.1 * pam_apparmor-debuginfo-3.0.4-150400.5.18.1 * apparmor-parser-3.0.4-150400.5.18.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * apparmor-profiles-3.0.4-150400.5.18.1 * apparmor-parser-lang-3.0.4-150400.5.18.1 * apparmor-abstractions-3.0.4-150400.5.18.1 * apparmor-docs-3.0.4-150400.5.18.1 * apparmor-utils-3.0.4-150400.5.18.1 * apparmor-utils-lang-3.0.4-150400.5.18.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * pam_apparmor-32bit-debuginfo-3.0.4-150400.5.18.1 * libapparmor1-32bit-3.0.4-150400.5.18.1 * libapparmor1-32bit-debuginfo-3.0.4-150400.5.18.1 * pam_apparmor-32bit-3.0.4-150400.5.18.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * apparmor-debugsource-3.0.4-150400.5.18.1 * libapparmor-debugsource-3.0.4-150400.5.18.1 * libapparmor-devel-3.0.4-150400.5.18.1 * pam_apparmor-3.0.4-150400.5.18.1 * perl-apparmor-3.0.4-150400.5.18.1 * perl-apparmor-debuginfo-3.0.4-150400.5.18.1 * python3-apparmor-debuginfo-3.0.4-150400.5.18.1 * apparmor-parser-debuginfo-3.0.4-150400.5.18.1 * python3-apparmor-3.0.4-150400.5.18.1 * libapparmor1-debuginfo-3.0.4-150400.5.18.1 * libapparmor1-3.0.4-150400.5.18.1 * apache2-mod_apparmor-debuginfo-3.0.4-150400.5.18.1 * apache2-mod_apparmor-3.0.4-150400.5.18.1 * pam_apparmor-debuginfo-3.0.4-150400.5.18.1 * apparmor-parser-3.0.4-150400.5.18.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * apparmor-profiles-3.0.4-150400.5.18.1 * apparmor-parser-lang-3.0.4-150400.5.18.1 * apparmor-abstractions-3.0.4-150400.5.18.1 * apparmor-docs-3.0.4-150400.5.18.1 * apparmor-utils-3.0.4-150400.5.18.1 * apparmor-utils-lang-3.0.4-150400.5.18.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * pam_apparmor-32bit-debuginfo-3.0.4-150400.5.18.1 * libapparmor1-32bit-3.0.4-150400.5.18.1 * libapparmor1-32bit-debuginfo-3.0.4-150400.5.18.1 * pam_apparmor-32bit-3.0.4-150400.5.18.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * apparmor-debugsource-3.0.4-150400.5.18.1 * libapparmor-debugsource-3.0.4-150400.5.18.1 * libapparmor-devel-3.0.4-150400.5.18.1 * pam_apparmor-3.0.4-150400.5.18.1 * perl-apparmor-3.0.4-150400.5.18.1 * perl-apparmor-debuginfo-3.0.4-150400.5.18.1 * python3-apparmor-debuginfo-3.0.4-150400.5.18.1 * apparmor-parser-debuginfo-3.0.4-150400.5.18.1 * python3-apparmor-3.0.4-150400.5.18.1 * libapparmor1-debuginfo-3.0.4-150400.5.18.1 * libapparmor1-3.0.4-150400.5.18.1 * apache2-mod_apparmor-debuginfo-3.0.4-150400.5.18.1 * apache2-mod_apparmor-3.0.4-150400.5.18.1 * pam_apparmor-debuginfo-3.0.4-150400.5.18.1 * apparmor-parser-3.0.4-150400.5.18.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * apparmor-profiles-3.0.4-150400.5.18.1 * apparmor-parser-lang-3.0.4-150400.5.18.1 * apparmor-abstractions-3.0.4-150400.5.18.1 * apparmor-docs-3.0.4-150400.5.18.1 * apparmor-utils-3.0.4-150400.5.18.1 * apparmor-utils-lang-3.0.4-150400.5.18.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64) * pam_apparmor-32bit-debuginfo-3.0.4-150400.5.18.1 * libapparmor1-32bit-3.0.4-150400.5.18.1 * libapparmor1-32bit-debuginfo-3.0.4-150400.5.18.1 * pam_apparmor-32bit-3.0.4-150400.5.18.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * apparmor-debugsource-3.0.4-150400.5.18.1 * libapparmor-debugsource-3.0.4-150400.5.18.1 * libapparmor-devel-3.0.4-150400.5.18.1 * pam_apparmor-3.0.4-150400.5.18.1 * perl-apparmor-3.0.4-150400.5.18.1 * perl-apparmor-debuginfo-3.0.4-150400.5.18.1 * python3-apparmor-debuginfo-3.0.4-150400.5.18.1 * apparmor-parser-debuginfo-3.0.4-150400.5.18.1 * python3-apparmor-3.0.4-150400.5.18.1 * libapparmor1-debuginfo-3.0.4-150400.5.18.1 * libapparmor1-3.0.4-150400.5.18.1 * apache2-mod_apparmor-debuginfo-3.0.4-150400.5.18.1 * apache2-mod_apparmor-3.0.4-150400.5.18.1 * pam_apparmor-debuginfo-3.0.4-150400.5.18.1 * apparmor-parser-3.0.4-150400.5.18.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * apparmor-profiles-3.0.4-150400.5.18.1 * apparmor-parser-lang-3.0.4-150400.5.18.1 * apparmor-abstractions-3.0.4-150400.5.18.1 * apparmor-docs-3.0.4-150400.5.18.1 * apparmor-utils-3.0.4-150400.5.18.1 * apparmor-utils-lang-3.0.4-150400.5.18.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * pam_apparmor-32bit-debuginfo-3.0.4-150400.5.18.1 * libapparmor1-32bit-3.0.4-150400.5.18.1 * libapparmor1-32bit-debuginfo-3.0.4-150400.5.18.1 * pam_apparmor-32bit-3.0.4-150400.5.18.1 * SUSE Manager Proxy 4.3 (x86_64) * apparmor-debugsource-3.0.4-150400.5.18.1 * libapparmor-debugsource-3.0.4-150400.5.18.1 * libapparmor-devel-3.0.4-150400.5.18.1 * pam_apparmor-3.0.4-150400.5.18.1 * python3-apparmor-debuginfo-3.0.4-150400.5.18.1 * libapparmor1-32bit-debuginfo-3.0.4-150400.5.18.1 * pam_apparmor-32bit-3.0.4-150400.5.18.1 * apparmor-parser-debuginfo-3.0.4-150400.5.18.1 * libapparmor1-32bit-3.0.4-150400.5.18.1 * python3-apparmor-3.0.4-150400.5.18.1 * libapparmor1-debuginfo-3.0.4-150400.5.18.1 * libapparmor1-3.0.4-150400.5.18.1 * apache2-mod_apparmor-debuginfo-3.0.4-150400.5.18.1 * pam_apparmor-32bit-debuginfo-3.0.4-150400.5.18.1 * apache2-mod_apparmor-3.0.4-150400.5.18.1 * pam_apparmor-debuginfo-3.0.4-150400.5.18.1 * apparmor-parser-3.0.4-150400.5.18.1 * SUSE Manager Proxy 4.3 (noarch) * apparmor-profiles-3.0.4-150400.5.18.1 * apparmor-parser-lang-3.0.4-150400.5.18.1 * apparmor-abstractions-3.0.4-150400.5.18.1 * apparmor-docs-3.0.4-150400.5.18.1 * apparmor-utils-3.0.4-150400.5.18.1 * apparmor-utils-lang-3.0.4-150400.5.18.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * apparmor-debugsource-3.0.4-150400.5.18.1 * libapparmor-debugsource-3.0.4-150400.5.18.1 * libapparmor-devel-3.0.4-150400.5.18.1 * pam_apparmor-3.0.4-150400.5.18.1 * python3-apparmor-debuginfo-3.0.4-150400.5.18.1 * libapparmor1-32bit-debuginfo-3.0.4-150400.5.18.1 * pam_apparmor-32bit-3.0.4-150400.5.18.1 * apparmor-parser-debuginfo-3.0.4-150400.5.18.1 * libapparmor1-32bit-3.0.4-150400.5.18.1 * python3-apparmor-3.0.4-150400.5.18.1 * libapparmor1-debuginfo-3.0.4-150400.5.18.1 * libapparmor1-3.0.4-150400.5.18.1 * apache2-mod_apparmor-debuginfo-3.0.4-150400.5.18.1 * pam_apparmor-32bit-debuginfo-3.0.4-150400.5.18.1 * apache2-mod_apparmor-3.0.4-150400.5.18.1 * pam_apparmor-debuginfo-3.0.4-150400.5.18.1 * apparmor-parser-3.0.4-150400.5.18.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * apparmor-profiles-3.0.4-150400.5.18.1 * apparmor-parser-lang-3.0.4-150400.5.18.1 * apparmor-abstractions-3.0.4-150400.5.18.1 * apparmor-docs-3.0.4-150400.5.18.1 * apparmor-utils-3.0.4-150400.5.18.1 * apparmor-utils-lang-3.0.4-150400.5.18.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * apparmor-debugsource-3.0.4-150400.5.18.1 * libapparmor-debugsource-3.0.4-150400.5.18.1 * libapparmor-devel-3.0.4-150400.5.18.1 * pam_apparmor-3.0.4-150400.5.18.1 * python3-apparmor-debuginfo-3.0.4-150400.5.18.1 * apparmor-parser-debuginfo-3.0.4-150400.5.18.1 * python3-apparmor-3.0.4-150400.5.18.1 * libapparmor1-debuginfo-3.0.4-150400.5.18.1 * libapparmor1-3.0.4-150400.5.18.1 * apache2-mod_apparmor-debuginfo-3.0.4-150400.5.18.1 * apache2-mod_apparmor-3.0.4-150400.5.18.1 * pam_apparmor-debuginfo-3.0.4-150400.5.18.1 * apparmor-parser-3.0.4-150400.5.18.1 * SUSE Manager Server 4.3 (noarch) * apparmor-profiles-3.0.4-150400.5.18.1 * apparmor-parser-lang-3.0.4-150400.5.18.1 * apparmor-abstractions-3.0.4-150400.5.18.1 * apparmor-docs-3.0.4-150400.5.18.1 * apparmor-utils-3.0.4-150400.5.18.1 * apparmor-utils-lang-3.0.4-150400.5.18.1 * SUSE Manager Server 4.3 (x86_64) * pam_apparmor-32bit-debuginfo-3.0.4-150400.5.18.1 * libapparmor1-32bit-3.0.4-150400.5.18.1 * libapparmor1-32bit-debuginfo-3.0.4-150400.5.18.1 * pam_apparmor-32bit-3.0.4-150400.5.18.1 ## References: * https://www.suse.com/security/cve/CVE-2024-10041.html * https://bugzilla.suse.com/show_bug.cgi?id=1241678 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 14 12:30:19 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 14 May 2025 12:30:19 -0000 Subject: SUSE-SU-2025:1548-1: moderate: Security update for rabbitmq-server313 Message-ID: <174722581948.14447.11289583978960833697@smelt2.prg2.suse.org> # Security update for rabbitmq-server313 Announcement ID: SUSE-SU-2025:1548-1 Release Date: 2025-05-14T08:25:21Z Rating: moderate References: * bsc#1231656 * bsc#1234763 * bsc#1240071 Cross-References: * CVE-2025-30219 CVSS scores: * CVE-2025-30219 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-30219 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:L * CVE-2025-30219 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:L Affected Products: * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability and has two security fixes can now be installed. ## Description: This update for rabbitmq-server313 fixes the following issues: * CVE-2025-30219: incorrectly escaped virtual hostname present in error message could lead to XSS attack. (bsc#1240071) Non-security fixes: * Require rabbitmq-server313-plugins rather then rabbitmq-server-plugins. (bsc#1231656, bsc#1234763) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1548=1 openSUSE-SLE-15.6-2025-1548=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-1548=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * erlang-rabbitmq-client313-3.13.1-150600.13.8.1 * rabbitmq-server313-plugins-3.13.1-150600.13.8.1 * rabbitmq-server313-3.13.1-150600.13.8.1 * openSUSE Leap 15.6 (noarch) * rabbitmq-server313-bash-completion-3.13.1-150600.13.8.1 * rabbitmq-server313-zsh-completion-3.13.1-150600.13.8.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * erlang-rabbitmq-client313-3.13.1-150600.13.8.1 * rabbitmq-server313-plugins-3.13.1-150600.13.8.1 * rabbitmq-server313-3.13.1-150600.13.8.1 ## References: * https://www.suse.com/security/cve/CVE-2025-30219.html * https://bugzilla.suse.com/show_bug.cgi?id=1231656 * https://bugzilla.suse.com/show_bug.cgi?id=1234763 * https://bugzilla.suse.com/show_bug.cgi?id=1240071 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 14 20:30:06 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 14 May 2025 20:30:06 -0000 Subject: SUSE-RU-2025:1554-1: moderate: Recommended update for saphana-checks Message-ID: <174725460687.12768.7619148363490922481@smelt2.prg2.suse.org> # Recommended update for saphana-checks Announcement ID: SUSE-RU-2025:1554-1 Release Date: 2025-05-14T17:30:40Z Rating: moderate References: * bsc#1242802 Affected Products: * openSUSE Leap 15.6 * SAP Applications Module 15-SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that has one fix can now be installed. ## Description: This update for saphana-checks fixes the following issues: * sssd - fix error sapnote is read only, adjust sap notes * GCP - new certified m4 instances as of April 29th * Enhance error detection - set bash pipefail option * SLES15.5 kernels with slowIO * Azure - new certified v3 instances as of April 15th * SAP HostAgent 7.22 PL67 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1554=1 * SAP Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-SAP-Applications-15-SP6-2025-1554=1 ## Package List: * openSUSE Leap 15.6 (noarch) * saphana-checks-2503+1.g069fbad-150600.13.12.1 * SAP Applications Module 15-SP6 (noarch) * saphana-checks-2503+1.g069fbad-150600.13.12.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1242802 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 14 20:30:08 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 14 May 2025 20:30:08 -0000 Subject: SUSE-RU-2025:1553-1: moderate: Recommended update for go1.24-openssl Message-ID: <174725460811.12768.5938078601504821246@smelt2.prg2.suse.org> # Recommended update for go1.24-openssl Announcement ID: SUSE-RU-2025:1553-1 Release Date: 2025-05-14T17:07:59Z Rating: moderate References: * jsc#SLE-18320 Affected Products: * Development Tools Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that contains one feature can now be installed. ## Description: This update for go1.24-openssl fixes the following issues: This ships the go1.24.3 openssl flavor. (jsc#SLE-18320) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1553=1 openSUSE-SLE-15.6-2025-1553=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-1553=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * go1.24-openssl-doc-1.24.3-150600.13.3.1 * go1.24-openssl-1.24.3-150600.13.3.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * go1.24-openssl-race-1.24.3-150600.13.3.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * go1.24-openssl-race-1.24.3-150600.13.3.1 * go1.24-openssl-doc-1.24.3-150600.13.3.1 * go1.24-openssl-1.24.3-150600.13.3.1 ## References: * https://jira.suse.com/browse/SLE-18320 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 14 20:30:11 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 14 May 2025 20:30:11 -0000 Subject: SUSE-RU-2025:1552-1: moderate: Recommended update for go1.23 Message-ID: <174725461189.12768.5224658047460500353@smelt2.prg2.suse.org> # Recommended update for go1.23 Announcement ID: SUSE-RU-2025:1552-1 Release Date: 2025-05-14T17:07:48Z Rating: moderate References: * bsc#1229122 Affected Products: * Development Tools Module 15-SP6 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that has one fix can now be installed. ## Description: This update for go1.23 fixes the following issues: go1.23.9 (released 2025-05-06) includes fixes to the runtime and the linker. (bsc#1229122) * go#73091 cmd/link: linkname directive on userspace variable can override runtime variable * go#73380 runtime, x/sys/unix: Connectx is broken on darwin/amd64 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1552=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-1552=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1552=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1552=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1552=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1552=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1552=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1552=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1552=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1552=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1552=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1552=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1552=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1552=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * go1.23-race-1.23.9-150000.1.30.1 * go1.23-doc-1.23.9-150000.1.30.1 * go1.23-1.23.9-150000.1.30.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * go1.23-race-1.23.9-150000.1.30.1 * go1.23-doc-1.23.9-150000.1.30.1 * go1.23-1.23.9-150000.1.30.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * go1.23-race-1.23.9-150000.1.30.1 * go1.23-doc-1.23.9-150000.1.30.1 * go1.23-1.23.9-150000.1.30.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * go1.23-race-1.23.9-150000.1.30.1 * go1.23-doc-1.23.9-150000.1.30.1 * go1.23-1.23.9-150000.1.30.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * go1.23-race-1.23.9-150000.1.30.1 * go1.23-doc-1.23.9-150000.1.30.1 * go1.23-1.23.9-150000.1.30.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * go1.23-race-1.23.9-150000.1.30.1 * go1.23-doc-1.23.9-150000.1.30.1 * go1.23-1.23.9-150000.1.30.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * go1.23-race-1.23.9-150000.1.30.1 * go1.23-doc-1.23.9-150000.1.30.1 * go1.23-1.23.9-150000.1.30.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * go1.23-race-1.23.9-150000.1.30.1 * go1.23-doc-1.23.9-150000.1.30.1 * go1.23-1.23.9-150000.1.30.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * go1.23-race-1.23.9-150000.1.30.1 * go1.23-doc-1.23.9-150000.1.30.1 * go1.23-1.23.9-150000.1.30.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * go1.23-race-1.23.9-150000.1.30.1 * go1.23-doc-1.23.9-150000.1.30.1 * go1.23-1.23.9-150000.1.30.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * go1.23-race-1.23.9-150000.1.30.1 * go1.23-doc-1.23.9-150000.1.30.1 * go1.23-1.23.9-150000.1.30.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * go1.23-race-1.23.9-150000.1.30.1 * go1.23-doc-1.23.9-150000.1.30.1 * go1.23-1.23.9-150000.1.30.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * go1.23-race-1.23.9-150000.1.30.1 * go1.23-doc-1.23.9-150000.1.30.1 * go1.23-1.23.9-150000.1.30.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * go1.23-race-1.23.9-150000.1.30.1 * go1.23-doc-1.23.9-150000.1.30.1 * go1.23-1.23.9-150000.1.30.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1229122 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 14 20:30:15 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 14 May 2025 20:30:15 -0000 Subject: SUSE-SU-2025:1551-1: moderate: Security update for go1.24 Message-ID: <174725461562.12768.13690098705152827875@smelt2.prg2.suse.org> # Security update for go1.24 Announcement ID: SUSE-SU-2025:1551-1 Release Date: 2025-05-14T17:06:42Z Rating: moderate References: * bsc#1236217 * bsc#1242715 Cross-References: * CVE-2025-22873 CVSS scores: * CVE-2025-22873 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-22873 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N Affected Products: * Development Tools Module 15-SP6 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for go1.24 fixes the following issues: Update to go1.24.3 (bsc#1236217): Security fixes: * CVE-2025-22873: Fixed os.Root permits access to parent directory (bsc#1242715) Changelog: * go#73556 go#73555 security: fix CVE-2025-22873 os: Root permits access to parent directory * go#73082 os: Root.Open panics when opening a symlink referencing the root * go#73092 cmd/link: linkname directive on userspace variable can override runtime variable * go#73118 crypto/tls: ECH decodeInnerClientHello incorrectly rejects ClientHello with GREASE values in supportedVersions * go#73144 runtime: segmentation fault from vgetrandomPutState and runtime.growslice w/ runtime.OSLockThread * go#73192 runtime: -race data race map traceback report incorrect functions * go#73281 cmd/compile: program compiles to wasm but is invalid: go:wasmexport: integer too large * go#73379 runtime, x/sys/unix: Connectx is broken on darwin/amd64 * go#73440 cmd/compile: infinite loop in the inliner * go#73500 cmd/go: +dirty in version stamping doesn't combine well with +incompatible ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1551=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-1551=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1551=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1551=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1551=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1551=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1551=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1551=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1551=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1551=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1551=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1551=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1551=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1551=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * go1.24-race-1.24.3-150000.1.23.1 * go1.24-doc-1.24.3-150000.1.23.1 * go1.24-1.24.3-150000.1.23.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * go1.24-race-1.24.3-150000.1.23.1 * go1.24-doc-1.24.3-150000.1.23.1 * go1.24-1.24.3-150000.1.23.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * go1.24-race-1.24.3-150000.1.23.1 * go1.24-doc-1.24.3-150000.1.23.1 * go1.24-1.24.3-150000.1.23.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * go1.24-race-1.24.3-150000.1.23.1 * go1.24-doc-1.24.3-150000.1.23.1 * go1.24-1.24.3-150000.1.23.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * go1.24-race-1.24.3-150000.1.23.1 * go1.24-doc-1.24.3-150000.1.23.1 * go1.24-1.24.3-150000.1.23.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * go1.24-race-1.24.3-150000.1.23.1 * go1.24-doc-1.24.3-150000.1.23.1 * go1.24-1.24.3-150000.1.23.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * go1.24-race-1.24.3-150000.1.23.1 * go1.24-doc-1.24.3-150000.1.23.1 * go1.24-1.24.3-150000.1.23.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * go1.24-race-1.24.3-150000.1.23.1 * go1.24-doc-1.24.3-150000.1.23.1 * go1.24-1.24.3-150000.1.23.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * go1.24-race-1.24.3-150000.1.23.1 * go1.24-doc-1.24.3-150000.1.23.1 * go1.24-1.24.3-150000.1.23.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * go1.24-race-1.24.3-150000.1.23.1 * go1.24-doc-1.24.3-150000.1.23.1 * go1.24-1.24.3-150000.1.23.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * go1.24-race-1.24.3-150000.1.23.1 * go1.24-doc-1.24.3-150000.1.23.1 * go1.24-1.24.3-150000.1.23.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * go1.24-race-1.24.3-150000.1.23.1 * go1.24-doc-1.24.3-150000.1.23.1 * go1.24-1.24.3-150000.1.23.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * go1.24-race-1.24.3-150000.1.23.1 * go1.24-doc-1.24.3-150000.1.23.1 * go1.24-1.24.3-150000.1.23.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * go1.24-race-1.24.3-150000.1.23.1 * go1.24-doc-1.24.3-150000.1.23.1 * go1.24-1.24.3-150000.1.23.1 ## References: * https://www.suse.com/security/cve/CVE-2025-22873.html * https://bugzilla.suse.com/show_bug.cgi?id=1236217 * https://bugzilla.suse.com/show_bug.cgi?id=1242715 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 14 20:30:22 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 14 May 2025 20:30:22 -0000 Subject: SUSE-SU-2025:1550-1: important: Security update for openssl-3 Message-ID: <174725462284.12768.13857880953099275687@smelt2.prg2.suse.org> # Security update for openssl-3 Announcement ID: SUSE-SU-2025:1550-1 Release Date: 2025-05-14T17:05:27Z Rating: important References: * bsc#1230959 * bsc#1231748 * bsc#1232326 * bsc#1240366 * bsc#1240607 Cross-References: * CVE-2025-27587 CVSS scores: * CVE-2025-27587 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-27587 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability and has four security fixes can now be installed. ## Description: This update for openssl-3 fixes the following issues: Security: * CVE-2025-27587: Timing side channel vulnerability in the P-384 implementation when used with ECDSA in the PPC architecture (bsc#1240366). * Missing null pointer check before accessing handshake_func in ssl_lib.c (bsc#1240607). FIPS: * Disabling EMS in OpenSSL configuration prevents sshd from starting (bsc#1230959, bsc#1232326, bsc#1231748). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1550=1 openSUSE-SLE-15.6-2025-1550=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1550=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libopenssl3-3.1.4-150600.5.27.1 * libopenssl-3-fips-provider-debuginfo-3.1.4-150600.5.27.1 * openssl-3-3.1.4-150600.5.27.1 * openssl-3-debuginfo-3.1.4-150600.5.27.1 * libopenssl-3-devel-3.1.4-150600.5.27.1 * openssl-3-debugsource-3.1.4-150600.5.27.1 * libopenssl3-debuginfo-3.1.4-150600.5.27.1 * libopenssl-3-fips-provider-3.1.4-150600.5.27.1 * openSUSE Leap 15.6 (x86_64) * libopenssl3-32bit-debuginfo-3.1.4-150600.5.27.1 * libopenssl-3-devel-32bit-3.1.4-150600.5.27.1 * libopenssl3-32bit-3.1.4-150600.5.27.1 * libopenssl-3-fips-provider-32bit-3.1.4-150600.5.27.1 * libopenssl-3-fips-provider-32bit-debuginfo-3.1.4-150600.5.27.1 * openSUSE Leap 15.6 (noarch) * openssl-3-doc-3.1.4-150600.5.27.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libopenssl3-64bit-debuginfo-3.1.4-150600.5.27.1 * libopenssl-3-devel-64bit-3.1.4-150600.5.27.1 * libopenssl-3-fips-provider-64bit-debuginfo-3.1.4-150600.5.27.1 * libopenssl-3-fips-provider-64bit-3.1.4-150600.5.27.1 * libopenssl3-64bit-3.1.4-150600.5.27.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libopenssl3-3.1.4-150600.5.27.1 * libopenssl-3-fips-provider-debuginfo-3.1.4-150600.5.27.1 * openssl-3-3.1.4-150600.5.27.1 * openssl-3-debuginfo-3.1.4-150600.5.27.1 * libopenssl-3-devel-3.1.4-150600.5.27.1 * openssl-3-debugsource-3.1.4-150600.5.27.1 * libopenssl3-debuginfo-3.1.4-150600.5.27.1 * libopenssl-3-fips-provider-3.1.4-150600.5.27.1 * Basesystem Module 15-SP6 (x86_64) * libopenssl-3-fips-provider-32bit-3.1.4-150600.5.27.1 * libopenssl3-32bit-debuginfo-3.1.4-150600.5.27.1 * libopenssl-3-fips-provider-32bit-debuginfo-3.1.4-150600.5.27.1 * libopenssl3-32bit-3.1.4-150600.5.27.1 ## References: * https://www.suse.com/security/cve/CVE-2025-27587.html * https://bugzilla.suse.com/show_bug.cgi?id=1230959 * https://bugzilla.suse.com/show_bug.cgi?id=1231748 * https://bugzilla.suse.com/show_bug.cgi?id=1232326 * https://bugzilla.suse.com/show_bug.cgi?id=1240366 * https://bugzilla.suse.com/show_bug.cgi?id=1240607 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 15 08:30:08 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 15 May 2025 08:30:08 -0000 Subject: SUSE-RU-2025:1556-1: moderate: Recommended update for go1.24-openssl Message-ID: <174729780809.14417.6211905630810058@smelt2.prg2.suse.org> # Recommended update for go1.24-openssl Announcement ID: SUSE-RU-2025:1556-1 Release Date: 2025-05-15T07:27:45Z Rating: moderate References: * jsc#SLE-18320 Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that contains one feature can now be installed. ## Description: This update for go1.24-openssl fixes the following issues: This ships the go1.24.3 openssl flavor. (jsc#SLE-18320) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1556=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1556=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1556=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1556=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1556=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1556=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1556=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1556=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1556=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1556=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1556=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1556=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * go1.24-openssl-doc-1.24.3-150000.1.3.1 * go1.24-openssl-1.24.3-150000.1.3.1 * go1.24-openssl-race-1.24.3-150000.1.3.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * go1.24-openssl-doc-1.24.3-150000.1.3.1 * go1.24-openssl-1.24.3-150000.1.3.1 * go1.24-openssl-race-1.24.3-150000.1.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * go1.24-openssl-doc-1.24.3-150000.1.3.1 * go1.24-openssl-1.24.3-150000.1.3.1 * go1.24-openssl-race-1.24.3-150000.1.3.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * go1.24-openssl-doc-1.24.3-150000.1.3.1 * go1.24-openssl-1.24.3-150000.1.3.1 * go1.24-openssl-race-1.24.3-150000.1.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * go1.24-openssl-doc-1.24.3-150000.1.3.1 * go1.24-openssl-1.24.3-150000.1.3.1 * go1.24-openssl-race-1.24.3-150000.1.3.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * go1.24-openssl-doc-1.24.3-150000.1.3.1 * go1.24-openssl-1.24.3-150000.1.3.1 * go1.24-openssl-race-1.24.3-150000.1.3.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * go1.24-openssl-doc-1.24.3-150000.1.3.1 * go1.24-openssl-1.24.3-150000.1.3.1 * go1.24-openssl-race-1.24.3-150000.1.3.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * go1.24-openssl-doc-1.24.3-150000.1.3.1 * go1.24-openssl-1.24.3-150000.1.3.1 * go1.24-openssl-race-1.24.3-150000.1.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * go1.24-openssl-doc-1.24.3-150000.1.3.1 * go1.24-openssl-1.24.3-150000.1.3.1 * go1.24-openssl-race-1.24.3-150000.1.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * go1.24-openssl-doc-1.24.3-150000.1.3.1 * go1.24-openssl-1.24.3-150000.1.3.1 * go1.24-openssl-race-1.24.3-150000.1.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * go1.24-openssl-doc-1.24.3-150000.1.3.1 * go1.24-openssl-1.24.3-150000.1.3.1 * go1.24-openssl-race-1.24.3-150000.1.3.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * go1.24-openssl-doc-1.24.3-150000.1.3.1 * go1.24-openssl-1.24.3-150000.1.3.1 * go1.24-openssl-race-1.24.3-150000.1.3.1 ## References: * https://jira.suse.com/browse/SLE-18320 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 15 08:30:14 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 15 May 2025 08:30:14 -0000 Subject: SUSE-SU-2025:1555-1: moderate: Security update for go1.22-openssl Message-ID: <174729781444.14417.9146854670643760905@smelt2.prg2.suse.org> # Security update for go1.22-openssl Announcement ID: SUSE-SU-2025:1555-1 Release Date: 2025-05-15T05:06:07Z Rating: moderate References: * bsc#1218424 * bsc#1236045 * bsc#1236046 * bsc#1236801 * jsc#SLE-18320 Cross-References: * CVE-2024-45336 * CVE-2024-45341 * CVE-2025-22866 CVSS scores: * CVE-2024-45336 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-45336 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-45341 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-45341 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2025-22866 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-22866 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2025-22866 ( NVD ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities, contains one feature and has one security fix can now be installed. ## Description: This update for go1.22-openssl fixes the following issues: Update to version 1.22.12 (bsc#1218424): Security fixes: * CVE-2024-45336: net/http: sensitive headers incorrectly sent after cross- domain redirect (bsc#1236046) * CVE-2024-45341: crypto/x509: usage of IPv6 zone IDs can bypass URI name constraints (bsc#1236045) * CVE-2025-22866: crypto/internal/fips140/nistec: p256NegCond is variable time on ppc64le (bsc#1236801) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1555=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1555=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1555=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1555=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1555=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1555=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1555=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1555=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1555=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1555=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1555=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1555=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * go1.22-openssl-race-1.22.12-150000.1.12.1 * go1.22-openssl-debuginfo-1.22.12-150000.1.12.1 * go1.22-openssl-doc-1.22.12-150000.1.12.1 * go1.22-openssl-1.22.12-150000.1.12.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * go1.22-openssl-race-1.22.12-150000.1.12.1 * go1.22-openssl-debuginfo-1.22.12-150000.1.12.1 * go1.22-openssl-doc-1.22.12-150000.1.12.1 * go1.22-openssl-1.22.12-150000.1.12.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * go1.22-openssl-race-1.22.12-150000.1.12.1 * go1.22-openssl-debuginfo-1.22.12-150000.1.12.1 * go1.22-openssl-doc-1.22.12-150000.1.12.1 * go1.22-openssl-1.22.12-150000.1.12.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * go1.22-openssl-race-1.22.12-150000.1.12.1 * go1.22-openssl-debuginfo-1.22.12-150000.1.12.1 * go1.22-openssl-doc-1.22.12-150000.1.12.1 * go1.22-openssl-1.22.12-150000.1.12.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * go1.22-openssl-race-1.22.12-150000.1.12.1 * go1.22-openssl-debuginfo-1.22.12-150000.1.12.1 * go1.22-openssl-doc-1.22.12-150000.1.12.1 * go1.22-openssl-1.22.12-150000.1.12.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * go1.22-openssl-race-1.22.12-150000.1.12.1 * go1.22-openssl-debuginfo-1.22.12-150000.1.12.1 * go1.22-openssl-doc-1.22.12-150000.1.12.1 * go1.22-openssl-1.22.12-150000.1.12.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * go1.22-openssl-race-1.22.12-150000.1.12.1 * go1.22-openssl-debuginfo-1.22.12-150000.1.12.1 * go1.22-openssl-doc-1.22.12-150000.1.12.1 * go1.22-openssl-1.22.12-150000.1.12.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * go1.22-openssl-race-1.22.12-150000.1.12.1 * go1.22-openssl-debuginfo-1.22.12-150000.1.12.1 * go1.22-openssl-doc-1.22.12-150000.1.12.1 * go1.22-openssl-1.22.12-150000.1.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * go1.22-openssl-race-1.22.12-150000.1.12.1 * go1.22-openssl-debuginfo-1.22.12-150000.1.12.1 * go1.22-openssl-doc-1.22.12-150000.1.12.1 * go1.22-openssl-1.22.12-150000.1.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * go1.22-openssl-race-1.22.12-150000.1.12.1 * go1.22-openssl-debuginfo-1.22.12-150000.1.12.1 * go1.22-openssl-doc-1.22.12-150000.1.12.1 * go1.22-openssl-1.22.12-150000.1.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * go1.22-openssl-race-1.22.12-150000.1.12.1 * go1.22-openssl-debuginfo-1.22.12-150000.1.12.1 * go1.22-openssl-doc-1.22.12-150000.1.12.1 * go1.22-openssl-1.22.12-150000.1.12.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * go1.22-openssl-race-1.22.12-150000.1.12.1 * go1.22-openssl-debuginfo-1.22.12-150000.1.12.1 * go1.22-openssl-doc-1.22.12-150000.1.12.1 * go1.22-openssl-1.22.12-150000.1.12.1 ## References: * https://www.suse.com/security/cve/CVE-2024-45336.html * https://www.suse.com/security/cve/CVE-2024-45341.html * https://www.suse.com/security/cve/CVE-2025-22866.html * https://bugzilla.suse.com/show_bug.cgi?id=1218424 * https://bugzilla.suse.com/show_bug.cgi?id=1236045 * https://bugzilla.suse.com/show_bug.cgi?id=1236046 * https://bugzilla.suse.com/show_bug.cgi?id=1236801 * https://jira.suse.com/browse/SLE-18320 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 15 12:30:04 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 15 May 2025 12:30:04 -0000 Subject: SUSE-SU-2025:1559-1: moderate: Security update for audiofile Message-ID: <174731220402.14447.15766957319942004309@smelt2.prg2.suse.org> # Security update for audiofile Announcement ID: SUSE-SU-2025:1559-1 Release Date: 2025-05-15T11:19:29Z Rating: moderate References: * bsc#1140031 * bsc#1196487 Cross-References: * CVE-2019-13147 * CVE-2022-24599 CVSS scores: * CVE-2019-13147 ( SUSE ): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2019-13147 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2019-13147 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2022-24599 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L * CVE-2022-24599 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Affected Products: * Desktop Applications Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for audiofile fixes the following issues: * CVE-2019-13147: Fixed NULL pointer dereference in ulaw2linear_buf that could lead to DOS (bsc#1140031). * CVE-2022-24599: unverified user input when processing audio files can lead to information leak (bsc#1196487). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1559=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-1559=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * audiofile-0.3.6-150000.3.12.1 * audiofile-debuginfo-0.3.6-150000.3.12.1 * libaudiofile1-debuginfo-0.3.6-150000.3.12.1 * libaudiofile1-0.3.6-150000.3.12.1 * audiofile-debugsource-0.3.6-150000.3.12.1 * audiofile-devel-0.3.6-150000.3.12.1 * audiofile-doc-0.3.6-150000.3.12.1 * openSUSE Leap 15.6 (x86_64) * libaudiofile1-32bit-debuginfo-0.3.6-150000.3.12.1 * audiofile-devel-32bit-0.3.6-150000.3.12.1 * libaudiofile1-32bit-0.3.6-150000.3.12.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * audiofile-debuginfo-0.3.6-150000.3.12.1 * libaudiofile1-debuginfo-0.3.6-150000.3.12.1 * libaudiofile1-0.3.6-150000.3.12.1 * audiofile-debugsource-0.3.6-150000.3.12.1 * audiofile-devel-0.3.6-150000.3.12.1 ## References: * https://www.suse.com/security/cve/CVE-2019-13147.html * https://www.suse.com/security/cve/CVE-2022-24599.html * https://bugzilla.suse.com/show_bug.cgi?id=1140031 * https://bugzilla.suse.com/show_bug.cgi?id=1196487 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 15 12:30:07 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 15 May 2025 12:30:07 -0000 Subject: SUSE-RU-2025:1558-1: moderate: Recommended update for ca-certificates-mozilla Message-ID: <174731220730.14447.8171511854078293317@smelt2.prg2.suse.org> # Recommended update for ca-certificates-mozilla Announcement ID: SUSE-RU-2025:1558-1 Release Date: 2025-05-15T11:15:07Z Rating: moderate References: * bsc#1234798 * bsc#1240009 Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that has two fixes can now be installed. ## Description: This update for ca-certificates-mozilla fixes the following issues: Update to 2.74 state of Mozilla SSL root CAs: * Removed: * SwissSign Silver CA - G2 * Added: * D-TRUST BR Root CA 2 2023 * D-TRUST EV Root CA 2 2023 Updated to 2.72 state of Mozilla SSL root CAs (bsc#1234798) * Removed: * SecureSign RootCA11 * Security Communication RootCA3 * Added: * TWCA CYBER Root CA * TWCA Global Root CA G2 * SecureSign Root CA12 * SecureSign Root CA14 * SecureSign Root CA15 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-1558=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1558=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * ca-certificates-mozilla-2.74-12.51.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * ca-certificates-mozilla-2.74-12.51.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1234798 * https://bugzilla.suse.com/show_bug.cgi?id=1240009 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 15 12:30:11 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 15 May 2025 12:30:11 -0000 Subject: SUSE-RU-2025:0820-2: moderate: Recommended update for mozilla-nss Message-ID: <174731221149.14447.16186402783092446202@smelt2.prg2.suse.org> # Recommended update for mozilla-nss Announcement ID: SUSE-RU-2025:0820-2 Release Date: 2025-05-15T10:46:38Z Rating: moderate References: * bsc#1222834 Affected Products: * Certifications Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that has one fix can now be installed. ## Description: This update for mozilla-nss fixes the following issues: * FIPS: Do not pass in bad targetKeyLength parameters when checking for FIPS approval after keygen. This was causing false rejections. * FIPS: Approve RSA signature verification mechanisms with PKCS padding and legacy moduli (bsc#1222834). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Certifications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Certifications-15-SP7-2025-820=1 ## Package List: * Certifications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libsoftokn3-3.101.2-150400.3.54.1 * mozilla-nss-sysinit-debuginfo-3.101.2-150400.3.54.1 * mozilla-nss-tools-3.101.2-150400.3.54.1 * mozilla-nss-debugsource-3.101.2-150400.3.54.1 * libsoftokn3-debuginfo-3.101.2-150400.3.54.1 * mozilla-nss-certs-3.101.2-150400.3.54.1 * mozilla-nss-certs-debuginfo-3.101.2-150400.3.54.1 * mozilla-nss-debuginfo-3.101.2-150400.3.54.1 * mozilla-nss-devel-3.101.2-150400.3.54.1 * mozilla-nss-3.101.2-150400.3.54.1 * mozilla-nss-sysinit-3.101.2-150400.3.54.1 * mozilla-nss-tools-debuginfo-3.101.2-150400.3.54.1 * libfreebl3-3.101.2-150400.3.54.1 * libfreebl3-debuginfo-3.101.2-150400.3.54.1 * Certifications Module 15-SP7 (x86_64) * libfreebl3-32bit-debuginfo-3.101.2-150400.3.54.1 * mozilla-nss-sysinit-32bit-debuginfo-3.101.2-150400.3.54.1 * libsoftokn3-32bit-3.101.2-150400.3.54.1 * mozilla-nss-32bit-3.101.2-150400.3.54.1 * libsoftokn3-32bit-debuginfo-3.101.2-150400.3.54.1 * mozilla-nss-certs-32bit-debuginfo-3.101.2-150400.3.54.1 * mozilla-nss-certs-32bit-3.101.2-150400.3.54.1 * libfreebl3-32bit-3.101.2-150400.3.54.1 * mozilla-nss-sysinit-32bit-3.101.2-150400.3.54.1 * mozilla-nss-32bit-debuginfo-3.101.2-150400.3.54.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1222834 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 15 12:30:13 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 15 May 2025 12:30:13 -0000 Subject: SUSE-RU-2025:1557-1: moderate: Recommended update for python-docopt, python-msgpack, python-redis Message-ID: <174731221393.14447.8762703222339593603@smelt2.prg2.suse.org> # Recommended update for python-docopt, python-msgpack, python-redis Announcement ID: SUSE-RU-2025:1557-1 Release Date: 2025-05-15T10:23:35Z Rating: moderate References: * bsc#1240064 Affected Products: * openSUSE Leap 15.6 * Public Cloud Module 15-SP6 * Python 3 Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that has one fix can now be installed. ## Description: This update ships python311-docopt and python311-redis to the Public Cloud Module, and the python311-msgpack to the Python3 module. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Python 3 Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2025-1557=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1557=1 openSUSE-SLE-15.6-2025-1557=1 * Public Cloud Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2025-1557=1 ## Package List: * Python 3 Module 15-SP6 (aarch64 ppc64le s390x x86_64) * python311-msgpack-1.0.7-150600.3.2.1 * python311-msgpack-debuginfo-1.0.7-150600.3.2.1 * python-msgpack-debugsource-1.0.7-150600.3.2.1 * Python 3 Module 15-SP6 (noarch) * python311-sqlparse-0.4.4-150600.3.2.1 * python311-passlib-1.7.4-150600.12.2.1 * openSUSE Leap 15.6 (noarch) * python311-docopt-0.6.2-150600.18.2.1 * python311-sqlparse-0.4.4-150600.3.2.1 * python311-redis-5.0.1-150600.3.2.1 * python311-passlib-1.7.4-150600.12.2.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * python311-msgpack-1.0.7-150600.3.2.1 * python311-msgpack-debuginfo-1.0.7-150600.3.2.1 * python-msgpack-debugsource-1.0.7-150600.3.2.1 * Public Cloud Module 15-SP6 (noarch) * python311-docopt-0.6.2-150600.18.2.1 * python311-sqlparse-0.4.4-150600.3.2.1 * python311-redis-5.0.1-150600.3.2.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1240064 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 15 12:30:18 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 15 May 2025 12:30:18 -0000 Subject: SUSE-SU-2025:0613-3: moderate: Security update for openssl-1_1 Message-ID: <174731221801.14447.7386464803781774046@smelt2.prg2.suse.org> # Security update for openssl-1_1 Announcement ID: SUSE-SU-2025:0613-3 Release Date: 2025-05-15T08:51:29Z Rating: moderate References: * bsc#1236136 * bsc#1236771 Cross-References: * CVE-2024-13176 CVSS scores: * CVE-2024-13176 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-13176 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-13176 ( NVD ): 4.1 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L Affected Products: * Certifications Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for openssl-1_1 fixes the following issues: * CVE-2024-13176: Fixed timing side-channel in the ECDSA signature computation (bsc#1236136). Other bugfixes: * Non approved PBKDF parameters wrongly resulting as approved (bsc#1236771). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Certifications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Certifications-15-SP7-2025-613=1 ## Package List: * Certifications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libopenssl1_1-debuginfo-1.1.1w-150600.5.12.2 * openssl-1_1-1.1.1w-150600.5.12.2 * openssl-1_1-debuginfo-1.1.1w-150600.5.12.2 * libopenssl1_1-1.1.1w-150600.5.12.2 * libopenssl-1_1-devel-1.1.1w-150600.5.12.2 * openssl-1_1-debugsource-1.1.1w-150600.5.12.2 * Certifications Module 15-SP7 (x86_64) * libopenssl-1_1-devel-32bit-1.1.1w-150600.5.12.2 * libopenssl1_1-32bit-1.1.1w-150600.5.12.2 * libopenssl1_1-32bit-debuginfo-1.1.1w-150600.5.12.2 ## References: * https://www.suse.com/security/cve/CVE-2024-13176.html * https://bugzilla.suse.com/show_bug.cgi?id=1236136 * https://bugzilla.suse.com/show_bug.cgi?id=1236771 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 15 16:30:04 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 15 May 2025 16:30:04 -0000 Subject: SUSE-SU-2025:1560-1: low: Security update for rustup Message-ID: <174732660456.18607.12873926503570233001@smelt2.prg2.suse.org> # Security update for rustup Announcement ID: SUSE-SU-2025:1560-1 Release Date: 2025-05-15T12:51:24Z Rating: low References: * bsc#1242617 Cross-References: * CVE-2025-3416 CVSS scores: * CVE-2025-3416 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-3416 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-3416 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.4 An update that solves one vulnerability can now be installed. ## Description: This update for rustup fixes the following issues: * CVE-2025-3416: Fixed use-After-Free in Md::fetch and Cipher::fetch in rust- openssl crate (bsc#1242617) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1560=1 ## Package List: * openSUSE Leap 15.4 (aarch64 x86_64) * rustup-debuginfo-1.26.0~0-150400.3.10.1 * rustup-debugsource-1.26.0~0-150400.3.10.1 * rustup-1.26.0~0-150400.3.10.1 ## References: * https://www.suse.com/security/cve/CVE-2025-3416.html * https://bugzilla.suse.com/show_bug.cgi?id=1242617 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 16 12:30:10 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 16 May 2025 12:30:10 -0000 Subject: SUSE-SU-2025:1565-1: moderate: Security update for open-vm-tools Message-ID: <174739861054.27142.15881321438774400929@smelt2.prg2.suse.org> # Security update for open-vm-tools Announcement ID: SUSE-SU-2025:1565-1 Release Date: 2025-05-16T11:05:16Z Rating: moderate References: * bsc#1237147 * bsc#1241938 * bsc#1243106 Cross-References: * CVE-2025-22247 CVSS scores: * CVE-2025-22247 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-22247 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N * CVE-2025-22247 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N Affected Products: * Basesystem Module 15-SP6 * Containers Module 15-SP6 * Desktop Applications Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability and has two security fixes can now be installed. ## Description: This update for open-vm-tools fixes the following issues: Update to 12.5.2: Security fixes: * CVE-2025-22247: Fixed Insecure file handling (bsc#1243106) Other fixes: * Fixed GCC 15 compile time error (bsc#1241938) * Fix building with containerd 1.7.25+ (bsc#1237147) Full changelog: https://github.com/vmware/open-vm-tools/blob/stable-12.5.2/ReleaseNotes.md https://github.com/vmware/open-vm-tools/blob/stable-12.5.2/open-vm- tools/ChangeLog ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1565=1 openSUSE-SLE-15.6-2025-1565=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1565=1 * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2025-1565=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-1565=1 ## Package List: * openSUSE Leap 15.6 (aarch64 x86_64 i586) * libvmtools0-debuginfo-12.5.2-150600.3.12.1 * open-vm-tools-containerinfo-12.5.2-150600.3.12.1 * open-vm-tools-desktop-12.5.2-150600.3.12.1 * open-vm-tools-12.5.2-150600.3.12.1 * open-vm-tools-debuginfo-12.5.2-150600.3.12.1 * open-vm-tools-desktop-debuginfo-12.5.2-150600.3.12.1 * open-vm-tools-sdmp-12.5.2-150600.3.12.1 * open-vm-tools-sdmp-debuginfo-12.5.2-150600.3.12.1 * open-vm-tools-containerinfo-debuginfo-12.5.2-150600.3.12.1 * open-vm-tools-debugsource-12.5.2-150600.3.12.1 * libvmtools-devel-12.5.2-150600.3.12.1 * libvmtools0-12.5.2-150600.3.12.1 * openSUSE Leap 15.6 (x86_64) * open-vm-tools-salt-minion-12.5.2-150600.3.12.1 * Basesystem Module 15-SP6 (aarch64 x86_64) * libvmtools0-debuginfo-12.5.2-150600.3.12.1 * open-vm-tools-debuginfo-12.5.2-150600.3.12.1 * open-vm-tools-12.5.2-150600.3.12.1 * open-vm-tools-sdmp-12.5.2-150600.3.12.1 * open-vm-tools-sdmp-debuginfo-12.5.2-150600.3.12.1 * open-vm-tools-debugsource-12.5.2-150600.3.12.1 * libvmtools0-12.5.2-150600.3.12.1 * Basesystem Module 15-SP6 (x86_64) * open-vm-tools-salt-minion-12.5.2-150600.3.12.1 * libvmtools-devel-12.5.2-150600.3.12.1 * Containers Module 15-SP6 (aarch64 x86_64) * open-vm-tools-containerinfo-12.5.2-150600.3.12.1 * open-vm-tools-debuginfo-12.5.2-150600.3.12.1 * open-vm-tools-debugsource-12.5.2-150600.3.12.1 * open-vm-tools-containerinfo-debuginfo-12.5.2-150600.3.12.1 * Desktop Applications Module 15-SP6 (aarch64 x86_64) * open-vm-tools-desktop-12.5.2-150600.3.12.1 * open-vm-tools-debugsource-12.5.2-150600.3.12.1 * open-vm-tools-debuginfo-12.5.2-150600.3.12.1 * open-vm-tools-desktop-debuginfo-12.5.2-150600.3.12.1 ## References: * https://www.suse.com/security/cve/CVE-2025-22247.html * https://bugzilla.suse.com/show_bug.cgi?id=1237147 * https://bugzilla.suse.com/show_bug.cgi?id=1241938 * https://bugzilla.suse.com/show_bug.cgi?id=1243106 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 16 12:30:15 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 16 May 2025 12:30:15 -0000 Subject: SUSE-RU-2025:1564-1: moderate: Recommended update for obs-service-kiwi_metainfo_helper Message-ID: <174739861541.27142.1759713996562495460@smelt2.prg2.suse.org> # Recommended update for obs-service-kiwi_metainfo_helper Announcement ID: SUSE-RU-2025:1564-1 Release Date: 2025-05-16T10:29:18Z Rating: moderate References: * bsc#1240886 Affected Products: * openSUSE Leap 15.6 An update that has one fix can now be installed. ## Description: This update for obs-service-kiwi_metainfo_helper fixes the following issues: * add %SOURCEURL_WITH% for proper handling of READMEs * Do the replacements also in the "config.sh" file in Kiwi builds (bsc#1240886) * don't replace %BASE_DIGEST% with empty string when not available ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1564=1 ## Package List: * openSUSE Leap 15.6 (noarch) * obs-service-kiwi_metainfo_helper-0.6-150000.1.27.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1240886 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 16 12:30:21 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 16 May 2025 12:30:21 -0000 Subject: SUSE-RU-2025:1563-1: moderate: Recommended update for libpulp Message-ID: <174739862123.27142.2222478842314206551@smelt2.prg2.suse.org> # Recommended update for libpulp Announcement ID: SUSE-RU-2025:1563-1 Release Date: 2025-05-16T09:34:42Z Rating: moderate References: * bsc#1240031 * bsc#1241897 Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that has two fixes can now be installed. ## Description: This update for libpulp fixes the following issues: Update package with libpulp-0.3.14: * Remove any linking to GLIBC_PRIVATE symbols. Update package with libpulp-0.3.13: * Improve detection of -msplit-patch-nops flag (bsc#1240031). * Allow `trigger` to disable seccomp in target process while livepaching. * Make sure libpulp don't crash when calling libc.so.6 (bsc#1241897) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1563=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1563=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-1563=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-1563=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-1563=1 ## Package List: * openSUSE Leap 15.4 (x86_64) * libpulp-debugsource-0.3.14-150400.3.38.1 * libpulp0-0.3.14-150400.3.38.1 * libpulp-tools-debuginfo-0.3.14-150400.3.38.1 * libpulp-tools-0.3.14-150400.3.38.1 * libpulp0-debuginfo-0.3.14-150400.3.38.1 * libpulp-debuginfo-0.3.14-150400.3.38.1 * openSUSE Leap 15.6 (x86_64) * libpulp-debugsource-0.3.14-150400.3.38.1 * libpulp0-0.3.14-150400.3.38.1 * libpulp-tools-debuginfo-0.3.14-150400.3.38.1 * libpulp-tools-0.3.14-150400.3.38.1 * libpulp0-debuginfo-0.3.14-150400.3.38.1 * libpulp-debuginfo-0.3.14-150400.3.38.1 * SUSE Linux Enterprise Live Patching 15-SP4 (x86_64) * libpulp-debugsource-0.3.14-150400.3.38.1 * libpulp0-0.3.14-150400.3.38.1 * libpulp-tools-debuginfo-0.3.14-150400.3.38.1 * libpulp-tools-0.3.14-150400.3.38.1 * libpulp0-debuginfo-0.3.14-150400.3.38.1 * libpulp-debuginfo-0.3.14-150400.3.38.1 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * libpulp-debugsource-0.3.14-150400.3.38.1 * libpulp0-0.3.14-150400.3.38.1 * libpulp-tools-debuginfo-0.3.14-150400.3.38.1 * libpulp-tools-0.3.14-150400.3.38.1 * libpulp0-debuginfo-0.3.14-150400.3.38.1 * libpulp-debuginfo-0.3.14-150400.3.38.1 * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64) * libpulp-debugsource-0.3.14-150400.3.38.1 * libpulp0-0.3.14-150400.3.38.1 * libpulp-tools-debuginfo-0.3.14-150400.3.38.1 * libpulp-tools-0.3.14-150400.3.38.1 * libpulp0-debuginfo-0.3.14-150400.3.38.1 * libpulp-debuginfo-0.3.14-150400.3.38.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1240031 * https://bugzilla.suse.com/show_bug.cgi?id=1241897 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 16 12:30:24 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 16 May 2025 12:30:24 -0000 Subject: SUSE-OU-2025:1562-1: low: Optional update for llvm17 Message-ID: <174739862439.27142.17064946987735974010@smelt2.prg2.suse.org> # Optional update for llvm17 Announcement ID: SUSE-OU-2025:1562-1 Release Date: 2025-05-16T09:27:52Z Rating: low References: * bsc#1232916 Affected Products: * Basesystem Module 15-SP6 * Development Tools Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that has one fix can now be installed. ## Description: This update for llvm17 fixes the following issue * Add clang17-doc to SLE-Module-Packagehub-Subpackages_15-SP6 (bsc#1232916) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1562=1 openSUSE-SLE-15.6-2025-1562=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1562=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-1562=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-1562=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * llvm17-polly-debuginfo-17.0.6-150600.3.7.1 * clang-tools-debuginfo-17.0.6-150600.3.7.1 * llvm17-gold-debuginfo-17.0.6-150600.3.7.1 * llvm17-debuginfo-17.0.6-150600.3.7.1 * libclang-cpp17-debuginfo-17.0.6-150600.3.7.1 * lld17-17.0.6-150600.3.7.1 * clang17-debuginfo-17.0.6-150600.3.7.1 * clang17-17.0.6-150600.3.7.1 * llvm17-gold-17.0.6-150600.3.7.1 * clang17-devel-17.0.6-150600.3.7.1 * libLTO17-debuginfo-17.0.6-150600.3.7.1 * libLLVM17-debuginfo-17.0.6-150600.3.7.1 * libclang13-17.0.6-150600.3.7.1 * llvm17-polly-devel-17.0.6-150600.3.7.1 * libclang-cpp17-17.0.6-150600.3.7.1 * clang-tools-17.0.6-150600.3.7.1 * llvm17-devel-17.0.6-150600.3.7.1 * libLTO17-17.0.6-150600.3.7.1 * llvm17-devel-debuginfo-17.0.6-150600.3.7.1 * llvm17-17.0.6-150600.3.7.1 * libclang13-debuginfo-17.0.6-150600.3.7.1 * llvm17-polly-17.0.6-150600.3.7.1 * lld17-debuginfo-17.0.6-150600.3.7.1 * libLLVM17-17.0.6-150600.3.7.1 * openSUSE Leap 15.6 (noarch) * llvm17-vim-plugins-17.0.6-150600.3.7.1 * llvm17-doc-17.0.6-150600.3.7.1 * clang17-doc-17.0.6-150600.3.7.1 * llvm17-opt-viewer-17.0.6-150600.3.7.1 * python3-clang17-17.0.6-150600.3.7.1 * openSUSE Leap 15.6 (x86_64) * libclang-cpp17-32bit-debuginfo-17.0.6-150600.3.7.1 * libclang-cpp17-32bit-17.0.6-150600.3.7.1 * libLLVM17-32bit-17.0.6-150600.3.7.1 * libLLVM17-32bit-debuginfo-17.0.6-150600.3.7.1 * openSUSE Leap 15.6 (aarch64 ppc64le x86_64 i586) * libomp17-devel-17.0.6-150600.3.7.1 * libomp17-devel-debuginfo-17.0.6-150600.3.7.1 * openSUSE Leap 15.6 (aarch64 x86_64) * libc++abi-devel-17.0.6-150600.3.7.1 * libc++1-17.0.6-150600.3.7.1 * libc++1-debuginfo-17.0.6-150600.3.7.1 * libc++abi1-debuginfo-17.0.6-150600.3.7.1 * libc++abi1-17.0.6-150600.3.7.1 * libc++-devel-17.0.6-150600.3.7.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * lldb17-debuginfo-17.0.6-150600.3.7.1 * lldb17-devel-17.0.6-150600.3.7.1 * lldb17-17.0.6-150600.3.7.1 * liblldb17-debuginfo-17.0.6-150600.3.7.1 * python3-lldb17-17.0.6-150600.3.7.1 * liblldb17-17.0.6-150600.3.7.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libclang-cpp17-64bit-debuginfo-17.0.6-150600.3.7.1 * libLLVM17-64bit-17.0.6-150600.3.7.1 * libclang-cpp17-64bit-17.0.6-150600.3.7.1 * libLLVM17-64bit-debuginfo-17.0.6-150600.3.7.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libLLVM17-debuginfo-17.0.6-150600.3.7.1 * llvm17-debuginfo-17.0.6-150600.3.7.1 * libLLVM17-17.0.6-150600.3.7.1 * Basesystem Module 15-SP6 (aarch64 x86_64) * libc++abi-devel-17.0.6-150600.3.7.1 * libc++1-17.0.6-150600.3.7.1 * libc++1-debuginfo-17.0.6-150600.3.7.1 * libc++abi1-debuginfo-17.0.6-150600.3.7.1 * libc++abi1-17.0.6-150600.3.7.1 * libc++-devel-17.0.6-150600.3.7.1 * Basesystem Module 15-SP6 (x86_64) * libLLVM17-32bit-17.0.6-150600.3.7.1 * libLLVM17-32bit-debuginfo-17.0.6-150600.3.7.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libLTO17-debuginfo-17.0.6-150600.3.7.1 * llvm17-devel-17.0.6-150600.3.7.1 * llvm17-polly-debuginfo-17.0.6-150600.3.7.1 * llvm17-gold-debuginfo-17.0.6-150600.3.7.1 * llvm17-debuginfo-17.0.6-150600.3.7.1 * libLTO17-17.0.6-150600.3.7.1 * llvm17-devel-debuginfo-17.0.6-150600.3.7.1 * libclang13-17.0.6-150600.3.7.1 * libclang-cpp17-debuginfo-17.0.6-150600.3.7.1 * llvm17-polly-devel-17.0.6-150600.3.7.1 * llvm17-17.0.6-150600.3.7.1 * llvm17-gold-17.0.6-150600.3.7.1 * libclang13-debuginfo-17.0.6-150600.3.7.1 * llvm17-polly-17.0.6-150600.3.7.1 * libclang-cpp17-17.0.6-150600.3.7.1 * Development Tools Module 15-SP6 (aarch64 ppc64le x86_64) * libomp17-devel-17.0.6-150600.3.7.1 * libomp17-devel-debuginfo-17.0.6-150600.3.7.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * llvm17-polly-debuginfo-17.0.6-150600.3.7.1 * clang-tools-debuginfo-17.0.6-150600.3.7.1 * llvm17-gold-debuginfo-17.0.6-150600.3.7.1 * llvm17-debuginfo-17.0.6-150600.3.7.1 * libclang-cpp17-debuginfo-17.0.6-150600.3.7.1 * lld17-17.0.6-150600.3.7.1 * clang17-debuginfo-17.0.6-150600.3.7.1 * clang17-17.0.6-150600.3.7.1 * llvm17-gold-17.0.6-150600.3.7.1 * clang17-devel-17.0.6-150600.3.7.1 * libLTO17-debuginfo-17.0.6-150600.3.7.1 * libclang13-17.0.6-150600.3.7.1 * llvm17-polly-devel-17.0.6-150600.3.7.1 * libclang-cpp17-17.0.6-150600.3.7.1 * clang-tools-17.0.6-150600.3.7.1 * llvm17-devel-17.0.6-150600.3.7.1 * libLTO17-17.0.6-150600.3.7.1 * llvm17-devel-debuginfo-17.0.6-150600.3.7.1 * llvm17-17.0.6-150600.3.7.1 * libclang13-debuginfo-17.0.6-150600.3.7.1 * llvm17-polly-17.0.6-150600.3.7.1 * lld17-debuginfo-17.0.6-150600.3.7.1 * SUSE Package Hub 15 15-SP6 (noarch) * llvm17-vim-plugins-17.0.6-150600.3.7.1 * clang17-doc-17.0.6-150600.3.7.1 * SUSE Package Hub 15 15-SP6 (aarch64 x86_64) * lldb17-17.0.6-150600.3.7.1 * liblldb17-debuginfo-17.0.6-150600.3.7.1 * liblldb17-17.0.6-150600.3.7.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le x86_64) * libomp17-devel-17.0.6-150600.3.7.1 * libomp17-devel-debuginfo-17.0.6-150600.3.7.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1232916 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 16 12:30:27 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 16 May 2025 12:30:27 -0000 Subject: SUSE-OU-2025:1561-1: low: Optional update for libtraceevent Message-ID: <174739862741.27142.10056199388000937573@smelt2.prg2.suse.org> # Optional update for libtraceevent Announcement ID: SUSE-OU-2025:1561-1 Release Date: 2025-05-16T09:27:27Z Rating: low References: * bsc#1240425 Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that has one fix can now be installed. ## Description: This update for libtraceevent fixes the following issue * Add libtraceevent-devel to SLE-Module-Development-Tools_15-SP6 (bsc#1240425) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1561=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1561=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-1561=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * libtraceevent-debuginfo-1.7.3-150500.11.5.1 * libtraceevent1-debuginfo-1.7.3-150500.11.5.1 * libtraceevent-devel-1.7.3-150500.11.5.1 * libtraceevent1-plugins-1.7.3-150500.11.5.1 * libtraceevent1-plugins-debuginfo-1.7.3-150500.11.5.1 * libtraceevent-debugsource-1.7.3-150500.11.5.1 * libtraceevent1-1.7.3-150500.11.5.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libtraceevent-debugsource-1.7.3-150500.11.5.1 * libtraceevent-debuginfo-1.7.3-150500.11.5.1 * libtraceevent1-debuginfo-1.7.3-150500.11.5.1 * libtraceevent1-1.7.3-150500.11.5.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * libtraceevent-debuginfo-1.7.3-150500.11.5.1 * libtraceevent1-debuginfo-1.7.3-150500.11.5.1 * libtraceevent-devel-1.7.3-150500.11.5.1 * libtraceevent1-plugins-1.7.3-150500.11.5.1 * libtraceevent1-plugins-debuginfo-1.7.3-150500.11.5.1 * libtraceevent-debugsource-1.7.3-150500.11.5.1 * libtraceevent1-1.7.3-150500.11.5.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1240425 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 16 20:51:51 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 16 May 2025 20:51:51 -0000 Subject: SUSE-SU-2025:1574-1: important: Security update for the Linux Kernel Message-ID: <174742871190.14447.16503091922941819761@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:1574-1 Release Date: 2025-05-16T18:36:35Z Rating: important References: * bsc#1207034 * bsc#1207878 * bsc#1221980 * bsc#1234931 * bsc#1235433 * bsc#1237984 * bsc#1238512 * bsc#1238747 * bsc#1238865 * bsc#1240210 * bsc#1240308 * bsc#1240835 * bsc#1241280 * bsc#1241371 * bsc#1241404 * bsc#1241405 * bsc#1241407 * bsc#1241408 Cross-References: * CVE-2020-36789 * CVE-2021-47163 * CVE-2021-47668 * CVE-2021-47669 * CVE-2021-47670 * CVE-2022-49111 * CVE-2023-0179 * CVE-2023-53026 * CVE-2023-53033 * CVE-2024-56642 * CVE-2024-56661 * CVE-2025-21726 * CVE-2025-21785 * CVE-2025-21791 * CVE-2025-22004 * CVE-2025-22020 * CVE-2025-22055 CVSS scores: * CVE-2020-36789 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2020-36789 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2020-36789 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47163 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47163 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47668 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2021-47668 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47668 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47669 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2021-47669 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47669 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47670 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2021-47670 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47670 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49111 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49111 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49111 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-0179 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-0179 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-53026 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-53026 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-53033 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56642 ( SUSE ): 7.5 CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56642 ( SUSE ): 7.1 CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56642 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56642 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56661 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56661 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56661 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21726 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21726 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21726 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21785 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21785 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21785 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21791 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21791 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21791 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21791 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22004 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22004 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22020 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22020 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22020 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22055 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22055 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H Affected Products: * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that solves 17 vulnerabilities and has one security fix can now be installed. ## Description: The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2025-21726: padata: avoid UAF for reorder_work (bsc#1238865). * CVE-2025-21785: arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (bsc#1238747). * CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1238512). * CVE-2025-22004: net: atm: fix use after free in lec_send() (bsc#1240835). * CVE-2025-22020: memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove (bsc#1241280). * CVE-2025-22055: net: fix geneve_opt length integer overflow (bsc#1241371). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-1574=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1574=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1574=1 ## Package List: * SUSE Linux Enterprise Micro 5.1 (nosrc x86_64) * kernel-rt-5.3.18-150300.208.1 * SUSE Linux Enterprise Micro 5.1 (x86_64) * kernel-rt-debugsource-5.3.18-150300.208.1 * kernel-rt-debuginfo-5.3.18-150300.208.1 * SUSE Linux Enterprise Micro 5.1 (noarch) * kernel-source-rt-5.3.18-150300.208.1 * SUSE Linux Enterprise Micro 5.2 (nosrc x86_64) * kernel-rt-5.3.18-150300.208.1 * SUSE Linux Enterprise Micro 5.2 (x86_64) * kernel-rt-debugsource-5.3.18-150300.208.1 * kernel-rt-debuginfo-5.3.18-150300.208.1 * SUSE Linux Enterprise Micro 5.2 (noarch) * kernel-source-rt-5.3.18-150300.208.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (nosrc x86_64) * kernel-rt-5.3.18-150300.208.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (x86_64) * kernel-rt-debugsource-5.3.18-150300.208.1 * kernel-rt-debuginfo-5.3.18-150300.208.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch) * kernel-source-rt-5.3.18-150300.208.1 ## References: * https://www.suse.com/security/cve/CVE-2020-36789.html * https://www.suse.com/security/cve/CVE-2021-47163.html * https://www.suse.com/security/cve/CVE-2021-47668.html * https://www.suse.com/security/cve/CVE-2021-47669.html * https://www.suse.com/security/cve/CVE-2021-47670.html * https://www.suse.com/security/cve/CVE-2022-49111.html * https://www.suse.com/security/cve/CVE-2023-0179.html * https://www.suse.com/security/cve/CVE-2023-53026.html * https://www.suse.com/security/cve/CVE-2023-53033.html * https://www.suse.com/security/cve/CVE-2024-56642.html * https://www.suse.com/security/cve/CVE-2024-56661.html * https://www.suse.com/security/cve/CVE-2025-21726.html * https://www.suse.com/security/cve/CVE-2025-21785.html * https://www.suse.com/security/cve/CVE-2025-21791.html * https://www.suse.com/security/cve/CVE-2025-22004.html * https://www.suse.com/security/cve/CVE-2025-22020.html * https://www.suse.com/security/cve/CVE-2025-22055.html * https://bugzilla.suse.com/show_bug.cgi?id=1207034 * https://bugzilla.suse.com/show_bug.cgi?id=1207878 * https://bugzilla.suse.com/show_bug.cgi?id=1221980 * https://bugzilla.suse.com/show_bug.cgi?id=1234931 * https://bugzilla.suse.com/show_bug.cgi?id=1235433 * https://bugzilla.suse.com/show_bug.cgi?id=1237984 * https://bugzilla.suse.com/show_bug.cgi?id=1238512 * https://bugzilla.suse.com/show_bug.cgi?id=1238747 * https://bugzilla.suse.com/show_bug.cgi?id=1238865 * https://bugzilla.suse.com/show_bug.cgi?id=1240210 * https://bugzilla.suse.com/show_bug.cgi?id=1240308 * https://bugzilla.suse.com/show_bug.cgi?id=1240835 * https://bugzilla.suse.com/show_bug.cgi?id=1241280 * https://bugzilla.suse.com/show_bug.cgi?id=1241371 * https://bugzilla.suse.com/show_bug.cgi?id=1241404 * https://bugzilla.suse.com/show_bug.cgi?id=1241405 * https://bugzilla.suse.com/show_bug.cgi?id=1241407 * https://bugzilla.suse.com/show_bug.cgi?id=1241408 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 16 20:52:09 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 16 May 2025 20:52:09 -0000 Subject: SUSE-SU-2025:1573-1: important: Security update for the Linux Kernel Message-ID: <174742872969.14447.15717387042553205975@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:1573-1 Release Date: 2025-05-16T16:32:08Z Rating: important References: * bsc#1201855 * bsc#1230771 * bsc#1238471 * bsc#1238512 * bsc#1238747 * bsc#1238865 * bsc#1239968 * bsc#1240188 * bsc#1240195 * bsc#1240553 * bsc#1240747 * bsc#1240835 * bsc#1241280 * bsc#1241371 * bsc#1241378 * bsc#1241421 * bsc#1241433 * bsc#1241541 Cross-References: * CVE-2021-47671 * CVE-2022-49741 * CVE-2024-46784 * CVE-2025-21726 * CVE-2025-21785 * CVE-2025-21791 * CVE-2025-21812 * CVE-2025-21886 * CVE-2025-22004 * CVE-2025-22020 * CVE-2025-22029 * CVE-2025-22045 * CVE-2025-22055 * CVE-2025-22097 CVSS scores: * CVE-2021-47671 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2021-47671 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47671 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-49741 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49741 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49741 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46784 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46784 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21726 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21726 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21726 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21785 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21785 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21785 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21791 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21791 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21791 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21791 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21812 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21812 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21812 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21886 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22004 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22004 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22020 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22020 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22020 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22029 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22029 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22045 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22045 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22055 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22055 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-22097 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22097 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-22097 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves 14 vulnerabilities and has four security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2025-21726: padata: avoid UAF for reorder_work (bsc#1238865). * CVE-2025-21785: arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (bsc#1238747). * CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1238512). * CVE-2025-21812: ax25: rcu protect dev->ax25_ptr (bsc#1238471). * CVE-2025-22004: net: atm: fix use after free in lec_send() (bsc#1240835). * CVE-2025-22020: memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove (bsc#1241280). * CVE-2025-22029: exec: fix the racy usage of fs_struct->in_exec (bsc#1241378). * CVE-2025-22045: x86/mm: Fix flush_tlb_range() when used for zapping normal PMDs (bsc#1241433). * CVE-2025-22055: net: fix geneve_opt length integer overflow (bsc#1241371). * CVE-2025-22097: drm/vkms: Fix use after free and double free on init error (bsc#1241541). The following non-security bugs were fixed: * scsi: smartpqi: Add ctrl ready timeout module parameter (jsc#PED-1557, bsc#1201855, bsc#1240553). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1573=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1573=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1573=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1573=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.3 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.118.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64) * kernel-rt-debugsource-5.14.21-150400.15.118.1 * kernel-rt-debuginfo-5.14.21-150400.15.118.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * kernel-source-rt-5.14.21-150400.15.118.1 * SUSE Linux Enterprise Micro 5.3 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.118.1 * SUSE Linux Enterprise Micro 5.3 (x86_64) * kernel-rt-debugsource-5.14.21-150400.15.118.1 * kernel-rt-debuginfo-5.14.21-150400.15.118.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * kernel-source-rt-5.14.21-150400.15.118.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.118.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64) * kernel-rt-debugsource-5.14.21-150400.15.118.1 * kernel-rt-debuginfo-5.14.21-150400.15.118.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * kernel-source-rt-5.14.21-150400.15.118.1 * SUSE Linux Enterprise Micro 5.4 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.118.1 * SUSE Linux Enterprise Micro 5.4 (x86_64) * kernel-rt-debugsource-5.14.21-150400.15.118.1 * kernel-rt-debuginfo-5.14.21-150400.15.118.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * kernel-source-rt-5.14.21-150400.15.118.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47671.html * https://www.suse.com/security/cve/CVE-2022-49741.html * https://www.suse.com/security/cve/CVE-2024-46784.html * https://www.suse.com/security/cve/CVE-2025-21726.html * https://www.suse.com/security/cve/CVE-2025-21785.html * https://www.suse.com/security/cve/CVE-2025-21791.html * https://www.suse.com/security/cve/CVE-2025-21812.html * https://www.suse.com/security/cve/CVE-2025-21886.html * https://www.suse.com/security/cve/CVE-2025-22004.html * https://www.suse.com/security/cve/CVE-2025-22020.html * https://www.suse.com/security/cve/CVE-2025-22029.html * https://www.suse.com/security/cve/CVE-2025-22045.html * https://www.suse.com/security/cve/CVE-2025-22055.html * https://www.suse.com/security/cve/CVE-2025-22097.html * https://bugzilla.suse.com/show_bug.cgi?id=1201855 * https://bugzilla.suse.com/show_bug.cgi?id=1230771 * https://bugzilla.suse.com/show_bug.cgi?id=1238471 * https://bugzilla.suse.com/show_bug.cgi?id=1238512 * https://bugzilla.suse.com/show_bug.cgi?id=1238747 * https://bugzilla.suse.com/show_bug.cgi?id=1238865 * https://bugzilla.suse.com/show_bug.cgi?id=1239968 * https://bugzilla.suse.com/show_bug.cgi?id=1240188 * https://bugzilla.suse.com/show_bug.cgi?id=1240195 * https://bugzilla.suse.com/show_bug.cgi?id=1240553 * https://bugzilla.suse.com/show_bug.cgi?id=1240747 * https://bugzilla.suse.com/show_bug.cgi?id=1240835 * https://bugzilla.suse.com/show_bug.cgi?id=1241280 * https://bugzilla.suse.com/show_bug.cgi?id=1241371 * https://bugzilla.suse.com/show_bug.cgi?id=1241378 * https://bugzilla.suse.com/show_bug.cgi?id=1241421 * https://bugzilla.suse.com/show_bug.cgi?id=1241433 * https://bugzilla.suse.com/show_bug.cgi?id=1241541 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 16 20:52:14 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 16 May 2025 20:52:14 -0000 Subject: SUSE-SU-2025:1572-1: moderate: Security update for libraw Message-ID: <174742873413.14447.11019271336750080268@smelt2.prg2.suse.org> # Security update for libraw Announcement ID: SUSE-SU-2025:1572-1 Release Date: 2025-05-16T14:07:16Z Rating: moderate References: * bsc#1241584 * bsc#1241585 * bsc#1241642 * bsc#1241643 Cross-References: * CVE-2025-43961 * CVE-2025-43962 * CVE-2025-43963 * CVE-2025-43964 CVSS scores: * CVE-2025-43961 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-43961 ( SUSE ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-43961 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-43961 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2025-43962 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-43962 ( SUSE ): 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-43962 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2025-43962 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-43963 ( SUSE ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-43963 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2025-43963 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-43964 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-43964 ( SUSE ): 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-43964 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-43964 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * Desktop Applications Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Workstation Extension 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves four vulnerabilities can now be installed. ## Description: This update for libraw fixes the following issues: * CVE-2025-43961: Fixed out-of-bounds read in the Fujifilm 0xf00c tag parser in metadata/tiff.cpp (bsc#1241643) * CVE-2025-43962: Fixed out-of-bounds read when tag 0x412 processing in phase_one_correct function (bsc#1241585) * CVE-2025-43963: Fixed out-of-buffer access during phase_one_correct in decoders/load_mfbacks.cpp (bsc#1241642) * CVE-2025-43964: Fixed tag 0x412 processing in phase_one_correct does not enforce minimum w0 and w1 values (bsc#1241584) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1572=1 openSUSE-SLE-15.6-2025-1572=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-1572=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-1572=1 * SUSE Linux Enterprise Workstation Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2025-1572=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libraw-debugsource-0.21.1-150600.3.5.1 * libraw23-debuginfo-0.21.1-150600.3.5.1 * libraw23-0.21.1-150600.3.5.1 * libraw-devel-static-0.21.1-150600.3.5.1 * libraw-devel-0.21.1-150600.3.5.1 * libraw-tools-0.21.1-150600.3.5.1 * libraw-tools-debuginfo-0.21.1-150600.3.5.1 * openSUSE Leap 15.6 (x86_64) * libraw23-32bit-0.21.1-150600.3.5.1 * libraw23-32bit-debuginfo-0.21.1-150600.3.5.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libraw23-64bit-0.21.1-150600.3.5.1 * libraw23-64bit-debuginfo-0.21.1-150600.3.5.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libraw-debugsource-0.21.1-150600.3.5.1 * libraw23-0.21.1-150600.3.5.1 * libraw23-debuginfo-0.21.1-150600.3.5.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x) * libraw-debugsource-0.21.1-150600.3.5.1 * libraw-devel-static-0.21.1-150600.3.5.1 * libraw-devel-0.21.1-150600.3.5.1 * libraw-tools-0.21.1-150600.3.5.1 * libraw-tools-debuginfo-0.21.1-150600.3.5.1 * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64) * libraw-debugsource-0.21.1-150600.3.5.1 * libraw-devel-0.21.1-150600.3.5.1 ## References: * https://www.suse.com/security/cve/CVE-2025-43961.html * https://www.suse.com/security/cve/CVE-2025-43962.html * https://www.suse.com/security/cve/CVE-2025-43963.html * https://www.suse.com/security/cve/CVE-2025-43964.html * https://bugzilla.suse.com/show_bug.cgi?id=1241584 * https://bugzilla.suse.com/show_bug.cgi?id=1241585 * https://bugzilla.suse.com/show_bug.cgi?id=1241642 * https://bugzilla.suse.com/show_bug.cgi?id=1241643 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 16 20:52:16 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 16 May 2025 20:52:16 -0000 Subject: SUSE-SU-2025:1571-1: moderate: Security update for gimp Message-ID: <174742873673.14447.9137068082666824203@smelt2.prg2.suse.org> # Security update for gimp Announcement ID: SUSE-SU-2025:1571-1 Release Date: 2025-05-16T13:49:04Z Rating: moderate References: * bsc#1241691 Cross-References: * CVE-2025-2761 CVSS scores: * CVE-2025-2761 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H * CVE-2025-2761 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Workstation Extension 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves one vulnerability can now be installed. ## Description: This update for gimp fixes the following issues: * CVE-2025-2761: unvalidated user input in FLI file parsing may lead to an out-of-bounds write (bsc#1241691). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1571=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1571=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-1571=1 * SUSE Linux Enterprise Workstation Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2025-1571=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libgimpui-2_0-0-2.10.30-150400.3.14.1 * gimp-devel-2.10.30-150400.3.14.1 * gimp-2.10.30-150400.3.14.1 * libgimp-2_0-0-2.10.30-150400.3.14.1 * gimp-plugin-aa-2.10.30-150400.3.14.1 * gimp-plugin-aa-debuginfo-2.10.30-150400.3.14.1 * libgimpui-2_0-0-debuginfo-2.10.30-150400.3.14.1 * gimp-debuginfo-2.10.30-150400.3.14.1 * libgimp-2_0-0-debuginfo-2.10.30-150400.3.14.1 * gimp-debugsource-2.10.30-150400.3.14.1 * gimp-devel-debuginfo-2.10.30-150400.3.14.1 * openSUSE Leap 15.4 (noarch) * gimp-lang-2.10.30-150400.3.14.1 * openSUSE Leap 15.4 (x86_64) * libgimp-2_0-0-32bit-2.10.30-150400.3.14.1 * libgimpui-2_0-0-32bit-debuginfo-2.10.30-150400.3.14.1 * libgimpui-2_0-0-32bit-2.10.30-150400.3.14.1 * libgimp-2_0-0-32bit-debuginfo-2.10.30-150400.3.14.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libgimp-2_0-0-64bit-debuginfo-2.10.30-150400.3.14.1 * libgimpui-2_0-0-64bit-2.10.30-150400.3.14.1 * libgimp-2_0-0-64bit-2.10.30-150400.3.14.1 * libgimpui-2_0-0-64bit-debuginfo-2.10.30-150400.3.14.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * libgimpui-2_0-0-2.10.30-150400.3.14.1 * gimp-devel-2.10.30-150400.3.14.1 * gimp-2.10.30-150400.3.14.1 * libgimp-2_0-0-2.10.30-150400.3.14.1 * gimp-plugin-aa-2.10.30-150400.3.14.1 * gimp-plugin-aa-debuginfo-2.10.30-150400.3.14.1 * libgimpui-2_0-0-debuginfo-2.10.30-150400.3.14.1 * gimp-debuginfo-2.10.30-150400.3.14.1 * libgimp-2_0-0-debuginfo-2.10.30-150400.3.14.1 * gimp-debugsource-2.10.30-150400.3.14.1 * gimp-devel-debuginfo-2.10.30-150400.3.14.1 * openSUSE Leap 15.6 (noarch) * gimp-lang-2.10.30-150400.3.14.1 * openSUSE Leap 15.6 (x86_64) * libgimp-2_0-0-32bit-2.10.30-150400.3.14.1 * libgimpui-2_0-0-32bit-debuginfo-2.10.30-150400.3.14.1 * libgimpui-2_0-0-32bit-2.10.30-150400.3.14.1 * libgimp-2_0-0-32bit-debuginfo-2.10.30-150400.3.14.1 * SUSE Package Hub 15 15-SP6 (aarch64) * gimp-devel-2.10.30-150400.3.14.1 * gimp-2.10.30-150400.3.14.1 * gimp-plugin-aa-2.10.30-150400.3.14.1 * gimp-plugin-aa-debuginfo-2.10.30-150400.3.14.1 * gimp-devel-debuginfo-2.10.30-150400.3.14.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x) * gimp-debuginfo-2.10.30-150400.3.14.1 * libgimpui-2_0-0-2.10.30-150400.3.14.1 * libgimp-2_0-0-2.10.30-150400.3.14.1 * libgimpui-2_0-0-debuginfo-2.10.30-150400.3.14.1 * libgimp-2_0-0-debuginfo-2.10.30-150400.3.14.1 * gimp-debugsource-2.10.30-150400.3.14.1 * SUSE Package Hub 15 15-SP6 (noarch) * gimp-lang-2.10.30-150400.3.14.1 * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64) * libgimpui-2_0-0-2.10.30-150400.3.14.1 * gimp-devel-2.10.30-150400.3.14.1 * gimp-2.10.30-150400.3.14.1 * libgimp-2_0-0-2.10.30-150400.3.14.1 * libgimpui-2_0-0-debuginfo-2.10.30-150400.3.14.1 * gimp-debuginfo-2.10.30-150400.3.14.1 * libgimp-2_0-0-debuginfo-2.10.30-150400.3.14.1 * gimp-debugsource-2.10.30-150400.3.14.1 * gimp-devel-debuginfo-2.10.30-150400.3.14.1 * SUSE Linux Enterprise Workstation Extension 15 SP6 (noarch) * gimp-lang-2.10.30-150400.3.14.1 ## References: * https://www.suse.com/security/cve/CVE-2025-2761.html * https://bugzilla.suse.com/show_bug.cgi?id=1241691 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 16 20:52:19 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 16 May 2025 20:52:19 -0000 Subject: SUSE-SU-2025:1570-1: low: Security update for cargo-c Message-ID: <174742873916.14447.4020172794769363916@smelt2.prg2.suse.org> # Security update for cargo-c Announcement ID: SUSE-SU-2025:1570-1 Release Date: 2025-05-16T13:44:06Z Rating: low References: * bsc#1242675 Cross-References: * CVE-2025-3416 CVSS scores: * CVE-2025-3416 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-3416 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-3416 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.6 An update that solves one vulnerability can now be installed. ## Description: This update for cargo-c fixes the following issues: * CVE-2025-3416: use-after-free in Md::fetch and Cipher::fetch of rust-openssl crate (bsc#1242675). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1570=1 openSUSE-SLE-15.6-2025-1570=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * cargo-c-0.10.3~git0.ee7d7ef-150600.3.6.1 * cargo-c-debuginfo-0.10.3~git0.ee7d7ef-150600.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2025-3416.html * https://bugzilla.suse.com/show_bug.cgi?id=1242675 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 16 20:52:24 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 16 May 2025 20:52:24 -0000 Subject: SUSE-SU-2025:1569-1: moderate: Security update for libraw Message-ID: <174742874458.14447.10123659958696567863@smelt2.prg2.suse.org> # Security update for libraw Announcement ID: SUSE-SU-2025:1569-1 Release Date: 2025-05-16T13:43:41Z Rating: moderate References: * bsc#1241584 * bsc#1241585 * bsc#1241642 * bsc#1241643 Cross-References: * CVE-2025-43961 * CVE-2025-43962 * CVE-2025-43963 * CVE-2025-43964 CVSS scores: * CVE-2025-43961 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-43961 ( SUSE ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-43961 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-43961 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2025-43962 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-43962 ( SUSE ): 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-43962 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2025-43962 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-43963 ( SUSE ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-43963 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2025-43963 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-43964 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-43964 ( SUSE ): 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-43964 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-43964 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Workstation Extension 15 SP6 An update that solves four vulnerabilities can now be installed. ## Description: This update for libraw fixes the following issues: * CVE-2025-43961: Fixed out-of-bounds read in the Fujifilm 0xf00c tag parser in metadata/tiff.cpp (bsc#1241643) * CVE-2025-43962: Fixed out-of-bounds read when tag 0x412 processing in phase_one_correct function (bsc#1241585) * CVE-2025-43963: Fixed out-of-buffer access during phase_one_correct in decoders/load_mfbacks.cpp (bsc#1241642) * CVE-2025-43964: Fixed tag 0x412 processing in phase_one_correct does not enforce minimum w0 and w1 values (bsc#1241584) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Workstation Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2025-1569=1 ## Package List: * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64) * libraw16-0.18.9-150000.3.30.1 * libraw-debuginfo-0.18.9-150000.3.30.1 * libraw-debugsource-0.18.9-150000.3.30.1 * libraw16-debuginfo-0.18.9-150000.3.30.1 ## References: * https://www.suse.com/security/cve/CVE-2025-43961.html * https://www.suse.com/security/cve/CVE-2025-43962.html * https://www.suse.com/security/cve/CVE-2025-43963.html * https://www.suse.com/security/cve/CVE-2025-43964.html * https://bugzilla.suse.com/show_bug.cgi?id=1241584 * https://bugzilla.suse.com/show_bug.cgi?id=1241585 * https://bugzilla.suse.com/show_bug.cgi?id=1241642 * https://bugzilla.suse.com/show_bug.cgi?id=1241643 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 16 20:52:29 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 16 May 2025 20:52:29 -0000 Subject: SUSE-SU-2025:1568-1: moderate: Security update for libraw Message-ID: <174742874984.14447.179658874056354502@smelt2.prg2.suse.org> # Security update for libraw Announcement ID: SUSE-SU-2025:1568-1 Release Date: 2025-05-16T13:42:53Z Rating: moderate References: * bsc#1241584 * bsc#1241585 * bsc#1241642 * bsc#1241643 Cross-References: * CVE-2025-43961 * CVE-2025-43962 * CVE-2025-43963 * CVE-2025-43964 CVSS scores: * CVE-2025-43961 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-43961 ( SUSE ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-43961 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-43961 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2025-43962 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-43962 ( SUSE ): 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-43962 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2025-43962 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-43963 ( SUSE ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-43963 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2025-43963 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-43964 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-43964 ( SUSE ): 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-43964 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-43964 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 An update that solves four vulnerabilities can now be installed. ## Description: This update for libraw fixes the following issues: * CVE-2025-43961: Fixed out-of-bounds read in the Fujifilm 0xf00c tag parser in metadata/tiff.cpp (bsc#1241643) * CVE-2025-43962: Fixed out-of-bounds read when tag 0x412 processing in phase_one_correct function (bsc#1241585) * CVE-2025-43963: Fixed out-of-buffer access during phase_one_correct in decoders/load_mfbacks.cpp (bsc#1241642) * CVE-2025-43964: Fixed tag 0x412 processing in phase_one_correct does not enforce minimum w0 and w1 values (bsc#1241584) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1568=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libraw-tools-0.20.2-150400.3.16.1 * libraw-devel-static-0.20.2-150400.3.16.1 * libraw20-0.20.2-150400.3.16.1 * libraw-debugsource-0.20.2-150400.3.16.1 * libraw-tools-debuginfo-0.20.2-150400.3.16.1 * libraw-devel-0.20.2-150400.3.16.1 * libraw20-debuginfo-0.20.2-150400.3.16.1 * openSUSE Leap 15.4 (x86_64) * libraw20-32bit-debuginfo-0.20.2-150400.3.16.1 * libraw20-32bit-0.20.2-150400.3.16.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libraw20-64bit-debuginfo-0.20.2-150400.3.16.1 * libraw20-64bit-0.20.2-150400.3.16.1 ## References: * https://www.suse.com/security/cve/CVE-2025-43961.html * https://www.suse.com/security/cve/CVE-2025-43962.html * https://www.suse.com/security/cve/CVE-2025-43963.html * https://www.suse.com/security/cve/CVE-2025-43964.html * https://bugzilla.suse.com/show_bug.cgi?id=1241584 * https://bugzilla.suse.com/show_bug.cgi?id=1241585 * https://bugzilla.suse.com/show_bug.cgi?id=1241642 * https://bugzilla.suse.com/show_bug.cgi?id=1241643 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 16 20:52:32 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 16 May 2025 20:52:32 -0000 Subject: SUSE-SU-2025:1567-1: moderate: Security update for microcode_ctl Message-ID: <174742875218.14447.18040549479088571906@smelt2.prg2.suse.org> # Security update for microcode_ctl Announcement ID: SUSE-SU-2025:1567-1 Release Date: 2025-05-16T13:38:05Z Rating: moderate References: * bsc#1243123 Cross-References: * CVE-2024-28956 * CVE-2024-43420 * CVE-2024-45332 * CVE-2025-20012 * CVE-2025-20054 * CVE-2025-20103 * CVE-2025-20623 * CVE-2025-24495 CVSS scores: * CVE-2024-28956 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-28956 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-28956 ( NVD ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-28956 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-43420 ( NVD ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-43420 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-45332 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-45332 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-45332 ( NVD ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-45332 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2025-20012 ( SUSE ): 4.1 CVSS:4.0/AV:P/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-20012 ( SUSE ): 4.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N * CVE-2025-20012 ( NVD ): 4.1 CVSS:4.0/AV:P/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-20012 ( NVD ): 4.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N * CVE-2025-20054 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-20054 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2025-20103 ( NVD ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-20103 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2025-20623 ( NVD ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-20623 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2025-24495 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2025-24495 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2025-24495 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-24495 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise Server 11 SP4 * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE An update that solves eight vulnerabilities can now be installed. ## Description: This update for microcode_ctl fixes the following issues: Intel CPU Microcode was updated to the 20250512 release (bsc#1243123) * CVE-2024-28956: Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel Processors may allow an authenticated user to potentially enable information disclosure via local access. * CVE-2025-20103: Insufficient resource pool in the core management mechanism for some Intel Processors may allow an authenticated user to potentially enable denial of service via local access. * CVE-2025-20054: Uncaught exception in the core management mechanism for some Intel Processors may allow an authenticated user to potentially enable denial of service via local access. * CVE-2024-43420: Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some Intel Atom processors may allow an authenticated user to potentially enable information disclosure via local access. * CVE-2025-20623: Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some Intel Core processors (10th Generation) may allow an authenticated user to potentially enable information disclosure via local access. * CVE-2024-45332: Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution in the indirect branch predictors for some Intel Processors may allow an authenticated user to potentially enable information disclosure via local access. * CVE-2025-24495: Incorrect initialization of resource in the branch prediction unit for some Intel Core Ultra Processors may allow an authenticated user to potentially enable information disclosure via local access. * CVE-2025-20012: Incorrect behavior order for some Intel Core Ultra Processors may allow an unauthenticated user to potentially enable information disclosure via physical access. * Updates for functional issues. * New Platforms | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- | ARL-U | A1 | 06-b5-00/80 | | 0000000a | Core Ultra Processor (Series2) | ARL-S/HX (8P) | B0 | 06-c6-02/82 | | 00000118 | Core Ultra Processor (Series2) | ARL-H | A1 | 06-c5-02/82 | | 00000118 | Core Ultra Processor (Series2) | GNR- AP/SP | B0 | 06-ad-01/95 | | 010003a2 | Xeon Scalable Gen6 | GNR-AP/SP | H0 | 06-ad-01/20 | | 0a0000d1 | Xeon Scalable Gen6 | LNL | B0 | 06-bd-01/80 | | 0000011f | Core Ultra 200 V Series Processor * Updated Platforms | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- | ADL | C0 | 06-97-02/07 | 00000038 | 0000003a | Core Gen12 | ADL | H0 | 06-97-05/07 | 00000038 | 0000003a | Core Gen12 | ADL | L0 | 06-9a-03/80 | 00000436 | 00000437 | Core Gen12 | ADL | R0 | 06-9a-04/80 | 00000436 | 00000437 | Core Gen12 | ADL-N | N0 | 06-be-00/19 | 0000001c | 0000001d | Core i3-N305/N300, N50/N97/N100/N200, Atom x7211E/x7213E/x7425E | AML-Y42 | V0 | 06-8e-0c/94 | 000000fc | 00000100 | Core Gen10 Mobile | AZB | A0/R0 | 06-9a-04/40 | 00000009 | 0000000a | Intel(R) Atom(R) C1100 | CFL-H | R0 | 06-9e-0d/22 | 00000102 | 00000104 | Core Gen9 Mobile | CLX-SP | B1 | 06-55-07/bf | 05003707 | 05003901 | Xeon Scalable Gen2 | CML-H | R1 | 06-a5-02/20 | 000000fc | 00000100 | Core Gen10 Mobile | CML-S102 | Q0 | 06-a5-05/22 | 000000fc | 00000100 | Core Gen10 | CML-S62 | G1 | 06-a5-03/22 | 000000fc | 00000100 | Core Gen10 | CML-U42 | V0 | 06-8e-0c/94 | 000000fc | 00000100 | Core Gen10 Mobile | CML-U62 V1 | A0 | 06-a6-00/80 | 000000fe | 00000102 | Core Gen10 Mobile | CML-U62 V2 | K1 | 06-a6-01/80 | 000000fc | 00000100 | Core Gen10 Mobile | CML-Y42 | V0 | 06-8e-0c/94 | 000000fc | 00000100 | Core Gen10 Mobile | CPX-SP | A1 | 06-55-0b/bf | 07002904 | 07002b01 | Xeon Scalable Gen3 | EMR-SP | A1 | 06-cf-02/87 | 21000291 | 210002a9 | Xeon Scalable Gen5 | GLK-R | R0 | 06-7a-08/01 | 00000024 | 00000026 | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120 | ICL-D | B0 | 06-6c-01/10 | 010002c0 | 010002d0 | Xeon D-17xx, D-27xx | ICL-U/Y | D1 | 06-7e-05/80 | 000000c6 | 000000ca | Core Gen10 Mobile | ICX-SP | Dx/M1 | 06-6a-06/87 | 0d0003f5 | 0d000404 | Xeon Scalable Gen3 | MTL | C0 | 06-aa-04/e6 | 00000020 | 00000024 | Core Ultra Processor | RKL-S | B0 | 06-a7-01/02 | 00000063 | 00000064 | Core Gen11 | RPL-E/HX/S | B0 | 06-b7-01/32 | 0000012c | 0000012f | Core Gen13/Gen14 | RPL-H/P/PX 6+8 | J0 | 06-ba-02/e0 | 00004124 | 00004128 | Core Gen13 | RPL-HX/S | C0 | 06-bf-02/07 | 00000038 | 0000003a | Core Gen13/Gen14 | RPL-S | H0 | 06-bf-05/07 | 00000038 | 0000003a | Core Gen13/Gen14 | RPL-U 2+8 | Q0 | 06-ba-03/e0 | 00004124 | 00004128 | Core Gen13 | SPR-HBM | Bx | 06-8f-08/10 | 2c0003e0 | 2c0003f7 | Xeon Max | SPR-SP | E4/S2 | 06-8f-07/87 | 2b000620 | 2b000639 | Xeon Scalable Gen4 | SPR-SP | E5/S3 | 06-8f-08/87 | 2b000620 | 2b000639 | Xeon Scalable Gen4 | SRF-SP | C0 | 06-af-03/01 | 03000330 | 03000341 | Xeon 6700-Series Processors with E-Cores | TGL | B0/B1 | 06-8c-01/80 | 000000b8 | 000000bc | Core Gen11 Mobile | TGL-H | R0 | 06-8d-01/c2 | 00000052 | 00000056 | Core Gen11 Mobile | TGL-R | C0 | 06-8c-02/c2 | 00000038 | 0000003c | Core Gen11 Mobile | TWL | N0 | 06-be-00/19 | 0000001c | 0000001d | Core i3-N305/N300, N50/N97/N100/N200, Atom x7211E/x7213E/x7425E | WHL-U | V0 | 06-8e-0c/94 | 000000fc | 00000100 | Core Gen8 Mobile ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE zypper in -t patch SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2025-1567=1 * SUSE Linux Enterprise Server 11 SP4 zypper in -t patch SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2025-1567=1 ## Package List: * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE (x86_64) * microcode_ctl-1.17-102.83.84.1 * SUSE Linux Enterprise Server 11 SP4 (x86_64) * microcode_ctl-1.17-102.83.84.1 ## References: * https://www.suse.com/security/cve/CVE-2024-28956.html * https://www.suse.com/security/cve/CVE-2024-43420.html * https://www.suse.com/security/cve/CVE-2024-45332.html * https://www.suse.com/security/cve/CVE-2025-20012.html * https://www.suse.com/security/cve/CVE-2025-20054.html * https://www.suse.com/security/cve/CVE-2025-20103.html * https://www.suse.com/security/cve/CVE-2025-20623.html * https://www.suse.com/security/cve/CVE-2025-24495.html * https://bugzilla.suse.com/show_bug.cgi?id=1243123 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 16 20:52:36 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 16 May 2025 20:52:36 -0000 Subject: SUSE-SU-2025:1566-1: important: Security update for valkey Message-ID: <174742875698.14447.15064894096269344809@smelt2.prg2.suse.org> # Security update for valkey Announcement ID: SUSE-SU-2025:1566-1 Release Date: 2025-05-16T12:02:19Z Rating: important References: * bsc#1241708 Cross-References: * CVE-2025-21605 CVSS scores: * CVE-2025-21605 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21605 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21605 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for valkey fixes the following issues: * CVE-2025-21605: Fixed output buffer denial of service (bsc#1241708) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1566=1 openSUSE-SLE-15.6-2025-1566=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-1566=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * valkey-debugsource-8.0.2-150600.13.6.1 * valkey-devel-8.0.2-150600.13.6.1 * valkey-8.0.2-150600.13.6.1 * valkey-debuginfo-8.0.2-150600.13.6.1 * openSUSE Leap 15.6 (noarch) * valkey-compat-redis-8.0.2-150600.13.6.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * valkey-debugsource-8.0.2-150600.13.6.1 * valkey-devel-8.0.2-150600.13.6.1 * valkey-8.0.2-150600.13.6.1 * valkey-debuginfo-8.0.2-150600.13.6.1 * Server Applications Module 15-SP6 (noarch) * valkey-compat-redis-8.0.2-150600.13.6.1 ## References: * https://www.suse.com/security/cve/CVE-2025-21605.html * https://bugzilla.suse.com/show_bug.cgi?id=1241708 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 19 08:30:16 2025 From: null at suse.de (SLE-UPDATES) Date: Mon, 19 May 2025 08:30:16 -0000 Subject: SUSE-SU-2025:1576-1: moderate: Security update for openssh Message-ID: <174764341607.14447.9782375611801532321@smelt2.prg2.suse.org> # Security update for openssh Announcement ID: SUSE-SU-2025:1576-1 Release Date: 2025-05-19T04:49:29Z Rating: moderate References: * bsc#1228634 * bsc#1232533 * bsc#1241012 * bsc#1241045 Cross-References: * CVE-2025-32728 CVSS scores: * CVE-2025-32728 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N * CVE-2025-32728 ( SUSE ): 4.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N * CVE-2025-32728 ( NVD ): 4.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability and has three security fixes can now be installed. ## Description: This update for openssh fixes the following issues: * Security issues fixed: * CVE-2025-32728: Fixed a logic error in DisableForwarding option (bsc#1241012) * Other bugs fixed: * Allow KEX hashes greater than 256 bits (bsc#1241045) * Fixed hostname being left out of the audit output (bsc#1228634) * Fixed failures with very large MOTDs (bsc#1232533) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-1576=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1576=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1576=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1576=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1576=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-1576=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1576=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1576=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1576=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1576=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1576=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1576=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1576=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1576=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1576=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1576=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1576=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-1576=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-1576=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-1576=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1576=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-1576=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1576=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1576=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * openssh-server-debuginfo-8.4p1-150300.3.49.1 * openssh-helpers-8.4p1-150300.3.49.1 * openssh-clients-8.4p1-150300.3.49.1 * openssh-debuginfo-8.4p1-150300.3.49.1 * openssh-8.4p1-150300.3.49.1 * openssh-common-8.4p1-150300.3.49.1 * openssh-askpass-gnome-debugsource-8.4p1-150300.3.49.1 * openssh-cavs-8.4p1-150300.3.49.1 * openssh-askpass-gnome-8.4p1-150300.3.49.1 * openssh-common-debuginfo-8.4p1-150300.3.49.1 * openssh-debugsource-8.4p1-150300.3.49.1 * openssh-cavs-debuginfo-8.4p1-150300.3.49.1 * openssh-fips-8.4p1-150300.3.49.1 * openssh-helpers-debuginfo-8.4p1-150300.3.49.1 * openssh-server-8.4p1-150300.3.49.1 * openssh-askpass-gnome-debuginfo-8.4p1-150300.3.49.1 * openssh-clients-debuginfo-8.4p1-150300.3.49.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * openssh-server-debuginfo-8.4p1-150300.3.49.1 * openssh-clients-8.4p1-150300.3.49.1 * openssh-debuginfo-8.4p1-150300.3.49.1 * openssh-8.4p1-150300.3.49.1 * openssh-common-8.4p1-150300.3.49.1 * openssh-common-debuginfo-8.4p1-150300.3.49.1 * openssh-debugsource-8.4p1-150300.3.49.1 * openssh-fips-8.4p1-150300.3.49.1 * openssh-server-8.4p1-150300.3.49.1 * openssh-clients-debuginfo-8.4p1-150300.3.49.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * openssh-server-debuginfo-8.4p1-150300.3.49.1 * openssh-clients-8.4p1-150300.3.49.1 * openssh-debuginfo-8.4p1-150300.3.49.1 * openssh-8.4p1-150300.3.49.1 * openssh-common-8.4p1-150300.3.49.1 * openssh-common-debuginfo-8.4p1-150300.3.49.1 * openssh-debugsource-8.4p1-150300.3.49.1 * openssh-fips-8.4p1-150300.3.49.1 * openssh-server-8.4p1-150300.3.49.1 * openssh-clients-debuginfo-8.4p1-150300.3.49.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * openssh-server-debuginfo-8.4p1-150300.3.49.1 * openssh-clients-8.4p1-150300.3.49.1 * openssh-debuginfo-8.4p1-150300.3.49.1 * openssh-8.4p1-150300.3.49.1 * openssh-common-8.4p1-150300.3.49.1 * openssh-common-debuginfo-8.4p1-150300.3.49.1 * openssh-debugsource-8.4p1-150300.3.49.1 * openssh-fips-8.4p1-150300.3.49.1 * openssh-server-8.4p1-150300.3.49.1 * openssh-clients-debuginfo-8.4p1-150300.3.49.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * openssh-server-debuginfo-8.4p1-150300.3.49.1 * openssh-clients-8.4p1-150300.3.49.1 * openssh-debuginfo-8.4p1-150300.3.49.1 * openssh-8.4p1-150300.3.49.1 * openssh-common-8.4p1-150300.3.49.1 * openssh-common-debuginfo-8.4p1-150300.3.49.1 * openssh-debugsource-8.4p1-150300.3.49.1 * openssh-fips-8.4p1-150300.3.49.1 * openssh-server-8.4p1-150300.3.49.1 * openssh-clients-debuginfo-8.4p1-150300.3.49.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * openssh-server-debuginfo-8.4p1-150300.3.49.1 * openssh-clients-8.4p1-150300.3.49.1 * openssh-debuginfo-8.4p1-150300.3.49.1 * openssh-8.4p1-150300.3.49.1 * openssh-common-8.4p1-150300.3.49.1 * openssh-common-debuginfo-8.4p1-150300.3.49.1 * openssh-debugsource-8.4p1-150300.3.49.1 * openssh-fips-8.4p1-150300.3.49.1 * openssh-server-8.4p1-150300.3.49.1 * openssh-clients-debuginfo-8.4p1-150300.3.49.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * openssh-server-debuginfo-8.4p1-150300.3.49.1 * openssh-helpers-8.4p1-150300.3.49.1 * openssh-clients-8.4p1-150300.3.49.1 * openssh-debuginfo-8.4p1-150300.3.49.1 * openssh-8.4p1-150300.3.49.1 * openssh-common-8.4p1-150300.3.49.1 * openssh-askpass-gnome-debugsource-8.4p1-150300.3.49.1 * openssh-common-debuginfo-8.4p1-150300.3.49.1 * openssh-askpass-gnome-8.4p1-150300.3.49.1 * openssh-debugsource-8.4p1-150300.3.49.1 * openssh-fips-8.4p1-150300.3.49.1 * openssh-server-8.4p1-150300.3.49.1 * openssh-helpers-debuginfo-8.4p1-150300.3.49.1 * openssh-askpass-gnome-debuginfo-8.4p1-150300.3.49.1 * openssh-clients-debuginfo-8.4p1-150300.3.49.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * openssh-server-debuginfo-8.4p1-150300.3.49.1 * openssh-helpers-8.4p1-150300.3.49.1 * openssh-clients-8.4p1-150300.3.49.1 * openssh-debuginfo-8.4p1-150300.3.49.1 * openssh-8.4p1-150300.3.49.1 * openssh-common-8.4p1-150300.3.49.1 * openssh-askpass-gnome-debugsource-8.4p1-150300.3.49.1 * openssh-common-debuginfo-8.4p1-150300.3.49.1 * openssh-askpass-gnome-8.4p1-150300.3.49.1 * openssh-debugsource-8.4p1-150300.3.49.1 * openssh-fips-8.4p1-150300.3.49.1 * openssh-server-8.4p1-150300.3.49.1 * openssh-helpers-debuginfo-8.4p1-150300.3.49.1 * openssh-askpass-gnome-debuginfo-8.4p1-150300.3.49.1 * openssh-clients-debuginfo-8.4p1-150300.3.49.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * openssh-server-debuginfo-8.4p1-150300.3.49.1 * openssh-helpers-8.4p1-150300.3.49.1 * openssh-clients-8.4p1-150300.3.49.1 * openssh-debuginfo-8.4p1-150300.3.49.1 * openssh-8.4p1-150300.3.49.1 * openssh-common-8.4p1-150300.3.49.1 * openssh-askpass-gnome-debugsource-8.4p1-150300.3.49.1 * openssh-common-debuginfo-8.4p1-150300.3.49.1 * openssh-askpass-gnome-8.4p1-150300.3.49.1 * openssh-debugsource-8.4p1-150300.3.49.1 * openssh-fips-8.4p1-150300.3.49.1 * openssh-server-8.4p1-150300.3.49.1 * openssh-helpers-debuginfo-8.4p1-150300.3.49.1 * openssh-askpass-gnome-debuginfo-8.4p1-150300.3.49.1 * openssh-clients-debuginfo-8.4p1-150300.3.49.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * openssh-server-debuginfo-8.4p1-150300.3.49.1 * openssh-helpers-8.4p1-150300.3.49.1 * openssh-clients-8.4p1-150300.3.49.1 * openssh-debuginfo-8.4p1-150300.3.49.1 * openssh-8.4p1-150300.3.49.1 * openssh-common-8.4p1-150300.3.49.1 * openssh-askpass-gnome-debugsource-8.4p1-150300.3.49.1 * openssh-common-debuginfo-8.4p1-150300.3.49.1 * openssh-askpass-gnome-8.4p1-150300.3.49.1 * openssh-debugsource-8.4p1-150300.3.49.1 * openssh-fips-8.4p1-150300.3.49.1 * openssh-server-8.4p1-150300.3.49.1 * openssh-helpers-debuginfo-8.4p1-150300.3.49.1 * openssh-askpass-gnome-debuginfo-8.4p1-150300.3.49.1 * openssh-clients-debuginfo-8.4p1-150300.3.49.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * openssh-server-debuginfo-8.4p1-150300.3.49.1 * openssh-helpers-8.4p1-150300.3.49.1 * openssh-clients-8.4p1-150300.3.49.1 * openssh-debuginfo-8.4p1-150300.3.49.1 * openssh-8.4p1-150300.3.49.1 * openssh-common-8.4p1-150300.3.49.1 * openssh-askpass-gnome-debugsource-8.4p1-150300.3.49.1 * openssh-common-debuginfo-8.4p1-150300.3.49.1 * openssh-askpass-gnome-8.4p1-150300.3.49.1 * openssh-debugsource-8.4p1-150300.3.49.1 * openssh-fips-8.4p1-150300.3.49.1 * openssh-server-8.4p1-150300.3.49.1 * openssh-helpers-debuginfo-8.4p1-150300.3.49.1 * openssh-askpass-gnome-debuginfo-8.4p1-150300.3.49.1 * openssh-clients-debuginfo-8.4p1-150300.3.49.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * openssh-server-debuginfo-8.4p1-150300.3.49.1 * openssh-helpers-8.4p1-150300.3.49.1 * openssh-clients-8.4p1-150300.3.49.1 * openssh-debuginfo-8.4p1-150300.3.49.1 * openssh-8.4p1-150300.3.49.1 * openssh-common-8.4p1-150300.3.49.1 * openssh-askpass-gnome-debugsource-8.4p1-150300.3.49.1 * openssh-common-debuginfo-8.4p1-150300.3.49.1 * openssh-askpass-gnome-8.4p1-150300.3.49.1 * openssh-debugsource-8.4p1-150300.3.49.1 * openssh-fips-8.4p1-150300.3.49.1 * openssh-server-8.4p1-150300.3.49.1 * openssh-helpers-debuginfo-8.4p1-150300.3.49.1 * openssh-askpass-gnome-debuginfo-8.4p1-150300.3.49.1 * openssh-clients-debuginfo-8.4p1-150300.3.49.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * openssh-server-debuginfo-8.4p1-150300.3.49.1 * openssh-helpers-8.4p1-150300.3.49.1 * openssh-clients-8.4p1-150300.3.49.1 * openssh-debuginfo-8.4p1-150300.3.49.1 * openssh-8.4p1-150300.3.49.1 * openssh-common-8.4p1-150300.3.49.1 * openssh-askpass-gnome-debugsource-8.4p1-150300.3.49.1 * openssh-common-debuginfo-8.4p1-150300.3.49.1 * openssh-askpass-gnome-8.4p1-150300.3.49.1 * openssh-debugsource-8.4p1-150300.3.49.1 * openssh-fips-8.4p1-150300.3.49.1 * openssh-server-8.4p1-150300.3.49.1 * openssh-helpers-debuginfo-8.4p1-150300.3.49.1 * openssh-askpass-gnome-debuginfo-8.4p1-150300.3.49.1 * openssh-clients-debuginfo-8.4p1-150300.3.49.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * openssh-server-debuginfo-8.4p1-150300.3.49.1 * openssh-helpers-8.4p1-150300.3.49.1 * openssh-clients-8.4p1-150300.3.49.1 * openssh-debuginfo-8.4p1-150300.3.49.1 * openssh-8.4p1-150300.3.49.1 * openssh-common-8.4p1-150300.3.49.1 * openssh-askpass-gnome-debugsource-8.4p1-150300.3.49.1 * openssh-common-debuginfo-8.4p1-150300.3.49.1 * openssh-askpass-gnome-8.4p1-150300.3.49.1 * openssh-debugsource-8.4p1-150300.3.49.1 * openssh-fips-8.4p1-150300.3.49.1 * openssh-server-8.4p1-150300.3.49.1 * openssh-helpers-debuginfo-8.4p1-150300.3.49.1 * openssh-askpass-gnome-debuginfo-8.4p1-150300.3.49.1 * openssh-clients-debuginfo-8.4p1-150300.3.49.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * openssh-server-debuginfo-8.4p1-150300.3.49.1 * openssh-helpers-8.4p1-150300.3.49.1 * openssh-clients-8.4p1-150300.3.49.1 * openssh-debuginfo-8.4p1-150300.3.49.1 * openssh-8.4p1-150300.3.49.1 * openssh-common-8.4p1-150300.3.49.1 * openssh-askpass-gnome-debugsource-8.4p1-150300.3.49.1 * openssh-common-debuginfo-8.4p1-150300.3.49.1 * openssh-askpass-gnome-8.4p1-150300.3.49.1 * openssh-debugsource-8.4p1-150300.3.49.1 * openssh-fips-8.4p1-150300.3.49.1 * openssh-server-8.4p1-150300.3.49.1 * openssh-helpers-debuginfo-8.4p1-150300.3.49.1 * openssh-askpass-gnome-debuginfo-8.4p1-150300.3.49.1 * openssh-clients-debuginfo-8.4p1-150300.3.49.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * openssh-server-debuginfo-8.4p1-150300.3.49.1 * openssh-helpers-8.4p1-150300.3.49.1 * openssh-clients-8.4p1-150300.3.49.1 * openssh-debuginfo-8.4p1-150300.3.49.1 * openssh-8.4p1-150300.3.49.1 * openssh-common-8.4p1-150300.3.49.1 * openssh-askpass-gnome-debugsource-8.4p1-150300.3.49.1 * openssh-common-debuginfo-8.4p1-150300.3.49.1 * openssh-askpass-gnome-8.4p1-150300.3.49.1 * openssh-debugsource-8.4p1-150300.3.49.1 * openssh-fips-8.4p1-150300.3.49.1 * openssh-server-8.4p1-150300.3.49.1 * openssh-helpers-debuginfo-8.4p1-150300.3.49.1 * openssh-askpass-gnome-debuginfo-8.4p1-150300.3.49.1 * openssh-clients-debuginfo-8.4p1-150300.3.49.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * openssh-server-debuginfo-8.4p1-150300.3.49.1 * openssh-helpers-8.4p1-150300.3.49.1 * openssh-clients-8.4p1-150300.3.49.1 * openssh-debuginfo-8.4p1-150300.3.49.1 * openssh-8.4p1-150300.3.49.1 * openssh-common-8.4p1-150300.3.49.1 * openssh-askpass-gnome-debugsource-8.4p1-150300.3.49.1 * openssh-common-debuginfo-8.4p1-150300.3.49.1 * openssh-askpass-gnome-8.4p1-150300.3.49.1 * openssh-debugsource-8.4p1-150300.3.49.1 * openssh-fips-8.4p1-150300.3.49.1 * openssh-server-8.4p1-150300.3.49.1 * openssh-helpers-debuginfo-8.4p1-150300.3.49.1 * openssh-askpass-gnome-debuginfo-8.4p1-150300.3.49.1 * openssh-clients-debuginfo-8.4p1-150300.3.49.1 * SUSE Manager Proxy 4.3 (x86_64) * openssh-server-debuginfo-8.4p1-150300.3.49.1 * openssh-helpers-8.4p1-150300.3.49.1 * openssh-clients-8.4p1-150300.3.49.1 * openssh-debuginfo-8.4p1-150300.3.49.1 * openssh-8.4p1-150300.3.49.1 * openssh-common-8.4p1-150300.3.49.1 * openssh-common-debuginfo-8.4p1-150300.3.49.1 * openssh-debugsource-8.4p1-150300.3.49.1 * openssh-fips-8.4p1-150300.3.49.1 * openssh-server-8.4p1-150300.3.49.1 * openssh-helpers-debuginfo-8.4p1-150300.3.49.1 * openssh-clients-debuginfo-8.4p1-150300.3.49.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * openssh-server-debuginfo-8.4p1-150300.3.49.1 * openssh-helpers-8.4p1-150300.3.49.1 * openssh-clients-8.4p1-150300.3.49.1 * openssh-debuginfo-8.4p1-150300.3.49.1 * openssh-8.4p1-150300.3.49.1 * openssh-common-8.4p1-150300.3.49.1 * openssh-common-debuginfo-8.4p1-150300.3.49.1 * openssh-debugsource-8.4p1-150300.3.49.1 * openssh-fips-8.4p1-150300.3.49.1 * openssh-server-8.4p1-150300.3.49.1 * openssh-helpers-debuginfo-8.4p1-150300.3.49.1 * openssh-clients-debuginfo-8.4p1-150300.3.49.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * openssh-server-debuginfo-8.4p1-150300.3.49.1 * openssh-helpers-8.4p1-150300.3.49.1 * openssh-clients-8.4p1-150300.3.49.1 * openssh-debuginfo-8.4p1-150300.3.49.1 * openssh-8.4p1-150300.3.49.1 * openssh-common-8.4p1-150300.3.49.1 * openssh-common-debuginfo-8.4p1-150300.3.49.1 * openssh-debugsource-8.4p1-150300.3.49.1 * openssh-fips-8.4p1-150300.3.49.1 * openssh-server-8.4p1-150300.3.49.1 * openssh-helpers-debuginfo-8.4p1-150300.3.49.1 * openssh-clients-debuginfo-8.4p1-150300.3.49.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * openssh-server-debuginfo-8.4p1-150300.3.49.1 * openssh-helpers-8.4p1-150300.3.49.1 * openssh-clients-8.4p1-150300.3.49.1 * openssh-debuginfo-8.4p1-150300.3.49.1 * openssh-8.4p1-150300.3.49.1 * openssh-common-8.4p1-150300.3.49.1 * openssh-askpass-gnome-debugsource-8.4p1-150300.3.49.1 * openssh-common-debuginfo-8.4p1-150300.3.49.1 * openssh-askpass-gnome-8.4p1-150300.3.49.1 * openssh-debugsource-8.4p1-150300.3.49.1 * openssh-fips-8.4p1-150300.3.49.1 * openssh-server-8.4p1-150300.3.49.1 * openssh-helpers-debuginfo-8.4p1-150300.3.49.1 * openssh-askpass-gnome-debuginfo-8.4p1-150300.3.49.1 * openssh-clients-debuginfo-8.4p1-150300.3.49.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * openssh-server-debuginfo-8.4p1-150300.3.49.1 * openssh-clients-8.4p1-150300.3.49.1 * openssh-debuginfo-8.4p1-150300.3.49.1 * openssh-8.4p1-150300.3.49.1 * openssh-common-8.4p1-150300.3.49.1 * openssh-common-debuginfo-8.4p1-150300.3.49.1 * openssh-debugsource-8.4p1-150300.3.49.1 * openssh-fips-8.4p1-150300.3.49.1 * openssh-server-8.4p1-150300.3.49.1 * openssh-clients-debuginfo-8.4p1-150300.3.49.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * openssh-server-debuginfo-8.4p1-150300.3.49.1 * openssh-clients-8.4p1-150300.3.49.1 * openssh-debuginfo-8.4p1-150300.3.49.1 * openssh-8.4p1-150300.3.49.1 * openssh-common-8.4p1-150300.3.49.1 * openssh-common-debuginfo-8.4p1-150300.3.49.1 * openssh-debugsource-8.4p1-150300.3.49.1 * openssh-fips-8.4p1-150300.3.49.1 * openssh-server-8.4p1-150300.3.49.1 * openssh-clients-debuginfo-8.4p1-150300.3.49.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * openssh-server-debuginfo-8.4p1-150300.3.49.1 * openssh-clients-8.4p1-150300.3.49.1 * openssh-debuginfo-8.4p1-150300.3.49.1 * openssh-8.4p1-150300.3.49.1 * openssh-common-8.4p1-150300.3.49.1 * openssh-common-debuginfo-8.4p1-150300.3.49.1 * openssh-debugsource-8.4p1-150300.3.49.1 * openssh-fips-8.4p1-150300.3.49.1 * openssh-server-8.4p1-150300.3.49.1 * openssh-clients-debuginfo-8.4p1-150300.3.49.1 ## References: * https://www.suse.com/security/cve/CVE-2025-32728.html * https://bugzilla.suse.com/show_bug.cgi?id=1228634 * https://bugzilla.suse.com/show_bug.cgi?id=1232533 * https://bugzilla.suse.com/show_bug.cgi?id=1241012 * https://bugzilla.suse.com/show_bug.cgi?id=1241045 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 19 12:30:04 2025 From: null at suse.de (SLE-UPDATES) Date: Mon, 19 May 2025 12:30:04 -0000 Subject: SUSE-RU-2025:1577-1: moderate: Recommended update for container-suseconnect Message-ID: <174765780470.4650.15840918832458848024@smelt2.prg2.suse.org> # Recommended update for container-suseconnect Announcement ID: SUSE-RU-2025:1577-1 Release Date: 2025-05-19T08:24:09Z Rating: moderate References: * bsc#1173375 Affected Products: * Containers Module 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that has one fix can now be installed. ## Description: This update for container-suseconnect fixes the following issues: * update to 2.5.1: * Bump github.com/mssola/capture from 1.0.0 to 1.1.0 * Log everything to stderr * Code formatting * Bump github.com/stretchr/testify from 1.9.0 to 1.10.0 * Also allow optionally to pass down the system_token * Various golangci-lint v2.1x warnings fixed * Remove use of urfave/cli and replace it with flag * remove unnecessary packaging buildrequires ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2025-1577=1 ## Package List: * Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64) * container-suseconnect-2.5.1-150000.4.62.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1173375 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 19 16:30:05 2025 From: null at suse.de (SLE-UPDATES) Date: Mon, 19 May 2025 16:30:05 -0000 Subject: SUSE-RU-2025:1584-1: low: Recommended update for sle-module-rt-release Message-ID: <174767220503.14417.11010751311541669890@smelt2.prg2.suse.org> # Recommended update for sle-module-rt-release Announcement ID: SUSE-RU-2025:1584-1 Release Date: 2025-05-19T14:59:06Z Rating: low References: * bsc#1239144 Affected Products: * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Real Time Module 15-SP6 An update that has one fix can now be installed. ## Description: This update for sle-module-rt-release provides the following fix: * Fix reported version. (bsc#1239144) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Real Time Module 15-SP6 zypper in -t patch SUSE-SLE-Module-RT-15-SP6-2025-1584=1 ## Package List: * SUSE Real Time Module 15-SP6 (x86_64) * sle-module-rt-release-15.6-150600.1.6.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1239144 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 19 16:30:07 2025 From: null at suse.de (SLE-UPDATES) Date: Mon, 19 May 2025 16:30:07 -0000 Subject: SUSE-SU-2025:1583-1: moderate: Security update for brltty Message-ID: <174767220733.14417.14764985240267428266@smelt2.prg2.suse.org> # Security update for brltty Announcement ID: SUSE-SU-2025:1583-1 Release Date: 2025-05-19T14:23:42Z Rating: moderate References: * bsc#1235438 Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that has one security fix can now be installed. ## Description: This update for brltty fixes the following issues: * Avoid having brlapi.key temporarily world-readable during creation (bsc#1235438). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1583=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * python3-brlapi-debuginfo-5.3.1-11.3.1 * python3-brlapi-5.3.1-11.3.1 * brlapi-devel-5.3.1-11.3.1 * brltty-debuginfo-5.3.1-11.3.1 * libbrlapi0_6-debuginfo-5.3.1-11.3.1 * brltty-debugsource-5.3.1-11.3.1 * libbrlapi0_6-5.3.1-11.3.1 * brltty-5.3.1-11.3.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1235438 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 19 16:30:10 2025 From: null at suse.de (SLE-UPDATES) Date: Mon, 19 May 2025 16:30:10 -0000 Subject: SUSE-SU-2025:1582-1: moderate: Security update for brltty Message-ID: <174767221071.14417.14288485035948046450@smelt2.prg2.suse.org> # Security update for brltty Announcement ID: SUSE-SU-2025:1582-1 Release Date: 2025-05-19T14:23:17Z Rating: moderate References: * bsc#1235438 Affected Products: * Basesystem Module 15-SP6 * Desktop Applications Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that has one security fix can now be installed. ## Description: This update for brltty fixes the following issues: * Avoid having brlapi.key temporarily world-readable during creation (bsc#1235438). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1582=1 openSUSE-SLE-15.6-2025-1582=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1582=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-1582=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * brltty-driver-speech-dispatcher-6.6-150600.3.3.1 * brlapi-java-6.6-150600.3.3.1 * brltty-driver-libbraille-6.6-150600.3.3.1 * brltty-driver-brlapi-debuginfo-6.6-150600.3.3.1 * libbrlapi0_8-debuginfo-6.6-150600.3.3.1 * python3-brlapi-debuginfo-6.6-150600.3.3.1 * brltty-6.6-150600.3.3.1 * ocaml-brlapi-debuginfo-6.6-150600.3.3.1 * brltty-driver-espeak-debuginfo-6.6-150600.3.3.1 * brltty-driver-libbraille-debuginfo-6.6-150600.3.3.1 * brlapi-devel-6.6-150600.3.3.1 * tcl-brlapi-debuginfo-6.6-150600.3.3.1 * brltty-driver-speech-dispatcher-debuginfo-6.6-150600.3.3.1 * brltty-driver-xwindow-debuginfo-6.6-150600.3.3.1 * python3-brlapi-6.6-150600.3.3.1 * libbrlapi0_8-6.6-150600.3.3.1 * brltty-udev-generic-6.6-150600.3.3.1 * brltty-driver-at-spi2-6.6-150600.3.3.1 * brltty-utils-6.6-150600.3.3.1 * ocaml-brlapi-6.6-150600.3.3.1 * brltty-driver-espeak-6.6-150600.3.3.1 * brlapi-java-debuginfo-6.6-150600.3.3.1 * brltty-driver-xwindow-6.6-150600.3.3.1 * brltty-driver-at-spi2-debuginfo-6.6-150600.3.3.1 * brltty-driver-brlapi-6.6-150600.3.3.1 * brltty-debugsource-6.6-150600.3.3.1 * xbrlapi-debuginfo-6.6-150600.3.3.1 * tcl-brlapi-6.6-150600.3.3.1 * brltty-debuginfo-6.6-150600.3.3.1 * brltty-utils-debuginfo-6.6-150600.3.3.1 * xbrlapi-6.6-150600.3.3.1 * openSUSE Leap 15.6 (noarch) * brltty-lang-6.6-150600.3.3.1 * system-user-brltty-6.6-150600.3.3.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libbrlapi0_8-6.6-150600.3.3.1 * brlapi-devel-6.6-150600.3.3.1 * brltty-debugsource-6.6-150600.3.3.1 * brltty-debuginfo-6.6-150600.3.3.1 * libbrlapi0_8-debuginfo-6.6-150600.3.3.1 * python3-brlapi-debuginfo-6.6-150600.3.3.1 * python3-brlapi-6.6-150600.3.3.1 * Basesystem Module 15-SP6 (noarch) * system-user-brltty-6.6-150600.3.3.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * brltty-driver-speech-dispatcher-6.6-150600.3.3.1 * brltty-driver-at-spi2-debuginfo-6.6-150600.3.3.1 * brltty-driver-brlapi-6.6-150600.3.3.1 * brltty-driver-speech-dispatcher-debuginfo-6.6-150600.3.3.1 * brltty-debugsource-6.6-150600.3.3.1 * brltty-driver-at-spi2-6.6-150600.3.3.1 * brltty-debuginfo-6.6-150600.3.3.1 * brltty-driver-brlapi-debuginfo-6.6-150600.3.3.1 * brltty-6.6-150600.3.3.1 * Desktop Applications Module 15-SP6 (noarch) * brltty-lang-6.6-150600.3.3.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1235438 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 19 16:30:13 2025 From: null at suse.de (SLE-UPDATES) Date: Mon, 19 May 2025 16:30:13 -0000 Subject: SUSE-RU-2025:1581-1: moderate: Recommended update for python-google-cloud-compute Message-ID: <174767221323.14417.11976692745186216754@smelt2.prg2.suse.org> # Recommended update for python-google-cloud-compute Announcement ID: SUSE-RU-2025:1581-1 Release Date: 2025-05-19T13:26:36Z Rating: moderate References: * bsc#1241310 Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.6 * Public Cloud Module 15-SP4 * Public Cloud Module 15-SP5 * Public Cloud Module 15-SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has one fix can now be installed. ## Description: This update for python-google-cloud-compute fixes the following issues: * Update to 1.29.0 * Update Compute Engine API to revision 20250320 * Update to 1.28.0 * Update Compute Engine API to revision 20250302 * Update to 1.27.0 * Allow Protobuf 6.x * remove setup.cfg configuration for creating universal wheels * Update to 1.26.0 * Update Compute Engine API to revision 20250211 * Update to 1.25.0 * Add REST Interceptors which support reading metadata * Add support for reading selective GAPIC generation methods from service YAML * Update to 1.24.0 * Update Compute Engine API to revision 20250107 * Update to 1.23.0 * Update Compute Engine API to revision 20241201 * Add support for opt-in debug logging * Fix typing issue with gRPC metadata when key ends in -bin * Update to 1.22.0 * Update Compute Engine API to revision 20241105 * Update to 1.21.0 (bsc#1241310) * Update Compute Engine API to revision 20241015 * Update to 1.20.1 * disable universe-domain validation * Update to 1.20.0 * Add support for Python 3.13 * Update to 1.19.2 * Retry and timeout values do not propagate in requests during pagination * Update to 1.19.1 * Allow protobuf 5.x * Update to 1.19.0 * Update Compute Engine API to revision 20240430 * update to 1.18: * Update Compute Engine API to revision 20240220 * Add google-auth as a direct dependency * Add staticmethod decorator to _get_client_cert_source and _get_api_endpoint * Resolve AttributeError 'Credentials' object has no attribute 'universe_domain' * Allow users to explicitly configure universe domain ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1581=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1581=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2025-1581=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2025-1581=1 * Public Cloud Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2025-1581=1 ## Package List: * openSUSE Leap 15.4 (noarch) * python311-google-cloud-compute-1.29.0-150400.9.6.1 * openSUSE Leap 15.6 (noarch) * python311-google-cloud-compute-1.29.0-150400.9.6.1 * Public Cloud Module 15-SP4 (noarch) * python311-google-cloud-compute-1.29.0-150400.9.6.1 * Public Cloud Module 15-SP5 (noarch) * python311-google-cloud-compute-1.29.0-150400.9.6.1 * Public Cloud Module 15-SP6 (noarch) * python311-google-cloud-compute-1.29.0-150400.9.6.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1241310 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 19 16:30:20 2025 From: null at suse.de (SLE-UPDATES) Date: Mon, 19 May 2025 16:30:20 -0000 Subject: SUSE-SU-2025:1579-1: moderate: Security update for brltty Message-ID: <174767222015.14417.10808705481698038921@smelt2.prg2.suse.org> # Security update for brltty Announcement ID: SUSE-SU-2025:1579-1 Release Date: 2025-05-19T12:40:43Z Rating: moderate References: * bsc#1235438 Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that has one security fix can now be installed. ## Description: This update for brltty fixes the following issues: * Avoid having brlapi.key temporarily world-readable during creation (bsc#1235438). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1579=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1579=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1579=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1579=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1579=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * brltty-debuginfo-6.4-150400.4.8.1 * brltty-driver-espeak-debuginfo-6.4-150400.4.8.1 * brltty-driver-at-spi2-debuginfo-6.4-150400.4.8.1 * brltty-utils-debuginfo-6.4-150400.4.8.1 * brltty-driver-speech-dispatcher-6.4-150400.4.8.1 * brltty-driver-libbraille-6.4-150400.4.8.1 * brltty-driver-xwindow-6.4-150400.4.8.1 * brltty-driver-brlapi-debuginfo-6.4-150400.4.8.1 * brltty-debugsource-6.4-150400.4.8.1 * python3-brlapi-debuginfo-6.4-150400.4.8.1 * ocaml-brlapi-debuginfo-6.4-150400.4.8.1 * brltty-driver-brlapi-6.4-150400.4.8.1 * brltty-utils-6.4-150400.4.8.1 * brltty-driver-at-spi2-6.4-150400.4.8.1 * xbrlapi-debuginfo-6.4-150400.4.8.1 * libbrlapi0_8-debuginfo-6.4-150400.4.8.1 * python3-brlapi-6.4-150400.4.8.1 * brltty-6.4-150400.4.8.1 * brltty-driver-espeak-6.4-150400.4.8.1 * brlapi-devel-6.4-150400.4.8.1 * brltty-driver-libbraille-debuginfo-6.4-150400.4.8.1 * tcl-brlapi-debuginfo-6.4-150400.4.8.1 * brlapi-java-debuginfo-6.4-150400.4.8.1 * brlapi-java-6.4-150400.4.8.1 * tcl-brlapi-6.4-150400.4.8.1 * xbrlapi-6.4-150400.4.8.1 * ocaml-brlapi-6.4-150400.4.8.1 * libbrlapi0_8-6.4-150400.4.8.1 * brltty-driver-speech-dispatcher-debuginfo-6.4-150400.4.8.1 * brltty-driver-xwindow-debuginfo-6.4-150400.4.8.1 * openSUSE Leap 15.4 (noarch) * brltty-lang-6.4-150400.4.8.1 * system-user-brltty-6.4-150400.4.8.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * system-user-brltty-6.4-150400.4.8.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * system-user-brltty-6.4-150400.4.8.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * system-user-brltty-6.4-150400.4.8.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * system-user-brltty-6.4-150400.4.8.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1235438 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 19 16:30:15 2025 From: null at suse.de (SLE-UPDATES) Date: Mon, 19 May 2025 16:30:15 -0000 Subject: SUSE-RU-2025:1580-1: important: Recommended update for librdkafka Message-ID: <174767221549.14417.12938913509771070693@smelt2.prg2.suse.org> # Recommended update for librdkafka Announcement ID: SUSE-RU-2025:1580-1 Release Date: 2025-05-19T13:12:32Z Rating: important References: * bsc#1242842 Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has one fix can now be installed. ## Description: This update for librdkafka fixes the following issues: * Avoid endless loops under certain conditions (bsc#1242842) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1580=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1580=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1580=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1580=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1580=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1580=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1580=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1580=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1580=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1580=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1580=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-1580=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-1580=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-1580=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1580=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * librdkafka-devel-0.11.6-150000.1.11.1 * librdkafka1-debuginfo-0.11.6-150000.1.11.1 * librdkafka-debugsource-0.11.6-150000.1.11.1 * librdkafka1-0.11.6-150000.1.11.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * librdkafka-devel-0.11.6-150000.1.11.1 * librdkafka1-debuginfo-0.11.6-150000.1.11.1 * librdkafka-debugsource-0.11.6-150000.1.11.1 * librdkafka1-0.11.6-150000.1.11.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * librdkafka-devel-0.11.6-150000.1.11.1 * librdkafka1-debuginfo-0.11.6-150000.1.11.1 * librdkafka-debugsource-0.11.6-150000.1.11.1 * librdkafka1-0.11.6-150000.1.11.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * librdkafka-devel-0.11.6-150000.1.11.1 * librdkafka1-debuginfo-0.11.6-150000.1.11.1 * librdkafka-debugsource-0.11.6-150000.1.11.1 * librdkafka1-0.11.6-150000.1.11.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * librdkafka-devel-0.11.6-150000.1.11.1 * librdkafka1-debuginfo-0.11.6-150000.1.11.1 * librdkafka-debugsource-0.11.6-150000.1.11.1 * librdkafka1-0.11.6-150000.1.11.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * librdkafka-devel-0.11.6-150000.1.11.1 * librdkafka1-debuginfo-0.11.6-150000.1.11.1 * librdkafka-debugsource-0.11.6-150000.1.11.1 * librdkafka1-0.11.6-150000.1.11.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * librdkafka-devel-0.11.6-150000.1.11.1 * librdkafka1-debuginfo-0.11.6-150000.1.11.1 * librdkafka-debugsource-0.11.6-150000.1.11.1 * librdkafka1-0.11.6-150000.1.11.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * librdkafka-devel-0.11.6-150000.1.11.1 * librdkafka1-debuginfo-0.11.6-150000.1.11.1 * librdkafka-debugsource-0.11.6-150000.1.11.1 * librdkafka1-0.11.6-150000.1.11.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * librdkafka-devel-0.11.6-150000.1.11.1 * librdkafka1-debuginfo-0.11.6-150000.1.11.1 * librdkafka-debugsource-0.11.6-150000.1.11.1 * librdkafka1-0.11.6-150000.1.11.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * librdkafka-devel-0.11.6-150000.1.11.1 * librdkafka1-debuginfo-0.11.6-150000.1.11.1 * librdkafka-debugsource-0.11.6-150000.1.11.1 * librdkafka1-0.11.6-150000.1.11.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * librdkafka-devel-0.11.6-150000.1.11.1 * librdkafka1-debuginfo-0.11.6-150000.1.11.1 * librdkafka-debugsource-0.11.6-150000.1.11.1 * librdkafka1-0.11.6-150000.1.11.1 * SUSE Manager Proxy 4.3 (x86_64) * librdkafka-devel-0.11.6-150000.1.11.1 * librdkafka1-debuginfo-0.11.6-150000.1.11.1 * librdkafka-debugsource-0.11.6-150000.1.11.1 * librdkafka1-0.11.6-150000.1.11.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * librdkafka-devel-0.11.6-150000.1.11.1 * librdkafka1-debuginfo-0.11.6-150000.1.11.1 * librdkafka-debugsource-0.11.6-150000.1.11.1 * librdkafka1-0.11.6-150000.1.11.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * librdkafka-devel-0.11.6-150000.1.11.1 * librdkafka1-debuginfo-0.11.6-150000.1.11.1 * librdkafka-debugsource-0.11.6-150000.1.11.1 * librdkafka1-0.11.6-150000.1.11.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * librdkafka-devel-0.11.6-150000.1.11.1 * librdkafka1-debuginfo-0.11.6-150000.1.11.1 * librdkafka-debugsource-0.11.6-150000.1.11.1 * librdkafka1-0.11.6-150000.1.11.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1242842 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 19 20:30:04 2025 From: null at suse.de (SLE-UPDATES) Date: Mon, 19 May 2025 20:30:04 -0000 Subject: SUSE-SU-2025:01586-1: important: Security update for rubygem-rack Message-ID: <174768660463.21669.7720481982850344716@smelt2.prg2.suse.org> # Security update for rubygem-rack Announcement ID: SUSE-SU-2025:01586-1 Release Date: 2025-05-19T17:23:48Z Rating: important References: * bsc#1242894 * bsc#1242899 Cross-References: * CVE-2025-32441 * CVE-2025-46727 CVSS scores: * CVE-2025-32441 ( SUSE ): 2.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-32441 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2025-32441 ( NVD ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2025-46727 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-46727 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-46727 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise High Availability Extension 15 SP3 * SUSE Linux Enterprise High Availability Extension 15 SP4 * SUSE Linux Enterprise High Availability Extension 15 SP5 * SUSE Linux Enterprise High Availability Extension 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 Business Critical Linux * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.2 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.2 * SUSE Manager Server 4.3 An update that solves two vulnerabilities can now be installed. ## Description: This update for rubygem-rack fixes the following issues: * CVE-2025-46727: possible memory exhaustion due to unbounded parameter parsing in Rack::QueryParser (bsc#1242894). * CVE-2025-32441: deleted sessions can be restored and occupied by unauthenticated users when the Rack::Session::Pool middleware is being used (bsc#1242899). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1586=1 * SUSE Linux Enterprise High Availability Extension 15 SP3 zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2025-1586=1 * SUSE Linux Enterprise High Availability Extension 15 SP4 zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2025-1586=1 * SUSE Linux Enterprise High Availability Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-HA-15-SP5-2025-1586=1 * SUSE Linux Enterprise High Availability Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-HA-15-SP6-2025-1586=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * ruby2.5-rubygem-rack-testsuite-2.0.8-150000.3.31.1 * ruby2.5-rubygem-rack-2.0.8-150000.3.31.1 * ruby2.5-rubygem-rack-doc-2.0.8-150000.3.31.1 * SUSE Linux Enterprise High Availability Extension 15 SP3 (aarch64 ppc64le s390x x86_64) * ruby2.5-rubygem-rack-2.0.8-150000.3.31.1 * SUSE Linux Enterprise High Availability Extension 15 SP4 (aarch64 ppc64le s390x x86_64) * ruby2.5-rubygem-rack-2.0.8-150000.3.31.1 * SUSE Linux Enterprise High Availability Extension 15 SP5 (aarch64 ppc64le s390x x86_64) * ruby2.5-rubygem-rack-2.0.8-150000.3.31.1 * SUSE Linux Enterprise High Availability Extension 15 SP6 (aarch64 ppc64le s390x x86_64) * ruby2.5-rubygem-rack-2.0.8-150000.3.31.1 ## References: * https://www.suse.com/security/cve/CVE-2025-32441.html * https://www.suse.com/security/cve/CVE-2025-46727.html * https://bugzilla.suse.com/show_bug.cgi?id=1242894 * https://bugzilla.suse.com/show_bug.cgi?id=1242899 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 19 20:30:08 2025 From: null at suse.de (SLE-UPDATES) Date: Mon, 19 May 2025 20:30:08 -0000 Subject: SUSE-SU-2025:01585-1: important: Security update for apache2-mod_auth_openidc Message-ID: <174768660836.21669.10075031898943876170@smelt2.prg2.suse.org> # Security update for apache2-mod_auth_openidc Announcement ID: SUSE-SU-2025:01585-1 Release Date: 2025-05-19T17:21:54Z Rating: important References: * bsc#1242015 Cross-References: * CVE-2025-3891 CVSS scores: * CVE-2025-3891 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-3891 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-3891 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-3891 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for apache2-mod_auth_openidc fixes the following issues: * CVE-2025-3891: denial of service via POST requests with an empty Content- Type header and with OIDCPreservePost On (bsc#1242015). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-1585=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1585=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * apache2-mod_auth_openidc-debugsource-2.4.0-7.22.1 * apache2-mod_auth_openidc-debuginfo-2.4.0-7.22.1 * apache2-mod_auth_openidc-2.4.0-7.22.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * apache2-mod_auth_openidc-debugsource-2.4.0-7.22.1 * apache2-mod_auth_openidc-debuginfo-2.4.0-7.22.1 * apache2-mod_auth_openidc-2.4.0-7.22.1 ## References: * https://www.suse.com/security/cve/CVE-2025-3891.html * https://bugzilla.suse.com/show_bug.cgi?id=1242015 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 20 08:30:06 2025 From: null at suse.de (SLE-UPDATES) Date: Tue, 20 May 2025 08:30:06 -0000 Subject: SUSE-SU-2025:01593-1: important: Security update for the Linux Kernel (Live Patch 62 for SLE 12 SP5) Message-ID: <174772980675.25161.3972001464151145920@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 62 for SLE 12 SP5) Announcement ID: SUSE-SU-2025:01593-1 Release Date: 2025-05-20T00:35:35Z Rating: important References: * bsc#1233019 * bsc#1234847 Cross-References: * CVE-2024-50115 * CVE-2024-53156 CVSS scores: * CVE-2024-50115 ( SUSE ): 4.5 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H * CVE-2024-50115 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:H * CVE-2024-50115 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53156 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53156 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53156 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 4.12.14-122_234 fixes several issues. The following security issues were fixed: * CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234847). * CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1233019). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-1593=1 SUSE-SLE-Live- Patching-12-SP5-2025-1588=1 SUSE-SLE-Live-Patching-12-SP5-2025-1589=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_234-default-8-2.1 * kgraft-patch-4_12_14-122_228-default-9-2.1 * kgraft-patch-4_12_14-122_231-default-8-2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-50115.html * https://www.suse.com/security/cve/CVE-2024-53156.html * https://bugzilla.suse.com/show_bug.cgi?id=1233019 * https://bugzilla.suse.com/show_bug.cgi?id=1234847 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 20 08:30:11 2025 From: null at suse.de (SLE-UPDATES) Date: Tue, 20 May 2025 08:30:11 -0000 Subject: SUSE-SU-2025:01590-1: important: Security update for the Linux Kernel (Live Patch 58 for SLE 12 SP5) Message-ID: <174772981199.25161.1440615596131564780@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 58 for SLE 12 SP5) Announcement ID: SUSE-SU-2025:01590-1 Release Date: 2025-05-20T00:35:27Z Rating: important References: * bsc#1229504 * bsc#1233019 * bsc#1234847 Cross-References: * CVE-2024-43882 * CVE-2024-50115 * CVE-2024-53156 CVSS scores: * CVE-2024-43882 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43882 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43882 ( NVD ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50115 ( SUSE ): 4.5 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H * CVE-2024-50115 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:H * CVE-2024-50115 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53156 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53156 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53156 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 4.12.14-122_222 fixes several issues. The following security issues were fixed: * CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234847). * CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage (bsc#1229504). * CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1233019). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-1590=1 SUSE-SLE-Live- Patching-12-SP5-2025-1592=1 SUSE-SLE-Live-Patching-12-SP5-2025-1587=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_219-default-13-2.1 * kgraft-patch-4_12_14-122_222-default-11-2.1 * kgraft-patch-4_12_14-122_216-default-16-2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-43882.html * https://www.suse.com/security/cve/CVE-2024-50115.html * https://www.suse.com/security/cve/CVE-2024-53156.html * https://bugzilla.suse.com/show_bug.cgi?id=1229504 * https://bugzilla.suse.com/show_bug.cgi?id=1233019 * https://bugzilla.suse.com/show_bug.cgi?id=1234847 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 20 08:30:13 2025 From: null at suse.de (SLE-UPDATES) Date: Tue, 20 May 2025 08:30:13 -0000 Subject: SUSE-SU-2025:01596-1: moderate: Security update for helm Message-ID: <174772981320.25161.6214699513334834646@smelt2.prg2.suse.org> # Security update for helm Announcement ID: SUSE-SU-2025:01596-1 Release Date: 2025-05-20T07:55:23Z Rating: moderate References: Affected Products: * Containers Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that can now be installed. ## Description: This update for helm fixes the following issues: help was updated to version 3.17.3: Helm v3.17.3 is a security (patch) release. Users are strongly recommended to update to this release. * Changelog * Unarchiving fix e4da497 (Matt Farina) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1596=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-1596=1 * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2025-1596=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-1596=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * helm-debuginfo-3.17.3-150000.1.47.1 * helm-3.17.3-150000.1.47.1 * openSUSE Leap 15.6 (noarch) * helm-fish-completion-3.17.3-150000.1.47.1 * helm-zsh-completion-3.17.3-150000.1.47.1 * helm-bash-completion-3.17.3-150000.1.47.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * helm-debuginfo-3.17.3-150000.1.47.1 * helm-3.17.3-150000.1.47.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * helm-bash-completion-3.17.3-150000.1.47.1 * Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64) * helm-debuginfo-3.17.3-150000.1.47.1 * helm-3.17.3-150000.1.47.1 * Containers Module 15-SP6 (noarch) * helm-zsh-completion-3.17.3-150000.1.47.1 * helm-bash-completion-3.17.3-150000.1.47.1 * SUSE Package Hub 15 15-SP6 (noarch) * helm-fish-completion-3.17.3-150000.1.47.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 20 08:30:16 2025 From: null at suse.de (SLE-UPDATES) Date: Tue, 20 May 2025 08:30:16 -0000 Subject: SUSE-RU-2025:01595-1: moderate: Recommended update for clamav Message-ID: <174772981640.25161.9543467206411794833@smelt2.prg2.suse.org> # Recommended update for clamav Announcement ID: SUSE-RU-2025:01595-1 Release Date: 2025-05-20T07:04:44Z Rating: moderate References: * bsc#1239957 Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that has one fix can now be installed. ## Description: This update for clamav fixes the following issues: * Build binaries as position independend executable. (bsc#1239957) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1595=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1595=1 openSUSE-SLE-15.6-2025-1595=1 ## Package List: * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * clamav-1.4.2-150600.18.12.1 * clamav-debugsource-1.4.2-150600.18.12.1 * libfreshclam3-debuginfo-1.4.2-150600.18.12.1 * libclammspack0-1.4.2-150600.18.12.1 * clamav-debuginfo-1.4.2-150600.18.12.1 * clamav-milter-1.4.2-150600.18.12.1 * clamav-milter-debuginfo-1.4.2-150600.18.12.1 * libclammspack0-debuginfo-1.4.2-150600.18.12.1 * libfreshclam3-1.4.2-150600.18.12.1 * libclamav12-debuginfo-1.4.2-150600.18.12.1 * clamav-devel-1.4.2-150600.18.12.1 * libclamav12-1.4.2-150600.18.12.1 * Basesystem Module 15-SP6 (noarch) * clamav-docs-html-1.4.2-150600.18.12.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * clamav-1.4.2-150600.18.12.1 * clamav-debugsource-1.4.2-150600.18.12.1 * libfreshclam3-debuginfo-1.4.2-150600.18.12.1 * libclammspack0-1.4.2-150600.18.12.1 * clamav-debuginfo-1.4.2-150600.18.12.1 * clamav-milter-1.4.2-150600.18.12.1 * clamav-milter-debuginfo-1.4.2-150600.18.12.1 * libclammspack0-debuginfo-1.4.2-150600.18.12.1 * libfreshclam3-1.4.2-150600.18.12.1 * libclamav12-debuginfo-1.4.2-150600.18.12.1 * clamav-devel-1.4.2-150600.18.12.1 * libclamav12-1.4.2-150600.18.12.1 * openSUSE Leap 15.6 (noarch) * clamav-docs-html-1.4.2-150600.18.12.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1239957 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 20 08:30:18 2025 From: null at suse.de (SLE-UPDATES) Date: Tue, 20 May 2025 08:30:18 -0000 Subject: SUSE-RU-2025:01594-1: important: Recommended update for ansible-core Message-ID: <174772981850.25161.15236364199475771110@smelt2.prg2.suse.org> # Recommended update for ansible-core Announcement ID: SUSE-RU-2025:01594-1 Release Date: 2025-05-20T05:54:08Z Rating: important References: * bsc#1243193 Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * Systems Management Module 15-SP6 An update that has one fix can now be installed. ## Description: This update for ansible-core fixes the following issues: * Add missing dependency on python311-rpm required by package_facts (bsc#1243193) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1594=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1594=1 * Systems Management Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Systems-Management-15-SP6-2025-1594=1 ## Package List: * openSUSE Leap 15.4 (noarch) * ansible-core-2.18.3-150400.9.6.1 * ansible-test-2.18.3-150400.9.6.1 * openSUSE Leap 15.6 (noarch) * ansible-core-2.18.3-150400.9.6.1 * ansible-test-2.18.3-150400.9.6.1 * Systems Management Module 15-SP6 (noarch) * ansible-core-2.18.3-150400.9.6.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1243193 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 20 08:30:21 2025 From: null at suse.de (SLE-UPDATES) Date: Tue, 20 May 2025 08:30:21 -0000 Subject: SUSE-SU-2025:01591-1: moderate: Security update for python-maturin Message-ID: <174772982144.25161.12768023417862745231@smelt2.prg2.suse.org> # Security update for python-maturin Announcement ID: SUSE-SU-2025:01591-1 Release Date: 2025-05-19T21:24:50Z Rating: moderate References: * bsc#1242631 * bsc#1243177 Cross-References: * CVE-2025-3416 * CVE-2025-4574 CVSS scores: * CVE-2025-3416 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-3416 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-3416 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-4574 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-4574 ( SUSE ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-4574 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L Affected Products: * openSUSE Leap 15.6 An update that solves two vulnerabilities can now be installed. ## Description: This update for python-maturin fixes the following issues: * CVE-2025-3416: openssl: use-after-free in `Md::fetch` and `Cipher::fetch` when `Some(...)` value passed as `properties` argument to either function (bsc#1242631). * CVE-2025-4574: crossbeam-channel: double-free leading to possible memory corruption in `Channel::drop` when dropping a channel (bsc#1243177). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1591=1 openSUSE-SLE-15.6-2025-1591=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * python311-maturin-1.4.0-150600.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2025-3416.html * https://www.suse.com/security/cve/CVE-2025-4574.html * https://bugzilla.suse.com/show_bug.cgi?id=1242631 * https://bugzilla.suse.com/show_bug.cgi?id=1243177 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 20 12:31:33 2025 From: null at suse.de (SLE-UPDATES) Date: Tue, 20 May 2025 12:31:33 -0000 Subject: SUSE-SU-2025:01600-1: important: Security update for the Linux Kernel Message-ID: <174774429387.21669.216792589335551004@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:01600-1 Release Date: 2025-05-20T11:49:39Z Rating: important References: * bsc#1205495 * bsc#1230764 * bsc#1231103 * bsc#1231450 * bsc#1231910 * bsc#1233461 * bsc#1234209 * bsc#1235038 * bsc#1235526 * bsc#1235729 * bsc#1235870 * bsc#1236086 * bsc#1236111 * bsc#1237757 * bsc#1237839 * bsc#1237840 * bsc#1237845 * bsc#1237868 * bsc#1237873 * bsc#1237885 * bsc#1237911 * bsc#1237912 * bsc#1237926 * bsc#1237939 * bsc#1237950 * bsc#1237951 * bsc#1237954 * bsc#1237957 * bsc#1237979 * bsc#1237984 * bsc#1238000 * bsc#1238016 * bsc#1238022 * bsc#1238037 * bsc#1238092 * bsc#1238093 * bsc#1238097 * bsc#1238099 * bsc#1238138 * bsc#1238139 * bsc#1238155 * bsc#1238156 * bsc#1238233 * bsc#1238243 * bsc#1238244 * bsc#1238307 * bsc#1238335 * bsc#1238377 * bsc#1238398 * bsc#1238455 * bsc#1238497 * bsc#1238507 * bsc#1238537 * bsc#1238645 * bsc#1238714 * bsc#1238722 * bsc#1238737 * bsc#1238746 * bsc#1238760 * bsc#1238768 * bsc#1238803 * bsc#1238835 * bsc#1238838 * bsc#1238844 * bsc#1238893 * bsc#1238905 * bsc#1238911 * bsc#1238919 * bsc#1238930 * bsc#1238937 * bsc#1238938 * bsc#1238984 * bsc#1239070 * bsc#1239111 * bsc#1239112 * bsc#1239474 * bsc#1239994 * bsc#1240185 * bsc#1240243 * bsc#1240250 * bsc#1240270 * bsc#1240309 * bsc#1240583 * bsc#1240590 * bsc#1240701 * bsc#1240703 * bsc#1240709 * bsc#1240712 * bsc#1240714 * bsc#1240717 * bsc#1240739 * bsc#1240740 * bsc#1240742 * bsc#1240835 * bsc#1240942 * bsc#1240943 * bsc#1241145 * bsc#1241266 * bsc#1241347 * bsc#1241371 * bsc#1241373 * bsc#1241404 * bsc#1241405 * bsc#1241408 * bsc#1241458 * bsc#1241526 * bsc#1241601 * bsc#1241640 * bsc#1242778 Cross-References: * CVE-2020-36789 * CVE-2021-47659 * CVE-2021-47668 * CVE-2021-47669 * CVE-2022-49044 * CVE-2022-49055 * CVE-2022-49060 * CVE-2022-49086 * CVE-2022-49111 * CVE-2022-49118 * CVE-2022-49121 * CVE-2022-49137 * CVE-2022-49171 * CVE-2022-49175 * CVE-2022-49176 * CVE-2022-49179 * CVE-2022-49188 * CVE-2022-49197 * CVE-2022-49205 * CVE-2022-49232 * CVE-2022-49290 * CVE-2022-49305 * CVE-2022-49325 * CVE-2022-49335 * CVE-2022-49351 * CVE-2022-49385 * CVE-2022-49390 * CVE-2022-49411 * CVE-2022-49442 * CVE-2022-49465 * CVE-2022-49478 * CVE-2022-49489 * CVE-2022-49504 * CVE-2022-49521 * CVE-2022-49525 * CVE-2022-49534 * CVE-2022-49535 * CVE-2022-49536 * CVE-2022-49537 * CVE-2022-49542 * CVE-2022-49561 * CVE-2022-49590 * CVE-2022-49658 * CVE-2022-49668 * CVE-2022-49693 * CVE-2022-49725 * CVE-2022-49728 * CVE-2022-49730 * CVE-2022-49749 * CVE-2022-49753 * CVE-2023-53023 * CVE-2023-53032 * CVE-2024-46763 * CVE-2024-46865 * CVE-2024-49994 * CVE-2024-50038 * CVE-2024-50272 * CVE-2024-52559 * CVE-2024-54683 * CVE-2024-56590 * CVE-2024-56641 * CVE-2024-57924 * CVE-2024-57980 * CVE-2024-57981 * CVE-2024-58005 * CVE-2024-58009 * CVE-2024-58017 * CVE-2024-58063 * CVE-2024-58093 * CVE-2025-21635 * CVE-2025-21735 * CVE-2025-21750 * CVE-2025-21758 * CVE-2025-21764 * CVE-2025-21768 * CVE-2025-21772 * CVE-2025-21779 * CVE-2025-21806 * CVE-2025-21862 * CVE-2025-21881 * CVE-2025-21909 * CVE-2025-21910 * CVE-2025-21926 * CVE-2025-21927 * CVE-2025-21931 * CVE-2025-21941 * CVE-2025-21948 * CVE-2025-21956 * CVE-2025-21957 * CVE-2025-21963 * CVE-2025-21964 * CVE-2025-21976 * CVE-2025-22004 * CVE-2025-22008 * CVE-2025-22010 * CVE-2025-22018 * CVE-2025-22053 * CVE-2025-22055 * CVE-2025-22060 * CVE-2025-22086 * CVE-2025-23131 * CVE-2025-37785 CVSS scores: * CVE-2020-36789 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2020-36789 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2020-36789 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47659 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2021-47659 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47668 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2021-47668 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47668 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47669 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2021-47669 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47669 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49044 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2022-49044 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2022-49055 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49055 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49055 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49060 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49060 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49060 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49086 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-49086 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-49111 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49111 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49111 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49118 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49118 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49121 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49121 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49137 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-49137 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-49137 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49171 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49171 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49175 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49175 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49176 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49176 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49176 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49179 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49179 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49179 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49188 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49188 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49197 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2022-49197 ( SUSE ): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L * CVE-2022-49205 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49205 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49232 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49232 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49232 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49290 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49290 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H * CVE-2022-49290 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49305 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49305 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49305 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49325 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49325 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49335 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49335 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49335 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49351 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49351 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49385 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49385 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49390 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49390 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49411 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49411 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49442 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49465 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49465 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49465 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49478 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49489 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49489 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49504 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49504 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49521 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49521 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49525 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49525 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49534 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-49534 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-49534 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49535 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49535 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49535 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49536 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49536 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49536 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49537 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49537 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49542 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49542 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49542 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49561 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49590 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2022-49590 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2022-49590 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49658 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49668 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49668 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49693 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49693 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49725 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49728 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2022-49728 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2022-49728 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49730 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49730 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49730 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49749 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49749 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49749 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49753 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49753 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49753 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-53023 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-53023 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-53032 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46763 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46763 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46865 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46865 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-49994 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49994 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49994 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50038 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50038 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50272 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50272 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-52559 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-52559 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-54683 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-54683 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-54683 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56590 ( SUSE ): 6.9 CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56590 ( SUSE ): 5.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56641 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56641 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57924 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-57924 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57980 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57980 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57981 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57981 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58005 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58005 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58009 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58017 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-58017 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-58017 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58063 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58063 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58093 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-58093 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21635 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21635 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21735 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21735 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21750 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21750 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21758 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21764 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21764 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21768 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21772 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21772 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21779 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21779 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21806 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21862 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21862 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21881 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21909 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21909 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21910 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21910 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21926 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21926 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21927 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21927 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21927 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21931 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21931 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21941 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21941 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21941 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21948 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21948 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21948 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21956 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-21956 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2025-21957 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21957 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21957 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21963 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21963 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21963 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21964 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21964 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21964 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21976 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2025-22004 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22004 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22008 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22008 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22010 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22010 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22010 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22018 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22018 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22018 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22053 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22053 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22055 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22055 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-22060 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22060 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22086 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22086 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23131 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-23131 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37785 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37785 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H * CVE-2025-37785 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves 102 vulnerabilities and has seven security fixes can now be installed. ## Description: The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2021-47659: drm/plane: Move range check for format_count earlier (bsc#1237839). * CVE-2022-49044: dm integrity: fix memory corruption when tag_size is less than digest size (bsc#1237840). * CVE-2022-49055: drm/amdkfd: Check for potential null return of kmalloc_array() (bsc#1237868). * CVE-2022-49060: net/smc: Fix NULL pointer dereference in smc_pnet_find_ib() (bsc#1237845). * CVE-2022-49086: net: openvswitch: fix leak of nested actions (bsc#1238037). * CVE-2022-49111: Bluetooth: Fix use after free in hci_send_acl (bsc#1237984). * CVE-2022-49118: scsi: hisi_sas: Free irq vectors in order for v3 HW (bsc#1237979). * CVE-2022-49121: scsi: pm8001: Fix tag leaks on error (bsc#1237926). * CVE-2022-49137: drm/amd/amdgpu/amdgpu_cs: fix refcount leak of a dma_fence obj (bsc#1238155). * CVE-2022-49175: PM: core: keep irq flags in device_pm_check_callbacks() (bsc#1238099). * CVE-2022-49176: bfq: fix use-after-free in bfq_dispatch_request (bsc#1238097). * CVE-2022-49179: block, bfq: do not move oom_bfqq (bsc#1238092). * CVE-2022-49188: remoteproc: qcom_q6v5_mss: Fix some leaks in q6v5_alloc_memory_region (bsc#1238138). * CVE-2022-49197: af_netlink: Fix shift out of bounds in group mask calculation (bsc#1238455). * CVE-2022-49205: bpf, sockmap: Fix double uncharge the mem of sk_msg (bsc#1238335). * CVE-2022-49232: drm/amd/display: Fix a NULL pointer dereference in amdgpu_dm_connector_add_common_modes() (bsc#1238139). * CVE-2022-49290: mac80211: fix potential double free on mesh join (bsc#1238156). * CVE-2022-49305: drivers: staging: rtl8192u: Fix deadlock in ieee80211_beacons_stop() (bsc#1238645). * CVE-2022-49325: tcp: add accessors to read/set tp->snd_cwnd (bsc#1238398). * CVE-2022-49335: drm/amdgpu/cs: make commands with 0 chunks illegal behaviour (bsc#1238377). * CVE-2022-49351: net: altera: Fix refcount leak in altera_tse_mdio_create (bsc#1237939). * CVE-2022-49385: driver: base: fix UAF when driver_attach failed (bsc#1237951). * CVE-2022-49390: macsec: fix UAF bug for real_dev (bsc#1238233). * CVE-2022-49411: bfq: Make sure bfqg for which we are queueing requests is online (bsc#1238307). * CVE-2022-49442: drivers/base/node.c: fix compaction sysfs file leak (bsc#1238243). * CVE-2022-49465: blk-throttle: Set BIO_THROTTLED when bio has been throttled (bsc#1238919). * CVE-2022-49478: media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init (bsc#1238000). * CVE-2022-49489: drm/msm/disp/dpu1: set vbif hw config to NULL to avoid use after memory free during pm runtime resume (bsc#1238244). * CVE-2022-49504: scsi: lpfc: Inhibit aborts if external loopback plug is inserted (bsc#1238835). * CVE-2022-49521: scsi: lpfc: Fix resource leak in lpfc_sli4_send_seq_to_ulp() (bsc#1238938). * CVE-2022-49525: media: cx25821: Fix the warning when removing the module (bsc#1238022). * CVE-2022-49534: scsi: lpfc: Protect memory leak for NPIV ports sending PLOGI_RJT (bsc#1238893). * CVE-2022-49535: scsi: lpfc: Fix null pointer dereference after failing to issue FLOGI and PLOGI (bsc#1238937). * CVE-2022-49536: scsi: lpfc: Fix SCSI I/O completion and abort handler deadlock (bsc#1238838). * CVE-2022-49537: scsi: lpfc: Fix call trace observed during I/O with CMF enabled (bsc#1238930). * CVE-2022-49542: scsi: lpfc: Move cfg_log_verbose check before calling lpfc_dmp_dbg() (bsc#1238722). * CVE-2022-49561: netfilter: conntrack: re-fetch conntrack after insertion (bsc#1238537). * CVE-2022-49590: igmp: Fix data-races around sysctl_igmp_llm_reports (bsc#1238844). * CVE-2022-49658: bpf, selftests: Add verifier test case for imm=0,umin=0,umax=1 scalar (bsc#1238803). * CVE-2022-49668: PM / devfreq: exynos-ppmu: Fix refcount leak in of_get_devfreq_events (bsc#1237957). * CVE-2022-49693: drm/msm/mdp4: Fix refcount leak in mdp4_modeset_init_intf (bsc#1237954). * CVE-2022-49725: i40e: Fix call trace in setup_tx_descriptors (bsc#1238016). * CVE-2022-49728: kABI workaround for changeing the variable length type to size_t (bsc#1239111). * CVE-2022-49730: scsi: lpfc: Resolve NULL ptr dereference after an ELS LOGO is aborted (bsc#1239070). * CVE-2022-49749: i2c: designware: use casting of u64 in clock multiplication to avoid overflow (bsc#1240243). * CVE-2022-49753: dmaengine: Fix double increment of client_count in dma_chan_get() (bsc#1240250). * CVE-2023-53023: net: nfc: Fix use-after-free in local_cleanup() (bsc#1240309). * CVE-2023-53032: netfilter: ipset: Fix overflow before widen in the bitmap_ip_create() function (bsc#1240270). * CVE-2024-49994: block: fix integer overflow in BLKSECDISCARD (bsc#1237757). * CVE-2024-50038: netfilter: xtables: fix typo causing some targets not to load on IPv6 (bsc#1231910). * CVE-2024-50272: filemap: Fix bounds checking in filemap_read() (bsc#1233461 bsc#1234209). * CVE-2024-52559: drm/msm/gem: prevent integer overflow in msm_ioctl_gem_submit() (bsc#1238507). * CVE-2024-54683: netfilter: IDLETIMER: Fix for possible ABBA deadlock (bsc#1235729). * CVE-2024-56590: skbuff: introduce skb_pull_data (bsc#1235038). * CVE-2024-56641: net/smc: initialize close_work early to avoid warning (bsc#1235526). * CVE-2024-57924: fs: relax assertions on failure to encode file handles (bsc#1236086). * CVE-2024-57980: media: uvcvideo: Fix double free in error path (bsc#1237911). * CVE-2024-57981: usb: xhci: Fix NULL pointer dereference on certain command aborts (bsc#1237912). * CVE-2024-58005: tpm: Change to kvalloc() in eventlog/acpi.c (bsc#1237873). * CVE-2024-58009: Bluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc (bsc#1238760). * CVE-2024-58017: printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX (bsc#1237950 bsc#1239112). * CVE-2024-58063: wifi: rtlwifi: fix memory leaks and invalid access at probe error path (bsc#1238984). * CVE-2024-58093: PCI/ASPM: Fix link state exit during switch upstream function removal (bsc#1241347). * CVE-2025-21635: rds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current->nsproxy (bsc#1236111). * CVE-2025-21735: NFC: nci: Add bounds checking in nci_hci_create_pipe() (bsc#1238497). * CVE-2025-21750: wifi: brcmfmac: Check the return value of of_property_read_string_index() (bsc#1238905). * CVE-2025-21758: ipv6: mcast: add RCU protection to mld_newpack() (bsc#1238737). * CVE-2025-21768: net: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels (bsc#1238714). * CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238911). * CVE-2025-21779: KVM: x86: Reject Hyper-V's SEND_IPI hypercalls if local APIC isn't in-kernel (bsc#1238768). * CVE-2025-21806: net: let net.core.dev_weight always be non-zero (bsc#1238746). * CVE-2025-21862: drop_monitor: fix incorrect initialization order (bsc#1239474). * CVE-2025-21881: uprobes: Reject the shared zeropage in uprobe_write_opcode() (bsc#1240185). * CVE-2025-21909: wifi: nl80211: reject cooked mode if it is set along with other flags (bsc#1240590). * CVE-2025-21910: wifi: cfg80211: regulatory: improve invalid hints checking (bsc#1240583). * CVE-2025-21926: net: gso: fix ownership in __udp_gso_segment (bsc#1240712). * CVE-2025-21927: nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu() (bsc#1240714). * CVE-2025-21931: hwpoison, memory_hotplug: lock folio before unmap hwpoisoned folio (bsc#1240709). * CVE-2025-21941: drm/amd/display: Fix null check for pipe_ctx->plane_state in (bsc#1240701). * CVE-2025-21948: HID: appleir: Fix potential NULL dereference at raw event handle (bsc#1240703). * CVE-2025-21956: drm/amd/display: Assign normalized_pix_clk when color depth = 14 (bsc#1240739). * CVE-2025-21957: scsi: qla1280: Fix kernel oops when debug level > 2 (bsc#1240742). * CVE-2025-21963: cifs: Fix integer overflow while processing acdirmax mount option (bsc#1240717). * CVE-2025-21964: cifs: Fix integer overflow while processing acregmax mount option (bsc#1240740). * CVE-2025-21976: fbdev: hyperv_fb: Allow graceful removal of framebuffer (bsc#1241145). * CVE-2025-22004: net: atm: fix use after free in lec_send() (bsc#1240835). * CVE-2025-22008: regulator: check that dummy regulator has been probed before using it (bsc#1240942). * CVE-2025-22010: RDMA/hns: Fix soft lockup during bt pages loop (bsc#1240943). * CVE-2025-22018: atm: Fix NULL pointer dereference (bsc#1241266). * CVE-2025-22053: net: ibmveth: make veth_pool_store stop hanging (bsc#1241373). * CVE-2025-22055: net: fix geneve_opt length integer overflow (bsc#1241371). * CVE-2025-22060: net: mvpp2: Prevent parser TCAM memory corruption (bsc#1241526). * CVE-2025-22086: RDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow (bsc#1241458). * CVE-2025-23131: dlm: prevent NPD when writing a positive value to event_done (bsc#1241601). * CVE-2025-37785: ext4: fix OOB read when checking dotdot dir (bsc#1241640). The following non-security bugs were fixed: * Revert "ipv6: Fix signed integer overflow in __ip6_append_data" * Revert "kABI workaround for changeing the variable length type to size_t" * audit: Send netlink ACK before setting connection in auditd_set (bsc#1231450). * brcmfmac: of: Use devm_kstrdup for board_type & check for errors (bsc#1238905) * brcmfmac: of: remove redundant variable len (bsc#1238905) * cifs: Fix integer overflow while processing actimeo mount option (git- fixes). * fbdev: hyperv_fb: Simplify hvfb_putmem (git-fixes). * net: Fix data-races around weight_p and dev_weight_[rt]x_bias (bsc#1238746) * remoteproc: qcom_q6v5_mss: Extract mba/mpss from memory-region (bsc#1238138) * tpm, tpm_tis: Workaround failed command reception on Infineon devices (bsc#1235870). * tpm: tis: Double the timeout B to 4s (bsc#1235870). * wifi: brcmfmac: use strreplace() in brcmf_of_probe() (bsc#1238905) * x86/bhi: Do not set BHI_DIS_S in 32-bit mode (bsc#1242778). * x86/bpf: Add IBHF call at end of classic BPF (bsc#1242778). * x86/bpf: Call branch history clearing sequence on exit (bsc#1242778). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1600=1 * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-1600=1 * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-1600=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * dlm-kmp-default-4.12.14-122.258.1 * gfs2-kmp-default-4.12.14-122.258.1 * cluster-md-kmp-default-4.12.14-122.258.1 * kernel-default-base-debuginfo-4.12.14-122.258.1 * cluster-md-kmp-default-debuginfo-4.12.14-122.258.1 * kernel-syms-4.12.14-122.258.1 * dlm-kmp-default-debuginfo-4.12.14-122.258.1 * kernel-default-debugsource-4.12.14-122.258.1 * kernel-default-devel-debuginfo-4.12.14-122.258.1 * kernel-default-base-4.12.14-122.258.1 * ocfs2-kmp-default-4.12.14-122.258.1 * kernel-default-debuginfo-4.12.14-122.258.1 * ocfs2-kmp-default-debuginfo-4.12.14-122.258.1 * gfs2-kmp-default-debuginfo-4.12.14-122.258.1 * kernel-default-devel-4.12.14-122.258.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (nosrc x86_64) * kernel-default-4.12.14-122.258.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * kernel-devel-4.12.14-122.258.1 * kernel-macros-4.12.14-122.258.1 * kernel-source-4.12.14-122.258.1 * SUSE Linux Enterprise Live Patching 12-SP5 (nosrc) * kernel-default-4.12.14-122.258.1 * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kernel-default-kgraft-devel-4.12.14-122.258.1 * kgraft-patch-4_12_14-122_258-default-1-8.3.1 * kernel-default-kgraft-4.12.14-122.258.1 * kernel-default-debugsource-4.12.14-122.258.1 * kernel-default-debuginfo-4.12.14-122.258.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * dlm-kmp-default-4.12.14-122.258.1 * gfs2-kmp-default-4.12.14-122.258.1 * cluster-md-kmp-default-4.12.14-122.258.1 * kernel-default-base-debuginfo-4.12.14-122.258.1 * cluster-md-kmp-default-debuginfo-4.12.14-122.258.1 * kernel-syms-4.12.14-122.258.1 * dlm-kmp-default-debuginfo-4.12.14-122.258.1 * kernel-default-debugsource-4.12.14-122.258.1 * ocfs2-kmp-default-4.12.14-122.258.1 * kernel-default-base-4.12.14-122.258.1 * kernel-default-debuginfo-4.12.14-122.258.1 * ocfs2-kmp-default-debuginfo-4.12.14-122.258.1 * gfs2-kmp-default-debuginfo-4.12.14-122.258.1 * kernel-default-devel-4.12.14-122.258.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-4.12.14-122.258.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * kernel-devel-4.12.14-122.258.1 * kernel-macros-4.12.14-122.258.1 * kernel-source-4.12.14-122.258.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x) * kernel-default-man-4.12.14-122.258.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (x86_64) * kernel-default-devel-debuginfo-4.12.14-122.258.1 ## References: * https://www.suse.com/security/cve/CVE-2020-36789.html * https://www.suse.com/security/cve/CVE-2021-47659.html * https://www.suse.com/security/cve/CVE-2021-47668.html * https://www.suse.com/security/cve/CVE-2021-47669.html * https://www.suse.com/security/cve/CVE-2022-49044.html * https://www.suse.com/security/cve/CVE-2022-49055.html * https://www.suse.com/security/cve/CVE-2022-49060.html * https://www.suse.com/security/cve/CVE-2022-49086.html * https://www.suse.com/security/cve/CVE-2022-49111.html * https://www.suse.com/security/cve/CVE-2022-49118.html * https://www.suse.com/security/cve/CVE-2022-49121.html * https://www.suse.com/security/cve/CVE-2022-49137.html * https://www.suse.com/security/cve/CVE-2022-49171.html * https://www.suse.com/security/cve/CVE-2022-49175.html * https://www.suse.com/security/cve/CVE-2022-49176.html * https://www.suse.com/security/cve/CVE-2022-49179.html * https://www.suse.com/security/cve/CVE-2022-49188.html * https://www.suse.com/security/cve/CVE-2022-49197.html * https://www.suse.com/security/cve/CVE-2022-49205.html * https://www.suse.com/security/cve/CVE-2022-49232.html * https://www.suse.com/security/cve/CVE-2022-49290.html * https://www.suse.com/security/cve/CVE-2022-49305.html * https://www.suse.com/security/cve/CVE-2022-49325.html * https://www.suse.com/security/cve/CVE-2022-49335.html * https://www.suse.com/security/cve/CVE-2022-49351.html * https://www.suse.com/security/cve/CVE-2022-49385.html * https://www.suse.com/security/cve/CVE-2022-49390.html * https://www.suse.com/security/cve/CVE-2022-49411.html * https://www.suse.com/security/cve/CVE-2022-49442.html * https://www.suse.com/security/cve/CVE-2022-49465.html * https://www.suse.com/security/cve/CVE-2022-49478.html * https://www.suse.com/security/cve/CVE-2022-49489.html * https://www.suse.com/security/cve/CVE-2022-49504.html * https://www.suse.com/security/cve/CVE-2022-49521.html * https://www.suse.com/security/cve/CVE-2022-49525.html * https://www.suse.com/security/cve/CVE-2022-49534.html * https://www.suse.com/security/cve/CVE-2022-49535.html * https://www.suse.com/security/cve/CVE-2022-49536.html * https://www.suse.com/security/cve/CVE-2022-49537.html * https://www.suse.com/security/cve/CVE-2022-49542.html * https://www.suse.com/security/cve/CVE-2022-49561.html * https://www.suse.com/security/cve/CVE-2022-49590.html * https://www.suse.com/security/cve/CVE-2022-49658.html * https://www.suse.com/security/cve/CVE-2022-49668.html * https://www.suse.com/security/cve/CVE-2022-49693.html * https://www.suse.com/security/cve/CVE-2022-49725.html * https://www.suse.com/security/cve/CVE-2022-49728.html * https://www.suse.com/security/cve/CVE-2022-49730.html * https://www.suse.com/security/cve/CVE-2022-49749.html * https://www.suse.com/security/cve/CVE-2022-49753.html * https://www.suse.com/security/cve/CVE-2023-53023.html * https://www.suse.com/security/cve/CVE-2023-53032.html * https://www.suse.com/security/cve/CVE-2024-46763.html * https://www.suse.com/security/cve/CVE-2024-46865.html * https://www.suse.com/security/cve/CVE-2024-49994.html * https://www.suse.com/security/cve/CVE-2024-50038.html * https://www.suse.com/security/cve/CVE-2024-50272.html * https://www.suse.com/security/cve/CVE-2024-52559.html * https://www.suse.com/security/cve/CVE-2024-54683.html * https://www.suse.com/security/cve/CVE-2024-56590.html * https://www.suse.com/security/cve/CVE-2024-56641.html * https://www.suse.com/security/cve/CVE-2024-57924.html * https://www.suse.com/security/cve/CVE-2024-57980.html * https://www.suse.com/security/cve/CVE-2024-57981.html * https://www.suse.com/security/cve/CVE-2024-58005.html * https://www.suse.com/security/cve/CVE-2024-58009.html * https://www.suse.com/security/cve/CVE-2024-58017.html * https://www.suse.com/security/cve/CVE-2024-58063.html * https://www.suse.com/security/cve/CVE-2024-58093.html * https://www.suse.com/security/cve/CVE-2025-21635.html * https://www.suse.com/security/cve/CVE-2025-21735.html * https://www.suse.com/security/cve/CVE-2025-21750.html * https://www.suse.com/security/cve/CVE-2025-21758.html * https://www.suse.com/security/cve/CVE-2025-21764.html * https://www.suse.com/security/cve/CVE-2025-21768.html * https://www.suse.com/security/cve/CVE-2025-21772.html * https://www.suse.com/security/cve/CVE-2025-21779.html * https://www.suse.com/security/cve/CVE-2025-21806.html * https://www.suse.com/security/cve/CVE-2025-21862.html * https://www.suse.com/security/cve/CVE-2025-21881.html * https://www.suse.com/security/cve/CVE-2025-21909.html * https://www.suse.com/security/cve/CVE-2025-21910.html * https://www.suse.com/security/cve/CVE-2025-21926.html * https://www.suse.com/security/cve/CVE-2025-21927.html * https://www.suse.com/security/cve/CVE-2025-21931.html * https://www.suse.com/security/cve/CVE-2025-21941.html * https://www.suse.com/security/cve/CVE-2025-21948.html * https://www.suse.com/security/cve/CVE-2025-21956.html * https://www.suse.com/security/cve/CVE-2025-21957.html * https://www.suse.com/security/cve/CVE-2025-21963.html * https://www.suse.com/security/cve/CVE-2025-21964.html * https://www.suse.com/security/cve/CVE-2025-21976.html * https://www.suse.com/security/cve/CVE-2025-22004.html * https://www.suse.com/security/cve/CVE-2025-22008.html * https://www.suse.com/security/cve/CVE-2025-22010.html * https://www.suse.com/security/cve/CVE-2025-22018.html * https://www.suse.com/security/cve/CVE-2025-22053.html * https://www.suse.com/security/cve/CVE-2025-22055.html * https://www.suse.com/security/cve/CVE-2025-22060.html * https://www.suse.com/security/cve/CVE-2025-22086.html * https://www.suse.com/security/cve/CVE-2025-23131.html * https://www.suse.com/security/cve/CVE-2025-37785.html * https://bugzilla.suse.com/show_bug.cgi?id=1205495 * https://bugzilla.suse.com/show_bug.cgi?id=1230764 * https://bugzilla.suse.com/show_bug.cgi?id=1231103 * https://bugzilla.suse.com/show_bug.cgi?id=1231450 * https://bugzilla.suse.com/show_bug.cgi?id=1231910 * https://bugzilla.suse.com/show_bug.cgi?id=1233461 * https://bugzilla.suse.com/show_bug.cgi?id=1234209 * https://bugzilla.suse.com/show_bug.cgi?id=1235038 * https://bugzilla.suse.com/show_bug.cgi?id=1235526 * https://bugzilla.suse.com/show_bug.cgi?id=1235729 * https://bugzilla.suse.com/show_bug.cgi?id=1235870 * https://bugzilla.suse.com/show_bug.cgi?id=1236086 * https://bugzilla.suse.com/show_bug.cgi?id=1236111 * https://bugzilla.suse.com/show_bug.cgi?id=1237757 * https://bugzilla.suse.com/show_bug.cgi?id=1237839 * https://bugzilla.suse.com/show_bug.cgi?id=1237840 * https://bugzilla.suse.com/show_bug.cgi?id=1237845 * https://bugzilla.suse.com/show_bug.cgi?id=1237868 * https://bugzilla.suse.com/show_bug.cgi?id=1237873 * https://bugzilla.suse.com/show_bug.cgi?id=1237885 * https://bugzilla.suse.com/show_bug.cgi?id=1237911 * https://bugzilla.suse.com/show_bug.cgi?id=1237912 * https://bugzilla.suse.com/show_bug.cgi?id=1237926 * https://bugzilla.suse.com/show_bug.cgi?id=1237939 * https://bugzilla.suse.com/show_bug.cgi?id=1237950 * https://bugzilla.suse.com/show_bug.cgi?id=1237951 * https://bugzilla.suse.com/show_bug.cgi?id=1237954 * https://bugzilla.suse.com/show_bug.cgi?id=1237957 * https://bugzilla.suse.com/show_bug.cgi?id=1237979 * https://bugzilla.suse.com/show_bug.cgi?id=1237984 * https://bugzilla.suse.com/show_bug.cgi?id=1238000 * https://bugzilla.suse.com/show_bug.cgi?id=1238016 * https://bugzilla.suse.com/show_bug.cgi?id=1238022 * https://bugzilla.suse.com/show_bug.cgi?id=1238037 * https://bugzilla.suse.com/show_bug.cgi?id=1238092 * https://bugzilla.suse.com/show_bug.cgi?id=1238093 * https://bugzilla.suse.com/show_bug.cgi?id=1238097 * https://bugzilla.suse.com/show_bug.cgi?id=1238099 * https://bugzilla.suse.com/show_bug.cgi?id=1238138 * https://bugzilla.suse.com/show_bug.cgi?id=1238139 * https://bugzilla.suse.com/show_bug.cgi?id=1238155 * https://bugzilla.suse.com/show_bug.cgi?id=1238156 * https://bugzilla.suse.com/show_bug.cgi?id=1238233 * https://bugzilla.suse.com/show_bug.cgi?id=1238243 * https://bugzilla.suse.com/show_bug.cgi?id=1238244 * https://bugzilla.suse.com/show_bug.cgi?id=1238307 * https://bugzilla.suse.com/show_bug.cgi?id=1238335 * https://bugzilla.suse.com/show_bug.cgi?id=1238377 * https://bugzilla.suse.com/show_bug.cgi?id=1238398 * https://bugzilla.suse.com/show_bug.cgi?id=1238455 * https://bugzilla.suse.com/show_bug.cgi?id=1238497 * https://bugzilla.suse.com/show_bug.cgi?id=1238507 * https://bugzilla.suse.com/show_bug.cgi?id=1238537 * https://bugzilla.suse.com/show_bug.cgi?id=1238645 * https://bugzilla.suse.com/show_bug.cgi?id=1238714 * https://bugzilla.suse.com/show_bug.cgi?id=1238722 * https://bugzilla.suse.com/show_bug.cgi?id=1238737 * https://bugzilla.suse.com/show_bug.cgi?id=1238746 * https://bugzilla.suse.com/show_bug.cgi?id=1238760 * https://bugzilla.suse.com/show_bug.cgi?id=1238768 * https://bugzilla.suse.com/show_bug.cgi?id=1238803 * https://bugzilla.suse.com/show_bug.cgi?id=1238835 * https://bugzilla.suse.com/show_bug.cgi?id=1238838 * https://bugzilla.suse.com/show_bug.cgi?id=1238844 * https://bugzilla.suse.com/show_bug.cgi?id=1238893 * https://bugzilla.suse.com/show_bug.cgi?id=1238905 * https://bugzilla.suse.com/show_bug.cgi?id=1238911 * https://bugzilla.suse.com/show_bug.cgi?id=1238919 * https://bugzilla.suse.com/show_bug.cgi?id=1238930 * https://bugzilla.suse.com/show_bug.cgi?id=1238937 * https://bugzilla.suse.com/show_bug.cgi?id=1238938 * https://bugzilla.suse.com/show_bug.cgi?id=1238984 * https://bugzilla.suse.com/show_bug.cgi?id=1239070 * https://bugzilla.suse.com/show_bug.cgi?id=1239111 * https://bugzilla.suse.com/show_bug.cgi?id=1239112 * https://bugzilla.suse.com/show_bug.cgi?id=1239474 * https://bugzilla.suse.com/show_bug.cgi?id=1239994 * https://bugzilla.suse.com/show_bug.cgi?id=1240185 * https://bugzilla.suse.com/show_bug.cgi?id=1240243 * https://bugzilla.suse.com/show_bug.cgi?id=1240250 * https://bugzilla.suse.com/show_bug.cgi?id=1240270 * https://bugzilla.suse.com/show_bug.cgi?id=1240309 * https://bugzilla.suse.com/show_bug.cgi?id=1240583 * https://bugzilla.suse.com/show_bug.cgi?id=1240590 * https://bugzilla.suse.com/show_bug.cgi?id=1240701 * https://bugzilla.suse.com/show_bug.cgi?id=1240703 * https://bugzilla.suse.com/show_bug.cgi?id=1240709 * https://bugzilla.suse.com/show_bug.cgi?id=1240712 * https://bugzilla.suse.com/show_bug.cgi?id=1240714 * https://bugzilla.suse.com/show_bug.cgi?id=1240717 * https://bugzilla.suse.com/show_bug.cgi?id=1240739 * https://bugzilla.suse.com/show_bug.cgi?id=1240740 * https://bugzilla.suse.com/show_bug.cgi?id=1240742 * https://bugzilla.suse.com/show_bug.cgi?id=1240835 * https://bugzilla.suse.com/show_bug.cgi?id=1240942 * https://bugzilla.suse.com/show_bug.cgi?id=1240943 * https://bugzilla.suse.com/show_bug.cgi?id=1241145 * https://bugzilla.suse.com/show_bug.cgi?id=1241266 * https://bugzilla.suse.com/show_bug.cgi?id=1241347 * https://bugzilla.suse.com/show_bug.cgi?id=1241371 * https://bugzilla.suse.com/show_bug.cgi?id=1241373 * https://bugzilla.suse.com/show_bug.cgi?id=1241404 * https://bugzilla.suse.com/show_bug.cgi?id=1241405 * https://bugzilla.suse.com/show_bug.cgi?id=1241408 * https://bugzilla.suse.com/show_bug.cgi?id=1241458 * https://bugzilla.suse.com/show_bug.cgi?id=1241526 * https://bugzilla.suse.com/show_bug.cgi?id=1241601 * https://bugzilla.suse.com/show_bug.cgi?id=1241640 * https://bugzilla.suse.com/show_bug.cgi?id=1242778 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 20 12:31:36 2025 From: null at suse.de (SLE-UPDATES) Date: Tue, 20 May 2025 12:31:36 -0000 Subject: SUSE-SU-2025:01598-1: important: Security update for the Linux Kernel (Live Patch 63 for SLE 12 SP5) Message-ID: <174774429658.21669.7014071831369340059@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 63 for SLE 12 SP5) Announcement ID: SUSE-SU-2025:01598-1 Release Date: 2025-05-20T08:34:46Z Rating: important References: * bsc#1234847 Cross-References: * CVE-2024-53156 CVSS scores: * CVE-2024-53156 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53156 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53156 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for the Linux Kernel 4.12.14-122_237 fixes one issue. The following security issue was fixed: * CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234847). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-1598=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_237-default-4-2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-53156.html * https://bugzilla.suse.com/show_bug.cgi?id=1234847 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 20 12:31:40 2025 From: null at suse.de (SLE-UPDATES) Date: Tue, 20 May 2025 12:31:40 -0000 Subject: SUSE-SU-2025:01599-1: moderate: Security update for glib2 Message-ID: <174774430003.21669.13218974806315544614@smelt2.prg2.suse.org> # Security update for glib2 Announcement ID: SUSE-SU-2025:01599-1 Release Date: 2025-05-20T10:52:53Z Rating: moderate References: * bsc#1240897 Cross-References: * CVE-2025-3360 CVSS scores: * CVE-2025-3360 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-3360 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-3360 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves one vulnerability can now be installed. ## Description: This update for glib2 fixes the following issues: * CVE-2025-3360: Fixed integer overflow and buffer underread when parsing a very long and invalid ISO 8601 timestamp with g_date_time_new_from_iso8601() (bsc#1240897) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1599=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1599=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1599=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1599=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1599=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-1599=1 ## Package List: * openSUSE Leap 15.4 (noarch) * glib2-lang-2.70.5-150400.3.20.1 * gio-branding-upstream-2.70.5-150400.3.20.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * glib2-debugsource-2.70.5-150400.3.20.1 * glib2-devel-debuginfo-2.70.5-150400.3.20.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.20.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.20.1 * glib2-tools-2.70.5-150400.3.20.1 * glib2-tools-debuginfo-2.70.5-150400.3.20.1 * libgthread-2_0-0-2.70.5-150400.3.20.1 * libgobject-2_0-0-2.70.5-150400.3.20.1 * glib2-devel-2.70.5-150400.3.20.1 * glib2-doc-2.70.5-150400.3.20.1 * libgio-2_0-0-2.70.5-150400.3.20.1 * libglib-2_0-0-2.70.5-150400.3.20.1 * libgmodule-2_0-0-2.70.5-150400.3.20.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.20.1 * glib2-tests-devel-2.70.5-150400.3.20.1 * glib2-devel-static-2.70.5-150400.3.20.1 * glib2-tests-devel-debuginfo-2.70.5-150400.3.20.1 * libgthread-2_0-0-debuginfo-2.70.5-150400.3.20.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.20.1 * openSUSE Leap 15.4 (x86_64) * libgio-2_0-0-32bit-debuginfo-2.70.5-150400.3.20.1 * libgio-2_0-0-32bit-2.70.5-150400.3.20.1 * libglib-2_0-0-32bit-debuginfo-2.70.5-150400.3.20.1 * libgthread-2_0-0-32bit-2.70.5-150400.3.20.1 * glib2-tools-32bit-2.70.5-150400.3.20.1 * libgobject-2_0-0-32bit-2.70.5-150400.3.20.1 * libglib-2_0-0-32bit-2.70.5-150400.3.20.1 * glib2-devel-32bit-debuginfo-2.70.5-150400.3.20.1 * glib2-tools-32bit-debuginfo-2.70.5-150400.3.20.1 * libgobject-2_0-0-32bit-debuginfo-2.70.5-150400.3.20.1 * glib2-devel-32bit-2.70.5-150400.3.20.1 * libgmodule-2_0-0-32bit-debuginfo-2.70.5-150400.3.20.1 * libgthread-2_0-0-32bit-debuginfo-2.70.5-150400.3.20.1 * libgmodule-2_0-0-32bit-2.70.5-150400.3.20.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libgmodule-2_0-0-64bit-debuginfo-2.70.5-150400.3.20.1 * libgio-2_0-0-64bit-2.70.5-150400.3.20.1 * libgio-2_0-0-64bit-debuginfo-2.70.5-150400.3.20.1 * libglib-2_0-0-64bit-2.70.5-150400.3.20.1 * libgthread-2_0-0-64bit-debuginfo-2.70.5-150400.3.20.1 * libgmodule-2_0-0-64bit-2.70.5-150400.3.20.1 * libgobject-2_0-0-64bit-2.70.5-150400.3.20.1 * glib2-devel-64bit-2.70.5-150400.3.20.1 * glib2-tools-64bit-debuginfo-2.70.5-150400.3.20.1 * libgobject-2_0-0-64bit-debuginfo-2.70.5-150400.3.20.1 * glib2-devel-64bit-debuginfo-2.70.5-150400.3.20.1 * glib2-tools-64bit-2.70.5-150400.3.20.1 * libglib-2_0-0-64bit-debuginfo-2.70.5-150400.3.20.1 * libgthread-2_0-0-64bit-2.70.5-150400.3.20.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * glib2-debugsource-2.70.5-150400.3.20.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.20.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.20.1 * glib2-tools-2.70.5-150400.3.20.1 * glib2-tools-debuginfo-2.70.5-150400.3.20.1 * libgobject-2_0-0-2.70.5-150400.3.20.1 * libgio-2_0-0-2.70.5-150400.3.20.1 * libglib-2_0-0-2.70.5-150400.3.20.1 * libgmodule-2_0-0-2.70.5-150400.3.20.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.20.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.20.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * glib2-debugsource-2.70.5-150400.3.20.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.20.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.20.1 * glib2-tools-2.70.5-150400.3.20.1 * glib2-tools-debuginfo-2.70.5-150400.3.20.1 * libgobject-2_0-0-2.70.5-150400.3.20.1 * libgio-2_0-0-2.70.5-150400.3.20.1 * libglib-2_0-0-2.70.5-150400.3.20.1 * libgmodule-2_0-0-2.70.5-150400.3.20.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.20.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.20.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * glib2-debugsource-2.70.5-150400.3.20.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.20.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.20.1 * glib2-tools-2.70.5-150400.3.20.1 * glib2-tools-debuginfo-2.70.5-150400.3.20.1 * libgobject-2_0-0-2.70.5-150400.3.20.1 * libgio-2_0-0-2.70.5-150400.3.20.1 * libglib-2_0-0-2.70.5-150400.3.20.1 * libgmodule-2_0-0-2.70.5-150400.3.20.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.20.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.20.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * glib2-debugsource-2.70.5-150400.3.20.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.20.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.20.1 * glib2-tools-2.70.5-150400.3.20.1 * glib2-tools-debuginfo-2.70.5-150400.3.20.1 * libgobject-2_0-0-2.70.5-150400.3.20.1 * libgio-2_0-0-2.70.5-150400.3.20.1 * libglib-2_0-0-2.70.5-150400.3.20.1 * libgmodule-2_0-0-2.70.5-150400.3.20.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.20.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.20.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * glib2-debugsource-2.70.5-150400.3.20.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.20.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.20.1 * glib2-tools-2.70.5-150400.3.20.1 * glib2-tools-debuginfo-2.70.5-150400.3.20.1 * libgobject-2_0-0-2.70.5-150400.3.20.1 * libgio-2_0-0-2.70.5-150400.3.20.1 * libglib-2_0-0-2.70.5-150400.3.20.1 * libgmodule-2_0-0-2.70.5-150400.3.20.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.20.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.20.1 ## References: * https://www.suse.com/security/cve/CVE-2025-3360.html * https://bugzilla.suse.com/show_bug.cgi?id=1240897 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 20 12:31:41 2025 From: null at suse.de (SLE-UPDATES) Date: Tue, 20 May 2025 12:31:41 -0000 Subject: SUSE-RU-2025:01597-1: moderate: Recommended update for icewm Message-ID: <174774430159.21669.13398321201093696282@smelt2.prg2.suse.org> # Recommended update for icewm Announcement ID: SUSE-RU-2025:01597-1 Release Date: 2025-05-20T08:06:53Z Rating: moderate References: Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that can now be installed. ## Description: This update for icewm fixes the following issues: * Update the latest translation from https://l10n.opensuse.org/projects/icewm/icewm-1-4-branch/. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1597=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1597=1 ## Package List: * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * icewm-lite-debuginfo-1.4.2-150000.7.18.1 * icewm-debuginfo-1.4.2-150000.7.18.1 * icewm-default-1.4.2-150000.7.18.1 * icewm-1.4.2-150000.7.18.1 * icewm-lite-1.4.2-150000.7.18.1 * icewm-debugsource-1.4.2-150000.7.18.1 * icewm-default-debuginfo-1.4.2-150000.7.18.1 * Basesystem Module 15-SP6 (noarch) * icewm-lang-1.4.2-150000.7.18.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * icewm-lite-debuginfo-1.4.2-150000.7.18.1 * icewm-debuginfo-1.4.2-150000.7.18.1 * icewm-default-1.4.2-150000.7.18.1 * icewm-1.4.2-150000.7.18.1 * icewm-lite-1.4.2-150000.7.18.1 * icewm-debugsource-1.4.2-150000.7.18.1 * icewm-default-debuginfo-1.4.2-150000.7.18.1 * openSUSE Leap 15.6 (noarch) * icewm-lang-1.4.2-150000.7.18.1 * icewm-config-upstream-1.4.2-150000.7.18.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 20 16:30:08 2025 From: null at suse.de (SLE-UPDATES) Date: Tue, 20 May 2025 16:30:08 -0000 Subject: SUSE-SU-2025:01603-1: important: Security update for the Linux Kernel RT (Live Patch 4 for SLE 15 SP6) Message-ID: <174775860855.21669.240044405985401650@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 4 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:01603-1 Release Date: 2025-05-20T12:04:09Z Rating: important References: * bsc#1233019 * bsc#1233678 * bsc#1234847 Cross-References: * CVE-2024-50115 * CVE-2024-53042 * CVE-2024-53156 CVSS scores: * CVE-2024-50115 ( SUSE ): 4.5 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H * CVE-2024-50115 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:H * CVE-2024-50115 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53042 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53042 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53156 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53156 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53156 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_10_14 fixes several issues. The following security issues were fixed: * CVE-2024-53042: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow() (bsc#1233678). * CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234847). * CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1233019). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-1604=1 SUSE-SLE- Module-Live-Patching-15-SP6-2025-1605=1 SUSE-SLE-Module-Live- Patching-15-SP6-2025-1603=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64) * kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo-10-150600.2.1 * kernel-livepatch-6_4_0-150600_10_8-rt-10-150600.2.1 * kernel-livepatch-6_4_0-150600_10_11-rt-debuginfo-10-150600.2.1 * kernel-livepatch-6_4_0-150600_10_11-rt-10-150600.2.1 * kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo-9-150600.2.1 * kernel-livepatch-SLE15-SP6-RT_Update_3-debugsource-10-150600.2.1 * kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource-10-150600.2.1 * kernel-livepatch-6_4_0-150600_10_14-rt-9-150600.2.1 * kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource-9-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-50115.html * https://www.suse.com/security/cve/CVE-2024-53042.html * https://www.suse.com/security/cve/CVE-2024-53156.html * https://bugzilla.suse.com/show_bug.cgi?id=1233019 * https://bugzilla.suse.com/show_bug.cgi?id=1233678 * https://bugzilla.suse.com/show_bug.cgi?id=1234847 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 20 16:30:13 2025 From: null at suse.de (SLE-UPDATES) Date: Tue, 20 May 2025 16:30:13 -0000 Subject: SUSE-SU-2025:01601-1: important: Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP6) Message-ID: <174775861310.21669.10122545989585299685@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:01601-1 Release Date: 2025-05-20T12:03:49Z Rating: important References: * bsc#1229504 * bsc#1233019 * bsc#1233678 * bsc#1234847 Cross-References: * CVE-2024-43882 * CVE-2024-50115 * CVE-2024-53042 * CVE-2024-53156 CVSS scores: * CVE-2024-43882 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43882 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43882 ( NVD ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50115 ( SUSE ): 4.5 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H * CVE-2024-50115 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:H * CVE-2024-50115 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53042 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53042 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53156 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53156 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53156 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_10_5 fixes several issues. The following security issues were fixed: * CVE-2024-53042: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow() (bsc#1233678). * CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234847). * CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage (bsc#1229504). * CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1233019). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-1601=1 SUSE-SLE- Module-Live-Patching-15-SP6-2025-1602=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64) * kernel-livepatch-6_4_0-150600_10_5-rt-14-150600.2.1 * kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo-14-150600.2.1 * kernel-livepatch-SLE15-SP6-RT_Update_0-debugsource-15-150600.3.1 * kernel-livepatch-6_4_0-150600_8-rt-15-150600.3.1 * kernel-livepatch-6_4_0-150600_8-rt-debuginfo-15-150600.3.1 * kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource-14-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-43882.html * https://www.suse.com/security/cve/CVE-2024-50115.html * https://www.suse.com/security/cve/CVE-2024-53042.html * https://www.suse.com/security/cve/CVE-2024-53156.html * https://bugzilla.suse.com/show_bug.cgi?id=1229504 * https://bugzilla.suse.com/show_bug.cgi?id=1233019 * https://bugzilla.suse.com/show_bug.cgi?id=1233678 * https://bugzilla.suse.com/show_bug.cgi?id=1234847 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 20 16:30:16 2025 From: null at suse.de (SLE-UPDATES) Date: Tue, 20 May 2025 16:30:16 -0000 Subject: SUSE-RU-2025:01606-1: moderate: Recommended update for librdkafka Message-ID: <174775861692.21669.17943777925511616953@smelt2.prg2.suse.org> # Recommended update for librdkafka Announcement ID: SUSE-RU-2025:01606-1 Release Date: 2025-05-20T13:53:23Z Rating: moderate References: * bsc#1242842 Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that has one fix can now be installed. ## Description: This update for librdkafka fixes the following issues: * Avoid endless loops under certain circumstances (bsc#1242842) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1606=1 openSUSE-SLE-15.6-2025-1606=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1606=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-1606=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * librdkafka-debugsource-0.11.6-150600.16.3.1 * librdkafka1-debuginfo-0.11.6-150600.16.3.1 * librdkafka-devel-0.11.6-150600.16.3.1 * librdkafka1-0.11.6-150600.16.3.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * librdkafka-debugsource-0.11.6-150600.16.3.1 * librdkafka1-debuginfo-0.11.6-150600.16.3.1 * librdkafka1-0.11.6-150600.16.3.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * librdkafka-debugsource-0.11.6-150600.16.3.1 * librdkafka-devel-0.11.6-150600.16.3.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1242842 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 21 08:30:11 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 21 May 2025 08:30:11 -0000 Subject: SUSE-SU-2025:01610-1: important: Security update for the Linux Kernel (Live Patch 46 for SLE 15 SP3) Message-ID: <174781621105.31896.10975609782736365327@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 46 for SLE 15 SP3) Announcement ID: SUSE-SU-2025:01610-1 Release Date: 2025-05-21T07:33:31Z Rating: important References: * bsc#1229504 * bsc#1233019 * bsc#1234847 Cross-References: * CVE-2024-43882 * CVE-2024-50115 * CVE-2024-53156 CVSS scores: * CVE-2024-43882 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43882 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43882 ( NVD ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50115 ( SUSE ): 4.5 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H * CVE-2024-50115 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:H * CVE-2024-50115 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53156 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53156 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53156 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_167 fixes several issues. The following security issues were fixed: * CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234847). * CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage (bsc#1229504). * CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1233019). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-1610=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-1608=1 SUSE-2025-1609=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-1608=1 SUSE-SLE- Module-Live-Patching-15-SP3-2025-1609=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_225-default-10-2.1 * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP3_Update_45-debugsource-14-150300.2.2 * kernel-livepatch-SLE15-SP3_Update_46-debugsource-13-150300.2.2 * kernel-livepatch-5_3_18-150300_59_164-default-debuginfo-14-150300.2.2 * kernel-livepatch-5_3_18-150300_59_167-default-debuginfo-13-150300.2.2 * kernel-livepatch-5_3_18-150300_59_164-default-14-150300.2.2 * kernel-livepatch-5_3_18-150300_59_167-default-13-150300.2.2 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_164-preempt-debuginfo-14-150300.2.2 * kernel-livepatch-5_3_18-150300_59_167-preempt-13-150300.2.2 * kernel-livepatch-5_3_18-150300_59_164-preempt-14-150300.2.2 * kernel-livepatch-5_3_18-150300_59_167-preempt-debuginfo-13-150300.2.2 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_167-default-13-150300.2.2 * kernel-livepatch-5_3_18-150300_59_164-default-14-150300.2.2 ## References: * https://www.suse.com/security/cve/CVE-2024-43882.html * https://www.suse.com/security/cve/CVE-2024-50115.html * https://www.suse.com/security/cve/CVE-2024-53156.html * https://bugzilla.suse.com/show_bug.cgi?id=1229504 * https://bugzilla.suse.com/show_bug.cgi?id=1233019 * https://bugzilla.suse.com/show_bug.cgi?id=1234847 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 21 12:30:05 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 21 May 2025 12:30:05 -0000 Subject: SUSE-SU-2025:01611-1: important: Security update for the Linux Kernel (Live Patch 34 for SLE 15 SP4) Message-ID: <174783060552.21669.6829933944660250110@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 34 for SLE 15 SP4) Announcement ID: SUSE-SU-2025:01611-1 Release Date: 2025-05-21T08:03:50Z Rating: important References: * bsc#1234847 Cross-References: * CVE-2024-53156 CVSS scores: * CVE-2024-53156 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53156 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53156 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves one vulnerability can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_144 fixes one issue. The following security issue was fixed: * CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234847). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1611=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-1611=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_144-default-6-150400.2.2 * kernel-livepatch-5_14_21-150400_24_144-default-debuginfo-6-150400.2.2 * kernel-livepatch-SLE15-SP4_Update_34-debugsource-6-150400.2.2 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_144-default-6-150400.2.2 * kernel-livepatch-5_14_21-150400_24_144-default-debuginfo-6-150400.2.2 * kernel-livepatch-SLE15-SP4_Update_34-debugsource-6-150400.2.2 ## References: * https://www.suse.com/security/cve/CVE-2024-53156.html * https://bugzilla.suse.com/show_bug.cgi?id=1234847 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 21 12:30:42 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 21 May 2025 12:30:42 -0000 Subject: SUSE-SU-2025:01640-1: important: Security update for the Linux Kernel Message-ID: <174783064246.21669.11520506306481785355@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:01640-1 Release Date: 2025-05-21T11:52:09Z Rating: important References: * bsc#1054914 * bsc#1206843 * bsc#1210409 * bsc#1225903 * bsc#1229361 * bsc#1229621 * bsc#1230764 * bsc#1231103 * bsc#1231910 * bsc#1236777 * bsc#1237981 * bsc#1238032 * bsc#1238471 * bsc#1238512 * bsc#1238747 * bsc#1238865 * bsc#1239061 * bsc#1239684 * bsc#1239968 * bsc#1240209 * bsc#1240211 * bsc#1240214 * bsc#1240228 * bsc#1240230 * bsc#1240246 * bsc#1240248 * bsc#1240269 * bsc#1240271 * bsc#1240274 * bsc#1240285 * bsc#1240295 * bsc#1240306 * bsc#1240314 * bsc#1240315 * bsc#1240321 * bsc#1240747 * bsc#1240835 * bsc#1241280 * bsc#1241371 * bsc#1241421 * bsc#1241433 * bsc#1241541 * bsc#1241625 * bsc#1241648 * bsc#1242284 * bsc#1242493 * bsc#1242778 Cross-References: * CVE-2021-47671 * CVE-2022-48933 * CVE-2022-49110 * CVE-2022-49139 * CVE-2022-49741 * CVE-2022-49745 * CVE-2022-49767 * CVE-2023-52928 * CVE-2023-52931 * CVE-2023-52936 * CVE-2023-52937 * CVE-2023-52938 * CVE-2023-52981 * CVE-2023-52982 * CVE-2023-52986 * CVE-2023-52994 * CVE-2023-53001 * CVE-2023-53002 * CVE-2023-53009 * CVE-2023-53014 * CVE-2023-53018 * CVE-2023-53031 * CVE-2023-53051 * CVE-2024-42307 * CVE-2024-46763 * CVE-2024-46865 * CVE-2024-50038 * CVE-2025-21726 * CVE-2025-21785 * CVE-2025-21791 * CVE-2025-21812 * CVE-2025-21839 * CVE-2025-22004 * CVE-2025-22020 * CVE-2025-22045 * CVE-2025-22055 * CVE-2025-22097 * CVE-2025-2312 * CVE-2025-23138 * CVE-2025-39735 CVSS scores: * CVE-2021-47671 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2021-47671 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47671 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48933 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48933 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49110 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49110 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49139 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49139 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49139 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49741 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49741 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49741 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49745 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49745 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49767 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52928 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-52928 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52931 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52931 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52936 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-52936 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52936 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52937 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52937 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52938 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52938 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52981 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52982 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52986 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52994 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52994 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-53001 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-53001 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-53001 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-53002 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-53002 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-53009 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-53009 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-53014 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-53014 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-53018 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-53018 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-53031 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-53051 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42307 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42307 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46763 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46763 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46865 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46865 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-50038 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50038 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21726 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21726 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21726 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21785 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21785 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21785 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21791 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21791 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21791 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21791 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21812 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21812 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21812 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21839 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22004 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22004 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22020 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22020 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22020 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22045 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22045 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22055 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22055 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-22097 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22097 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-22097 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-2312 ( SUSE ): 6.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2025-2312 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2025-2312 ( NVD ): 5.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N * CVE-2025-23138 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-23138 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-39735 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39735 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-39735 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise Micro 5.5 An update that solves 40 vulnerabilities and has seven security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2022-48933: netfilter: nf_tables: fix memory leak during stateful obj update (bsc#1229621). * CVE-2022-49110: netfilter: conntrack: revisit gc autotuning (bsc#1237981). * CVE-2022-49139: Bluetooth: fix null ptr deref on hci_sync_conn_complete_evt (bsc#1238032). * CVE-2022-49767: 9p/trans_fd: always use O_NONBLOCK read/write (bsc#1242493). * CVE-2024-46763: fou: Fix null-ptr-deref in GRO (bsc#1230764). * CVE-2024-50038: netfilter: xtables: avoid NFPROTO_UNSPEC where needed (bsc#1231910). * CVE-2025-21726: padata: avoid UAF for reorder_work (bsc#1238865). * CVE-2025-21785: arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (bsc#1238747). * CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1238512). * CVE-2025-21812: ax25: rcu protect dev->ax25_ptr (bsc#1238471). * CVE-2025-21839: KVM: x86: Load DR6 with guest value only before entering .vcpu_run() loop (bsc#1239061). * CVE-2025-22004: net: atm: fix use after free in lec_send() (bsc#1240835). * CVE-2025-22020: memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove (bsc#1241280). * CVE-2025-22045: x86/mm: Fix flush_tlb_range() when used for zapping normal PMDs (bsc#1241433). * CVE-2025-22055: net: fix geneve_opt length integer overflow (bsc#1241371). * CVE-2025-22097: drm/vkms: Fix use after free and double free on init error (bsc#1241541). * CVE-2025-2312: CIFS: New mount option for cifs.upcall namespace resolution (bsc#1239684). * CVE-2025-23138: watch_queue: fix pipe accounting mismatch (bsc#1241648). * CVE-2025-39735: jfs: fix slab-out-of-bounds read in ea_get() (bsc#1241625). The following non-security bugs were fixed: * cpufreq: ACPI: Mark boost policy as enabled when setting boost (bsc#1236777). * cpufreq: Allow drivers to advertise boost enabled (bsc#1236777). * cpufreq: Fix per-policy boost behavior on SoCs using cpufreq_boost_set_sw() (bsc#1236777). * cpufreq: Support per-policy performance boost (bsc#1236777). * x86/bhi: Do not set BHI_DIS_S in 32-bit mode (bsc#1242778). * x86/bpf: Add IBHF call at end of classic BPF (bsc#1242778). * x86/bpf: Call branch history clearing sequence on exit (bsc#1242778). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-1640=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-1640=1 ## Package List: * openSUSE Leap 15.5 (noarch) * kernel-source-rt-5.14.21-150500.13.94.1 * kernel-devel-rt-5.14.21-150500.13.94.1 * openSUSE Leap 15.5 (x86_64) * kernel-rt_debug-debugsource-5.14.21-150500.13.94.1 * kernel-rt_debug-devel-5.14.21-150500.13.94.1 * kernel-rt-extra-debuginfo-5.14.21-150500.13.94.1 * kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.94.1 * kernel-rt-optional-debuginfo-5.14.21-150500.13.94.1 * kselftests-kmp-rt-debuginfo-5.14.21-150500.13.94.1 * kernel-rt-extra-5.14.21-150500.13.94.1 * ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.94.1 * kernel-rt-livepatch-devel-5.14.21-150500.13.94.1 * dlm-kmp-rt-5.14.21-150500.13.94.1 * kernel-rt-debugsource-5.14.21-150500.13.94.1 * kernel-rt-vdso-5.14.21-150500.13.94.1 * reiserfs-kmp-rt-debuginfo-5.14.21-150500.13.94.1 * reiserfs-kmp-rt-5.14.21-150500.13.94.1 * kselftests-kmp-rt-5.14.21-150500.13.94.1 * cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.94.1 * kernel-rt-optional-5.14.21-150500.13.94.1 * kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.94.1 * ocfs2-kmp-rt-5.14.21-150500.13.94.1 * cluster-md-kmp-rt-5.14.21-150500.13.94.1 * kernel-rt-livepatch-5.14.21-150500.13.94.1 * gfs2-kmp-rt-debuginfo-5.14.21-150500.13.94.1 * kernel-rt-vdso-debuginfo-5.14.21-150500.13.94.1 * kernel-rt_debug-vdso-5.14.21-150500.13.94.1 * kernel-rt-devel-5.14.21-150500.13.94.1 * kernel-syms-rt-5.14.21-150500.13.94.1 * dlm-kmp-rt-debuginfo-5.14.21-150500.13.94.1 * kernel-rt-debuginfo-5.14.21-150500.13.94.1 * gfs2-kmp-rt-5.14.21-150500.13.94.1 * kernel-rt_debug-debuginfo-5.14.21-150500.13.94.1 * kernel-rt-devel-debuginfo-5.14.21-150500.13.94.1 * openSUSE Leap 15.5 (nosrc x86_64) * kernel-rt-5.14.21-150500.13.94.1 * kernel-rt_debug-5.14.21-150500.13.94.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * kernel-source-rt-5.14.21-150500.13.94.1 * kernel-devel-rt-5.14.21-150500.13.94.1 * SUSE Linux Enterprise Micro 5.5 (nosrc x86_64) * kernel-rt-5.14.21-150500.13.94.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * kernel-rt-debugsource-5.14.21-150500.13.94.1 * kernel-rt-debuginfo-5.14.21-150500.13.94.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47671.html * https://www.suse.com/security/cve/CVE-2022-48933.html * https://www.suse.com/security/cve/CVE-2022-49110.html * https://www.suse.com/security/cve/CVE-2022-49139.html * https://www.suse.com/security/cve/CVE-2022-49741.html * https://www.suse.com/security/cve/CVE-2022-49745.html * https://www.suse.com/security/cve/CVE-2022-49767.html * https://www.suse.com/security/cve/CVE-2023-52928.html * https://www.suse.com/security/cve/CVE-2023-52931.html * https://www.suse.com/security/cve/CVE-2023-52936.html * https://www.suse.com/security/cve/CVE-2023-52937.html * https://www.suse.com/security/cve/CVE-2023-52938.html * https://www.suse.com/security/cve/CVE-2023-52981.html * https://www.suse.com/security/cve/CVE-2023-52982.html * https://www.suse.com/security/cve/CVE-2023-52986.html * https://www.suse.com/security/cve/CVE-2023-52994.html * https://www.suse.com/security/cve/CVE-2023-53001.html * https://www.suse.com/security/cve/CVE-2023-53002.html * https://www.suse.com/security/cve/CVE-2023-53009.html * https://www.suse.com/security/cve/CVE-2023-53014.html * https://www.suse.com/security/cve/CVE-2023-53018.html * https://www.suse.com/security/cve/CVE-2023-53031.html * https://www.suse.com/security/cve/CVE-2023-53051.html * https://www.suse.com/security/cve/CVE-2024-42307.html * https://www.suse.com/security/cve/CVE-2024-46763.html * https://www.suse.com/security/cve/CVE-2024-46865.html * https://www.suse.com/security/cve/CVE-2024-50038.html * https://www.suse.com/security/cve/CVE-2025-21726.html * https://www.suse.com/security/cve/CVE-2025-21785.html * https://www.suse.com/security/cve/CVE-2025-21791.html * https://www.suse.com/security/cve/CVE-2025-21812.html * https://www.suse.com/security/cve/CVE-2025-21839.html * https://www.suse.com/security/cve/CVE-2025-22004.html * https://www.suse.com/security/cve/CVE-2025-22020.html * https://www.suse.com/security/cve/CVE-2025-22045.html * https://www.suse.com/security/cve/CVE-2025-22055.html * https://www.suse.com/security/cve/CVE-2025-22097.html * https://www.suse.com/security/cve/CVE-2025-2312.html * https://www.suse.com/security/cve/CVE-2025-23138.html * https://www.suse.com/security/cve/CVE-2025-39735.html * https://bugzilla.suse.com/show_bug.cgi?id=1054914 * https://bugzilla.suse.com/show_bug.cgi?id=1206843 * https://bugzilla.suse.com/show_bug.cgi?id=1210409 * https://bugzilla.suse.com/show_bug.cgi?id=1225903 * https://bugzilla.suse.com/show_bug.cgi?id=1229361 * https://bugzilla.suse.com/show_bug.cgi?id=1229621 * https://bugzilla.suse.com/show_bug.cgi?id=1230764 * https://bugzilla.suse.com/show_bug.cgi?id=1231103 * https://bugzilla.suse.com/show_bug.cgi?id=1231910 * https://bugzilla.suse.com/show_bug.cgi?id=1236777 * https://bugzilla.suse.com/show_bug.cgi?id=1237981 * https://bugzilla.suse.com/show_bug.cgi?id=1238032 * https://bugzilla.suse.com/show_bug.cgi?id=1238471 * https://bugzilla.suse.com/show_bug.cgi?id=1238512 * https://bugzilla.suse.com/show_bug.cgi?id=1238747 * https://bugzilla.suse.com/show_bug.cgi?id=1238865 * https://bugzilla.suse.com/show_bug.cgi?id=1239061 * https://bugzilla.suse.com/show_bug.cgi?id=1239684 * https://bugzilla.suse.com/show_bug.cgi?id=1239968 * https://bugzilla.suse.com/show_bug.cgi?id=1240209 * https://bugzilla.suse.com/show_bug.cgi?id=1240211 * https://bugzilla.suse.com/show_bug.cgi?id=1240214 * https://bugzilla.suse.com/show_bug.cgi?id=1240228 * https://bugzilla.suse.com/show_bug.cgi?id=1240230 * https://bugzilla.suse.com/show_bug.cgi?id=1240246 * https://bugzilla.suse.com/show_bug.cgi?id=1240248 * https://bugzilla.suse.com/show_bug.cgi?id=1240269 * https://bugzilla.suse.com/show_bug.cgi?id=1240271 * https://bugzilla.suse.com/show_bug.cgi?id=1240274 * https://bugzilla.suse.com/show_bug.cgi?id=1240285 * https://bugzilla.suse.com/show_bug.cgi?id=1240295 * https://bugzilla.suse.com/show_bug.cgi?id=1240306 * https://bugzilla.suse.com/show_bug.cgi?id=1240314 * https://bugzilla.suse.com/show_bug.cgi?id=1240315 * https://bugzilla.suse.com/show_bug.cgi?id=1240321 * https://bugzilla.suse.com/show_bug.cgi?id=1240747 * https://bugzilla.suse.com/show_bug.cgi?id=1240835 * https://bugzilla.suse.com/show_bug.cgi?id=1241280 * https://bugzilla.suse.com/show_bug.cgi?id=1241371 * https://bugzilla.suse.com/show_bug.cgi?id=1241421 * https://bugzilla.suse.com/show_bug.cgi?id=1241433 * https://bugzilla.suse.com/show_bug.cgi?id=1241541 * https://bugzilla.suse.com/show_bug.cgi?id=1241625 * https://bugzilla.suse.com/show_bug.cgi?id=1241648 * https://bugzilla.suse.com/show_bug.cgi?id=1242284 * https://bugzilla.suse.com/show_bug.cgi?id=1242493 * https://bugzilla.suse.com/show_bug.cgi?id=1242778 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 21 12:30:45 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 21 May 2025 12:30:45 -0000 Subject: SUSE-SU-2025:01639-1: important: Security update for libwebp Message-ID: <174783064546.21669.2320757834799083528@smelt2.prg2.suse.org> # Security update for libwebp Announcement ID: SUSE-SU-2025:01639-1 Release Date: 2025-05-21T11:44:11Z Rating: important References: * bsc#1136199 Cross-References: * CVE-2016-9969 CVSS scores: * CVE-2016-9969 ( SUSE ): 7.5 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2016-9969 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2016-9969 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Workstation Extension 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves one vulnerability can now be installed. ## Description: This update for libwebp fixes the following issues: * CVE-2016-9969: freeing of uninitialized memory pointer in SetFrame() of AnimEncoder can lead to double free (bsc#1136199). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-1639=1 * SUSE Linux Enterprise Workstation Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2025-1639=1 ## Package List: * SUSE Package Hub 15 15-SP6 (x86_64) * libwebp6-32bit-debuginfo-0.5.0-150000.3.17.1 * libwebp6-32bit-0.5.0-150000.3.17.1 * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64) * libwebp-debugsource-0.5.0-150000.3.17.1 * libwebp6-debuginfo-0.5.0-150000.3.17.1 * libwebp6-0.5.0-150000.3.17.1 ## References: * https://www.suse.com/security/cve/CVE-2016-9969.html * https://bugzilla.suse.com/show_bug.cgi?id=1136199 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 21 12:30:49 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 21 May 2025 12:30:49 -0000 Subject: SUSE-SU-2025:01638-1: moderate: Security update for openssh Message-ID: <174783064930.21669.7537347091749056797@smelt2.prg2.suse.org> # Security update for openssh Announcement ID: SUSE-SU-2025:01638-1 Release Date: 2025-05-21T10:48:47Z Rating: moderate References: * bsc#1236826 * bsc#1239671 * bsc#1241012 Cross-References: * CVE-2025-32728 CVSS scores: * CVE-2025-32728 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N * CVE-2025-32728 ( SUSE ): 4.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N * CVE-2025-32728 ( NVD ): 4.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N Affected Products: * Basesystem Module 15-SP6 * Desktop Applications Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability and has two security fixes can now be installed. ## Description: This update for openssh fixes the following issue: Security fixes: * CVE-2025-32728: Fixed logic error in DisableForwarding option (bsc#1241012) Other fixes: \- Fix ssh client segfault with GSSAPIKeyExchange=yes in ssh_kex2 due to gssapi proposal not being correctly initialized (bsc#1236826). The problem was introduced in the rebase of the patch for 9.6p1 \- Enable --with- logind to call the SetTTY dbus method in systemd. This allows "wall" to print messages in ssh ttys (bsc#1239671) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-1638=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1638=1 openSUSE-SLE-15.6-2025-1638=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1638=1 ## Package List: * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * openssh-askpass-gnome-9.6p1-150600.6.26.1 * openssh-askpass-gnome-debugsource-9.6p1-150600.6.26.1 * openssh-askpass-gnome-debuginfo-9.6p1-150600.6.26.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * openssh-helpers-9.6p1-150600.6.26.1 * openssh-clients-9.6p1-150600.6.26.1 * openssh-helpers-debuginfo-9.6p1-150600.6.26.1 * openssh-cavs-9.6p1-150600.6.26.1 * openssh-debugsource-9.6p1-150600.6.26.1 * openssh-server-debuginfo-9.6p1-150600.6.26.1 * openssh-9.6p1-150600.6.26.1 * openssh-debuginfo-9.6p1-150600.6.26.1 * openssh-server-config-disallow-rootlogin-9.6p1-150600.6.26.1 * openssh-askpass-gnome-debugsource-9.6p1-150600.6.26.1 * openssh-fips-9.6p1-150600.6.26.1 * openssh-cavs-debuginfo-9.6p1-150600.6.26.1 * openssh-server-9.6p1-150600.6.26.1 * openssh-common-9.6p1-150600.6.26.1 * openssh-clients-debuginfo-9.6p1-150600.6.26.1 * openssh-askpass-gnome-9.6p1-150600.6.26.1 * openssh-common-debuginfo-9.6p1-150600.6.26.1 * openssh-askpass-gnome-debuginfo-9.6p1-150600.6.26.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * openssh-helpers-9.6p1-150600.6.26.1 * openssh-clients-9.6p1-150600.6.26.1 * openssh-helpers-debuginfo-9.6p1-150600.6.26.1 * openssh-debugsource-9.6p1-150600.6.26.1 * openssh-9.6p1-150600.6.26.1 * openssh-debuginfo-9.6p1-150600.6.26.1 * openssh-server-config-disallow-rootlogin-9.6p1-150600.6.26.1 * openssh-fips-9.6p1-150600.6.26.1 * openssh-server-9.6p1-150600.6.26.1 * openssh-common-9.6p1-150600.6.26.1 * openssh-clients-debuginfo-9.6p1-150600.6.26.1 * openssh-server-debuginfo-9.6p1-150600.6.26.1 * openssh-common-debuginfo-9.6p1-150600.6.26.1 ## References: * https://www.suse.com/security/cve/CVE-2025-32728.html * https://bugzilla.suse.com/show_bug.cgi?id=1236826 * https://bugzilla.suse.com/show_bug.cgi?id=1239671 * https://bugzilla.suse.com/show_bug.cgi?id=1241012 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 21 12:30:50 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 21 May 2025 12:30:50 -0000 Subject: SUSE-RU-2025:01637-1: moderate: Recommended update for s390-tools Message-ID: <174783065097.21669.47933183899357128@smelt2.prg2.suse.org> # Recommended update for s390-tools Announcement ID: SUSE-RU-2025:01637-1 Release Date: 2025-05-21T10:10:50Z Rating: moderate References: * jsc#PED-12028 Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS An update that contains one feature can now be installed. ## Description: This update for s390-tools rebuilds the existing package with the new 4k RSA secure boot key. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-1637=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1637=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-1637=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1637=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1637=1 ## Package List: * openSUSE Leap 15.3 (s390x) * libekmfweb1-debuginfo-2.15.1-150300.8.35.1 * s390-tools-debuginfo-2.15.1-150300.8.35.1 * s390-tools-hmcdrvfs-debuginfo-2.15.1-150300.8.35.1 * libekmfweb1-2.15.1-150300.8.35.1 * s390-tools-debugsource-2.15.1-150300.8.35.1 * s390-tools-hmcdrvfs-2.15.1-150300.8.35.1 * osasnmpd-debuginfo-2.15.1-150300.8.35.1 * s390-tools-zdsfs-debuginfo-2.15.1-150300.8.35.1 * libekmfweb1-devel-2.15.1-150300.8.35.1 * s390-tools-zdsfs-2.15.1-150300.8.35.1 * osasnmpd-2.15.1-150300.8.35.1 * s390-tools-2.15.1-150300.8.35.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (s390x) * libekmfweb1-debuginfo-2.15.1-150300.8.35.1 * s390-tools-debuginfo-2.15.1-150300.8.35.1 * s390-tools-hmcdrvfs-debuginfo-2.15.1-150300.8.35.1 * libekmfweb1-2.15.1-150300.8.35.1 * s390-tools-debugsource-2.15.1-150300.8.35.1 * s390-tools-hmcdrvfs-2.15.1-150300.8.35.1 * osasnmpd-debuginfo-2.15.1-150300.8.35.1 * s390-tools-zdsfs-debuginfo-2.15.1-150300.8.35.1 * libekmfweb1-devel-2.15.1-150300.8.35.1 * s390-tools-zdsfs-2.15.1-150300.8.35.1 * osasnmpd-2.15.1-150300.8.35.1 * s390-tools-2.15.1-150300.8.35.1 * SUSE Linux Enterprise Micro 5.1 (s390x) * libekmfweb1-debuginfo-2.15.1-150300.8.35.1 * s390-tools-debuginfo-2.15.1-150300.8.35.1 * libekmfweb1-2.15.1-150300.8.35.1 * s390-tools-debugsource-2.15.1-150300.8.35.1 * s390-tools-2.15.1-150300.8.35.1 * SUSE Linux Enterprise Micro 5.2 (s390x) * libekmfweb1-debuginfo-2.15.1-150300.8.35.1 * s390-tools-debuginfo-2.15.1-150300.8.35.1 * libekmfweb1-2.15.1-150300.8.35.1 * s390-tools-debugsource-2.15.1-150300.8.35.1 * s390-tools-2.15.1-150300.8.35.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (s390x) * libekmfweb1-debuginfo-2.15.1-150300.8.35.1 * s390-tools-debuginfo-2.15.1-150300.8.35.1 * libekmfweb1-2.15.1-150300.8.35.1 * s390-tools-debugsource-2.15.1-150300.8.35.1 * s390-tools-2.15.1-150300.8.35.1 ## References: * https://jira.suse.com/browse/PED-12028 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 21 12:30:53 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 21 May 2025 12:30:53 -0000 Subject: SUSE-RU-2025:01635-1: moderate: Recommended update for oracleasm Message-ID: <174783065335.21669.2229353613149394515@smelt2.prg2.suse.org> # Recommended update for oracleasm Announcement ID: SUSE-RU-2025:01635-1 Release Date: 2025-05-21T10:10:27Z Rating: moderate References: * jsc#PED-12028 Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that contains one feature can now be installed. ## Description: This update for oracleasm rebuilds the existing package with the new 4k RSA secure boot key for IBM Power and Z. Note: the signing key of x86 / x86_64 and aarch64 architectures are unchanged. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-1635=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1635=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1635=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1635=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1635=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64) * oracleasm-kmp-default-2.0.8_k5.3.18_150300.59.201-150300.19.9.1 * oracleasm-kmp-default-debuginfo-2.0.8_k5.3.18_150300.59.201-150300.19.9.1 * oracleasm-debugsource-2.0.8-150300.19.9.1 * openSUSE Leap 15.3 (aarch64 x86_64) * oracleasm-kmp-preempt-debuginfo-2.0.8_k5.3.18_150300.59.201-150300.19.9.1 * oracleasm-kmp-preempt-2.0.8_k5.3.18_150300.59.201-150300.19.9.1 * openSUSE Leap 15.3 (x86_64) * oracleasm-kmp-rt-2.0.8_k5.3.18_8.13-150300.19.9.1 * oracleasm-kmp-rt-debuginfo-2.0.8_k5.3.18_8.13-150300.19.9.1 * openSUSE Leap 15.3 (aarch64) * oracleasm-kmp-64kb-2.0.8_k5.3.18_150300.59.201-150300.19.9.1 * oracleasm-kmp-64kb-debuginfo-2.0.8_k5.3.18_150300.59.201-150300.19.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * oracleasm-kmp-default-2.0.8_k5.3.18_150300.59.201-150300.19.9.1 * oracleasm-kmp-default-debuginfo-2.0.8_k5.3.18_150300.59.201-150300.19.9.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * oracleasm-kmp-default-2.0.8_k5.3.18_150300.59.201-150300.19.9.1 * oracleasm-kmp-default-debuginfo-2.0.8_k5.3.18_150300.59.201-150300.19.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * oracleasm-kmp-default-2.0.8_k5.3.18_150300.59.201-150300.19.9.1 * oracleasm-kmp-default-debuginfo-2.0.8_k5.3.18_150300.59.201-150300.19.9.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * oracleasm-kmp-default-2.0.8_k5.3.18_150300.59.201-150300.19.9.1 * oracleasm-kmp-default-debuginfo-2.0.8_k5.3.18_150300.59.201-150300.19.9.1 ## References: * https://jira.suse.com/browse/PED-12028 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 21 12:30:52 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 21 May 2025 12:30:52 -0000 Subject: SUSE-RU-2025:01636-1: moderate: Recommended update for drbd Message-ID: <174783065212.21669.12299278154556819241@smelt2.prg2.suse.org> # Recommended update for drbd Announcement ID: SUSE-RU-2025:01636-1 Release Date: 2025-05-21T10:10:40Z Rating: moderate References: * jsc#PED-12028 Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Availability Extension 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 Business Critical Linux * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Manager Proxy 4.2 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Server 4.2 An update that contains one feature can now be installed. ## Description: This update for drbd rebuilds the existing package with the new 4k RSA secure boot key for IBM Power and Z. Note: the signing key of x86 / x86_64 and aarch64 architectures are unchanged. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Availability Extension 15 SP3 zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2025-1636=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-1636=1 ## Package List: * SUSE Linux Enterprise High Availability Extension 15 SP3 (aarch64 ppc64le s390x x86_64) * drbd-kmp-default-debuginfo-9.0.29~0+git.9a7bc817_k5.3.18_150300.59.201-150300.3.9.1 * drbd-9.0.29~0+git.9a7bc817-150300.3.9.1 * drbd-kmp-default-9.0.29~0+git.9a7bc817_k5.3.18_150300.59.201-150300.3.9.1 * drbd-debugsource-9.0.29~0+git.9a7bc817-150300.3.9.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64) * drbd-kmp-default-debuginfo-9.0.29~0+git.9a7bc817_k5.3.18_150300.59.201-150300.3.9.1 * drbd-9.0.29~0+git.9a7bc817-150300.3.9.1 * drbd-kmp-default-9.0.29~0+git.9a7bc817_k5.3.18_150300.59.201-150300.3.9.1 * drbd-debugsource-9.0.29~0+git.9a7bc817-150300.3.9.1 * openSUSE Leap 15.3 (aarch64 x86_64) * drbd-kmp-preempt-debuginfo-9.0.29~0+git.9a7bc817_k5.3.18_150300.59.201-150300.3.9.1 * drbd-kmp-preempt-9.0.29~0+git.9a7bc817_k5.3.18_150300.59.201-150300.3.9.1 * openSUSE Leap 15.3 (x86_64) * drbd-kmp-rt-9.0.29~0+git.9a7bc817_k5.3.18_8.13-150300.3.9.1 * drbd-kmp-rt-debuginfo-9.0.29~0+git.9a7bc817_k5.3.18_8.13-150300.3.9.1 * openSUSE Leap 15.3 (aarch64) * drbd-kmp-64kb-debuginfo-9.0.29~0+git.9a7bc817_k5.3.18_150300.59.201-150300.3.9.1 * drbd-kmp-64kb-9.0.29~0+git.9a7bc817_k5.3.18_150300.59.201-150300.3.9.1 ## References: * https://jira.suse.com/browse/PED-12028 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 21 12:30:54 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 21 May 2025 12:30:54 -0000 Subject: SUSE-RU-2025:01634-1: moderate: Recommended update for dpdk Message-ID: <174783065463.21669.12625989230002169015@smelt2.prg2.suse.org> # Recommended update for dpdk Announcement ID: SUSE-RU-2025:01634-1 Release Date: 2025-05-21T10:10:08Z Rating: moderate References: * jsc#PED-12028 Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that contains one feature can now be installed. ## Description: This update for dpdk rebuilds the existing package with the new 4k RSA secure boot key for IBM Power and Z. Note: the signing key of x86 / x86_64 and aarch64 architectures are unchanged. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1634=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1634=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-1634=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1634=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1634=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * dpdk-devel-debuginfo-19.11.4-150300.30.1 * libdpdk-20_0-debuginfo-19.11.4-150300.30.1 * dpdk-debuginfo-19.11.4-150300.30.1 * dpdk-tools-19.11.4-150300.30.1 * libdpdk-20_0-19.11.4-150300.30.1 * dpdk-devel-19.11.4-150300.30.1 * dpdk-debugsource-19.11.4-150300.30.1 * dpdk-tools-debuginfo-19.11.4-150300.30.1 * dpdk-kmp-default-debuginfo-19.11.4_k5.3.18_150300.59.201-150300.30.1 * dpdk-kmp-default-19.11.4_k5.3.18_150300.59.201-150300.30.1 * dpdk-19.11.4-150300.30.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * dpdk-devel-debuginfo-19.11.4-150300.30.1 * libdpdk-20_0-debuginfo-19.11.4-150300.30.1 * dpdk-debuginfo-19.11.4-150300.30.1 * dpdk-tools-19.11.4-150300.30.1 * libdpdk-20_0-19.11.4-150300.30.1 * dpdk-devel-19.11.4-150300.30.1 * dpdk-debugsource-19.11.4-150300.30.1 * dpdk-tools-debuginfo-19.11.4-150300.30.1 * dpdk-kmp-default-debuginfo-19.11.4_k5.3.18_150300.59.201-150300.30.1 * dpdk-kmp-default-19.11.4_k5.3.18_150300.59.201-150300.30.1 * dpdk-19.11.4-150300.30.1 * SUSE Enterprise Storage 7.1 (aarch64) * dpdk-thunderx-debuginfo-19.11.4-150300.30.1 * dpdk-thunderx-devel-debuginfo-19.11.4-150300.30.1 * dpdk-thunderx-debugsource-19.11.4-150300.30.1 * dpdk-thunderx-19.11.4-150300.30.1 * dpdk-thunderx-kmp-default-debuginfo-19.11.4_k5.3.18_150300.59.201-150300.30.1 * dpdk-thunderx-devel-19.11.4-150300.30.1 * dpdk-thunderx-kmp-default-19.11.4_k5.3.18_150300.59.201-150300.30.1 * openSUSE Leap 15.3 (aarch64 ppc64le x86_64) * dpdk-devel-debuginfo-19.11.4-150300.30.1 * dpdk-examples-19.11.4-150300.30.1 * libdpdk-20_0-debuginfo-19.11.4-150300.30.1 * dpdk-debuginfo-19.11.4-150300.30.1 * dpdk-examples-debuginfo-19.11.4-150300.30.1 * dpdk-tools-19.11.4-150300.30.1 * libdpdk-20_0-19.11.4-150300.30.1 * dpdk-devel-19.11.4-150300.30.1 * dpdk-debugsource-19.11.4-150300.30.1 * dpdk-tools-debuginfo-19.11.4-150300.30.1 * dpdk-kmp-default-debuginfo-19.11.4_k5.3.18_150300.59.201-150300.30.1 * dpdk-kmp-default-19.11.4_k5.3.18_150300.59.201-150300.30.1 * dpdk-19.11.4-150300.30.1 * openSUSE Leap 15.3 (noarch) * dpdk-doc-19.11.4-150300.30.1 * dpdk-thunderx-doc-19.11.4-150300.30.1 * openSUSE Leap 15.3 (aarch64 x86_64) * dpdk-kmp-preempt-19.11.4_k5.3.18_150300.59.201-150300.30.1 * dpdk-kmp-preempt-debuginfo-19.11.4_k5.3.18_150300.59.201-150300.30.1 * openSUSE Leap 15.3 (aarch64) * dpdk-thunderx-debuginfo-19.11.4-150300.30.1 * dpdk-thunderx-examples-debuginfo-19.11.4-150300.30.1 * dpdk-thunderx-devel-debuginfo-19.11.4-150300.30.1 * dpdk-thunderx-debugsource-19.11.4-150300.30.1 * dpdk-thunderx-kmp-preempt-debuginfo-19.11.4_k5.3.18_150300.59.201-150300.30.1 * dpdk-thunderx-tools-debuginfo-19.11.4-150300.30.1 * dpdk-thunderx-examples-19.11.4-150300.30.1 * dpdk-thunderx-kmp-preempt-19.11.4_k5.3.18_150300.59.201-150300.30.1 * dpdk-thunderx-19.11.4-150300.30.1 * dpdk-thunderx-kmp-default-debuginfo-19.11.4_k5.3.18_150300.59.201-150300.30.1 * dpdk-thunderx-devel-19.11.4-150300.30.1 * dpdk-thunderx-tools-19.11.4-150300.30.1 * dpdk-thunderx-kmp-default-19.11.4_k5.3.18_150300.59.201-150300.30.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * dpdk-devel-debuginfo-19.11.4-150300.30.1 * libdpdk-20_0-debuginfo-19.11.4-150300.30.1 * dpdk-debuginfo-19.11.4-150300.30.1 * dpdk-tools-19.11.4-150300.30.1 * libdpdk-20_0-19.11.4-150300.30.1 * dpdk-devel-19.11.4-150300.30.1 * dpdk-debugsource-19.11.4-150300.30.1 * dpdk-tools-debuginfo-19.11.4-150300.30.1 * dpdk-kmp-default-debuginfo-19.11.4_k5.3.18_150300.59.201-150300.30.1 * dpdk-kmp-default-19.11.4_k5.3.18_150300.59.201-150300.30.1 * dpdk-19.11.4-150300.30.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64) * dpdk-thunderx-debuginfo-19.11.4-150300.30.1 * dpdk-thunderx-devel-debuginfo-19.11.4-150300.30.1 * dpdk-thunderx-debugsource-19.11.4-150300.30.1 * dpdk-thunderx-19.11.4-150300.30.1 * dpdk-thunderx-kmp-default-debuginfo-19.11.4_k5.3.18_150300.59.201-150300.30.1 * dpdk-thunderx-devel-19.11.4-150300.30.1 * dpdk-thunderx-kmp-default-19.11.4_k5.3.18_150300.59.201-150300.30.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le x86_64) * dpdk-devel-debuginfo-19.11.4-150300.30.1 * libdpdk-20_0-debuginfo-19.11.4-150300.30.1 * dpdk-debuginfo-19.11.4-150300.30.1 * dpdk-tools-19.11.4-150300.30.1 * libdpdk-20_0-19.11.4-150300.30.1 * dpdk-devel-19.11.4-150300.30.1 * dpdk-debugsource-19.11.4-150300.30.1 * dpdk-tools-debuginfo-19.11.4-150300.30.1 * dpdk-kmp-default-debuginfo-19.11.4_k5.3.18_150300.59.201-150300.30.1 * dpdk-kmp-default-19.11.4_k5.3.18_150300.59.201-150300.30.1 * dpdk-19.11.4-150300.30.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64) * dpdk-thunderx-debuginfo-19.11.4-150300.30.1 * dpdk-thunderx-devel-debuginfo-19.11.4-150300.30.1 * dpdk-thunderx-debugsource-19.11.4-150300.30.1 * dpdk-thunderx-19.11.4-150300.30.1 * dpdk-thunderx-kmp-default-debuginfo-19.11.4_k5.3.18_150300.59.201-150300.30.1 * dpdk-thunderx-devel-19.11.4-150300.30.1 * dpdk-thunderx-kmp-default-19.11.4_k5.3.18_150300.59.201-150300.30.1 ## References: * https://jira.suse.com/browse/PED-12028 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 21 12:31:09 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 21 May 2025 12:31:09 -0000 Subject: SUSE-SU-2025:01633-1: important: Security update for the Linux Kernel Message-ID: <174783066908.21669.6080081841162977007@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:01633-1 Release Date: 2025-05-21T10:09:50Z Rating: important References: * bsc#1207034 * bsc#1207878 * bsc#1221980 * bsc#1234931 * bsc#1235433 * bsc#1237984 * bsc#1238512 * bsc#1238747 * bsc#1238865 * bsc#1240210 * bsc#1240308 * bsc#1240835 * bsc#1241280 * bsc#1241371 * bsc#1241404 * bsc#1241405 * bsc#1241407 * bsc#1241408 Cross-References: * CVE-2020-36789 * CVE-2021-47163 * CVE-2021-47668 * CVE-2021-47669 * CVE-2021-47670 * CVE-2022-49111 * CVE-2023-0179 * CVE-2023-53026 * CVE-2023-53033 * CVE-2024-56642 * CVE-2024-56661 * CVE-2025-21726 * CVE-2025-21785 * CVE-2025-21791 * CVE-2025-22004 * CVE-2025-22020 * CVE-2025-22055 CVSS scores: * CVE-2020-36789 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2020-36789 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2020-36789 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47163 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47163 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47668 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2021-47668 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47668 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47669 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2021-47669 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47669 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47670 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2021-47670 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47670 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49111 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49111 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49111 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-0179 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-0179 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-53026 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-53026 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-53033 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56642 ( SUSE ): 7.5 CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56642 ( SUSE ): 7.1 CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56642 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56642 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56661 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56661 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56661 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21726 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21726 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21726 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21785 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21785 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21785 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21791 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21791 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21791 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21791 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22004 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22004 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22020 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22020 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22020 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22055 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22055 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Availability Extension 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 Business Critical Linux * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Manager Proxy 4.2 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Server 4.2 An update that solves 17 vulnerabilities and has one security fix can now be installed. ## Description: The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2022-49111: Bluetooth: Fix use after free in hci_send_acl (bsc#1237984). * CVE-2025-21726: padata: avoid UAF for reorder_work (bsc#1238865). * CVE-2025-21785: arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (bsc#1238747). * CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1238512). * CVE-2025-22004: net: atm: fix use after free in lec_send() (bsc#1240835). * CVE-2025-22020: memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove (bsc#1241280). * CVE-2025-22055: net: fix geneve_opt length integer overflow (bsc#1241371). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-1633=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-1633=1 * SUSE Linux Enterprise High Availability Extension 15 SP3 zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2025-1633=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1633=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1633=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1633=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1633=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-1633=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1633=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1633=1 ## Package List: * openSUSE Leap 15.3 (noarch nosrc) * kernel-docs-5.3.18-150300.59.204.1 * openSUSE Leap 15.3 (noarch) * kernel-docs-html-5.3.18-150300.59.204.1 * kernel-source-5.3.18-150300.59.204.1 * kernel-source-vanilla-5.3.18-150300.59.204.1 * kernel-macros-5.3.18-150300.59.204.1 * kernel-devel-5.3.18-150300.59.204.1 * openSUSE Leap 15.3 (nosrc ppc64le x86_64) * kernel-debug-5.3.18-150300.59.204.1 * kernel-kvmsmall-5.3.18-150300.59.204.1 * openSUSE Leap 15.3 (ppc64le x86_64) * kernel-kvmsmall-devel-5.3.18-150300.59.204.1 * kernel-debug-devel-debuginfo-5.3.18-150300.59.204.1 * kernel-kvmsmall-devel-debuginfo-5.3.18-150300.59.204.1 * kernel-kvmsmall-debugsource-5.3.18-150300.59.204.1 * kernel-debug-devel-5.3.18-150300.59.204.1 * kernel-kvmsmall-debuginfo-5.3.18-150300.59.204.1 * kernel-debug-debuginfo-5.3.18-150300.59.204.1 * kernel-debug-debugsource-5.3.18-150300.59.204.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64) * kernel-obs-qa-5.3.18-150300.59.204.1 * kselftests-kmp-default-debuginfo-5.3.18-150300.59.204.1 * dlm-kmp-default-5.3.18-150300.59.204.1 * kernel-default-base-5.3.18-150300.59.204.1.150300.18.122.1 * kernel-default-devel-5.3.18-150300.59.204.1 * kernel-default-extra-5.3.18-150300.59.204.1 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.204.1 * kselftests-kmp-default-5.3.18-150300.59.204.1 * kernel-obs-build-debugsource-5.3.18-150300.59.204.1 * gfs2-kmp-default-5.3.18-150300.59.204.1 * kernel-default-optional-5.3.18-150300.59.204.1 * ocfs2-kmp-default-debuginfo-5.3.18-150300.59.204.1 * kernel-default-extra-debuginfo-5.3.18-150300.59.204.1 * gfs2-kmp-default-debuginfo-5.3.18-150300.59.204.1 * kernel-default-debugsource-5.3.18-150300.59.204.1 * kernel-default-optional-debuginfo-5.3.18-150300.59.204.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.204.1 * kernel-syms-5.3.18-150300.59.204.1 * cluster-md-kmp-default-debuginfo-5.3.18-150300.59.204.1 * kernel-default-debuginfo-5.3.18-150300.59.204.1 * kernel-default-base-rebuild-5.3.18-150300.59.204.1.150300.18.122.1 * cluster-md-kmp-default-5.3.18-150300.59.204.1 * kernel-default-livepatch-5.3.18-150300.59.204.1 * dlm-kmp-default-debuginfo-5.3.18-150300.59.204.1 * kernel-obs-build-5.3.18-150300.59.204.1 * reiserfs-kmp-default-5.3.18-150300.59.204.1 * ocfs2-kmp-default-5.3.18-150300.59.204.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.3.18-150300.59.204.1 * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_204-default-1-150300.7.3.1 * kernel-livepatch-SLE15-SP3_Update_57-debugsource-1-150300.7.3.1 * kernel-livepatch-5_3_18-150300_59_204-default-debuginfo-1-150300.7.3.1 * kernel-default-livepatch-devel-5.3.18-150300.59.204.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_204-preempt-debuginfo-1-150300.7.3.1 * kernel-livepatch-5_3_18-150300_59_204-preempt-1-150300.7.3.1 * openSUSE Leap 15.3 (aarch64 x86_64) * ocfs2-kmp-preempt-5.3.18-150300.59.204.1 * dlm-kmp-preempt-debuginfo-5.3.18-150300.59.204.1 * gfs2-kmp-preempt-debuginfo-5.3.18-150300.59.204.1 * cluster-md-kmp-preempt-debuginfo-5.3.18-150300.59.204.1 * kernel-preempt-optional-debuginfo-5.3.18-150300.59.204.1 * dlm-kmp-preempt-5.3.18-150300.59.204.1 * reiserfs-kmp-preempt-5.3.18-150300.59.204.1 * kernel-preempt-extra-5.3.18-150300.59.204.1 * kernel-preempt-debugsource-5.3.18-150300.59.204.1 * cluster-md-kmp-preempt-5.3.18-150300.59.204.1 * kernel-preempt-optional-5.3.18-150300.59.204.1 * ocfs2-kmp-preempt-debuginfo-5.3.18-150300.59.204.1 * kselftests-kmp-preempt-5.3.18-150300.59.204.1 * reiserfs-kmp-preempt-debuginfo-5.3.18-150300.59.204.1 * kernel-preempt-debuginfo-5.3.18-150300.59.204.1 * kernel-preempt-extra-debuginfo-5.3.18-150300.59.204.1 * kernel-preempt-devel-5.3.18-150300.59.204.1 * kselftests-kmp-preempt-debuginfo-5.3.18-150300.59.204.1 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.204.1 * gfs2-kmp-preempt-5.3.18-150300.59.204.1 * openSUSE Leap 15.3 (aarch64 nosrc x86_64) * kernel-preempt-5.3.18-150300.59.204.1 * openSUSE Leap 15.3 (nosrc s390x) * kernel-zfcpdump-5.3.18-150300.59.204.1 * openSUSE Leap 15.3 (s390x) * kernel-zfcpdump-debuginfo-5.3.18-150300.59.204.1 * kernel-zfcpdump-debugsource-5.3.18-150300.59.204.1 * openSUSE Leap 15.3 (nosrc) * dtb-aarch64-5.3.18-150300.59.204.1 * openSUSE Leap 15.3 (aarch64) * dtb-rockchip-5.3.18-150300.59.204.1 * kernel-64kb-optional-debuginfo-5.3.18-150300.59.204.1 * dtb-broadcom-5.3.18-150300.59.204.1 * dtb-xilinx-5.3.18-150300.59.204.1 * reiserfs-kmp-64kb-debuginfo-5.3.18-150300.59.204.1 * dtb-lg-5.3.18-150300.59.204.1 * kernel-64kb-debugsource-5.3.18-150300.59.204.1 * ocfs2-kmp-64kb-5.3.18-150300.59.204.1 * dtb-renesas-5.3.18-150300.59.204.1 * kernel-64kb-optional-5.3.18-150300.59.204.1 * dtb-freescale-5.3.18-150300.59.204.1 * kernel-64kb-debuginfo-5.3.18-150300.59.204.1 * dtb-socionext-5.3.18-150300.59.204.1 * kernel-64kb-devel-5.3.18-150300.59.204.1 * cluster-md-kmp-64kb-debuginfo-5.3.18-150300.59.204.1 * reiserfs-kmp-64kb-5.3.18-150300.59.204.1 * dlm-kmp-64kb-debuginfo-5.3.18-150300.59.204.1 * kselftests-kmp-64kb-debuginfo-5.3.18-150300.59.204.1 * dtb-allwinner-5.3.18-150300.59.204.1 * dtb-cavium-5.3.18-150300.59.204.1 * dtb-amlogic-5.3.18-150300.59.204.1 * dtb-nvidia-5.3.18-150300.59.204.1 * dtb-marvell-5.3.18-150300.59.204.1 * kernel-64kb-extra-5.3.18-150300.59.204.1 * ocfs2-kmp-64kb-debuginfo-5.3.18-150300.59.204.1 * dlm-kmp-64kb-5.3.18-150300.59.204.1 * dtb-arm-5.3.18-150300.59.204.1 * dtb-qcom-5.3.18-150300.59.204.1 * dtb-al-5.3.18-150300.59.204.1 * dtb-mediatek-5.3.18-150300.59.204.1 * gfs2-kmp-64kb-5.3.18-150300.59.204.1 * gfs2-kmp-64kb-debuginfo-5.3.18-150300.59.204.1 * dtb-amd-5.3.18-150300.59.204.1 * dtb-hisilicon-5.3.18-150300.59.204.1 * dtb-altera-5.3.18-150300.59.204.1 * kernel-64kb-extra-debuginfo-5.3.18-150300.59.204.1 * cluster-md-kmp-64kb-5.3.18-150300.59.204.1 * dtb-sprd-5.3.18-150300.59.204.1 * kselftests-kmp-64kb-5.3.18-150300.59.204.1 * dtb-apm-5.3.18-150300.59.204.1 * dtb-zte-5.3.18-150300.59.204.1 * kernel-64kb-devel-debuginfo-5.3.18-150300.59.204.1 * dtb-exynos-5.3.18-150300.59.204.1 * openSUSE Leap 15.3 (aarch64 nosrc) * kernel-64kb-5.3.18-150300.59.204.1 * SUSE Linux Enterprise Live Patching 15-SP3 (nosrc) * kernel-default-5.3.18-150300.59.204.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_204-default-1-150300.7.3.1 * kernel-default-debuginfo-5.3.18-150300.59.204.1 * kernel-livepatch-SLE15-SP3_Update_57-debugsource-1-150300.7.3.1 * kernel-default-livepatch-5.3.18-150300.59.204.1 * kernel-default-debugsource-5.3.18-150300.59.204.1 * kernel-livepatch-5_3_18-150300_59_204-default-debuginfo-1-150300.7.3.1 * kernel-default-livepatch-devel-5.3.18-150300.59.204.1 * SUSE Linux Enterprise High Availability Extension 15 SP3 (aarch64 ppc64le s390x x86_64) * cluster-md-kmp-default-debuginfo-5.3.18-150300.59.204.1 * kernel-default-debuginfo-5.3.18-150300.59.204.1 * ocfs2-kmp-default-debuginfo-5.3.18-150300.59.204.1 * cluster-md-kmp-default-5.3.18-150300.59.204.1 * gfs2-kmp-default-debuginfo-5.3.18-150300.59.204.1 * kernel-default-debugsource-5.3.18-150300.59.204.1 * gfs2-kmp-default-5.3.18-150300.59.204.1 * dlm-kmp-default-5.3.18-150300.59.204.1 * dlm-kmp-default-debuginfo-5.3.18-150300.59.204.1 * ocfs2-kmp-default-5.3.18-150300.59.204.1 * SUSE Linux Enterprise High Availability Extension 15 SP3 (nosrc) * kernel-default-5.3.18-150300.59.204.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 nosrc) * kernel-64kb-5.3.18-150300.59.204.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64) * kernel-64kb-devel-5.3.18-150300.59.204.1 * kernel-64kb-devel-debuginfo-5.3.18-150300.59.204.1 * kernel-64kb-debuginfo-5.3.18-150300.59.204.1 * kernel-64kb-debugsource-5.3.18-150300.59.204.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 nosrc x86_64) * kernel-preempt-5.3.18-150300.59.204.1 * kernel-default-5.3.18-150300.59.204.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * kernel-default-debuginfo-5.3.18-150300.59.204.1 * kernel-default-base-5.3.18-150300.59.204.1.150300.18.122.1 * kernel-default-devel-5.3.18-150300.59.204.1 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.204.1 * kernel-preempt-debugsource-5.3.18-150300.59.204.1 * kernel-default-debugsource-5.3.18-150300.59.204.1 * kernel-obs-build-debugsource-5.3.18-150300.59.204.1 * reiserfs-kmp-default-5.3.18-150300.59.204.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.204.1 * kernel-preempt-debuginfo-5.3.18-150300.59.204.1 * kernel-preempt-devel-5.3.18-150300.59.204.1 * kernel-obs-build-5.3.18-150300.59.204.1 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.204.1 * kernel-syms-5.3.18-150300.59.204.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * kernel-source-5.3.18-150300.59.204.1 * kernel-macros-5.3.18-150300.59.204.1 * kernel-devel-5.3.18-150300.59.204.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch nosrc) * kernel-docs-5.3.18-150300.59.204.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 nosrc) * kernel-64kb-5.3.18-150300.59.204.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64) * kernel-64kb-devel-5.3.18-150300.59.204.1 * kernel-64kb-devel-debuginfo-5.3.18-150300.59.204.1 * kernel-64kb-debuginfo-5.3.18-150300.59.204.1 * kernel-64kb-debugsource-5.3.18-150300.59.204.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.3.18-150300.59.204.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * kernel-default-debuginfo-5.3.18-150300.59.204.1 * kernel-default-base-5.3.18-150300.59.204.1.150300.18.122.1 * kernel-default-devel-5.3.18-150300.59.204.1 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.204.1 * kernel-default-debugsource-5.3.18-150300.59.204.1 * kernel-obs-build-debugsource-5.3.18-150300.59.204.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.204.1 * kernel-obs-build-5.3.18-150300.59.204.1 * reiserfs-kmp-default-5.3.18-150300.59.204.1 * kernel-syms-5.3.18-150300.59.204.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * kernel-source-5.3.18-150300.59.204.1 * kernel-macros-5.3.18-150300.59.204.1 * kernel-devel-5.3.18-150300.59.204.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch nosrc) * kernel-docs-5.3.18-150300.59.204.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 nosrc x86_64) * kernel-preempt-5.3.18-150300.59.204.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 x86_64) * kernel-preempt-devel-5.3.18-150300.59.204.1 * kernel-preempt-debugsource-5.3.18-150300.59.204.1 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.204.1 * kernel-preempt-debuginfo-5.3.18-150300.59.204.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (nosrc s390x) * kernel-zfcpdump-5.3.18-150300.59.204.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (s390x) * kernel-zfcpdump-debuginfo-5.3.18-150300.59.204.1 * kernel-zfcpdump-debugsource-5.3.18-150300.59.204.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (nosrc ppc64le x86_64) * kernel-default-5.3.18-150300.59.204.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * kernel-default-debuginfo-5.3.18-150300.59.204.1 * kernel-default-base-5.3.18-150300.59.204.1.150300.18.122.1 * kernel-default-devel-5.3.18-150300.59.204.1 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.204.1 * kernel-default-debugsource-5.3.18-150300.59.204.1 * kernel-obs-build-debugsource-5.3.18-150300.59.204.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.204.1 * kernel-obs-build-5.3.18-150300.59.204.1 * reiserfs-kmp-default-5.3.18-150300.59.204.1 * kernel-syms-5.3.18-150300.59.204.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * kernel-source-5.3.18-150300.59.204.1 * kernel-macros-5.3.18-150300.59.204.1 * kernel-devel-5.3.18-150300.59.204.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch nosrc) * kernel-docs-5.3.18-150300.59.204.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (nosrc x86_64) * kernel-preempt-5.3.18-150300.59.204.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * kernel-preempt-devel-5.3.18-150300.59.204.1 * kernel-preempt-debugsource-5.3.18-150300.59.204.1 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.204.1 * kernel-preempt-debuginfo-5.3.18-150300.59.204.1 * SUSE Enterprise Storage 7.1 (aarch64 nosrc) * kernel-64kb-5.3.18-150300.59.204.1 * SUSE Enterprise Storage 7.1 (aarch64) * kernel-64kb-devel-5.3.18-150300.59.204.1 * kernel-64kb-devel-debuginfo-5.3.18-150300.59.204.1 * kernel-64kb-debuginfo-5.3.18-150300.59.204.1 * kernel-64kb-debugsource-5.3.18-150300.59.204.1 * SUSE Enterprise Storage 7.1 (aarch64 nosrc x86_64) * kernel-preempt-5.3.18-150300.59.204.1 * kernel-default-5.3.18-150300.59.204.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * kernel-default-debuginfo-5.3.18-150300.59.204.1 * kernel-default-base-5.3.18-150300.59.204.1.150300.18.122.1 * kernel-default-devel-5.3.18-150300.59.204.1 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.204.1 * kernel-preempt-debugsource-5.3.18-150300.59.204.1 * kernel-default-debugsource-5.3.18-150300.59.204.1 * kernel-obs-build-debugsource-5.3.18-150300.59.204.1 * reiserfs-kmp-default-5.3.18-150300.59.204.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.204.1 * kernel-preempt-debuginfo-5.3.18-150300.59.204.1 * kernel-preempt-devel-5.3.18-150300.59.204.1 * kernel-obs-build-5.3.18-150300.59.204.1 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.204.1 * kernel-syms-5.3.18-150300.59.204.1 * SUSE Enterprise Storage 7.1 (noarch) * kernel-source-5.3.18-150300.59.204.1 * kernel-macros-5.3.18-150300.59.204.1 * kernel-devel-5.3.18-150300.59.204.1 * SUSE Enterprise Storage 7.1 (noarch nosrc) * kernel-docs-5.3.18-150300.59.204.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 nosrc s390x x86_64) * kernel-default-5.3.18-150300.59.204.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * kernel-default-debugsource-5.3.18-150300.59.204.1 * kernel-default-debuginfo-5.3.18-150300.59.204.1 * kernel-default-base-5.3.18-150300.59.204.1.150300.18.122.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 nosrc s390x x86_64) * kernel-default-5.3.18-150300.59.204.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 x86_64) * kernel-default-base-5.3.18-150300.59.204.1.150300.18.122.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * kernel-default-debugsource-5.3.18-150300.59.204.1 * kernel-default-debuginfo-5.3.18-150300.59.204.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 nosrc s390x x86_64) * kernel-default-5.3.18-150300.59.204.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 x86_64) * kernel-default-base-5.3.18-150300.59.204.1.150300.18.122.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * kernel-default-debugsource-5.3.18-150300.59.204.1 * kernel-default-debuginfo-5.3.18-150300.59.204.1 ## References: * https://www.suse.com/security/cve/CVE-2020-36789.html * https://www.suse.com/security/cve/CVE-2021-47163.html * https://www.suse.com/security/cve/CVE-2021-47668.html * https://www.suse.com/security/cve/CVE-2021-47669.html * https://www.suse.com/security/cve/CVE-2021-47670.html * https://www.suse.com/security/cve/CVE-2022-49111.html * https://www.suse.com/security/cve/CVE-2023-0179.html * https://www.suse.com/security/cve/CVE-2023-53026.html * https://www.suse.com/security/cve/CVE-2023-53033.html * https://www.suse.com/security/cve/CVE-2024-56642.html * https://www.suse.com/security/cve/CVE-2024-56661.html * https://www.suse.com/security/cve/CVE-2025-21726.html * https://www.suse.com/security/cve/CVE-2025-21785.html * https://www.suse.com/security/cve/CVE-2025-21791.html * https://www.suse.com/security/cve/CVE-2025-22004.html * https://www.suse.com/security/cve/CVE-2025-22020.html * https://www.suse.com/security/cve/CVE-2025-22055.html * https://bugzilla.suse.com/show_bug.cgi?id=1207034 * https://bugzilla.suse.com/show_bug.cgi?id=1207878 * https://bugzilla.suse.com/show_bug.cgi?id=1221980 * https://bugzilla.suse.com/show_bug.cgi?id=1234931 * https://bugzilla.suse.com/show_bug.cgi?id=1235433 * https://bugzilla.suse.com/show_bug.cgi?id=1237984 * https://bugzilla.suse.com/show_bug.cgi?id=1238512 * https://bugzilla.suse.com/show_bug.cgi?id=1238747 * https://bugzilla.suse.com/show_bug.cgi?id=1238865 * https://bugzilla.suse.com/show_bug.cgi?id=1240210 * https://bugzilla.suse.com/show_bug.cgi?id=1240308 * https://bugzilla.suse.com/show_bug.cgi?id=1240835 * https://bugzilla.suse.com/show_bug.cgi?id=1241280 * https://bugzilla.suse.com/show_bug.cgi?id=1241371 * https://bugzilla.suse.com/show_bug.cgi?id=1241404 * https://bugzilla.suse.com/show_bug.cgi?id=1241405 * https://bugzilla.suse.com/show_bug.cgi?id=1241407 * https://bugzilla.suse.com/show_bug.cgi?id=1241408 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 21 12:31:12 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 21 May 2025 12:31:12 -0000 Subject: SUSE-RU-2025:01632-1: moderate: Recommended update for grub2 Message-ID: <174783067255.21669.3393794134898221191@smelt2.prg2.suse.org> # Recommended update for grub2 Announcement ID: SUSE-RU-2025:01632-1 Release Date: 2025-05-21T10:04:51Z Rating: moderate References: * jsc#PED-12028 Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Proxy 4.3 Module * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 Module An update that contains one feature can now be installed. ## Description: This update for grub2 rebuilds the existing package with the new 4k RSA secure boot key for IBM Power and Z. Note: the signing key of x86 / x86_64 and aarch64 architectures are unchanged. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1632=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1632=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1632=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1632=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1632=1 * SUSE Manager Proxy 4.3 Module zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Proxy-4.3-2025-1632=1 * SUSE Manager Server 4.3 Module zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.3-2025-1632=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1632=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1632=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1632=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1632=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-1632=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-1632=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-1632=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * grub2-debuginfo-2.06-150400.11.60.1 * grub2-branding-upstream-2.06-150400.11.60.1 * grub2-2.06-150400.11.60.1 * openSUSE Leap 15.4 (aarch64 s390x x86_64 i586) * grub2-debugsource-2.06-150400.11.60.1 * openSUSE Leap 15.4 (noarch) * grub2-i386-pc-debug-2.06-150400.11.60.1 * grub2-i386-pc-extras-2.06-150400.11.60.1 * grub2-systemd-sleep-plugin-2.06-150400.11.60.1 * grub2-x86_64-efi-extras-2.06-150400.11.60.1 * grub2-arm64-efi-2.06-150400.11.60.1 * grub2-arm64-efi-debug-2.06-150400.11.60.1 * grub2-i386-pc-2.06-150400.11.60.1 * grub2-i386-efi-debug-2.06-150400.11.60.1 * grub2-x86_64-xen-extras-2.06-150400.11.60.1 * grub2-powerpc-ieee1275-2.06-150400.11.60.1 * grub2-s390x-emu-extras-2.06-150400.11.60.1 * grub2-i386-xen-extras-2.06-150400.11.60.1 * grub2-powerpc-ieee1275-debug-2.06-150400.11.60.1 * grub2-i386-efi-extras-2.06-150400.11.60.1 * grub2-arm64-efi-extras-2.06-150400.11.60.1 * grub2-powerpc-ieee1275-extras-2.06-150400.11.60.1 * grub2-x86_64-efi-debug-2.06-150400.11.60.1 * grub2-i386-xen-2.06-150400.11.60.1 * grub2-snapper-plugin-2.06-150400.11.60.1 * grub2-i386-efi-2.06-150400.11.60.1 * grub2-x86_64-efi-2.06-150400.11.60.1 * grub2-x86_64-xen-2.06-150400.11.60.1 * openSUSE Leap 15.4 (s390x) * grub2-s390x-emu-debug-2.06-150400.11.60.1 * grub2-s390x-emu-2.06-150400.11.60.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * grub2-debugsource-2.06-150400.11.60.1 * grub2-debuginfo-2.06-150400.11.60.1 * grub2-2.06-150400.11.60.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * grub2-snapper-plugin-2.06-150400.11.60.1 * grub2-arm64-efi-2.06-150400.11.60.1 * grub2-x86_64-efi-2.06-150400.11.60.1 * grub2-x86_64-xen-2.06-150400.11.60.1 * grub2-i386-pc-2.06-150400.11.60.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (s390x) * grub2-s390x-emu-2.06-150400.11.60.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * grub2-debugsource-2.06-150400.11.60.1 * grub2-debuginfo-2.06-150400.11.60.1 * grub2-2.06-150400.11.60.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * grub2-snapper-plugin-2.06-150400.11.60.1 * grub2-arm64-efi-2.06-150400.11.60.1 * grub2-x86_64-efi-2.06-150400.11.60.1 * grub2-x86_64-xen-2.06-150400.11.60.1 * grub2-i386-pc-2.06-150400.11.60.1 * SUSE Linux Enterprise Micro 5.3 (s390x) * grub2-s390x-emu-2.06-150400.11.60.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * grub2-debugsource-2.06-150400.11.60.1 * grub2-debuginfo-2.06-150400.11.60.1 * grub2-2.06-150400.11.60.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * grub2-snapper-plugin-2.06-150400.11.60.1 * grub2-arm64-efi-2.06-150400.11.60.1 * grub2-x86_64-efi-2.06-150400.11.60.1 * grub2-x86_64-xen-2.06-150400.11.60.1 * grub2-i386-pc-2.06-150400.11.60.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (s390x) * grub2-s390x-emu-2.06-150400.11.60.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * grub2-debugsource-2.06-150400.11.60.1 * grub2-debuginfo-2.06-150400.11.60.1 * grub2-2.06-150400.11.60.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * grub2-snapper-plugin-2.06-150400.11.60.1 * grub2-arm64-efi-2.06-150400.11.60.1 * grub2-x86_64-efi-2.06-150400.11.60.1 * grub2-x86_64-xen-2.06-150400.11.60.1 * grub2-i386-pc-2.06-150400.11.60.1 * SUSE Linux Enterprise Micro 5.4 (s390x) * grub2-s390x-emu-2.06-150400.11.60.1 * SUSE Manager Proxy 4.3 Module (noarch) * grub2-arm64-efi-2.06-150400.11.60.1 * SUSE Manager Server 4.3 Module (noarch) * grub2-powerpc-ieee1275-2.06-150400.11.60.1 * grub2-arm64-efi-2.06-150400.11.60.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * grub2-debugsource-2.06-150400.11.60.1 * grub2-debuginfo-2.06-150400.11.60.1 * grub2-2.06-150400.11.60.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * grub2-snapper-plugin-2.06-150400.11.60.1 * grub2-systemd-sleep-plugin-2.06-150400.11.60.1 * grub2-arm64-efi-2.06-150400.11.60.1 * grub2-x86_64-efi-2.06-150400.11.60.1 * grub2-x86_64-xen-2.06-150400.11.60.1 * grub2-i386-pc-2.06-150400.11.60.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * grub2-snapper-plugin-2.06-150400.11.60.1 * grub2-systemd-sleep-plugin-2.06-150400.11.60.1 * grub2-arm64-efi-2.06-150400.11.60.1 * grub2-x86_64-efi-2.06-150400.11.60.1 * grub2-x86_64-xen-2.06-150400.11.60.1 * grub2-i386-pc-2.06-150400.11.60.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * grub2-debugsource-2.06-150400.11.60.1 * grub2-debuginfo-2.06-150400.11.60.1 * grub2-2.06-150400.11.60.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * grub2-debuginfo-2.06-150400.11.60.1 * grub2-2.06-150400.11.60.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * grub2-snapper-plugin-2.06-150400.11.60.1 * grub2-systemd-sleep-plugin-2.06-150400.11.60.1 * grub2-arm64-efi-2.06-150400.11.60.1 * grub2-powerpc-ieee1275-2.06-150400.11.60.1 * grub2-x86_64-efi-2.06-150400.11.60.1 * grub2-x86_64-xen-2.06-150400.11.60.1 * grub2-i386-pc-2.06-150400.11.60.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 s390x x86_64) * grub2-debugsource-2.06-150400.11.60.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (s390x) * grub2-s390x-emu-2.06-150400.11.60.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * grub2-debuginfo-2.06-150400.11.60.1 * grub2-2.06-150400.11.60.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * grub2-snapper-plugin-2.06-150400.11.60.1 * grub2-systemd-sleep-plugin-2.06-150400.11.60.1 * grub2-powerpc-ieee1275-2.06-150400.11.60.1 * grub2-x86_64-efi-2.06-150400.11.60.1 * grub2-x86_64-xen-2.06-150400.11.60.1 * grub2-i386-pc-2.06-150400.11.60.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * grub2-debugsource-2.06-150400.11.60.1 * SUSE Manager Proxy 4.3 (x86_64) * grub2-debugsource-2.06-150400.11.60.1 * grub2-debuginfo-2.06-150400.11.60.1 * grub2-2.06-150400.11.60.1 * SUSE Manager Proxy 4.3 (noarch) * grub2-snapper-plugin-2.06-150400.11.60.1 * grub2-systemd-sleep-plugin-2.06-150400.11.60.1 * grub2-x86_64-efi-2.06-150400.11.60.1 * grub2-x86_64-xen-2.06-150400.11.60.1 * grub2-i386-pc-2.06-150400.11.60.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * grub2-debugsource-2.06-150400.11.60.1 * grub2-debuginfo-2.06-150400.11.60.1 * grub2-2.06-150400.11.60.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * grub2-snapper-plugin-2.06-150400.11.60.1 * grub2-systemd-sleep-plugin-2.06-150400.11.60.1 * grub2-x86_64-efi-2.06-150400.11.60.1 * grub2-x86_64-xen-2.06-150400.11.60.1 * grub2-i386-pc-2.06-150400.11.60.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * grub2-debuginfo-2.06-150400.11.60.1 * grub2-2.06-150400.11.60.1 * SUSE Manager Server 4.3 (noarch) * grub2-snapper-plugin-2.06-150400.11.60.1 * grub2-systemd-sleep-plugin-2.06-150400.11.60.1 * grub2-powerpc-ieee1275-2.06-150400.11.60.1 * grub2-x86_64-efi-2.06-150400.11.60.1 * grub2-x86_64-xen-2.06-150400.11.60.1 * grub2-i386-pc-2.06-150400.11.60.1 * SUSE Manager Server 4.3 (s390x x86_64) * grub2-debugsource-2.06-150400.11.60.1 * SUSE Manager Server 4.3 (s390x) * grub2-s390x-emu-2.06-150400.11.60.1 ## References: * https://jira.suse.com/browse/PED-12028 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 21 12:31:14 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 21 May 2025 12:31:14 -0000 Subject: SUSE-SU-2025:01631-1: moderate: Security update for s390-tools Message-ID: <174783067491.21669.7544240472375523050@smelt2.prg2.suse.org> # Security update for s390-tools Announcement ID: SUSE-SU-2025:01631-1 Release Date: 2025-05-21T10:03:45Z Rating: moderate References: * bsc#1242622 * jsc#PED-12028 Cross-References: * CVE-2025-3416 CVSS scores: * CVE-2025-3416 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-3416 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-3416 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Manager Server 4.3 An update that solves one vulnerability and contains one feature can now be installed. ## Description: This update for s390-tools rebuilds the existing package with the new 4k RSA secure boot key. Security issues fixed: * CVE-2025-3416: Fixed Use-After-Free in Md::fetch and Cipher::fetch in rust- openssl crate. (bsc#1242622) Other issues: * Added the new IBM z17 (9175) processor type ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1631=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1631=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1631=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1631=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1631=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1631=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-1631=1 ## Package List: * openSUSE Leap 15.4 (s390x x86_64) * s390-tools-debugsource-2.31.0-150400.7.31.1 * s390-tools-2.31.0-150400.7.31.1 * s390-tools-debuginfo-2.31.0-150400.7.31.1 * openSUSE Leap 15.4 (s390x) * s390-tools-hmcdrvfs-debuginfo-2.31.0-150400.7.31.1 * osasnmpd-debuginfo-2.31.0-150400.7.31.1 * libekmfweb1-debuginfo-2.31.0-150400.7.31.1 * s390-tools-zdsfs-2.31.0-150400.7.31.1 * libkmipclient1-debuginfo-2.31.0-150400.7.31.1 * libekmfweb1-devel-2.31.0-150400.7.31.1 * s390-tools-hmcdrvfs-2.31.0-150400.7.31.1 * osasnmpd-2.31.0-150400.7.31.1 * s390-tools-zdsfs-debuginfo-2.31.0-150400.7.31.1 * s390-tools-chreipl-fcp-mpath-2.31.0-150400.7.31.1 * libekmfweb1-2.31.0-150400.7.31.1 * libkmipclient1-2.31.0-150400.7.31.1 * libkmipclient1-devel-2.31.0-150400.7.31.1 * openSUSE Leap 15.4 (noarch) * s390-tools-genprotimg-data-2.31.0-150400.7.31.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (s390x) * libekmfweb1-debuginfo-2.31.0-150400.7.31.1 * libkmipclient1-debuginfo-2.31.0-150400.7.31.1 * s390-tools-2.31.0-150400.7.31.1 * s390-tools-debuginfo-2.31.0-150400.7.31.1 * libekmfweb1-2.31.0-150400.7.31.1 * libkmipclient1-2.31.0-150400.7.31.1 * s390-tools-debugsource-2.31.0-150400.7.31.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * s390-tools-genprotimg-data-2.31.0-150400.7.31.1 * SUSE Linux Enterprise Micro 5.3 (s390x) * libekmfweb1-debuginfo-2.31.0-150400.7.31.1 * libkmipclient1-debuginfo-2.31.0-150400.7.31.1 * s390-tools-2.31.0-150400.7.31.1 * s390-tools-debuginfo-2.31.0-150400.7.31.1 * libekmfweb1-2.31.0-150400.7.31.1 * libkmipclient1-2.31.0-150400.7.31.1 * s390-tools-debugsource-2.31.0-150400.7.31.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * s390-tools-genprotimg-data-2.31.0-150400.7.31.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (s390x) * libekmfweb1-debuginfo-2.31.0-150400.7.31.1 * libkmipclient1-debuginfo-2.31.0-150400.7.31.1 * s390-tools-2.31.0-150400.7.31.1 * s390-tools-debuginfo-2.31.0-150400.7.31.1 * libekmfweb1-2.31.0-150400.7.31.1 * libkmipclient1-2.31.0-150400.7.31.1 * s390-tools-debugsource-2.31.0-150400.7.31.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * s390-tools-genprotimg-data-2.31.0-150400.7.31.1 * SUSE Linux Enterprise Micro 5.4 (s390x) * libekmfweb1-debuginfo-2.31.0-150400.7.31.1 * libkmipclient1-debuginfo-2.31.0-150400.7.31.1 * s390-tools-2.31.0-150400.7.31.1 * s390-tools-debuginfo-2.31.0-150400.7.31.1 * libekmfweb1-2.31.0-150400.7.31.1 * libkmipclient1-2.31.0-150400.7.31.1 * s390-tools-debugsource-2.31.0-150400.7.31.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * s390-tools-genprotimg-data-2.31.0-150400.7.31.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (s390x) * s390-tools-hmcdrvfs-debuginfo-2.31.0-150400.7.31.1 * osasnmpd-debuginfo-2.31.0-150400.7.31.1 * libekmfweb1-debuginfo-2.31.0-150400.7.31.1 * s390-tools-zdsfs-2.31.0-150400.7.31.1 * libkmipclient1-debuginfo-2.31.0-150400.7.31.1 * libekmfweb1-devel-2.31.0-150400.7.31.1 * s390-tools-2.31.0-150400.7.31.1 * osasnmpd-2.31.0-150400.7.31.1 * s390-tools-debuginfo-2.31.0-150400.7.31.1 * s390-tools-hmcdrvfs-2.31.0-150400.7.31.1 * s390-tools-zdsfs-debuginfo-2.31.0-150400.7.31.1 * s390-tools-chreipl-fcp-mpath-2.31.0-150400.7.31.1 * libekmfweb1-2.31.0-150400.7.31.1 * libkmipclient1-2.31.0-150400.7.31.1 * s390-tools-debugsource-2.31.0-150400.7.31.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * s390-tools-genprotimg-data-2.31.0-150400.7.31.1 * SUSE Manager Server 4.3 (s390x) * s390-tools-hmcdrvfs-debuginfo-2.31.0-150400.7.31.1 * osasnmpd-debuginfo-2.31.0-150400.7.31.1 * libekmfweb1-debuginfo-2.31.0-150400.7.31.1 * s390-tools-zdsfs-2.31.0-150400.7.31.1 * libkmipclient1-debuginfo-2.31.0-150400.7.31.1 * libekmfweb1-devel-2.31.0-150400.7.31.1 * s390-tools-2.31.0-150400.7.31.1 * osasnmpd-2.31.0-150400.7.31.1 * s390-tools-debuginfo-2.31.0-150400.7.31.1 * s390-tools-hmcdrvfs-2.31.0-150400.7.31.1 * s390-tools-zdsfs-debuginfo-2.31.0-150400.7.31.1 * s390-tools-chreipl-fcp-mpath-2.31.0-150400.7.31.1 * libekmfweb1-2.31.0-150400.7.31.1 * libkmipclient1-2.31.0-150400.7.31.1 * s390-tools-debugsource-2.31.0-150400.7.31.1 * SUSE Manager Server 4.3 (noarch) * s390-tools-genprotimg-data-2.31.0-150400.7.31.1 ## References: * https://www.suse.com/security/cve/CVE-2025-3416.html * https://bugzilla.suse.com/show_bug.cgi?id=1242622 * https://jira.suse.com/browse/PED-12028 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 21 12:31:16 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 21 May 2025 12:31:16 -0000 Subject: SUSE-RU-2025:01630-1: moderate: Recommended update for drbd Message-ID: <174783067664.21669.1655595645318157833@smelt2.prg2.suse.org> # Recommended update for drbd Announcement ID: SUSE-RU-2025:01630-1 Release Date: 2025-05-21T10:03:35Z Rating: moderate References: * jsc#PED-12028 Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Availability Extension 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that contains one feature can now be installed. ## Description: This update for drbd rebuilds the existing package with the new 4k RSA secure boot key for IBM Power and Z. Note: the signing key of x86 / x86_64 and aarch64 architectures are unchanged. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1630=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1630=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1630=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1630=1 * SUSE Linux Enterprise High Availability Extension 15 SP4 zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2025-1630=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1630=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * drbd-9.0.30~1+git.10bee2d5-150400.3.6.1 * drbd-debugsource-9.0.30~1+git.10bee2d5-150400.3.6.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * drbd-9.0.30~1+git.10bee2d5-150400.3.6.1 * drbd-debugsource-9.0.30~1+git.10bee2d5-150400.3.6.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * drbd-9.0.30~1+git.10bee2d5-150400.3.6.1 * drbd-debugsource-9.0.30~1+git.10bee2d5-150400.3.6.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * drbd-9.0.30~1+git.10bee2d5-150400.3.6.1 * drbd-debugsource-9.0.30~1+git.10bee2d5-150400.3.6.1 * SUSE Linux Enterprise High Availability Extension 15 SP4 (aarch64 ppc64le s390x x86_64) * drbd-kmp-default-debuginfo-9.0.30~1+git.10bee2d5_k5.14.21_150400.24.161-150400.3.6.1 * drbd-9.0.30~1+git.10bee2d5-150400.3.6.1 * drbd-kmp-default-9.0.30~1+git.10bee2d5_k5.14.21_150400.24.161-150400.3.6.1 * drbd-debugsource-9.0.30~1+git.10bee2d5-150400.3.6.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * drbd-kmp-default-debuginfo-9.0.30~1+git.10bee2d5_k5.14.21_150400.24.161-150400.3.6.1 * drbd-9.0.30~1+git.10bee2d5-150400.3.6.1 * drbd-kmp-default-9.0.30~1+git.10bee2d5_k5.14.21_150400.24.161-150400.3.6.1 * drbd-debugsource-9.0.30~1+git.10bee2d5-150400.3.6.1 * openSUSE Leap 15.4 (aarch64) * drbd-kmp-64kb-debuginfo-9.0.30~1+git.10bee2d5_k5.14.21_150400.24.161-150400.3.6.1 * drbd-kmp-64kb-9.0.30~1+git.10bee2d5_k5.14.21_150400.24.161-150400.3.6.1 ## References: * https://jira.suse.com/browse/PED-12028 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 21 12:31:18 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 21 May 2025 12:31:18 -0000 Subject: SUSE-RU-2025:01629-1: moderate: Recommended update for oracleasm Message-ID: <174783067810.21669.16416449341300035314@smelt2.prg2.suse.org> # Recommended update for oracleasm Announcement ID: SUSE-RU-2025:01629-1 Release Date: 2025-05-21T10:03:18Z Rating: moderate References: * jsc#PED-12028 Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that contains one feature can now be installed. ## Description: This update for oracleasm rebuilds the existing package with the new 4k RSA secure boot key for IBM Power and Z. Note: the signing key of x86 / x86_64 and aarch64 architectures are unchanged. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1629=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1629=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1629=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1629=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1629=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-1629=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-1629=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-1629=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * oracleasm-debugsource-2.0.8-150400.25.9.1 * oracleasm-kmp-default-2.0.8_k5.14.21_150400.24.161-150400.25.9.1 * oracleasm-kmp-default-debuginfo-2.0.8_k5.14.21_150400.24.161-150400.25.9.1 * openSUSE Leap 15.4 (aarch64) * oracleasm-kmp-64kb-debuginfo-2.0.8_k5.14.21_150400.24.161-150400.25.9.1 * oracleasm-kmp-64kb-2.0.8_k5.14.21_150400.24.161-150400.25.9.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * oracleasm-kmp-default-2.0.8_k5.14.21_150400.24.161-150400.25.9.1 * oracleasm-kmp-default-debuginfo-2.0.8_k5.14.21_150400.24.161-150400.25.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * oracleasm-kmp-default-2.0.8_k5.14.21_150400.24.161-150400.25.9.1 * oracleasm-kmp-default-debuginfo-2.0.8_k5.14.21_150400.24.161-150400.25.9.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * oracleasm-kmp-default-2.0.8_k5.14.21_150400.24.161-150400.25.9.1 * oracleasm-kmp-default-debuginfo-2.0.8_k5.14.21_150400.24.161-150400.25.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * oracleasm-kmp-default-2.0.8_k5.14.21_150400.24.161-150400.25.9.1 * oracleasm-kmp-default-debuginfo-2.0.8_k5.14.21_150400.24.161-150400.25.9.1 * SUSE Manager Proxy 4.3 (x86_64) * oracleasm-kmp-default-2.0.8_k5.14.21_150400.24.161-150400.25.9.1 * oracleasm-kmp-default-debuginfo-2.0.8_k5.14.21_150400.24.161-150400.25.9.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * oracleasm-kmp-default-2.0.8_k5.14.21_150400.24.161-150400.25.9.1 * oracleasm-kmp-default-debuginfo-2.0.8_k5.14.21_150400.24.161-150400.25.9.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * oracleasm-kmp-default-2.0.8_k5.14.21_150400.24.161-150400.25.9.1 * oracleasm-kmp-default-debuginfo-2.0.8_k5.14.21_150400.24.161-150400.25.9.1 ## References: * https://jira.suse.com/browse/PED-12028 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 21 12:31:19 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 21 May 2025 12:31:19 -0000 Subject: SUSE-RU-2025:01628-1: moderate: Recommended update for dpdk Message-ID: <174783067969.21669.18001443861689244525@smelt2.prg2.suse.org> # Recommended update for dpdk Announcement ID: SUSE-RU-2025:01628-1 Release Date: 2025-05-21T10:02:48Z Rating: moderate References: * jsc#PED-12028 Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that contains one feature can now be installed. ## Description: This update for dpdk rebuilds the existing package with the new 4k RSA secure boot key for IBM Power and Z. Note: the signing key of x86 / x86_64 and aarch64 architectures are unchanged. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1628=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1628=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1628=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1628=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1628=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-1628=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-1628=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-1628=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le x86_64) * dpdk-kmp-default-debuginfo-19.11.10_k5.14.21_150400.24.161-150400.4.20.1 * dpdk-examples-debuginfo-19.11.10-150400.4.20.1 * dpdk-tools-debuginfo-19.11.10-150400.4.20.1 * libdpdk-20_0-19.11.10-150400.4.20.1 * dpdk-debugsource-19.11.10-150400.4.20.1 * dpdk-kmp-default-19.11.10_k5.14.21_150400.24.161-150400.4.20.1 * libdpdk-20_0-debuginfo-19.11.10-150400.4.20.1 * dpdk-examples-19.11.10-150400.4.20.1 * dpdk-devel-debuginfo-19.11.10-150400.4.20.1 * dpdk-19.11.10-150400.4.20.1 * dpdk-tools-19.11.10-150400.4.20.1 * dpdk-devel-19.11.10-150400.4.20.1 * dpdk-debuginfo-19.11.10-150400.4.20.1 * openSUSE Leap 15.4 (noarch) * dpdk-doc-19.11.10-150400.4.20.1 * dpdk-thunderx-doc-19.11.10-150400.4.20.1 * openSUSE Leap 15.4 (aarch64) * dpdk-thunderx-devel-debuginfo-19.11.10-150400.4.20.1 * dpdk-thunderx-examples-debuginfo-19.11.10-150400.4.20.1 * dpdk-thunderx-kmp-default-debuginfo-19.11.10_k5.14.21_150400.24.161-150400.4.20.1 * dpdk-thunderx-tools-19.11.10-150400.4.20.1 * dpdk-thunderx-devel-19.11.10-150400.4.20.1 * dpdk-thunderx-debuginfo-19.11.10-150400.4.20.1 * dpdk-thunderx-tools-debuginfo-19.11.10-150400.4.20.1 * dpdk-thunderx-examples-19.11.10-150400.4.20.1 * dpdk-thunderx-19.11.10-150400.4.20.1 * dpdk-thunderx-debugsource-19.11.10-150400.4.20.1 * dpdk-thunderx-kmp-default-19.11.10_k5.14.21_150400.24.161-150400.4.20.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * dpdk-kmp-default-debuginfo-19.11.10_k5.14.21_150400.24.161-150400.4.20.1 * dpdk-tools-debuginfo-19.11.10-150400.4.20.1 * libdpdk-20_0-debuginfo-19.11.10-150400.4.20.1 * libdpdk-20_0-19.11.10-150400.4.20.1 * dpdk-debugsource-19.11.10-150400.4.20.1 * dpdk-kmp-default-19.11.10_k5.14.21_150400.24.161-150400.4.20.1 * dpdk-devel-debuginfo-19.11.10-150400.4.20.1 * dpdk-19.11.10-150400.4.20.1 * dpdk-tools-19.11.10-150400.4.20.1 * dpdk-devel-19.11.10-150400.4.20.1 * dpdk-debuginfo-19.11.10-150400.4.20.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64) * dpdk-thunderx-devel-debuginfo-19.11.10-150400.4.20.1 * dpdk-thunderx-kmp-default-debuginfo-19.11.10_k5.14.21_150400.24.161-150400.4.20.1 * dpdk-thunderx-devel-19.11.10-150400.4.20.1 * dpdk-thunderx-debuginfo-19.11.10-150400.4.20.1 * dpdk-thunderx-19.11.10-150400.4.20.1 * dpdk-thunderx-debugsource-19.11.10-150400.4.20.1 * dpdk-thunderx-kmp-default-19.11.10_k5.14.21_150400.24.161-150400.4.20.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * dpdk-kmp-default-debuginfo-19.11.10_k5.14.21_150400.24.161-150400.4.20.1 * dpdk-tools-debuginfo-19.11.10-150400.4.20.1 * libdpdk-20_0-debuginfo-19.11.10-150400.4.20.1 * libdpdk-20_0-19.11.10-150400.4.20.1 * dpdk-debugsource-19.11.10-150400.4.20.1 * dpdk-kmp-default-19.11.10_k5.14.21_150400.24.161-150400.4.20.1 * dpdk-devel-debuginfo-19.11.10-150400.4.20.1 * dpdk-19.11.10-150400.4.20.1 * dpdk-tools-19.11.10-150400.4.20.1 * dpdk-devel-19.11.10-150400.4.20.1 * dpdk-debuginfo-19.11.10-150400.4.20.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64) * dpdk-thunderx-devel-debuginfo-19.11.10-150400.4.20.1 * dpdk-thunderx-kmp-default-debuginfo-19.11.10_k5.14.21_150400.24.161-150400.4.20.1 * dpdk-thunderx-devel-19.11.10-150400.4.20.1 * dpdk-thunderx-debuginfo-19.11.10-150400.4.20.1 * dpdk-thunderx-19.11.10-150400.4.20.1 * dpdk-thunderx-debugsource-19.11.10-150400.4.20.1 * dpdk-thunderx-kmp-default-19.11.10_k5.14.21_150400.24.161-150400.4.20.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le x86_64) * dpdk-kmp-default-debuginfo-19.11.10_k5.14.21_150400.24.161-150400.4.20.1 * dpdk-tools-debuginfo-19.11.10-150400.4.20.1 * libdpdk-20_0-debuginfo-19.11.10-150400.4.20.1 * libdpdk-20_0-19.11.10-150400.4.20.1 * dpdk-debugsource-19.11.10-150400.4.20.1 * dpdk-kmp-default-19.11.10_k5.14.21_150400.24.161-150400.4.20.1 * dpdk-devel-debuginfo-19.11.10-150400.4.20.1 * dpdk-19.11.10-150400.4.20.1 * dpdk-tools-19.11.10-150400.4.20.1 * dpdk-devel-19.11.10-150400.4.20.1 * dpdk-debuginfo-19.11.10-150400.4.20.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64) * dpdk-thunderx-devel-debuginfo-19.11.10-150400.4.20.1 * dpdk-thunderx-kmp-default-debuginfo-19.11.10_k5.14.21_150400.24.161-150400.4.20.1 * dpdk-thunderx-devel-19.11.10-150400.4.20.1 * dpdk-thunderx-debuginfo-19.11.10-150400.4.20.1 * dpdk-thunderx-19.11.10-150400.4.20.1 * dpdk-thunderx-debugsource-19.11.10-150400.4.20.1 * dpdk-thunderx-kmp-default-19.11.10_k5.14.21_150400.24.161-150400.4.20.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * dpdk-kmp-default-debuginfo-19.11.10_k5.14.21_150400.24.161-150400.4.20.1 * dpdk-tools-debuginfo-19.11.10-150400.4.20.1 * libdpdk-20_0-debuginfo-19.11.10-150400.4.20.1 * libdpdk-20_0-19.11.10-150400.4.20.1 * dpdk-debugsource-19.11.10-150400.4.20.1 * dpdk-kmp-default-19.11.10_k5.14.21_150400.24.161-150400.4.20.1 * dpdk-devel-debuginfo-19.11.10-150400.4.20.1 * dpdk-19.11.10-150400.4.20.1 * dpdk-tools-19.11.10-150400.4.20.1 * dpdk-devel-19.11.10-150400.4.20.1 * dpdk-debuginfo-19.11.10-150400.4.20.1 * SUSE Manager Proxy 4.3 (x86_64) * dpdk-kmp-default-debuginfo-19.11.10_k5.14.21_150400.24.161-150400.4.20.1 * dpdk-tools-debuginfo-19.11.10-150400.4.20.1 * libdpdk-20_0-debuginfo-19.11.10-150400.4.20.1 * libdpdk-20_0-19.11.10-150400.4.20.1 * dpdk-debugsource-19.11.10-150400.4.20.1 * dpdk-kmp-default-19.11.10_k5.14.21_150400.24.161-150400.4.20.1 * dpdk-devel-debuginfo-19.11.10-150400.4.20.1 * dpdk-19.11.10-150400.4.20.1 * dpdk-tools-19.11.10-150400.4.20.1 * dpdk-devel-19.11.10-150400.4.20.1 * dpdk-debuginfo-19.11.10-150400.4.20.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * dpdk-kmp-default-debuginfo-19.11.10_k5.14.21_150400.24.161-150400.4.20.1 * dpdk-tools-debuginfo-19.11.10-150400.4.20.1 * libdpdk-20_0-debuginfo-19.11.10-150400.4.20.1 * libdpdk-20_0-19.11.10-150400.4.20.1 * dpdk-debugsource-19.11.10-150400.4.20.1 * dpdk-kmp-default-19.11.10_k5.14.21_150400.24.161-150400.4.20.1 * dpdk-devel-debuginfo-19.11.10-150400.4.20.1 * dpdk-19.11.10-150400.4.20.1 * dpdk-tools-19.11.10-150400.4.20.1 * dpdk-devel-19.11.10-150400.4.20.1 * dpdk-debuginfo-19.11.10-150400.4.20.1 * SUSE Manager Server 4.3 (ppc64le x86_64) * dpdk-kmp-default-debuginfo-19.11.10_k5.14.21_150400.24.161-150400.4.20.1 * dpdk-tools-debuginfo-19.11.10-150400.4.20.1 * libdpdk-20_0-debuginfo-19.11.10-150400.4.20.1 * libdpdk-20_0-19.11.10-150400.4.20.1 * dpdk-debugsource-19.11.10-150400.4.20.1 * dpdk-kmp-default-19.11.10_k5.14.21_150400.24.161-150400.4.20.1 * dpdk-devel-debuginfo-19.11.10-150400.4.20.1 * dpdk-19.11.10-150400.4.20.1 * dpdk-tools-19.11.10-150400.4.20.1 * dpdk-devel-19.11.10-150400.4.20.1 * dpdk-debuginfo-19.11.10-150400.4.20.1 ## References: * https://jira.suse.com/browse/PED-12028 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 21 12:31:34 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 21 May 2025 12:31:34 -0000 Subject: SUSE-SU-2025:01627-1: important: Security update for the Linux Kernel Message-ID: <174783069496.21669.713155081281018787@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:01627-1 Release Date: 2025-05-21T10:02:18Z Rating: important References: * bsc#1201855 * bsc#1230771 * bsc#1238471 * bsc#1238512 * bsc#1238747 * bsc#1238865 * bsc#1239968 * bsc#1240188 * bsc#1240195 * bsc#1240553 * bsc#1240747 * bsc#1240835 * bsc#1241280 * bsc#1241371 * bsc#1241421 * bsc#1241433 * bsc#1241541 Cross-References: * CVE-2021-47671 * CVE-2022-49741 * CVE-2024-46784 * CVE-2025-21726 * CVE-2025-21785 * CVE-2025-21791 * CVE-2025-21812 * CVE-2025-21886 * CVE-2025-22004 * CVE-2025-22020 * CVE-2025-22045 * CVE-2025-22055 * CVE-2025-22097 CVSS scores: * CVE-2021-47671 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2021-47671 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47671 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-49741 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49741 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49741 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46784 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46784 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21726 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21726 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21726 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21785 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21785 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21785 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21791 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21791 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21791 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21791 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21812 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21812 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21812 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21886 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22004 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22004 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22020 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22020 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22020 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22045 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22045 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22055 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22055 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-22097 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22097 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-22097 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Availability Extension 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves 13 vulnerabilities and has four security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2025-21726: padata: avoid UAF for reorder_work (bsc#1238865). * CVE-2025-21785: arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (bsc#1238747). * CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1238512). * CVE-2025-21812: ax25: rcu protect dev->ax25_ptr (bsc#1238471). * CVE-2025-22004: net: atm: fix use after free in lec_send() (bsc#1240835). * CVE-2025-22020: memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove (bsc#1241280). * CVE-2025-22045: x86/mm: Fix flush_tlb_range() when used for zapping normal PMDs (bsc#1241433). * CVE-2025-22055: net: fix geneve_opt length integer overflow (bsc#1241371). * CVE-2025-22097: drm/vkms: Fix use after free and double free on init error (bsc#1241541). The following non-security bugs were fixed: * scsi: smartpqi: Add ctrl ready timeout module parameter (jsc#PED-1557, bsc#1201855, bsc#1240553). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1627=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1627=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1627=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1627=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1627=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-1627=1 Please note that this is the initial kernel livepatch without fixes itself, this package is later updated by separate standalone kernel livepatch updates. * SUSE Linux Enterprise High Availability Extension 15 SP4 zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2025-1627=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1627=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1627=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1627=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1627=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-1627=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-1627=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-1627=1 ## Package List: * openSUSE Leap 15.4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.164.1 * openSUSE Leap 15.4 (noarch) * kernel-docs-html-5.14.21-150400.24.164.1 * kernel-source-vanilla-5.14.21-150400.24.164.1 * kernel-macros-5.14.21-150400.24.164.1 * kernel-source-5.14.21-150400.24.164.1 * kernel-devel-5.14.21-150400.24.164.1 * openSUSE Leap 15.4 (nosrc ppc64le x86_64) * kernel-debug-5.14.21-150400.24.164.1 * openSUSE Leap 15.4 (ppc64le x86_64) * kernel-debug-debugsource-5.14.21-150400.24.164.1 * kernel-debug-devel-5.14.21-150400.24.164.1 * kernel-debug-debuginfo-5.14.21-150400.24.164.1 * kernel-debug-devel-debuginfo-5.14.21-150400.24.164.1 * openSUSE Leap 15.4 (aarch64 ppc64le x86_64) * kernel-default-base-rebuild-5.14.21-150400.24.164.1.150400.24.82.1 * kernel-kvmsmall-debuginfo-5.14.21-150400.24.164.1 * kernel-kvmsmall-debugsource-5.14.21-150400.24.164.1 * kernel-kvmsmall-devel-5.14.21-150400.24.164.1 * kernel-kvmsmall-devel-debuginfo-5.14.21-150400.24.164.1 * kernel-default-base-5.14.21-150400.24.164.1.150400.24.82.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * cluster-md-kmp-default-debuginfo-5.14.21-150400.24.164.1 * kernel-default-livepatch-5.14.21-150400.24.164.1 * kernel-obs-build-5.14.21-150400.24.164.1 * dlm-kmp-default-5.14.21-150400.24.164.1 * kernel-obs-build-debugsource-5.14.21-150400.24.164.1 * kernel-default-optional-debuginfo-5.14.21-150400.24.164.1 * ocfs2-kmp-default-debuginfo-5.14.21-150400.24.164.1 * kernel-default-extra-5.14.21-150400.24.164.1 * kernel-default-debugsource-5.14.21-150400.24.164.1 * kernel-syms-5.14.21-150400.24.164.1 * gfs2-kmp-default-debuginfo-5.14.21-150400.24.164.1 * kselftests-kmp-default-5.14.21-150400.24.164.1 * gfs2-kmp-default-5.14.21-150400.24.164.1 * reiserfs-kmp-default-5.14.21-150400.24.164.1 * kernel-default-extra-debuginfo-5.14.21-150400.24.164.1 * kernel-obs-qa-5.14.21-150400.24.164.1 * kernel-default-devel-5.14.21-150400.24.164.1 * cluster-md-kmp-default-5.14.21-150400.24.164.1 * dlm-kmp-default-debuginfo-5.14.21-150400.24.164.1 * ocfs2-kmp-default-5.14.21-150400.24.164.1 * kernel-default-optional-5.14.21-150400.24.164.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.164.1 * kernel-default-debuginfo-5.14.21-150400.24.164.1 * kselftests-kmp-default-debuginfo-5.14.21-150400.24.164.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.164.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150400.24.164.1 * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_164-default-1-150400.9.3.1 * kernel-livepatch-5_14_21-150400_24_164-default-debuginfo-1-150400.9.3.1 * kernel-default-livepatch-devel-5.14.21-150400.24.164.1 * kernel-livepatch-SLE15-SP4_Update_40-debugsource-1-150400.9.3.1 * openSUSE Leap 15.4 (aarch64 nosrc ppc64le x86_64) * kernel-kvmsmall-5.14.21-150400.24.164.1 * openSUSE Leap 15.4 (nosrc s390x) * kernel-zfcpdump-5.14.21-150400.24.164.1 * openSUSE Leap 15.4 (s390x) * kernel-zfcpdump-debugsource-5.14.21-150400.24.164.1 * kernel-zfcpdump-debuginfo-5.14.21-150400.24.164.1 * openSUSE Leap 15.4 (nosrc) * dtb-aarch64-5.14.21-150400.24.164.1 * openSUSE Leap 15.4 (aarch64) * dtb-xilinx-5.14.21-150400.24.164.1 * kernel-64kb-extra-5.14.21-150400.24.164.1 * dtb-hisilicon-5.14.21-150400.24.164.1 * cluster-md-kmp-64kb-5.14.21-150400.24.164.1 * dtb-rockchip-5.14.21-150400.24.164.1 * ocfs2-kmp-64kb-5.14.21-150400.24.164.1 * dtb-broadcom-5.14.21-150400.24.164.1 * dtb-lg-5.14.21-150400.24.164.1 * dtb-nvidia-5.14.21-150400.24.164.1 * dtb-socionext-5.14.21-150400.24.164.1 * reiserfs-kmp-64kb-debuginfo-5.14.21-150400.24.164.1 * dtb-freescale-5.14.21-150400.24.164.1 * dtb-arm-5.14.21-150400.24.164.1 * dtb-renesas-5.14.21-150400.24.164.1 * dlm-kmp-64kb-5.14.21-150400.24.164.1 * gfs2-kmp-64kb-5.14.21-150400.24.164.1 * kernel-64kb-debugsource-5.14.21-150400.24.164.1 * dtb-apple-5.14.21-150400.24.164.1 * dtb-apm-5.14.21-150400.24.164.1 * dtb-allwinner-5.14.21-150400.24.164.1 * kselftests-kmp-64kb-debuginfo-5.14.21-150400.24.164.1 * ocfs2-kmp-64kb-debuginfo-5.14.21-150400.24.164.1 * kernel-64kb-devel-5.14.21-150400.24.164.1 * dtb-cavium-5.14.21-150400.24.164.1 * dtb-exynos-5.14.21-150400.24.164.1 * kernel-64kb-devel-debuginfo-5.14.21-150400.24.164.1 * cluster-md-kmp-64kb-debuginfo-5.14.21-150400.24.164.1 * kernel-64kb-debuginfo-5.14.21-150400.24.164.1 * dtb-amlogic-5.14.21-150400.24.164.1 * reiserfs-kmp-64kb-5.14.21-150400.24.164.1 * dtb-qcom-5.14.21-150400.24.164.1 * kselftests-kmp-64kb-5.14.21-150400.24.164.1 * dtb-sprd-5.14.21-150400.24.164.1 * gfs2-kmp-64kb-debuginfo-5.14.21-150400.24.164.1 * dtb-amazon-5.14.21-150400.24.164.1 * kernel-64kb-optional-debuginfo-5.14.21-150400.24.164.1 * dtb-mediatek-5.14.21-150400.24.164.1 * dtb-altera-5.14.21-150400.24.164.1 * kernel-64kb-extra-debuginfo-5.14.21-150400.24.164.1 * dlm-kmp-64kb-debuginfo-5.14.21-150400.24.164.1 * kernel-64kb-optional-5.14.21-150400.24.164.1 * dtb-amd-5.14.21-150400.24.164.1 * dtb-marvell-5.14.21-150400.24.164.1 * openSUSE Leap 15.4 (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.164.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.164.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.164.1.150400.24.82.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * kernel-default-debugsource-5.14.21-150400.24.164.1 * kernel-default-debuginfo-5.14.21-150400.24.164.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.164.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.164.1.150400.24.82.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * kernel-default-debugsource-5.14.21-150400.24.164.1 * kernel-default-debuginfo-5.14.21-150400.24.164.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.164.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.164.1.150400.24.82.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * kernel-default-debugsource-5.14.21-150400.24.164.1 * kernel-default-debuginfo-5.14.21-150400.24.164.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.164.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.164.1.150400.24.82.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * kernel-default-debugsource-5.14.21-150400.24.164.1 * kernel-default-debuginfo-5.14.21-150400.24.164.1 * SUSE Linux Enterprise Live Patching 15-SP4 (nosrc) * kernel-default-5.14.21-150400.24.164.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-default-livepatch-5.14.21-150400.24.164.1 * kernel-livepatch-5_14_21-150400_24_164-default-debuginfo-1-150400.9.3.1 * kernel-default-debugsource-5.14.21-150400.24.164.1 * kernel-default-livepatch-devel-5.14.21-150400.24.164.1 * kernel-livepatch-5_14_21-150400_24_164-default-1-150400.9.3.1 * kernel-default-debuginfo-5.14.21-150400.24.164.1 * kernel-livepatch-SLE15-SP4_Update_40-debugsource-1-150400.9.3.1 * SUSE Linux Enterprise High Availability Extension 15 SP4 (aarch64 ppc64le s390x x86_64) * dlm-kmp-default-debuginfo-5.14.21-150400.24.164.1 * cluster-md-kmp-default-debuginfo-5.14.21-150400.24.164.1 * ocfs2-kmp-default-5.14.21-150400.24.164.1 * kernel-default-debugsource-5.14.21-150400.24.164.1 * dlm-kmp-default-5.14.21-150400.24.164.1 * gfs2-kmp-default-debuginfo-5.14.21-150400.24.164.1 * kernel-default-debuginfo-5.14.21-150400.24.164.1 * ocfs2-kmp-default-debuginfo-5.14.21-150400.24.164.1 * gfs2-kmp-default-5.14.21-150400.24.164.1 * cluster-md-kmp-default-5.14.21-150400.24.164.1 * SUSE Linux Enterprise High Availability Extension 15 SP4 (nosrc) * kernel-default-5.14.21-150400.24.164.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.164.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64) * kernel-64kb-debuginfo-5.14.21-150400.24.164.1 * kernel-64kb-debugsource-5.14.21-150400.24.164.1 * kernel-64kb-devel-5.14.21-150400.24.164.1 * kernel-64kb-devel-debuginfo-5.14.21-150400.24.164.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150400.24.164.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * reiserfs-kmp-default-5.14.21-150400.24.164.1 * kernel-default-debugsource-5.14.21-150400.24.164.1 * kernel-obs-build-5.14.21-150400.24.164.1 * kernel-obs-build-debugsource-5.14.21-150400.24.164.1 * kernel-syms-5.14.21-150400.24.164.1 * kernel-default-base-5.14.21-150400.24.164.1.150400.24.82.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.164.1 * kernel-default-devel-5.14.21-150400.24.164.1 * kernel-default-debuginfo-5.14.21-150400.24.164.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.164.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * kernel-source-5.14.21-150400.24.164.1 * kernel-macros-5.14.21-150400.24.164.1 * kernel-devel-5.14.21-150400.24.164.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.164.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.164.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64) * kernel-64kb-debuginfo-5.14.21-150400.24.164.1 * kernel-64kb-debugsource-5.14.21-150400.24.164.1 * kernel-64kb-devel-5.14.21-150400.24.164.1 * kernel-64kb-devel-debuginfo-5.14.21-150400.24.164.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150400.24.164.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * reiserfs-kmp-default-5.14.21-150400.24.164.1 * kernel-default-debugsource-5.14.21-150400.24.164.1 * kernel-obs-build-5.14.21-150400.24.164.1 * kernel-obs-build-debugsource-5.14.21-150400.24.164.1 * kernel-syms-5.14.21-150400.24.164.1 * kernel-default-base-5.14.21-150400.24.164.1.150400.24.82.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.164.1 * kernel-default-devel-5.14.21-150400.24.164.1 * kernel-default-debuginfo-5.14.21-150400.24.164.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.164.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * kernel-source-5.14.21-150400.24.164.1 * kernel-macros-5.14.21-150400.24.164.1 * kernel-devel-5.14.21-150400.24.164.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.164.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.164.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64) * kernel-64kb-debuginfo-5.14.21-150400.24.164.1 * kernel-64kb-debugsource-5.14.21-150400.24.164.1 * kernel-64kb-devel-5.14.21-150400.24.164.1 * kernel-64kb-devel-debuginfo-5.14.21-150400.24.164.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150400.24.164.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le x86_64) * kernel-default-base-5.14.21-150400.24.164.1.150400.24.82.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * reiserfs-kmp-default-5.14.21-150400.24.164.1 * kernel-default-debugsource-5.14.21-150400.24.164.1 * kernel-obs-build-5.14.21-150400.24.164.1 * kernel-obs-build-debugsource-5.14.21-150400.24.164.1 * kernel-syms-5.14.21-150400.24.164.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.164.1 * kernel-default-devel-5.14.21-150400.24.164.1 * kernel-default-debuginfo-5.14.21-150400.24.164.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.164.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * kernel-source-5.14.21-150400.24.164.1 * kernel-macros-5.14.21-150400.24.164.1 * kernel-devel-5.14.21-150400.24.164.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch nosrc) * kernel-docs-5.14.21-150400.24.164.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (nosrc s390x) * kernel-zfcpdump-5.14.21-150400.24.164.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (s390x) * kernel-zfcpdump-debugsource-5.14.21-150400.24.164.1 * kernel-zfcpdump-debuginfo-5.14.21-150400.24.164.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (nosrc ppc64le x86_64) * kernel-default-5.14.21-150400.24.164.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * reiserfs-kmp-default-5.14.21-150400.24.164.1 * kernel-default-debugsource-5.14.21-150400.24.164.1 * kernel-obs-build-5.14.21-150400.24.164.1 * kernel-obs-build-debugsource-5.14.21-150400.24.164.1 * kernel-syms-5.14.21-150400.24.164.1 * kernel-default-base-5.14.21-150400.24.164.1.150400.24.82.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.164.1 * kernel-default-devel-5.14.21-150400.24.164.1 * kernel-default-debuginfo-5.14.21-150400.24.164.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.164.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * kernel-source-5.14.21-150400.24.164.1 * kernel-macros-5.14.21-150400.24.164.1 * kernel-devel-5.14.21-150400.24.164.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.164.1 * SUSE Manager Proxy 4.3 (nosrc x86_64) * kernel-default-5.14.21-150400.24.164.1 * SUSE Manager Proxy 4.3 (x86_64) * kernel-default-debugsource-5.14.21-150400.24.164.1 * kernel-syms-5.14.21-150400.24.164.1 * kernel-default-base-5.14.21-150400.24.164.1.150400.24.82.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.164.1 * kernel-default-devel-5.14.21-150400.24.164.1 * kernel-default-debuginfo-5.14.21-150400.24.164.1 * SUSE Manager Proxy 4.3 (noarch) * kernel-source-5.14.21-150400.24.164.1 * kernel-macros-5.14.21-150400.24.164.1 * kernel-devel-5.14.21-150400.24.164.1 * SUSE Manager Retail Branch Server 4.3 (nosrc x86_64) * kernel-default-5.14.21-150400.24.164.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * kernel-default-debugsource-5.14.21-150400.24.164.1 * kernel-default-base-5.14.21-150400.24.164.1.150400.24.82.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.164.1 * kernel-default-devel-5.14.21-150400.24.164.1 * kernel-default-debuginfo-5.14.21-150400.24.164.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * kernel-macros-5.14.21-150400.24.164.1 * kernel-devel-5.14.21-150400.24.164.1 * SUSE Manager Server 4.3 (nosrc ppc64le s390x x86_64) * kernel-default-5.14.21-150400.24.164.1 * SUSE Manager Server 4.3 (ppc64le x86_64) * kernel-default-base-5.14.21-150400.24.164.1.150400.24.82.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * kernel-default-debugsource-5.14.21-150400.24.164.1 * kernel-syms-5.14.21-150400.24.164.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.164.1 * kernel-default-devel-5.14.21-150400.24.164.1 * kernel-default-debuginfo-5.14.21-150400.24.164.1 * SUSE Manager Server 4.3 (noarch) * kernel-source-5.14.21-150400.24.164.1 * kernel-macros-5.14.21-150400.24.164.1 * kernel-devel-5.14.21-150400.24.164.1 * SUSE Manager Server 4.3 (nosrc s390x) * kernel-zfcpdump-5.14.21-150400.24.164.1 * SUSE Manager Server 4.3 (s390x) * kernel-zfcpdump-debugsource-5.14.21-150400.24.164.1 * kernel-zfcpdump-debuginfo-5.14.21-150400.24.164.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47671.html * https://www.suse.com/security/cve/CVE-2022-49741.html * https://www.suse.com/security/cve/CVE-2024-46784.html * https://www.suse.com/security/cve/CVE-2025-21726.html * https://www.suse.com/security/cve/CVE-2025-21785.html * https://www.suse.com/security/cve/CVE-2025-21791.html * https://www.suse.com/security/cve/CVE-2025-21812.html * https://www.suse.com/security/cve/CVE-2025-21886.html * https://www.suse.com/security/cve/CVE-2025-22004.html * https://www.suse.com/security/cve/CVE-2025-22020.html * https://www.suse.com/security/cve/CVE-2025-22045.html * https://www.suse.com/security/cve/CVE-2025-22055.html * https://www.suse.com/security/cve/CVE-2025-22097.html * https://bugzilla.suse.com/show_bug.cgi?id=1201855 * https://bugzilla.suse.com/show_bug.cgi?id=1230771 * https://bugzilla.suse.com/show_bug.cgi?id=1238471 * https://bugzilla.suse.com/show_bug.cgi?id=1238512 * https://bugzilla.suse.com/show_bug.cgi?id=1238747 * https://bugzilla.suse.com/show_bug.cgi?id=1238865 * https://bugzilla.suse.com/show_bug.cgi?id=1239968 * https://bugzilla.suse.com/show_bug.cgi?id=1240188 * https://bugzilla.suse.com/show_bug.cgi?id=1240195 * https://bugzilla.suse.com/show_bug.cgi?id=1240553 * https://bugzilla.suse.com/show_bug.cgi?id=1240747 * https://bugzilla.suse.com/show_bug.cgi?id=1240835 * https://bugzilla.suse.com/show_bug.cgi?id=1241280 * https://bugzilla.suse.com/show_bug.cgi?id=1241371 * https://bugzilla.suse.com/show_bug.cgi?id=1241421 * https://bugzilla.suse.com/show_bug.cgi?id=1241433 * https://bugzilla.suse.com/show_bug.cgi?id=1241541 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 21 12:31:40 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 21 May 2025 12:31:40 -0000 Subject: SUSE-RU-2025:01626-1: moderate: Recommended update for grub2 Message-ID: <174783070034.21669.1370011176735298948@smelt2.prg2.suse.org> # Recommended update for grub2 Announcement ID: SUSE-RU-2025:01626-1 Release Date: 2025-05-21T10:00:45Z Rating: moderate References: * bsc#1235958 * bsc#1235971 * bsc#1239651 * jsc#PED-12028 Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that contains one feature and has three fixes can now be installed. ## Description: This update for grub2 rebuilds the existing package with the new 4k RSA secure boot key for IBM Power and Z. Note: the signing key of x86 / x86_64 and aarch64 architectures are unchanged. Also the following issue was fixed: * Fix segmentation fault error in grub2-probe with target=hints_string (bsc#1235971) (bsc#1235958) (bsc#1239651) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1626=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1626=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1626=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-1626=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-1626=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1626=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * grub2-debuginfo-2.06-150500.29.50.1 * grub2-debugsource-2.06-150500.29.50.1 * grub2-2.06-150500.29.50.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * grub2-i386-pc-2.06-150500.29.50.1 * grub2-arm64-efi-2.06-150500.29.50.1 * grub2-x86_64-xen-2.06-150500.29.50.1 * grub2-x86_64-efi-2.06-150500.29.50.1 * grub2-systemd-sleep-plugin-2.06-150500.29.50.1 * grub2-snapper-plugin-2.06-150500.29.50.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * grub2-debuginfo-2.06-150500.29.50.1 * grub2-2.06-150500.29.50.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * grub2-powerpc-ieee1275-2.06-150500.29.50.1 * grub2-i386-pc-2.06-150500.29.50.1 * grub2-arm64-efi-2.06-150500.29.50.1 * grub2-x86_64-xen-2.06-150500.29.50.1 * grub2-x86_64-efi-2.06-150500.29.50.1 * grub2-systemd-sleep-plugin-2.06-150500.29.50.1 * grub2-snapper-plugin-2.06-150500.29.50.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 s390x x86_64) * grub2-debugsource-2.06-150500.29.50.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (s390x) * grub2-s390x-emu-2.06-150500.29.50.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * grub2-debuginfo-2.06-150500.29.50.1 * grub2-2.06-150500.29.50.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * grub2-powerpc-ieee1275-2.06-150500.29.50.1 * grub2-i386-pc-2.06-150500.29.50.1 * grub2-x86_64-xen-2.06-150500.29.50.1 * grub2-x86_64-efi-2.06-150500.29.50.1 * grub2-systemd-sleep-plugin-2.06-150500.29.50.1 * grub2-snapper-plugin-2.06-150500.29.50.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64) * grub2-debugsource-2.06-150500.29.50.1 * openSUSE Leap 15.5 (noarch) * grub2-arm64-efi-extras-2.06-150500.29.50.1 * grub2-x86_64-efi-debug-2.06-150500.29.50.1 * grub2-i386-pc-extras-2.06-150500.29.50.1 * grub2-powerpc-ieee1275-debug-2.06-150500.29.50.1 * grub2-arm64-efi-2.06-150500.29.50.1 * grub2-x86_64-xen-debug-2.06-150500.29.50.1 * grub2-snapper-plugin-2.06-150500.29.50.1 * grub2-powerpc-ieee1275-2.06-150500.29.50.1 * grub2-i386-xen-debug-2.06-150500.29.50.1 * grub2-x86_64-efi-extras-2.06-150500.29.50.1 * grub2-s390x-emu-extras-2.06-150500.29.50.1 * grub2-arm64-efi-debug-2.06-150500.29.50.1 * grub2-i386-efi-2.06-150500.29.50.1 * grub2-i386-pc-2.06-150500.29.50.1 * grub2-i386-pc-debug-2.06-150500.29.50.1 * grub2-systemd-sleep-plugin-2.06-150500.29.50.1 * grub2-i386-efi-debug-2.06-150500.29.50.1 * grub2-powerpc-ieee1275-extras-2.06-150500.29.50.1 * grub2-i386-efi-extras-2.06-150500.29.50.1 * grub2-i386-xen-2.06-150500.29.50.1 * grub2-x86_64-xen-2.06-150500.29.50.1 * grub2-x86_64-efi-2.06-150500.29.50.1 * grub2-x86_64-xen-extras-2.06-150500.29.50.1 * grub2-i386-xen-extras-2.06-150500.29.50.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * grub2-debuginfo-2.06-150500.29.50.1 * grub2-2.06-150500.29.50.1 * grub2-branding-upstream-2.06-150500.29.50.1 * openSUSE Leap 15.5 (aarch64 s390x x86_64 i586) * grub2-debugsource-2.06-150500.29.50.1 * openSUSE Leap 15.5 (s390x) * grub2-s390x-emu-2.06-150500.29.50.1 * grub2-s390x-emu-debug-2.06-150500.29.50.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * grub2-debuginfo-2.06-150500.29.50.1 * grub2-2.06-150500.29.50.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * grub2-powerpc-ieee1275-2.06-150500.29.50.1 * grub2-i386-pc-2.06-150500.29.50.1 * grub2-arm64-efi-2.06-150500.29.50.1 * grub2-x86_64-xen-2.06-150500.29.50.1 * grub2-x86_64-efi-2.06-150500.29.50.1 * grub2-snapper-plugin-2.06-150500.29.50.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * grub2-debugsource-2.06-150500.29.50.1 * SUSE Linux Enterprise Micro 5.5 (s390x) * grub2-s390x-emu-2.06-150500.29.50.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * grub2-debuginfo-2.06-150500.29.50.1 * grub2-debugsource-2.06-150500.29.50.1 * grub2-2.06-150500.29.50.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * grub2-i386-pc-2.06-150500.29.50.1 * grub2-arm64-efi-2.06-150500.29.50.1 * grub2-x86_64-xen-2.06-150500.29.50.1 * grub2-x86_64-efi-2.06-150500.29.50.1 * grub2-systemd-sleep-plugin-2.06-150500.29.50.1 * grub2-snapper-plugin-2.06-150500.29.50.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1235958 * https://bugzilla.suse.com/show_bug.cgi?id=1235971 * https://bugzilla.suse.com/show_bug.cgi?id=1239651 * https://jira.suse.com/browse/PED-12028 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 21 12:31:42 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 21 May 2025 12:31:42 -0000 Subject: SUSE-RU-2025:01625-1: moderate: Recommended update for s390-tools Message-ID: <174783070252.21669.17397365533852184242@smelt2.prg2.suse.org> # Recommended update for s390-tools Announcement ID: SUSE-RU-2025:01625-1 Release Date: 2025-05-21T10:00:16Z Rating: moderate References: * jsc#PED-12028 Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that contains one feature can now be installed. ## Description: This update for s390-tools rebuilds the existing package with the new 4k RSA secure boot key. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-1625=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-1625=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1625=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1625=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1625=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1625=1 ## Package List: * openSUSE Leap 15.5 (s390x x86_64) * s390-tools-2.31.0-150500.9.29.1 * s390-tools-debuginfo-2.31.0-150500.9.29.1 * s390-tools-debugsource-2.31.0-150500.9.29.1 * openSUSE Leap 15.5 (s390x) * libkmipclient1-2.31.0-150500.9.29.1 * libekmfweb1-debuginfo-2.31.0-150500.9.29.1 * libkmipclient1-debuginfo-2.31.0-150500.9.29.1 * libekmfweb1-devel-2.31.0-150500.9.29.1 * libkmipclient1-devel-2.31.0-150500.9.29.1 * s390-tools-zdsfs-2.31.0-150500.9.29.1 * s390-tools-hmcdrvfs-2.31.0-150500.9.29.1 * s390-tools-hmcdrvfs-debuginfo-2.31.0-150500.9.29.1 * osasnmpd-debuginfo-2.31.0-150500.9.29.1 * s390-tools-zdsfs-debuginfo-2.31.0-150500.9.29.1 * libekmfweb1-2.31.0-150500.9.29.1 * osasnmpd-2.31.0-150500.9.29.1 * s390-tools-chreipl-fcp-mpath-2.31.0-150500.9.29.1 * openSUSE Leap 15.5 (noarch) * s390-tools-genprotimg-data-2.31.0-150500.9.29.1 * SUSE Linux Enterprise Micro 5.5 (s390x) * libekmfweb1-2.31.0-150500.9.29.1 * libkmipclient1-2.31.0-150500.9.29.1 * libekmfweb1-debuginfo-2.31.0-150500.9.29.1 * libkmipclient1-debuginfo-2.31.0-150500.9.29.1 * SUSE Linux Enterprise Micro 5.5 (s390x x86_64) * s390-tools-2.31.0-150500.9.29.1 * s390-tools-debuginfo-2.31.0-150500.9.29.1 * s390-tools-debugsource-2.31.0-150500.9.29.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * s390-tools-genprotimg-data-2.31.0-150500.9.29.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64) * s390-tools-2.31.0-150500.9.29.1 * s390-tools-debuginfo-2.31.0-150500.9.29.1 * s390-tools-debugsource-2.31.0-150500.9.29.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64) * s390-tools-2.31.0-150500.9.29.1 * s390-tools-debuginfo-2.31.0-150500.9.29.1 * s390-tools-debugsource-2.31.0-150500.9.29.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (s390x) * libkmipclient1-2.31.0-150500.9.29.1 * libekmfweb1-debuginfo-2.31.0-150500.9.29.1 * libkmipclient1-debuginfo-2.31.0-150500.9.29.1 * libekmfweb1-devel-2.31.0-150500.9.29.1 * s390-tools-zdsfs-2.31.0-150500.9.29.1 * s390-tools-hmcdrvfs-2.31.0-150500.9.29.1 * s390-tools-hmcdrvfs-debuginfo-2.31.0-150500.9.29.1 * osasnmpd-debuginfo-2.31.0-150500.9.29.1 * s390-tools-zdsfs-debuginfo-2.31.0-150500.9.29.1 * libekmfweb1-2.31.0-150500.9.29.1 * osasnmpd-2.31.0-150500.9.29.1 * s390-tools-chreipl-fcp-mpath-2.31.0-150500.9.29.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (s390x x86_64) * s390-tools-2.31.0-150500.9.29.1 * s390-tools-debuginfo-2.31.0-150500.9.29.1 * s390-tools-debugsource-2.31.0-150500.9.29.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * s390-tools-genprotimg-data-2.31.0-150500.9.29.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64) * s390-tools-2.31.0-150500.9.29.1 * s390-tools-debuginfo-2.31.0-150500.9.29.1 * s390-tools-debugsource-2.31.0-150500.9.29.1 ## References: * https://jira.suse.com/browse/PED-12028 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 21 12:31:43 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 21 May 2025 12:31:43 -0000 Subject: SUSE-RU-2025:01624-1: moderate: Recommended update for drbd Message-ID: <174783070374.21669.12100059906142674973@smelt2.prg2.suse.org> # Recommended update for drbd Announcement ID: SUSE-RU-2025:01624-1 Release Date: 2025-05-21T10:00:04Z Rating: moderate References: * jsc#PED-12028 Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Availability Extension 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that contains one feature can now be installed. ## Description: This update for drbd rebuilds the existing package with the new 4k RSA secure boot key for IBM Power and Z. Note: the signing key of x86 / x86_64 and aarch64 architectures are unchanged. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-1624=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-1624=1 * SUSE Linux Enterprise High Availability Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-HA-15-SP5-2025-1624=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * drbd-kmp-default-9.0.30~1+git.8e9c0812_k5.14.21_150500.55.100-150500.4.2.1 * drbd-debugsource-9.0.30~1+git.8e9c0812-150500.4.2.1 * drbd-kmp-default-debuginfo-9.0.30~1+git.8e9c0812_k5.14.21_150500.55.100-150500.4.2.1 * drbd-9.0.30~1+git.8e9c0812-150500.4.2.1 * openSUSE Leap 15.5 (aarch64) * drbd-kmp-64kb-9.0.30~1+git.8e9c0812_k5.14.21_150500.55.100-150500.4.2.1 * drbd-kmp-64kb-debuginfo-9.0.30~1+git.8e9c0812_k5.14.21_150500.55.100-150500.4.2.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * drbd-kmp-default-9.0.30~1+git.8e9c0812_k5.14.21_150500.55.100-150500.4.2.1 * drbd-debugsource-9.0.30~1+git.8e9c0812-150500.4.2.1 * drbd-kmp-default-debuginfo-9.0.30~1+git.8e9c0812_k5.14.21_150500.55.100-150500.4.2.1 * drbd-9.0.30~1+git.8e9c0812-150500.4.2.1 * SUSE Linux Enterprise High Availability Extension 15 SP5 (aarch64 ppc64le s390x x86_64) * drbd-kmp-default-9.0.30~1+git.8e9c0812_k5.14.21_150500.55.100-150500.4.2.1 * drbd-debugsource-9.0.30~1+git.8e9c0812-150500.4.2.1 * drbd-kmp-default-debuginfo-9.0.30~1+git.8e9c0812_k5.14.21_150500.55.100-150500.4.2.1 * drbd-9.0.30~1+git.8e9c0812-150500.4.2.1 ## References: * https://jira.suse.com/browse/PED-12028 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 21 12:31:44 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 21 May 2025 12:31:44 -0000 Subject: SUSE-RU-2025:01623-1: moderate: Recommended update for oracleasm Message-ID: <174783070492.21669.10602218254579657350@smelt2.prg2.suse.org> # Recommended update for oracleasm Announcement ID: SUSE-RU-2025:01623-1 Release Date: 2025-05-21T09:59:52Z Rating: moderate References: * jsc#PED-12028 Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that contains one feature can now be installed. ## Description: This update for oracleasm rebuilds the existing package with the new 4k RSA secure boot key for IBM Power and Z. Note: the signing key of x86 / x86_64 and aarch64 architectures are unchanged. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-1623=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1623=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1623=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1623=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1623=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * oracleasm-debugsource-2.0.8-150500.7.5.1 * oracleasm-kmp-default-2.0.8_k5.14.21_150500.55.100-150500.7.5.1 * oracleasm-kmp-default-debuginfo-2.0.8_k5.14.21_150500.55.100-150500.7.5.1 * openSUSE Leap 15.5 (x86_64) * oracleasm-kmp-rt-2.0.8_k5.14.21_150500.13.91-150500.7.5.1 * oracleasm-kmp-rt-debuginfo-2.0.8_k5.14.21_150500.13.91-150500.7.5.1 * openSUSE Leap 15.5 (aarch64) * oracleasm-kmp-64kb-debuginfo-2.0.8_k5.14.21_150500.55.100-150500.7.5.1 * oracleasm-kmp-64kb-2.0.8_k5.14.21_150500.55.100-150500.7.5.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * oracleasm-kmp-default-2.0.8_k5.14.21_150500.55.100-150500.7.5.1 * oracleasm-kmp-default-debuginfo-2.0.8_k5.14.21_150500.55.100-150500.7.5.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * oracleasm-kmp-default-2.0.8_k5.14.21_150500.55.100-150500.7.5.1 * oracleasm-kmp-default-debuginfo-2.0.8_k5.14.21_150500.55.100-150500.7.5.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * oracleasm-kmp-default-2.0.8_k5.14.21_150500.55.100-150500.7.5.1 * oracleasm-kmp-default-debuginfo-2.0.8_k5.14.21_150500.55.100-150500.7.5.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * oracleasm-kmp-default-2.0.8_k5.14.21_150500.55.100-150500.7.5.1 * oracleasm-kmp-default-debuginfo-2.0.8_k5.14.21_150500.55.100-150500.7.5.1 ## References: * https://jira.suse.com/browse/PED-12028 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 21 12:31:47 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 21 May 2025 12:31:47 -0000 Subject: SUSE-RU-2025:01622-1: moderate: Recommended update for dpdk Message-ID: <174783070723.21669.17199629062197135992@smelt2.prg2.suse.org> # Recommended update for dpdk Announcement ID: SUSE-RU-2025:01622-1 Release Date: 2025-05-21T09:59:32Z Rating: moderate References: * jsc#PED-12028 Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that contains one feature can now be installed. ## Description: This update for dpdk rebuilds the existing package with the new 4k RSA secure boot key for IBM Power and Z. Note: the signing key of x86 / x86_64 and aarch64 architectures are unchanged. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-1622=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1622=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1622=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le x86_64) * libdpdk-20_0-19.11.10-150500.5.16.1 * dpdk-debuginfo-19.11.10-150500.5.16.1 * dpdk-tools-debuginfo-19.11.10-150500.5.16.1 * dpdk-tools-19.11.10-150500.5.16.1 * dpdk-examples-19.11.10-150500.5.16.1 * dpdk-devel-19.11.10-150500.5.16.1 * dpdk-kmp-default-19.11.10_k5.14.21_150500.55.100-150500.5.16.1 * libdpdk-20_0-debuginfo-19.11.10-150500.5.16.1 * dpdk-devel-debuginfo-19.11.10-150500.5.16.1 * dpdk-19.11.10-150500.5.16.1 * dpdk-debugsource-19.11.10-150500.5.16.1 * dpdk-kmp-default-debuginfo-19.11.10_k5.14.21_150500.55.100-150500.5.16.1 * dpdk-examples-debuginfo-19.11.10-150500.5.16.1 * openSUSE Leap 15.5 (noarch) * dpdk-thunderx-doc-19.11.10-150500.5.16.1 * dpdk-doc-19.11.10-150500.5.16.1 * openSUSE Leap 15.5 (aarch64) * dpdk-thunderx-debugsource-19.11.10-150500.5.16.1 * dpdk-thunderx-debuginfo-19.11.10-150500.5.16.1 * dpdk-thunderx-19.11.10-150500.5.16.1 * dpdk-thunderx-devel-19.11.10-150500.5.16.1 * dpdk-thunderx-examples-19.11.10-150500.5.16.1 * dpdk-thunderx-tools-19.11.10-150500.5.16.1 * dpdk-thunderx-kmp-default-debuginfo-19.11.10_k5.14.21_150500.55.100-150500.5.16.1 * dpdk-thunderx-examples-debuginfo-19.11.10-150500.5.16.1 * dpdk-thunderx-kmp-default-19.11.10_k5.14.21_150500.55.100-150500.5.16.1 * dpdk-thunderx-devel-debuginfo-19.11.10-150500.5.16.1 * dpdk-thunderx-tools-debuginfo-19.11.10-150500.5.16.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le x86_64) * libdpdk-20_0-19.11.10-150500.5.16.1 * dpdk-debuginfo-19.11.10-150500.5.16.1 * dpdk-tools-debuginfo-19.11.10-150500.5.16.1 * dpdk-tools-19.11.10-150500.5.16.1 * libdpdk-20_0-debuginfo-19.11.10-150500.5.16.1 * dpdk-devel-19.11.10-150500.5.16.1 * dpdk-kmp-default-19.11.10_k5.14.21_150500.55.100-150500.5.16.1 * dpdk-devel-debuginfo-19.11.10-150500.5.16.1 * dpdk-19.11.10-150500.5.16.1 * dpdk-debugsource-19.11.10-150500.5.16.1 * dpdk-kmp-default-debuginfo-19.11.10_k5.14.21_150500.55.100-150500.5.16.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64) * dpdk-thunderx-debugsource-19.11.10-150500.5.16.1 * dpdk-thunderx-debuginfo-19.11.10-150500.5.16.1 * dpdk-thunderx-19.11.10-150500.5.16.1 * dpdk-thunderx-devel-19.11.10-150500.5.16.1 * dpdk-thunderx-kmp-default-debuginfo-19.11.10_k5.14.21_150500.55.100-150500.5.16.1 * dpdk-thunderx-kmp-default-19.11.10_k5.14.21_150500.55.100-150500.5.16.1 * dpdk-thunderx-devel-debuginfo-19.11.10-150500.5.16.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * libdpdk-20_0-19.11.10-150500.5.16.1 * dpdk-debuginfo-19.11.10-150500.5.16.1 * dpdk-tools-debuginfo-19.11.10-150500.5.16.1 * dpdk-tools-19.11.10-150500.5.16.1 * libdpdk-20_0-debuginfo-19.11.10-150500.5.16.1 * dpdk-devel-19.11.10-150500.5.16.1 * dpdk-kmp-default-19.11.10_k5.14.21_150500.55.100-150500.5.16.1 * dpdk-devel-debuginfo-19.11.10-150500.5.16.1 * dpdk-19.11.10-150500.5.16.1 * dpdk-debugsource-19.11.10-150500.5.16.1 * dpdk-kmp-default-debuginfo-19.11.10_k5.14.21_150500.55.100-150500.5.16.1 ## References: * https://jira.suse.com/browse/PED-12028 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 21 12:31:48 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 21 May 2025 12:31:48 -0000 Subject: SUSE-RU-2025:01621-1: moderate: Recommended update for dpdk22 Message-ID: <174783070877.21669.11404972257948031054@smelt2.prg2.suse.org> # Recommended update for dpdk22 Announcement ID: SUSE-RU-2025:01621-1 Release Date: 2025-05-21T09:59:18Z Rating: moderate References: * jsc#PED-12028 Affected Products: * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that contains one feature can now be installed. ## Description: This update for dpdk22 rebuilds the existing package with the new 4k RSA secure boot key for IBM Power and Z. Note: the signing key of x86 / x86_64 and aarch64 architectures are unchanged. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-1621=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1621=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-1621=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1621=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1621=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1621=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1621=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le x86_64) * libdpdk-23-debuginfo-22.11.1-150500.5.7.1 * dpdk22-debuginfo-22.11.1-150500.5.7.1 * dpdk22-22.11.1-150500.5.7.1 * dpdk22-devel-static-22.11.1-150500.5.7.1 * dpdk22-kmp-default-debuginfo-22.11.1_k5.14.21_150500.55.100-150500.5.7.1 * dpdk22-examples-22.11.1-150500.5.7.1 * dpdk22-tools-22.11.1-150500.5.7.1 * libdpdk-23-22.11.1-150500.5.7.1 * dpdk22-examples-debuginfo-22.11.1-150500.5.7.1 * dpdk22-debugsource-22.11.1-150500.5.7.1 * dpdk22-devel-22.11.1-150500.5.7.1 * dpdk22-kmp-default-22.11.1_k5.14.21_150500.55.100-150500.5.7.1 * openSUSE Leap 15.5 (noarch) * dpdk22-thunderx-doc-22.11.1-150500.5.7.1 * dpdk22-doc-22.11.1-150500.5.7.1 * openSUSE Leap 15.5 (aarch64) * dpdk22-thunderx-debuginfo-22.11.1-150500.5.7.1 * dpdk22-thunderx-devel-22.11.1-150500.5.7.1 * dpdk22-thunderx-devel-static-22.11.1-150500.5.7.1 * dpdk22-thunderx-kmp-default-debuginfo-22.11.1_k5.14.21_150500.55.100-150500.5.7.1 * dpdk22-thunderx-tools-22.11.1-150500.5.7.1 * dpdk22-thunderx-examples-debuginfo-22.11.1-150500.5.7.1 * dpdk22-thunderx-22.11.1-150500.5.7.1 * dpdk22-thunderx-kmp-default-22.11.1_k5.14.21_150500.55.100-150500.5.7.1 * dpdk22-thunderx-examples-22.11.1-150500.5.7.1 * dpdk22-thunderx-debugsource-22.11.1-150500.5.7.1 * openSUSE Leap 15.6 (aarch64 ppc64le x86_64) * dpdk22-debuginfo-22.11.1-150500.5.7.1 * dpdk22-22.11.1-150500.5.7.1 * dpdk22-devel-static-22.11.1-150500.5.7.1 * dpdk22-kmp-default-debuginfo-22.11.1_k5.14.21_150500.55.100-150500.5.7.1 * dpdk22-examples-22.11.1-150500.5.7.1 * dpdk22-tools-22.11.1-150500.5.7.1 * dpdk22-examples-debuginfo-22.11.1-150500.5.7.1 * dpdk22-debugsource-22.11.1-150500.5.7.1 * dpdk22-devel-22.11.1-150500.5.7.1 * dpdk22-kmp-default-22.11.1_k5.14.21_150500.55.100-150500.5.7.1 * openSUSE Leap 15.6 (noarch) * dpdk22-thunderx-doc-22.11.1-150500.5.7.1 * dpdk22-doc-22.11.1-150500.5.7.1 * openSUSE Leap 15.6 (aarch64) * dpdk22-thunderx-debuginfo-22.11.1-150500.5.7.1 * dpdk22-thunderx-devel-22.11.1-150500.5.7.1 * dpdk22-thunderx-devel-static-22.11.1-150500.5.7.1 * dpdk22-thunderx-kmp-default-debuginfo-22.11.1_k5.14.21_150500.55.100-150500.5.7.1 * dpdk22-thunderx-tools-22.11.1-150500.5.7.1 * dpdk22-thunderx-examples-debuginfo-22.11.1-150500.5.7.1 * dpdk22-thunderx-22.11.1-150500.5.7.1 * dpdk22-thunderx-kmp-default-22.11.1_k5.14.21_150500.55.100-150500.5.7.1 * dpdk22-thunderx-examples-22.11.1-150500.5.7.1 * dpdk22-thunderx-debugsource-22.11.1-150500.5.7.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 x86_64) * libdpdk-23-debuginfo-22.11.1-150500.5.7.1 * dpdk22-debuginfo-22.11.1-150500.5.7.1 * dpdk22-22.11.1-150500.5.7.1 * dpdk22-kmp-default-debuginfo-22.11.1_k5.14.21_150500.55.100-150500.5.7.1 * dpdk22-tools-22.11.1-150500.5.7.1 * libdpdk-23-22.11.1-150500.5.7.1 * dpdk22-debugsource-22.11.1-150500.5.7.1 * dpdk22-kmp-default-22.11.1_k5.14.21_150500.55.100-150500.5.7.1 * SUSE Linux Enterprise Micro 5.5 (aarch64) * dpdk22-thunderx-debuginfo-22.11.1-150500.5.7.1 * dpdk22-thunderx-kmp-default-debuginfo-22.11.1_k5.14.21_150500.55.100-150500.5.7.1 * dpdk22-thunderx-tools-22.11.1-150500.5.7.1 * dpdk22-thunderx-22.11.1-150500.5.7.1 * dpdk22-thunderx-kmp-default-22.11.1_k5.14.21_150500.55.100-150500.5.7.1 * dpdk22-thunderx-debugsource-22.11.1-150500.5.7.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * libdpdk-23-debuginfo-22.11.1-150500.5.7.1 * dpdk22-debuginfo-22.11.1-150500.5.7.1 * dpdk22-22.11.1-150500.5.7.1 * dpdk22-kmp-default-debuginfo-22.11.1_k5.14.21_150500.55.100-150500.5.7.1 * dpdk22-tools-22.11.1-150500.5.7.1 * libdpdk-23-22.11.1-150500.5.7.1 * dpdk22-debugsource-22.11.1-150500.5.7.1 * dpdk22-devel-22.11.1-150500.5.7.1 * dpdk22-kmp-default-22.11.1_k5.14.21_150500.55.100-150500.5.7.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64) * dpdk22-thunderx-debuginfo-22.11.1-150500.5.7.1 * dpdk22-thunderx-devel-22.11.1-150500.5.7.1 * dpdk22-thunderx-kmp-default-debuginfo-22.11.1_k5.14.21_150500.55.100-150500.5.7.1 * dpdk22-thunderx-22.11.1-150500.5.7.1 * dpdk22-thunderx-kmp-default-22.11.1_k5.14.21_150500.55.100-150500.5.7.1 * dpdk22-thunderx-debugsource-22.11.1-150500.5.7.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * libdpdk-23-debuginfo-22.11.1-150500.5.7.1 * dpdk22-debuginfo-22.11.1-150500.5.7.1 * dpdk22-22.11.1-150500.5.7.1 * dpdk22-kmp-default-debuginfo-22.11.1_k5.14.21_150500.55.100-150500.5.7.1 * dpdk22-tools-22.11.1-150500.5.7.1 * libdpdk-23-22.11.1-150500.5.7.1 * dpdk22-debugsource-22.11.1-150500.5.7.1 * dpdk22-devel-22.11.1-150500.5.7.1 * dpdk22-kmp-default-22.11.1_k5.14.21_150500.55.100-150500.5.7.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64) * dpdk22-thunderx-debuginfo-22.11.1-150500.5.7.1 * dpdk22-thunderx-devel-22.11.1-150500.5.7.1 * dpdk22-thunderx-kmp-default-debuginfo-22.11.1_k5.14.21_150500.55.100-150500.5.7.1 * dpdk22-thunderx-22.11.1-150500.5.7.1 * dpdk22-thunderx-kmp-default-22.11.1_k5.14.21_150500.55.100-150500.5.7.1 * dpdk22-thunderx-debugsource-22.11.1-150500.5.7.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le x86_64) * libdpdk-23-debuginfo-22.11.1-150500.5.7.1 * dpdk22-debuginfo-22.11.1-150500.5.7.1 * dpdk22-22.11.1-150500.5.7.1 * dpdk22-kmp-default-debuginfo-22.11.1_k5.14.21_150500.55.100-150500.5.7.1 * dpdk22-tools-22.11.1-150500.5.7.1 * libdpdk-23-22.11.1-150500.5.7.1 * dpdk22-debugsource-22.11.1-150500.5.7.1 * dpdk22-devel-22.11.1-150500.5.7.1 * dpdk22-kmp-default-22.11.1_k5.14.21_150500.55.100-150500.5.7.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64) * dpdk22-thunderx-debuginfo-22.11.1-150500.5.7.1 * dpdk22-thunderx-devel-22.11.1-150500.5.7.1 * dpdk22-thunderx-kmp-default-debuginfo-22.11.1_k5.14.21_150500.55.100-150500.5.7.1 * dpdk22-thunderx-22.11.1-150500.5.7.1 * dpdk22-thunderx-kmp-default-22.11.1_k5.14.21_150500.55.100-150500.5.7.1 * dpdk22-thunderx-debugsource-22.11.1-150500.5.7.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * libdpdk-23-debuginfo-22.11.1-150500.5.7.1 * dpdk22-debuginfo-22.11.1-150500.5.7.1 * dpdk22-22.11.1-150500.5.7.1 * dpdk22-kmp-default-debuginfo-22.11.1_k5.14.21_150500.55.100-150500.5.7.1 * dpdk22-tools-22.11.1-150500.5.7.1 * libdpdk-23-22.11.1-150500.5.7.1 * dpdk22-debugsource-22.11.1-150500.5.7.1 * dpdk22-devel-22.11.1-150500.5.7.1 * dpdk22-kmp-default-22.11.1_k5.14.21_150500.55.100-150500.5.7.1 ## References: * https://jira.suse.com/browse/PED-12028 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 21 12:32:24 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 21 May 2025 12:32:24 -0000 Subject: SUSE-SU-2025:01620-1: important: Security update for the Linux Kernel Message-ID: <174783074493.21669.2552954858143882127@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:01620-1 Release Date: 2025-05-21T09:58:56Z Rating: important References: * bsc#1054914 * bsc#1206843 * bsc#1210409 * bsc#1225903 * bsc#1229361 * bsc#1229621 * bsc#1230764 * bsc#1231103 * bsc#1231910 * bsc#1236777 * bsc#1237981 * bsc#1238032 * bsc#1238471 * bsc#1238512 * bsc#1238747 * bsc#1238865 * bsc#1239061 * bsc#1239684 * bsc#1239968 * bsc#1240209 * bsc#1240211 * bsc#1240214 * bsc#1240228 * bsc#1240230 * bsc#1240246 * bsc#1240248 * bsc#1240269 * bsc#1240271 * bsc#1240274 * bsc#1240285 * bsc#1240295 * bsc#1240306 * bsc#1240314 * bsc#1240315 * bsc#1240321 * bsc#1240747 * bsc#1240835 * bsc#1241280 * bsc#1241371 * bsc#1241421 * bsc#1241433 * bsc#1241541 * bsc#1241625 * bsc#1241648 * bsc#1242284 * bsc#1242493 * bsc#1242778 Cross-References: * CVE-2021-47671 * CVE-2022-48933 * CVE-2022-49110 * CVE-2022-49139 * CVE-2022-49741 * CVE-2022-49745 * CVE-2022-49767 * CVE-2023-52928 * CVE-2023-52931 * CVE-2023-52936 * CVE-2023-52937 * CVE-2023-52938 * CVE-2023-52981 * CVE-2023-52982 * CVE-2023-52986 * CVE-2023-52994 * CVE-2023-53001 * CVE-2023-53002 * CVE-2023-53009 * CVE-2023-53014 * CVE-2023-53018 * CVE-2023-53031 * CVE-2023-53051 * CVE-2024-42307 * CVE-2024-46763 * CVE-2024-46865 * CVE-2024-50038 * CVE-2025-21726 * CVE-2025-21785 * CVE-2025-21791 * CVE-2025-21812 * CVE-2025-21839 * CVE-2025-22004 * CVE-2025-22020 * CVE-2025-22045 * CVE-2025-22055 * CVE-2025-22097 * CVE-2025-2312 * CVE-2025-23138 * CVE-2025-39735 CVSS scores: * CVE-2021-47671 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2021-47671 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47671 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48933 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48933 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49110 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49110 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49139 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49139 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49139 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49741 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49741 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49741 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49745 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49745 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49767 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52928 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-52928 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52931 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52931 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52936 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-52936 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52936 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52937 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52937 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52938 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52938 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52981 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52982 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52986 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52994 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52994 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-53001 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-53001 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-53001 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-53002 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-53002 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-53009 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-53009 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-53014 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-53014 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-53018 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-53018 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-53031 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-53051 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42307 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42307 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46763 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46763 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46865 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46865 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-50038 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50038 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21726 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21726 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21726 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21785 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21785 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21785 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21791 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21791 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21791 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21791 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21812 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21812 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21812 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21839 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22004 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22004 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22020 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22020 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22020 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22045 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22045 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22055 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22055 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-22097 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22097 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-22097 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-2312 ( SUSE ): 6.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2025-2312 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2025-2312 ( NVD ): 5.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N * CVE-2025-23138 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-23138 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-39735 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39735 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-39735 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves 40 vulnerabilities and has seven security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2022-48933: netfilter: nf_tables: fix memory leak during stateful obj update (bsc#1229621). * CVE-2022-49110: netfilter: conntrack: revisit gc autotuning (bsc#1237981). * CVE-2022-49139: Bluetooth: fix null ptr deref on hci_sync_conn_complete_evt (bsc#1238032). * CVE-2022-49767: 9p/trans_fd: always use O_NONBLOCK read/write (bsc#1242493). * CVE-2024-46763: fou: Fix null-ptr-deref in GRO (bsc#1230764). * CVE-2024-50038: netfilter: xtables: avoid NFPROTO_UNSPEC where needed (bsc#1231910). * CVE-2025-21726: padata: avoid UAF for reorder_work (bsc#1238865). * CVE-2025-21785: arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (bsc#1238747). * CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1238512). * CVE-2025-21812: ax25: rcu protect dev->ax25_ptr (bsc#1238471). * CVE-2025-21839: KVM: x86: Load DR6 with guest value only before entering .vcpu_run() loop (bsc#1239061). * CVE-2025-22004: net: atm: fix use after free in lec_send() (bsc#1240835). * CVE-2025-22020: memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove (bsc#1241280). * CVE-2025-22045: x86/mm: Fix flush_tlb_range() when used for zapping normal PMDs (bsc#1241433). * CVE-2025-22055: net: fix geneve_opt length integer overflow (bsc#1241371). * CVE-2025-22097: drm/vkms: Fix use after free and double free on init error (bsc#1241541). * CVE-2025-2312: CIFS: New mount option for cifs.upcall namespace resolution (bsc#1239684). * CVE-2025-23138: watch_queue: fix pipe accounting mismatch (bsc#1241648). * CVE-2025-39735: jfs: fix slab-out-of-bounds read in ea_get() (bsc#1241625). The following non-security bugs were fixed: * cpufreq: ACPI: Mark boost policy as enabled when setting boost (bsc#1236777). * cpufreq: Allow drivers to advertise boost enabled (bsc#1236777). * cpufreq: Fix per-policy boost behavior on SoCs using cpufreq_boost_set_sw() (bsc#1236777). * cpufreq: Support per-policy performance boost (bsc#1236777). * x86/bhi: Do not set BHI_DIS_S in 32-bit mode (bsc#1242778). * x86/bpf: Add IBHF call at end of classic BPF (bsc#1242778). * x86/bpf: Call branch history clearing sequence on exit (bsc#1242778). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-1620=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1620=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1620=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1620=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1620=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-1620=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-1620=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP5 (nosrc) * kernel-default-5.14.21-150500.55.103.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_103-default-1-150500.11.3.1 * kernel-livepatch-5_14_21-150500_55_103-default-debuginfo-1-150500.11.3.1 * kernel-default-debuginfo-5.14.21-150500.55.103.1 * kernel-default-debugsource-5.14.21-150500.55.103.1 * kernel-livepatch-SLE15-SP5_Update_26-debugsource-1-150500.11.3.1 * kernel-default-livepatch-devel-5.14.21-150500.55.103.1 * kernel-default-livepatch-5.14.21-150500.55.103.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * kernel-default-devel-5.14.21-150500.55.103.1 * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.103.1 * kernel-obs-build-5.14.21-150500.55.103.1 * ocfs2-kmp-default-5.14.21-150500.55.103.1 * cluster-md-kmp-default-5.14.21-150500.55.103.1 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.103.1 * kernel-default-devel-debuginfo-5.14.21-150500.55.103.1 * gfs2-kmp-default-5.14.21-150500.55.103.1 * kernel-default-debuginfo-5.14.21-150500.55.103.1 * kernel-default-debugsource-5.14.21-150500.55.103.1 * kernel-syms-5.14.21-150500.55.103.1 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.103.1 * dlm-kmp-default-debuginfo-5.14.21-150500.55.103.1 * dlm-kmp-default-5.14.21-150500.55.103.1 * kernel-default-base-5.14.21-150500.55.103.1.150500.6.49.1 * kernel-obs-build-debugsource-5.14.21-150500.55.103.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 nosrc) * kernel-64kb-5.14.21-150500.55.103.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64) * kernel-64kb-devel-debuginfo-5.14.21-150500.55.103.1 * kernel-64kb-debugsource-5.14.21-150500.55.103.1 * kernel-64kb-devel-5.14.21-150500.55.103.1 * kernel-64kb-debuginfo-5.14.21-150500.55.103.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150500.55.103.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * kernel-source-5.14.21-150500.55.103.1 * kernel-macros-5.14.21-150500.55.103.1 * kernel-devel-5.14.21-150500.55.103.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch nosrc) * kernel-docs-5.14.21-150500.55.103.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * kernel-default-devel-5.14.21-150500.55.103.1 * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.103.1 * kernel-obs-build-5.14.21-150500.55.103.1 * ocfs2-kmp-default-5.14.21-150500.55.103.1 * cluster-md-kmp-default-5.14.21-150500.55.103.1 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.103.1 * kernel-default-devel-debuginfo-5.14.21-150500.55.103.1 * gfs2-kmp-default-5.14.21-150500.55.103.1 * kernel-default-debuginfo-5.14.21-150500.55.103.1 * kernel-default-debugsource-5.14.21-150500.55.103.1 * kernel-syms-5.14.21-150500.55.103.1 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.103.1 * dlm-kmp-default-debuginfo-5.14.21-150500.55.103.1 * dlm-kmp-default-5.14.21-150500.55.103.1 * kernel-default-base-5.14.21-150500.55.103.1.150500.6.49.1 * kernel-obs-build-debugsource-5.14.21-150500.55.103.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 nosrc) * kernel-64kb-5.14.21-150500.55.103.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64) * kernel-64kb-devel-debuginfo-5.14.21-150500.55.103.1 * kernel-64kb-debugsource-5.14.21-150500.55.103.1 * kernel-64kb-devel-5.14.21-150500.55.103.1 * kernel-64kb-debuginfo-5.14.21-150500.55.103.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150500.55.103.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * kernel-source-5.14.21-150500.55.103.1 * kernel-macros-5.14.21-150500.55.103.1 * kernel-devel-5.14.21-150500.55.103.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch nosrc) * kernel-docs-5.14.21-150500.55.103.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * kernel-default-devel-5.14.21-150500.55.103.1 * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.103.1 * kernel-obs-build-5.14.21-150500.55.103.1 * ocfs2-kmp-default-5.14.21-150500.55.103.1 * cluster-md-kmp-default-5.14.21-150500.55.103.1 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.103.1 * kernel-default-devel-debuginfo-5.14.21-150500.55.103.1 * gfs2-kmp-default-5.14.21-150500.55.103.1 * kernel-default-debuginfo-5.14.21-150500.55.103.1 * kernel-default-debugsource-5.14.21-150500.55.103.1 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.103.1 * reiserfs-kmp-default-debuginfo-5.14.21-150500.55.103.1 * dlm-kmp-default-debuginfo-5.14.21-150500.55.103.1 * dlm-kmp-default-5.14.21-150500.55.103.1 * kernel-syms-5.14.21-150500.55.103.1 * reiserfs-kmp-default-5.14.21-150500.55.103.1 * kernel-obs-build-debugsource-5.14.21-150500.55.103.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 nosrc) * kernel-64kb-5.14.21-150500.55.103.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64) * kernel-64kb-devel-debuginfo-5.14.21-150500.55.103.1 * kernel-64kb-debugsource-5.14.21-150500.55.103.1 * kernel-64kb-devel-5.14.21-150500.55.103.1 * kernel-64kb-debuginfo-5.14.21-150500.55.103.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150500.55.103.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le x86_64) * kernel-default-base-5.14.21-150500.55.103.1.150500.6.49.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * kernel-source-5.14.21-150500.55.103.1 * kernel-macros-5.14.21-150500.55.103.1 * kernel-devel-5.14.21-150500.55.103.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch nosrc) * kernel-docs-5.14.21-150500.55.103.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (nosrc s390x) * kernel-zfcpdump-5.14.21-150500.55.103.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (s390x) * kernel-zfcpdump-debuginfo-5.14.21-150500.55.103.1 * kernel-zfcpdump-debugsource-5.14.21-150500.55.103.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * kernel-default-devel-5.14.21-150500.55.103.1 * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.103.1 * kernel-obs-build-5.14.21-150500.55.103.1 * ocfs2-kmp-default-5.14.21-150500.55.103.1 * cluster-md-kmp-default-5.14.21-150500.55.103.1 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.103.1 * kernel-default-devel-debuginfo-5.14.21-150500.55.103.1 * gfs2-kmp-default-5.14.21-150500.55.103.1 * kernel-default-debuginfo-5.14.21-150500.55.103.1 * kernel-default-debugsource-5.14.21-150500.55.103.1 * kernel-syms-5.14.21-150500.55.103.1 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.103.1 * reiserfs-kmp-default-debuginfo-5.14.21-150500.55.103.1 * dlm-kmp-default-debuginfo-5.14.21-150500.55.103.1 * dlm-kmp-default-5.14.21-150500.55.103.1 * kernel-default-base-5.14.21-150500.55.103.1.150500.6.49.1 * reiserfs-kmp-default-5.14.21-150500.55.103.1 * kernel-obs-build-debugsource-5.14.21-150500.55.103.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (nosrc ppc64le x86_64) * kernel-default-5.14.21-150500.55.103.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * kernel-source-5.14.21-150500.55.103.1 * kernel-macros-5.14.21-150500.55.103.1 * kernel-devel-5.14.21-150500.55.103.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch nosrc) * kernel-docs-5.14.21-150500.55.103.1 * openSUSE Leap 15.5 (noarch nosrc) * kernel-docs-5.14.21-150500.55.103.1 * openSUSE Leap 15.5 (noarch) * kernel-devel-5.14.21-150500.55.103.1 * kernel-macros-5.14.21-150500.55.103.1 * kernel-source-5.14.21-150500.55.103.1 * kernel-docs-html-5.14.21-150500.55.103.1 * kernel-source-vanilla-5.14.21-150500.55.103.1 * openSUSE Leap 15.5 (nosrc ppc64le x86_64) * kernel-debug-5.14.21-150500.55.103.1 * openSUSE Leap 15.5 (ppc64le x86_64) * kernel-debug-devel-debuginfo-5.14.21-150500.55.103.1 * kernel-debug-debugsource-5.14.21-150500.55.103.1 * kernel-debug-devel-5.14.21-150500.55.103.1 * kernel-debug-debuginfo-5.14.21-150500.55.103.1 * openSUSE Leap 15.5 (x86_64) * kernel-debug-vdso-5.14.21-150500.55.103.1 * kernel-default-vdso-debuginfo-5.14.21-150500.55.103.1 * kernel-debug-vdso-debuginfo-5.14.21-150500.55.103.1 * kernel-kvmsmall-vdso-debuginfo-5.14.21-150500.55.103.1 * kernel-default-vdso-5.14.21-150500.55.103.1 * kernel-kvmsmall-vdso-5.14.21-150500.55.103.1 * openSUSE Leap 15.5 (aarch64 ppc64le x86_64) * kernel-kvmsmall-debugsource-5.14.21-150500.55.103.1 * kernel-kvmsmall-devel-debuginfo-5.14.21-150500.55.103.1 * kernel-default-base-5.14.21-150500.55.103.1.150500.6.49.1 * kernel-default-base-rebuild-5.14.21-150500.55.103.1.150500.6.49.1 * kernel-kvmsmall-debuginfo-5.14.21-150500.55.103.1 * kernel-kvmsmall-devel-5.14.21-150500.55.103.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * kernel-default-devel-5.14.21-150500.55.103.1 * ocfs2-kmp-default-5.14.21-150500.55.103.1 * kernel-default-optional-5.14.21-150500.55.103.1 * kernel-default-extra-debuginfo-5.14.21-150500.55.103.1 * gfs2-kmp-default-5.14.21-150500.55.103.1 * kernel-default-debuginfo-5.14.21-150500.55.103.1 * kernel-default-debugsource-5.14.21-150500.55.103.1 * kselftests-kmp-default-debuginfo-5.14.21-150500.55.103.1 * dlm-kmp-default-5.14.21-150500.55.103.1 * cluster-md-kmp-default-5.14.21-150500.55.103.1 * kernel-default-devel-debuginfo-5.14.21-150500.55.103.1 * kernel-default-extra-5.14.21-150500.55.103.1 * dlm-kmp-default-debuginfo-5.14.21-150500.55.103.1 * kernel-syms-5.14.21-150500.55.103.1 * kernel-obs-build-debugsource-5.14.21-150500.55.103.1 * kernel-default-optional-debuginfo-5.14.21-150500.55.103.1 * kernel-obs-build-5.14.21-150500.55.103.1 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.103.1 * kernel-obs-qa-5.14.21-150500.55.103.1 * reiserfs-kmp-default-debuginfo-5.14.21-150500.55.103.1 * kernel-default-livepatch-5.14.21-150500.55.103.1 * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.103.1 * kselftests-kmp-default-5.14.21-150500.55.103.1 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.103.1 * reiserfs-kmp-default-5.14.21-150500.55.103.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150500.55.103.1 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_103-default-1-150500.11.3.1 * kernel-livepatch-SLE15-SP5_Update_26-debugsource-1-150500.11.3.1 * kernel-default-livepatch-devel-5.14.21-150500.55.103.1 * kernel-livepatch-5_14_21-150500_55_103-default-debuginfo-1-150500.11.3.1 * openSUSE Leap 15.5 (aarch64 nosrc ppc64le x86_64) * kernel-kvmsmall-5.14.21-150500.55.103.1 * openSUSE Leap 15.5 (nosrc s390x) * kernel-zfcpdump-5.14.21-150500.55.103.1 * openSUSE Leap 15.5 (s390x) * kernel-zfcpdump-debuginfo-5.14.21-150500.55.103.1 * kernel-zfcpdump-debugsource-5.14.21-150500.55.103.1 * openSUSE Leap 15.5 (nosrc) * dtb-aarch64-5.14.21-150500.55.103.1 * openSUSE Leap 15.5 (aarch64) * dtb-mediatek-5.14.21-150500.55.103.1 * gfs2-kmp-64kb-5.14.21-150500.55.103.1 * dtb-freescale-5.14.21-150500.55.103.1 * gfs2-kmp-64kb-debuginfo-5.14.21-150500.55.103.1 * dlm-kmp-64kb-debuginfo-5.14.21-150500.55.103.1 * reiserfs-kmp-64kb-debuginfo-5.14.21-150500.55.103.1 * dtb-qcom-5.14.21-150500.55.103.1 * dtb-sprd-5.14.21-150500.55.103.1 * dtb-altera-5.14.21-150500.55.103.1 * dtb-xilinx-5.14.21-150500.55.103.1 * kernel-64kb-extra-5.14.21-150500.55.103.1 * dtb-apm-5.14.21-150500.55.103.1 * dtb-cavium-5.14.21-150500.55.103.1 * dtb-rockchip-5.14.21-150500.55.103.1 * ocfs2-kmp-64kb-5.14.21-150500.55.103.1 * dtb-amd-5.14.21-150500.55.103.1 * ocfs2-kmp-64kb-debuginfo-5.14.21-150500.55.103.1 * cluster-md-kmp-64kb-debuginfo-5.14.21-150500.55.103.1 * dtb-amlogic-5.14.21-150500.55.103.1 * dtb-arm-5.14.21-150500.55.103.1 * kernel-64kb-optional-5.14.21-150500.55.103.1 * dtb-apple-5.14.21-150500.55.103.1 * dtb-renesas-5.14.21-150500.55.103.1 * dtb-lg-5.14.21-150500.55.103.1 * dtb-broadcom-5.14.21-150500.55.103.1 * kernel-64kb-devel-5.14.21-150500.55.103.1 * reiserfs-kmp-64kb-5.14.21-150500.55.103.1 * kernel-64kb-devel-debuginfo-5.14.21-150500.55.103.1 * kselftests-kmp-64kb-5.14.21-150500.55.103.1 * dlm-kmp-64kb-5.14.21-150500.55.103.1 * dtb-hisilicon-5.14.21-150500.55.103.1 * kselftests-kmp-64kb-debuginfo-5.14.21-150500.55.103.1 * dtb-marvell-5.14.21-150500.55.103.1 * dtb-socionext-5.14.21-150500.55.103.1 * dtb-exynos-5.14.21-150500.55.103.1 * dtb-nvidia-5.14.21-150500.55.103.1 * dtb-allwinner-5.14.21-150500.55.103.1 * kernel-64kb-extra-debuginfo-5.14.21-150500.55.103.1 * dtb-amazon-5.14.21-150500.55.103.1 * kernel-64kb-debugsource-5.14.21-150500.55.103.1 * cluster-md-kmp-64kb-5.14.21-150500.55.103.1 * kernel-64kb-optional-debuginfo-5.14.21-150500.55.103.1 * kernel-64kb-debuginfo-5.14.21-150500.55.103.1 * openSUSE Leap 15.5 (aarch64 nosrc) * kernel-64kb-5.14.21-150500.55.103.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150500.55.103.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 x86_64) * kernel-default-base-5.14.21-150500.55.103.1.150500.6.49.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * kernel-default-debuginfo-5.14.21-150500.55.103.1 * kernel-default-debugsource-5.14.21-150500.55.103.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * kernel-macros-5.14.21-150500.55.103.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47671.html * https://www.suse.com/security/cve/CVE-2022-48933.html * https://www.suse.com/security/cve/CVE-2022-49110.html * https://www.suse.com/security/cve/CVE-2022-49139.html * https://www.suse.com/security/cve/CVE-2022-49741.html * https://www.suse.com/security/cve/CVE-2022-49745.html * https://www.suse.com/security/cve/CVE-2022-49767.html * https://www.suse.com/security/cve/CVE-2023-52928.html * https://www.suse.com/security/cve/CVE-2023-52931.html * https://www.suse.com/security/cve/CVE-2023-52936.html * https://www.suse.com/security/cve/CVE-2023-52937.html * https://www.suse.com/security/cve/CVE-2023-52938.html * https://www.suse.com/security/cve/CVE-2023-52981.html * https://www.suse.com/security/cve/CVE-2023-52982.html * https://www.suse.com/security/cve/CVE-2023-52986.html * https://www.suse.com/security/cve/CVE-2023-52994.html * https://www.suse.com/security/cve/CVE-2023-53001.html * https://www.suse.com/security/cve/CVE-2023-53002.html * https://www.suse.com/security/cve/CVE-2023-53009.html * https://www.suse.com/security/cve/CVE-2023-53014.html * https://www.suse.com/security/cve/CVE-2023-53018.html * https://www.suse.com/security/cve/CVE-2023-53031.html * https://www.suse.com/security/cve/CVE-2023-53051.html * https://www.suse.com/security/cve/CVE-2024-42307.html * https://www.suse.com/security/cve/CVE-2024-46763.html * https://www.suse.com/security/cve/CVE-2024-46865.html * https://www.suse.com/security/cve/CVE-2024-50038.html * https://www.suse.com/security/cve/CVE-2025-21726.html * https://www.suse.com/security/cve/CVE-2025-21785.html * https://www.suse.com/security/cve/CVE-2025-21791.html * https://www.suse.com/security/cve/CVE-2025-21812.html * https://www.suse.com/security/cve/CVE-2025-21839.html * https://www.suse.com/security/cve/CVE-2025-22004.html * https://www.suse.com/security/cve/CVE-2025-22020.html * https://www.suse.com/security/cve/CVE-2025-22045.html * https://www.suse.com/security/cve/CVE-2025-22055.html * https://www.suse.com/security/cve/CVE-2025-22097.html * https://www.suse.com/security/cve/CVE-2025-2312.html * https://www.suse.com/security/cve/CVE-2025-23138.html * https://www.suse.com/security/cve/CVE-2025-39735.html * https://bugzilla.suse.com/show_bug.cgi?id=1054914 * https://bugzilla.suse.com/show_bug.cgi?id=1206843 * https://bugzilla.suse.com/show_bug.cgi?id=1210409 * https://bugzilla.suse.com/show_bug.cgi?id=1225903 * https://bugzilla.suse.com/show_bug.cgi?id=1229361 * https://bugzilla.suse.com/show_bug.cgi?id=1229621 * https://bugzilla.suse.com/show_bug.cgi?id=1230764 * https://bugzilla.suse.com/show_bug.cgi?id=1231103 * https://bugzilla.suse.com/show_bug.cgi?id=1231910 * https://bugzilla.suse.com/show_bug.cgi?id=1236777 * https://bugzilla.suse.com/show_bug.cgi?id=1237981 * https://bugzilla.suse.com/show_bug.cgi?id=1238032 * https://bugzilla.suse.com/show_bug.cgi?id=1238471 * https://bugzilla.suse.com/show_bug.cgi?id=1238512 * https://bugzilla.suse.com/show_bug.cgi?id=1238747 * https://bugzilla.suse.com/show_bug.cgi?id=1238865 * https://bugzilla.suse.com/show_bug.cgi?id=1239061 * https://bugzilla.suse.com/show_bug.cgi?id=1239684 * https://bugzilla.suse.com/show_bug.cgi?id=1239968 * https://bugzilla.suse.com/show_bug.cgi?id=1240209 * https://bugzilla.suse.com/show_bug.cgi?id=1240211 * https://bugzilla.suse.com/show_bug.cgi?id=1240214 * https://bugzilla.suse.com/show_bug.cgi?id=1240228 * https://bugzilla.suse.com/show_bug.cgi?id=1240230 * https://bugzilla.suse.com/show_bug.cgi?id=1240246 * https://bugzilla.suse.com/show_bug.cgi?id=1240248 * https://bugzilla.suse.com/show_bug.cgi?id=1240269 * https://bugzilla.suse.com/show_bug.cgi?id=1240271 * https://bugzilla.suse.com/show_bug.cgi?id=1240274 * https://bugzilla.suse.com/show_bug.cgi?id=1240285 * https://bugzilla.suse.com/show_bug.cgi?id=1240295 * https://bugzilla.suse.com/show_bug.cgi?id=1240306 * https://bugzilla.suse.com/show_bug.cgi?id=1240314 * https://bugzilla.suse.com/show_bug.cgi?id=1240315 * https://bugzilla.suse.com/show_bug.cgi?id=1240321 * https://bugzilla.suse.com/show_bug.cgi?id=1240747 * https://bugzilla.suse.com/show_bug.cgi?id=1240835 * https://bugzilla.suse.com/show_bug.cgi?id=1241280 * https://bugzilla.suse.com/show_bug.cgi?id=1241371 * https://bugzilla.suse.com/show_bug.cgi?id=1241421 * https://bugzilla.suse.com/show_bug.cgi?id=1241433 * https://bugzilla.suse.com/show_bug.cgi?id=1241541 * https://bugzilla.suse.com/show_bug.cgi?id=1241625 * https://bugzilla.suse.com/show_bug.cgi?id=1241648 * https://bugzilla.suse.com/show_bug.cgi?id=1242284 * https://bugzilla.suse.com/show_bug.cgi?id=1242493 * https://bugzilla.suse.com/show_bug.cgi?id=1242778 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 21 12:32:29 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 21 May 2025 12:32:29 -0000 Subject: SUSE-SU-2025:01619-1: moderate: Security update for s390-tools Message-ID: <174783074905.21669.9124482123517020614@smelt2.prg2.suse.org> # Security update for s390-tools Announcement ID: SUSE-SU-2025:01619-1 Release Date: 2025-05-21T09:57:21Z Rating: moderate References: * bsc#1242622 * jsc#PED-12028 Cross-References: * CVE-2025-3416 CVSS scores: * CVE-2025-3416 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-3416 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-3416 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability and contains one feature can now be installed. ## Description: This update for s390-tools rebuilds the existing package with the new 4k RSA secure boot key. Security issues fixed: * CVE-2025-3416: Fixed Use-After-Free in Md::fetch and Cipher::fetch in rust- openssl crate. (bsc#1242622) Other issues: * Added the new IBM z17 (9175) processor type ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1619=1 openSUSE-SLE-15.6-2025-1619=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1619=1 ## Package List: * openSUSE Leap 15.6 (s390x x86_64) * s390-tools-2.31.0-150600.8.16.1 * s390-tools-debugsource-2.31.0-150600.8.16.1 * s390-tools-debuginfo-2.31.0-150600.8.16.1 * openSUSE Leap 15.6 (s390x) * libekmfweb1-devel-2.31.0-150600.8.16.1 * libkmipclient1-2.31.0-150600.8.16.1 * libkmipclient1-debuginfo-2.31.0-150600.8.16.1 * s390-tools-chreipl-fcp-mpath-2.31.0-150600.8.16.1 * s390-tools-zdsfs-2.31.0-150600.8.16.1 * osasnmpd-2.31.0-150600.8.16.1 * s390-tools-hmcdrvfs-debuginfo-2.31.0-150600.8.16.1 * libekmfweb1-debuginfo-2.31.0-150600.8.16.1 * s390-tools-zdsfs-debuginfo-2.31.0-150600.8.16.1 * libekmfweb1-2.31.0-150600.8.16.1 * s390-tools-hmcdrvfs-2.31.0-150600.8.16.1 * libkmipclient1-devel-2.31.0-150600.8.16.1 * osasnmpd-debuginfo-2.31.0-150600.8.16.1 * openSUSE Leap 15.6 (noarch) * s390-tools-genprotimg-data-2.31.0-150600.8.16.1 * Basesystem Module 15-SP6 (s390x) * libekmfweb1-devel-2.31.0-150600.8.16.1 * libkmipclient1-2.31.0-150600.8.16.1 * libkmipclient1-debuginfo-2.31.0-150600.8.16.1 * s390-tools-chreipl-fcp-mpath-2.31.0-150600.8.16.1 * s390-tools-zdsfs-2.31.0-150600.8.16.1 * osasnmpd-2.31.0-150600.8.16.1 * s390-tools-hmcdrvfs-debuginfo-2.31.0-150600.8.16.1 * libekmfweb1-debuginfo-2.31.0-150600.8.16.1 * libekmfweb1-2.31.0-150600.8.16.1 * s390-tools-hmcdrvfs-2.31.0-150600.8.16.1 * s390-tools-zdsfs-debuginfo-2.31.0-150600.8.16.1 * osasnmpd-debuginfo-2.31.0-150600.8.16.1 * Basesystem Module 15-SP6 (s390x x86_64) * s390-tools-2.31.0-150600.8.16.1 * s390-tools-debugsource-2.31.0-150600.8.16.1 * s390-tools-debuginfo-2.31.0-150600.8.16.1 * Basesystem Module 15-SP6 (noarch) * s390-tools-genprotimg-data-2.31.0-150600.8.16.1 ## References: * https://www.suse.com/security/cve/CVE-2025-3416.html * https://bugzilla.suse.com/show_bug.cgi?id=1242622 * https://jira.suse.com/browse/PED-12028 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 21 12:32:31 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 21 May 2025 12:32:31 -0000 Subject: SUSE-RU-2025:01618-1: moderate: Recommended update for drbd Message-ID: <174783075173.21669.11477832312661286954@smelt2.prg2.suse.org> # Recommended update for drbd Announcement ID: SUSE-RU-2025:01618-1 Release Date: 2025-05-21T09:54:49Z Rating: moderate References: * jsc#PED-12028 Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise High Availability Extension 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that contains one feature can now be installed. ## Description: This update for drbd rebuilds the existing package with the new 4k RSA secure boot key for IBM Power and Z. Note: the signing key of x86 / x86_64 and aarch64 architectures are unchanged. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1618=1 openSUSE-SLE-15.6-2025-1618=1 * SUSE Linux Enterprise High Availability Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-HA-15-SP6-2025-1618=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * drbd-kmp-default-9.1.16_k6.4.0_150600.23.47-150600.5.4.1 * drbd-kmp-default-debuginfo-9.1.16_k6.4.0_150600.23.47-150600.5.4.1 * drbd-debugsource-9.1.16-150600.5.4.1 * drbd-9.1.16-150600.5.4.1 * openSUSE Leap 15.6 (aarch64) * drbd-kmp-64kb-9.1.16_k6.4.0_150600.23.47-150600.5.4.1 * drbd-kmp-64kb-debuginfo-9.1.16_k6.4.0_150600.23.47-150600.5.4.1 * SUSE Linux Enterprise High Availability Extension 15 SP6 (aarch64 ppc64le s390x x86_64) * drbd-kmp-default-9.1.16_k6.4.0_150600.23.47-150600.5.4.1 * drbd-kmp-default-debuginfo-9.1.16_k6.4.0_150600.23.47-150600.5.4.1 * drbd-debugsource-9.1.16-150600.5.4.1 * drbd-9.1.16-150600.5.4.1 ## References: * https://jira.suse.com/browse/PED-12028 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 21 12:32:33 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 21 May 2025 12:32:33 -0000 Subject: SUSE-RU-2025:01617-1: moderate: Recommended update for oracleasm Message-ID: <174783075337.21669.4664662198299595404@smelt2.prg2.suse.org> # Recommended update for oracleasm Announcement ID: SUSE-RU-2025:01617-1 Release Date: 2025-05-21T09:54:11Z Rating: moderate References: * jsc#PED-12028 Affected Products: * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that contains one feature can now be installed. ## Description: This update for oracleasm rebuilds the existing package with the new 4k RSA secure boot key for IBM Power and Z. Note: the signing key of x86 / x86_64 and aarch64 architectures are unchanged. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1617=1 openSUSE-SLE-15.6-2025-1617=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-1617=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * oracleasm-debugsource-2.0.8-150600.16.7.1 * oracleasm-kmp-default-debuginfo-2.0.8_k6.4.0_150600.23.47-150600.16.7.1 * oracleasm-kmp-default-2.0.8_k6.4.0_150600.23.47-150600.16.7.1 * openSUSE Leap 15.6 (x86_64) * oracleasm-kmp-rt-debuginfo-2.0.8_k6.4.0_150600.6-150600.16.7.1 * oracleasm-kmp-rt-2.0.8_k6.4.0_150600.6-150600.16.7.1 * openSUSE Leap 15.6 (aarch64) * oracleasm-kmp-64kb-2.0.8_k6.4.0_150600.23.47-150600.16.7.1 * oracleasm-kmp-64kb-debuginfo-2.0.8_k6.4.0_150600.23.47-150600.16.7.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * oracleasm-kmp-default-2.0.8_k6.4.0_150600.23.47-150600.16.7.1 * oracleasm-kmp-default-debuginfo-2.0.8_k6.4.0_150600.23.47-150600.16.7.1 ## References: * https://jira.suse.com/browse/PED-12028 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 21 12:32:34 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 21 May 2025 12:32:34 -0000 Subject: SUSE-RU-2025:01616-1: moderate: Recommended update for dpdk Message-ID: <174783075479.21669.13088212952843018733@smelt2.prg2.suse.org> # Recommended update for dpdk Announcement ID: SUSE-RU-2025:01616-1 Release Date: 2025-05-21T09:53:54Z Rating: moderate References: * jsc#PED-12028 Affected Products: * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that contains one feature can now be installed. ## Description: This update for dpdk rebuilds the existing package with the new 4k RSA secure boot key for IBM Power and Z. Note: the signing key of x86 / x86_64 and aarch64 architectures are unchanged. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1616=1 openSUSE-SLE-15.6-2025-1616=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-1616=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le x86_64) * dpdk-kmp-default-debuginfo-22.11.1_k6.4.0_150600.23.47-150600.3.11.1 * libdpdk-23-22.11.1-150600.3.11.1 * libdpdk-23-debuginfo-22.11.1-150600.3.11.1 * dpdk-examples-debuginfo-22.11.1-150600.3.11.1 * dpdk-debuginfo-22.11.1-150600.3.11.1 * dpdk-devel-static-22.11.1-150600.3.11.1 * dpdk-examples-22.11.1-150600.3.11.1 * dpdk-22.11.1-150600.3.11.1 * dpdk-debugsource-22.11.1-150600.3.11.1 * dpdk-kmp-default-22.11.1_k6.4.0_150600.23.47-150600.3.11.1 * dpdk-tools-22.11.1-150600.3.11.1 * dpdk-devel-22.11.1-150600.3.11.1 * openSUSE Leap 15.6 (noarch) * dpdk-doc-22.11.1-150600.3.11.1 * dpdk-thunderx-doc-22.11.1-150600.3.11.1 * openSUSE Leap 15.6 (aarch64) * dpdk-thunderx-debugsource-22.11.1-150600.3.11.1 * dpdk-thunderx-devel-22.11.1-150600.3.11.1 * dpdk-thunderx-kmp-default-22.11.1_k6.4.0_150600.23.47-150600.3.11.1 * dpdk-thunderx-kmp-default-debuginfo-22.11.1_k6.4.0_150600.23.47-150600.3.11.1 * dpdk-thunderx-examples-22.11.1-150600.3.11.1 * dpdk-thunderx-tools-22.11.1-150600.3.11.1 * dpdk-thunderx-22.11.1-150600.3.11.1 * dpdk-thunderx-examples-debuginfo-22.11.1-150600.3.11.1 * dpdk-thunderx-debuginfo-22.11.1-150600.3.11.1 * dpdk-thunderx-devel-static-22.11.1-150600.3.11.1 * Server Applications Module 15-SP6 (aarch64 ppc64le x86_64) * dpdk-kmp-default-debuginfo-22.11.1_k6.4.0_150600.23.47-150600.3.11.1 * libdpdk-23-22.11.1-150600.3.11.1 * libdpdk-23-debuginfo-22.11.1-150600.3.11.1 * dpdk-debuginfo-22.11.1-150600.3.11.1 * dpdk-22.11.1-150600.3.11.1 * dpdk-debugsource-22.11.1-150600.3.11.1 * dpdk-kmp-default-22.11.1_k6.4.0_150600.23.47-150600.3.11.1 * dpdk-tools-22.11.1-150600.3.11.1 * dpdk-devel-22.11.1-150600.3.11.1 * Server Applications Module 15-SP6 (aarch64) * dpdk-thunderx-debugsource-22.11.1-150600.3.11.1 * dpdk-thunderx-devel-22.11.1-150600.3.11.1 * dpdk-thunderx-kmp-default-22.11.1_k6.4.0_150600.23.47-150600.3.11.1 * dpdk-thunderx-kmp-default-debuginfo-22.11.1_k6.4.0_150600.23.47-150600.3.11.1 * dpdk-thunderx-22.11.1-150600.3.11.1 * dpdk-thunderx-debuginfo-22.11.1-150600.3.11.1 ## References: * https://jira.suse.com/browse/PED-12028 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 21 12:32:39 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 21 May 2025 12:32:39 -0000 Subject: SUSE-SU-2025:01615-1: moderate: Security update for grub2 Message-ID: <174783075915.21669.1562368159525355095@smelt2.prg2.suse.org> # Security update for grub2 Announcement ID: SUSE-SU-2025:01615-1 Release Date: 2025-05-21T09:53:14Z Rating: moderate References: * bsc#1235958 * bsc#1235971 * bsc#1239651 * bsc#1242971 * jsc#PED-12028 Cross-References: * CVE-2025-4382 CVSS scores: * CVE-2025-4382 ( SUSE ): 8.4 CVSS:4.0/AV:P/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N * CVE-2025-4382 ( SUSE ): 5.9 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2025-4382 ( NVD ): 5.9 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability, contains one feature and has three security fixes can now be installed. ## Description: This update for grub2 rebuilds the existing package with the new 4k RSA secure boot key for IBM Power and Z. Note: the signing key of x86 / x86_64 and aarch64 architectures are unchanged. Also the following issue were fixed: * CVE-2025-4382: TPM auto-decryption data exposure (bsc#1242971) * Fix segmentation fault error in grub2-probe with target=hints_string (bsc#1235971) (bsc#1235958) (bsc#1239651) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1615=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-1615=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1615=1 openSUSE-SLE-15.6-2025-1615=1 ## Package List: * Basesystem Module 15-SP6 (noarch) * grub2-powerpc-ieee1275-2.12-150600.8.27.1 * grub2-i386-pc-2.12-150600.8.27.1 * grub2-snapper-plugin-2.12-150600.8.27.1 * grub2-x86_64-efi-2.12-150600.8.27.1 * grub2-systemd-sleep-plugin-2.12-150600.8.27.1 * grub2-arm64-efi-2.12-150600.8.27.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * grub2-debuginfo-2.12-150600.8.27.1 * grub2-2.12-150600.8.27.1 * Basesystem Module 15-SP6 (aarch64 s390x x86_64) * grub2-debugsource-2.12-150600.8.27.1 * Basesystem Module 15-SP6 (s390x) * grub2-s390x-emu-2.12-150600.8.27.1 * Server Applications Module 15-SP6 (noarch) * grub2-x86_64-xen-2.12-150600.8.27.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * grub2-debuginfo-2.12-150600.8.27.1 * grub2-2.12-150600.8.27.1 * grub2-branding-upstream-2.12-150600.8.27.1 * openSUSE Leap 15.6 (aarch64 s390x x86_64 i586) * grub2-debugsource-2.12-150600.8.27.1 * openSUSE Leap 15.6 (noarch) * grub2-powerpc-ieee1275-debug-2.12-150600.8.27.1 * grub2-powerpc-ieee1275-2.12-150600.8.27.1 * grub2-i386-pc-2.12-150600.8.27.1 * grub2-arm64-efi-extras-2.12-150600.8.27.1 * grub2-snapper-plugin-2.12-150600.8.27.1 * grub2-x86_64-efi-extras-2.12-150600.8.27.1 * grub2-i386-pc-extras-2.12-150600.8.27.1 * grub2-i386-xen-2.12-150600.8.27.1 * grub2-arm64-efi-debug-2.12-150600.8.27.1 * grub2-powerpc-ieee1275-extras-2.12-150600.8.27.1 * grub2-i386-efi-2.12-150600.8.27.1 * grub2-x86_64-efi-debug-2.12-150600.8.27.1 * grub2-i386-efi-debug-2.12-150600.8.27.1 * grub2-x86_64-xen-2.12-150600.8.27.1 * grub2-i386-efi-extras-2.12-150600.8.27.1 * grub2-i386-xen-debug-2.12-150600.8.27.1 * grub2-i386-pc-debug-2.12-150600.8.27.1 * grub2-arm64-efi-2.12-150600.8.27.1 * grub2-x86_64-xen-extras-2.12-150600.8.27.1 * grub2-s390x-emu-extras-2.12-150600.8.27.1 * grub2-x86_64-xen-debug-2.12-150600.8.27.1 * grub2-i386-xen-extras-2.12-150600.8.27.1 * grub2-x86_64-efi-2.12-150600.8.27.1 * grub2-systemd-sleep-plugin-2.12-150600.8.27.1 * openSUSE Leap 15.6 (s390x) * grub2-s390x-emu-2.12-150600.8.27.1 * grub2-s390x-emu-debug-2.12-150600.8.27.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4382.html * https://bugzilla.suse.com/show_bug.cgi?id=1235958 * https://bugzilla.suse.com/show_bug.cgi?id=1235971 * https://bugzilla.suse.com/show_bug.cgi?id=1239651 * https://bugzilla.suse.com/show_bug.cgi?id=1242971 * https://jira.suse.com/browse/PED-12028 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 21 12:35:45 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 21 May 2025 12:35:45 -0000 Subject: SUSE-SU-2025:01614-1: important: Security update for the Linux Kernel Message-ID: <174783094546.21669.7126977409485547655@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:01614-1 Release Date: 2025-05-21T09:52:56Z Rating: important References: * bsc#1215199 * bsc#1223809 * bsc#1224013 * bsc#1224597 * bsc#1224757 * bsc#1228659 * bsc#1230764 * bsc#1231103 * bsc#1231910 * bsc#1232493 * bsc#1233075 * bsc#1233098 * bsc#1234074 * bsc#1234157 * bsc#1234698 * bsc#1235501 * bsc#1235526 * bsc#1235550 * bsc#1235870 * bsc#1236086 * bsc#1236704 * bsc#1237111 * bsc#1237874 * bsc#1237882 * bsc#1238052 * bsc#1238212 * bsc#1238471 * bsc#1238527 * bsc#1238565 * bsc#1238714 * bsc#1238737 * bsc#1238742 * bsc#1238745 * bsc#1238746 * bsc#1238862 * bsc#1238961 * bsc#1238970 * bsc#1238983 * bsc#1238990 * bsc#1239066 * bsc#1239079 * bsc#1239108 * bsc#1239470 * bsc#1239475 * bsc#1239476 * bsc#1239487 * bsc#1239510 * bsc#1239684 * bsc#1239906 * bsc#1239925 * bsc#1239997 * bsc#1240167 * bsc#1240168 * bsc#1240171 * bsc#1240176 * bsc#1240181 * bsc#1240184 * bsc#1240185 * bsc#1240375 * bsc#1240557 * bsc#1240575 * bsc#1240576 * bsc#1240581 * bsc#1240582 * bsc#1240583 * bsc#1240584 * bsc#1240585 * bsc#1240587 * bsc#1240590 * bsc#1240591 * bsc#1240592 * bsc#1240594 * bsc#1240595 * bsc#1240596 * bsc#1240600 * bsc#1240612 * bsc#1240616 * bsc#1240639 * bsc#1240643 * bsc#1240647 * bsc#1240655 * bsc#1240691 * bsc#1240700 * bsc#1240701 * bsc#1240703 * bsc#1240708 * bsc#1240709 * bsc#1240712 * bsc#1240713 * bsc#1240714 * bsc#1240715 * bsc#1240716 * bsc#1240717 * bsc#1240718 * bsc#1240719 * bsc#1240720 * bsc#1240722 * bsc#1240727 * bsc#1240739 * bsc#1240740 * bsc#1240742 * bsc#1240779 * bsc#1240783 * bsc#1240784 * bsc#1240785 * bsc#1240795 * bsc#1240796 * bsc#1240797 * bsc#1240799 * bsc#1240801 * bsc#1240802 * bsc#1240806 * bsc#1240808 * bsc#1240809 * bsc#1240811 * bsc#1240812 * bsc#1240813 * bsc#1240815 * bsc#1240816 * bsc#1240819 * bsc#1240821 * bsc#1240825 * bsc#1240829 * bsc#1240835 * bsc#1240873 * bsc#1240934 * bsc#1240936 * bsc#1240937 * bsc#1240938 * bsc#1240940 * bsc#1240942 * bsc#1240943 * bsc#1240944 * bsc#1240978 * bsc#1240979 * bsc#1241010 * bsc#1241038 * bsc#1241051 * bsc#1241123 * bsc#1241151 * bsc#1241167 * bsc#1241175 * bsc#1241204 * bsc#1241250 * bsc#1241265 * bsc#1241266 * bsc#1241280 * bsc#1241332 * bsc#1241333 * bsc#1241341 * bsc#1241343 * bsc#1241344 * bsc#1241347 * bsc#1241357 * bsc#1241361 * bsc#1241369 * bsc#1241371 * bsc#1241373 * bsc#1241378 * bsc#1241394 * bsc#1241402 * bsc#1241412 * bsc#1241413 * bsc#1241416 * bsc#1241424 * bsc#1241426 * bsc#1241433 * bsc#1241436 * bsc#1241441 * bsc#1241442 * bsc#1241443 * bsc#1241451 * bsc#1241452 * bsc#1241456 * bsc#1241458 * bsc#1241459 * bsc#1241526 * bsc#1241528 * bsc#1241537 * bsc#1241541 * bsc#1241545 * bsc#1241547 * bsc#1241548 * bsc#1241550 * bsc#1241573 * bsc#1241574 * bsc#1241575 * bsc#1241578 * bsc#1241590 * bsc#1241593 * bsc#1241598 * bsc#1241599 * bsc#1241601 * bsc#1241626 * bsc#1241640 * bsc#1241648 * bsc#1242006 * bsc#1242044 * bsc#1242172 * bsc#1242283 * bsc#1242307 * bsc#1242313 * bsc#1242314 * bsc#1242315 * bsc#1242321 * bsc#1242326 * bsc#1242327 * bsc#1242328 * bsc#1242332 * bsc#1242333 * bsc#1242335 * bsc#1242336 * bsc#1242342 * bsc#1242343 * bsc#1242344 * bsc#1242345 * bsc#1242346 * bsc#1242347 * bsc#1242348 * bsc#1242414 * bsc#1242526 * bsc#1242528 * bsc#1242534 * bsc#1242535 * bsc#1242536 * bsc#1242537 * bsc#1242538 * bsc#1242539 * bsc#1242540 * bsc#1242546 * bsc#1242556 * bsc#1242596 * bsc#1242710 * bsc#1242778 * bsc#1242831 * bsc#1242985 * jsc#PED-12309 Cross-References: * CVE-2023-53034 * CVE-2024-27018 * CVE-2024-27415 * CVE-2024-28956 * CVE-2024-35840 * CVE-2024-46763 * CVE-2024-46865 * CVE-2024-50038 * CVE-2024-50083 * CVE-2024-50162 * CVE-2024-50163 * CVE-2024-53124 * CVE-2024-53139 * CVE-2024-56641 * CVE-2024-56702 * CVE-2024-57924 * CVE-2024-57998 * CVE-2024-58001 * CVE-2024-58018 * CVE-2024-58068 * CVE-2024-58070 * CVE-2024-58071 * CVE-2024-58088 * CVE-2024-58093 * CVE-2024-58094 * CVE-2024-58095 * CVE-2024-58096 * CVE-2024-58097 * CVE-2025-21683 * CVE-2025-21696 * CVE-2025-21707 * CVE-2025-21729 * CVE-2025-21755 * CVE-2025-21758 * CVE-2025-21768 * CVE-2025-21792 * CVE-2025-21806 * CVE-2025-21808 * CVE-2025-21812 * CVE-2025-21833 * CVE-2025-21836 * CVE-2025-21852 * CVE-2025-21853 * CVE-2025-21854 * CVE-2025-21863 * CVE-2025-21867 * CVE-2025-21873 * CVE-2025-21875 * CVE-2025-21881 * CVE-2025-21884 * CVE-2025-21887 * CVE-2025-21889 * CVE-2025-21894 * CVE-2025-21895 * CVE-2025-21904 * CVE-2025-21905 * CVE-2025-21906 * CVE-2025-21908 * CVE-2025-21909 * CVE-2025-21910 * CVE-2025-21912 * CVE-2025-21913 * CVE-2025-21914 * CVE-2025-21915 * CVE-2025-21916 * CVE-2025-21917 * CVE-2025-21918 * CVE-2025-21922 * CVE-2025-21923 * CVE-2025-21924 * CVE-2025-21925 * CVE-2025-21926 * CVE-2025-21927 * CVE-2025-21928 * CVE-2025-21930 * CVE-2025-21931 * CVE-2025-21934 * CVE-2025-21935 * CVE-2025-21936 * CVE-2025-21937 * CVE-2025-21941 * CVE-2025-21943 * CVE-2025-21948 * CVE-2025-21950 * CVE-2025-21951 * CVE-2025-21953 * CVE-2025-21956 * CVE-2025-21957 * CVE-2025-21960 * CVE-2025-21961 * CVE-2025-21962 * CVE-2025-21963 * CVE-2025-21964 * CVE-2025-21966 * CVE-2025-21968 * CVE-2025-21969 * CVE-2025-21970 * CVE-2025-21971 * CVE-2025-21972 * CVE-2025-21975 * CVE-2025-21978 * CVE-2025-21979 * CVE-2025-21980 * CVE-2025-21981 * CVE-2025-21985 * CVE-2025-21991 * CVE-2025-21992 * CVE-2025-21993 * CVE-2025-21995 * CVE-2025-21996 * CVE-2025-21999 * CVE-2025-22001 * CVE-2025-22003 * CVE-2025-22004 * CVE-2025-22007 * CVE-2025-22008 * CVE-2025-22009 * CVE-2025-22010 * CVE-2025-22013 * CVE-2025-22014 * CVE-2025-22015 * CVE-2025-22016 * CVE-2025-22017 * CVE-2025-22018 * CVE-2025-22020 * CVE-2025-22025 * CVE-2025-22027 * CVE-2025-22029 * CVE-2025-22033 * CVE-2025-22036 * CVE-2025-22044 * CVE-2025-22045 * CVE-2025-22050 * CVE-2025-22053 * CVE-2025-22055 * CVE-2025-22058 * CVE-2025-22060 * CVE-2025-22062 * CVE-2025-22064 * CVE-2025-22065 * CVE-2025-22075 * CVE-2025-22080 * CVE-2025-22086 * CVE-2025-22088 * CVE-2025-22090 * CVE-2025-22093 * CVE-2025-22097 * CVE-2025-22102 * CVE-2025-22104 * CVE-2025-22105 * CVE-2025-22106 * CVE-2025-22107 * CVE-2025-22108 * CVE-2025-22109 * CVE-2025-22115 * CVE-2025-22116 * CVE-2025-22121 * CVE-2025-22128 * CVE-2025-2312 * CVE-2025-23129 * CVE-2025-23131 * CVE-2025-23133 * CVE-2025-23136 * CVE-2025-23138 * CVE-2025-23145 * CVE-2025-37785 * CVE-2025-37798 * CVE-2025-37799 * CVE-2025-37860 * CVE-2025-39728 CVSS scores: * CVE-2023-53034 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2023-53034 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-27018 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27018 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27415 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L * CVE-2024-28956 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-28956 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-28956 ( NVD ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-28956 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-35840 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46763 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46763 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46865 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46865 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-50038 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50038 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50083 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50083 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50162 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50162 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50162 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50163 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50163 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50163 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53124 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53124 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53139 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53139 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53139 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56641 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56641 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56702 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56702 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56702 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57924 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-57924 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57998 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58001 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-58001 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-58018 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58068 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58068 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58070 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58070 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58071 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58071 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58088 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-58088 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58088 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58093 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-58093 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58094 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-58094 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58095 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-58095 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58096 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-58096 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-58097 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-58097 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58097 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21683 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-21683 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-21683 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21696 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21696 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21707 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21707 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21729 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21729 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21755 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21755 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21758 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21768 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21792 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21806 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21808 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21812 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21812 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21812 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21833 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21833 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21833 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21836 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21852 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21852 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21853 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21853 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21854 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21854 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21863 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21863 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21867 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21867 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21873 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21875 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21881 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21884 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21887 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21887 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21889 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21894 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21894 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21895 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21895 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21904 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21904 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21904 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21905 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21905 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21905 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-21906 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21906 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21908 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21908 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21908 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21909 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21909 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21910 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21910 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21912 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21912 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21912 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21913 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21913 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21914 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21914 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21915 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21915 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21915 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21915 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21916 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21916 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21917 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21917 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21917 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21918 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21918 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21918 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21922 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21922 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-21922 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21923 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21923 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21923 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21923 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21924 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21924 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21925 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21925 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21926 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21926 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21927 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21927 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21927 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21928 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21928 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21928 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21928 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21930 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21930 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21930 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21931 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21931 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21934 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21934 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21934 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21935 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21935 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21936 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21936 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21936 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21937 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21937 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21937 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21941 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21941 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21941 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21943 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21943 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21943 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21948 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21948 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21948 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21950 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21950 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21951 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21951 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21951 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21953 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21953 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21953 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21956 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-21956 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2025-21957 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21957 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21957 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21960 ( SUSE ): 0.0 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-21960 ( SUSE ): 0.0 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:N * CVE-2025-21961 ( SUSE ): 6.0 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21961 ( SUSE ): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21961 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21962 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-21962 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-21962 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21963 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21963 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21963 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21964 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21964 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21964 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21966 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21966 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21966 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21968 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21968 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21968 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21969 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21969 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21969 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21970 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21970 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21971 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21971 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21972 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21972 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21975 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21975 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21978 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21978 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21979 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21979 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21979 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21980 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21980 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21980 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21981 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-21981 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-21981 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21985 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21985 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21991 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21991 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21991 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21992 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21992 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21993 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21993 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21993 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-21995 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21995 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21995 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21996 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21996 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21996 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21999 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21999 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21999 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22001 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-22001 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-22001 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22003 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22003 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22003 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22004 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22004 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22007 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22007 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22007 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22008 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22008 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22009 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22009 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22009 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22010 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22010 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22010 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22013 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22013 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22014 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22014 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22014 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22015 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22015 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22016 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22016 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22017 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22017 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22018 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22018 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22018 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22020 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22020 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22020 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22025 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-22025 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-22027 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22027 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22027 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22029 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22029 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22033 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22033 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22033 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22036 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22036 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22036 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22044 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22044 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22045 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22045 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22050 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22050 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22053 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22053 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22055 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22055 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-22058 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-22058 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-22060 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22060 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22062 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22062 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22062 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22064 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22064 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22065 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22065 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22065 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22075 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22075 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22080 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22080 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22080 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22086 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22086 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22088 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22088 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22088 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22090 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22090 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22093 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22093 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22097 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22097 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-22097 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22102 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22102 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22104 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22104 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-22105 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22105 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22106 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22106 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22107 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-22107 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H * CVE-2025-22108 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-22108 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2025-22109 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22109 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22115 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22115 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22116 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-22116 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2025-22121 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22121 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22128 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22128 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-2312 ( SUSE ): 6.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2025-2312 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2025-2312 ( NVD ): 5.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N * CVE-2025-23129 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-23129 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23131 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-23131 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23133 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-23133 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-23136 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-23136 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23136 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23138 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-23138 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23145 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-23145 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37785 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37785 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H * CVE-2025-37785 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-37798 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37799 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37860 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37860 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37860 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-39728 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-39728 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-39728 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * Development Tools Module 15-SP6 * Legacy Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Availability Extension 15 SP6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Workstation Extension 15 SP6 An update that solves 170 vulnerabilities, contains one feature and has 66 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-28956: x86/ibt: Keep IBT disabled during alternative patching (bsc#1242006). * CVE-2024-35840: mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect() (bsc#1224597). * CVE-2024-50038: netfilter: xtables: fix typo causing some targets not to load on IPv6 (bsc#1231910). * CVE-2024-50162: bpf: selftests: send packet to devmap redirect XDP (bsc#1233075). * CVE-2024-50163: bpf: Make sure internal and UAPI bpf_redirect flags do not overlap (bsc#1233098). * CVE-2024-53124: net: fix data-races around sk->sk_forward_alloc (bsc#1234074). * CVE-2024-53139: sctp: fix possible UAF in sctp_v6_available() (bsc#1234157). * CVE-2024-57924: fs: relax assertions on failure to encode file handles (bsc#1236086). * CVE-2024-58018: nvkm: correctly calculate the available space of the GSP cmdq buffer (bsc#1238990). * CVE-2024-58068: OPP: fix dev_pm_opp_find_bw_*() when bandwidth table not initialized (bsc#1238961). * CVE-2024-58070: bpf: bpf_local_storage: Always use bpf_mem_alloc in PREEMPT_RT (bsc#1238983). * CVE-2024-58071: team: prevent adding a device which is already a team device lower (bsc#1238970). * CVE-2024-58088: bpf: Fix deadlock when freeing cgroup storage (bsc#1239510). * CVE-2025-21683: bpf: Fix bpf_sk_select_reuseport() memory leak (bsc#1236704). * CVE-2025-21696: mm: clear uffd-wp PTE/PMD state on mremap() (bsc#1237111). * CVE-2025-21707: mptcp: consolidate suboption status (bsc#1238862). * CVE-2025-21729: wifi: rtw89: fix race between cancel_hw_scan and hw_scan completion (bsc#1237874). * CVE-2025-21755: vsock: Orphan socket after transport release (bsc#1237882). * CVE-2025-21758: ipv6: mcast: add RCU protection to mld_newpack() (bsc#1238737). * CVE-2025-21768: net: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels (bsc#1238714). * CVE-2025-21792: ax25: Fix refcount leak caused by setting SO_BINDTODEVICE sockopt (bsc#1238745). * CVE-2025-21806: net: let net.core.dev_weight always be non-zero (bsc#1238746). * CVE-2025-21808: net: xdp: Disallow attaching device-bound programs in generic mode (bsc#1238742). * CVE-2025-21812: ax25: rcu protect dev->ax25_ptr (bsc#1238471). * CVE-2025-21833: iommu/vt-d: Avoid use of NULL after WARN_ON_ONCE (bsc#1239108). * CVE-2025-21836: io_uring/kbuf: reallocate buf lists on upgrade (bsc#1239066). * CVE-2025-21854: selftest/bpf: Add vsock test for sockmap rejecting unconnected (bsc#1239470). * CVE-2025-21863: io_uring: prevent opcode speculation (bsc#1239475). * CVE-2025-21867: bpf, test_run: Fix use-after-free issue in eth_skb_pkt_type() (bsc#1240181). * CVE-2025-21873: scsi: ufs: core: bsg: Fix crash when arpmb command fails (bsc#1240184). * CVE-2025-21875: mptcp: always handle address removal under msk socket lock (bsc#1240168). * CVE-2025-21881: uprobes: Reject the shared zeropage in uprobe_write_opcode() (bsc#1240185). * CVE-2025-21884: net: better track kernel sockets lifetime (bsc#1240171). * CVE-2025-21887: ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up (bsc#1240176). * CVE-2025-21889: perf/core: Add RCU read lock protection to perf_iterate_ctx() (bsc#1240167). * CVE-2025-21894: net: enetc: VFs do not support HWTSTAMP_TX_ONESTEP_SYNC (bsc#1240581). * CVE-2025-21895: perf/core: Order the PMU list to fix warning about unordered pmu_ctx_list (bsc#1240585). * CVE-2025-21904: caif_virtio: fix wrong pointer check in cfv_probe() (bsc#1240576). * CVE-2025-21906: wifi: iwlwifi: mvm: clean up ROC on failure (bsc#1240587). * CVE-2025-21908: NFS: fix nfs_release_folio() to not deadlock via kcompactd writeback (bsc#1240600). * CVE-2025-21913: x86/amd_nb: Use rdmsr_safe() in amd_get_mmconfig_range() (bsc#1240591). * CVE-2025-21922: ppp: Fix KMSAN uninit-value warning with bpf (bsc#1240639). * CVE-2025-21924: net: hns3: make sure ptp clock is unregister and freed if hclge_ptp_get_cycle returns an error (bsc#1240720). * CVE-2025-21925: llc: do not use skb_get() before dev_queue_xmit() (bsc#1240713). * CVE-2025-21926: net: gso: fix ownership in __udp_gso_segment (bsc#1240712). * CVE-2025-21931: hwpoison, memory_hotplug: lock folio before unmap hwpoisoned folio (bsc#1240709). * CVE-2025-21957: scsi: qla1280: Fix kernel oops when debug level > 2 (bsc#1240742). * CVE-2025-21960: eth: bnxt: do not update checksum in bnxt_xdp_build_skb() (bsc#1240815). * CVE-2025-21961: eth: bnxt: fix truesize for mb-xdp-pass case (bsc#1240816). * CVE-2025-21962: cifs: Fix integer overflow while processing closetimeo mount option (bsc#1240655). * CVE-2025-21963: cifs: Fix integer overflow while processing acdirmax mount option (bsc#1240717). * CVE-2025-21964: cifs: Fix integer overflow while processing acregmax mount option (bsc#1240740). * CVE-2025-21969: kABI workaround for l2cap_conn changes (bsc#1240784). * CVE-2025-21970: net/mlx5: Bridge, fix the crash caused by LAG state check (bsc#1240819). * CVE-2025-21972: net: mctp: unshare packets when reassembling (bsc#1240813). * CVE-2025-21975: net/mlx5: handle errors in mlx5_chains_create_table() (bsc#1240812). * CVE-2025-21980: sched: address a potential NULL pointer dereference in the GRED scheduler (bsc#1240809). * CVE-2025-21981: ice: fix memory leak in aRFS after reset (bsc#1240612). * CVE-2025-21985: drm/amd/display: Fix out-of-bound accesses (bsc#1240811). * CVE-2025-21991: x86/microcode/AMD: Fix out-of-bounds on systems with CPU- less NUMA nodes (bsc#1240795). * CVE-2025-21993: iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() (bsc#1240797). * CVE-2025-21999: proc: fix UAF in proc_get_inode() (bsc#1240802). * CVE-2025-22004: net: atm: fix use after free in lec_send() (bsc#1240835). * CVE-2025-22015: mm/migrate: fix shmem xarray update during migration (bsc#1240944). * CVE-2025-22016: dpll: fix xa_alloc_cyclic() error handling (bsc#1240934). * CVE-2025-22017: devlink: fix xa_alloc_cyclic() error handling (bsc#1240936). * CVE-2025-22018: atm: Fix NULL pointer dereference (bsc#1241266). * CVE-2025-22029: exec: fix the racy usage of fs_struct->in_exec (bsc#1241378). * CVE-2025-22036: exfat: fix random stack corruption after get_block (bsc#1241426). * CVE-2025-22045: x86/mm: Fix flush_tlb_range() when used for zapping normal PMDs (bsc#1241433). * CVE-2025-22053: net: ibmveth: make veth_pool_store stop hanging (bsc#1241373). * CVE-2025-22055: net: fix geneve_opt length integer overflow (bsc#1241371). * CVE-2025-22058: udp: Fix memory accounting leak (bsc#1241332). * CVE-2025-22060: net: mvpp2: Prevent parser TCAM memory corruption (bsc#1241526). * CVE-2025-22064: netfilter: nf_tables: do not unregister hook when table is dormant (bsc#1241413). * CVE-2025-22080: fs/ntfs3: Prevent integer overflow in hdr_first_de() (bsc#1241416). * CVE-2025-22090: mm: (un)track_pfn_copy() fix + doc improvements (bsc#1241537). * CVE-2025-22102: Bluetooth: btnxpuart: Fix kernel panic during FW release (bsc#1241456). * CVE-2025-22104: ibmvnic: Use kernel helpers for hex dumps (bsc#1241550). * CVE-2025-22105, CVE-2025-37860: Add missing bugzilla references (bsc#1241452 bsc#1241548). * CVE-2025-22107: net: dsa: sja1105: fix kasan out-of-bounds warning in sja1105_table_delete_entry() (bsc#1241575). * CVE-2025-22109: ax25: Remove broken autobind (bsc#1241573). * CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241578). * CVE-2025-22121: ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all() (bsc#1241593). * CVE-2025-2312: CIFS: New mount option for cifs.upcall namespace resolution (bsc#1239684). * CVE-2025-23133: wifi: ath11k: update channel list in reg notifier instead reg worker (bsc#1241451). * CVE-2025-23138: watch_queue: fix pipe accounting mismatch (bsc#1241648). * CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242596). * CVE-2025-37785: ext4: fix OOB read when checking dotdot dir (bsc#1241640). * CVE-2025-37798: codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() (bsc#1242414). * CVE-2025-37799: vmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp (bsc#1242283). * CVE-2025-39728: clk: samsung: Fix UBSAN panic in samsung_clk_init() (bsc#1241626). The following non-security bugs were fixed: * ACPI PPTT: Fix coding mistakes in a couple of sizeof() calls (stable-fixes). * ACPI: EC: Set ec_no_wakeup for Lenovo Go S (stable-fixes). * ACPI: resource: Skip IRQ override on ASUS Vivobook 14 X1404VAP (stable- fixes). * ACPI: x86: Extend Lenovo Yoga Tab 3 quirk with skip GPIO event-handlers (git-fixes). * ALSA: hda/realtek - Enable speaker for HP platform (git-fixes). * ALSA: hda/realtek - Fixed ASUS platform headset Mic issue (git-fixes). * ALSA: hda/realtek: Fix built-in mic breakage on ASUS VivoBook X515JA (git- fixes). * ALSA: hda/realtek: Fix built-in mic on another ASUS VivoBook model (git- fixes). * ALSA: hda/realtek: Fix built-mic regression on other ASUS models (git- fixes). * ALSA: hda: intel: Add Lenovo IdeaPad Z570 to probe denylist (stable-fixes). * ALSA: hda: intel: Fix Optimus when GPU has no sound (stable-fixes). * ALSA: ump: Fix buffer overflow at UMP SysEx message conversion (bsc#1242044). * ALSA: usb-audio: Fix CME quirk for UF series keyboards (stable-fixes). * ASoC: Intel: avs: Fix null-ptr-deref in avs_component_probe() (git-fixes). * ASoC: SOF: topology: Use krealloc_array() to replace krealloc() (stable- fixes). * ASoC: amd: Add DMI quirk for ACP6X mic support (stable-fixes). * ASoC: amd: yc: update quirk data for new Lenovo model (stable-fixes). * ASoC: codecs:lpass-wsa-macro: Fix logic of enabling vi channels (git-fixes). * ASoC: codecs:lpass-wsa-macro: Fix vi feedback rate (git-fixes). * ASoC: fsl_audmix: register card device depends on 'dais' property (stable- fixes). * ASoC: imx-card: Add NULL check in imx_card_probe() (git-fixes). * ASoC: qcom: Fix sc7280 lpass potential buffer overflow (git-fixes). * ASoC: qdsp6: q6apm-dai: fix capture pipeline overruns (git-fixes). * ASoC: qdsp6: q6apm-dai: set 10 ms period and buffer alignment (git-fixes). * ASoC: qdsp6: q6asm-dai: fix q6asm_dai_compr_set_params error path (git- fixes). * ASoC: soc-pcm: Fix hw_params() and DAPM widget sequence (git-fixes). * Bluetooth: btrtl: Prevent potential NULL dereference (git-fixes). * Bluetooth: btusb: avoid NULL pointer dereference in skb_dequeue() (git- fixes). * Bluetooth: hci_event: Fix sending MGMT_EV_DEVICE_FOUND for invalid address (git-fixes). * Bluetooth: hci_uart: Fix another race during initialization (git-fixes). * Bluetooth: hci_uart: fix race during initialization (stable-fixes). * Bluetooth: l2cap: Check encryption key size on incoming connection (git- fixes). * Bluetooth: l2cap: Process valid commands in too long frame (stable-fixes). * Bluetooth: vhci: Avoid needless snprintf() calls (git-fixes). * HID: hid-plantronics: Add mic mute mapping and generalize quirks (stable- fixes). * HID: i2c-hid: improve i2c_hid_get_report error message (stable-fixes). * Input: pm8941-pwrkey - fix dev_dbg() output in pm8941_pwrkey_irq() (git- fixes). * Input: synaptics - hide unused smbus_pnp_ids[] array (git-fixes). * OPP: add index check to assert to avoid buffer overflow in _read_freq() (bsc#1238961) * PCI/MSI: Add an option to write MSIX ENTRY_DATA before any reads (git- fixes). * PCI: Fix BAR resizing when VF BARs are assigned (git-fixes). * PCI: Fix reference leak in pci_register_host_bridge() (git-fixes). * PCI: histb: Fix an error handling path in histb_pcie_probe() (git-fixes). * PCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type (stable-fixes). * RDMA/cma: Fix workqueue crash in cma_netevent_work_handler (git-fixes) * RDMA/core: Silence oversized kvmalloc() warning (git-fixes) * RDMA/hns: Fix wrong maximum DMA segment size (git-fixes) * RDMA/mana_ib: Ensure variable err is initialized (git-fixes). * RDMA/usnic: Fix passing zero to PTR_ERR in usnic_ib_pci_probe() (git-fixes) * Reapply "Merge remote-tracking branch 'origin/users/sjaeckel/SLE15-SP6/for- next' into SLE15-SP6". * Require zstd in kernel-default-devel when module compression is zstd To use ksym-provides tool modules need to be uncompressed. Without zstd at least kernel-default-base does not have provides. Link: https://github.com/openSUSE/rpm-config-SUSE/pull/82 * Revert "drivers: core: synchronize really_probe() and dev_uevent()" (stable- fixes). * Revert "drm/meson: vclk: fix calculation of 59.94 fractional rates" (git- fixes). * Revert "tcp: Fix bind() regression for v6-only wildcard and". * Revert "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()" (git-fixes). * Test the correct macro to detect RT kernel build Fixes: 470cd1a41502 ("kernel-binary: Support livepatch_rt with merged RT branch") * USB: OHCI: Add quirk for LS7A OHCI controller (rev 0x02) (stable-fixes). * USB: VLI disk crashes if LPM is used (stable-fixes). * USB: serial: ftdi_sio: add support for Abacus Electrics Optical Probe (stable-fixes). * USB: serial: option: add Sierra Wireless EM9291 (stable-fixes). * USB: serial: simple: add OWON HDS200 series oscilloscope support (stable- fixes). * USB: storage: quirk for ADATA Portable HDD CH94 (stable-fixes). * USB: wdm: add annotation (git-fixes). * USB: wdm: close race between wdm_open and wdm_wwan_port_stop (git-fixes). * USB: wdm: handle IO errors in wdm_wwan_port_start (git-fixes). * USB: wdm: wdm_wwan_port_tx_complete mutex in atomic context (git-fixes). * acpi: nfit: fix narrowing conversion in acpi_nfit_ctl (git-fixes). * affs: do not write overlarge OFS data block size fields (git-fixes). * affs: generate OFS sequence numbers starting at 1 (git-fixes). * ahci: add PCI ID for Marvell 88SE9215 SATA Controller (stable-fixes). * arch_topology: Make register_cpu_capacity_sysctl() tolerant to late (bsc#1238052) * arch_topology: init capacity_freq_ref to 0 (bsc#1238052) * arm64/amu: Use capacity_ref_freq() to set AMU ratio (bsc#1238052) * arm64: Do not call NULL in do_compat_alignment_fixup() (git-fixes) * arm64: Provide an AMU-based version of arch_freq_get_on_cpu (bsc#1238052) * arm64: Update AMU-based freq scale factor on entering idle (bsc#1238052) * arm64: Utilize for_each_cpu_wrap for reference lookup (bsc#1238052) * arm64: amu: Delay allocating cpumask for AMU FIE support (bsc#1238052) * arm64: mm: Correct the update of max_pfn (git-fixes) * asus-laptop: Fix an uninitialized variable (git-fixes). * ata: libata-sata: Save all fields from sense data descriptor (git-fixes). * ata: libata-scsi: Fix ata_mselect_control_ata_feature() return type (git- fixes). * ata: libata-scsi: Fix ata_msense_control_ata_feature() (git-fixes). * ata: libata-scsi: Improve CDL control (git-fixes). * ata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe() (git-fixes). * ata: sata_sx4: Add error handling in pdc20621_i2c_read() (git-fixes). * auxdisplay: hd44780: Convert to platform remove callback returning void (stable-fixes). * auxdisplay: hd44780: Fix an API misuse in hd44780.c (git-fixes). * badblocks: Fix error shitf ops (git-fixes). * badblocks: fix merge issue when new badblocks align with pre+1 (git-fixes). * badblocks: fix missing bad blocks on retry in _badblocks_check() (git- fixes). * badblocks: fix the using of MAX_BADBLOCKS (git-fixes). * badblocks: return error directly when setting badblocks exceeds 512 (git- fixes). * badblocks: return error if any badblock set fails (git-fixes). * blk-throttle: fix lower bps rate by throtl_trim_slice() (git-fixes). * block: change blk_mq_add_to_batch() third argument type to bool (git-fixes). * block: fix 'kmem_cache of name 'bio-108' already exists' (git-fixes). * block: fix conversion of GPT partition name to 7-bit (git-fixes). * block: fix resource leak in blk_register_queue() error path (git-fixes). * block: integrity: Do not call set_page_dirty_lock() (git-fixes). * block: make sure ->nr_integrity_segments is cloned in blk_rq_prep_clone (git-fixes). * bnxt_en: Linearize TX SKB if the fragments exceed the max (git-fixes). * bnxt_en: Mask the bd_cnt field in the TX BD properly (git-fixes). * bpf: Add missed var_off setting in coerce_subreg_to_size_sx() (git-fixes). * bpf: Add missed var_off setting in set_sext32_default_val() (git-fixes). * bpf: Check size for BTF-based ctx access of pointer members (git-fixes). * bpf: Fix theoretical prog_array UAF in __uprobe_perf_func() (git-fixes). * bpf: add find_containing_subprog() utility function (bsc#1241590). * bpf: avoid holding freeze_mutex during mmap operation (git-fixes). * bpf: check changes_pkt_data property for extension programs (bsc#1241590). * bpf: consider that tail calls invalidate packet pointers (bsc#1241590). * bpf: fix null dereference when computing changes_pkt_data of prog w/o subprogs (bsc#1241590). * bpf: fix potential error return (git-fixes). * bpf: refactor bpf_helper_changes_pkt_data to use helper number (bsc#1241590). * bpf: track changes_pkt_data property for global functions (bsc#1241590). * bpf: unify VM_WRITE vs VM_MAYWRITE use in BPF map mmaping logic (git-fixes). * btrfs: add and use helper to verify the calling task has locked the inode (bsc#1241204). * btrfs: always fallback to buffered write if the inode requires checksum (bsc#1242831 bsc#1242710). * btrfs: fix hole expansion when writing at an offset beyond EOF (bsc#1241151). * btrfs: fix missing snapshot drew unlock when root is dead during swap activation (bsc#1241204). * btrfs: fix race with memory mapped writes when activating swap file (bsc#1241204). * btrfs: fix swap file activation failure due to extents that used to be shared (bsc#1241204). * cdc_ether|r8152: ThinkPad Hybrid USB-C/A Dock quirk (stable-fixes). * char: misc: register chrdev region with all possible minors (git-fixes). * cifs: Fix integer overflow while processing actimeo mount option (git- fixes). * counter: fix privdata alignment (git-fixes). * counter: microchip-tcb-capture: Fix undefined counter channel state on probe (git-fixes). * counter: stm32-lptimer-cnt: fix error handling when enabling (git-fixes). * cpufreq/cppc: Set the frequency used for computing the capacity (bsc#1238052) * cpufreq: Allow arch_freq_get_on_cpu to return an error (bsc#1238052) * cpufreq: Introduce an optional cpuinfo_avg_freq sysfs entry (bsc#1238052) Keep the feature disabled by default on x86_64 * crypto: atmel-sha204a - Set hwrng quality to lowest possible (git-fixes). * crypto: caam/qi - Fix drv_ctx refcount bug (git-fixes). * crypto: ccp - Add support for PCI device 0x1134 (stable-fixes). * cxgb4: fix memory leak in cxgb4_init_ethtool_filters() error path (git- fixes). * dm-bufio: do not schedule in atomic context (git-fixes). * dm-ebs: fix prefetch-vs-suspend race (git-fixes). * dm-integrity: set ti->error on memory allocation failure (git-fixes). * dm-verity: fix prefetch-vs-suspend race (git-fixes). * dm: add missing unlock on in dm_keyslot_evict() (git-fixes). * dm: always update the array size in realloc_argv on success (git-fixes). * dm: fix copying after src array boundaries (git-fixes). * dmaengine: dmatest: Fix dmatest waiting less when interrupted (stable- fixes). * drivers: base: devres: Allow to release group on device release (stable- fixes). * drm/amd/display: Fix gpu reset in multidisplay config (git-fixes). * drm/amd/display: Force full update in gpu reset (stable-fixes). * drm/amd/display: add workaround flag to link to force FFE preset (stable- fixes). * drm/amd/pm/smu11: Prevent division by zero (git-fixes). * drm/amd/pm: Prevent division by zero (git-fixes). * drm/amd: Handle being compiled without SI or CIK support better (stable- fixes). * drm/amd: Keep display off while going into S4 (stable-fixes). * drm/amdgpu/dma_buf: fix page_link check (git-fixes). * drm/amdgpu/gfx11: fix num_mec (git-fixes). * drm/amdgpu: handle amdgpu_cgs_create_device() errors in amd_powerplay_create() (stable-fixes). * drm/amdkfd: Fix mode1 reset crash issue (stable-fixes). * drm/amdkfd: Fix pqm_destroy_queue race with GPU reset (stable-fixes). * drm/amdkfd: clamp queue size to minimum (stable-fixes). * drm/amdkfd: debugfs hang_hws skip GPU with MES (stable-fixes). * drm/bridge: panel: forbid initializing a panel with unknown connector type (stable-fixes). * drm/dp_mst: Add a helper to queue a topology probe (stable-fixes). * drm/dp_mst: Factor out function to queue a topology probe work (stable- fixes). * drm/fdinfo: Protect against driver unbind (git-fixes). * drm/i915/dg2: wait for HuC load completion before running selftests (stable- fixes). * drm/i915/gvt: fix unterminated-string-initialization warning (stable-fixes). * drm/i915/huc: Fix fence not released on early probe errors (git-fixes). * drm/i915/pxp: fix undefined reference to `intel_pxp_gsccs_is_ready_for_sessions' (git-fixes). * drm/i915/xelpg: Extend driver code of Xe_LPG to Xe_LPG+ (stable-fixes). * drm/i915: Disable RPG during live selftest (git-fixes). * drm/mediatek: mtk_dpi: Explicitly manage TVD clock in power on/off (stable- fixes). * drm/mediatek: mtk_dpi: Move the input_2p_en bit to platform data (stable- fixes). * drm/nouveau: Fix WARN_ON in nouveau_fence_context_kill() (git-fixes). * drm/nouveau: prime: fix ttm_bo_delayed_delete oops (git-fixes). * drm/sti: remove duplicate object names (git-fixes). * drm/tests: Add helper to create mock crtc (stable-fixes). * drm/tests: Add helper to create mock plane (stable-fixes). * drm/tests: Build KMS helpers when DRM_KUNIT_TEST_HELPERS is enabled (git- fixes). * drm/tests: cmdline: Fix drm_display_mode memory leak (git-fixes). * drm/tests: helpers: Add atomic helpers (stable-fixes). * drm/tests: helpers: Add helper for drm_display_mode_from_cea_vic() (stable- fixes). * drm/tests: helpers: Create kunit helper to destroy a drm_display_mode (stable-fixes). * drm/tests: helpers: Fix compiler warning (git-fixes). * drm/tests: modes: Fix drm_display_mode memory leak (git-fixes). * drm/tests: probe-helper: Fix drm_display_mode memory leak (git-fixes). * drm: Select DRM_KMS_HELPER from DRM_DEBUG_DP_MST_TOPOLOGY_REFS (git-fixes). * drm: allow encoder mode_set even when connectors change for crtc (stable- fixes). * drm: panel-orientation-quirks: Add new quirk for GPD Win 2 (stable-fixes). * drm: panel-orientation-quirks: Add quirk for AYA NEO Slide (stable-fixes). * drm: panel-orientation-quirks: Add quirk for OneXPlayer Mini (Intel) (stable-fixes). * drm: panel-orientation-quirks: Add quirks for AYA NEO Flip DS and KB (stable-fixes). * drm: panel-orientation-quirks: Add support for AYANEO 2S (stable-fixes). * e1000e: change k1 configuration on MTP and later platforms (git-fixes). * eth: bnxt: fix missing ring index trim on error path (git-fixes). * ethtool: Fix context creation with no parameters (git-fixes). * ethtool: Fix set RXNFC command with symmetric RSS hash (git-fixes). * ethtool: Fix wrong mod state in case of verbose and no_mask bitset (git- fixes). * ethtool: do not propagate EOPNOTSUPP from dumps (git-fixes). * ethtool: fix setting key and resetting indir at once (git-fixes). * ethtool: netlink: Add missing ethnl_ops_begin/complete (git-fixes). * ethtool: netlink: do not return SQI value if link is down (git-fixes). * ethtool: plca: fix plca enable data type while parsing the value (git- fixes). * ethtool: rss: echo the context number back (git-fixes). * exfat: do not fallback to buffered write (git-fixes). * exfat: drop ->i_size_ondisk (git-fixes). * exfat: fix soft lockup in exfat_clear_bitmap (git-fixes). * exfat: fix the infinite loop in exfat_find_last_cluster() (git-fixes). * exfat: short-circuit zero-byte writes in exfat_file_write_iter (git-fixes). * ext4: add missing brelse() for bh2 in ext4_dx_add_entry() (bsc#1242342). * ext4: correct encrypted dentry name hash when not casefolded (bsc#1242540). * ext4: do not over-report free space or inodes in statvfs (bsc#1242345). * ext4: do not treat fhandle lookup of ea_inode as FS corruption (bsc#1242347). * ext4: fix FS_IOC_GETFSMAP handling (bsc#1240557). * ext4: goto right label 'out_mmap_sem' in ext4_setattr() (bsc#1242556). * ext4: make block validity check resistent to sb bh corruption (bsc#1242348). * ext4: partial zero eof block on unaligned inode size extension (bsc#1242336). * ext4: protect ext4_release_dquot against freezing (bsc#1242335). * ext4: replace the traditional ternary conditional operator with with max()/min() (bsc#1242536). * ext4: treat end of range as exclusive in ext4_zero_range() (bsc#1242539). * ext4: unify the type of flexbg_size to unsigned int (bsc#1242538). * fbdev: omapfb: Add 'plane' value check (stable-fixes). * firmware: arm_ffa: Skip Rx buffer ownership release if not acquired (git- fixes). * firmware: arm_scmi: Balance device refcount when destroying devices (git- fixes). * firmware: cs_dsp: Ensure cs_dsp_load_coeff returns 0 on success (git-fixes). * fs/jfs: Prevent integer overflow in AG size calculation (git-fixes). * fs/jfs: cast inactags to s64 to prevent potential overflow (git-fixes). * fs/ntfs3: add prefix to bitmap_size() and use BITS_TO_U64() (bsc#1241250). * fs: better handle deep ancestor chains in is_subdir() (bsc#1242528). * fs: consistently deref the files table with rcu_dereference_raw() (bsc#1242535). * fs: do not allow non-init s_user_ns for filesystems without FS_USERNS_MOUNT (bsc#1242526). * fs: support relative paths with FSCONFIG_SET_STRING (git-fixes). * gpio: tegra186: fix resource handling in ACPI probe path (git-fixes). * gpio: zynq: Fix wakeup source leaks on device unbind (stable-fixes). * gve: handle overflow when reporting TX consumed descriptors (git-fixes). * gve: set xdp redirect target only when it is available (git-fixes). * hfs/hfsplus: fix slab-out-of-bounds in hfs_bnode_read_key (git-fixes). * hwmon: (nct6775-core) Fix out of bounds access for NCT679{8,9} (stable- fixes). * i2c: cros-ec-tunnel: defer probe if parent EC is not present (git-fixes). * i2c: imx-lpi2c: Fix clock count when probe defers (git-fixes). * ice: Add check for devm_kzalloc() (git-fixes). * ice: fix reservation of resources for RDMA when disabled (git-fixes). * ice: stop truncating queue ids when checking (git-fixes). * idpf: check error for register_netdev() on init (git-fixes). * idpf: fix adapter NULL pointer dereference on reboot (git-fixes). * igb: reject invalid external timestamp requests for 82580-based HW (git- fixes). * igc: add lock preventing multiple simultaneous PTM transactions (git-fixes). * igc: cleanup PTP module if probe fails (git-fixes). * igc: fix PTM cycle trigger logic (git-fixes). * igc: handle the IGC_PTP_ENABLED flag correctly (git-fixes). * igc: increase wait time before retrying PTM (git-fixes). * igc: move ktime snapshot into PTM retry loop (git-fixes). * iio: adc: ad7768-1: Fix conversion result sign (git-fixes). * iio: adc: ad7768-1: Move setting of val a bit later to avoid unnecessary return value check (stable-fixes). * iommu: Fix two issues in iommu_copy_struct_from_user() (git-fixes). * ipv4: fib: annotate races around nh->nh_saddr_genid and nh->nh_saddr (git- fixes). * irqchip/davinci: Remove leftover header (git-fixes). * irqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode() (git-fixes). * isofs: fix KMSAN uninit-value bug in do_isofs_readdir() (bsc#1242307). * jbd2: add a missing data flush during file and fs synchronization (bsc#1242346). * jbd2: fix off-by-one while erasing journal (bsc#1242344). * jbd2: flush filesystem device before updating tail sequence (bsc#1242333). * jbd2: increase IO priority for writing revoke records (bsc#1242332). * jbd2: increase the journal IO's priority (bsc#1242537). * jbd2: remove wrong sb->s_sequence check (bsc#1242343). * jfs: Fix uninit-value access of imap allocated in the diMount() function (git-fixes). * jfs: Prevent copying of nlink with value 0 from disk inode (git-fixes). * jfs: add sanity check for agwidth in dbMount (git-fixes). * kABI fix for sctp: detect and prevent references to a freed transport in sendmsg (git-fixes). * kABI workaround for powercap update (bsc#1241010). * kernel-binary: Support livepatch_rt with merged RT branch * kernel-source: Also update the search to match bin/env Fixes: dc2037cd8f94 ("kernel-source: Also replace bin/env" * ktest: Fix Test Failures Due to Missing LOG_FILE Directories (stable-fixes). * kunit: qemu_configs: SH: Respect kunit cmdline (git-fixes). * lib: scatterlist: fix sg_split_phys to preserve original scatterlist offsets (git-fixes). * libperf cpumap: Be tolerant of newline at the end of a cpumask (bsc#1234698 jsc#PED-12309). * libperf cpumap: Ensure empty cpumap is NULL from alloc (bsc#1234698 jsc#PED-12309). * libperf cpumap: Grow array of read CPUs in smaller increments (bsc#1234698 jsc#PED-12309). * libperf cpumap: Hide/reduce scope of MAX_NR_CPUS (bsc#1234698 jsc#PED-12309). * libperf cpumap: Remove use of perf_cpu_map__read() (bsc#1234698 jsc#PED-12309). * libperf cpumap: Rename perf_cpu_map__default_new() to perf_cpu_map__new_online_cpus() and prefer sysfs (bsc#1234698 jsc#PED-12309). * libperf cpumap: Rename perf_cpu_map__dummy_new() to perf_cpu_map__new_any_cpu() (bsc#1234698 jsc#PED-12309). * libperf cpumap: Rename perf_cpu_map__empty() to perf_cpu_map__has_any_cpu_or_is_empty() (bsc#1234698 jsc#PED-12309). * loop: LOOP_SET_FD: send uevents for partitions (git-fixes). * loop: properly send KOBJ_CHANGED uevent for disk device (git-fixes). * loop: stop using vfs_iter_{read,write} for buffered I/O (git-fixes). * md/md-bitmap: fix wrong bitmap_limit for clustermd when write sb (bsc#1238212) * media: uvcvideo: Add quirk for Actions UVC05 (stable-fixes). * mei: me: add panther lake H DID (stable-fixes). * misc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration (git-fixes). * misc: microchip: pci1xxxx: Fix incorrect IRQ status handling during ack (git-fixes). * mm/readahead: fix large folio support in async readahead (bsc#1242321). * mm: fix error handling in __filemap_get_folio() with FGP_NOWAIT (bsc#1242326). * mm: fix filemap_get_folios_contig returning batches of identical folios (bsc#1242327). * mm: fix oops when filemap_map_pmd() without prealloc_pte (bsc#1242546). * mmc: dw_mmc: add a quirk for accessing 64-bit FIFOs in two halves (stable- fixes). * mmc: renesas_sdhi: Fix error handling in renesas_sdhi_probe (git-fixes). * mmc: sdhci-pxav3: set NEED_RSP_BUSY capability (stable-fixes). * mptcp: mptcp_parse_option() fix for MPTCPOPT_MP_JOIN (git-fixes). * mptcp: refine opt_mp_capable determination (git-fixes). * mptcp: relax check on MPC passive fallback (git-fixes). * mptcp: strict validation before using mp_opt->hmac (git-fixes). * mptcp: use OPTION_MPTCP_MPJ_SYN in subflow_check_req() (git-fixes). * mtd: inftlcore: Add error check for inftl_read_oob() (git-fixes). * mtd: rawnand: Add status chack in r852_ready() (git-fixes). * net/mlx5: Fill out devlink dev info only for PFs (git-fixes). * net/mlx5: IRQ, Fix null string in debug print (git-fixes). * net/mlx5: Lag, Check shared fdb before creating MultiPort E-Switch (git- fixes). * net/mlx5: Start health poll after enable hca (git-fixes). * net/mlx5e: Fix ethtool -N flow-type ip4 to RSS context (git-fixes). * net/mlx5e: Prevent bridge link show failure for non-eswitch-allowed devices (git-fixes). * net/mlx5e: SHAMPO, Make reserved size independent of page size (git-fixes). * net/tcp: refactor tcp_inet6_sk() (git-fixes). * net: annotate data-races around sk->sk_dst_pending_confirm (git-fixes). * net: annotate data-races around sk->sk_tx_queue_mapping (git-fixes). * net: blackhole_dev: fix build warning for ethh set but not used (git-fixes). * net: ethtool: Do not call .cleanup_data when prepare_data fails (git-fixes). * net: ethtool: Fix RSS setting (git-fixes). * net: ipv6: fix UDPv6 GSO segmentation with NAT (git-fixes). * net: mana: Switch to page pool for jumbo frames (git-fixes). * net: mark racy access on sk->sk_rcvbuf (git-fixes). * net: phy: leds: fix memory leak (git-fixes). * net: phy: microchip: force IRQ polling mode for lan88xx (git-fixes). * net: sctp: fix skb leak in sctp_inq_free() (git-fixes). * net: set SOCK_RCU_FREE before inserting socket into hashtable (git-fixes). * net: usb: asix_devices: add FiberGecko DeviceID (stable-fixes). * net: usb: qmi_wwan: add Telit Cinterion FE990B composition (stable-fixes). * net: usb: qmi_wwan: add Telit Cinterion FN990B composition (stable-fixes). * net_sched: drr: Fix double list add in class with netem as child qdisc (git- fixes). * net_sched: ets: Fix double list add in class with netem as child qdisc (git- fixes). * net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (git-fixes). * net_sched: qfq: Fix double list add in class with netem as child qdisc (git- fixes). * netpoll: Use rcu_access_pointer() in netpoll_poll_lock (git-fixes). * nfs: add missing selections of CONFIG_CRC32 (git-fixes). * nfs: clear SB_RDONLY before getting superblock (bsc#1238565). * nfs: ignore SB_RDONLY when remounting nfs (bsc#1238565). * nfsd: decrease sc_count directly if fail to queue dl_recall (git-fixes). * nfsd: put dl_stid if fail to queue dl_recall (git-fixes). * ntb: Force physically contiguous allocation of rx ring buffers (git-fixes). * ntb: intel: Fix using link status DB's (git-fixes). * ntb: reduce stack usage in idt_scan_mws (stable-fixes). * ntb: use 64-bit arithmetic for the MSI doorbell mask (git-fixes). * ntb_hw_amd: Add NTB PCI ID for new gen CPU (stable-fixes). * ntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans (git-fixes). * ntb_perf: Delete duplicate dmaengine_unmap_put() call in perf_copy_chunk() (git-fixes). * ntb_perf: Fix printk format (git-fixes). * nvme-pci: clean up CMBMSC when registering CMB fails (git-fixes). * nvme-pci: fix stuck reset on concurrent DPC and HP (git-fixes). * nvme-pci: skip CMB blocks incompatible with PCI P2P DMA (git-fixes). * nvme-pci: skip nvme_write_sq_db on empty rqlist (git-fixes). * nvme-tcp: fix possible UAF in nvme_tcp_poll (git-fixes). * nvme/ioctl: do not warn on vectorized uring_cmd with fixed buffer (git- fixes). * nvmet-fcloop: swap list_add_tail arguments (git-fixes). * objtool, media: dib8000: Prevent divide-by-zero in dib8000_set_dds() (git- fixes). * objtool, spi: amd: Fix out-of-bounds stack access in amd_set_spi_freq() (git-fixes). * objtool: Fix segfault in ignore_unreachable_insn() (git-fixes). * perf cpumap: Reduce transitive dependencies on libperf MAX_NR_CPUS (bsc#1234698 jsc#PED-12309). * perf pmu: Remove use of perf_cpu_map__read() (bsc#1234698 jsc#PED-12309). * perf tools: annotate asm_pure_loop.S (bsc#1239906). * perf: Increase MAX_NR_CPUS to 4096 (bsc#1234698 jsc#PED-12309). * perf: arm_cspmu: nvidia: enable NVLINK-C2C port filtering (bsc#1242172) * perf: arm_cspmu: nvidia: fix sysfs path in the kernel doc (bsc#1242172) * perf: arm_cspmu: nvidia: monitor all ports by default (bsc#1242172) * perf: arm_cspmu: nvidia: remove unsupported SCF events (bsc#1242172) * phy: freescale: imx8m-pcie: assert phy reset and perst in power off (git- fixes). * pinctrl: renesas: rza2: Fix potential NULL pointer dereference (stable- fixes). * platform/x86/intel-uncore-freq: Fix missing uncore sysfs during CPU hotplug (git-fixes). * platform/x86/intel/vsec: Add Diamond Rapids support (stable-fixes). * platform/x86: ISST: Correct command storage data length (git-fixes). * platform/x86: intel-hid: fix volume buttons on Microsoft Surface Go 4 tablet (stable-fixes). * pm: cpupower: bench: Prevent NULL dereference on malloc failure (stable- fixes). * powercap: dtpm_devfreq: Fix error check against dev_pm_qos_add_request() (git-fixes). * powercap: intel_rapl: Introduce APIs for PMU support (bsc#1241010). * powercap: intel_rapl_tpmi: Enable PMU support (bsc#1241010). * powercap: intel_rapl_tpmi: Fix System Domain probing (git-fixes). * powercap: intel_rapl_tpmi: Fix bogus register reading (git-fixes). * powercap: intel_rapl_tpmi: Ignore minor version change (git-fixes). * powerpc/boot: Check for ld-option support (bsc#1215199). * powerpc/boot: Fix dash warning (bsc#1215199). * powerpc: Do not use --- in kernel logs (git-fixes). * pwm: fsl-ftm: Handle clk_get_rate() returning 0 (git-fixes). * pwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config() (git-fixes). * pwm: rcar: Improve register calculation (git-fixes). * rpm/check-for-config-changes: Add GCC_ASM_FLAG_OUTPUT_BROKEN * rpm/check-for-config-changes: add LD_CAN_ to IGNORED_CONFIGS_RE We now have LD_CAN_USE_KEEP_IN_OVERLAY since commit: e7607f7d6d81 ARM: 9443/1: Require linker to support KEEP within OVERLAY for DCE * rpm/check-for-config-changes: ignore DRM_MSM_VALIDATE_XML This option is dynamically enabled to build-test different configurations. This makes run_oldconfig.sh complain sporadically for arm64. * rpm/kernel-binary.spec.in: Also order against update-bootloader (boo#1228659, boo#1240785, boo#1241038). * rpm/kernel-binary.spec.in: Use OrderWithRequires (boo#1228659 boo#1241038). OrderWithRequires was introduced in rpm 4.9 (ie. SLE12+) to allow a package to inform the order of installation of other package without hard requiring that package. This means our kernel-binary packages no longer need to hard require perl-Bootloader or dracut, resolving the long-commented issue there. This is also needed for udev & systemd-boot to ensure those packages are installed before being called by dracut (boo#1228659) * rpm/kernel-binary.spec.in: revert the revert change with OrderWithRequires The recent change using OrderWithRequires addresses the known issues, but also caused regressions for the existing image or package builds. For SLE15-SPx, better to be conservative and stick with the older way. * rpm/package-descriptions: Add rt and rt_debug descriptions * rtc: pcf85063: do a SW reset if POR failed (stable-fixes). * rtnetlink: Allocate vfinfo size for VF GUIDs when supported (bsc#1224013). * s390/cio: Fix CHPID "configure" attribute caching (git-fixes bsc#1240979). * s390/pci: Fix zpci_bus_is_isolated_vf() for non-VFs (git-fixes bsc#1240978). * sched/topology: Add a new arch_scale_freq_ref() method (bsc#1238052) * scsi: core: Use GFP_NOIO to avoid circular locking dependency (git-fixes). * scsi: hisi_sas: Enable force phy when SATA disk directly connected (git- fixes). * scsi: iscsi: Fix missing scsi_host_put() in error path (git-fixes). * scsi: lpfc: Restore clearing of NLP_UNREG_INP in ndlp->nlp_flag (git-fixes). * scsi: mpi3mr: Fix locking in an error path (git-fixes). * scsi: mpt3sas: Fix a locking bug in an error path (git-fixes). * scsi: mpt3sas: Reduce log level of ignore_delay_remove message to KERN_INFO (git-fixes). * scsi: scsi_debug: Remove a reference to in_use_bm (git-fixes). * sctp: Fix undefined behavior in left shift operation (git-fixes). * sctp: add mutual exclusion in proc_sctp_do_udp_port() (git-fixes). * sctp: detect and prevent references to a freed transport in sendmsg (git- fixes). * sctp: ensure sk_state is set to CLOSED if hashing fails in sctp_listen_start (git-fixes). * sctp: fix association labeling in the duplicate COOKIE-ECHO case (git- fixes). * sctp: fix busy polling (git-fixes). * sctp: prefer struct_size over open coded arithmetic (git-fixes). * sctp: support MSG_ERRQUEUE flag in recvmsg() (git-fixes). * security, lsm: Introduce security_mptcp_add_subflow() (bsc#1240375). * selftests/bpf: Add a few tests to cover (git-fixes). * selftests/bpf: Add test for narrow ctx load for pointer args (git-fixes). * selftests/bpf: extend changes_pkt_data with cases w/o subprograms (bsc#1241590). * selftests/bpf: freplace tests for tracking of changes_packet_data (bsc#1241590). * selftests/bpf: test for changing packet data from global functions (bsc#1241590). * selftests/bpf: validate that tail call invalidates packet pointers (bsc#1241590). * selftests/futex: futex_waitv wouldblock test should fail (git-fixes). * selftests/mm: generate a temporary mountpoint for cgroup filesystem (git- fixes). * selinux: Implement mptcp_add_subflow hook (bsc#1240375). * serial: 8250_dma: terminate correct DMA in tx_dma_flush() (git-fixes). * serial: msm: Configure correct working mode before starting earlycon (git- fixes). * serial: sifive: lock port in startup()/shutdown() callbacks (git-fixes). * smb: client: fix folio leaks and perf improvements (bsc#1239997, bsc1241265). * smb: client: fix open_cached_dir retries with 'hard' mount option (bsc#1240616). * sound/virtio: Fix cancel_sync warnings on uninitialized work_structs (stable-fixes). * spi: tegra114: Do not fail set_cs_timing when delays are zero (git-fixes). * spi: tegra210-quad: add rate limiting and simplify timeout error message (stable-fixes). * spi: tegra210-quad: use WARN_ON_ONCE instead of WARN_ON for timeouts (stable-fixes). * splice: remove duplicate noinline from pipe_clear_nowait (bsc#1242328). * staging: rtl8723bs: select CONFIG_CRYPTO_LIB_AES (git-fixes). * string: Add load_unaligned_zeropad() code path to sized_strscpy() (git- fixes). * tcp: fix mptcp DSS corruption due to large pmtu xmit (git-fixes). * thunderbolt: Scan retimers after device router has been enumerated (stable- fixes). * tools/hv: update route parsing in kvp daemon (git-fixes). * tools/power turbostat: Increase CPU_SUBSET_MAXCPUS to 8192 (bsc#1241175). * tools/power turbostat: report CoreThr per measurement interval (git-fixes). * topology: Set capacity_freq_ref in all cases (bsc#1238052) * tpm, tpm_tis: Workaround failed command reception on Infineon devices (bsc#1235870). * tpm: tis: Double the timeout B to 4s (bsc#1235870). * tpm_tis: Move CRC check to generic send routine (bsc#1235870). * tpm_tis: Use responseRetry to recover from data transfer errors (bsc#1235870). * tty: n_tty: use uint for space returned by tty_write_room() (git-fixes). * tty: serial: 8250: Add Brainboxes XC devices (stable-fixes). * tty: serial: 8250: Add some more device IDs (stable-fixes). * tty: serial: fsl_lpuart: disable transmitter before changing RS485 related registers (git-fixes). * tty: serial: lpuart: only disable CTS instead of overwriting the whole UARTMODIR register (git-fixes). * ublk: set_params: properly check if parameters can be applied (git-fixes). * ucsi_ccg: Do not show failed to get FW build information error (git-fixes). * udf: Fix inode_getblk() return value (bsc#1242313). * udf: Skip parent dir link count update if corrupted (bsc#1242315). * udf: Verify inode link counts before performing rename (bsc#1242314). * usb: cdns3: Fix deadlock when using NCM gadget (git-fixes). * usb: chipidea: ci_hdrc_imx: fix call balance of regulator routines (git- fixes). * usb: chipidea: ci_hdrc_imx: implement usb_phy_init() error handling (git- fixes). * usb: dwc3: Set SUSPENDENABLE soon after phy init (git-fixes). * usb: dwc3: gadget: Avoid using reserved endpoints on Intel Merrifield (stable-fixes). * usb: dwc3: gadget: Refactor loop to avoid NULL endpoints (stable-fixes). * usb: dwc3: gadget: check that event count does not exceed event buffer length (git-fixes). * usb: dwc3: xilinx: Prevent spike in reset signal (git-fixes). * usb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev() (stable- fixes). * usb: host: max3421-hcd: Add missing spi_device_id table (stable-fixes). * usb: host: xhci-plat: mvebu: use ->quirks instead of ->init_quirk() func (stable-fixes). * usb: quirks: Add delay init quirk for SanDisk 3.2Gen1 Flash Drive (stable- fixes). * usb: quirks: add DELAY_INIT quirk for Silicon Motion Flash Drive (stable- fixes). * usb: xhci: correct debug message page size calculation (git-fixes). * usbnet:fix NPE during rx_complete (git-fixes). * vdpa/mlx5: Fix oversized null mkey longer than 32bit (git-fixes). * vfs: do not mod negative dentry count when on shrinker list (bsc#1242534). * virtchnl: make proto and filter action count unsigned (git-fixes). * vmxnet3: Fix tx queue race condition with XDP (bsc#1241394). * vmxnet3: unregister xdp rxq info in the reset path (bsc#1241394). * wifi: at76c50x: fix use after free access in at76_disconnect (git-fixes). * wifi: ath11k: fix memory leak in ath11k_xxx_remove() (git-fixes). * wifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi (stable-fixes). * wifi: ath12k: Fix invalid entry fetch in ath12k_dp_mon_srng_process (stable- fixes). * wifi: brcm80211: fmac: Add error handling for brcmf_usb_dl_writeimage() (git-fixes). * wifi: brcmfmac: keep power during suspend if board requires it (stable- fixes). * wifi: iwlwifi: fw: allocate chained SG tables for dump (stable-fixes). * wifi: iwlwifi: mvm: use the right version of the rate API (stable-fixes). * wifi: mac80211: Purge vif txq in ieee80211_do_stop() (git-fixes). * wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue() (git-fixes). * wifi: mac80211: flush the station before moving it to UN-AUTHORIZED state (stable-fixes). * wifi: mt76: mt76x2u: add TP-Link TL-WDN6200 ID to device table (stable- fixes). * wifi: plfxlc: Remove erroneous assert in plfxlc_mac_release (git-fixes). * wifi: wl1251: fix memory leak in wl1251_tx_work (git-fixes). * x86/bhi: Do not set BHI_DIS_S in 32-bit mode (bsc#1242778). * x86/bpf: Add IBHF call at end of classic BPF (bsc#1242778). * x86/bpf: Call branch history clearing sequence on exit (bsc#1242778). * x86/bugs: Add RSB mitigation document (git-fixes). * x86/bugs: Do not fill RSB on VMEXIT with eIBRS+retpoline (git-fixes). * x86/bugs: Do not fill RSB on context switch with eIBRS (git-fixes). * x86/bugs: Fix RSB clearing in indirect_branch_prediction_barrier() (git- fixes). * x86/bugs: Rename entry_ibpb() to write_ibpb() (git-fixes). * x86/bugs: Use SBPB in write_ibpb() if applicable (git-fixes). * x86/dumpstack: Fix inaccurate unwinding from exception stacks due to misplaced assignment (git-fixes). * x86/entry: Fix ORC unwinder for PUSH_REGS with save_ret=1 (git-fixes). * x86/hyperv: Fix check of return value from snp_set_vmsa() (git-fixes). * x86/microcode/AMD: Fix a -Wsometimes-uninitialized clang false positive (git-fixes). * x86/microcode/AMD: Flush patch buffer mapping after application (git-fixes). * x86/microcode/AMD: Pay attention to the stepping dynamically (git-fixes). * x86/microcode/AMD: Split load_microcode_amd() (git-fixes). * x86/microcode/AMD: Use the family,model,stepping encoded in the patch ID (git-fixes). * x86/microcode/intel: Set new revision only after a successful update (git- fixes). * x86/microcode: Remove the driver announcement and version (git-fixes). * x86/microcode: Rework early revisions reporting (git-fixes). * x86/paravirt: Move halt paravirt calls under CONFIG_PARAVIRT (git-fixes). * x86/tdx: Emit warning if IRQs are enabled during HLT #VE handling (git- fixes). * x86/tdx: Fix arch_safe_halt() execution for TDX VMs (git-fixes). * x86/uaccess: Improve performance by aligning writes to 8 bytes in copy_user_generic(), on non-FSRM/ERMS CPUs (git-fixes). * xfs: flush inodegc before swapon (git-fixes). * xhci: Fix null pointer dereference during S4 resume when resetting ep0 (bsc#1235550). * xhci: Reconfigure endpoint 0 max packet size only during endpoint reset (bsc#1235550). * xhci: fix possible null pointer deref during xhci urb enqueue (bsc#1235550). * zap_pid_ns_processes: clear TIF_NOTIFY_SIGNAL along with TIF_SIGPENDING (bsc#1241167). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1614=1 openSUSE-SLE-15.6-2025-1614=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1614=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-1614=1 * Legacy Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2025-1614=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-1614=1 Please note that this is the initial kernel livepatch without fixes itself, this package is later updated by separate standalone kernel livepatch updates. * SUSE Linux Enterprise High Availability Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-HA-15-SP6-2025-1614=1 * SUSE Linux Enterprise Workstation Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2025-1614=1 ## Package List: * openSUSE Leap 15.6 (noarch nosrc) * kernel-docs-6.4.0-150600.23.50.1 * openSUSE Leap 15.6 (noarch) * kernel-source-6.4.0-150600.23.50.1 * kernel-source-vanilla-6.4.0-150600.23.50.1 * kernel-macros-6.4.0-150600.23.50.1 * kernel-devel-6.4.0-150600.23.50.1 * kernel-docs-html-6.4.0-150600.23.50.1 * openSUSE Leap 15.6 (nosrc ppc64le x86_64) * kernel-debug-6.4.0-150600.23.50.1 * openSUSE Leap 15.6 (ppc64le x86_64) * kernel-debug-devel-debuginfo-6.4.0-150600.23.50.1 * kernel-debug-debugsource-6.4.0-150600.23.50.1 * kernel-debug-devel-6.4.0-150600.23.50.1 * kernel-debug-debuginfo-6.4.0-150600.23.50.1 * openSUSE Leap 15.6 (x86_64) * kernel-debug-vdso-6.4.0-150600.23.50.1 * kernel-kvmsmall-vdso-debuginfo-6.4.0-150600.23.50.1 * kernel-default-vdso-6.4.0-150600.23.50.1 * kernel-default-vdso-debuginfo-6.4.0-150600.23.50.1 * kernel-debug-vdso-debuginfo-6.4.0-150600.23.50.1 * kernel-kvmsmall-vdso-6.4.0-150600.23.50.1 * openSUSE Leap 15.6 (aarch64 ppc64le x86_64) * kernel-kvmsmall-devel-debuginfo-6.4.0-150600.23.50.1 * kernel-kvmsmall-debugsource-6.4.0-150600.23.50.1 * kernel-default-base-6.4.0-150600.23.50.1.150600.12.22.1 * kernel-kvmsmall-debuginfo-6.4.0-150600.23.50.1 * kernel-kvmsmall-devel-6.4.0-150600.23.50.1 * kernel-default-base-rebuild-6.4.0-150600.23.50.1.150600.12.22.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * ocfs2-kmp-default-6.4.0-150600.23.50.1 * kselftests-kmp-default-debuginfo-6.4.0-150600.23.50.1 * kernel-default-extra-6.4.0-150600.23.50.1 * kernel-default-debugsource-6.4.0-150600.23.50.1 * kernel-default-optional-debuginfo-6.4.0-150600.23.50.1 * kernel-obs-build-6.4.0-150600.23.50.1 * kernel-obs-build-debugsource-6.4.0-150600.23.50.1 * kernel-default-optional-6.4.0-150600.23.50.1 * cluster-md-kmp-default-6.4.0-150600.23.50.1 * kselftests-kmp-default-6.4.0-150600.23.50.1 * reiserfs-kmp-default-debuginfo-6.4.0-150600.23.50.1 * dlm-kmp-default-debuginfo-6.4.0-150600.23.50.1 * kernel-obs-qa-6.4.0-150600.23.50.1 * cluster-md-kmp-default-debuginfo-6.4.0-150600.23.50.1 * kernel-default-extra-debuginfo-6.4.0-150600.23.50.1 * kernel-default-debuginfo-6.4.0-150600.23.50.1 * reiserfs-kmp-default-6.4.0-150600.23.50.1 * kernel-syms-6.4.0-150600.23.50.1 * kernel-default-livepatch-6.4.0-150600.23.50.1 * kernel-default-devel-6.4.0-150600.23.50.1 * gfs2-kmp-default-6.4.0-150600.23.50.1 * kernel-default-devel-debuginfo-6.4.0-150600.23.50.1 * ocfs2-kmp-default-debuginfo-6.4.0-150600.23.50.1 * gfs2-kmp-default-debuginfo-6.4.0-150600.23.50.1 * dlm-kmp-default-6.4.0-150600.23.50.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-6.4.0-150600.23.50.1 * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP6_Update_11-debugsource-1-150600.13.3.1 * kernel-default-livepatch-devel-6.4.0-150600.23.50.1 * kernel-livepatch-6_4_0-150600_23_50-default-debuginfo-1-150600.13.3.1 * kernel-livepatch-6_4_0-150600_23_50-default-1-150600.13.3.1 * openSUSE Leap 15.6 (aarch64 nosrc ppc64le x86_64) * kernel-kvmsmall-6.4.0-150600.23.50.1 * openSUSE Leap 15.6 (nosrc s390x) * kernel-zfcpdump-6.4.0-150600.23.50.1 * openSUSE Leap 15.6 (s390x) * kernel-zfcpdump-debugsource-6.4.0-150600.23.50.1 * kernel-zfcpdump-debuginfo-6.4.0-150600.23.50.1 * openSUSE Leap 15.6 (nosrc) * dtb-aarch64-6.4.0-150600.23.50.1 * openSUSE Leap 15.6 (aarch64) * dtb-broadcom-6.4.0-150600.23.50.1 * dtb-freescale-6.4.0-150600.23.50.1 * kselftests-kmp-64kb-debuginfo-6.4.0-150600.23.50.1 * reiserfs-kmp-64kb-debuginfo-6.4.0-150600.23.50.1 * gfs2-kmp-64kb-6.4.0-150600.23.50.1 * dtb-renesas-6.4.0-150600.23.50.1 * kernel-64kb-devel-6.4.0-150600.23.50.1 * dtb-allwinner-6.4.0-150600.23.50.1 * cluster-md-kmp-64kb-debuginfo-6.4.0-150600.23.50.1 * dtb-cavium-6.4.0-150600.23.50.1 * dtb-altera-6.4.0-150600.23.50.1 * kernel-64kb-extra-6.4.0-150600.23.50.1 * kernel-64kb-extra-debuginfo-6.4.0-150600.23.50.1 * dtb-lg-6.4.0-150600.23.50.1 * ocfs2-kmp-64kb-debuginfo-6.4.0-150600.23.50.1 * reiserfs-kmp-64kb-6.4.0-150600.23.50.1 * dtb-xilinx-6.4.0-150600.23.50.1 * dtb-apple-6.4.0-150600.23.50.1 * ocfs2-kmp-64kb-6.4.0-150600.23.50.1 * dlm-kmp-64kb-debuginfo-6.4.0-150600.23.50.1 * dtb-marvell-6.4.0-150600.23.50.1 * kernel-64kb-optional-debuginfo-6.4.0-150600.23.50.1 * dtb-rockchip-6.4.0-150600.23.50.1 * dlm-kmp-64kb-6.4.0-150600.23.50.1 * gfs2-kmp-64kb-debuginfo-6.4.0-150600.23.50.1 * dtb-amd-6.4.0-150600.23.50.1 * dtb-amlogic-6.4.0-150600.23.50.1 * kernel-64kb-debugsource-6.4.0-150600.23.50.1 * kselftests-kmp-64kb-6.4.0-150600.23.50.1 * dtb-exynos-6.4.0-150600.23.50.1 * dtb-amazon-6.4.0-150600.23.50.1 * dtb-mediatek-6.4.0-150600.23.50.1 * kernel-64kb-debuginfo-6.4.0-150600.23.50.1 * dtb-sprd-6.4.0-150600.23.50.1 * dtb-qcom-6.4.0-150600.23.50.1 * dtb-socionext-6.4.0-150600.23.50.1 * dtb-arm-6.4.0-150600.23.50.1 * dtb-hisilicon-6.4.0-150600.23.50.1 * dtb-nvidia-6.4.0-150600.23.50.1 * dtb-apm-6.4.0-150600.23.50.1 * kernel-64kb-devel-debuginfo-6.4.0-150600.23.50.1 * kernel-64kb-optional-6.4.0-150600.23.50.1 * cluster-md-kmp-64kb-6.4.0-150600.23.50.1 * openSUSE Leap 15.6 (aarch64 nosrc) * kernel-64kb-6.4.0-150600.23.50.1 * Basesystem Module 15-SP6 (aarch64 nosrc) * kernel-64kb-6.4.0-150600.23.50.1 * Basesystem Module 15-SP6 (aarch64) * kernel-64kb-debugsource-6.4.0-150600.23.50.1 * kernel-64kb-devel-debuginfo-6.4.0-150600.23.50.1 * kernel-64kb-devel-6.4.0-150600.23.50.1 * kernel-64kb-debuginfo-6.4.0-150600.23.50.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-6.4.0-150600.23.50.1 * Basesystem Module 15-SP6 (aarch64 ppc64le x86_64) * kernel-default-base-6.4.0-150600.23.50.1.150600.12.22.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * kernel-default-debuginfo-6.4.0-150600.23.50.1 * kernel-default-devel-debuginfo-6.4.0-150600.23.50.1 * kernel-default-devel-6.4.0-150600.23.50.1 * kernel-default-debugsource-6.4.0-150600.23.50.1 * Basesystem Module 15-SP6 (noarch) * kernel-macros-6.4.0-150600.23.50.1 * kernel-devel-6.4.0-150600.23.50.1 * Basesystem Module 15-SP6 (nosrc s390x) * kernel-zfcpdump-6.4.0-150600.23.50.1 * Basesystem Module 15-SP6 (s390x) * kernel-zfcpdump-debugsource-6.4.0-150600.23.50.1 * kernel-zfcpdump-debuginfo-6.4.0-150600.23.50.1 * Development Tools Module 15-SP6 (noarch nosrc) * kernel-docs-6.4.0-150600.23.50.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * kernel-obs-build-debugsource-6.4.0-150600.23.50.1 * kernel-syms-6.4.0-150600.23.50.1 * kernel-obs-build-6.4.0-150600.23.50.1 * Development Tools Module 15-SP6 (noarch) * kernel-source-6.4.0-150600.23.50.1 * Legacy Module 15-SP6 (nosrc) * kernel-default-6.4.0-150600.23.50.1 * Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64) * kernel-default-debuginfo-6.4.0-150600.23.50.1 * reiserfs-kmp-default-6.4.0-150600.23.50.1 * kernel-default-debugsource-6.4.0-150600.23.50.1 * reiserfs-kmp-default-debuginfo-6.4.0-150600.23.50.1 * SUSE Linux Enterprise Live Patching 15-SP6 (nosrc) * kernel-default-6.4.0-150600.23.50.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP6_Update_11-debugsource-1-150600.13.3.1 * kernel-livepatch-6_4_0-150600_23_50-default-debuginfo-1-150600.13.3.1 * kernel-default-livepatch-6.4.0-150600.23.50.1 * kernel-default-debugsource-6.4.0-150600.23.50.1 * kernel-default-debuginfo-6.4.0-150600.23.50.1 * kernel-default-livepatch-devel-6.4.0-150600.23.50.1 * kernel-livepatch-6_4_0-150600_23_50-default-1-150600.13.3.1 * SUSE Linux Enterprise High Availability Extension 15 SP6 (aarch64 ppc64le s390x x86_64) * gfs2-kmp-default-6.4.0-150600.23.50.1 * ocfs2-kmp-default-6.4.0-150600.23.50.1 * cluster-md-kmp-default-6.4.0-150600.23.50.1 * cluster-md-kmp-default-debuginfo-6.4.0-150600.23.50.1 * gfs2-kmp-default-debuginfo-6.4.0-150600.23.50.1 * kernel-default-debugsource-6.4.0-150600.23.50.1 * kernel-default-debuginfo-6.4.0-150600.23.50.1 * ocfs2-kmp-default-debuginfo-6.4.0-150600.23.50.1 * dlm-kmp-default-debuginfo-6.4.0-150600.23.50.1 * dlm-kmp-default-6.4.0-150600.23.50.1 * SUSE Linux Enterprise High Availability Extension 15 SP6 (nosrc) * kernel-default-6.4.0-150600.23.50.1 * SUSE Linux Enterprise Workstation Extension 15 SP6 (nosrc) * kernel-default-6.4.0-150600.23.50.1 * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64) * kernel-default-debuginfo-6.4.0-150600.23.50.1 * kernel-default-extra-debuginfo-6.4.0-150600.23.50.1 * kernel-default-extra-6.4.0-150600.23.50.1 * kernel-default-debugsource-6.4.0-150600.23.50.1 ## References: * https://www.suse.com/security/cve/CVE-2023-53034.html * https://www.suse.com/security/cve/CVE-2024-27018.html * https://www.suse.com/security/cve/CVE-2024-27415.html * https://www.suse.com/security/cve/CVE-2024-28956.html * https://www.suse.com/security/cve/CVE-2024-35840.html * https://www.suse.com/security/cve/CVE-2024-46763.html * https://www.suse.com/security/cve/CVE-2024-46865.html * https://www.suse.com/security/cve/CVE-2024-50038.html * https://www.suse.com/security/cve/CVE-2024-50083.html * https://www.suse.com/security/cve/CVE-2024-50162.html * https://www.suse.com/security/cve/CVE-2024-50163.html * https://www.suse.com/security/cve/CVE-2024-53124.html * https://www.suse.com/security/cve/CVE-2024-53139.html * https://www.suse.com/security/cve/CVE-2024-56641.html * https://www.suse.com/security/cve/CVE-2024-56702.html * https://www.suse.com/security/cve/CVE-2024-57924.html * https://www.suse.com/security/cve/CVE-2024-57998.html * https://www.suse.com/security/cve/CVE-2024-58001.html * https://www.suse.com/security/cve/CVE-2024-58018.html * https://www.suse.com/security/cve/CVE-2024-58068.html * https://www.suse.com/security/cve/CVE-2024-58070.html * https://www.suse.com/security/cve/CVE-2024-58071.html * https://www.suse.com/security/cve/CVE-2024-58088.html * https://www.suse.com/security/cve/CVE-2024-58093.html * https://www.suse.com/security/cve/CVE-2024-58094.html * https://www.suse.com/security/cve/CVE-2024-58095.html * https://www.suse.com/security/cve/CVE-2024-58096.html * https://www.suse.com/security/cve/CVE-2024-58097.html * https://www.suse.com/security/cve/CVE-2025-21683.html * https://www.suse.com/security/cve/CVE-2025-21696.html * https://www.suse.com/security/cve/CVE-2025-21707.html * https://www.suse.com/security/cve/CVE-2025-21729.html * https://www.suse.com/security/cve/CVE-2025-21755.html * https://www.suse.com/security/cve/CVE-2025-21758.html * https://www.suse.com/security/cve/CVE-2025-21768.html * https://www.suse.com/security/cve/CVE-2025-21792.html * https://www.suse.com/security/cve/CVE-2025-21806.html * https://www.suse.com/security/cve/CVE-2025-21808.html * https://www.suse.com/security/cve/CVE-2025-21812.html * https://www.suse.com/security/cve/CVE-2025-21833.html * https://www.suse.com/security/cve/CVE-2025-21836.html * https://www.suse.com/security/cve/CVE-2025-21852.html * https://www.suse.com/security/cve/CVE-2025-21853.html * https://www.suse.com/security/cve/CVE-2025-21854.html * https://www.suse.com/security/cve/CVE-2025-21863.html * https://www.suse.com/security/cve/CVE-2025-21867.html * https://www.suse.com/security/cve/CVE-2025-21873.html * https://www.suse.com/security/cve/CVE-2025-21875.html * https://www.suse.com/security/cve/CVE-2025-21881.html * https://www.suse.com/security/cve/CVE-2025-21884.html * https://www.suse.com/security/cve/CVE-2025-21887.html * https://www.suse.com/security/cve/CVE-2025-21889.html * https://www.suse.com/security/cve/CVE-2025-21894.html * https://www.suse.com/security/cve/CVE-2025-21895.html * https://www.suse.com/security/cve/CVE-2025-21904.html * https://www.suse.com/security/cve/CVE-2025-21905.html * https://www.suse.com/security/cve/CVE-2025-21906.html * https://www.suse.com/security/cve/CVE-2025-21908.html * https://www.suse.com/security/cve/CVE-2025-21909.html * https://www.suse.com/security/cve/CVE-2025-21910.html * https://www.suse.com/security/cve/CVE-2025-21912.html * https://www.suse.com/security/cve/CVE-2025-21913.html * https://www.suse.com/security/cve/CVE-2025-21914.html * https://www.suse.com/security/cve/CVE-2025-21915.html * https://www.suse.com/security/cve/CVE-2025-21916.html * https://www.suse.com/security/cve/CVE-2025-21917.html * https://www.suse.com/security/cve/CVE-2025-21918.html * https://www.suse.com/security/cve/CVE-2025-21922.html * https://www.suse.com/security/cve/CVE-2025-21923.html * https://www.suse.com/security/cve/CVE-2025-21924.html * https://www.suse.com/security/cve/CVE-2025-21925.html * https://www.suse.com/security/cve/CVE-2025-21926.html * https://www.suse.com/security/cve/CVE-2025-21927.html * https://www.suse.com/security/cve/CVE-2025-21928.html * https://www.suse.com/security/cve/CVE-2025-21930.html * https://www.suse.com/security/cve/CVE-2025-21931.html * https://www.suse.com/security/cve/CVE-2025-21934.html * https://www.suse.com/security/cve/CVE-2025-21935.html * https://www.suse.com/security/cve/CVE-2025-21936.html * https://www.suse.com/security/cve/CVE-2025-21937.html * https://www.suse.com/security/cve/CVE-2025-21941.html * https://www.suse.com/security/cve/CVE-2025-21943.html * https://www.suse.com/security/cve/CVE-2025-21948.html * https://www.suse.com/security/cve/CVE-2025-21950.html * https://www.suse.com/security/cve/CVE-2025-21951.html * https://www.suse.com/security/cve/CVE-2025-21953.html * https://www.suse.com/security/cve/CVE-2025-21956.html * https://www.suse.com/security/cve/CVE-2025-21957.html * https://www.suse.com/security/cve/CVE-2025-21960.html * https://www.suse.com/security/cve/CVE-2025-21961.html * https://www.suse.com/security/cve/CVE-2025-21962.html * https://www.suse.com/security/cve/CVE-2025-21963.html * https://www.suse.com/security/cve/CVE-2025-21964.html * https://www.suse.com/security/cve/CVE-2025-21966.html * https://www.suse.com/security/cve/CVE-2025-21968.html * https://www.suse.com/security/cve/CVE-2025-21969.html * https://www.suse.com/security/cve/CVE-2025-21970.html * https://www.suse.com/security/cve/CVE-2025-21971.html * https://www.suse.com/security/cve/CVE-2025-21972.html * https://www.suse.com/security/cve/CVE-2025-21975.html * https://www.suse.com/security/cve/CVE-2025-21978.html * https://www.suse.com/security/cve/CVE-2025-21979.html * https://www.suse.com/security/cve/CVE-2025-21980.html * https://www.suse.com/security/cve/CVE-2025-21981.html * https://www.suse.com/security/cve/CVE-2025-21985.html * https://www.suse.com/security/cve/CVE-2025-21991.html * https://www.suse.com/security/cve/CVE-2025-21992.html * https://www.suse.com/security/cve/CVE-2025-21993.html * https://www.suse.com/security/cve/CVE-2025-21995.html * https://www.suse.com/security/cve/CVE-2025-21996.html * https://www.suse.com/security/cve/CVE-2025-21999.html * https://www.suse.com/security/cve/CVE-2025-22001.html * https://www.suse.com/security/cve/CVE-2025-22003.html * https://www.suse.com/security/cve/CVE-2025-22004.html * https://www.suse.com/security/cve/CVE-2025-22007.html * https://www.suse.com/security/cve/CVE-2025-22008.html * https://www.suse.com/security/cve/CVE-2025-22009.html * https://www.suse.com/security/cve/CVE-2025-22010.html * https://www.suse.com/security/cve/CVE-2025-22013.html * https://www.suse.com/security/cve/CVE-2025-22014.html * https://www.suse.com/security/cve/CVE-2025-22015.html * https://www.suse.com/security/cve/CVE-2025-22016.html * https://www.suse.com/security/cve/CVE-2025-22017.html * https://www.suse.com/security/cve/CVE-2025-22018.html * https://www.suse.com/security/cve/CVE-2025-22020.html * https://www.suse.com/security/cve/CVE-2025-22025.html * https://www.suse.com/security/cve/CVE-2025-22027.html * https://www.suse.com/security/cve/CVE-2025-22029.html * https://www.suse.com/security/cve/CVE-2025-22033.html * https://www.suse.com/security/cve/CVE-2025-22036.html * https://www.suse.com/security/cve/CVE-2025-22044.html * https://www.suse.com/security/cve/CVE-2025-22045.html * https://www.suse.com/security/cve/CVE-2025-22050.html * https://www.suse.com/security/cve/CVE-2025-22053.html * https://www.suse.com/security/cve/CVE-2025-22055.html * https://www.suse.com/security/cve/CVE-2025-22058.html * https://www.suse.com/security/cve/CVE-2025-22060.html * https://www.suse.com/security/cve/CVE-2025-22062.html * https://www.suse.com/security/cve/CVE-2025-22064.html * https://www.suse.com/security/cve/CVE-2025-22065.html * https://www.suse.com/security/cve/CVE-2025-22075.html * https://www.suse.com/security/cve/CVE-2025-22080.html * https://www.suse.com/security/cve/CVE-2025-22086.html * https://www.suse.com/security/cve/CVE-2025-22088.html * https://www.suse.com/security/cve/CVE-2025-22090.html * https://www.suse.com/security/cve/CVE-2025-22093.html * https://www.suse.com/security/cve/CVE-2025-22097.html * https://www.suse.com/security/cve/CVE-2025-22102.html * https://www.suse.com/security/cve/CVE-2025-22104.html * https://www.suse.com/security/cve/CVE-2025-22105.html * https://www.suse.com/security/cve/CVE-2025-22106.html * https://www.suse.com/security/cve/CVE-2025-22107.html * https://www.suse.com/security/cve/CVE-2025-22108.html * https://www.suse.com/security/cve/CVE-2025-22109.html * https://www.suse.com/security/cve/CVE-2025-22115.html * https://www.suse.com/security/cve/CVE-2025-22116.html * https://www.suse.com/security/cve/CVE-2025-22121.html * https://www.suse.com/security/cve/CVE-2025-22128.html * https://www.suse.com/security/cve/CVE-2025-2312.html * https://www.suse.com/security/cve/CVE-2025-23129.html * https://www.suse.com/security/cve/CVE-2025-23131.html * https://www.suse.com/security/cve/CVE-2025-23133.html * https://www.suse.com/security/cve/CVE-2025-23136.html * https://www.suse.com/security/cve/CVE-2025-23138.html * https://www.suse.com/security/cve/CVE-2025-23145.html * https://www.suse.com/security/cve/CVE-2025-37785.html * https://www.suse.com/security/cve/CVE-2025-37798.html * https://www.suse.com/security/cve/CVE-2025-37799.html * https://www.suse.com/security/cve/CVE-2025-37860.html * https://www.suse.com/security/cve/CVE-2025-39728.html * https://bugzilla.suse.com/show_bug.cgi?id=1215199 * https://bugzilla.suse.com/show_bug.cgi?id=1223809 * https://bugzilla.suse.com/show_bug.cgi?id=1224013 * https://bugzilla.suse.com/show_bug.cgi?id=1224597 * https://bugzilla.suse.com/show_bug.cgi?id=1224757 * https://bugzilla.suse.com/show_bug.cgi?id=1228659 * https://bugzilla.suse.com/show_bug.cgi?id=1230764 * https://bugzilla.suse.com/show_bug.cgi?id=1231103 * https://bugzilla.suse.com/show_bug.cgi?id=1231910 * https://bugzilla.suse.com/show_bug.cgi?id=1232493 * https://bugzilla.suse.com/show_bug.cgi?id=1233075 * https://bugzilla.suse.com/show_bug.cgi?id=1233098 * https://bugzilla.suse.com/show_bug.cgi?id=1234074 * https://bugzilla.suse.com/show_bug.cgi?id=1234157 * https://bugzilla.suse.com/show_bug.cgi?id=1234698 * https://bugzilla.suse.com/show_bug.cgi?id=1235501 * https://bugzilla.suse.com/show_bug.cgi?id=1235526 * https://bugzilla.suse.com/show_bug.cgi?id=1235550 * https://bugzilla.suse.com/show_bug.cgi?id=1235870 * https://bugzilla.suse.com/show_bug.cgi?id=1236086 * https://bugzilla.suse.com/show_bug.cgi?id=1236704 * https://bugzilla.suse.com/show_bug.cgi?id=1237111 * https://bugzilla.suse.com/show_bug.cgi?id=1237874 * https://bugzilla.suse.com/show_bug.cgi?id=1237882 * https://bugzilla.suse.com/show_bug.cgi?id=1238052 * https://bugzilla.suse.com/show_bug.cgi?id=1238212 * https://bugzilla.suse.com/show_bug.cgi?id=1238471 * https://bugzilla.suse.com/show_bug.cgi?id=1238527 * https://bugzilla.suse.com/show_bug.cgi?id=1238565 * https://bugzilla.suse.com/show_bug.cgi?id=1238714 * https://bugzilla.suse.com/show_bug.cgi?id=1238737 * https://bugzilla.suse.com/show_bug.cgi?id=1238742 * https://bugzilla.suse.com/show_bug.cgi?id=1238745 * https://bugzilla.suse.com/show_bug.cgi?id=1238746 * https://bugzilla.suse.com/show_bug.cgi?id=1238862 * https://bugzilla.suse.com/show_bug.cgi?id=1238961 * https://bugzilla.suse.com/show_bug.cgi?id=1238970 * https://bugzilla.suse.com/show_bug.cgi?id=1238983 * https://bugzilla.suse.com/show_bug.cgi?id=1238990 * https://bugzilla.suse.com/show_bug.cgi?id=1239066 * https://bugzilla.suse.com/show_bug.cgi?id=1239079 * https://bugzilla.suse.com/show_bug.cgi?id=1239108 * https://bugzilla.suse.com/show_bug.cgi?id=1239470 * https://bugzilla.suse.com/show_bug.cgi?id=1239475 * https://bugzilla.suse.com/show_bug.cgi?id=1239476 * https://bugzilla.suse.com/show_bug.cgi?id=1239487 * https://bugzilla.suse.com/show_bug.cgi?id=1239510 * https://bugzilla.suse.com/show_bug.cgi?id=1239684 * https://bugzilla.suse.com/show_bug.cgi?id=1239906 * https://bugzilla.suse.com/show_bug.cgi?id=1239925 * https://bugzilla.suse.com/show_bug.cgi?id=1239997 * https://bugzilla.suse.com/show_bug.cgi?id=1240167 * https://bugzilla.suse.com/show_bug.cgi?id=1240168 * https://bugzilla.suse.com/show_bug.cgi?id=1240171 * https://bugzilla.suse.com/show_bug.cgi?id=1240176 * https://bugzilla.suse.com/show_bug.cgi?id=1240181 * https://bugzilla.suse.com/show_bug.cgi?id=1240184 * https://bugzilla.suse.com/show_bug.cgi?id=1240185 * https://bugzilla.suse.com/show_bug.cgi?id=1240375 * https://bugzilla.suse.com/show_bug.cgi?id=1240557 * https://bugzilla.suse.com/show_bug.cgi?id=1240575 * https://bugzilla.suse.com/show_bug.cgi?id=1240576 * https://bugzilla.suse.com/show_bug.cgi?id=1240581 * https://bugzilla.suse.com/show_bug.cgi?id=1240582 * https://bugzilla.suse.com/show_bug.cgi?id=1240583 * https://bugzilla.suse.com/show_bug.cgi?id=1240584 * https://bugzilla.suse.com/show_bug.cgi?id=1240585 * https://bugzilla.suse.com/show_bug.cgi?id=1240587 * https://bugzilla.suse.com/show_bug.cgi?id=1240590 * https://bugzilla.suse.com/show_bug.cgi?id=1240591 * https://bugzilla.suse.com/show_bug.cgi?id=1240592 * https://bugzilla.suse.com/show_bug.cgi?id=1240594 * https://bugzilla.suse.com/show_bug.cgi?id=1240595 * https://bugzilla.suse.com/show_bug.cgi?id=1240596 * https://bugzilla.suse.com/show_bug.cgi?id=1240600 * https://bugzilla.suse.com/show_bug.cgi?id=1240612 * https://bugzilla.suse.com/show_bug.cgi?id=1240616 * https://bugzilla.suse.com/show_bug.cgi?id=1240639 * https://bugzilla.suse.com/show_bug.cgi?id=1240643 * https://bugzilla.suse.com/show_bug.cgi?id=1240647 * https://bugzilla.suse.com/show_bug.cgi?id=1240655 * https://bugzilla.suse.com/show_bug.cgi?id=1240691 * https://bugzilla.suse.com/show_bug.cgi?id=1240700 * https://bugzilla.suse.com/show_bug.cgi?id=1240701 * https://bugzilla.suse.com/show_bug.cgi?id=1240703 * https://bugzilla.suse.com/show_bug.cgi?id=1240708 * https://bugzilla.suse.com/show_bug.cgi?id=1240709 * https://bugzilla.suse.com/show_bug.cgi?id=1240712 * https://bugzilla.suse.com/show_bug.cgi?id=1240713 * https://bugzilla.suse.com/show_bug.cgi?id=1240714 * https://bugzilla.suse.com/show_bug.cgi?id=1240715 * https://bugzilla.suse.com/show_bug.cgi?id=1240716 * https://bugzilla.suse.com/show_bug.cgi?id=1240717 * https://bugzilla.suse.com/show_bug.cgi?id=1240718 * https://bugzilla.suse.com/show_bug.cgi?id=1240719 * https://bugzilla.suse.com/show_bug.cgi?id=1240720 * https://bugzilla.suse.com/show_bug.cgi?id=1240722 * https://bugzilla.suse.com/show_bug.cgi?id=1240727 * https://bugzilla.suse.com/show_bug.cgi?id=1240739 * https://bugzilla.suse.com/show_bug.cgi?id=1240740 * https://bugzilla.suse.com/show_bug.cgi?id=1240742 * https://bugzilla.suse.com/show_bug.cgi?id=1240779 * https://bugzilla.suse.com/show_bug.cgi?id=1240783 * https://bugzilla.suse.com/show_bug.cgi?id=1240784 * https://bugzilla.suse.com/show_bug.cgi?id=1240785 * https://bugzilla.suse.com/show_bug.cgi?id=1240795 * https://bugzilla.suse.com/show_bug.cgi?id=1240796 * https://bugzilla.suse.com/show_bug.cgi?id=1240797 * https://bugzilla.suse.com/show_bug.cgi?id=1240799 * https://bugzilla.suse.com/show_bug.cgi?id=1240801 * https://bugzilla.suse.com/show_bug.cgi?id=1240802 * https://bugzilla.suse.com/show_bug.cgi?id=1240806 * https://bugzilla.suse.com/show_bug.cgi?id=1240808 * https://bugzilla.suse.com/show_bug.cgi?id=1240809 * https://bugzilla.suse.com/show_bug.cgi?id=1240811 * https://bugzilla.suse.com/show_bug.cgi?id=1240812 * https://bugzilla.suse.com/show_bug.cgi?id=1240813 * https://bugzilla.suse.com/show_bug.cgi?id=1240815 * https://bugzilla.suse.com/show_bug.cgi?id=1240816 * https://bugzilla.suse.com/show_bug.cgi?id=1240819 * https://bugzilla.suse.com/show_bug.cgi?id=1240821 * https://bugzilla.suse.com/show_bug.cgi?id=1240825 * https://bugzilla.suse.com/show_bug.cgi?id=1240829 * https://bugzilla.suse.com/show_bug.cgi?id=1240835 * https://bugzilla.suse.com/show_bug.cgi?id=1240873 * https://bugzilla.suse.com/show_bug.cgi?id=1240934 * https://bugzilla.suse.com/show_bug.cgi?id=1240936 * https://bugzilla.suse.com/show_bug.cgi?id=1240937 * https://bugzilla.suse.com/show_bug.cgi?id=1240938 * https://bugzilla.suse.com/show_bug.cgi?id=1240940 * https://bugzilla.suse.com/show_bug.cgi?id=1240942 * https://bugzilla.suse.com/show_bug.cgi?id=1240943 * https://bugzilla.suse.com/show_bug.cgi?id=1240944 * https://bugzilla.suse.com/show_bug.cgi?id=1240978 * https://bugzilla.suse.com/show_bug.cgi?id=1240979 * https://bugzilla.suse.com/show_bug.cgi?id=1241010 * https://bugzilla.suse.com/show_bug.cgi?id=1241038 * https://bugzilla.suse.com/show_bug.cgi?id=1241051 * https://bugzilla.suse.com/show_bug.cgi?id=1241123 * https://bugzilla.suse.com/show_bug.cgi?id=1241151 * https://bugzilla.suse.com/show_bug.cgi?id=1241167 * https://bugzilla.suse.com/show_bug.cgi?id=1241175 * https://bugzilla.suse.com/show_bug.cgi?id=1241204 * https://bugzilla.suse.com/show_bug.cgi?id=1241250 * https://bugzilla.suse.com/show_bug.cgi?id=1241265 * https://bugzilla.suse.com/show_bug.cgi?id=1241266 * https://bugzilla.suse.com/show_bug.cgi?id=1241280 * https://bugzilla.suse.com/show_bug.cgi?id=1241332 * https://bugzilla.suse.com/show_bug.cgi?id=1241333 * https://bugzilla.suse.com/show_bug.cgi?id=1241341 * https://bugzilla.suse.com/show_bug.cgi?id=1241343 * https://bugzilla.suse.com/show_bug.cgi?id=1241344 * https://bugzilla.suse.com/show_bug.cgi?id=1241347 * https://bugzilla.suse.com/show_bug.cgi?id=1241357 * https://bugzilla.suse.com/show_bug.cgi?id=1241361 * https://bugzilla.suse.com/show_bug.cgi?id=1241369 * https://bugzilla.suse.com/show_bug.cgi?id=1241371 * https://bugzilla.suse.com/show_bug.cgi?id=1241373 * https://bugzilla.suse.com/show_bug.cgi?id=1241378 * https://bugzilla.suse.com/show_bug.cgi?id=1241394 * https://bugzilla.suse.com/show_bug.cgi?id=1241402 * https://bugzilla.suse.com/show_bug.cgi?id=1241412 * https://bugzilla.suse.com/show_bug.cgi?id=1241413 * https://bugzilla.suse.com/show_bug.cgi?id=1241416 * https://bugzilla.suse.com/show_bug.cgi?id=1241424 * https://bugzilla.suse.com/show_bug.cgi?id=1241426 * https://bugzilla.suse.com/show_bug.cgi?id=1241433 * https://bugzilla.suse.com/show_bug.cgi?id=1241436 * https://bugzilla.suse.com/show_bug.cgi?id=1241441 * https://bugzilla.suse.com/show_bug.cgi?id=1241442 * https://bugzilla.suse.com/show_bug.cgi?id=1241443 * https://bugzilla.suse.com/show_bug.cgi?id=1241451 * https://bugzilla.suse.com/show_bug.cgi?id=1241452 * https://bugzilla.suse.com/show_bug.cgi?id=1241456 * https://bugzilla.suse.com/show_bug.cgi?id=1241458 * https://bugzilla.suse.com/show_bug.cgi?id=1241459 * https://bugzilla.suse.com/show_bug.cgi?id=1241526 * https://bugzilla.suse.com/show_bug.cgi?id=1241528 * https://bugzilla.suse.com/show_bug.cgi?id=1241537 * https://bugzilla.suse.com/show_bug.cgi?id=1241541 * https://bugzilla.suse.com/show_bug.cgi?id=1241545 * https://bugzilla.suse.com/show_bug.cgi?id=1241547 * https://bugzilla.suse.com/show_bug.cgi?id=1241548 * https://bugzilla.suse.com/show_bug.cgi?id=1241550 * https://bugzilla.suse.com/show_bug.cgi?id=1241573 * https://bugzilla.suse.com/show_bug.cgi?id=1241574 * https://bugzilla.suse.com/show_bug.cgi?id=1241575 * https://bugzilla.suse.com/show_bug.cgi?id=1241578 * https://bugzilla.suse.com/show_bug.cgi?id=1241590 * https://bugzilla.suse.com/show_bug.cgi?id=1241593 * https://bugzilla.suse.com/show_bug.cgi?id=1241598 * https://bugzilla.suse.com/show_bug.cgi?id=1241599 * https://bugzilla.suse.com/show_bug.cgi?id=1241601 * https://bugzilla.suse.com/show_bug.cgi?id=1241626 * https://bugzilla.suse.com/show_bug.cgi?id=1241640 * https://bugzilla.suse.com/show_bug.cgi?id=1241648 * https://bugzilla.suse.com/show_bug.cgi?id=1242006 * https://bugzilla.suse.com/show_bug.cgi?id=1242044 * https://bugzilla.suse.com/show_bug.cgi?id=1242172 * https://bugzilla.suse.com/show_bug.cgi?id=1242283 * https://bugzilla.suse.com/show_bug.cgi?id=1242307 * https://bugzilla.suse.com/show_bug.cgi?id=1242313 * https://bugzilla.suse.com/show_bug.cgi?id=1242314 * https://bugzilla.suse.com/show_bug.cgi?id=1242315 * https://bugzilla.suse.com/show_bug.cgi?id=1242321 * https://bugzilla.suse.com/show_bug.cgi?id=1242326 * https://bugzilla.suse.com/show_bug.cgi?id=1242327 * https://bugzilla.suse.com/show_bug.cgi?id=1242328 * https://bugzilla.suse.com/show_bug.cgi?id=1242332 * https://bugzilla.suse.com/show_bug.cgi?id=1242333 * https://bugzilla.suse.com/show_bug.cgi?id=1242335 * https://bugzilla.suse.com/show_bug.cgi?id=1242336 * https://bugzilla.suse.com/show_bug.cgi?id=1242342 * https://bugzilla.suse.com/show_bug.cgi?id=1242343 * https://bugzilla.suse.com/show_bug.cgi?id=1242344 * https://bugzilla.suse.com/show_bug.cgi?id=1242345 * https://bugzilla.suse.com/show_bug.cgi?id=1242346 * https://bugzilla.suse.com/show_bug.cgi?id=1242347 * https://bugzilla.suse.com/show_bug.cgi?id=1242348 * https://bugzilla.suse.com/show_bug.cgi?id=1242414 * https://bugzilla.suse.com/show_bug.cgi?id=1242526 * https://bugzilla.suse.com/show_bug.cgi?id=1242528 * https://bugzilla.suse.com/show_bug.cgi?id=1242534 * https://bugzilla.suse.com/show_bug.cgi?id=1242535 * https://bugzilla.suse.com/show_bug.cgi?id=1242536 * https://bugzilla.suse.com/show_bug.cgi?id=1242537 * https://bugzilla.suse.com/show_bug.cgi?id=1242538 * https://bugzilla.suse.com/show_bug.cgi?id=1242539 * https://bugzilla.suse.com/show_bug.cgi?id=1242540 * https://bugzilla.suse.com/show_bug.cgi?id=1242546 * https://bugzilla.suse.com/show_bug.cgi?id=1242556 * https://bugzilla.suse.com/show_bug.cgi?id=1242596 * https://bugzilla.suse.com/show_bug.cgi?id=1242710 * https://bugzilla.suse.com/show_bug.cgi?id=1242778 * https://bugzilla.suse.com/show_bug.cgi?id=1242831 * https://bugzilla.suse.com/show_bug.cgi?id=1242985 * https://jira.suse.com/browse/PED-12309 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 21 12:35:49 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 21 May 2025 12:35:49 -0000 Subject: SUSE-OU-2025:01613-1: moderate: Optional update for kea, log4cplus Message-ID: <174783094928.21669.14766460300359492638@smelt2.prg2.suse.org> # Optional update for kea, log4cplus Announcement ID: SUSE-OU-2025:01613-1 Release Date: 2025-05-21T09:48:15Z Rating: moderate References: * jsc#PED-11477 Affected Products: * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that contains one feature can now be installed. ## Description: This update for kea, log4cplus fixes the following issues: This update ships kea in version 2.6.1. (jsc#PED-11477) KEA is DHCP Server implementation, includes all the most-requested features, is far newer, and is designed for a more modern network environment. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1613=1 openSUSE-SLE-15.6-2025-1613=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-1613=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libkea-stats41-debuginfo-2.6.1-150600.13.3.5 * libkea-eval69-2.6.1-150600.13.3.5 * libkea-process72-2.6.1-150600.13.3.5 * libkea-asiolink71-debuginfo-2.6.1-150600.13.3.5 * libkea-d2srv46-debuginfo-2.6.1-150600.13.3.5 * libkea-log61-debuginfo-2.6.1-150600.13.3.5 * python3-kea-2.6.1-150600.13.3.5 * libkea-pgsql70-2.6.1-150600.13.3.5 * libkea-stats41-2.6.1-150600.13.3.5 * libkea-cryptolink50-debuginfo-2.6.1-150600.13.3.5 * libkea-cc68-debuginfo-2.6.1-150600.13.3.5 * libkea-mysql70-debuginfo-2.6.1-150600.13.3.5 * libkea-util84-debuginfo-2.6.1-150600.13.3.5 * libkea-asiodns48-debuginfo-2.6.1-150600.13.3.5 * libkea-cc68-2.6.1-150600.13.3.5 * libkea-util84-2.6.1-150600.13.3.5 * libkea-util-io0-2.6.1-150600.13.3.5 * liblog4cplus-2_1-9-debuginfo-2.1.1-150600.13.3.2 * libkea-dns++56-debuginfo-2.6.1-150600.13.3.5 * libkea-asiolink71-2.6.1-150600.13.3.5 * libkea-log61-2.6.1-150600.13.3.5 * libkea-process72-debuginfo-2.6.1-150600.13.3.5 * libkea-tcp18-debuginfo-2.6.1-150600.13.3.5 * libkea-exceptions33-2.6.1-150600.13.3.5 * libkea-exceptions33-debuginfo-2.6.1-150600.13.3.5 * kea-hooks-2.6.1-150600.13.3.5 * liblog4cplus-2_1-9-2.1.1-150600.13.3.2 * libkea-pgsql70-debuginfo-2.6.1-150600.13.3.5 * libkea-cfgclient65-2.6.1-150600.13.3.5 * libkea-tcp18-2.6.1-150600.13.3.5 * libkea-http71-2.6.1-150600.13.3.5 * libkea-database61-2.6.1-150600.13.3.5 * kea-debugsource-2.6.1-150600.13.3.5 * libkea-eval69-debuginfo-2.6.1-150600.13.3.5 * libkea-d2srv46-2.6.1-150600.13.3.5 * libkea-asiodns48-2.6.1-150600.13.3.5 * libkea-dhcp_ddns56-debuginfo-2.6.1-150600.13.3.5 * libkea-dhcp++90-debuginfo-2.6.1-150600.13.3.5 * log4cplus-debugsource-2.1.1-150600.13.3.2 * libkea-dhcpsrv109-2.6.1-150600.13.3.5 * libkea-hooks98-2.6.1-150600.13.3.5 * libkea-mysql70-2.6.1-150600.13.3.5 * libkea-dhcpsrv109-debuginfo-2.6.1-150600.13.3.5 * libkea-dhcp_ddns56-2.6.1-150600.13.3.5 * kea-debuginfo-2.6.1-150600.13.3.5 * libkea-cryptolink50-2.6.1-150600.13.3.5 * libkea-cfgclient65-debuginfo-2.6.1-150600.13.3.5 * kea-hooks-debuginfo-2.6.1-150600.13.3.5 * kea-devel-2.6.1-150600.13.3.5 * libkea-util-io0-debuginfo-2.6.1-150600.13.3.5 * libkea-hooks98-debuginfo-2.6.1-150600.13.3.5 * libkea-http71-debuginfo-2.6.1-150600.13.3.5 * kea-2.6.1-150600.13.3.5 * libkea-database61-debuginfo-2.6.1-150600.13.3.5 * libkea-dhcp++90-2.6.1-150600.13.3.5 * libkea-dns++56-2.6.1-150600.13.3.5 * log4cplus-devel-2.1.1-150600.13.3.2 * openSUSE Leap 15.6 (noarch) * kea-doc-2.6.1-150600.13.3.5 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libkea-stats41-debuginfo-2.6.1-150600.13.3.5 * libkea-eval69-2.6.1-150600.13.3.5 * libkea-process72-2.6.1-150600.13.3.5 * libkea-asiolink71-debuginfo-2.6.1-150600.13.3.5 * libkea-d2srv46-debuginfo-2.6.1-150600.13.3.5 * libkea-log61-debuginfo-2.6.1-150600.13.3.5 * python3-kea-2.6.1-150600.13.3.5 * libkea-pgsql70-2.6.1-150600.13.3.5 * libkea-stats41-2.6.1-150600.13.3.5 * libkea-cryptolink50-debuginfo-2.6.1-150600.13.3.5 * libkea-cc68-debuginfo-2.6.1-150600.13.3.5 * libkea-mysql70-debuginfo-2.6.1-150600.13.3.5 * libkea-util84-debuginfo-2.6.1-150600.13.3.5 * libkea-asiodns48-debuginfo-2.6.1-150600.13.3.5 * libkea-cc68-2.6.1-150600.13.3.5 * libkea-util84-2.6.1-150600.13.3.5 * libkea-util-io0-2.6.1-150600.13.3.5 * liblog4cplus-2_1-9-debuginfo-2.1.1-150600.13.3.2 * libkea-dns++56-debuginfo-2.6.1-150600.13.3.5 * libkea-asiolink71-2.6.1-150600.13.3.5 * libkea-log61-2.6.1-150600.13.3.5 * libkea-process72-debuginfo-2.6.1-150600.13.3.5 * libkea-tcp18-debuginfo-2.6.1-150600.13.3.5 * libkea-exceptions33-2.6.1-150600.13.3.5 * libkea-exceptions33-debuginfo-2.6.1-150600.13.3.5 * kea-hooks-2.6.1-150600.13.3.5 * liblog4cplus-2_1-9-2.1.1-150600.13.3.2 * libkea-pgsql70-debuginfo-2.6.1-150600.13.3.5 * libkea-cfgclient65-2.6.1-150600.13.3.5 * libkea-tcp18-2.6.1-150600.13.3.5 * libkea-http71-2.6.1-150600.13.3.5 * libkea-database61-2.6.1-150600.13.3.5 * kea-debugsource-2.6.1-150600.13.3.5 * libkea-eval69-debuginfo-2.6.1-150600.13.3.5 * libkea-d2srv46-2.6.1-150600.13.3.5 * libkea-asiodns48-2.6.1-150600.13.3.5 * libkea-dhcp_ddns56-debuginfo-2.6.1-150600.13.3.5 * libkea-dhcp++90-debuginfo-2.6.1-150600.13.3.5 * log4cplus-debugsource-2.1.1-150600.13.3.2 * libkea-dhcpsrv109-2.6.1-150600.13.3.5 * libkea-hooks98-2.6.1-150600.13.3.5 * libkea-mysql70-2.6.1-150600.13.3.5 * libkea-dhcpsrv109-debuginfo-2.6.1-150600.13.3.5 * libkea-dhcp_ddns56-2.6.1-150600.13.3.5 * kea-debuginfo-2.6.1-150600.13.3.5 * libkea-cryptolink50-2.6.1-150600.13.3.5 * libkea-cfgclient65-debuginfo-2.6.1-150600.13.3.5 * kea-hooks-debuginfo-2.6.1-150600.13.3.5 * kea-devel-2.6.1-150600.13.3.5 * libkea-util-io0-debuginfo-2.6.1-150600.13.3.5 * libkea-hooks98-debuginfo-2.6.1-150600.13.3.5 * libkea-http71-debuginfo-2.6.1-150600.13.3.5 * kea-2.6.1-150600.13.3.5 * libkea-database61-debuginfo-2.6.1-150600.13.3.5 * libkea-dhcp++90-2.6.1-150600.13.3.5 * libkea-dns++56-2.6.1-150600.13.3.5 * log4cplus-devel-2.1.1-150600.13.3.2 * Server Applications Module 15-SP6 (noarch) * kea-doc-2.6.1-150600.13.3.5 ## References: * https://jira.suse.com/browse/PED-11477 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 21 12:35:50 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 21 May 2025 12:35:50 -0000 Subject: SUSE-RU-2025:01612-1: moderate: Recommended update for python-durationpy Message-ID: <174783095074.21669.4818202819616076493@smelt2.prg2.suse.org> # Recommended update for python-durationpy Announcement ID: SUSE-RU-2025:01612-1 Release Date: 2025-05-21T08:11:36Z Rating: moderate References: * jsc#PED-12477 * jsc#PED-12710 Affected Products: * Containers Module 15-SP6 * openSUSE Leap 15.4 * openSUSE Leap 15.6 * Public Cloud Module 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that contains two features can now be installed. ## Description: This update for python-durationpy, python3-kubernetes fixes the following issues: python3-kubernetes was updated from version 26.1.0 to 31.0.0 (jsc#PED-12710, PED-12477): * Key changes in version 31.0.0: * Alignment with significant API changes in Kubernetes. * Enhancements to Dynamic Resource Allocation (DRA) with new API versions and features. * Node improvements like user namespace support and supplemental group policies scheduling performance upgrades. * Changes to API servers include such as atomic updates for Ingress objects and tricter validation of encryption provider configurations. * Kube-proxy now has a "primary" nodeport address option, and several feature gates have graduated or been removed. * Improvements to CustomResourceDefinitions (CRDs), Service CIDR allocation, OCI artifact-based volumes, and logging. * Full list of changes: https://github.com/kubernetes- client/python/blob/v31.0.0/CHANGELOG.md * Key changes in version 29.0.0: * Updates to API versions for scheduling components and priority/fairness mechanism. * Enhanced configuration options for kube-proxy (including a new experimental mode). * Improved handling of authentication and authorization through configuration files. * New capabilities for pod lifecycle management (pre-stop hooks), resource management (image garbage collection), and network configuration, along with more flexible options for pod affinity and anti-affinity rules. * Full list of changes: https://github.com/kubernetes- client/python/blob/v29.0.0/CHANGELOG.md#v2900 * Key changes in version 28.1.0: * API improvements and updates, notably the removal of a deprecated API version for kube-scheduler configurations, requiring migration. * New features were also added, such as sidecar containers for enhanced pod lifecycle management, more granular control over Job retry limits, and improvements to CustomResourceDefinition (CRD) validation. * Updates were also made to pod management, networking, and security, with a general focus on enhancing flexibility, performance, and user experience. * Full list of changes: https://github.com/kubernetes- client/python/blob/v28.1.0/CHANGELOG.md * Key changes in version 27.2.0: * Enhancements to admission control policies, including features for runtime cost calculation and audit annotations. * Networking received updates with a new ClusterIP allocator, and a new API (ClusterTrustBundle) was introduced. * Scheduling was optimized through adjustments to pod affinity, and API interactions were improved with the implementation of streaming for the watch-cache. * Component updates included increased QPS limits for the kubelet. * Changes related to pods involve label updates, mutable resource type and resize policies. * Changes to API server encryption. * Improved logging capabilities. * Deprecations and removals of older features. * Full list of changes: https://github.com/kubernetes- client/python/blob/v27.2.0/CHANGELOG.md ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1612=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1612=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1612=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1612=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1612=1 * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2025-1612=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2025-1612=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1612=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1612=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1612=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1612=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1612=1 ## Package List: * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * python3-durationpy-0.9-150400.9.6.2 * python311-durationpy-0.9-150400.9.6.2 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * python3-kubernetes-31.0.0-150400.21.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * python3-durationpy-0.9-150400.9.6.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * python3-kubernetes-31.0.0-150400.21.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * python3-durationpy-0.9-150400.9.6.2 * python311-durationpy-0.9-150400.9.6.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * python3-kubernetes-31.0.0-150400.21.2 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * python3-durationpy-0.9-150400.9.6.2 * python311-durationpy-0.9-150400.9.6.2 * openSUSE Leap 15.4 (noarch) * python3-kubernetes-31.0.0-150400.21.2 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python3-durationpy-0.9-150400.9.6.2 * openSUSE Leap 15.6 (noarch) * python3-kubernetes-31.0.0-150400.21.2 * Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64) * python3-durationpy-0.9-150400.9.6.2 * python311-durationpy-0.9-150400.9.6.2 * Containers Module 15-SP6 (noarch) * python3-kubernetes-31.0.0-150400.21.2 * Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64) * python311-durationpy-0.9-150400.9.6.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * python3-durationpy-0.9-150400.9.6.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * python3-kubernetes-31.0.0-150400.21.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * python3-durationpy-0.9-150400.9.6.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * python3-kubernetes-31.0.0-150400.21.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * python3-durationpy-0.9-150400.9.6.2 * python311-durationpy-0.9-150400.9.6.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * python3-kubernetes-31.0.0-150400.21.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * python3-durationpy-0.9-150400.9.6.2 * python311-durationpy-0.9-150400.9.6.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * python3-kubernetes-31.0.0-150400.21.2 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * python3-durationpy-0.9-150400.9.6.2 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * python3-kubernetes-31.0.0-150400.21.2 ## References: * https://jira.suse.com/browse/PED-12477 * https://jira.suse.com/browse/PED-12710 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 21 16:30:05 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 21 May 2025 16:30:05 -0000 Subject: SUSE-RU-2025:01645-1: moderate: Recommended update for crmsh Message-ID: <174784500597.29241.12425132858538919939@smelt2.prg2.suse.org> # Recommended update for crmsh Announcement ID: SUSE-RU-2025:01645-1 Release Date: 2025-05-21T14:58:09Z Rating: moderate References: * bsc#1236442 * bsc#1241358 Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise High Availability Extension 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that has two fixes can now be installed. ## Description: This update for crmsh fixes the following issues: * Version update 4.6.1+20250506.8457349 * Fix: [ra] Prevent to add unknown operation (bsc#1236442). * Fix: [ui_cluster] Return when cluster service on all nodes are already startd (bsc#1241358). * Dev: [ui_cluster] Return False when run `crm cluster stop` raise NoSSHError. * Dev: [command] Sort the completion results for non-interactive mode. * Dev: [ra] Show parameters more clear. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Availability Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-HA-15-SP6-2025-1645=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1645=1 openSUSE-SLE-15.6-2025-1645=1 ## Package List: * SUSE Linux Enterprise High Availability Extension 15 SP6 (noarch) * crmsh-4.6.1+20250506.8457349-150600.3.32.2 * crmsh-scripts-4.6.1+20250506.8457349-150600.3.32.2 * openSUSE Leap 15.6 (noarch) * crmsh-4.6.1+20250506.8457349-150600.3.32.2 * crmsh-test-4.6.1+20250506.8457349-150600.3.32.2 * crmsh-scripts-4.6.1+20250506.8457349-150600.3.32.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1236442 * https://bugzilla.suse.com/show_bug.cgi?id=1241358 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 21 16:30:09 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 21 May 2025 16:30:09 -0000 Subject: SUSE-SU-2025:01644-1: moderate: Security update for postgresql17 Message-ID: <174784500911.29241.10666690749514511898@smelt2.prg2.suse.org> # Security update for postgresql17 Announcement ID: SUSE-SU-2025:01644-1 Release Date: 2025-05-21T14:35:27Z Rating: moderate References: * bsc#1242931 Cross-References: * CVE-2025-4207 CVSS scores: * CVE-2025-4207 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-4207 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves one vulnerability can now be installed. ## Description: This update for postgresql17 fixes the following issues: Upgrade to 17.5: * CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation (bsc#1242931) Changelog: https://www.postgresql.org/docs/release/17.5/ ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1644=1 openSUSE-SLE-15.6-2025-1644=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1644=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-1644=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-1644=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * postgresql17-pltcl-debuginfo-17.5-150600.13.13.1 * postgresql17-contrib-17.5-150600.13.13.1 * postgresql17-pltcl-17.5-150600.13.13.1 * postgresql17-llvmjit-devel-17.5-150600.13.13.1 * postgresql17-devel-mini-debuginfo-17.5-150600.13.13.1 * postgresql17-llvmjit-debuginfo-17.5-150600.13.13.1 * postgresql17-plpython-17.5-150600.13.13.1 * postgresql17-server-devel-17.5-150600.13.13.1 * postgresql17-devel-debuginfo-17.5-150600.13.13.1 * postgresql17-mini-debugsource-17.5-150600.13.13.1 * postgresql17-test-17.5-150600.13.13.1 * postgresql17-devel-17.5-150600.13.13.1 * postgresql17-debuginfo-17.5-150600.13.13.1 * postgresql17-plperl-17.5-150600.13.13.1 * libecpg6-17.5-150600.13.13.1 * postgresql17-server-devel-debuginfo-17.5-150600.13.13.1 * postgresql17-plpython-debuginfo-17.5-150600.13.13.1 * postgresql17-llvmjit-17.5-150600.13.13.1 * libpq5-17.5-150600.13.13.1 * postgresql17-contrib-debuginfo-17.5-150600.13.13.1 * postgresql17-17.5-150600.13.13.1 * postgresql17-server-debuginfo-17.5-150600.13.13.1 * libecpg6-debuginfo-17.5-150600.13.13.1 * libpq5-debuginfo-17.5-150600.13.13.1 * postgresql17-debugsource-17.5-150600.13.13.1 * postgresql17-server-17.5-150600.13.13.1 * postgresql17-plperl-debuginfo-17.5-150600.13.13.1 * postgresql17-devel-mini-17.5-150600.13.13.1 * openSUSE Leap 15.6 (x86_64) * libpq5-32bit-debuginfo-17.5-150600.13.13.1 * libecpg6-32bit-debuginfo-17.5-150600.13.13.1 * libecpg6-32bit-17.5-150600.13.13.1 * libpq5-32bit-17.5-150600.13.13.1 * openSUSE Leap 15.6 (noarch) * postgresql17-docs-17.5-150600.13.13.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libpq5-64bit-debuginfo-17.5-150600.13.13.1 * libecpg6-64bit-17.5-150600.13.13.1 * libpq5-64bit-17.5-150600.13.13.1 * libecpg6-64bit-debuginfo-17.5-150600.13.13.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libpq5-debuginfo-17.5-150600.13.13.1 * postgresql17-debugsource-17.5-150600.13.13.1 * libpq5-17.5-150600.13.13.1 * postgresql17-17.5-150600.13.13.1 * postgresql17-debuginfo-17.5-150600.13.13.1 * Basesystem Module 15-SP6 (x86_64) * libpq5-32bit-17.5-150600.13.13.1 * libpq5-32bit-debuginfo-17.5-150600.13.13.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * postgresql17-debugsource-17.5-150600.13.13.1 * postgresql17-llvmjit-17.5-150600.13.13.1 * postgresql17-llvmjit-debuginfo-17.5-150600.13.13.1 * postgresql17-llvmjit-devel-17.5-150600.13.13.1 * postgresql17-test-17.5-150600.13.13.1 * postgresql17-debuginfo-17.5-150600.13.13.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * postgresql17-server-debuginfo-17.5-150600.13.13.1 * libecpg6-debuginfo-17.5-150600.13.13.1 * postgresql17-server-17.5-150600.13.13.1 * postgresql17-debugsource-17.5-150600.13.13.1 * postgresql17-plperl-17.5-150600.13.13.1 * libecpg6-17.5-150600.13.13.1 * postgresql17-pltcl-debuginfo-17.5-150600.13.13.1 * postgresql17-plpython-debuginfo-17.5-150600.13.13.1 * postgresql17-server-devel-debuginfo-17.5-150600.13.13.1 * postgresql17-contrib-17.5-150600.13.13.1 * postgresql17-plperl-debuginfo-17.5-150600.13.13.1 * postgresql17-plpython-17.5-150600.13.13.1 * postgresql17-devel-17.5-150600.13.13.1 * postgresql17-pltcl-17.5-150600.13.13.1 * postgresql17-server-devel-17.5-150600.13.13.1 * postgresql17-devel-debuginfo-17.5-150600.13.13.1 * postgresql17-contrib-debuginfo-17.5-150600.13.13.1 * postgresql17-debuginfo-17.5-150600.13.13.1 * Server Applications Module 15-SP6 (noarch) * postgresql17-docs-17.5-150600.13.13.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4207.html * https://bugzilla.suse.com/show_bug.cgi?id=1242931 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 21 16:30:17 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 21 May 2025 16:30:17 -0000 Subject: SUSE-RU-2025:01643-1: important: Recommended update for libsolv, libzypp, zypper Message-ID: <174784501712.29241.13090938221715070728@smelt2.prg2.suse.org> # Recommended update for libsolv, libzypp, zypper Announcement ID: SUSE-RU-2025:01643-1 Release Date: 2025-05-21T14:32:53Z Rating: important References: * bsc#1222044 * bsc#1230267 * bsc#1235598 * bsc#1237172 * bsc#1237587 * bsc#1237949 * bsc#1238315 * bsc#1239809 * bsc#1240529 Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has nine fixes can now be installed. ## Description: This update for libsolv, libzypp, zypper fixes the following issues: * Support the apk package and repository format (both v2 and v3) * New dataiterator_final_{repo,solvable} functions * Provide a symbol specific for the ruby-version so yast does not break across updates (bsc#1235598) * XmlReader: Fix detection of bad input streams * rpm: Fix detection of %triggerscript starts (bsc#1222044) * RepoindexFileReader: add more related attributes a service may set * Drop workaround for broken rpm-4.18 in Code16 (bsc#1237172) * Drop usage of SHA1 hash algorithm because it will become unavailable in FIPS mode (bsc#1240529) * Fix zypp.conf dupAllowVendorChange to reflect the correct default (false) * zypp.conf: Add `lock_timeout` ($ZYPP_LOCK_TIMEOUT) (bsc#1239809) * Fix computation of RepStatus if Repo URLs change * Fix lost double slash when appending to an absolute FTP url (bsc#1238315) * Add a transaction package preloader * Strip a mediahandler tag from baseUrl querystrings * Updated translations (bsc#1230267) * Do not double encode URL strings passed on the commandline (bsc#1237587) * info,search: add option to search and list Enhances (bsc#1237949) ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-1643=1 * SUSE Linux Enterprise High Performance Computing 15 SP5 zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2025-1643=1 * SUSE Linux Enterprise Server 15 SP5 zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2025-1643=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1643=1 SUSE-SLE- INSTALLER-15-SP5-2025-1643=1 * SUSE Linux Enterprise Desktop 15 SP5 zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2025-1643=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-1643=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1643=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1643=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1643=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * libsolv-demo-0.7.32-150500.6.8.1 * libzypp-debuginfo-17.36.7-150500.6.45.1 * libzypp-devel-doc-17.36.7-150500.6.45.1 * libsolv-debugsource-0.7.32-150500.6.8.1 * libsolv-tools-base-0.7.32-150500.6.8.1 * libsolv-devel-0.7.32-150500.6.8.1 * ruby-solv-0.7.32-150500.6.8.1 * libzypp-devel-17.36.7-150500.6.45.1 * libzypp-17.36.7-150500.6.45.1 * perl-solv-debuginfo-0.7.32-150500.6.8.1 * libsolv-devel-debuginfo-0.7.32-150500.6.8.1 * libsolv-tools-0.7.32-150500.6.8.1 * zypper-debuginfo-1.14.89-150500.6.29.1 * python3-solv-0.7.32-150500.6.8.1 * python3-solv-debuginfo-0.7.32-150500.6.8.1 * libsolv-tools-debuginfo-0.7.32-150500.6.8.1 * libsolv-tools-base-debuginfo-0.7.32-150500.6.8.1 * ruby-solv-debuginfo-0.7.32-150500.6.8.1 * zypper-debugsource-1.14.89-150500.6.29.1 * libsolv-demo-debuginfo-0.7.32-150500.6.8.1 * python311-solv-debuginfo-0.7.32-150500.6.8.1 * zypper-1.14.89-150500.6.29.1 * python311-solv-0.7.32-150500.6.8.1 * libsolv-debuginfo-0.7.32-150500.6.8.1 * perl-solv-0.7.32-150500.6.8.1 * libzypp-debugsource-17.36.7-150500.6.45.1 * openSUSE Leap 15.5 (noarch) * zypper-log-1.14.89-150500.6.29.1 * zypper-needs-restarting-1.14.89-150500.6.29.1 * zypper-aptitude-1.14.89-150500.6.29.1 * SUSE Linux Enterprise High Performance Computing 15 SP5 (aarch64 x86_64) * libzypp-17.36.7-150500.6.45.1 * libsolv-tools-0.7.32-150500.6.8.1 * libsolv-tools-base-0.7.32-150500.6.8.1 * SUSE Linux Enterprise Server 15 SP5 (aarch64 ppc64le s390x x86_64) * libzypp-17.36.7-150500.6.45.1 * libsolv-tools-0.7.32-150500.6.8.1 * libsolv-tools-base-0.7.32-150500.6.8.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * libzypp-debuginfo-17.36.7-150500.6.45.1 * libsolv-debugsource-0.7.32-150500.6.8.1 * libsolv-tools-base-0.7.32-150500.6.8.1 * libsolv-devel-0.7.32-150500.6.8.1 * ruby-solv-0.7.32-150500.6.8.1 * libzypp-devel-17.36.7-150500.6.45.1 * libzypp-17.36.7-150500.6.45.1 * perl-solv-debuginfo-0.7.32-150500.6.8.1 * libsolv-devel-debuginfo-0.7.32-150500.6.8.1 * libsolv-tools-0.7.32-150500.6.8.1 * zypper-debuginfo-1.14.89-150500.6.29.1 * python3-solv-0.7.32-150500.6.8.1 * python3-solv-debuginfo-0.7.32-150500.6.8.1 * libsolv-tools-debuginfo-0.7.32-150500.6.8.1 * libsolv-tools-base-debuginfo-0.7.32-150500.6.8.1 * ruby-solv-debuginfo-0.7.32-150500.6.8.1 * zypper-debugsource-1.14.89-150500.6.29.1 * zypper-1.14.89-150500.6.29.1 * libsolv-debuginfo-0.7.32-150500.6.8.1 * perl-solv-0.7.32-150500.6.8.1 * libzypp-debugsource-17.36.7-150500.6.45.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * zypper-log-1.14.89-150500.6.29.1 * zypper-needs-restarting-1.14.89-150500.6.29.1 * SUSE Linux Enterprise Desktop 15 SP5 (x86_64) * libzypp-17.36.7-150500.6.45.1 * libsolv-tools-0.7.32-150500.6.8.1 * libsolv-tools-base-0.7.32-150500.6.8.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libzypp-debuginfo-17.36.7-150500.6.45.1 * libsolv-tools-base-debuginfo-0.7.32-150500.6.8.1 * libsolv-tools-0.7.32-150500.6.8.1 * libsolv-debuginfo-0.7.32-150500.6.8.1 * libsolv-debugsource-0.7.32-150500.6.8.1 * libsolv-tools-base-0.7.32-150500.6.8.1 * zypper-debuginfo-1.14.89-150500.6.29.1 * zypper-debugsource-1.14.89-150500.6.29.1 * libzypp-17.36.7-150500.6.45.1 * zypper-1.14.89-150500.6.29.1 * libzypp-debugsource-17.36.7-150500.6.45.1 * libsolv-tools-debuginfo-0.7.32-150500.6.8.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * zypper-needs-restarting-1.14.89-150500.6.29.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * libzypp-debuginfo-17.36.7-150500.6.45.1 * libsolv-debugsource-0.7.32-150500.6.8.1 * libsolv-tools-base-0.7.32-150500.6.8.1 * libsolv-devel-0.7.32-150500.6.8.1 * ruby-solv-0.7.32-150500.6.8.1 * libzypp-devel-17.36.7-150500.6.45.1 * libzypp-17.36.7-150500.6.45.1 * perl-solv-debuginfo-0.7.32-150500.6.8.1 * libsolv-devel-debuginfo-0.7.32-150500.6.8.1 * libsolv-tools-0.7.32-150500.6.8.1 * zypper-debuginfo-1.14.89-150500.6.29.1 * python3-solv-0.7.32-150500.6.8.1 * python3-solv-debuginfo-0.7.32-150500.6.8.1 * libsolv-tools-debuginfo-0.7.32-150500.6.8.1 * libsolv-tools-base-debuginfo-0.7.32-150500.6.8.1 * ruby-solv-debuginfo-0.7.32-150500.6.8.1 * zypper-debugsource-1.14.89-150500.6.29.1 * zypper-1.14.89-150500.6.29.1 * libsolv-debuginfo-0.7.32-150500.6.8.1 * perl-solv-0.7.32-150500.6.8.1 * libzypp-debugsource-17.36.7-150500.6.45.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * zypper-log-1.14.89-150500.6.29.1 * zypper-needs-restarting-1.14.89-150500.6.29.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * libzypp-debuginfo-17.36.7-150500.6.45.1 * libsolv-debugsource-0.7.32-150500.6.8.1 * libsolv-tools-base-0.7.32-150500.6.8.1 * libsolv-devel-0.7.32-150500.6.8.1 * ruby-solv-0.7.32-150500.6.8.1 * libzypp-devel-17.36.7-150500.6.45.1 * libzypp-17.36.7-150500.6.45.1 * perl-solv-debuginfo-0.7.32-150500.6.8.1 * libsolv-devel-debuginfo-0.7.32-150500.6.8.1 * libsolv-tools-0.7.32-150500.6.8.1 * zypper-debuginfo-1.14.89-150500.6.29.1 * python3-solv-0.7.32-150500.6.8.1 * python3-solv-debuginfo-0.7.32-150500.6.8.1 * libsolv-tools-debuginfo-0.7.32-150500.6.8.1 * libsolv-tools-base-debuginfo-0.7.32-150500.6.8.1 * ruby-solv-debuginfo-0.7.32-150500.6.8.1 * zypper-debugsource-1.14.89-150500.6.29.1 * zypper-1.14.89-150500.6.29.1 * libsolv-debuginfo-0.7.32-150500.6.8.1 * perl-solv-0.7.32-150500.6.8.1 * libzypp-debugsource-17.36.7-150500.6.45.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * zypper-log-1.14.89-150500.6.29.1 * zypper-needs-restarting-1.14.89-150500.6.29.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libzypp-debuginfo-17.36.7-150500.6.45.1 * libsolv-debugsource-0.7.32-150500.6.8.1 * libsolv-tools-base-0.7.32-150500.6.8.1 * libsolv-devel-0.7.32-150500.6.8.1 * ruby-solv-0.7.32-150500.6.8.1 * libzypp-devel-17.36.7-150500.6.45.1 * libzypp-17.36.7-150500.6.45.1 * perl-solv-debuginfo-0.7.32-150500.6.8.1 * libsolv-devel-debuginfo-0.7.32-150500.6.8.1 * libsolv-tools-0.7.32-150500.6.8.1 * zypper-debuginfo-1.14.89-150500.6.29.1 * python3-solv-0.7.32-150500.6.8.1 * python3-solv-debuginfo-0.7.32-150500.6.8.1 * libsolv-tools-debuginfo-0.7.32-150500.6.8.1 * libsolv-tools-base-debuginfo-0.7.32-150500.6.8.1 * ruby-solv-debuginfo-0.7.32-150500.6.8.1 * zypper-debugsource-1.14.89-150500.6.29.1 * zypper-1.14.89-150500.6.29.1 * libsolv-debuginfo-0.7.32-150500.6.8.1 * perl-solv-0.7.32-150500.6.8.1 * libzypp-debugsource-17.36.7-150500.6.45.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * zypper-log-1.14.89-150500.6.29.1 * zypper-needs-restarting-1.14.89-150500.6.29.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1222044 * https://bugzilla.suse.com/show_bug.cgi?id=1230267 * https://bugzilla.suse.com/show_bug.cgi?id=1235598 * https://bugzilla.suse.com/show_bug.cgi?id=1237172 * https://bugzilla.suse.com/show_bug.cgi?id=1237587 * https://bugzilla.suse.com/show_bug.cgi?id=1237949 * https://bugzilla.suse.com/show_bug.cgi?id=1238315 * https://bugzilla.suse.com/show_bug.cgi?id=1239809 * https://bugzilla.suse.com/show_bug.cgi?id=1240529 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 21 16:30:24 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 21 May 2025 16:30:24 -0000 Subject: SUSE-RU-2025:01642-1: important: Recommended update for libsolv, libzypp, zypper Message-ID: <174784502477.29241.13419291246260526110@smelt2.prg2.suse.org> # Recommended update for libsolv, libzypp, zypper Announcement ID: SUSE-RU-2025:01642-1 Release Date: 2025-05-21T14:32:20Z Rating: important References: * bsc#1222044 * bsc#1230267 * bsc#1235598 * bsc#1237172 * bsc#1237587 * bsc#1237949 * bsc#1238315 * bsc#1239809 * bsc#1240529 Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has nine fixes can now be installed. ## Description: This update for libsolv, libzypp, zypper fixes the following issues: * build both static and dynamic libraries on new suse distros * support the apk package and repository format (both v2 and v3) * new dataiterator_final_{repo,solvable} functions * Provide a symbol specific for the ruby-version so yast does not break across updates (bsc#1235598) * XmlReader: Fix detection of bad input streams * rpm: Fix detection of %triggerscript starts (bsc#1222044) * RepoindexFileReader: add more related attributes a service may set. * Drop workaround for broken rpm-4.18 in Code16 (bsc#1237172) * BuildRequires: %{libsolv_devel_package} >= 0.7.32. * Drop usage of SHA1 hash algorithm because it will become unavailable in FIPS mode (bsc#1240529) * Fix zypp.conf dupAllowVendorChange to reflect the correct default (false). * zypp.conf: Add `lock_timeout` ($ZYPP_LOCK_TIMEOUT) (bsc#1239809) * Fix computation of RepStatus if Repo URLs change. * Fix lost double slash when appending to an absolute FTP url (bsc#1238315) * Add a transaction package preloader * RpmPkgSigCheck_test: Exchange the test package signingkey * Exclude MediaCurl tests if DISABLE_MEDIABACKEND_TESTS * Strip a mediahandler tag from baseUrl querystrings. * Updated translations (bsc#1230267) * Do not double encode URL strings passed on the commandline (bsc#1237587) * Package preloader that concurrently downloads files. * BuildRequires: libzypp-devel >= 17.36.4. * refresh: add --include-all-archs * info,search: add option to search and list Enhances (bsc#1237949) ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-1642=1 SUSE-SLE-INSTALLER-15-SP4-2025-1642=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2025-1642=1 SUSE-SLE-Product-SUSE- Manager-Server-4.3-2025-1642=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1642=1 * SUSE Linux Enterprise High Performance Computing 15 SP4 zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2025-1642=1 * SUSE Linux Enterprise Server 15 SP4 zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2025-1642=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2025-1642=1 SUSE-SLE-Product- SLES_SAP-15-SP4-2025-1642=1 * SUSE Linux Enterprise Desktop 15 SP4 zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2025-1642=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2025-1642=1 SUSE-SLE-Product-SUSE- Manager-Proxy-4.3-2025-1642=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1642=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1642=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1642=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1642=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1642=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1642=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1642=1 ## Package List: * SUSE Manager Retail Branch Server 4.3 (x86_64) * python3-solv-debuginfo-0.7.32-150400.3.35.1 * libsolv-devel-debuginfo-0.7.32-150400.3.35.1 * libzypp-17.36.7-150400.3.119.1 * libzypp-debugsource-17.36.7-150400.3.119.1 * ruby-solv-debuginfo-0.7.32-150400.3.35.1 * ruby-solv-0.7.32-150400.3.35.1 * libsolv-tools-0.7.32-150400.3.35.1 * zypper-debuginfo-1.14.89-150400.3.82.1 * zypper-debugsource-1.14.89-150400.3.82.1 * libsolv-debuginfo-0.7.32-150400.3.35.1 * libsolv-devel-0.7.32-150400.3.35.1 * libsolv-tools-debuginfo-0.7.32-150400.3.35.1 * libzypp-devel-17.36.7-150400.3.119.1 * zypper-1.14.89-150400.3.82.1 * libzypp-debuginfo-17.36.7-150400.3.119.1 * libsolv-tools-base-0.7.32-150400.3.35.1 * python3-solv-0.7.32-150400.3.35.1 * libsolv-debugsource-0.7.32-150400.3.35.1 * libsolv-tools-base-debuginfo-0.7.32-150400.3.35.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * zypper-log-1.14.89-150400.3.82.1 * zypper-needs-restarting-1.14.89-150400.3.82.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * python3-solv-debuginfo-0.7.32-150400.3.35.1 * libsolv-devel-debuginfo-0.7.32-150400.3.35.1 * libzypp-17.36.7-150400.3.119.1 * libzypp-debugsource-17.36.7-150400.3.119.1 * ruby-solv-debuginfo-0.7.32-150400.3.35.1 * ruby-solv-0.7.32-150400.3.35.1 * libsolv-tools-0.7.32-150400.3.35.1 * zypper-debuginfo-1.14.89-150400.3.82.1 * zypper-debugsource-1.14.89-150400.3.82.1 * libsolv-debuginfo-0.7.32-150400.3.35.1 * libsolv-devel-0.7.32-150400.3.35.1 * libsolv-tools-debuginfo-0.7.32-150400.3.35.1 * libzypp-devel-17.36.7-150400.3.119.1 * zypper-1.14.89-150400.3.82.1 * libzypp-debuginfo-17.36.7-150400.3.119.1 * libsolv-tools-base-0.7.32-150400.3.35.1 * python3-solv-0.7.32-150400.3.35.1 * libsolv-debugsource-0.7.32-150400.3.35.1 * libsolv-tools-base-debuginfo-0.7.32-150400.3.35.1 * SUSE Manager Server 4.3 (noarch) * zypper-log-1.14.89-150400.3.82.1 * zypper-needs-restarting-1.14.89-150400.3.82.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libsolv-devel-debuginfo-0.7.32-150400.3.35.1 * libzypp-debugsource-17.36.7-150400.3.119.1 * zypper-debuginfo-1.14.89-150400.3.82.1 * ruby-solv-0.7.32-150400.3.35.1 * libsolv-debuginfo-0.7.32-150400.3.35.1 * perl-solv-0.7.32-150400.3.35.1 * libsolv-tools-base-0.7.32-150400.3.35.1 * python311-solv-debuginfo-0.7.32-150400.3.35.1 * libsolv-debugsource-0.7.32-150400.3.35.1 * python3-solv-debuginfo-0.7.32-150400.3.35.1 * libzypp-17.36.7-150400.3.119.1 * libsolv-demo-0.7.32-150400.3.35.1 * zypper-debugsource-1.14.89-150400.3.82.1 * ruby-solv-debuginfo-0.7.32-150400.3.35.1 * libzypp-devel-17.36.7-150400.3.119.1 * zypper-1.14.89-150400.3.82.1 * libzypp-debuginfo-17.36.7-150400.3.119.1 * libsolv-devel-0.7.32-150400.3.35.1 * libsolv-tools-debuginfo-0.7.32-150400.3.35.1 * libsolv-demo-debuginfo-0.7.32-150400.3.35.1 * python311-solv-0.7.32-150400.3.35.1 * python3-solv-0.7.32-150400.3.35.1 * libsolv-tools-0.7.32-150400.3.35.1 * perl-solv-debuginfo-0.7.32-150400.3.35.1 * libzypp-devel-doc-17.36.7-150400.3.119.1 * libsolv-tools-base-debuginfo-0.7.32-150400.3.35.1 * openSUSE Leap 15.4 (noarch) * zypper-aptitude-1.14.89-150400.3.82.1 * zypper-log-1.14.89-150400.3.82.1 * zypper-needs-restarting-1.14.89-150400.3.82.1 * SUSE Linux Enterprise High Performance Computing 15 SP4 (aarch64 x86_64) * libzypp-17.36.7-150400.3.119.1 * libsolv-tools-0.7.32-150400.3.35.1 * libsolv-tools-base-0.7.32-150400.3.35.1 * SUSE Linux Enterprise High Performance Computing 15 SP4 (aarch64) * libsolv-tools-base-debuginfo-0.7.32-150400.3.35.1 * SUSE Linux Enterprise Server 15 SP4 (aarch64 ppc64le s390x x86_64) * libzypp-17.36.7-150400.3.119.1 * libsolv-tools-0.7.32-150400.3.35.1 * libsolv-tools-base-0.7.32-150400.3.35.1 * SUSE Linux Enterprise Server 15 SP4 (aarch64 ppc64le) * libsolv-tools-base-debuginfo-0.7.32-150400.3.35.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libsolv-devel-debuginfo-0.7.32-150400.3.35.1 * libzypp-debugsource-17.36.7-150400.3.119.1 * zypper-debuginfo-1.14.89-150400.3.82.1 * ruby-solv-0.7.32-150400.3.35.1 * libsolv-debuginfo-0.7.32-150400.3.35.1 * perl-solv-0.7.32-150400.3.35.1 * libsolv-tools-base-0.7.32-150400.3.35.1 * libsolv-debugsource-0.7.32-150400.3.35.1 * python3-solv-debuginfo-0.7.32-150400.3.35.1 * libzypp-17.36.7-150400.3.119.1 * libsolv-tools-base-debuginfo-0.7.32-150400.3.35.1 * zypper-debugsource-1.14.89-150400.3.82.1 * ruby-solv-debuginfo-0.7.32-150400.3.35.1 * libzypp-devel-17.36.7-150400.3.119.1 * libzypp-debuginfo-17.36.7-150400.3.119.1 * libsolv-devel-0.7.32-150400.3.35.1 * libsolv-tools-debuginfo-0.7.32-150400.3.35.1 * python3-solv-0.7.32-150400.3.35.1 * libsolv-tools-0.7.32-150400.3.35.1 * perl-solv-debuginfo-0.7.32-150400.3.35.1 * zypper-1.14.89-150400.3.82.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * zypper-log-1.14.89-150400.3.82.1 * zypper-needs-restarting-1.14.89-150400.3.82.1 * SUSE Linux Enterprise Desktop 15 SP4 (x86_64) * libzypp-17.36.7-150400.3.119.1 * libsolv-tools-0.7.32-150400.3.35.1 * libsolv-tools-base-0.7.32-150400.3.35.1 * SUSE Manager Proxy 4.3 (x86_64) * python3-solv-debuginfo-0.7.32-150400.3.35.1 * libzypp-17.36.7-150400.3.119.1 * libsolv-devel-debuginfo-0.7.32-150400.3.35.1 * libzypp-debugsource-17.36.7-150400.3.119.1 * ruby-solv-debuginfo-0.7.32-150400.3.35.1 * ruby-solv-0.7.32-150400.3.35.1 * libsolv-tools-0.7.32-150400.3.35.1 * zypper-debuginfo-1.14.89-150400.3.82.1 * zypper-debugsource-1.14.89-150400.3.82.1 * libsolv-debuginfo-0.7.32-150400.3.35.1 * libsolv-devel-0.7.32-150400.3.35.1 * libsolv-tools-debuginfo-0.7.32-150400.3.35.1 * libzypp-devel-17.36.7-150400.3.119.1 * zypper-1.14.89-150400.3.82.1 * libzypp-debuginfo-17.36.7-150400.3.119.1 * libsolv-tools-base-0.7.32-150400.3.35.1 * python3-solv-0.7.32-150400.3.35.1 * libsolv-debugsource-0.7.32-150400.3.35.1 * libsolv-tools-base-debuginfo-0.7.32-150400.3.35.1 * SUSE Manager Proxy 4.3 (noarch) * zypper-log-1.14.89-150400.3.82.1 * zypper-needs-restarting-1.14.89-150400.3.82.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libzypp-17.36.7-150400.3.119.1 * libzypp-debugsource-17.36.7-150400.3.119.1 * zypper-debuginfo-1.14.89-150400.3.82.1 * libsolv-tools-0.7.32-150400.3.35.1 * libsolv-debuginfo-0.7.32-150400.3.35.1 * libsolv-tools-debuginfo-0.7.32-150400.3.35.1 * zypper-1.14.89-150400.3.82.1 * libzypp-debuginfo-17.36.7-150400.3.119.1 * libsolv-tools-base-0.7.32-150400.3.35.1 * zypper-debugsource-1.14.89-150400.3.82.1 * libsolv-debugsource-0.7.32-150400.3.35.1 * libsolv-tools-base-debuginfo-0.7.32-150400.3.35.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * zypper-needs-restarting-1.14.89-150400.3.82.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libzypp-17.36.7-150400.3.119.1 * libzypp-debugsource-17.36.7-150400.3.119.1 * zypper-debuginfo-1.14.89-150400.3.82.1 * libsolv-tools-0.7.32-150400.3.35.1 * libsolv-debuginfo-0.7.32-150400.3.35.1 * libsolv-tools-debuginfo-0.7.32-150400.3.35.1 * zypper-1.14.89-150400.3.82.1 * libzypp-debuginfo-17.36.7-150400.3.119.1 * libsolv-tools-base-0.7.32-150400.3.35.1 * zypper-debugsource-1.14.89-150400.3.82.1 * libsolv-debugsource-0.7.32-150400.3.35.1 * libsolv-tools-base-debuginfo-0.7.32-150400.3.35.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * zypper-needs-restarting-1.14.89-150400.3.82.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libzypp-17.36.7-150400.3.119.1 * libzypp-debugsource-17.36.7-150400.3.119.1 * zypper-debuginfo-1.14.89-150400.3.82.1 * libsolv-tools-0.7.32-150400.3.35.1 * libsolv-debuginfo-0.7.32-150400.3.35.1 * libsolv-tools-debuginfo-0.7.32-150400.3.35.1 * zypper-1.14.89-150400.3.82.1 * libzypp-debuginfo-17.36.7-150400.3.119.1 * libsolv-tools-base-0.7.32-150400.3.35.1 * zypper-debugsource-1.14.89-150400.3.82.1 * libsolv-debugsource-0.7.32-150400.3.35.1 * libsolv-tools-base-debuginfo-0.7.32-150400.3.35.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * zypper-needs-restarting-1.14.89-150400.3.82.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libzypp-17.36.7-150400.3.119.1 * libzypp-debugsource-17.36.7-150400.3.119.1 * zypper-debuginfo-1.14.89-150400.3.82.1 * libsolv-tools-0.7.32-150400.3.35.1 * libsolv-debuginfo-0.7.32-150400.3.35.1 * libsolv-tools-debuginfo-0.7.32-150400.3.35.1 * zypper-1.14.89-150400.3.82.1 * libzypp-debuginfo-17.36.7-150400.3.119.1 * libsolv-tools-base-0.7.32-150400.3.35.1 * zypper-debugsource-1.14.89-150400.3.82.1 * libsolv-debugsource-0.7.32-150400.3.35.1 * libsolv-tools-base-debuginfo-0.7.32-150400.3.35.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * zypper-needs-restarting-1.14.89-150400.3.82.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libsolv-devel-debuginfo-0.7.32-150400.3.35.1 * libzypp-debugsource-17.36.7-150400.3.119.1 * zypper-debuginfo-1.14.89-150400.3.82.1 * ruby-solv-0.7.32-150400.3.35.1 * libsolv-debuginfo-0.7.32-150400.3.35.1 * perl-solv-0.7.32-150400.3.35.1 * libsolv-tools-base-0.7.32-150400.3.35.1 * libsolv-debugsource-0.7.32-150400.3.35.1 * python3-solv-debuginfo-0.7.32-150400.3.35.1 * libzypp-17.36.7-150400.3.119.1 * libsolv-tools-base-debuginfo-0.7.32-150400.3.35.1 * zypper-debugsource-1.14.89-150400.3.82.1 * ruby-solv-debuginfo-0.7.32-150400.3.35.1 * libzypp-devel-17.36.7-150400.3.119.1 * libzypp-debuginfo-17.36.7-150400.3.119.1 * libsolv-devel-0.7.32-150400.3.35.1 * libsolv-tools-debuginfo-0.7.32-150400.3.35.1 * python3-solv-0.7.32-150400.3.35.1 * libsolv-tools-0.7.32-150400.3.35.1 * perl-solv-debuginfo-0.7.32-150400.3.35.1 * zypper-1.14.89-150400.3.82.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * zypper-log-1.14.89-150400.3.82.1 * zypper-needs-restarting-1.14.89-150400.3.82.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libsolv-devel-debuginfo-0.7.32-150400.3.35.1 * libzypp-debugsource-17.36.7-150400.3.119.1 * zypper-debuginfo-1.14.89-150400.3.82.1 * ruby-solv-0.7.32-150400.3.35.1 * libsolv-debuginfo-0.7.32-150400.3.35.1 * perl-solv-0.7.32-150400.3.35.1 * libsolv-tools-base-0.7.32-150400.3.35.1 * libsolv-debugsource-0.7.32-150400.3.35.1 * python3-solv-debuginfo-0.7.32-150400.3.35.1 * libzypp-17.36.7-150400.3.119.1 * libsolv-tools-base-debuginfo-0.7.32-150400.3.35.1 * zypper-debugsource-1.14.89-150400.3.82.1 * ruby-solv-debuginfo-0.7.32-150400.3.35.1 * libzypp-devel-17.36.7-150400.3.119.1 * libzypp-debuginfo-17.36.7-150400.3.119.1 * libsolv-devel-0.7.32-150400.3.35.1 * libsolv-tools-debuginfo-0.7.32-150400.3.35.1 * python3-solv-0.7.32-150400.3.35.1 * libsolv-tools-0.7.32-150400.3.35.1 * perl-solv-debuginfo-0.7.32-150400.3.35.1 * zypper-1.14.89-150400.3.82.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * zypper-log-1.14.89-150400.3.82.1 * zypper-needs-restarting-1.14.89-150400.3.82.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * libsolv-devel-debuginfo-0.7.32-150400.3.35.1 * libzypp-debugsource-17.36.7-150400.3.119.1 * zypper-debuginfo-1.14.89-150400.3.82.1 * ruby-solv-0.7.32-150400.3.35.1 * libsolv-debuginfo-0.7.32-150400.3.35.1 * perl-solv-0.7.32-150400.3.35.1 * libsolv-tools-base-0.7.32-150400.3.35.1 * libsolv-debugsource-0.7.32-150400.3.35.1 * python3-solv-debuginfo-0.7.32-150400.3.35.1 * libzypp-17.36.7-150400.3.119.1 * libsolv-tools-base-debuginfo-0.7.32-150400.3.35.1 * zypper-debugsource-1.14.89-150400.3.82.1 * ruby-solv-debuginfo-0.7.32-150400.3.35.1 * libzypp-devel-17.36.7-150400.3.119.1 * libzypp-debuginfo-17.36.7-150400.3.119.1 * libsolv-devel-0.7.32-150400.3.35.1 * libsolv-tools-debuginfo-0.7.32-150400.3.35.1 * python3-solv-0.7.32-150400.3.35.1 * libsolv-tools-0.7.32-150400.3.35.1 * perl-solv-debuginfo-0.7.32-150400.3.35.1 * zypper-1.14.89-150400.3.82.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * zypper-log-1.14.89-150400.3.82.1 * zypper-needs-restarting-1.14.89-150400.3.82.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1222044 * https://bugzilla.suse.com/show_bug.cgi?id=1230267 * https://bugzilla.suse.com/show_bug.cgi?id=1235598 * https://bugzilla.suse.com/show_bug.cgi?id=1237172 * https://bugzilla.suse.com/show_bug.cgi?id=1237587 * https://bugzilla.suse.com/show_bug.cgi?id=1237949 * https://bugzilla.suse.com/show_bug.cgi?id=1238315 * https://bugzilla.suse.com/show_bug.cgi?id=1239809 * https://bugzilla.suse.com/show_bug.cgi?id=1240529 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 22 08:30:04 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 22 May 2025 08:30:04 -0000 Subject: SUSE-SU-2025:01649-1: important: Security update for python-tornado6 Message-ID: <174790260481.21953.15251805622199344806@smelt2.prg2.suse.org> # Security update for python-tornado6 Announcement ID: SUSE-SU-2025:01649-1 Release Date: 2025-05-22T07:45:14Z Rating: important References: * bsc#1243268 Cross-References: * CVE-2025-47287 CVSS scores: * CVE-2025-47287 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-47287 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-47287 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.6 * Python 3 Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for python-tornado6 fixes the following issues: * CVE-2025-47287: excessive logging when parsing malformed `multipart/form- data` can lead to a denial-of-service (bsc#1243268). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1649=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1649=1 * Python 3 Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2025-1649=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1649=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1649=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1649=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1649=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1649=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1649=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1649=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1649=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * python311-tornado6-6.3.2-150400.9.9.1 * python311-tornado6-debuginfo-6.3.2-150400.9.9.1 * python-tornado6-debugsource-6.3.2-150400.9.9.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python311-tornado6-6.3.2-150400.9.9.1 * python311-tornado6-debuginfo-6.3.2-150400.9.9.1 * python-tornado6-debugsource-6.3.2-150400.9.9.1 * Python 3 Module 15-SP6 (aarch64 ppc64le s390x x86_64) * python311-tornado6-6.3.2-150400.9.9.1 * python311-tornado6-debuginfo-6.3.2-150400.9.9.1 * python-tornado6-debugsource-6.3.2-150400.9.9.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * python311-tornado6-6.3.2-150400.9.9.1 * python311-tornado6-debuginfo-6.3.2-150400.9.9.1 * python-tornado6-debugsource-6.3.2-150400.9.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * python311-tornado6-6.3.2-150400.9.9.1 * python311-tornado6-debuginfo-6.3.2-150400.9.9.1 * python-tornado6-debugsource-6.3.2-150400.9.9.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * python311-tornado6-6.3.2-150400.9.9.1 * python311-tornado6-debuginfo-6.3.2-150400.9.9.1 * python-tornado6-debugsource-6.3.2-150400.9.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * python311-tornado6-6.3.2-150400.9.9.1 * python311-tornado6-debuginfo-6.3.2-150400.9.9.1 * python-tornado6-debugsource-6.3.2-150400.9.9.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * python311-tornado6-6.3.2-150400.9.9.1 * python311-tornado6-debuginfo-6.3.2-150400.9.9.1 * python-tornado6-debugsource-6.3.2-150400.9.9.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * python311-tornado6-6.3.2-150400.9.9.1 * python311-tornado6-debuginfo-6.3.2-150400.9.9.1 * python-tornado6-debugsource-6.3.2-150400.9.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * python311-tornado6-6.3.2-150400.9.9.1 * python311-tornado6-debuginfo-6.3.2-150400.9.9.1 * python-tornado6-debugsource-6.3.2-150400.9.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * python311-tornado6-6.3.2-150400.9.9.1 * python311-tornado6-debuginfo-6.3.2-150400.9.9.1 * python-tornado6-debugsource-6.3.2-150400.9.9.1 ## References: * https://www.suse.com/security/cve/CVE-2025-47287.html * https://bugzilla.suse.com/show_bug.cgi?id=1243268 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 22 08:30:11 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 22 May 2025 08:30:11 -0000 Subject: SUSE-RU-2025:01648-1: moderate: Recommended update for kbd Message-ID: <174790261118.21953.9365431089614317495@smelt2.prg2.suse.org> # Recommended update for kbd Announcement ID: SUSE-RU-2025:01648-1 Release Date: 2025-05-21T20:44:25Z Rating: moderate References: * bsc#1237230 Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.4 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has one fix can now be installed. ## Description: This update for kbd fixes the following issues: * Don't search for resources in the current directory. It can cause unwanted side effects or even infinite loop (bsc#1237230). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1648=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1648=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1648=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1648=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1648=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1648=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1648=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-1648=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-1648=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-1648=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1648=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1648=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1648=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1648=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1648=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1648=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-1648=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1648=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1648=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * kbd-2.4.0-150400.5.9.1 * kbd-debuginfo-2.4.0-150400.5.9.1 * kbd-debugsource-2.4.0-150400.5.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * kbd-legacy-2.4.0-150400.5.9.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * kbd-2.4.0-150400.5.9.1 * kbd-debuginfo-2.4.0-150400.5.9.1 * kbd-debugsource-2.4.0-150400.5.9.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * kbd-legacy-2.4.0-150400.5.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * kbd-2.4.0-150400.5.9.1 * kbd-debuginfo-2.4.0-150400.5.9.1 * kbd-debugsource-2.4.0-150400.5.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * kbd-legacy-2.4.0-150400.5.9.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * kbd-2.4.0-150400.5.9.1 * kbd-debuginfo-2.4.0-150400.5.9.1 * kbd-debugsource-2.4.0-150400.5.9.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * kbd-legacy-2.4.0-150400.5.9.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * kbd-2.4.0-150400.5.9.1 * kbd-debuginfo-2.4.0-150400.5.9.1 * kbd-debugsource-2.4.0-150400.5.9.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * kbd-legacy-2.4.0-150400.5.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * kbd-2.4.0-150400.5.9.1 * kbd-debuginfo-2.4.0-150400.5.9.1 * kbd-debugsource-2.4.0-150400.5.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * kbd-legacy-2.4.0-150400.5.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * kbd-2.4.0-150400.5.9.1 * kbd-debuginfo-2.4.0-150400.5.9.1 * kbd-debugsource-2.4.0-150400.5.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * kbd-legacy-2.4.0-150400.5.9.1 * SUSE Manager Proxy 4.3 (x86_64) * kbd-2.4.0-150400.5.9.1 * kbd-debuginfo-2.4.0-150400.5.9.1 * kbd-debugsource-2.4.0-150400.5.9.1 * SUSE Manager Proxy 4.3 (noarch) * kbd-legacy-2.4.0-150400.5.9.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * kbd-2.4.0-150400.5.9.1 * kbd-debuginfo-2.4.0-150400.5.9.1 * kbd-debugsource-2.4.0-150400.5.9.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * kbd-legacy-2.4.0-150400.5.9.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * kbd-2.4.0-150400.5.9.1 * kbd-debuginfo-2.4.0-150400.5.9.1 * kbd-debugsource-2.4.0-150400.5.9.1 * SUSE Manager Server 4.3 (noarch) * kbd-legacy-2.4.0-150400.5.9.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * kbd-2.4.0-150400.5.9.1 * kbd-debuginfo-2.4.0-150400.5.9.1 * kbd-debugsource-2.4.0-150400.5.9.1 * openSUSE Leap 15.4 (noarch) * kbd-legacy-2.4.0-150400.5.9.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * kbd-2.4.0-150400.5.9.1 * kbd-debuginfo-2.4.0-150400.5.9.1 * kbd-debugsource-2.4.0-150400.5.9.1 * openSUSE Leap 15.6 (noarch) * kbd-legacy-2.4.0-150400.5.9.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * kbd-2.4.0-150400.5.9.1 * kbd-debuginfo-2.4.0-150400.5.9.1 * kbd-debugsource-2.4.0-150400.5.9.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * kbd-legacy-2.4.0-150400.5.9.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * kbd-2.4.0-150400.5.9.1 * kbd-debuginfo-2.4.0-150400.5.9.1 * kbd-debugsource-2.4.0-150400.5.9.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * kbd-legacy-2.4.0-150400.5.9.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * kbd-2.4.0-150400.5.9.1 * kbd-debuginfo-2.4.0-150400.5.9.1 * kbd-debugsource-2.4.0-150400.5.9.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * kbd-legacy-2.4.0-150400.5.9.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * kbd-2.4.0-150400.5.9.1 * kbd-debuginfo-2.4.0-150400.5.9.1 * kbd-debugsource-2.4.0-150400.5.9.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * kbd-legacy-2.4.0-150400.5.9.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * kbd-2.4.0-150400.5.9.1 * kbd-debuginfo-2.4.0-150400.5.9.1 * kbd-debugsource-2.4.0-150400.5.9.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * kbd-legacy-2.4.0-150400.5.9.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * kbd-2.4.0-150400.5.9.1 * kbd-debuginfo-2.4.0-150400.5.9.1 * kbd-debugsource-2.4.0-150400.5.9.1 * Basesystem Module 15-SP6 (noarch) * kbd-legacy-2.4.0-150400.5.9.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * kbd-2.4.0-150400.5.9.1 * kbd-debuginfo-2.4.0-150400.5.9.1 * kbd-debugsource-2.4.0-150400.5.9.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * kbd-legacy-2.4.0-150400.5.9.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1237230 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 22 08:30:16 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 22 May 2025 08:30:16 -0000 Subject: SUSE-RU-2025:01647-1: moderate: Recommended update for kbd Message-ID: <174790261627.21953.9129880050772239958@smelt2.prg2.suse.org> # Recommended update for kbd Announcement ID: SUSE-RU-2025:01647-1 Release Date: 2025-05-21T20:43:08Z Rating: moderate References: * bsc#1237230 Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that has one fix can now be installed. ## Description: This update for kbd fixes the following issues: * Don't search for resources in the current directory. It can cause unwanted side effects or even infinite loop (bsc#1237230) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1647=1 * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-1647=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * kbd-debuginfo-2.0.4-8.13.1 * kbd-2.0.4-8.13.1 * kbd-debugsource-2.0.4-8.13.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * kbd-legacy-2.0.4-8.13.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * kbd-debuginfo-2.0.4-8.13.1 * kbd-2.0.4-8.13.1 * kbd-debugsource-2.0.4-8.13.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * kbd-legacy-2.0.4-8.13.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1237230 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 22 08:30:20 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 22 May 2025 08:30:20 -0000 Subject: SUSE-RU-2025:01646-1: moderate: Recommended update for kbd Message-ID: <174790262040.21953.4415983488992654412@smelt2.prg2.suse.org> # Recommended update for kbd Announcement ID: SUSE-RU-2025:01646-1 Release Date: 2025-05-21T20:42:58Z Rating: moderate References: * bsc#1237230 Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that has one fix can now be installed. ## Description: This update for kbd fixes the following issues: * Don't search for resources in the current directory. It can cause unwanted side effects or even infinite loop (bsc#1237230) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1646=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1646=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1646=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1646=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-1646=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1646=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1646=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * kbd-debugsource-2.0.4-150200.16.3.1 * kbd-2.0.4-150200.16.3.1 * kbd-debuginfo-2.0.4-150200.16.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * kbd-legacy-2.0.4-150200.16.3.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * kbd-debugsource-2.0.4-150200.16.3.1 * kbd-2.0.4-150200.16.3.1 * kbd-debuginfo-2.0.4-150200.16.3.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * kbd-legacy-2.0.4-150200.16.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * kbd-debugsource-2.0.4-150200.16.3.1 * kbd-2.0.4-150200.16.3.1 * kbd-debuginfo-2.0.4-150200.16.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * kbd-legacy-2.0.4-150200.16.3.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * kbd-debugsource-2.0.4-150200.16.3.1 * kbd-2.0.4-150200.16.3.1 * kbd-debuginfo-2.0.4-150200.16.3.1 * SUSE Enterprise Storage 7.1 (noarch) * kbd-legacy-2.0.4-150200.16.3.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * kbd-debugsource-2.0.4-150200.16.3.1 * kbd-2.0.4-150200.16.3.1 * kbd-debuginfo-2.0.4-150200.16.3.1 * SUSE Linux Enterprise Micro 5.1 (noarch) * kbd-legacy-2.0.4-150200.16.3.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * kbd-debugsource-2.0.4-150200.16.3.1 * kbd-2.0.4-150200.16.3.1 * kbd-debuginfo-2.0.4-150200.16.3.1 * SUSE Linux Enterprise Micro 5.2 (noarch) * kbd-legacy-2.0.4-150200.16.3.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * kbd-debugsource-2.0.4-150200.16.3.1 * kbd-2.0.4-150200.16.3.1 * kbd-debuginfo-2.0.4-150200.16.3.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch) * kbd-legacy-2.0.4-150200.16.3.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1237230 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 22 12:30:09 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 22 May 2025 12:30:09 -0000 Subject: SUSE-SU-2025:01652-1: important: Security update for the Linux Kernel RT (Live Patch 5 for SLE 15 SP6) Message-ID: <174791700930.24910.4390009933852089285@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 5 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:01652-1 Release Date: 2025-05-22T09:04:22Z Rating: important References: * bsc#1233019 * bsc#1233678 * bsc#1234847 Cross-References: * CVE-2024-50115 * CVE-2024-53042 * CVE-2024-53156 CVSS scores: * CVE-2024-50115 ( SUSE ): 4.5 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H * CVE-2024-50115 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:H * CVE-2024-50115 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53042 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53042 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53156 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53156 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53156 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_10_17 fixes several issues. The following security issues were fixed: * CVE-2024-53042: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow() (bsc#1233678). * CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234847). * CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1233019). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-1652=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64) * kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo-8-150600.2.1 * kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource-8-150600.2.1 * kernel-livepatch-6_4_0-150600_10_17-rt-8-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-50115.html * https://www.suse.com/security/cve/CVE-2024-53042.html * https://www.suse.com/security/cve/CVE-2024-53156.html * https://bugzilla.suse.com/show_bug.cgi?id=1233019 * https://bugzilla.suse.com/show_bug.cgi?id=1233678 * https://bugzilla.suse.com/show_bug.cgi?id=1234847 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 22 12:30:12 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 22 May 2025 12:30:12 -0000 Subject: SUSE-SU-2025:01654-1: moderate: Security update for postgresql13 Message-ID: <174791701274.24910.11942249930803751389@smelt2.prg2.suse.org> # Security update for postgresql13 Announcement ID: SUSE-SU-2025:01654-1 Release Date: 2025-05-22T10:52:10Z Rating: moderate References: * bsc#1242931 Cross-References: * CVE-2025-4207 CVSS scores: * CVE-2025-4207 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-4207 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 An update that solves one vulnerability can now be installed. ## Description: This update for postgresql13 fixes the following issues: Upgrade to 13.21: * CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation (bsc#1242931) Changelog: https://www.postgresql.org/docs/release/13.21/ ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1654=1 SUSE-2025-1654=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * postgresql13-llvmjit-13.21-150600.14.8.1 * postgresql13-server-debuginfo-13.21-150600.14.8.1 * postgresql13-contrib-debuginfo-13.21-150600.14.8.1 * postgresql13-server-devel-debuginfo-13.21-150600.14.8.1 * postgresql13-contrib-13.21-150600.14.8.1 * postgresql13-server-13.21-150600.14.8.1 * postgresql13-devel-debuginfo-13.21-150600.14.8.1 * postgresql13-debugsource-13.21-150600.14.8.1 * postgresql13-plperl-debuginfo-13.21-150600.14.8.1 * postgresql13-plpython-debuginfo-13.21-150600.14.8.1 * postgresql13-13.21-150600.14.8.1 * postgresql13-pltcl-debuginfo-13.21-150600.14.8.1 * postgresql13-test-13.21-150600.14.8.1 * postgresql13-debuginfo-13.21-150600.14.8.1 * postgresql13-llvmjit-debuginfo-13.21-150600.14.8.1 * postgresql13-devel-13.21-150600.14.8.1 * postgresql13-llvmjit-devel-13.21-150600.14.8.1 * postgresql13-plperl-13.21-150600.14.8.1 * postgresql13-plpython-13.21-150600.14.8.1 * postgresql13-server-devel-13.21-150600.14.8.1 * postgresql13-pltcl-13.21-150600.14.8.1 * openSUSE Leap 15.6 (noarch) * postgresql13-docs-13.21-150600.14.8.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4207.html * https://bugzilla.suse.com/show_bug.cgi?id=1242931 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 22 12:30:14 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 22 May 2025 12:30:14 -0000 Subject: SUSE-SU-2025:01653-1: important: Security update for govulncheck-vulndb Message-ID: <174791701447.24910.9505051499414726192@smelt2.prg2.suse.org> # Security update for govulncheck-vulndb Announcement ID: SUSE-SU-2025:01653-1 Release Date: 2025-05-22T10:49:52Z Rating: important References: * jsc#PED-11136 Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that contains one feature can now be installed. ## Description: This update for govulncheck-vulndb fixes the following issues: * Update to version 0.0.20250515T200012 2025-05-15T20:00:12Z (jsc#PED-11136) * GO-2025-3657 * GO-2025-3670 * GO-2025-3671 * GO-2025-3672 * GO-2025-3678 * GO-2025-3679 * GO-2025-3680 * GO-2025-3682 * GO-2025-3683 * GO-2025-3684 * GO-2025-3686 * GO-2025-3687 * GO-2025-3688 * GO-2025-3689 * Update to version 0.0.20250513T163935 2025-05-13T16:39:35Z (jsc#PED-11136) * GO-2025-3561 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1653=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-1653=1 ## Package List: * openSUSE Leap 15.6 (noarch) * govulncheck-vulndb-0.0.20250515T200012-150000.1.74.1 * SUSE Package Hub 15 15-SP6 (noarch) * govulncheck-vulndb-0.0.20250515T200012-150000.1.74.1 ## References: * https://jira.suse.com/browse/PED-11136 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 22 12:30:17 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 22 May 2025 12:30:17 -0000 Subject: SUSE-SU-2025:01651-1: moderate: Security update for ucode-intel Message-ID: <174791701753.24910.9845525557938665592@smelt2.prg2.suse.org> # Security update for ucode-intel Announcement ID: SUSE-SU-2025:01651-1 Release Date: 2025-05-22T08:53:02Z Rating: moderate References: * bsc#1243123 Cross-References: * CVE-2024-28956 * CVE-2024-43420 * CVE-2024-45332 * CVE-2025-20012 * CVE-2025-20054 * CVE-2025-20103 * CVE-2025-20623 * CVE-2025-24495 CVSS scores: * CVE-2024-28956 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-28956 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-28956 ( NVD ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-28956 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-43420 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-43420 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-43420 ( NVD ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-43420 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-45332 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-45332 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-45332 ( NVD ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-45332 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2025-20012 ( SUSE ): 4.1 CVSS:4.0/AV:P/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-20012 ( SUSE ): 4.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N * CVE-2025-20012 ( NVD ): 4.1 CVSS:4.0/AV:P/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-20012 ( NVD ): 4.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N * CVE-2025-20054 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-20054 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2025-20103 ( NVD ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-20103 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2025-20623 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-20623 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2025-20623 ( NVD ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-20623 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2025-24495 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2025-24495 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2025-24495 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-24495 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves eight vulnerabilities can now be installed. ## Description: This update for ucode-intel fixes the following issues: Intel CPU Microcode was updated to the 20250512 release (bsc#1243123) * CVE-2024-28956: Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel Processors may allow an authenticated user to potentially enable information disclosure via local access. * CVE-2025-20103: Insufficient resource pool in the core management mechanism for some Intel Processors may allow an authenticated user to potentially enable denial of service via local access. * CVE-2025-20054: Uncaught exception in the core management mechanism for some Intel Processors may allow an authenticated user to potentially enable denial of service via local access. * CVE-2024-43420: Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some Intel Atom processors may allow an authenticated user to potentially enable information disclosure via local access. * CVE-2025-20623: Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some Intel Core processors (10th Generation) may allow an authenticated user to potentially enable information disclosure via local access. * CVE-2024-45332: Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution in the indirect branch predictors for some Intel Processors may allow an authenticated user to potentially enable information disclosure via local access. * CVE-2025-24495: Incorrect initialization of resource in the branch prediction unit for some Intel Core Ultra Processors may allow an authenticated user to potentially enable information disclosure via local access. * CVE-2025-20012: Incorrect behavior order for some Intel Core Ultra Processors may allow an unauthenticated user to potentially enable information disclosure via physical access. * Updates for functional issues. * New Platforms | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- | ARL-U | A1 | 06-b5-00/80 | | 0000000a | Core Ultra Processor (Series2) | ARL-S/HX (8P) | B0 | 06-c6-02/82 | | 00000118 | Core Ultra Processor (Series2) | ARL-H | A1 | 06-c5-02/82 | | 00000118 | Core Ultra Processor (Series2) | GNR- AP/SP | B0 | 06-ad-01/95 | | 010003a2 | Xeon Scalable Gen6 | GNR-AP/SP | H0 | 06-ad-01/20 | | 0a0000d1 | Xeon Scalable Gen6 | LNL | B0 | 06-bd-01/80 | | 0000011f | Core Ultra 200 V Series Processor * Updated Platforms | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- | ADL | C0 | 06-97-02/07 | 00000038 | 0000003a | Core Gen12 | ADL | H0 | 06-97-05/07 | 00000038 | 0000003a | Core Gen12 | ADL | L0 | 06-9a-03/80 | 00000436 | 00000437 | Core Gen12 | ADL | R0 | 06-9a-04/80 | 00000436 | 00000437 | Core Gen12 | ADL-N | N0 | 06-be-00/19 | 0000001c | 0000001d | Core i3-N305/N300, N50/N97/N100/N200, Atom x7211E/x7213E/x7425E | AML-Y42 | V0 | 06-8e-0c/94 | 000000fc | 00000100 | Core Gen10 Mobile | AZB | A0/R0 | 06-9a-04/40 | 00000009 | 0000000a | Intel(R) Atom(R) C1100 | CFL-H | R0 | 06-9e-0d/22 | 00000102 | 00000104 | Core Gen9 Mobile | CLX-SP | B1 | 06-55-07/bf | 05003707 | 05003901 | Xeon Scalable Gen2 | CML-H | R1 | 06-a5-02/20 | 000000fc | 00000100 | Core Gen10 Mobile | CML-S102 | Q0 | 06-a5-05/22 | 000000fc | 00000100 | Core Gen10 | CML-S62 | G1 | 06-a5-03/22 | 000000fc | 00000100 | Core Gen10 | CML-U42 | V0 | 06-8e-0c/94 | 000000fc | 00000100 | Core Gen10 Mobile | CML-U62 V1 | A0 | 06-a6-00/80 | 000000fe | 00000102 | Core Gen10 Mobile | CML-U62 V2 | K1 | 06-a6-01/80 | 000000fc | 00000100 | Core Gen10 Mobile | CML-Y42 | V0 | 06-8e-0c/94 | 000000fc | 00000100 | Core Gen10 Mobile | CPX-SP | A1 | 06-55-0b/bf | 07002904 | 07002b01 | Xeon Scalable Gen3 | EMR-SP | A1 | 06-cf-02/87 | 21000291 | 210002a9 | Xeon Scalable Gen5 | GLK-R | R0 | 06-7a-08/01 | 00000024 | 00000026 | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120 | ICL-D | B0 | 06-6c-01/10 | 010002c0 | 010002d0 | Xeon D-17xx, D-27xx | ICL-U/Y | D1 | 06-7e-05/80 | 000000c6 | 000000ca | Core Gen10 Mobile | ICX-SP | Dx/M1 | 06-6a-06/87 | 0d0003f5 | 0d000404 | Xeon Scalable Gen3 | MTL | C0 | 06-aa-04/e6 | 00000020 | 00000024 | Core Ultra Processor | RKL-S | B0 | 06-a7-01/02 | 00000063 | 00000064 | Core Gen11 | RPL-E/HX/S | B0 | 06-b7-01/32 | 0000012c | 0000012f | Core Gen13/Gen14 | RPL-H/P/PX 6+8 | J0 | 06-ba-02/e0 | 00004124 | 00004128 | Core Gen13 | RPL-HX/S | C0 | 06-bf-02/07 | 00000038 | 0000003a | Core Gen13/Gen14 | RPL-S | H0 | 06-bf-05/07 | 00000038 | 0000003a | Core Gen13/Gen14 | RPL-U 2+8 | Q0 | 06-ba-03/e0 | 00004124 | 00004128 | Core Gen13 | SPR-HBM | Bx | 06-8f-08/10 | 2c0003e0 | 2c0003f7 | Xeon Max | SPR-SP | E4/S2 | 06-8f-07/87 | 2b000620 | 2b000639 | Xeon Scalable Gen4 | SPR-SP | E5/S3 | 06-8f-08/87 | 2b000620 | 2b000639 | Xeon Scalable Gen4 | SRF-SP | C0 | 06-af-03/01 | 03000330 | 03000341 | Xeon 6700-Series Processors with E-Cores | TGL | B0/B1 | 06-8c-01/80 | 000000b8 | 000000bc | Core Gen11 Mobile | TGL-H | R0 | 06-8d-01/c2 | 00000052 | 00000056 | Core Gen11 Mobile | TGL-R | C0 | 06-8c-02/c2 | 00000038 | 0000003c | Core Gen11 Mobile | TWL | N0 | 06-be-00/19 | 0000001c | 0000001d | Core i3-N305/N300, N50/N97/N100/N200, Atom x7211E/x7213E/x7425E | WHL-U | V0 | 06-8e-0c/94 | 000000fc | 00000100 | Core Gen8 Mobile ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1651=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1651=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1651=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1651=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1651=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-1651=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1651=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1651=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1651=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1651=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1651=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1651=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1651=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1651=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1651=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1651=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1651=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1651=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-1651=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-1651=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-1651=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1651=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-1651=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1651=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1651=1 ## Package List: * openSUSE Leap 15.6 (x86_64) * ucode-intel-20250512-150200.56.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64) * ucode-intel-20250512-150200.56.1 * SUSE Linux Enterprise Micro 5.3 (x86_64) * ucode-intel-20250512-150200.56.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64) * ucode-intel-20250512-150200.56.1 * SUSE Linux Enterprise Micro 5.4 (x86_64) * ucode-intel-20250512-150200.56.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * ucode-intel-20250512-150200.56.1 * Basesystem Module 15-SP6 (x86_64) * ucode-intel-20250512-150200.56.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64) * ucode-intel-20250512-150200.56.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * ucode-intel-20250512-150200.56.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * ucode-intel-20250512-150200.56.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64) * ucode-intel-20250512-150200.56.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64) * ucode-intel-20250512-150200.56.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (x86_64) * ucode-intel-20250512-150200.56.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64) * ucode-intel-20250512-150200.56.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64) * ucode-intel-20250512-150200.56.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * ucode-intel-20250512-150200.56.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * ucode-intel-20250512-150200.56.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64) * ucode-intel-20250512-150200.56.1 * SUSE Manager Proxy 4.3 (x86_64) * ucode-intel-20250512-150200.56.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * ucode-intel-20250512-150200.56.1 * SUSE Manager Server 4.3 (x86_64) * ucode-intel-20250512-150200.56.1 * SUSE Enterprise Storage 7.1 (x86_64) * ucode-intel-20250512-150200.56.1 * SUSE Linux Enterprise Micro 5.1 (x86_64) * ucode-intel-20250512-150200.56.1 * SUSE Linux Enterprise Micro 5.2 (x86_64) * ucode-intel-20250512-150200.56.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (x86_64) * ucode-intel-20250512-150200.56.1 ## References: * https://www.suse.com/security/cve/CVE-2024-28956.html * https://www.suse.com/security/cve/CVE-2024-43420.html * https://www.suse.com/security/cve/CVE-2024-45332.html * https://www.suse.com/security/cve/CVE-2025-20012.html * https://www.suse.com/security/cve/CVE-2025-20054.html * https://www.suse.com/security/cve/CVE-2025-20103.html * https://www.suse.com/security/cve/CVE-2025-20623.html * https://www.suse.com/security/cve/CVE-2025-24495.html * https://bugzilla.suse.com/show_bug.cgi?id=1243123 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 22 12:30:21 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 22 May 2025 12:30:21 -0000 Subject: SUSE-SU-2025:01650-1: moderate: Security update for ucode-intel Message-ID: <174791702148.24910.4591389290250588728@smelt2.prg2.suse.org> # Security update for ucode-intel Announcement ID: SUSE-SU-2025:01650-1 Release Date: 2025-05-22T08:51:45Z Rating: moderate References: * bsc#1243123 Cross-References: * CVE-2024-28956 * CVE-2024-43420 * CVE-2024-45332 * CVE-2025-20012 * CVE-2025-20054 * CVE-2025-20103 * CVE-2025-20623 * CVE-2025-24495 CVSS scores: * CVE-2024-28956 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-28956 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-28956 ( NVD ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-28956 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-43420 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-43420 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-43420 ( NVD ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-43420 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-45332 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-45332 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-45332 ( NVD ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-45332 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2025-20012 ( SUSE ): 4.1 CVSS:4.0/AV:P/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-20012 ( SUSE ): 4.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N * CVE-2025-20012 ( NVD ): 4.1 CVSS:4.0/AV:P/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-20012 ( NVD ): 4.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N * CVE-2025-20054 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-20054 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2025-20103 ( NVD ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-20103 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2025-20623 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-20623 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2025-20623 ( NVD ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-20623 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2025-24495 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2025-24495 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2025-24495 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-24495 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves eight vulnerabilities can now be installed. ## Description: This update for ucode-intel fixes the following issues: Intel CPU Microcode was updated to the 20250512 release (bsc#1243123) * CVE-2024-28956: Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel Processors may allow an authenticated user to potentially enable information disclosure via local access. * CVE-2025-20103: Insufficient resource pool in the core management mechanism for some Intel Processors may allow an authenticated user to potentially enable denial of service via local access. * CVE-2025-20054: Uncaught exception in the core management mechanism for some Intel Processors may allow an authenticated user to potentially enable denial of service via local access. * CVE-2024-43420: Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some Intel Atom processors may allow an authenticated user to potentially enable information disclosure via local access. * CVE-2025-20623: Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some Intel Core processors (10th Generation) may allow an authenticated user to potentially enable information disclosure via local access. * CVE-2024-45332: Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution in the indirect branch predictors for some Intel Processors may allow an authenticated user to potentially enable information disclosure via local access. * CVE-2025-24495: Incorrect initialization of resource in the branch prediction unit for some Intel Core Ultra Processors may allow an authenticated user to potentially enable information disclosure via local access. * CVE-2025-20012: Incorrect behavior order for some Intel Core Ultra Processors may allow an unauthenticated user to potentially enable information disclosure via physical access. * Updates for functional issues. * New Platforms | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- | ARL-U | A1 | 06-b5-00/80 | | 0000000a | Core Ultra Processor (Series2) | ARL-S/HX (8P) | B0 | 06-c6-02/82 | | 00000118 | Core Ultra Processor (Series2) | ARL-H | A1 | 06-c5-02/82 | | 00000118 | Core Ultra Processor (Series2) | GNR- AP/SP | B0 | 06-ad-01/95 | | 010003a2 | Xeon Scalable Gen6 | GNR-AP/SP | H0 | 06-ad-01/20 | | 0a0000d1 | Xeon Scalable Gen6 | LNL | B0 | 06-bd-01/80 | | 0000011f | Core Ultra 200 V Series Processor * Updated Platforms | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- | ADL | C0 | 06-97-02/07 | 00000038 | 0000003a | Core Gen12 | ADL | H0 | 06-97-05/07 | 00000038 | 0000003a | Core Gen12 | ADL | L0 | 06-9a-03/80 | 00000436 | 00000437 | Core Gen12 | ADL | R0 | 06-9a-04/80 | 00000436 | 00000437 | Core Gen12 | ADL-N | N0 | 06-be-00/19 | 0000001c | 0000001d | Core i3-N305/N300, N50/N97/N100/N200, Atom x7211E/x7213E/x7425E | AML-Y42 | V0 | 06-8e-0c/94 | 000000fc | 00000100 | Core Gen10 Mobile | AZB | A0/R0 | 06-9a-04/40 | 00000009 | 0000000a | Intel(R) Atom(R) C1100 | CFL-H | R0 | 06-9e-0d/22 | 00000102 | 00000104 | Core Gen9 Mobile | CLX-SP | B1 | 06-55-07/bf | 05003707 | 05003901 | Xeon Scalable Gen2 | CML-H | R1 | 06-a5-02/20 | 000000fc | 00000100 | Core Gen10 Mobile | CML-S102 | Q0 | 06-a5-05/22 | 000000fc | 00000100 | Core Gen10 | CML-S62 | G1 | 06-a5-03/22 | 000000fc | 00000100 | Core Gen10 | CML-U42 | V0 | 06-8e-0c/94 | 000000fc | 00000100 | Core Gen10 Mobile | CML-U62 V1 | A0 | 06-a6-00/80 | 000000fe | 00000102 | Core Gen10 Mobile | CML-U62 V2 | K1 | 06-a6-01/80 | 000000fc | 00000100 | Core Gen10 Mobile | CML-Y42 | V0 | 06-8e-0c/94 | 000000fc | 00000100 | Core Gen10 Mobile | CPX-SP | A1 | 06-55-0b/bf | 07002904 | 07002b01 | Xeon Scalable Gen3 | EMR-SP | A1 | 06-cf-02/87 | 21000291 | 210002a9 | Xeon Scalable Gen5 | GLK-R | R0 | 06-7a-08/01 | 00000024 | 00000026 | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120 | ICL-D | B0 | 06-6c-01/10 | 010002c0 | 010002d0 | Xeon D-17xx, D-27xx | ICL-U/Y | D1 | 06-7e-05/80 | 000000c6 | 000000ca | Core Gen10 Mobile | ICX-SP | Dx/M1 | 06-6a-06/87 | 0d0003f5 | 0d000404 | Xeon Scalable Gen3 | MTL | C0 | 06-aa-04/e6 | 00000020 | 00000024 | Core Ultra Processor | RKL-S | B0 | 06-a7-01/02 | 00000063 | 00000064 | Core Gen11 | RPL-E/HX/S | B0 | 06-b7-01/32 | 0000012c | 0000012f | Core Gen13/Gen14 | RPL-H/P/PX 6+8 | J0 | 06-ba-02/e0 | 00004124 | 00004128 | Core Gen13 | RPL-HX/S | C0 | 06-bf-02/07 | 00000038 | 0000003a | Core Gen13/Gen14 | RPL-S | H0 | 06-bf-05/07 | 00000038 | 0000003a | Core Gen13/Gen14 | RPL-U 2+8 | Q0 | 06-ba-03/e0 | 00004124 | 00004128 | Core Gen13 | SPR-HBM | Bx | 06-8f-08/10 | 2c0003e0 | 2c0003f7 | Xeon Max | SPR-SP | E4/S2 | 06-8f-07/87 | 2b000620 | 2b000639 | Xeon Scalable Gen4 | SPR-SP | E5/S3 | 06-8f-08/87 | 2b000620 | 2b000639 | Xeon Scalable Gen4 | SRF-SP | C0 | 06-af-03/01 | 03000330 | 03000341 | Xeon 6700-Series Processors with E-Cores | TGL | B0/B1 | 06-8c-01/80 | 000000b8 | 000000bc | Core Gen11 Mobile | TGL-H | R0 | 06-8d-01/c2 | 00000052 | 00000056 | Core Gen11 Mobile | TGL-R | C0 | 06-8c-02/c2 | 00000038 | 0000003c | Core Gen11 Mobile | TWL | N0 | 06-be-00/19 | 0000001c | 0000001d | Core i3-N305/N300, N50/N97/N100/N200, Atom x7211E/x7213E/x7425E | WHL-U | V0 | 06-8e-0c/94 | 000000fc | 00000100 | Core Gen8 Mobile ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1650=1 * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-1650=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * ucode-intel-debugsource-20250512-152.1 * ucode-intel-20250512-152.1 * ucode-intel-debuginfo-20250512-152.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (x86_64) * ucode-intel-debugsource-20250512-152.1 * ucode-intel-20250512-152.1 * ucode-intel-debuginfo-20250512-152.1 ## References: * https://www.suse.com/security/cve/CVE-2024-28956.html * https://www.suse.com/security/cve/CVE-2024-43420.html * https://www.suse.com/security/cve/CVE-2024-45332.html * https://www.suse.com/security/cve/CVE-2025-20012.html * https://www.suse.com/security/cve/CVE-2025-20054.html * https://www.suse.com/security/cve/CVE-2025-20103.html * https://www.suse.com/security/cve/CVE-2025-20623.html * https://www.suse.com/security/cve/CVE-2025-24495.html * https://bugzilla.suse.com/show_bug.cgi?id=1243123 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 22 16:30:06 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 22 May 2025 16:30:06 -0000 Subject: SUSE-SU-2025:01656-1: important: Security update for the Linux Kernel (Live Patch 19 for SLE 15 SP5) Message-ID: <174793140697.5274.14350117616901076073@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 19 for SLE 15 SP5) Announcement ID: SUSE-SU-2025:01656-1 Release Date: 2025-05-22T12:33:53Z Rating: important References: * bsc#1233019 * bsc#1234847 Cross-References: * CVE-2024-50115 * CVE-2024-53156 CVSS scores: * CVE-2024-50115 ( SUSE ): 4.5 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H * CVE-2024-50115 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:H * CVE-2024-50115 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53156 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53156 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53156 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_80 fixes several issues. The following security issues were fixed: * CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234847). * CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1233019). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-1656=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-1656=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_19-debugsource-8-150500.2.2 * kernel-livepatch-5_14_21-150500_55_80-default-8-150500.2.2 * kernel-livepatch-5_14_21-150500_55_80-default-debuginfo-8-150500.2.2 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_19-debugsource-8-150500.2.2 * kernel-livepatch-5_14_21-150500_55_80-default-8-150500.2.2 * kernel-livepatch-5_14_21-150500_55_80-default-debuginfo-8-150500.2.2 ## References: * https://www.suse.com/security/cve/CVE-2024-50115.html * https://www.suse.com/security/cve/CVE-2024-53156.html * https://bugzilla.suse.com/show_bug.cgi?id=1233019 * https://bugzilla.suse.com/show_bug.cgi?id=1234847 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 22 16:30:12 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 22 May 2025 16:30:12 -0000 Subject: SUSE-SU-2025:01655-1: important: Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP5) Message-ID: <174793141219.5274.16948257328206573436@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP5) Announcement ID: SUSE-SU-2025:01655-1 Release Date: 2025-05-22T12:33:45Z Rating: important References: * bsc#1229504 * bsc#1233019 * bsc#1234847 Cross-References: * CVE-2024-43882 * CVE-2024-50115 * CVE-2024-53156 CVSS scores: * CVE-2024-43882 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43882 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43882 ( NVD ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50115 ( SUSE ): 4.5 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H * CVE-2024-50115 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:H * CVE-2024-50115 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53156 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53156 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53156 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_68 fixes several issues. The following security issues were fixed: * CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234847). * CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage (bsc#1229504). * CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1233019). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-1655=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-1655=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_15-debugsource-15-150500.2.2 * kernel-livepatch-5_14_21-150500_55_68-default-debuginfo-15-150500.2.2 * kernel-livepatch-5_14_21-150500_55_68-default-15-150500.2.2 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_15-debugsource-15-150500.2.2 * kernel-livepatch-5_14_21-150500_55_68-default-debuginfo-15-150500.2.2 * kernel-livepatch-5_14_21-150500_55_68-default-15-150500.2.2 ## References: * https://www.suse.com/security/cve/CVE-2024-43882.html * https://www.suse.com/security/cve/CVE-2024-50115.html * https://www.suse.com/security/cve/CVE-2024-53156.html * https://bugzilla.suse.com/show_bug.cgi?id=1229504 * https://bugzilla.suse.com/show_bug.cgi?id=1233019 * https://bugzilla.suse.com/show_bug.cgi?id=1234847 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 22 16:30:16 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 22 May 2025 16:30:16 -0000 Subject: SUSE-SU-2025:01658-1: moderate: Security update for open-vm-tools Message-ID: <174793141656.5274.16264433136106946233@smelt2.prg2.suse.org> # Security update for open-vm-tools Announcement ID: SUSE-SU-2025:01658-1 Release Date: 2025-05-22T13:35:59Z Rating: moderate References: * bsc#1237147 * bsc#1237180 * bsc#1241938 * bsc#1243106 Cross-References: * CVE-2025-22247 CVSS scores: * CVE-2025-22247 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-22247 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N * CVE-2025-22247 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves one vulnerability and has three security fixes can now be installed. ## Description: This update for open-vm-tools fixes the following issues: Update to 12.5.2: Security fixes: * CVE-2025-22247: Fixed Insecure file handling (bsc#1243106) Other fixes: * Fixed GCC 15 compile time error (bsc#1241938) * Fixed building with containerd 1.7.25+ (bsc#1237147) * Ensure vmtoolsd.service and vgauthd.service are set to enabled by default (bsc#1237180) Full changelog: https://github.com/vmware/open-vm-tools/blob/stable-12.5.2/ReleaseNotes.md https://github.com/vmware/open-vm-tools/blob/stable-12.5.2/open-vm- tools/ChangeLog ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-1658=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1658=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1658=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1658=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1658=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-1658=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-1658=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1658=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1658=1 ## Package List: * openSUSE Leap 15.3 (aarch64 x86_64 i586) * open-vm-tools-containerinfo-debuginfo-12.5.2-150300.58.1 * open-vm-tools-debuginfo-12.5.2-150300.58.1 * open-vm-tools-12.5.2-150300.58.1 * open-vm-tools-desktop-12.5.2-150300.58.1 * open-vm-tools-desktop-debuginfo-12.5.2-150300.58.1 * open-vm-tools-sdmp-debuginfo-12.5.2-150300.58.1 * libvmtools0-debuginfo-12.5.2-150300.58.1 * libvmtools0-12.5.2-150300.58.1 * open-vm-tools-debugsource-12.5.2-150300.58.1 * libvmtools-devel-12.5.2-150300.58.1 * open-vm-tools-sdmp-12.5.2-150300.58.1 * open-vm-tools-containerinfo-12.5.2-150300.58.1 * openSUSE Leap 15.3 (x86_64) * open-vm-tools-salt-minion-12.5.2-150300.58.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64) * open-vm-tools-debuginfo-12.5.2-150300.58.1 * open-vm-tools-12.5.2-150300.58.1 * libvmtools0-debuginfo-12.5.2-150300.58.1 * libvmtools0-12.5.2-150300.58.1 * open-vm-tools-debugsource-12.5.2-150300.58.1 * SUSE Linux Enterprise Micro 5.3 (x86_64) * open-vm-tools-debuginfo-12.5.2-150300.58.1 * open-vm-tools-12.5.2-150300.58.1 * libvmtools0-debuginfo-12.5.2-150300.58.1 * libvmtools0-12.5.2-150300.58.1 * open-vm-tools-debugsource-12.5.2-150300.58.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64) * open-vm-tools-debuginfo-12.5.2-150300.58.1 * open-vm-tools-12.5.2-150300.58.1 * libvmtools0-debuginfo-12.5.2-150300.58.1 * libvmtools0-12.5.2-150300.58.1 * open-vm-tools-debugsource-12.5.2-150300.58.1 * SUSE Linux Enterprise Micro 5.4 (x86_64) * open-vm-tools-debuginfo-12.5.2-150300.58.1 * open-vm-tools-12.5.2-150300.58.1 * libvmtools0-debuginfo-12.5.2-150300.58.1 * libvmtools0-12.5.2-150300.58.1 * open-vm-tools-debugsource-12.5.2-150300.58.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * open-vm-tools-debuginfo-12.5.2-150300.58.1 * open-vm-tools-12.5.2-150300.58.1 * libvmtools0-debuginfo-12.5.2-150300.58.1 * libvmtools0-12.5.2-150300.58.1 * open-vm-tools-debugsource-12.5.2-150300.58.1 * SUSE Linux Enterprise Micro 5.1 (x86_64) * open-vm-tools-debuginfo-12.5.2-150300.58.1 * open-vm-tools-12.5.2-150300.58.1 * libvmtools0-debuginfo-12.5.2-150300.58.1 * libvmtools0-12.5.2-150300.58.1 * open-vm-tools-debugsource-12.5.2-150300.58.1 * SUSE Linux Enterprise Micro 5.2 (x86_64) * open-vm-tools-debuginfo-12.5.2-150300.58.1 * open-vm-tools-12.5.2-150300.58.1 * libvmtools0-debuginfo-12.5.2-150300.58.1 * libvmtools0-12.5.2-150300.58.1 * open-vm-tools-debugsource-12.5.2-150300.58.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (x86_64) * open-vm-tools-debuginfo-12.5.2-150300.58.1 * open-vm-tools-12.5.2-150300.58.1 * libvmtools0-debuginfo-12.5.2-150300.58.1 * libvmtools0-12.5.2-150300.58.1 * open-vm-tools-debugsource-12.5.2-150300.58.1 ## References: * https://www.suse.com/security/cve/CVE-2025-22247.html * https://bugzilla.suse.com/show_bug.cgi?id=1237147 * https://bugzilla.suse.com/show_bug.cgi?id=1237180 * https://bugzilla.suse.com/show_bug.cgi?id=1241938 * https://bugzilla.suse.com/show_bug.cgi?id=1243106 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 22 20:30:07 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 22 May 2025 20:30:07 -0000 Subject: SUSE-SU-2025:01672-1: important: Security update for the Linux Kernel (Live Patch 51 for SLE 15 SP3) Message-ID: <174794580793.29065.18034515302596096369@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 51 for SLE 15 SP3) Announcement ID: SUSE-SU-2025:01672-1 Release Date: 2025-05-22T19:34:05Z Rating: important References: * bsc#1234847 Cross-References: * CVE-2024-53156 CVSS scores: * CVE-2024-53156 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53156 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53156 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves one vulnerability can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_185 fixes one issue. The following security issue was fixed: * CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234847). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-1672=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-1672=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_185-default-5-150300.2.3 * kernel-livepatch-SLE15-SP3_Update_51-debugsource-5-150300.2.3 * kernel-livepatch-5_3_18-150300_59_185-default-debuginfo-5-150300.2.3 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_185-preempt-5-150300.2.3 * kernel-livepatch-5_3_18-150300_59_185-preempt-debuginfo-5-150300.2.3 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_185-default-5-150300.2.3 ## References: * https://www.suse.com/security/cve/CVE-2024-53156.html * https://bugzilla.suse.com/show_bug.cgi?id=1234847 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 22 20:30:13 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 22 May 2025 20:30:13 -0000 Subject: SUSE-SU-2025:01669-1: important: Security update for the Linux Kernel (Live Patch 50 for SLE 15 SP3) Message-ID: <174794581375.29065.14515623853797555459@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 50 for SLE 15 SP3) Announcement ID: SUSE-SU-2025:01669-1 Release Date: 2025-05-22T19:33:58Z Rating: important References: * bsc#1233019 * bsc#1234847 Cross-References: * CVE-2024-50115 * CVE-2024-53156 CVSS scores: * CVE-2024-50115 ( SUSE ): 4.5 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H * CVE-2024-50115 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:H * CVE-2024-50115 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53156 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53156 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53156 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_182 fixes several issues. The following security issues were fixed: * CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234847). * CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1233019). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-1669=1 SUSE-2025-1670=1 SUSE-2025-1671=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-1669=1 SUSE-SLE- Module-Live-Patching-15-SP3-2025-1670=1 SUSE-SLE-Module-Live- Patching-15-SP3-2025-1671=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_182-default-debuginfo-7-150300.2.2 * kernel-livepatch-5_3_18-150300_59_179-default-9-150300.2.2 * kernel-livepatch-5_3_18-150300_59_174-default-10-150300.2.2 * kernel-livepatch-5_3_18-150300_59_182-default-7-150300.2.2 * kernel-livepatch-SLE15-SP3_Update_49-debugsource-9-150300.2.2 * kernel-livepatch-SLE15-SP3_Update_50-debugsource-7-150300.2.2 * kernel-livepatch-5_3_18-150300_59_174-default-debuginfo-10-150300.2.2 * kernel-livepatch-5_3_18-150300_59_179-default-debuginfo-9-150300.2.2 * kernel-livepatch-SLE15-SP3_Update_48-debugsource-10-150300.2.2 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_182-preempt-7-150300.2.2 * kernel-livepatch-5_3_18-150300_59_179-preempt-9-150300.2.2 * kernel-livepatch-5_3_18-150300_59_182-preempt-debuginfo-7-150300.2.2 * kernel-livepatch-5_3_18-150300_59_179-preempt-debuginfo-9-150300.2.2 * kernel-livepatch-5_3_18-150300_59_174-preempt-10-150300.2.2 * kernel-livepatch-5_3_18-150300_59_174-preempt-debuginfo-10-150300.2.2 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_179-default-9-150300.2.2 * kernel-livepatch-5_3_18-150300_59_182-default-7-150300.2.2 * kernel-livepatch-5_3_18-150300_59_174-default-10-150300.2.2 * kernel-livepatch-SLE15-SP3_Update_49-debugsource-9-150300.2.2 * kernel-livepatch-5_3_18-150300_59_179-default-debuginfo-9-150300.2.2 ## References: * https://www.suse.com/security/cve/CVE-2024-50115.html * https://www.suse.com/security/cve/CVE-2024-53156.html * https://bugzilla.suse.com/show_bug.cgi?id=1233019 * https://bugzilla.suse.com/show_bug.cgi?id=1234847 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 22 20:30:19 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 22 May 2025 20:30:19 -0000 Subject: SUSE-SU-2025:01675-1: important: Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP6) Message-ID: <174794581993.29065.13659065201550358637@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:01675-1 Release Date: 2025-05-22T19:34:28Z Rating: important References: * bsc#1229504 * bsc#1233019 * bsc#1233678 * bsc#1234847 Cross-References: * CVE-2024-43882 * CVE-2024-50115 * CVE-2024-53042 * CVE-2024-53156 CVSS scores: * CVE-2024-43882 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43882 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43882 ( NVD ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50115 ( SUSE ): 4.5 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H * CVE-2024-50115 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:H * CVE-2024-50115 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53042 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53042 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53156 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53156 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53156 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_23_14 fixes several issues. The following security issues were fixed: * CVE-2024-53042: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow() (bsc#1233678). * CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234847). * CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage (bsc#1229504). * CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1233019). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1675=1 SUSE-2025-1665=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-1675=1 SUSE-SLE- Module-Live-Patching-15-SP6-2025-1665=1 ## Package List: * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP6_Update_1-debugsource-14-150600.2.2 * kernel-livepatch-6_4_0-150600_23_14-default-debuginfo-14-150600.2.2 * kernel-livepatch-6_4_0-150600_23_7-default-debuginfo-14-150600.2.2 * kernel-livepatch-6_4_0-150600_23_14-default-14-150600.2.2 * kernel-livepatch-SLE15-SP6_Update_2-debugsource-14-150600.2.2 * kernel-livepatch-6_4_0-150600_23_7-default-14-150600.2.2 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP6_Update_1-debugsource-14-150600.2.2 * kernel-livepatch-6_4_0-150600_23_14-default-debuginfo-14-150600.2.2 * kernel-livepatch-6_4_0-150600_23_7-default-debuginfo-14-150600.2.2 * kernel-livepatch-6_4_0-150600_23_14-default-14-150600.2.2 * kernel-livepatch-SLE15-SP6_Update_2-debugsource-14-150600.2.2 * kernel-livepatch-6_4_0-150600_23_7-default-14-150600.2.2 ## References: * https://www.suse.com/security/cve/CVE-2024-43882.html * https://www.suse.com/security/cve/CVE-2024-50115.html * https://www.suse.com/security/cve/CVE-2024-53042.html * https://www.suse.com/security/cve/CVE-2024-53156.html * https://bugzilla.suse.com/show_bug.cgi?id=1229504 * https://bugzilla.suse.com/show_bug.cgi?id=1233019 * https://bugzilla.suse.com/show_bug.cgi?id=1233678 * https://bugzilla.suse.com/show_bug.cgi?id=1234847 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 22 20:30:23 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 22 May 2025 20:30:23 -0000 Subject: SUSE-SU-2025:01668-1: important: Security update for the Linux Kernel (Live Patch 14 for SLE 15 SP5) Message-ID: <174794582397.29065.14093171895289610813@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 14 for SLE 15 SP5) Announcement ID: SUSE-SU-2025:01668-1 Release Date: 2025-05-22T19:34:20Z Rating: important References: * bsc#1229504 * bsc#1233019 * bsc#1234847 Cross-References: * CVE-2024-43882 * CVE-2024-50115 * CVE-2024-53156 CVSS scores: * CVE-2024-43882 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43882 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43882 ( NVD ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50115 ( SUSE ): 4.5 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H * CVE-2024-50115 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:H * CVE-2024-50115 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53156 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53156 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53156 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_65 fixes several issues. The following security issues were fixed: * CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234847). * CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage (bsc#1229504). * CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1233019). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-1668=1 SUSE-2025-1664=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-1668=1 SUSE-SLE- Module-Live-Patching-15-SP3-2025-1664=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1666=1 SUSE-2025-1667=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-1666=1 SUSE-SLE- Module-Live-Patching-15-SP4-2025-1667=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-1673=1 SUSE-2025-1674=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-1673=1 SUSE-SLE- Module-Live-Patching-15-SP5-2025-1674=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_158-default-18-150300.2.2 * kernel-livepatch-SLE15-SP3_Update_43-debugsource-18-150300.2.2 * kernel-livepatch-5_3_18-150300_59_170-default-11-150300.2.2 * kernel-livepatch-SLE15-SP3_Update_47-debugsource-11-150300.2.2 * kernel-livepatch-5_3_18-150300_59_158-default-debuginfo-18-150300.2.2 * kernel-livepatch-5_3_18-150300_59_170-default-debuginfo-11-150300.2.2 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_170-preempt-debuginfo-11-150300.2.2 * kernel-livepatch-5_3_18-150300_59_170-preempt-11-150300.2.2 * kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo-18-150300.2.2 * kernel-livepatch-5_3_18-150300_59_158-preempt-18-150300.2.2 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_158-default-18-150300.2.2 * kernel-livepatch-5_3_18-150300_59_170-default-debuginfo-11-150300.2.2 * kernel-livepatch-SLE15-SP3_Update_47-debugsource-11-150300.2.2 * kernel-livepatch-5_3_18-150300_59_170-default-11-150300.2.2 * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_29-debugsource-10-150400.2.2 * kernel-livepatch-5_14_21-150400_24_125-default-12-150400.2.2 * kernel-livepatch-5_14_21-150400_24_128-default-10-150400.2.2 * kernel-livepatch-5_14_21-150400_24_128-default-debuginfo-10-150400.2.2 * kernel-livepatch-5_14_21-150400_24_125-default-debuginfo-12-150400.2.2 * kernel-livepatch-SLE15-SP4_Update_28-debugsource-12-150400.2.2 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_29-debugsource-10-150400.2.2 * kernel-livepatch-5_14_21-150400_24_125-default-12-150400.2.2 * kernel-livepatch-5_14_21-150400_24_128-default-10-150400.2.2 * kernel-livepatch-5_14_21-150400_24_128-default-debuginfo-10-150400.2.2 * kernel-livepatch-5_14_21-150400_24_125-default-debuginfo-12-150400.2.2 * kernel-livepatch-SLE15-SP4_Update_28-debugsource-12-150400.2.2 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_65-default-debuginfo-16-150500.2.2 * kernel-livepatch-5_14_21-150500_55_59-default-18-150500.2.2 * kernel-livepatch-5_14_21-150500_55_59-default-debuginfo-18-150500.2.2 * kernel-livepatch-5_14_21-150500_55_65-default-16-150500.2.2 * kernel-livepatch-SLE15-SP5_Update_14-debugsource-16-150500.2.2 * kernel-livepatch-SLE15-SP5_Update_12-debugsource-18-150500.2.2 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_65-default-debuginfo-16-150500.2.2 * kernel-livepatch-5_14_21-150500_55_59-default-18-150500.2.2 * kernel-livepatch-5_14_21-150500_55_59-default-debuginfo-18-150500.2.2 * kernel-livepatch-5_14_21-150500_55_65-default-16-150500.2.2 * kernel-livepatch-SLE15-SP5_Update_14-debugsource-16-150500.2.2 * kernel-livepatch-SLE15-SP5_Update_12-debugsource-18-150500.2.2 ## References: * https://www.suse.com/security/cve/CVE-2024-43882.html * https://www.suse.com/security/cve/CVE-2024-50115.html * https://www.suse.com/security/cve/CVE-2024-53156.html * https://bugzilla.suse.com/show_bug.cgi?id=1229504 * https://bugzilla.suse.com/show_bug.cgi?id=1233019 * https://bugzilla.suse.com/show_bug.cgi?id=1234847 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 22 20:30:27 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 22 May 2025 20:30:27 -0000 Subject: SUSE-SU-2025:01663-1: important: Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP6) Message-ID: <174794582782.29065.9592282060520490704@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:01663-1 Release Date: 2025-05-22T17:33:38Z Rating: important References: * bsc#1233019 * bsc#1233678 * bsc#1234847 Cross-References: * CVE-2024-50115 * CVE-2024-53042 * CVE-2024-53156 CVSS scores: * CVE-2024-50115 ( SUSE ): 4.5 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H * CVE-2024-50115 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:H * CVE-2024-50115 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53042 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53042 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53156 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53156 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53156 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_23_25 fixes several issues. The following security issues were fixed: * CVE-2024-53042: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow() (bsc#1233678). * CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234847). * CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1233019). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1663=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-1663=1 ## Package List: * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_25-default-debuginfo-9-150600.2.2 * kernel-livepatch-SLE15-SP6_Update_5-debugsource-9-150600.2.2 * kernel-livepatch-6_4_0-150600_23_25-default-9-150600.2.2 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_25-default-debuginfo-9-150600.2.2 * kernel-livepatch-SLE15-SP6_Update_5-debugsource-9-150600.2.2 * kernel-livepatch-6_4_0-150600_23_25-default-9-150600.2.2 ## References: * https://www.suse.com/security/cve/CVE-2024-50115.html * https://www.suse.com/security/cve/CVE-2024-53042.html * https://www.suse.com/security/cve/CVE-2024-53156.html * https://bugzilla.suse.com/show_bug.cgi?id=1233019 * https://bugzilla.suse.com/show_bug.cgi?id=1233678 * https://bugzilla.suse.com/show_bug.cgi?id=1234847 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 22 20:30:31 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 22 May 2025 20:30:31 -0000 Subject: SUSE-SU-2025:01662-1: low: Security update for python-cryptography Message-ID: <174794583150.29065.12356269609941608516@smelt2.prg2.suse.org> # Security update for python-cryptography Announcement ID: SUSE-SU-2025:01662-1 Release Date: 2025-05-22T16:04:47Z Rating: low References: * bsc#1242631 Cross-References: * CVE-2025-3416 CVSS scores: * CVE-2025-3416 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-3416 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-3416 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.6 * Python 3 Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for python-cryptography fixes the following issues: * CVE-2025-3416: openssl: use-after-free in `Md::fetch` and `Cipher::fetch` when `Some(...)` value passed as `properties` argument to either function (bsc#1242631). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1662=1 openSUSE-SLE-15.6-2025-1662=1 * Python 3 Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2025-1662=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * python311-cryptography-41.0.3-150600.23.6.1 * Python 3 Module 15-SP6 (aarch64 ppc64le s390x x86_64) * python311-cryptography-41.0.3-150600.23.6.1 ## References: * https://www.suse.com/security/cve/CVE-2025-3416.html * https://bugzilla.suse.com/show_bug.cgi?id=1242631 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 22 20:30:33 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 22 May 2025 20:30:33 -0000 Subject: SUSE-SU-2025:01661-1: moderate: Security update for postgresql14 Message-ID: <174794583399.29065.2380193874146131425@smelt2.prg2.suse.org> # Security update for postgresql14 Announcement ID: SUSE-SU-2025:01661-1 Release Date: 2025-05-22T16:03:34Z Rating: moderate References: * bsc#1242931 Cross-References: * CVE-2025-4207 CVSS scores: * CVE-2025-4207 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-4207 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Legacy Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves one vulnerability can now be installed. ## Description: This update for postgresql14 fixes the following issues: Upgrade to 14.18: * CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation (bsc#1242931) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1661=1 SUSE-2025-1661=1 * Legacy Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2025-1661=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-1661=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * postgresql14-test-14.18-150600.16.17.1 * postgresql14-devel-debuginfo-14.18-150600.16.17.1 * postgresql14-server-14.18-150600.16.17.1 * postgresql14-pltcl-14.18-150600.16.17.1 * postgresql14-llvmjit-14.18-150600.16.17.1 * postgresql14-pltcl-debuginfo-14.18-150600.16.17.1 * postgresql14-plpython-debuginfo-14.18-150600.16.17.1 * postgresql14-14.18-150600.16.17.1 * postgresql14-llvmjit-debuginfo-14.18-150600.16.17.1 * postgresql14-server-debuginfo-14.18-150600.16.17.1 * postgresql14-devel-14.18-150600.16.17.1 * postgresql14-server-devel-14.18-150600.16.17.1 * postgresql14-plperl-debuginfo-14.18-150600.16.17.1 * postgresql14-contrib-14.18-150600.16.17.1 * postgresql14-plperl-14.18-150600.16.17.1 * postgresql14-debuginfo-14.18-150600.16.17.1 * postgresql14-debugsource-14.18-150600.16.17.1 * postgresql14-plpython-14.18-150600.16.17.1 * postgresql14-server-devel-debuginfo-14.18-150600.16.17.1 * postgresql14-llvmjit-devel-14.18-150600.16.17.1 * postgresql14-contrib-debuginfo-14.18-150600.16.17.1 * openSUSE Leap 15.6 (noarch) * postgresql14-docs-14.18-150600.16.17.1 * Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64) * postgresql14-plpython-debuginfo-14.18-150600.16.17.1 * postgresql14-14.18-150600.16.17.1 * postgresql14-contrib-14.18-150600.16.17.1 * postgresql14-plperl-14.18-150600.16.17.1 * postgresql14-plperl-debuginfo-14.18-150600.16.17.1 * postgresql14-devel-debuginfo-14.18-150600.16.17.1 * postgresql14-server-devel-14.18-150600.16.17.1 * postgresql14-debuginfo-14.18-150600.16.17.1 * postgresql14-debugsource-14.18-150600.16.17.1 * postgresql14-server-14.18-150600.16.17.1 * postgresql14-server-debuginfo-14.18-150600.16.17.1 * postgresql14-pltcl-debuginfo-14.18-150600.16.17.1 * postgresql14-plpython-14.18-150600.16.17.1 * postgresql14-server-devel-debuginfo-14.18-150600.16.17.1 * postgresql14-devel-14.18-150600.16.17.1 * postgresql14-contrib-debuginfo-14.18-150600.16.17.1 * postgresql14-pltcl-14.18-150600.16.17.1 * Legacy Module 15-SP6 (noarch) * postgresql14-docs-14.18-150600.16.17.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * postgresql14-test-14.18-150600.16.17.1 * postgresql14-llvmjit-14.18-150600.16.17.1 * postgresql14-debuginfo-14.18-150600.16.17.1 * postgresql14-debugsource-14.18-150600.16.17.1 * postgresql14-llvmjit-debuginfo-14.18-150600.16.17.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4207.html * https://bugzilla.suse.com/show_bug.cgi?id=1242931 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 22 20:30:37 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 22 May 2025 20:30:37 -0000 Subject: SUSE-SU-2025:01660-1: important: Security update for MozillaThunderbird Message-ID: <174794583723.29065.4067270148651306074@smelt2.prg2.suse.org> # Security update for MozillaThunderbird Announcement ID: SUSE-SU-2025:01660-1 Release Date: 2025-05-22T16:01:52Z Rating: important References: * bsc#1243216 Cross-References: * CVE-2025-3875 * CVE-2025-3877 * CVE-2025-3909 * CVE-2025-3932 CVSS scores: * CVE-2025-3875 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-3877 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L * CVE-2025-3909 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-3932 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Workstation Extension 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves four vulnerabilities can now be installed. ## Description: This update for MozillaThunderbird fixes the following issues: Update to Mozilla Thunderbird 128.10.1. Security fixes: * MFSA 2025-34 (bsc#1243216) * CVE-2025-3875: Sender Spoofing via Malformed From Header in Thunderbird. * CVE-2025-3877: Unsolicited File Download, Disk Space Exhaustion, and Credential Leakage via mailbox:/// Links. * CVE-2025-3909: JavaScript Execution via Spoofed PDF Attachment and file:/// Link. * CVE-2025-3932: Tracking Links in Attachments Bypassed Remote Content Blocking. Other bug fixes: * Fixed: standalone message windows/tabs that no longer responded after folder compaction. * Fixed: Thunderbird could crash when importing Outlook messages. * Visual and UX improvements. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1660=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-1660=1 * SUSE Linux Enterprise Workstation Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2025-1660=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * MozillaThunderbird-translations-common-128.10.1-150200.8.215.1 * MozillaThunderbird-translations-other-128.10.1-150200.8.215.1 * MozillaThunderbird-debuginfo-128.10.1-150200.8.215.1 * MozillaThunderbird-128.10.1-150200.8.215.1 * MozillaThunderbird-debugsource-128.10.1-150200.8.215.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x) * MozillaThunderbird-translations-common-128.10.1-150200.8.215.1 * MozillaThunderbird-translations-other-128.10.1-150200.8.215.1 * MozillaThunderbird-debuginfo-128.10.1-150200.8.215.1 * MozillaThunderbird-128.10.1-150200.8.215.1 * MozillaThunderbird-debugsource-128.10.1-150200.8.215.1 * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64) * MozillaThunderbird-translations-common-128.10.1-150200.8.215.1 * MozillaThunderbird-translations-other-128.10.1-150200.8.215.1 * MozillaThunderbird-debuginfo-128.10.1-150200.8.215.1 * MozillaThunderbird-128.10.1-150200.8.215.1 * MozillaThunderbird-debugsource-128.10.1-150200.8.215.1 ## References: * https://www.suse.com/security/cve/CVE-2025-3875.html * https://www.suse.com/security/cve/CVE-2025-3877.html * https://www.suse.com/security/cve/CVE-2025-3909.html * https://www.suse.com/security/cve/CVE-2025-3932.html * https://bugzilla.suse.com/show_bug.cgi?id=1243216 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 23 08:30:10 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 23 May 2025 08:30:10 -0000 Subject: SUSE-SU-2025:01683-1: important: Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP6) Message-ID: <174798901036.21669.6595852007114738006@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:01683-1 Release Date: 2025-05-22T21:38:11Z Rating: important References: * bsc#1229504 * bsc#1233019 * bsc#1233678 * bsc#1234847 Cross-References: * CVE-2024-43882 * CVE-2024-50115 * CVE-2024-53042 * CVE-2024-53156 CVSS scores: * CVE-2024-43882 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43882 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43882 ( NVD ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50115 ( SUSE ): 4.5 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H * CVE-2024-50115 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:H * CVE-2024-50115 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53042 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53042 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53156 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53156 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53156 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_23_17 fixes several issues. The following security issues were fixed: * CVE-2024-53042: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow() (bsc#1233678). * CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234847). * CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage (bsc#1229504). * CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1233019). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-1684=1 SUSE-SLE- Module-Live-Patching-15-SP6-2025-1683=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1683=1 SUSE-2025-1684=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP6_Update_3-debugsource-14-150600.2.2 * kernel-livepatch-SLE15-SP6_Update_0-debugsource-16-150600.4.40.2 * kernel-livepatch-6_4_0-150600_23_17-default-14-150600.2.2 * kernel-livepatch-6_4_0-150600_21-default-16-150600.4.40.2 * kernel-livepatch-6_4_0-150600_23_17-default-debuginfo-14-150600.2.2 * kernel-livepatch-6_4_0-150600_21-default-debuginfo-16-150600.4.40.2 * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP6_Update_3-debugsource-14-150600.2.2 * kernel-livepatch-SLE15-SP6_Update_0-debugsource-16-150600.4.40.2 * kernel-livepatch-6_4_0-150600_23_17-default-14-150600.2.2 * kernel-livepatch-6_4_0-150600_21-default-16-150600.4.40.2 * kernel-livepatch-6_4_0-150600_23_17-default-debuginfo-14-150600.2.2 * kernel-livepatch-6_4_0-150600_21-default-debuginfo-16-150600.4.40.2 ## References: * https://www.suse.com/security/cve/CVE-2024-43882.html * https://www.suse.com/security/cve/CVE-2024-50115.html * https://www.suse.com/security/cve/CVE-2024-53042.html * https://www.suse.com/security/cve/CVE-2024-53156.html * https://bugzilla.suse.com/show_bug.cgi?id=1229504 * https://bugzilla.suse.com/show_bug.cgi?id=1233019 * https://bugzilla.suse.com/show_bug.cgi?id=1233678 * https://bugzilla.suse.com/show_bug.cgi?id=1234847 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 23 08:30:16 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 23 May 2025 08:30:16 -0000 Subject: SUSE-SU-2025:01682-1: important: Security update for the Linux Kernel (Live Patch 4 for SLE 15 SP6) Message-ID: <174798901671.21669.4136831915154517735@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 4 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:01682-1 Release Date: 2025-05-22T20:04:36Z Rating: important References: * bsc#1233019 * bsc#1233678 * bsc#1234847 Cross-References: * CVE-2024-50115 * CVE-2024-53042 * CVE-2024-53156 CVSS scores: * CVE-2024-50115 ( SUSE ): 4.5 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H * CVE-2024-50115 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:H * CVE-2024-50115 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53042 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53042 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53156 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53156 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53156 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_23_22 fixes several issues. The following security issues were fixed: * CVE-2024-53042: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow() (bsc#1233678). * CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234847). * CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1233019). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1682=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-1682=1 ## Package List: * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_22-default-10-150600.2.2 * kernel-livepatch-6_4_0-150600_23_22-default-debuginfo-10-150600.2.2 * kernel-livepatch-SLE15-SP6_Update_4-debugsource-10-150600.2.2 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_22-default-10-150600.2.2 * kernel-livepatch-6_4_0-150600_23_22-default-debuginfo-10-150600.2.2 * kernel-livepatch-SLE15-SP6_Update_4-debugsource-10-150600.2.2 ## References: * https://www.suse.com/security/cve/CVE-2024-50115.html * https://www.suse.com/security/cve/CVE-2024-53042.html * https://www.suse.com/security/cve/CVE-2024-53156.html * https://bugzilla.suse.com/show_bug.cgi?id=1233019 * https://bugzilla.suse.com/show_bug.cgi?id=1233678 * https://bugzilla.suse.com/show_bug.cgi?id=1234847 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 23 08:30:21 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 23 May 2025 08:30:21 -0000 Subject: SUSE-SU-2025:01677-1: important: Security update for the Linux Kernel (Live Patch 20 for SLE 15 SP5) Message-ID: <174798902161.21669.14601392375988279756@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 20 for SLE 15 SP5) Announcement ID: SUSE-SU-2025:01677-1 Release Date: 2025-05-22T20:04:28Z Rating: important References: * bsc#1233019 * bsc#1234847 Cross-References: * CVE-2024-50115 * CVE-2024-53156 CVSS scores: * CVE-2024-50115 ( SUSE ): 4.5 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H * CVE-2024-50115 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:H * CVE-2024-50115 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53156 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53156 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53156 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_83 fixes several issues. The following security issues were fixed: * CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234847). * CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1233019). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-1679=1 SUSE-SLE- Module-Live-Patching-15-SP4-2025-1677=1 SUSE-SLE-Module-Live- Patching-15-SP4-2025-1678=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-1681=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-1681=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1677=1 SUSE-2025-1678=1 SUSE-2025-1679=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_31-debugsource-8-150400.2.2 * kernel-livepatch-5_14_21-150400_24_136-default-8-150400.2.2 * kernel-livepatch-5_14_21-150400_24_133-default-8-150400.2.2 * kernel-livepatch-5_14_21-150400_24_133-default-debuginfo-8-150400.2.2 * kernel-livepatch-5_14_21-150400_24_141-default-debuginfo-7-150400.2.2 * kernel-livepatch-5_14_21-150400_24_141-default-7-150400.2.2 * kernel-livepatch-5_14_21-150400_24_136-default-debuginfo-8-150400.2.2 * kernel-livepatch-SLE15-SP4_Update_32-debugsource-8-150400.2.2 * kernel-livepatch-SLE15-SP4_Update_33-debugsource-7-150400.2.2 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_83-default-8-150500.2.2 * kernel-livepatch-SLE15-SP5_Update_20-debugsource-8-150500.2.2 * kernel-livepatch-5_14_21-150500_55_83-default-debuginfo-8-150500.2.2 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_83-default-8-150500.2.2 * kernel-livepatch-SLE15-SP5_Update_20-debugsource-8-150500.2.2 * kernel-livepatch-5_14_21-150500_55_83-default-debuginfo-8-150500.2.2 * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_31-debugsource-8-150400.2.2 * kernel-livepatch-5_14_21-150400_24_136-default-8-150400.2.2 * kernel-livepatch-5_14_21-150400_24_133-default-8-150400.2.2 * kernel-livepatch-5_14_21-150400_24_133-default-debuginfo-8-150400.2.2 * kernel-livepatch-5_14_21-150400_24_141-default-7-150400.2.2 * kernel-livepatch-5_14_21-150400_24_141-default-debuginfo-7-150400.2.2 * kernel-livepatch-5_14_21-150400_24_136-default-debuginfo-8-150400.2.2 * kernel-livepatch-SLE15-SP4_Update_32-debugsource-8-150400.2.2 * kernel-livepatch-SLE15-SP4_Update_33-debugsource-7-150400.2.2 ## References: * https://www.suse.com/security/cve/CVE-2024-50115.html * https://www.suse.com/security/cve/CVE-2024-53156.html * https://bugzilla.suse.com/show_bug.cgi?id=1233019 * https://bugzilla.suse.com/show_bug.cgi?id=1234847 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 23 08:30:25 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 23 May 2025 08:30:25 -0000 Subject: SUSE-SU-2025:01676-1: important: Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP5) Message-ID: <174798902540.21669.8393388157319725791@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP5) Announcement ID: SUSE-SU-2025:01676-1 Release Date: 2025-05-22T20:04:20Z Rating: important References: * bsc#1229504 * bsc#1233019 * bsc#1234847 Cross-References: * CVE-2024-43882 * CVE-2024-50115 * CVE-2024-53156 CVSS scores: * CVE-2024-43882 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43882 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43882 ( NVD ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50115 ( SUSE ): 4.5 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H * CVE-2024-50115 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:H * CVE-2024-50115 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53156 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53156 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53156 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_62 fixes several issues. The following security issues were fixed: * CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234847). * CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage (bsc#1229504). * CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1233019). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-1676=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-1680=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-1680=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1676=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_116-default-18-150400.2.2 * kernel-livepatch-SLE15-SP4_Update_25-debugsource-18-150400.2.2 * kernel-livepatch-5_14_21-150400_24_116-default-debuginfo-18-150400.2.2 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_62-default-debuginfo-16-150500.2.2 * kernel-livepatch-5_14_21-150500_55_62-default-16-150500.2.2 * kernel-livepatch-SLE15-SP5_Update_13-debugsource-16-150500.2.2 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_62-default-debuginfo-16-150500.2.2 * kernel-livepatch-5_14_21-150500_55_62-default-16-150500.2.2 * kernel-livepatch-SLE15-SP5_Update_13-debugsource-16-150500.2.2 * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_116-default-18-150400.2.2 * kernel-livepatch-SLE15-SP4_Update_25-debugsource-18-150400.2.2 * kernel-livepatch-5_14_21-150400_24_116-default-debuginfo-18-150400.2.2 ## References: * https://www.suse.com/security/cve/CVE-2024-43882.html * https://www.suse.com/security/cve/CVE-2024-50115.html * https://www.suse.com/security/cve/CVE-2024-53156.html * https://bugzilla.suse.com/show_bug.cgi?id=1229504 * https://bugzilla.suse.com/show_bug.cgi?id=1233019 * https://bugzilla.suse.com/show_bug.cgi?id=1234847 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 23 08:30:29 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 23 May 2025 08:30:29 -0000 Subject: SUSE-RU-2025:01685-1: moderate: Recommended update for sysstat Message-ID: <174798902986.21669.9137507962871686754@smelt2.prg2.suse.org> # Recommended update for sysstat Announcement ID: SUSE-RU-2025:01685-1 Release Date: 2025-05-23T06:05:34Z Rating: moderate References: * bsc#1239297 Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has one fix can now be installed. ## Description: This update for sysstat fixes the following issues: * Removed cron dependency in favour of systemd timers (bsc#1239297) * Removed sysstat.cron.suse ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1685=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1685=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1685=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1685=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1685=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-1685=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1685=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-1685=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1685=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1685=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1685=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1685=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1685=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1685=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1685=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1685=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1685=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1685=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1685=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-1685=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-1685=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-1685=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1685=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-1685=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1685=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1685=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * sysstat-debuginfo-12.0.2-150000.3.40.1 * sysstat-debugsource-12.0.2-150000.3.40.1 * sysstat-12.0.2-150000.3.40.1 * sysstat-isag-12.0.2-150000.3.40.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * sysstat-debuginfo-12.0.2-150000.3.40.1 * sysstat-debugsource-12.0.2-150000.3.40.1 * sysstat-12.0.2-150000.3.40.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * sysstat-debuginfo-12.0.2-150000.3.40.1 * sysstat-debugsource-12.0.2-150000.3.40.1 * sysstat-12.0.2-150000.3.40.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * sysstat-debuginfo-12.0.2-150000.3.40.1 * sysstat-debugsource-12.0.2-150000.3.40.1 * sysstat-12.0.2-150000.3.40.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * sysstat-debuginfo-12.0.2-150000.3.40.1 * sysstat-debugsource-12.0.2-150000.3.40.1 * sysstat-12.0.2-150000.3.40.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * sysstat-debuginfo-12.0.2-150000.3.40.1 * sysstat-debugsource-12.0.2-150000.3.40.1 * sysstat-12.0.2-150000.3.40.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * sysstat-debuginfo-12.0.2-150000.3.40.1 * sysstat-debugsource-12.0.2-150000.3.40.1 * sysstat-12.0.2-150000.3.40.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * sysstat-debuginfo-12.0.2-150000.3.40.1 * sysstat-debugsource-12.0.2-150000.3.40.1 * sysstat-isag-12.0.2-150000.3.40.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * sysstat-debuginfo-12.0.2-150000.3.40.1 * sysstat-debugsource-12.0.2-150000.3.40.1 * sysstat-12.0.2-150000.3.40.1 * sysstat-isag-12.0.2-150000.3.40.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * sysstat-debuginfo-12.0.2-150000.3.40.1 * sysstat-debugsource-12.0.2-150000.3.40.1 * sysstat-12.0.2-150000.3.40.1 * sysstat-isag-12.0.2-150000.3.40.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * sysstat-debuginfo-12.0.2-150000.3.40.1 * sysstat-debugsource-12.0.2-150000.3.40.1 * sysstat-12.0.2-150000.3.40.1 * sysstat-isag-12.0.2-150000.3.40.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * sysstat-debuginfo-12.0.2-150000.3.40.1 * sysstat-debugsource-12.0.2-150000.3.40.1 * sysstat-12.0.2-150000.3.40.1 * sysstat-isag-12.0.2-150000.3.40.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * sysstat-debuginfo-12.0.2-150000.3.40.1 * sysstat-debugsource-12.0.2-150000.3.40.1 * sysstat-12.0.2-150000.3.40.1 * sysstat-isag-12.0.2-150000.3.40.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * sysstat-debuginfo-12.0.2-150000.3.40.1 * sysstat-debugsource-12.0.2-150000.3.40.1 * sysstat-12.0.2-150000.3.40.1 * sysstat-isag-12.0.2-150000.3.40.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * sysstat-debuginfo-12.0.2-150000.3.40.1 * sysstat-debugsource-12.0.2-150000.3.40.1 * sysstat-12.0.2-150000.3.40.1 * sysstat-isag-12.0.2-150000.3.40.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * sysstat-debuginfo-12.0.2-150000.3.40.1 * sysstat-debugsource-12.0.2-150000.3.40.1 * sysstat-12.0.2-150000.3.40.1 * sysstat-isag-12.0.2-150000.3.40.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * sysstat-debuginfo-12.0.2-150000.3.40.1 * sysstat-debugsource-12.0.2-150000.3.40.1 * sysstat-12.0.2-150000.3.40.1 * sysstat-isag-12.0.2-150000.3.40.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * sysstat-debuginfo-12.0.2-150000.3.40.1 * sysstat-debugsource-12.0.2-150000.3.40.1 * sysstat-12.0.2-150000.3.40.1 * sysstat-isag-12.0.2-150000.3.40.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * sysstat-debuginfo-12.0.2-150000.3.40.1 * sysstat-debugsource-12.0.2-150000.3.40.1 * sysstat-12.0.2-150000.3.40.1 * sysstat-isag-12.0.2-150000.3.40.1 * SUSE Manager Proxy 4.3 (x86_64) * sysstat-debuginfo-12.0.2-150000.3.40.1 * sysstat-debugsource-12.0.2-150000.3.40.1 * sysstat-12.0.2-150000.3.40.1 * sysstat-isag-12.0.2-150000.3.40.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * sysstat-debuginfo-12.0.2-150000.3.40.1 * sysstat-debugsource-12.0.2-150000.3.40.1 * sysstat-12.0.2-150000.3.40.1 * sysstat-isag-12.0.2-150000.3.40.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * sysstat-debuginfo-12.0.2-150000.3.40.1 * sysstat-debugsource-12.0.2-150000.3.40.1 * sysstat-12.0.2-150000.3.40.1 * sysstat-isag-12.0.2-150000.3.40.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * sysstat-debuginfo-12.0.2-150000.3.40.1 * sysstat-debugsource-12.0.2-150000.3.40.1 * sysstat-12.0.2-150000.3.40.1 * sysstat-isag-12.0.2-150000.3.40.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * sysstat-debuginfo-12.0.2-150000.3.40.1 * sysstat-debugsource-12.0.2-150000.3.40.1 * sysstat-12.0.2-150000.3.40.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * sysstat-debuginfo-12.0.2-150000.3.40.1 * sysstat-debugsource-12.0.2-150000.3.40.1 * sysstat-12.0.2-150000.3.40.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * sysstat-debuginfo-12.0.2-150000.3.40.1 * sysstat-debugsource-12.0.2-150000.3.40.1 * sysstat-12.0.2-150000.3.40.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1239297 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 23 12:30:10 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 23 May 2025 12:30:10 -0000 Subject: SUSE-SU-2025:01692-1: important: Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP5) Message-ID: <174800341049.21953.15242087169492155047@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP5) Announcement ID: SUSE-SU-2025:01692-1 Release Date: 2025-05-23T11:34:04Z Rating: important References: * bsc#1229504 * bsc#1233019 * bsc#1234847 Cross-References: * CVE-2024-43882 * CVE-2024-50115 * CVE-2024-53156 CVSS scores: * CVE-2024-43882 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43882 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43882 ( NVD ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50115 ( SUSE ): 4.5 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H * CVE-2024-50115 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:H * CVE-2024-50115 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53156 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53156 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53156 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_73 fixes several issues. The following security issues were fixed: * CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234847). * CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage (bsc#1229504). * CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1233019). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-1692=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-1692=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1687=1 SUSE-2025-1688=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-1687=1 SUSE-SLE- Module-Live-Patching-15-SP4-2025-1688=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-1686=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-1686=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP3_Update_44-debugsource-17-150300.2.2 * kernel-livepatch-5_3_18-150300_59_161-default-17-150300.2.2 * kernel-livepatch-5_3_18-150300_59_161-default-debuginfo-17-150300.2.2 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo-17-150300.2.2 * kernel-livepatch-5_3_18-150300_59_161-preempt-17-150300.2.2 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_161-default-17-150300.2.2 * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_119-default-17-150400.2.2 * kernel-livepatch-SLE15-SP4_Update_27-debugsource-15-150400.2.2 * kernel-livepatch-5_14_21-150400_24_119-default-debuginfo-17-150400.2.2 * kernel-livepatch-5_14_21-150400_24_122-default-debuginfo-15-150400.2.2 * kernel-livepatch-5_14_21-150400_24_122-default-15-150400.2.2 * kernel-livepatch-SLE15-SP4_Update_26-debugsource-17-150400.2.2 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_119-default-17-150400.2.2 * kernel-livepatch-SLE15-SP4_Update_27-debugsource-15-150400.2.2 * kernel-livepatch-5_14_21-150400_24_119-default-debuginfo-17-150400.2.2 * kernel-livepatch-5_14_21-150400_24_122-default-debuginfo-15-150400.2.2 * kernel-livepatch-5_14_21-150400_24_122-default-15-150400.2.2 * kernel-livepatch-SLE15-SP4_Update_26-debugsource-17-150400.2.2 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_73-default-debuginfo-10-150500.2.2 * kernel-livepatch-5_14_21-150500_55_73-default-10-150500.2.2 * kernel-livepatch-SLE15-SP5_Update_17-debugsource-10-150500.2.2 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_73-default-debuginfo-10-150500.2.2 * kernel-livepatch-5_14_21-150500_55_73-default-10-150500.2.2 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le x86_64) * kernel-livepatch-SLE15-SP5_Update_17-debugsource-10-150500.2.2 ## References: * https://www.suse.com/security/cve/CVE-2024-43882.html * https://www.suse.com/security/cve/CVE-2024-50115.html * https://www.suse.com/security/cve/CVE-2024-53156.html * https://bugzilla.suse.com/show_bug.cgi?id=1229504 * https://bugzilla.suse.com/show_bug.cgi?id=1233019 * https://bugzilla.suse.com/show_bug.cgi?id=1234847 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 23 12:30:14 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 23 May 2025 12:30:14 -0000 Subject: SUSE-RU-2025:01691-1: moderate: Recommended update for hwinfo Message-ID: <174800341406.21953.13684641989254275269@smelt2.prg2.suse.org> # Recommended update for hwinfo Announcement ID: SUSE-RU-2025:01691-1 Release Date: 2025-05-23T11:07:53Z Rating: moderate References: * bsc#1240648 Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has one fix can now be installed. ## Description: This update for hwinfo fixes the following issues: * Version update v21.88 * Fix network card detection on aarch64 (bsc#1240648). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-1691=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-1691=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1691=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1691=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1691=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1691=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1691=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1691=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1691=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1691=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1691=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-1691=1 ## Package List: * SUSE Manager Retail Branch Server 4.3 (x86_64) * hwinfo-devel-21.88-150400.3.18.1 * hwinfo-debugsource-21.88-150400.3.18.1 * hwinfo-devel-debuginfo-21.88-150400.3.18.1 * hwinfo-debuginfo-21.88-150400.3.18.1 * hwinfo-21.88-150400.3.18.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * hwinfo-devel-21.88-150400.3.18.1 * hwinfo-debugsource-21.88-150400.3.18.1 * hwinfo-devel-debuginfo-21.88-150400.3.18.1 * hwinfo-debuginfo-21.88-150400.3.18.1 * hwinfo-21.88-150400.3.18.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * hwinfo-devel-21.88-150400.3.18.1 * hwinfo-debugsource-21.88-150400.3.18.1 * hwinfo-devel-debuginfo-21.88-150400.3.18.1 * hwinfo-debuginfo-21.88-150400.3.18.1 * hwinfo-21.88-150400.3.18.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * hwinfo-debuginfo-21.88-150400.3.18.1 * hwinfo-debugsource-21.88-150400.3.18.1 * hwinfo-21.88-150400.3.18.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * hwinfo-debuginfo-21.88-150400.3.18.1 * hwinfo-debugsource-21.88-150400.3.18.1 * hwinfo-21.88-150400.3.18.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * hwinfo-debuginfo-21.88-150400.3.18.1 * hwinfo-debugsource-21.88-150400.3.18.1 * hwinfo-21.88-150400.3.18.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * hwinfo-debuginfo-21.88-150400.3.18.1 * hwinfo-debugsource-21.88-150400.3.18.1 * hwinfo-21.88-150400.3.18.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * hwinfo-devel-21.88-150400.3.18.1 * hwinfo-debugsource-21.88-150400.3.18.1 * hwinfo-devel-debuginfo-21.88-150400.3.18.1 * hwinfo-debuginfo-21.88-150400.3.18.1 * hwinfo-21.88-150400.3.18.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * hwinfo-devel-21.88-150400.3.18.1 * hwinfo-debugsource-21.88-150400.3.18.1 * hwinfo-devel-debuginfo-21.88-150400.3.18.1 * hwinfo-debuginfo-21.88-150400.3.18.1 * hwinfo-21.88-150400.3.18.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * hwinfo-devel-21.88-150400.3.18.1 * hwinfo-debugsource-21.88-150400.3.18.1 * hwinfo-devel-debuginfo-21.88-150400.3.18.1 * hwinfo-debuginfo-21.88-150400.3.18.1 * hwinfo-21.88-150400.3.18.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * hwinfo-devel-21.88-150400.3.18.1 * hwinfo-debugsource-21.88-150400.3.18.1 * hwinfo-devel-debuginfo-21.88-150400.3.18.1 * hwinfo-debuginfo-21.88-150400.3.18.1 * hwinfo-21.88-150400.3.18.1 * SUSE Manager Proxy 4.3 (x86_64) * hwinfo-devel-21.88-150400.3.18.1 * hwinfo-debugsource-21.88-150400.3.18.1 * hwinfo-devel-debuginfo-21.88-150400.3.18.1 * hwinfo-debuginfo-21.88-150400.3.18.1 * hwinfo-21.88-150400.3.18.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1240648 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 23 12:30:20 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 23 May 2025 12:30:20 -0000 Subject: SUSE-RU-2025:01690-1: moderate: Recommended update for hwinfo Message-ID: <174800342092.21953.16081320334487039577@smelt2.prg2.suse.org> # Recommended update for hwinfo Announcement ID: SUSE-RU-2025:01690-1 Release Date: 2025-05-23T10:59:37Z Rating: moderate References: * bsc#1240648 Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that has one fix can now be installed. ## Description: This update for hwinfo fixes the following issues: * Version update v21.88 * fix network card detection on aarch64 (bsc#1240648). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-1690=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1690=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1690=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1690=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1690=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-1690=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1690=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1690=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * hwinfo-devel-debuginfo-21.88-150300.3.13.2 * hwinfo-devel-21.88-150300.3.13.2 * hwinfo-21.88-150300.3.13.2 * hwinfo-debugsource-21.88-150300.3.13.2 * hwinfo-debuginfo-21.88-150300.3.13.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * hwinfo-devel-debuginfo-21.88-150300.3.13.2 * hwinfo-devel-21.88-150300.3.13.2 * hwinfo-21.88-150300.3.13.2 * hwinfo-debugsource-21.88-150300.3.13.2 * hwinfo-debuginfo-21.88-150300.3.13.2 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * hwinfo-devel-debuginfo-21.88-150300.3.13.2 * hwinfo-devel-21.88-150300.3.13.2 * hwinfo-21.88-150300.3.13.2 * hwinfo-debugsource-21.88-150300.3.13.2 * hwinfo-debuginfo-21.88-150300.3.13.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * hwinfo-devel-debuginfo-21.88-150300.3.13.2 * hwinfo-devel-21.88-150300.3.13.2 * hwinfo-21.88-150300.3.13.2 * hwinfo-debugsource-21.88-150300.3.13.2 * hwinfo-debuginfo-21.88-150300.3.13.2 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * hwinfo-devel-debuginfo-21.88-150300.3.13.2 * hwinfo-devel-21.88-150300.3.13.2 * hwinfo-21.88-150300.3.13.2 * hwinfo-debugsource-21.88-150300.3.13.2 * hwinfo-debuginfo-21.88-150300.3.13.2 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * hwinfo-21.88-150300.3.13.2 * hwinfo-debugsource-21.88-150300.3.13.2 * hwinfo-debuginfo-21.88-150300.3.13.2 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * hwinfo-21.88-150300.3.13.2 * hwinfo-debugsource-21.88-150300.3.13.2 * hwinfo-debuginfo-21.88-150300.3.13.2 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * hwinfo-21.88-150300.3.13.2 * hwinfo-debugsource-21.88-150300.3.13.2 * hwinfo-debuginfo-21.88-150300.3.13.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1240648 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 23 12:30:25 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 23 May 2025 12:30:25 -0000 Subject: SUSE-RU-2025:01689-1: moderate: Recommended update for hwinfo Message-ID: <174800342546.21953.153009828507081701@smelt2.prg2.suse.org> # Recommended update for hwinfo Announcement ID: SUSE-RU-2025:01689-1 Release Date: 2025-05-23T10:46:57Z Rating: moderate References: * bsc#1240648 Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that has one fix can now be installed. ## Description: This update for hwinfo fixes the following issues: * Version update v21.88 * Fix network card detection on aarch64 (bsc#1240648). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-1689=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1689=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-1689=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1689=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1689=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1689=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1689=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1689=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * hwinfo-devel-21.88-150500.3.9.2 * hwinfo-21.88-150500.3.9.2 * hwinfo-debuginfo-21.88-150500.3.9.2 * hwinfo-devel-debuginfo-21.88-150500.3.9.2 * hwinfo-debugsource-21.88-150500.3.9.2 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * hwinfo-devel-21.88-150500.3.9.2 * hwinfo-21.88-150500.3.9.2 * hwinfo-debuginfo-21.88-150500.3.9.2 * hwinfo-devel-debuginfo-21.88-150500.3.9.2 * hwinfo-debugsource-21.88-150500.3.9.2 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * hwinfo-debugsource-21.88-150500.3.9.2 * hwinfo-21.88-150500.3.9.2 * hwinfo-debuginfo-21.88-150500.3.9.2 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * hwinfo-devel-21.88-150500.3.9.2 * hwinfo-21.88-150500.3.9.2 * hwinfo-debuginfo-21.88-150500.3.9.2 * hwinfo-devel-debuginfo-21.88-150500.3.9.2 * hwinfo-debugsource-21.88-150500.3.9.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * hwinfo-devel-21.88-150500.3.9.2 * hwinfo-21.88-150500.3.9.2 * hwinfo-debuginfo-21.88-150500.3.9.2 * hwinfo-devel-debuginfo-21.88-150500.3.9.2 * hwinfo-debugsource-21.88-150500.3.9.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * hwinfo-devel-21.88-150500.3.9.2 * hwinfo-21.88-150500.3.9.2 * hwinfo-debuginfo-21.88-150500.3.9.2 * hwinfo-devel-debuginfo-21.88-150500.3.9.2 * hwinfo-debugsource-21.88-150500.3.9.2 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * hwinfo-devel-21.88-150500.3.9.2 * hwinfo-21.88-150500.3.9.2 * hwinfo-debuginfo-21.88-150500.3.9.2 * hwinfo-devel-debuginfo-21.88-150500.3.9.2 * hwinfo-debugsource-21.88-150500.3.9.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * hwinfo-devel-21.88-150500.3.9.2 * hwinfo-21.88-150500.3.9.2 * hwinfo-debuginfo-21.88-150500.3.9.2 * hwinfo-devel-debuginfo-21.88-150500.3.9.2 * hwinfo-debugsource-21.88-150500.3.9.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1240648 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 23 16:30:03 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 23 May 2025 16:30:03 -0000 Subject: SUSE-RU-2025:01699-1: moderate: Recommended update for iotop Message-ID: <174801780307.15399.6410131184035501481@smelt2.prg2.suse.org> # Recommended update for iotop Announcement ID: SUSE-RU-2025:01699-1 Release Date: 2025-05-23T15:44:33Z Rating: moderate References: * bsc#1241104 Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has one fix can now be installed. ## Description: This update for iotop fixes the following issue: * Detect the kernel.task_delayacct sysctl value (bsc#1241104). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1699=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1699=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1699=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1699=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1699=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1699=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1699=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1699=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1699=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1699=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1699=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1699=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1699=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-1699=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-1699=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-1699=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1699=1 ## Package List: * openSUSE Leap 15.6 (noarch) * iotop-0.6-150000.4.7.3 * Basesystem Module 15-SP6 (noarch) * iotop-0.6-150000.4.7.3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * iotop-0.6-150000.4.7.3 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * iotop-0.6-150000.4.7.3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * iotop-0.6-150000.4.7.3 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * iotop-0.6-150000.4.7.3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * iotop-0.6-150000.4.7.3 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * iotop-0.6-150000.4.7.3 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * iotop-0.6-150000.4.7.3 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * iotop-0.6-150000.4.7.3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * iotop-0.6-150000.4.7.3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * iotop-0.6-150000.4.7.3 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * iotop-0.6-150000.4.7.3 * SUSE Manager Proxy 4.3 (noarch) * iotop-0.6-150000.4.7.3 * SUSE Manager Retail Branch Server 4.3 (noarch) * iotop-0.6-150000.4.7.3 * SUSE Manager Server 4.3 (noarch) * iotop-0.6-150000.4.7.3 * SUSE Enterprise Storage 7.1 (noarch) * iotop-0.6-150000.4.7.3 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1241104 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 23 16:30:06 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 23 May 2025 16:30:06 -0000 Subject: SUSE-RU-2025:01698-1: moderate: Recommended update for wsmancli Message-ID: <174801780608.15399.14379810278906336465@smelt2.prg2.suse.org> # Recommended update for wsmancli Announcement ID: SUSE-RU-2025:01698-1 Release Date: 2025-05-23T13:31:49Z Rating: moderate References: * bsc#1237243 Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has one fix can now be installed. ## Description: This update for wsmancli fixes the following issue: * Fix connecting with TLS (bsc#1237243). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1698=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1698=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1698=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1698=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-1698=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-1698=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-1698=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1698=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-1698=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1698=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-1698=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1698=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1698=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1698=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1698=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1698=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1698=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1698=1 ## Package List: * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * wsmancli-2.6.0-150300.7.6.2 * wsmancli-debuginfo-2.6.0-150300.7.6.2 * wsmancli-debugsource-2.6.0-150300.7.6.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * wsmancli-2.6.0-150300.7.6.2 * wsmancli-debuginfo-2.6.0-150300.7.6.2 * wsmancli-debugsource-2.6.0-150300.7.6.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * wsmancli-2.6.0-150300.7.6.2 * wsmancli-debuginfo-2.6.0-150300.7.6.2 * wsmancli-debugsource-2.6.0-150300.7.6.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * wsmancli-2.6.0-150300.7.6.2 * wsmancli-debuginfo-2.6.0-150300.7.6.2 * wsmancli-debugsource-2.6.0-150300.7.6.2 * SUSE Manager Proxy 4.3 (x86_64) * wsmancli-2.6.0-150300.7.6.2 * wsmancli-debuginfo-2.6.0-150300.7.6.2 * wsmancli-debugsource-2.6.0-150300.7.6.2 * SUSE Manager Retail Branch Server 4.3 (x86_64) * wsmancli-2.6.0-150300.7.6.2 * wsmancli-debuginfo-2.6.0-150300.7.6.2 * wsmancli-debugsource-2.6.0-150300.7.6.2 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * wsmancli-2.6.0-150300.7.6.2 * wsmancli-debuginfo-2.6.0-150300.7.6.2 * wsmancli-debugsource-2.6.0-150300.7.6.2 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * wsmancli-2.6.0-150300.7.6.2 * wsmancli-debuginfo-2.6.0-150300.7.6.2 * wsmancli-debugsource-2.6.0-150300.7.6.2 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * wsmancli-2.6.0-150300.7.6.2 * wsmancli-debuginfo-2.6.0-150300.7.6.2 * wsmancli-debugsource-2.6.0-150300.7.6.2 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * wsmancli-2.6.0-150300.7.6.2 * wsmancli-debuginfo-2.6.0-150300.7.6.2 * wsmancli-debugsource-2.6.0-150300.7.6.2 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * wsmancli-2.6.0-150300.7.6.2 * wsmancli-debuginfo-2.6.0-150300.7.6.2 * wsmancli-debugsource-2.6.0-150300.7.6.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * wsmancli-2.6.0-150300.7.6.2 * wsmancli-debuginfo-2.6.0-150300.7.6.2 * wsmancli-debugsource-2.6.0-150300.7.6.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * wsmancli-2.6.0-150300.7.6.2 * wsmancli-debuginfo-2.6.0-150300.7.6.2 * wsmancli-debugsource-2.6.0-150300.7.6.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * wsmancli-2.6.0-150300.7.6.2 * wsmancli-debuginfo-2.6.0-150300.7.6.2 * wsmancli-debugsource-2.6.0-150300.7.6.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * wsmancli-2.6.0-150300.7.6.2 * wsmancli-debuginfo-2.6.0-150300.7.6.2 * wsmancli-debugsource-2.6.0-150300.7.6.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * wsmancli-2.6.0-150300.7.6.2 * wsmancli-debuginfo-2.6.0-150300.7.6.2 * wsmancli-debugsource-2.6.0-150300.7.6.2 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * wsmancli-2.6.0-150300.7.6.2 * wsmancli-debuginfo-2.6.0-150300.7.6.2 * wsmancli-debugsource-2.6.0-150300.7.6.2 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * wsmancli-2.6.0-150300.7.6.2 * wsmancli-debuginfo-2.6.0-150300.7.6.2 * wsmancli-debugsource-2.6.0-150300.7.6.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1237243 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 23 16:30:07 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 23 May 2025 16:30:07 -0000 Subject: SUSE-RU-2025:01697-1: moderate: Recommended update for ovpn-dco Message-ID: <174801780751.15399.17274862160291014185@smelt2.prg2.suse.org> # Recommended update for ovpn-dco Announcement ID: SUSE-RU-2025:01697-1 Release Date: 2025-05-23T13:30:30Z Rating: moderate References: * jsc#PED-12028 Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that contains one feature can now be installed. ## Description: This update for ovpn-dco rebuilds the existing package with the new 4k RSA secure boot key for IBM Power and Z. Note: the signing key of x86 / x86_64 and aarch64 architectures are unchanged. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1697=1 openSUSE-SLE-15.6-2025-1697=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1697=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * ovpn-dco-kmp-default-0.2.20240320~git0.2aa7f93_k6.4.0_150600.23.47-150600.13.5.1 * ovpn-dco-debugsource-0.2.20240320~git0.2aa7f93-150600.13.5.1 * ovpn-dco-kmp-default-debuginfo-0.2.20240320~git0.2aa7f93_k6.4.0_150600.23.47-150600.13.5.1 * openSUSE Leap 15.6 (aarch64) * ovpn-dco-kmp-64kb-0.2.20240320~git0.2aa7f93_k6.4.0_150600.23.47-150600.13.5.1 * ovpn-dco-kmp-64kb-debuginfo-0.2.20240320~git0.2aa7f93_k6.4.0_150600.23.47-150600.13.5.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * ovpn-dco-kmp-default-0.2.20240320~git0.2aa7f93_k6.4.0_150600.23.47-150600.13.5.1 * ovpn-dco-debugsource-0.2.20240320~git0.2aa7f93-150600.13.5.1 * ovpn-dco-kmp-default-debuginfo-0.2.20240320~git0.2aa7f93_k6.4.0_150600.23.47-150600.13.5.1 * Basesystem Module 15-SP6 (aarch64) * ovpn-dco-kmp-64kb-0.2.20240320~git0.2aa7f93_k6.4.0_150600.23.47-150600.13.5.1 * ovpn-dco-kmp-64kb-debuginfo-0.2.20240320~git0.2aa7f93_k6.4.0_150600.23.47-150600.13.5.1 ## References: * https://jira.suse.com/browse/PED-12028 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 23 16:30:09 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 23 May 2025 16:30:09 -0000 Subject: SUSE-RU-2025:01696-1: moderate: Recommended update for brasero Message-ID: <174801780990.15399.5154432966356838598@smelt2.prg2.suse.org> # Recommended update for brasero Announcement ID: SUSE-RU-2025:01696-1 Release Date: 2025-05-23T13:27:22Z Rating: moderate References: * bsc#1240410 Affected Products: * Desktop Applications Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that has one fix can now be installed. ## Description: This update for brasero fixes the following issue: * Prefer "application/vnd.efi.iso" to "application/x-cd-image" mime type for ISO images (bsc#1240410). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1696=1 openSUSE-SLE-15.6-2025-1696=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-1696=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libbrasero-utils3-1-debuginfo-3.12.3-150600.10.3.2 * typelib-1_0-BraseroMedia-3_2_0-3.12.3-150600.10.3.2 * libbrasero-media3-1-debuginfo-3.12.3-150600.10.3.2 * brasero-3.12.3-150600.10.3.2 * typelib-1_0-BraseroBurn-3_2_0-3.12.3-150600.10.3.2 * brasero-debuginfo-3.12.3-150600.10.3.2 * brasero-debugsource-3.12.3-150600.10.3.2 * libbrasero-media3-1-3.12.3-150600.10.3.2 * libbrasero-utils3-1-3.12.3-150600.10.3.2 * libbrasero-burn3-1-3.12.3-150600.10.3.2 * brasero-devel-3.12.3-150600.10.3.2 * libbrasero-burn3-1-debuginfo-3.12.3-150600.10.3.2 * openSUSE Leap 15.6 (noarch) * brasero-lang-3.12.3-150600.10.3.2 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libbrasero-utils3-1-debuginfo-3.12.3-150600.10.3.2 * typelib-1_0-BraseroMedia-3_2_0-3.12.3-150600.10.3.2 * libbrasero-media3-1-debuginfo-3.12.3-150600.10.3.2 * brasero-3.12.3-150600.10.3.2 * typelib-1_0-BraseroBurn-3_2_0-3.12.3-150600.10.3.2 * brasero-debuginfo-3.12.3-150600.10.3.2 * brasero-debugsource-3.12.3-150600.10.3.2 * libbrasero-media3-1-3.12.3-150600.10.3.2 * libbrasero-utils3-1-3.12.3-150600.10.3.2 * libbrasero-burn3-1-3.12.3-150600.10.3.2 * brasero-devel-3.12.3-150600.10.3.2 * libbrasero-burn3-1-debuginfo-3.12.3-150600.10.3.2 * Desktop Applications Module 15-SP6 (noarch) * brasero-lang-3.12.3-150600.10.3.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1240410 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 23 16:30:13 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 23 May 2025 16:30:13 -0000 Subject: SUSE-SU-2025:01695-1: important: Security update for python-setuptools Message-ID: <174801781333.15399.11677700308501854898@smelt2.prg2.suse.org> # Security update for python-setuptools Announcement ID: SUSE-SU-2025:01695-1 Release Date: 2025-05-23T12:50:56Z Rating: important References: * bsc#1243313 Cross-References: * CVE-2025-47273 CVSS scores: * CVE-2025-47273 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-47273 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2025-47273 ( NVD ): 7.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * Public Cloud Module 12 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for python-setuptools fixes the following issues: * CVE-2025-47273: path traversal in PackageIndex.download may lead to an arbitrary file write (bsc#1243313). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Public Cloud Module 12 zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2025-1695=1 * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-1695=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1695=1 ## Package List: * Public Cloud Module 12 (noarch) * python-setuptools-40.6.2-4.27.1 * python3-setuptools-40.6.2-4.27.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * python-setuptools-40.6.2-4.27.1 * python3-setuptools-40.6.2-4.27.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * python-setuptools-40.6.2-4.27.1 * python3-setuptools-40.6.2-4.27.1 ## References: * https://www.suse.com/security/cve/CVE-2025-47273.html * https://bugzilla.suse.com/show_bug.cgi?id=1243313 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 23 16:30:15 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 23 May 2025 16:30:15 -0000 Subject: SUSE-SU-2025:01693-1: important: Security update for python36-setuptools Message-ID: <174801781549.15399.4716300434716370229@smelt2.prg2.suse.org> # Security update for python36-setuptools Announcement ID: SUSE-SU-2025:01693-1 Release Date: 2025-05-23T12:48:06Z Rating: important References: * bsc#1243313 Cross-References: * CVE-2025-47273 CVSS scores: * CVE-2025-47273 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-47273 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2025-47273 ( NVD ): 7.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for python36-setuptools fixes the following issues: * CVE-2025-47273: path traversal in PackageIndex.download may lead to an arbitrary file write (bsc#1243313). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-1693=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1693=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * python36-setuptools-44.1.1-8.12.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * python36-setuptools-44.1.1-8.12.1 ## References: * https://www.suse.com/security/cve/CVE-2025-47273.html * https://bugzilla.suse.com/show_bug.cgi?id=1243313 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 23 16:30:19 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 23 May 2025 16:30:19 -0000 Subject: SUSE-SU-2025:01649-2: important: Security update for python-tornado6 Message-ID: <174801781901.15399.9252676881115814462@smelt2.prg2.suse.org> # Security update for python-tornado6 Announcement ID: SUSE-SU-2025:01649-2 Release Date: 2025-05-23T11:58:51Z Rating: important References: * bsc#1243268 Cross-References: * CVE-2025-47287 CVSS scores: * CVE-2025-47287 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-47287 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-47287 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Python 3 Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for python-tornado6 fixes the following issues: * CVE-2025-47287: excessive logging when parsing malformed `multipart/form- data` can lead to a denial-of-service (bsc#1243268). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Python 3 Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Python3-15-SP7-2025-1649=1 ## Package List: * Python 3 Module 15-SP7 (aarch64 ppc64le s390x x86_64) * python-tornado6-debugsource-6.3.2-150400.9.9.1 * python311-tornado6-6.3.2-150400.9.9.1 * python311-tornado6-debuginfo-6.3.2-150400.9.9.1 ## References: * https://www.suse.com/security/cve/CVE-2025-47287.html * https://bugzilla.suse.com/show_bug.cgi?id=1243268 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 23 20:30:04 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 23 May 2025 20:30:04 -0000 Subject: SUSE-RU-2025:01700-1: moderate: Recommended update for openssh Message-ID: <174803220494.1796.12835375121478476954@smelt2.prg2.suse.org> # Recommended update for openssh Announcement ID: SUSE-RU-2025:01700-1 Release Date: 2025-05-23T16:44:59Z Rating: moderate References: * bsc#1232533 Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that has one fix can now be installed. ## Description: This update for openssh fixes the following issue: * Fixing failures with very large MOTDs (bsc#1232533). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-1700=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1700=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * openssh-helpers-debuginfo-7.2p2-81.29.4 * openssh-askpass-gnome-7.2p2-81.29.5 * openssh-debuginfo-7.2p2-81.29.4 * openssh-fips-7.2p2-81.29.4 * openssh-debugsource-7.2p2-81.29.4 * openssh-7.2p2-81.29.4 * openssh-askpass-gnome-debuginfo-7.2p2-81.29.5 * openssh-helpers-7.2p2-81.29.4 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * openssh-helpers-debuginfo-7.2p2-81.29.4 * openssh-askpass-gnome-7.2p2-81.29.5 * openssh-debuginfo-7.2p2-81.29.4 * openssh-fips-7.2p2-81.29.4 * openssh-debugsource-7.2p2-81.29.4 * openssh-7.2p2-81.29.4 * openssh-askpass-gnome-debuginfo-7.2p2-81.29.5 * openssh-helpers-7.2p2-81.29.4 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1232533 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 26 08:30:10 2025 From: null at suse.de (SLE-UPDATES) Date: Mon, 26 May 2025 08:30:10 -0000 Subject: SUSE-RU-2025:01594-2: important: Recommended update for ansible-core Message-ID: <174824821000.21669.12067855090060041328@smelt2.prg2.suse.org> # Recommended update for ansible-core Announcement ID: SUSE-RU-2025:01594-2 Release Date: 2025-05-25T22:02:57Z Rating: important References: * bsc#1243193 Affected Products: * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * Systems Management Module 15-SP7 An update that has one fix can now be installed. ## Description: This update for ansible-core fixes the following issues: * Add missing dependency on python311-rpm required by package_facts (bsc#1243193) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Systems Management Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Systems-Management-15-SP7-2025-1594=1 ## Package List: * Systems Management Module 15-SP7 (noarch) * ansible-core-2.18.3-150400.9.6.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1243193 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 26 08:30:14 2025 From: null at suse.de (SLE-UPDATES) Date: Mon, 26 May 2025 08:30:14 -0000 Subject: SUSE-SU-2025:01661-2: moderate: Security update for postgresql14 Message-ID: <174824821462.21669.13194753093098893236@smelt2.prg2.suse.org> # Security update for postgresql14 Announcement ID: SUSE-SU-2025:01661-2 Release Date: 2025-05-25T22:02:37Z Rating: moderate References: * bsc#1242931 Cross-References: * CVE-2025-4207 CVSS scores: * CVE-2025-4207 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-4207 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves one vulnerability can now be installed. ## Description: This update for postgresql14 fixes the following issues: Upgrade to 14.18: * CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation (bsc#1242931) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-1661=1 ## Package List: * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64) * postgresql14-debuginfo-14.18-150600.16.17.1 * postgresql14-llvmjit-14.18-150600.16.17.1 * postgresql14-llvmjit-debuginfo-14.18-150600.16.17.1 * postgresql14-debugsource-14.18-150600.16.17.1 * postgresql14-test-14.18-150600.16.17.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4207.html * https://bugzilla.suse.com/show_bug.cgi?id=1242931 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 26 08:30:18 2025 From: null at suse.de (SLE-UPDATES) Date: Mon, 26 May 2025 08:30:18 -0000 Subject: SUSE-SU-2025:01523-1: moderate: Security update for python-Django Message-ID: <174824821853.21669.10995548786430497055@smelt2.prg2.suse.org> # Security update for python-Django Announcement ID: SUSE-SU-2025:01523-1 Release Date: 2025-05-25T22:01:37Z Rating: moderate References: * bsc#1242210 Cross-References: * CVE-2025-32873 CVSS scores: * CVE-2025-32873 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32873 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves one vulnerability can now be installed. ## Description: This update for python-Django fixes the following issues: * CVE-2025-32873: Fixed denial-of-service possibility in `strip_tags()` (bsc#1242210) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-1523=1 ## Package List: * SUSE Package Hub 15 15-SP7 (noarch) * python311-Django-4.2.11-150600.3.21.1 ## References: * https://www.suse.com/security/cve/CVE-2025-32873.html * https://bugzilla.suse.com/show_bug.cgi?id=1242210 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 26 08:30:22 2025 From: null at suse.de (SLE-UPDATES) Date: Mon, 26 May 2025 08:30:22 -0000 Subject: SUSE-OU-2025:01562-1: low: Optional update for llvm17 Message-ID: <174824822256.21669.1328454701719346600@smelt2.prg2.suse.org> # Optional update for llvm17 Announcement ID: SUSE-OU-2025:01562-1 Release Date: 2025-05-25T21:58:14Z Rating: low References: * bsc#1232916 Affected Products: * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP7 An update that has one fix can now be installed. ## Description: This update for llvm17 fixes the following issue * Add clang17-doc to SLE-Module-Packagehub-Subpackages_15-SP6 (bsc#1232916) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-1562=1 ## Package List: * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64) * libclang-cpp17-17.0.6-150600.3.7.1 * llvm17-gold-debuginfo-17.0.6-150600.3.7.1 * libLLVM17-17.0.6-150600.3.7.1 * llvm17-polly-devel-17.0.6-150600.3.7.1 * libLLVM17-debuginfo-17.0.6-150600.3.7.1 * llvm17-polly-17.0.6-150600.3.7.1 * libclang-cpp17-debuginfo-17.0.6-150600.3.7.1 * llvm17-debuginfo-17.0.6-150600.3.7.1 * llvm17-17.0.6-150600.3.7.1 * clang17-devel-17.0.6-150600.3.7.1 * libLTO17-debuginfo-17.0.6-150600.3.7.1 * clang17-17.0.6-150600.3.7.1 * llvm17-devel-debuginfo-17.0.6-150600.3.7.1 * clang17-debuginfo-17.0.6-150600.3.7.1 * lld17-17.0.6-150600.3.7.1 * llvm17-gold-17.0.6-150600.3.7.1 * liblldb17-debuginfo-17.0.6-150600.3.7.1 * llvm17-devel-17.0.6-150600.3.7.1 * lldb17-debuginfo-17.0.6-150600.3.7.1 * lld17-debuginfo-17.0.6-150600.3.7.1 * liblldb17-17.0.6-150600.3.7.1 * lldb17-17.0.6-150600.3.7.1 * llvm17-polly-debuginfo-17.0.6-150600.3.7.1 * libLTO17-17.0.6-150600.3.7.1 * SUSE Package Hub 15 15-SP7 (noarch) * clang17-doc-17.0.6-150600.3.7.1 * llvm17-vim-plugins-17.0.6-150600.3.7.1 * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le x86_64) * libomp17-devel-17.0.6-150600.3.7.1 * libomp17-devel-debuginfo-17.0.6-150600.3.7.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1232916 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 26 08:30:27 2025 From: null at suse.de (SLE-UPDATES) Date: Mon, 26 May 2025 08:30:27 -0000 Subject: SUSE-SU-2025:01703-1: moderate: Security update for xen Message-ID: <174824822796.21669.35967333640170917@smelt2.prg2.suse.org> # Security update for xen Announcement ID: SUSE-SU-2025:01703-1 Release Date: 2025-05-25T21:42:32Z Rating: moderate References: * bsc#1027519 * bsc#1242490 * bsc#1243117 Cross-References: * CVE-2024-28956 CVSS scores: * CVE-2024-28956 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-28956 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-28956 ( NVD ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-28956 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability and has two security fixes can now be installed. ## Description: This update for xen fixes the following issues: Update to Xen 4.18.5: Security fixes: * CVE-2024-28956: Fixed Intel CPU Indirect Target Selection (ITS) (bsc#1243117) Other fixes: * Fixed boot failing with XEN kernel on DL580 Gen12 (bsc#1242490) * Added missing upstream bug fixes (bsc#1027519) ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-1703=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1703=1 openSUSE-SLE-15.6-2025-1703=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1703=1 ## Package List: * Server Applications Module 15-SP6 (x86_64) * xen-tools-debuginfo-4.18.5_02-150600.3.23.1 * xen-4.18.5_02-150600.3.23.1 * xen-debugsource-4.18.5_02-150600.3.23.1 * xen-devel-4.18.5_02-150600.3.23.1 * xen-tools-4.18.5_02-150600.3.23.1 * Server Applications Module 15-SP6 (noarch) * xen-tools-xendomains-wait-disk-4.18.5_02-150600.3.23.1 * openSUSE Leap 15.6 (aarch64 x86_64 i586) * xen-libs-debuginfo-4.18.5_02-150600.3.23.1 * xen-libs-4.18.5_02-150600.3.23.1 * xen-debugsource-4.18.5_02-150600.3.23.1 * xen-tools-domU-debuginfo-4.18.5_02-150600.3.23.1 * xen-devel-4.18.5_02-150600.3.23.1 * xen-tools-domU-4.18.5_02-150600.3.23.1 * openSUSE Leap 15.6 (x86_64) * xen-libs-32bit-debuginfo-4.18.5_02-150600.3.23.1 * xen-libs-32bit-4.18.5_02-150600.3.23.1 * openSUSE Leap 15.6 (aarch64 x86_64) * xen-doc-html-4.18.5_02-150600.3.23.1 * xen-tools-4.18.5_02-150600.3.23.1 * xen-tools-debuginfo-4.18.5_02-150600.3.23.1 * xen-4.18.5_02-150600.3.23.1 * openSUSE Leap 15.6 (noarch) * xen-tools-xendomains-wait-disk-4.18.5_02-150600.3.23.1 * openSUSE Leap 15.6 (aarch64_ilp32) * xen-libs-64bit-debuginfo-4.18.5_02-150600.3.23.1 * xen-libs-64bit-4.18.5_02-150600.3.23.1 * Basesystem Module 15-SP6 (x86_64) * xen-libs-debuginfo-4.18.5_02-150600.3.23.1 * xen-libs-4.18.5_02-150600.3.23.1 * xen-debugsource-4.18.5_02-150600.3.23.1 * xen-tools-domU-debuginfo-4.18.5_02-150600.3.23.1 * xen-tools-domU-4.18.5_02-150600.3.23.1 ## References: * https://www.suse.com/security/cve/CVE-2024-28956.html * https://bugzilla.suse.com/show_bug.cgi?id=1027519 * https://bugzilla.suse.com/show_bug.cgi?id=1242490 * https://bugzilla.suse.com/show_bug.cgi?id=1243117 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 26 08:30:31 2025 From: null at suse.de (SLE-UPDATES) Date: Mon, 26 May 2025 08:30:31 -0000 Subject: SUSE-SU-2025:01702-1: important: Security update for glibc Message-ID: <174824823174.21669.6254056792424950807@smelt2.prg2.suse.org> # Security update for glibc Announcement ID: SUSE-SU-2025:01702-1 Release Date: 2025-05-24T09:51:05Z Rating: important References: * bsc#1243317 Cross-References: * CVE-2025-4802 CVSS scores: * CVE-2025-4802 ( SUSE ): 9.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2025-4802 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-4802 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP6 * Development Tools Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for glibc fixes the following issues: * CVE-2025-4802: possible execution of attacker controlled code when statically linked setuid binaries using dlopen search for libraries to load in LD_LIBRARY_PATH (bsc#1243317). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1702=1 openSUSE-SLE-15.6-2025-1702=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1702=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-1702=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586 i686) * glibc-devel-debuginfo-2.38-150600.14.32.1 * glibc-locale-base-2.38-150600.14.32.1 * glibc-profile-2.38-150600.14.32.1 * glibc-locale-2.38-150600.14.32.1 * libnsl1-debuginfo-2.38-150600.14.32.1 * glibc-locale-base-debuginfo-2.38-150600.14.32.1 * glibc-devel-2.38-150600.14.32.1 * glibc-debuginfo-2.38-150600.14.32.1 * glibc-debugsource-2.38-150600.14.32.1 * glibc-devel-static-2.38-150600.14.32.1 * libnsl1-2.38-150600.14.32.1 * glibc-2.38-150600.14.32.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * nscd-debuginfo-2.38-150600.14.32.1 * glibc-extra-2.38-150600.14.32.1 * glibc-utils-debuginfo-2.38-150600.14.32.1 * nscd-2.38-150600.14.32.1 * glibc-utils-src-debugsource-2.38-150600.14.32.1 * glibc-utils-2.38-150600.14.32.1 * glibc-extra-debuginfo-2.38-150600.14.32.1 * openSUSE Leap 15.6 (noarch) * glibc-lang-2.38-150600.14.32.1 * glibc-html-2.38-150600.14.32.1 * glibc-i18ndata-2.38-150600.14.32.1 * glibc-info-2.38-150600.14.32.1 * openSUSE Leap 15.6 (x86_64) * glibc-profile-32bit-2.38-150600.14.32.1 * libnsl1-32bit-2.38-150600.14.32.1 * libnsl1-32bit-debuginfo-2.38-150600.14.32.1 * glibc-devel-static-32bit-2.38-150600.14.32.1 * glibc-devel-32bit-2.38-150600.14.32.1 * glibc-32bit-2.38-150600.14.32.1 * glibc-utils-32bit-debuginfo-2.38-150600.14.32.1 * glibc-locale-base-32bit-2.38-150600.14.32.1 * glibc-utils-32bit-2.38-150600.14.32.1 * glibc-locale-base-32bit-debuginfo-2.38-150600.14.32.1 * glibc-devel-32bit-debuginfo-2.38-150600.14.32.1 * glibc-32bit-debuginfo-2.38-150600.14.32.1 * openSUSE Leap 15.6 (aarch64_ilp32) * glibc-utils-64bit-debuginfo-2.38-150600.14.32.1 * libnsl1-64bit-2.38-150600.14.32.1 * glibc-utils-64bit-2.38-150600.14.32.1 * glibc-profile-64bit-2.38-150600.14.32.1 * libnsl1-64bit-debuginfo-2.38-150600.14.32.1 * glibc-locale-base-64bit-debuginfo-2.38-150600.14.32.1 * glibc-devel-64bit-debuginfo-2.38-150600.14.32.1 * glibc-64bit-2.38-150600.14.32.1 * glibc-devel-64bit-2.38-150600.14.32.1 * glibc-locale-base-64bit-2.38-150600.14.32.1 * glibc-64bit-debuginfo-2.38-150600.14.32.1 * glibc-devel-static-64bit-2.38-150600.14.32.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * nscd-debuginfo-2.38-150600.14.32.1 * glibc-devel-debuginfo-2.38-150600.14.32.1 * glibc-extra-2.38-150600.14.32.1 * glibc-locale-base-2.38-150600.14.32.1 * glibc-locale-2.38-150600.14.32.1 * glibc-profile-2.38-150600.14.32.1 * libnsl1-debuginfo-2.38-150600.14.32.1 * nscd-2.38-150600.14.32.1 * glibc-locale-base-debuginfo-2.38-150600.14.32.1 * glibc-devel-2.38-150600.14.32.1 * glibc-debuginfo-2.38-150600.14.32.1 * glibc-debugsource-2.38-150600.14.32.1 * libnsl1-2.38-150600.14.32.1 * glibc-2.38-150600.14.32.1 * glibc-extra-debuginfo-2.38-150600.14.32.1 * Basesystem Module 15-SP6 (noarch) * glibc-info-2.38-150600.14.32.1 * glibc-i18ndata-2.38-150600.14.32.1 * glibc-lang-2.38-150600.14.32.1 * Basesystem Module 15-SP6 (x86_64) * libnsl1-32bit-2.38-150600.14.32.1 * libnsl1-32bit-debuginfo-2.38-150600.14.32.1 * glibc-32bit-2.38-150600.14.32.1 * glibc-locale-base-32bit-2.38-150600.14.32.1 * glibc-locale-base-32bit-debuginfo-2.38-150600.14.32.1 * glibc-32bit-debuginfo-2.38-150600.14.32.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * glibc-utils-debuginfo-2.38-150600.14.32.1 * glibc-utils-src-debugsource-2.38-150600.14.32.1 * glibc-devel-static-2.38-150600.14.32.1 * glibc-debuginfo-2.38-150600.14.32.1 * glibc-debugsource-2.38-150600.14.32.1 * glibc-utils-2.38-150600.14.32.1 * Development Tools Module 15-SP6 (x86_64) * glibc-devel-32bit-debuginfo-2.38-150600.14.32.1 * glibc-devel-32bit-2.38-150600.14.32.1 * glibc-32bit-debuginfo-2.38-150600.14.32.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4802.html * https://bugzilla.suse.com/show_bug.cgi?id=1243317 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 26 08:30:34 2025 From: null at suse.de (SLE-UPDATES) Date: Mon, 26 May 2025 08:30:34 -0000 Subject: SUSE-SU-2025:01701-1: important: Security update for MozillaFirefox Message-ID: <174824823462.21669.309598623234215950@smelt2.prg2.suse.org> # Security update for MozillaFirefox Announcement ID: SUSE-SU-2025:01701-1 Release Date: 2025-05-24T08:35:04Z Rating: important References: * bsc#1243303 Cross-References: * CVE-2025-4918 * CVE-2025-4919 CVSS scores: * CVE-2025-4918 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-4918 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-4918 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-4919 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-4919 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-4919 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Desktop Applications Module 15-SP6 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 128.10.1 ESR. * MFSA 2025-37 (bsc#1243303) * CVE-2025-4918: Out-of-bounds access when resolving Promise objects * CVE-2025-4919: Out-of-bounds access when optimizing linear sums ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1701=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1701=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1701=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1701=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1701=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1701=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1701=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1701=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1701=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1701=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-1701=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1701=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1701=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1701=1 ## Package List: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * MozillaFirefox-debuginfo-128.10.1-150200.152.182.1 * MozillaFirefox-translations-common-128.10.1-150200.152.182.1 * MozillaFirefox-debugsource-128.10.1-150200.152.182.1 * MozillaFirefox-translations-other-128.10.1-150200.152.182.1 * MozillaFirefox-128.10.1-150200.152.182.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * MozillaFirefox-devel-128.10.1-150200.152.182.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * MozillaFirefox-debuginfo-128.10.1-150200.152.182.1 * MozillaFirefox-translations-common-128.10.1-150200.152.182.1 * MozillaFirefox-debugsource-128.10.1-150200.152.182.1 * MozillaFirefox-translations-other-128.10.1-150200.152.182.1 * MozillaFirefox-128.10.1-150200.152.182.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * MozillaFirefox-devel-128.10.1-150200.152.182.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-128.10.1-150200.152.182.1 * MozillaFirefox-translations-common-128.10.1-150200.152.182.1 * MozillaFirefox-debugsource-128.10.1-150200.152.182.1 * MozillaFirefox-translations-other-128.10.1-150200.152.182.1 * MozillaFirefox-128.10.1-150200.152.182.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * MozillaFirefox-devel-128.10.1-150200.152.182.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-128.10.1-150200.152.182.1 * MozillaFirefox-translations-common-128.10.1-150200.152.182.1 * MozillaFirefox-debugsource-128.10.1-150200.152.182.1 * MozillaFirefox-translations-other-128.10.1-150200.152.182.1 * MozillaFirefox-128.10.1-150200.152.182.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * MozillaFirefox-devel-128.10.1-150200.152.182.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-128.10.1-150200.152.182.1 * MozillaFirefox-translations-common-128.10.1-150200.152.182.1 * MozillaFirefox-debugsource-128.10.1-150200.152.182.1 * MozillaFirefox-translations-other-128.10.1-150200.152.182.1 * MozillaFirefox-128.10.1-150200.152.182.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * MozillaFirefox-devel-128.10.1-150200.152.182.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * MozillaFirefox-debuginfo-128.10.1-150200.152.182.1 * MozillaFirefox-translations-common-128.10.1-150200.152.182.1 * MozillaFirefox-debugsource-128.10.1-150200.152.182.1 * MozillaFirefox-translations-other-128.10.1-150200.152.182.1 * MozillaFirefox-128.10.1-150200.152.182.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * MozillaFirefox-devel-128.10.1-150200.152.182.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * MozillaFirefox-debuginfo-128.10.1-150200.152.182.1 * MozillaFirefox-translations-common-128.10.1-150200.152.182.1 * MozillaFirefox-debugsource-128.10.1-150200.152.182.1 * MozillaFirefox-translations-other-128.10.1-150200.152.182.1 * MozillaFirefox-128.10.1-150200.152.182.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * MozillaFirefox-devel-128.10.1-150200.152.182.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * MozillaFirefox-debuginfo-128.10.1-150200.152.182.1 * MozillaFirefox-translations-common-128.10.1-150200.152.182.1 * MozillaFirefox-debugsource-128.10.1-150200.152.182.1 * MozillaFirefox-translations-other-128.10.1-150200.152.182.1 * MozillaFirefox-128.10.1-150200.152.182.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * MozillaFirefox-devel-128.10.1-150200.152.182.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * MozillaFirefox-debuginfo-128.10.1-150200.152.182.1 * MozillaFirefox-translations-common-128.10.1-150200.152.182.1 * MozillaFirefox-debugsource-128.10.1-150200.152.182.1 * MozillaFirefox-translations-other-128.10.1-150200.152.182.1 * MozillaFirefox-128.10.1-150200.152.182.1 * SUSE Enterprise Storage 7.1 (noarch) * MozillaFirefox-devel-128.10.1-150200.152.182.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-128.10.1-150200.152.182.1 * MozillaFirefox-branding-upstream-128.10.1-150200.152.182.1 * MozillaFirefox-translations-common-128.10.1-150200.152.182.1 * MozillaFirefox-debugsource-128.10.1-150200.152.182.1 * MozillaFirefox-translations-other-128.10.1-150200.152.182.1 * MozillaFirefox-128.10.1-150200.152.182.1 * openSUSE Leap 15.6 (noarch) * MozillaFirefox-devel-128.10.1-150200.152.182.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-128.10.1-150200.152.182.1 * MozillaFirefox-translations-common-128.10.1-150200.152.182.1 * MozillaFirefox-debugsource-128.10.1-150200.152.182.1 * MozillaFirefox-translations-other-128.10.1-150200.152.182.1 * MozillaFirefox-128.10.1-150200.152.182.1 * Desktop Applications Module 15-SP6 (noarch) * MozillaFirefox-devel-128.10.1-150200.152.182.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * MozillaFirefox-debuginfo-128.10.1-150200.152.182.1 * MozillaFirefox-translations-common-128.10.1-150200.152.182.1 * MozillaFirefox-debugsource-128.10.1-150200.152.182.1 * MozillaFirefox-translations-other-128.10.1-150200.152.182.1 * MozillaFirefox-128.10.1-150200.152.182.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * MozillaFirefox-devel-128.10.1-150200.152.182.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * MozillaFirefox-debuginfo-128.10.1-150200.152.182.1 * MozillaFirefox-translations-common-128.10.1-150200.152.182.1 * MozillaFirefox-debugsource-128.10.1-150200.152.182.1 * MozillaFirefox-translations-other-128.10.1-150200.152.182.1 * MozillaFirefox-128.10.1-150200.152.182.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * MozillaFirefox-devel-128.10.1-150200.152.182.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * MozillaFirefox-debuginfo-128.10.1-150200.152.182.1 * MozillaFirefox-translations-common-128.10.1-150200.152.182.1 * MozillaFirefox-debugsource-128.10.1-150200.152.182.1 * MozillaFirefox-translations-other-128.10.1-150200.152.182.1 * MozillaFirefox-128.10.1-150200.152.182.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * MozillaFirefox-devel-128.10.1-150200.152.182.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4918.html * https://www.suse.com/security/cve/CVE-2025-4919.html * https://bugzilla.suse.com/show_bug.cgi?id=1243303 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 26 12:33:21 2025 From: null at suse.de (SLE-UPDATES) Date: Mon, 26 May 2025 12:33:21 -0000 Subject: SUSE-SU-2025:01707-1: important: Security update for the Linux Kernel Message-ID: <174826280199.21917.6370558153217063976@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:01707-1 Release Date: 2025-05-26T11:35:19Z Rating: important References: * bsc#1215199 * bsc#1223809 * bsc#1224013 * bsc#1224597 * bsc#1224757 * bsc#1228659 * bsc#1230764 * bsc#1231103 * bsc#1231910 * bsc#1232493 * bsc#1233075 * bsc#1233098 * bsc#1234074 * bsc#1234157 * bsc#1234698 * bsc#1235501 * bsc#1235526 * bsc#1235550 * bsc#1235870 * bsc#1236086 * bsc#1236704 * bsc#1237111 * bsc#1237874 * bsc#1237882 * bsc#1238052 * bsc#1238212 * bsc#1238471 * bsc#1238527 * bsc#1238565 * bsc#1238714 * bsc#1238737 * bsc#1238742 * bsc#1238745 * bsc#1238746 * bsc#1238862 * bsc#1238961 * bsc#1238970 * bsc#1238983 * bsc#1238990 * bsc#1239066 * bsc#1239079 * bsc#1239108 * bsc#1239470 * bsc#1239475 * bsc#1239476 * bsc#1239487 * bsc#1239510 * bsc#1239684 * bsc#1239906 * bsc#1239925 * bsc#1239997 * bsc#1240167 * bsc#1240168 * bsc#1240171 * bsc#1240176 * bsc#1240181 * bsc#1240184 * bsc#1240185 * bsc#1240375 * bsc#1240557 * bsc#1240575 * bsc#1240576 * bsc#1240581 * bsc#1240582 * bsc#1240583 * bsc#1240584 * bsc#1240585 * bsc#1240587 * bsc#1240590 * bsc#1240591 * bsc#1240592 * bsc#1240594 * bsc#1240595 * bsc#1240596 * bsc#1240600 * bsc#1240612 * bsc#1240616 * bsc#1240617 * bsc#1240639 * bsc#1240643 * bsc#1240647 * bsc#1240655 * bsc#1240691 * bsc#1240700 * bsc#1240701 * bsc#1240703 * bsc#1240708 * bsc#1240709 * bsc#1240712 * bsc#1240713 * bsc#1240714 * bsc#1240715 * bsc#1240716 * bsc#1240717 * bsc#1240718 * bsc#1240719 * bsc#1240720 * bsc#1240722 * bsc#1240727 * bsc#1240739 * bsc#1240740 * bsc#1240742 * bsc#1240779 * bsc#1240783 * bsc#1240784 * bsc#1240785 * bsc#1240795 * bsc#1240796 * bsc#1240797 * bsc#1240799 * bsc#1240801 * bsc#1240802 * bsc#1240806 * bsc#1240808 * bsc#1240809 * bsc#1240811 * bsc#1240812 * bsc#1240813 * bsc#1240815 * bsc#1240816 * bsc#1240819 * bsc#1240821 * bsc#1240825 * bsc#1240829 * bsc#1240835 * bsc#1240873 * bsc#1240934 * bsc#1240936 * bsc#1240937 * bsc#1240938 * bsc#1240940 * bsc#1240942 * bsc#1240943 * bsc#1240944 * bsc#1240978 * bsc#1240979 * bsc#1241010 * bsc#1241038 * bsc#1241051 * bsc#1241123 * bsc#1241151 * bsc#1241167 * bsc#1241175 * bsc#1241204 * bsc#1241250 * bsc#1241265 * bsc#1241266 * bsc#1241280 * bsc#1241332 * bsc#1241333 * bsc#1241341 * bsc#1241343 * bsc#1241344 * bsc#1241347 * bsc#1241357 * bsc#1241361 * bsc#1241369 * bsc#1241371 * bsc#1241373 * bsc#1241378 * bsc#1241394 * bsc#1241402 * bsc#1241412 * bsc#1241413 * bsc#1241416 * bsc#1241424 * bsc#1241426 * bsc#1241433 * bsc#1241436 * bsc#1241441 * bsc#1241442 * bsc#1241443 * bsc#1241451 * bsc#1241452 * bsc#1241456 * bsc#1241458 * bsc#1241459 * bsc#1241526 * bsc#1241528 * bsc#1241537 * bsc#1241541 * bsc#1241545 * bsc#1241547 * bsc#1241548 * bsc#1241550 * bsc#1241573 * bsc#1241574 * bsc#1241575 * bsc#1241578 * bsc#1241590 * bsc#1241593 * bsc#1241598 * bsc#1241599 * bsc#1241601 * bsc#1241626 * bsc#1241640 * bsc#1241648 * bsc#1242006 * bsc#1242044 * bsc#1242172 * bsc#1242283 * bsc#1242307 * bsc#1242313 * bsc#1242314 * bsc#1242315 * bsc#1242321 * bsc#1242326 * bsc#1242327 * bsc#1242328 * bsc#1242332 * bsc#1242333 * bsc#1242335 * bsc#1242336 * bsc#1242342 * bsc#1242343 * bsc#1242344 * bsc#1242345 * bsc#1242346 * bsc#1242347 * bsc#1242348 * bsc#1242414 * bsc#1242526 * bsc#1242528 * bsc#1242534 * bsc#1242535 * bsc#1242536 * bsc#1242537 * bsc#1242538 * bsc#1242539 * bsc#1242540 * bsc#1242546 * bsc#1242556 * bsc#1242596 * bsc#1242710 * bsc#1242778 * bsc#1242831 * bsc#1242985 * jsc#PED-12309 Cross-References: * CVE-2023-53034 * CVE-2024-27018 * CVE-2024-27415 * CVE-2024-28956 * CVE-2024-35840 * CVE-2024-46763 * CVE-2024-46865 * CVE-2024-50038 * CVE-2024-50083 * CVE-2024-50162 * CVE-2024-50163 * CVE-2024-53124 * CVE-2024-53139 * CVE-2024-56641 * CVE-2024-56702 * CVE-2024-57924 * CVE-2024-57998 * CVE-2024-58001 * CVE-2024-58018 * CVE-2024-58068 * CVE-2024-58070 * CVE-2024-58071 * CVE-2024-58088 * CVE-2024-58093 * CVE-2024-58094 * CVE-2024-58095 * CVE-2024-58096 * CVE-2024-58097 * CVE-2025-21683 * CVE-2025-21696 * CVE-2025-21707 * CVE-2025-21729 * CVE-2025-21755 * CVE-2025-21758 * CVE-2025-21768 * CVE-2025-21792 * CVE-2025-21806 * CVE-2025-21808 * CVE-2025-21812 * CVE-2025-21833 * CVE-2025-21836 * CVE-2025-21852 * CVE-2025-21853 * CVE-2025-21854 * CVE-2025-21863 * CVE-2025-21867 * CVE-2025-21873 * CVE-2025-21875 * CVE-2025-21881 * CVE-2025-21884 * CVE-2025-21887 * CVE-2025-21889 * CVE-2025-21894 * CVE-2025-21895 * CVE-2025-21904 * CVE-2025-21905 * CVE-2025-21906 * CVE-2025-21908 * CVE-2025-21909 * CVE-2025-21910 * CVE-2025-21912 * CVE-2025-21913 * CVE-2025-21914 * CVE-2025-21915 * CVE-2025-21916 * CVE-2025-21917 * CVE-2025-21918 * CVE-2025-21922 * CVE-2025-21923 * CVE-2025-21924 * CVE-2025-21925 * CVE-2025-21926 * CVE-2025-21927 * CVE-2025-21928 * CVE-2025-21930 * CVE-2025-21931 * CVE-2025-21934 * CVE-2025-21935 * CVE-2025-21936 * CVE-2025-21937 * CVE-2025-21941 * CVE-2025-21943 * CVE-2025-21948 * CVE-2025-21950 * CVE-2025-21951 * CVE-2025-21953 * CVE-2025-21956 * CVE-2025-21957 * CVE-2025-21960 * CVE-2025-21961 * CVE-2025-21962 * CVE-2025-21963 * CVE-2025-21964 * CVE-2025-21966 * CVE-2025-21968 * CVE-2025-21969 * CVE-2025-21970 * CVE-2025-21971 * CVE-2025-21972 * CVE-2025-21975 * CVE-2025-21978 * CVE-2025-21979 * CVE-2025-21980 * CVE-2025-21981 * CVE-2025-21985 * CVE-2025-21991 * CVE-2025-21992 * CVE-2025-21993 * CVE-2025-21995 * CVE-2025-21996 * CVE-2025-21999 * CVE-2025-22001 * CVE-2025-22003 * CVE-2025-22004 * CVE-2025-22007 * CVE-2025-22008 * CVE-2025-22009 * CVE-2025-22010 * CVE-2025-22013 * CVE-2025-22014 * CVE-2025-22015 * CVE-2025-22016 * CVE-2025-22017 * CVE-2025-22018 * CVE-2025-22020 * CVE-2025-22025 * CVE-2025-22027 * CVE-2025-22029 * CVE-2025-22033 * CVE-2025-22036 * CVE-2025-22044 * CVE-2025-22045 * CVE-2025-22050 * CVE-2025-22053 * CVE-2025-22055 * CVE-2025-22058 * CVE-2025-22060 * CVE-2025-22062 * CVE-2025-22064 * CVE-2025-22065 * CVE-2025-22075 * CVE-2025-22080 * CVE-2025-22086 * CVE-2025-22088 * CVE-2025-22090 * CVE-2025-22093 * CVE-2025-22097 * CVE-2025-22102 * CVE-2025-22104 * CVE-2025-22105 * CVE-2025-22106 * CVE-2025-22107 * CVE-2025-22108 * CVE-2025-22109 * CVE-2025-22115 * CVE-2025-22116 * CVE-2025-22121 * CVE-2025-22128 * CVE-2025-2312 * CVE-2025-23129 * CVE-2025-23131 * CVE-2025-23133 * CVE-2025-23136 * CVE-2025-23138 * CVE-2025-23145 * CVE-2025-37785 * CVE-2025-37798 * CVE-2025-37799 * CVE-2025-37860 * CVE-2025-39728 CVSS scores: * CVE-2023-53034 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2023-53034 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-27018 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27018 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27415 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L * CVE-2024-28956 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-28956 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-28956 ( NVD ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-28956 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-35840 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46763 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46763 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46865 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46865 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-50038 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50038 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50083 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50083 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50162 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50162 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50162 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50163 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50163 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50163 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53124 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53124 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53139 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53139 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53139 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56641 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56641 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56702 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56702 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56702 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57924 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-57924 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57998 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58001 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-58001 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-58018 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58068 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58068 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58070 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58070 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58071 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58071 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58088 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-58088 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58088 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58093 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-58093 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58094 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-58094 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58095 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-58095 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58096 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-58096 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-58097 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-58097 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58097 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21683 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-21683 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-21683 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21696 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21696 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21707 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21707 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21729 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21729 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21755 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21755 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21758 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21768 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21792 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21806 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21808 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21812 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21812 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21812 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21833 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21833 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21833 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21836 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21852 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21852 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21853 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21853 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21854 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21854 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21863 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21863 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21867 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21867 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21873 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21875 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21881 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21884 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21887 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21887 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21889 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21894 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21894 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21895 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21895 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21904 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21904 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21904 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21905 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21905 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21905 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-21906 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21906 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21908 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21908 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21908 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21909 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21909 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21910 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21910 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21912 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21912 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21912 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21913 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21913 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21914 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21914 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21915 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21915 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21915 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21915 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21916 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21916 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21917 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21917 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21917 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21918 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21918 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21918 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21922 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21922 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-21922 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21923 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21923 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21923 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21923 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21924 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21924 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21925 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21925 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21926 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21926 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21927 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21927 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21927 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21928 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21928 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21928 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21928 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21930 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21930 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21930 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21931 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21931 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21934 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21934 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21934 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21935 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21935 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21936 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21936 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21936 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21937 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21937 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21937 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21941 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21941 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21941 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21943 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21943 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21943 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21948 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21948 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21948 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21950 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21950 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21951 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21951 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21951 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21953 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21953 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21953 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21956 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-21956 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2025-21957 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21957 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21957 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21960 ( SUSE ): 0.0 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-21960 ( SUSE ): 0.0 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:N * CVE-2025-21961 ( SUSE ): 6.0 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21961 ( SUSE ): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21961 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21962 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-21962 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-21962 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21963 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21963 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21963 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21964 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21964 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21964 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21966 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21966 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21966 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21968 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21968 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21968 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21969 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21969 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21969 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21970 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21970 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21971 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21971 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21972 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21972 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21975 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21975 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21978 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21978 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21979 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21979 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21979 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21980 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21980 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21980 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21981 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-21981 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-21981 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21985 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21985 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21991 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21991 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21991 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21992 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21992 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21993 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21993 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21993 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-21995 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21995 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21995 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21996 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21996 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21996 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21999 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21999 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21999 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22001 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-22001 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-22001 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22003 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22003 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22003 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22004 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22004 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22007 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22007 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22007 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22008 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22008 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22009 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22009 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22009 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22010 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22010 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22010 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22013 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22013 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22014 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22014 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22014 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22015 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22015 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22016 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22016 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22017 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22017 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22018 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22018 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22018 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22020 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22020 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22020 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22025 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-22025 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-22027 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22027 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22027 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22029 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22029 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22033 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22033 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22033 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22036 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22036 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22036 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22044 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22044 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22045 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22045 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22050 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22050 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22053 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22053 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22055 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22055 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-22058 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-22058 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-22060 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22060 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22062 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22062 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22062 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22064 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22064 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22065 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22065 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22065 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22075 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22075 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22080 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22080 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22080 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22086 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22086 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22088 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22088 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22088 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22090 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22090 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22093 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22093 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22097 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22097 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-22097 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22102 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22102 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22104 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22104 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-22105 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22105 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22106 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22106 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22107 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-22107 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H * CVE-2025-22108 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-22108 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2025-22109 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22109 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22115 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22115 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22116 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-22116 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2025-22121 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22121 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22128 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22128 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-2312 ( SUSE ): 6.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2025-2312 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2025-2312 ( NVD ): 5.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N * CVE-2025-23129 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-23129 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23131 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-23131 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23133 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-23133 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-23136 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-23136 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23136 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23138 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-23138 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23145 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-23145 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37785 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37785 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H * CVE-2025-37785 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-37798 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37799 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37860 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37860 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37860 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-39728 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-39728 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-39728 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * Public Cloud Module 15-SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves 170 vulnerabilities, contains one feature and has 67 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-27415: netfilter: bridge: confirm multicast packets before passing them up the stack (bsc#1224757). * CVE-2024-28956: Intel CPU: Indirect Target Selection (ITS) (bsc#1242006). * CVE-2024-35840: mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect() (bsc#1224597). * CVE-2024-46763: fou: Fix null-ptr-deref in GRO (bsc#1230764). * CVE-2024-50038: netfilter: xtables: avoid NFPROTO_UNSPEC where needed (bsc#1231910). * CVE-2024-50162: bpf: devmap: provide rxq after redirect (bsc#1233075). * CVE-2024-50163: bpf: Make sure internal and UAPI bpf_redirect flags do not overlap (bsc#1233098). * CVE-2024-53124: net: fix data-races around sk->sk_forward_alloc (bsc#1234074). * CVE-2024-53139: sctp: fix possible UAF in sctp_v6_available() (bsc#1234157). * CVE-2024-57924: fs: relax assertions on failure to encode file handles (bsc#1236086). * CVE-2024-58018: nvkm: correctly calculate the available space of the GSP cmdq buffer (bsc#1238990). * CVE-2024-58068: OPP: fix dev_pm_opp_find_bw_*() when bandwidth table not initialized (bsc#1238961). * CVE-2024-58070: bpf: bpf_local_storage: Always use bpf_mem_alloc in PREEMPT_RT (bsc#1238983). * CVE-2024-58071: team: prevent adding a device which is already a team device lower (bsc#1238970). * CVE-2024-58088: bpf: Fix deadlock when freeing cgroup storage (bsc#1239510). * CVE-2025-21683: bpf: Fix bpf_sk_select_reuseport() memory leak (bsc#1236704). * CVE-2025-21696: mm: clear uffd-wp PTE/PMD state on mremap() (bsc#1237111). * CVE-2025-21707: mptcp: consolidate suboption status (bsc#1238862). * CVE-2025-21729: wifi: rtw89: fix race between cancel_hw_scan and hw_scan completion (bsc#1237874). * CVE-2025-21755: vsock: Orphan socket after transport release (bsc#1237882). * CVE-2025-21758: ipv6: mcast: add RCU protection to mld_newpack() (bsc#1238737). * CVE-2025-21768: net: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels (bsc#1238714). * CVE-2025-21792: ax25: Fix refcount leak caused by setting SO_BINDTODEVICE sockopt (bsc#1238745). * CVE-2025-21806: net: let net.core.dev_weight always be non-zero (bsc#1238746). * CVE-2025-21808: net: xdp: Disallow attaching device-bound programs in generic mode (bsc#1238742). * CVE-2025-21812: ax25: rcu protect dev->ax25_ptr (bsc#1238471). * CVE-2025-21833: iommu/vt-d: Avoid use of NULL after WARN_ON_ONCE (bsc#1239108). * CVE-2025-21836: io_uring/kbuf: reallocate buf lists on upgrade (bsc#1239066). * CVE-2025-21854: sockmap, vsock: For connectible sockets allow only connected (bsc#1239470). * CVE-2025-21863: io_uring: prevent opcode speculation (bsc#1239475). * CVE-2025-21867: bpf, test_run: Fix use-after-free issue in eth_skb_pkt_type() (bsc#1240181). * CVE-2025-21873: scsi: ufs: core: bsg: Fix crash when arpmb command fails (bsc#1240184). * CVE-2025-21875: mptcp: always handle address removal under msk socket lock (bsc#1240168). * CVE-2025-21881: uprobes: Reject the shared zeropage in uprobe_write_opcode() (bsc#1240185). * CVE-2025-21884: net: better track kernel sockets lifetime (bsc#1240171). * CVE-2025-21887: ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up (bsc#1240176). * CVE-2025-21889: perf/core: Add RCU read lock protection to perf_iterate_ctx() (bsc#1240167). * CVE-2025-21894: net: enetc: VFs do not support HWTSTAMP_TX_ONESTEP_SYNC (bsc#1240581). * CVE-2025-21895: perf/core: Order the PMU list to fix warning about unordered pmu_ctx_list (bsc#1240585). * CVE-2025-21904: caif_virtio: fix wrong pointer check in cfv_probe() (bsc#1240576). * CVE-2025-21906: wifi: iwlwifi: mvm: clean up ROC on failure (bsc#1240587). * CVE-2025-21908: NFS: fix nfs_release_folio() to not deadlock via kcompactd writeback (bsc#1240600). * CVE-2025-21913: x86/amd_nb: Use rdmsr_safe() in amd_get_mmconfig_range() (bsc#1240591). * CVE-2025-21922: ppp: Fix KMSAN uninit-value warning with bpf (bsc#1240639). * CVE-2025-21924: net: hns3: make sure ptp clock is unregister and freed if hclge_ptp_get_cycle returns an error (bsc#1240720). * CVE-2025-21925: llc: do not use skb_get() before dev_queue_xmit() (bsc#1240713). * CVE-2025-21926: net: gso: fix ownership in __udp_gso_segment (bsc#1240712). * CVE-2025-21931: hwpoison, memory_hotplug: lock folio before unmap hwpoisoned folio (bsc#1240709). * CVE-2025-21957: scsi: qla1280: Fix kernel oops when debug level > 2 (bsc#1240742). * CVE-2025-21960: eth: bnxt: do not update checksum in bnxt_xdp_build_skb() (bsc#1240815). * CVE-2025-21961: eth: bnxt: fix truesize for mb-xdp-pass case (bsc#1240816). * CVE-2025-21962: cifs: Fix integer overflow while processing closetimeo mount option (bsc#1240655). * CVE-2025-21963: cifs: Fix integer overflow while processing acdirmax mount option (bsc#1240717). * CVE-2025-21964: cifs: Fix integer overflow while processing acregmax mount option (bsc#1240740). * CVE-2025-21969: Bluetooth: L2CAP: Fix slab-use-after-free Read in l2cap_send_cmd (bsc#1240784). * CVE-2025-21970: net/mlx5: Bridge, fix the crash caused by LAG state check (bsc#1240819). * CVE-2025-21972: net: mctp: unshare packets when reassembling (bsc#1240813). * CVE-2025-21975: net/mlx5: handle errors in mlx5_chains_create_table() (bsc#1240812). * CVE-2025-21980: sched: address a potential NULL pointer dereference in the GRED scheduler (bsc#1240809). * CVE-2025-21981: ice: fix memory leak in aRFS after reset (bsc#1240612). * CVE-2025-21985: drm/amd/display: Fix out-of-bound accesses (bsc#1240811). * CVE-2025-21991: x86/microcode/AMD: Fix out-of-bounds on systems with CPU- less NUMA nodes (bsc#1240795). * CVE-2025-21993: iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() (bsc#1240797). * CVE-2025-21999: proc: fix UAF in proc_get_inode() (bsc#1240802). * CVE-2025-22004: net: atm: fix use after free in lec_send() (bsc#1240835). * CVE-2025-22015: mm/migrate: fix shmem xarray update during migration (bsc#1240944). * CVE-2025-22016: dpll: fix xa_alloc_cyclic() error handling (bsc#1240934). * CVE-2025-22017: devlink: fix xa_alloc_cyclic() error handling (bsc#1240936). * CVE-2025-22018: atm: Fix NULL pointer dereference (bsc#1241266). * CVE-2025-22029: exec: fix the racy usage of fs_struct->in_exec (bsc#1241378). * CVE-2025-22036: exfat: fix random stack corruption after get_block (bsc#1241426). * CVE-2025-22045: x86/mm: Fix flush_tlb_range() when used for zapping normal PMDs (bsc#1241433). * CVE-2025-22053: net: ibmveth: make veth_pool_store stop hanging (bsc#1241373). * CVE-2025-22055: net: fix geneve_opt length integer overflow (bsc#1241371). * CVE-2025-22058: udp: Fix memory accounting leak (bsc#1241332). * CVE-2025-22060: net: mvpp2: Prevent parser TCAM memory corruption (bsc#1241526). * CVE-2025-22064: netfilter: nf_tables: do not unregister hook when table is dormant (bsc#1241413). * CVE-2025-22080: fs/ntfs3: Prevent integer overflow in hdr_first_de() (bsc#1241416). * CVE-2025-22090: x86/mm/pat: Fix VM_PAT handling when fork() fails in copy_page_range() (bsc#1241537). * CVE-2025-22102: Bluetooth: btnxpuart: Fix kernel panic during FW release (bsc#1241456). * CVE-2025-22104: ibmvnic: Use kernel helpers for hex dumps (bsc#1241550). * CVE-2025-22105: bonding: check xdp prog when set bond mode (bsc#1241548). * CVE-2025-22107: net: dsa: sja1105: fix kasan out-of-bounds warning in sja1105_table_delete_entry() (bsc#1241575). * CVE-2025-22109: ax25: Remove broken autobind (bsc#1241573). * CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241578). * CVE-2025-22121: ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all() (bsc#1241593). * CVE-2025-2312: CIFS: New mount option for cifs.upcall namespace resolution (bsc#1239684). * CVE-2025-23133: wifi: ath11k: update channel list in reg notifier instead reg worker (bsc#1241451). * CVE-2025-23138: watch_queue: fix pipe accounting mismatch (bsc#1241648). * CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242596). * CVE-2025-37785: ext4: fix OOB read when checking dotdot dir (bsc#1241640). * CVE-2025-37798: codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() (bsc#1242414). * CVE-2025-37799: vmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp (bsc#1242283). * CVE-2025-37860: sfc: fix NULL dereferences in ef100_process_design_param() (bsc#1241452). * CVE-2025-39728: clk: samsung: Fix UBSAN panic in samsung_clk_init() (bsc#1241626). The following non-security bugs were fixed: * ACPI PPTT: Fix coding mistakes in a couple of sizeof() calls (stable-fixes). * ACPI: EC: Set ec_no_wakeup for Lenovo Go S (stable-fixes). * ACPI: resource: Skip IRQ override on ASUS Vivobook 14 X1404VAP (stable- fixes). * ACPI: x86: Extend Lenovo Yoga Tab 3 quirk with skip GPIO event-handlers (git-fixes). * ALSA: hda/realtek - Enable speaker for HP platform (git-fixes). * ALSA: hda/realtek - Fixed ASUS platform headset Mic issue (git-fixes). * ALSA: hda/realtek: Fix built-in mic breakage on ASUS VivoBook X515JA (git- fixes). * ALSA: hda/realtek: Fix built-in mic on another ASUS VivoBook model (git- fixes). * ALSA: hda/realtek: Fix built-mic regression on other ASUS models (git- fixes). * ALSA: hda: intel: Add Lenovo IdeaPad Z570 to probe denylist (stable-fixes). * ALSA: hda: intel: Fix Optimus when GPU has no sound (stable-fixes). * ALSA: ump: Fix buffer overflow at UMP SysEx message conversion (bsc#1242044). * ALSA: usb-audio: Add retry on -EPROTO from usb_set_interface() (stable- fixes). * ALSA: usb-audio: Add second USB ID for Jabra Evolve 65 headset (stable- fixes). * ALSA: usb-audio: Fix CME quirk for UF series keyboards (stable-fixes). * ASoC: Intel: avs: Fix null-ptr-deref in avs_component_probe() (git-fixes). * ASoC: SOF: topology: Use krealloc_array() to replace krealloc() (stable- fixes). * ASoC: Use of_property_read_bool() (stable-fixes). * ASoC: amd: Add DMI quirk for ACP6X mic support (stable-fixes). * ASoC: amd: yc: update quirk data for new Lenovo model (stable-fixes). * ASoC: codecs:lpass-wsa-macro: Fix logic of enabling vi channels (git-fixes). * ASoC: codecs:lpass-wsa-macro: Fix vi feedback rate (git-fixes). * ASoC: fsl_audmix: register card device depends on 'dais' property (stable- fixes). * ASoC: imx-card: Add NULL check in imx_card_probe() (git-fixes). * ASoC: qcom: Fix sc7280 lpass potential buffer overflow (git-fixes). * ASoC: qdsp6: q6apm-dai: fix capture pipeline overruns (git-fixes). * ASoC: qdsp6: q6apm-dai: set 10 ms period and buffer alignment (git-fixes). * ASoC: qdsp6: q6asm-dai: fix q6asm_dai_compr_set_params error path (git- fixes). * ASoC: soc-core: Stop using of_property_read_bool() for non-boolean properties (stable-fixes). * ASoC: soc-pcm: Fix hw_params() and DAPM widget sequence (git-fixes). * Bluetooth: btrtl: Prevent potential NULL dereference (git-fixes). * Bluetooth: btusb: avoid NULL pointer dereference in skb_dequeue() (git- fixes). * Bluetooth: hci_event: Fix sending MGMT_EV_DEVICE_FOUND for invalid address (git-fixes). * Bluetooth: hci_uart: Fix another race during initialization (git-fixes). * Bluetooth: hci_uart: fix race during initialization (stable-fixes). * Bluetooth: l2cap: Check encryption key size on incoming connection (git- fixes). * Bluetooth: l2cap: Process valid commands in too long frame (stable-fixes). * Bluetooth: vhci: Avoid needless snprintf() calls (git-fixes). * HID: hid-plantronics: Add mic mute mapping and generalize quirks (stable- fixes). * HID: i2c-hid: improve i2c_hid_get_report error message (stable-fixes). * Input: cyttsp5 - ensure minimum reset pulse width (git-fixes). * Input: mtk-pmic-keys - fix possible null pointer dereference (git-fixes). * Input: pm8941-pwrkey - fix dev_dbg() output in pm8941_pwrkey_irq() (git- fixes). * Input: synaptics - hide unused smbus_pnp_ids[] array (git-fixes). * Input: xpad - fix two controller table values (git-fixes). * OPP: add index check to assert to avoid buffer overflow in _read_freq() (bsc#1238961) * PCI/MSI: Add an option to write MSIX ENTRY_DATA before any reads (git- fixes). * PCI: Fix BAR resizing when VF BARs are assigned (git-fixes). * PCI: Fix reference leak in pci_register_host_bridge() (git-fixes). * PCI: histb: Fix an error handling path in histb_pcie_probe() (git-fixes). * PCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type (stable-fixes). * RDMA/cma: Fix workqueue crash in cma_netevent_work_handler (git-fixes) * RDMA/core: Silence oversized kvmalloc() warning (git-fixes) * RDMA/hns: Fix wrong maximum DMA segment size (git-fixes) * RDMA/mana_ib: Ensure variable err is initialized (git-fixes). * RDMA/usnic: Fix passing zero to PTR_ERR in usnic_ib_pci_probe() (git-fixes) * Drop "PCI: Avoid reset when disabled via sysfs" patch due to regression (bsc#1241123). * Revert "drivers: core: synchronize really_probe() and dev_uevent()" (stable- fixes). * Revert "drm/meson: vclk: fix calculation of 59.94 fractional rates" (git- fixes). * Revert "tcp: Fix bind() regression for v6-only wildcard and" to avoid kABI breakage. * Revert "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()" (git-fixes). * Revert "mm/various: give up if pte_offset_map_lock fails" (bsc#1241051). * USB: OHCI: Add quirk for LS7A OHCI controller (rev 0x02) (stable-fixes). * USB: VLI disk crashes if LPM is used (stable-fixes). * USB: serial: ftdi_sio: add support for Abacus Electrics Optical Probe (stable-fixes). * USB: serial: option: add Sierra Wireless EM9291 (stable-fixes). * USB: serial: simple: add OWON HDS200 series oscilloscope support (stable- fixes). * USB: storage: quirk for ADATA Portable HDD CH94 (stable-fixes). * USB: usbtmc: use interruptible sleep in usbtmc_read (git-fixes). * USB: wdm: add annotation (git-fixes). * USB: wdm: close race between wdm_open and wdm_wwan_port_stop (git-fixes). * USB: wdm: handle IO errors in wdm_wwan_port_start (git-fixes). * USB: wdm: wdm_wwan_port_tx_complete mutex in atomic context (git-fixes). * acpi: nfit: fix narrowing conversion in acpi_nfit_ctl (git-fixes). * affs: do not write overlarge OFS data block size fields (git-fixes). * affs: generate OFS sequence numbers starting at 1 (git-fixes). * ahci: add PCI ID for Marvell 88SE9215 SATA Controller (stable-fixes). * arch_topology: Make register_cpu_capacity_sysctl() tolerant to late (bsc#1238052). * arch_topology: init capacity_freq_ref to 0 (bsc#1238052). * arm64/amu: Use capacity_ref_freq() to set AMU ratio (bsc#1238052). * arm64: Do not call NULL in do_compat_alignment_fixup() (git-fixes). * arm64: Provide an AMU-based version of arch_freq_get_on_cpu (bsc#1238052). * arm64: Update AMU-based freq scale factor on entering idle (bsc#1238052). * arm64: Utilize for_each_cpu_wrap for reference lookup (bsc#1238052). * arm64: amu: Delay allocating cpumask for AMU FIE support (bsc#1238052). * arm64: mm: Correct the update of max_pfn (git-fixes). * asus-laptop: Fix an uninitialized variable (git-fixes). * ata: libata-sata: Save all fields from sense data descriptor (git-fixes). * ata: libata-scsi: Fix ata_mselect_control_ata_feature() return type (git- fixes). * ata: libata-scsi: Fix ata_msense_control_ata_feature() (git-fixes). * ata: libata-scsi: Improve CDL control (git-fixes). * ata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe() (git-fixes). * ata: sata_sx4: Add error handling in pdc20621_i2c_read() (git-fixes). * auxdisplay: hd44780: Convert to platform remove callback returning void (stable-fixes). * auxdisplay: hd44780: Fix an API misuse in hd44780.c (git-fixes). * badblocks: Fix error shitf ops (git-fixes). * badblocks: fix merge issue when new badblocks align with pre+1 (git-fixes). * badblocks: fix missing bad blocks on retry in _badblocks_check() (git- fixes). * badblocks: fix the using of MAX_BADBLOCKS (git-fixes). * badblocks: return error directly when setting badblocks exceeds 512 (git- fixes). * badblocks: return error if any badblock set fails (git-fixes). * blk-throttle: fix lower bps rate by throtl_trim_slice() (git-fixes). * block: change blk_mq_add_to_batch() third argument type to bool (git-fixes). * block: fix 'kmem_cache of name 'bio-108' already exists' (git-fixes). * block: fix conversion of GPT partition name to 7-bit (git-fixes). * block: fix resource leak in blk_register_queue() error path (git-fixes). * block: integrity: Do not call set_page_dirty_lock() (git-fixes). * block: make sure ->nr_integrity_segments is cloned in blk_rq_prep_clone (git-fixes). * bnxt_en: Linearize TX SKB if the fragments exceed the max (git-fixes). * bnxt_en: Mask the bd_cnt field in the TX BD properly (git-fixes). * bpf: Add missed var_off setting in coerce_subreg_to_size_sx() (git-fixes). * bpf: Add missed var_off setting in set_sext32_default_val() (git-fixes). * bpf: Check size for BTF-based ctx access of pointer members (git-fixes). * bpf: Fix theoretical prog_array UAF in __uprobe_perf_func() (git-fixes). * bpf: add find_containing_subprog() utility function (bsc#1241590). * bpf: avoid holding freeze_mutex during mmap operation (git-fixes). * bpf: check changes_pkt_data property for extension programs (bsc#1241590). * bpf: consider that tail calls invalidate packet pointers (bsc#1241590). * bpf: fix null dereference when computing changes_pkt_data of prog w/o subprogs (bsc#1241590). * bpf: fix potential error return (git-fixes). * bpf: refactor bpf_helper_changes_pkt_data to use helper number (bsc#1241590). * bpf: track changes_pkt_data property for global functions (bsc#1241590). * bpf: unify VM_WRITE vs VM_MAYWRITE use in BPF map mmaping logic (git-fixes). * btrfs: add and use helper to verify the calling task has locked the inode (bsc#1241204). * btrfs: always fallback to buffered write if the inode requires checksum (bsc#1242831 bsc#1242710). * btrfs: fix hole expansion when writing at an offset beyond EOF (bsc#1241151). * btrfs: fix missing snapshot drew unlock when root is dead during swap activation (bsc#1241204). * btrfs: fix race with memory mapped writes when activating swap file (bsc#1241204). * btrfs: fix swap file activation failure due to extents that used to be shared (bsc#1241204). * can: gw: fix RCU/BH usage in cgw_create_job() (git-fixes). * can: mcan: m_can_class_unregister(): fix order of unregistration calls (git- fixes). * can: mcp251xfd: fix TDC setting for low data bit rates (git-fixes). * can: mcp251xfd: mcp251xfd_remove(): fix order of unregistration calls (git- fixes). * cdc_ether|r8152: ThinkPad Hybrid USB-C/A Dock quirk (stable-fixes). * char: misc: register chrdev region with all possible minors (git-fixes). * cifs: Fix integer overflow while processing actimeo mount option (git- fixes). * counter: fix privdata alignment (git-fixes). * counter: microchip-tcb-capture: Fix undefined counter channel state on probe (git-fixes). * counter: stm32-lptimer-cnt: fix error handling when enabling (git-fixes). * cpufreq/cppc: Set the frequency used for computing the capacity (bsc#1238052). * cpufreq: Allow arch_freq_get_on_cpu to return an error (bsc#1238052). * cpufreq: Introduce an optional cpuinfo_avg_freq sysfs entry (bsc#1238052). * crypto: atmel-sha204a - Set hwrng quality to lowest possible (git-fixes). * crypto: caam/qi - Fix drv_ctx refcount bug (git-fixes). * crypto: ccp - Add support for PCI device 0x1134 (stable-fixes). * cxgb4: fix memory leak in cxgb4_init_ethtool_filters() error path (git- fixes). * dm-bufio: do not schedule in atomic context (git-fixes). * dm-ebs: fix prefetch-vs-suspend race (git-fixes). * dm-integrity: set ti->error on memory allocation failure (git-fixes). * dm-verity: fix prefetch-vs-suspend race (git-fixes). * dm: add missing unlock on in dm_keyslot_evict() (git-fixes). * dm: always update the array size in realloc_argv on success (git-fixes). * dm: fix copying after src array boundaries (git-fixes). * dmaengine: dmatest: Fix dmatest waiting less when interrupted (stable- fixes). * drivers: base: devres: Allow to release group on device release (stable- fixes). * drm/amd/display: Add scoped mutexes for amdgpu_dm_dhcp (stable-fixes). * drm/amd/display: Copy AUX read reply data whenever length > 0 (git-fixes). * drm/amd/display: Fix gpu reset in multidisplay config (git-fixes). * drm/amd/display: Fix slab-use-after-free in hdcp (git-fixes). * drm/amd/display: Fix wrong handling for AUX_DEFER case (git-fixes). * drm/amd/display: Force full update in gpu reset (stable-fixes). * drm/amd/display: Remove incorrect checking in dmub aux handler (git-fixes). * drm/amd/display: Shift DMUB AUX reply command if necessary (git-fixes). * drm/amd/display: add workaround flag to link to force FFE preset (stable- fixes). * drm/amd/pm/smu11: Prevent division by zero (git-fixes). * drm/amd/pm: Prevent division by zero (git-fixes). * drm/amd: Handle being compiled without SI or CIK support better (stable- fixes). * drm/amd: Keep display off while going into S4 (stable-fixes). * drm/amdgpu/dma_buf: fix page_link check (git-fixes). * drm/amdgpu/gfx11: fix num_mec (git-fixes). * drm/amdgpu/hdp5.2: use memcfg register to post the write for HDP flush (git- fixes). * drm/amdgpu: handle amdgpu_cgs_create_device() errors in amd_powerplay_create() (stable-fixes). * drm/amdkfd: Fix mode1 reset crash issue (stable-fixes). * drm/amdkfd: Fix pqm_destroy_queue race with GPU reset (stable-fixes). * drm/amdkfd: clamp queue size to minimum (stable-fixes). * drm/amdkfd: debugfs hang_hws skip GPU with MES (stable-fixes). * drm/bridge: panel: forbid initializing a panel with unknown connector type (stable-fixes). * drm/dp_mst: Add a helper to queue a topology probe (stable-fixes). * drm/dp_mst: Factor out function to queue a topology probe work (stable- fixes). * drm/fdinfo: Protect against driver unbind (git-fixes). * drm/i915/dg2: wait for HuC load completion before running selftests (stable- fixes). * drm/i915/gvt: fix unterminated-string-initialization warning (stable-fixes). * drm/i915/huc: Fix fence not released on early probe errors (git-fixes). * drm/i915/pxp: fix undefined reference to `intel_pxp_gsccs_is_ready_for_sessions' (git-fixes). * drm/i915/xelpg: Extend driver code of Xe_LPG to Xe_LPG+ (stable-fixes). * drm/i915: Disable RPG during live selftest (git-fixes). * drm/mediatek: mtk_dpi: Explicitly manage TVD clock in power on/off (stable- fixes). * drm/mediatek: mtk_dpi: Move the input_2p_en bit to platform data (stable- fixes). * drm/nouveau: Fix WARN_ON in nouveau_fence_context_kill() (git-fixes). * drm/nouveau: prime: fix ttm_bo_delayed_delete oops (git-fixes). * drm/panel: simple: Update timings for AUO G101EVN010 (git-fixes). * drm/sti: remove duplicate object names (git-fixes). * drm/tests: Add helper to create mock crtc (stable-fixes). * drm/tests: Add helper to create mock plane (stable-fixes). * drm/tests: Build KMS helpers when DRM_KUNIT_TEST_HELPERS is enabled (git- fixes). * drm/tests: cmdline: Fix drm_display_mode memory leak (git-fixes). * drm/tests: helpers: Add atomic helpers (stable-fixes). * drm/tests: helpers: Add helper for drm_display_mode_from_cea_vic() (stable- fixes). * drm/tests: helpers: Create kunit helper to destroy a drm_display_mode (stable-fixes). * drm/tests: helpers: Fix compiler warning (git-fixes). * drm/tests: modes: Fix drm_display_mode memory leak (git-fixes). * drm/tests: probe-helper: Fix drm_display_mode memory leak (git-fixes). * drm: Select DRM_KMS_HELPER from DRM_DEBUG_DP_MST_TOPOLOGY_REFS (git-fixes). * drm: allow encoder mode_set even when connectors change for crtc (stable- fixes). * drm: panel-orientation-quirks: Add new quirk for GPD Win 2 (stable-fixes). * drm: panel-orientation-quirks: Add quirk for AYA NEO Slide (stable-fixes). * drm: panel-orientation-quirks: Add quirk for OneXPlayer Mini (Intel) (stable-fixes). * drm: panel-orientation-quirks: Add quirks for AYA NEO Flip DS and KB (stable-fixes). * drm: panel-orientation-quirks: Add support for AYANEO 2S (stable-fixes). * e1000e: change k1 configuration on MTP and later platforms (git-fixes). * Enable IMA (bsc#1240617). * eth: bnxt: fix missing ring index trim on error path (git-fixes). * ethtool: Fix context creation with no parameters (git-fixes). * ethtool: Fix set RXNFC command with symmetric RSS hash (git-fixes). * ethtool: Fix wrong mod state in case of verbose and no_mask bitset (git- fixes). * ethtool: do not propagate EOPNOTSUPP from dumps (git-fixes). * ethtool: fix setting key and resetting indir at once (git-fixes). * ethtool: netlink: Add missing ethnl_ops_begin/complete (git-fixes). * ethtool: netlink: do not return SQI value if link is down (git-fixes). * ethtool: plca: fix plca enable data type while parsing the value (git- fixes). * ethtool: rss: echo the context number back (git-fixes). * exfat: do not fallback to buffered write (git-fixes). * exfat: drop ->i_size_ondisk (git-fixes). * exfat: fix soft lockup in exfat_clear_bitmap (git-fixes). * exfat: fix the infinite loop in exfat_find_last_cluster() (git-fixes). * exfat: short-circuit zero-byte writes in exfat_file_write_iter (git-fixes). * ext4: add missing brelse() for bh2 in ext4_dx_add_entry() (bsc#1242342). * ext4: correct encrypted dentry name hash when not casefolded (bsc#1242540). * ext4: do not over-report free space or inodes in statvfs (bsc#1242345). * ext4: do not treat fhandle lookup of ea_inode as FS corruption (bsc#1242347). * ext4: fix FS_IOC_GETFSMAP handling (bsc#1240557). * ext4: goto right label 'out_mmap_sem' in ext4_setattr() (bsc#1242556). * ext4: make block validity check resistent to sb bh corruption (bsc#1242348). * ext4: partial zero eof block on unaligned inode size extension (bsc#1242336). * ext4: protect ext4_release_dquot against freezing (bsc#1242335). * ext4: replace the traditional ternary conditional operator with with max()/min() (bsc#1242536). * ext4: treat end of range as exclusive in ext4_zero_range() (bsc#1242539). * ext4: unify the type of flexbg_size to unsigned int (bsc#1242538). * fbdev: omapfb: Add 'plane' value check (stable-fixes). * firmware: arm_ffa: Skip Rx buffer ownership release if not acquired (git- fixes). * firmware: arm_scmi: Balance device refcount when destroying devices (git- fixes). * firmware: cs_dsp: Ensure cs_dsp_load_coeff returns 0 on success (git-fixes). * fs/jfs: Prevent integer overflow in AG size calculation (git-fixes). * fs/jfs: cast inactags to s64 to prevent potential overflow (git-fixes). * fs/ntfs3: add prefix to bitmap_size() and use BITS_TO_U64() (bsc#1241250). * fs: better handle deep ancestor chains in is_subdir() (bsc#1242528). * fs: consistently deref the files table with rcu_dereference_raw() (bsc#1242535). * fs: do not allow non-init s_user_ns for filesystems without FS_USERNS_MOUNT (bsc#1242526). * fs: support relative paths with FSCONFIG_SET_STRING (git-fixes). * gpio: tegra186: fix resource handling in ACPI probe path (git-fixes). * gpio: zynq: Fix wakeup source leaks on device unbind (stable-fixes). * gve: handle overflow when reporting TX consumed descriptors (git-fixes). * gve: set xdp redirect target only when it is available (git-fixes). * hfs/hfsplus: fix slab-out-of-bounds in hfs_bnode_read_key (git-fixes). * hwmon: (nct6775-core) Fix out of bounds access for NCT679{8,9} (stable- fixes). * i2c: cros-ec-tunnel: defer probe if parent EC is not present (git-fixes). * i2c: imx-lpi2c: Fix clock count when probe defers (git-fixes). * ice: Add check for devm_kzalloc() (git-fixes). * ice: fix reservation of resources for RDMA when disabled (git-fixes). * ice: stop truncating queue ids when checking (git-fixes). * idpf: check error for register_netdev() on init (git-fixes). * idpf: fix adapter NULL pointer dereference on reboot (git-fixes). * igb: reject invalid external timestamp requests for 82580-based HW (git- fixes). * igc: add lock preventing multiple simultaneous PTM transactions (git-fixes). * igc: cleanup PTP module if probe fails (git-fixes). * igc: fix PTM cycle trigger logic (git-fixes). * igc: handle the IGC_PTP_ENABLED flag correctly (git-fixes). * igc: increase wait time before retrying PTM (git-fixes). * igc: move ktime snapshot into PTM retry loop (git-fixes). * iio: accel: adxl367: fix setting odr for activity time update (git-fixes). * iio: adc: ad7606: fix serial register access (git-fixes). * iio: adc: ad7768-1: Fix conversion result sign (git-fixes). * iio: adc: ad7768-1: Move setting of val a bit later to avoid unnecessary return value check (stable-fixes). * iio: adis16201: Correct inclinometer channel resolution (git-fixes). * iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_fifo (git- fixes). * iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_tagged_fifo (git-fixes). * iio: temp: maxim-thermocouple: Fix potential lack of DMA safe buffer (git- fixes). * iommu: Fix two issues in iommu_copy_struct_from_user() (git-fixes). * ipv4: fib: annotate races around nh->nh_saddr_genid and nh->nh_saddr (git- fixes). * irqchip/davinci: Remove leftover header (git-fixes). * irqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode() (git-fixes). * irqchip/qcom-mpm: Prevent crash when trying to handle non-wake GPIOs (git- fixes). * isofs: fix KMSAN uninit-value bug in do_isofs_readdir() (bsc#1242307). * jbd2: add a missing data flush during file and fs synchronization (bsc#1242346). * jbd2: fix off-by-one while erasing journal (bsc#1242344). * jbd2: flush filesystem device before updating tail sequence (bsc#1242333). * jbd2: increase IO priority for writing revoke records (bsc#1242332). * jbd2: increase the journal IO's priority (bsc#1242537). * jbd2: remove wrong sb->s_sequence check (bsc#1242343). * jfs: Fix uninit-value access of imap allocated in the diMount() function (git-fixes). * jfs: Prevent copying of nlink with value 0 from disk inode (git-fixes). * jfs: add sanity check for agwidth in dbMount (git-fixes). * kABI fix for sctp: detect and prevent references to a freed transport in sendmsg (git-fixes). * kABI workaround for powercap update (bsc#1241010). * ktest: Fix Test Failures Due to Missing LOG_FILE Directories (stable-fixes). * kunit: qemu_configs: SH: Respect kunit cmdline (git-fixes). * lib: scatterlist: fix sg_split_phys to preserve original scatterlist offsets (git-fixes). * libperf cpumap: Be tolerant of newline at the end of a cpumask (bsc#1234698 jsc#PED-12309). * libperf cpumap: Ensure empty cpumap is NULL from alloc (bsc#1234698 jsc#PED-12309). * libperf cpumap: Grow array of read CPUs in smaller increments (bsc#1234698 jsc#PED-12309). * libperf cpumap: Hide/reduce scope of MAX_NR_CPUS (bsc#1234698 jsc#PED-12309). * libperf cpumap: Remove use of perf_cpu_map__read() (bsc#1234698 jsc#PED-12309). * libperf cpumap: Rename perf_cpu_map__default_new() to perf_cpu_map__new_online_cpus() and prefer sysfs (bsc#1234698 jsc#PED-12309). * libperf cpumap: Rename perf_cpu_map__dummy_new() to perf_cpu_map__new_any_cpu() (bsc#1234698 jsc#PED-12309). * libperf cpumap: Rename perf_cpu_map__empty() to perf_cpu_map__has_any_cpu_or_is_empty() (bsc#1234698 jsc#PED-12309). * loop: LOOP_SET_FD: send uevents for partitions (git-fixes). * loop: properly send KOBJ_CHANGED uevent for disk device (git-fixes). * loop: stop using vfs_iter_{read,write} for buffered I/O (git-fixes). * md/md-bitmap: fix wrong bitmap_limit for clustermd when write sb (bsc#1238212). * media: uvcvideo: Add quirk for Actions UVC05 (stable-fixes). * mei: me: add panther lake H DID (stable-fixes). * misc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration (git-fixes). * misc: microchip: pci1xxxx: Fix incorrect IRQ status handling during ack (git-fixes). * mm/readahead: fix large folio support in async readahead (bsc#1242321). * mm: fix error handling in __filemap_get_folio() with FGP_NOWAIT (bsc#1242326). * mm: fix filemap_get_folios_contig returning batches of identical folios (bsc#1242327). * mm: fix oops when filemap_map_pmd() without prealloc_pte (bsc#1242546). * mmc: dw_mmc: add a quirk for accessing 64-bit FIFOs in two halves (stable- fixes). * mmc: renesas_sdhi: Fix error handling in renesas_sdhi_probe (git-fixes). * mmc: sdhci-pxav3: set NEED_RSP_BUSY capability (stable-fixes). * mptcp: mptcp_parse_option() fix for MPTCPOPT_MP_JOIN (git-fixes). * mptcp: refine opt_mp_capable determination (git-fixes). * mptcp: relax check on MPC passive fallback (git-fixes). * mptcp: strict validation before using mp_opt->hmac (git-fixes). * mptcp: use OPTION_MPTCP_MPJ_SYN in subflow_check_req() (git-fixes). * mtd: inftlcore: Add error check for inftl_read_oob() (git-fixes). * mtd: rawnand: Add status chack in r852_ready() (git-fixes). * net/mlx5: Fill out devlink dev info only for PFs (git-fixes). * net/mlx5: IRQ, Fix null string in debug print (git-fixes). * net/mlx5: Lag, Check shared fdb before creating MultiPort E-Switch (git- fixes). * net/mlx5: Start health poll after enable hca (git-fixes). * net/mlx5e: Fix ethtool -N flow-type ip4 to RSS context (git-fixes). * net/mlx5e: Prevent bridge link show failure for non-eswitch-allowed devices (git-fixes). * net/mlx5e: SHAMPO, Make reserved size independent of page size (git-fixes). * net/tcp: refactor tcp_inet6_sk() (git-fixes). * net: annotate data-races around sk->sk_dst_pending_confirm (git-fixes). * net: annotate data-races around sk->sk_tx_queue_mapping (git-fixes). * net: blackhole_dev: fix build warning for ethh set but not used (git-fixes). * net: ethtool: Do not call .cleanup_data when prepare_data fails (git-fixes). * net: ethtool: Fix RSS setting (git-fixes). * net: ipv6: fix UDPv6 GSO segmentation with NAT (git-fixes). * net: mana: Switch to page pool for jumbo frames (git-fixes). * net: mark racy access on sk->sk_rcvbuf (git-fixes). * net: phy: leds: fix memory leak (git-fixes). * net: phy: microchip: force IRQ polling mode for lan88xx (git-fixes). * net: sctp: fix skb leak in sctp_inq_free() (git-fixes). * net: set SOCK_RCU_FREE before inserting socket into hashtable (git-fixes). * net: usb: asix_devices: add FiberGecko DeviceID (stable-fixes). * net: usb: qmi_wwan: add Telit Cinterion FE990B composition (stable-fixes). * net: usb: qmi_wwan: add Telit Cinterion FN990B composition (stable-fixes). * net_sched: drr: Fix double list add in class with netem as child qdisc (git- fixes). * net_sched: ets: Fix double list add in class with netem as child qdisc (git- fixes). * net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (git-fixes). * net_sched: qfq: Fix double list add in class with netem as child qdisc (git- fixes). * netpoll: Use rcu_access_pointer() in netpoll_poll_lock (git-fixes). * nfs: add missing selections of CONFIG_CRC32 (git-fixes). * nfs: clear SB_RDONLY before getting superblock (bsc#1238565). * nfs: ignore SB_RDONLY when remounting nfs (bsc#1238565). * nfsd: decrease sc_count directly if fail to queue dl_recall (git-fixes). * nfsd: put dl_stid if fail to queue dl_recall (git-fixes). * ntb: Force physically contiguous allocation of rx ring buffers (git-fixes). * ntb: intel: Fix using link status DB's (git-fixes). * ntb: reduce stack usage in idt_scan_mws (stable-fixes). * ntb: use 64-bit arithmetic for the MSI doorbell mask (git-fixes). * ntb_hw_amd: Add NTB PCI ID for new gen CPU (stable-fixes). * ntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans (git-fixes). * ntb_perf: Delete duplicate dmaengine_unmap_put() call in perf_copy_chunk() (git-fixes). * ntb_perf: Fix printk format (git-fixes). * nvme-pci: clean up CMBMSC when registering CMB fails (git-fixes). * nvme-pci: fix stuck reset on concurrent DPC and HP (git-fixes). * nvme-pci: skip CMB blocks incompatible with PCI P2P DMA (git-fixes). * nvme-pci: skip nvme_write_sq_db on empty rqlist (git-fixes). * nvme-tcp: fix possible UAF in nvme_tcp_poll (git-fixes). * nvme/ioctl: do not warn on vectorized uring_cmd with fixed buffer (git- fixes). * nvmet-fcloop: swap list_add_tail arguments (git-fixes). * objtool, media: dib8000: Prevent divide-by-zero in dib8000_set_dds() (git- fixes). * objtool, spi: amd: Fix out-of-bounds stack access in amd_set_spi_freq() (git-fixes). * objtool: Fix segfault in ignore_unreachable_insn() (git-fixes). * perf cpumap: Reduce transitive dependencies on libperf MAX_NR_CPUS (bsc#1234698 jsc#PED-12309). * perf pmu: Remove use of perf_cpu_map__read() (bsc#1234698 jsc#PED-12309). * perf tools: annotate asm_pure_loop.S (bsc#1239906). * perf: Increase MAX_NR_CPUS to 4096 (bsc#1234698 jsc#PED-12309). * perf: arm_cspmu: nvidia: enable NVLINK-C2C port filtering (bsc#1242172). * perf: arm_cspmu: nvidia: fix sysfs path in the kernel doc (bsc#1242172). * perf: arm_cspmu: nvidia: monitor all ports by default (bsc#1242172). * perf: arm_cspmu: nvidia: remove unsupported SCF events (bsc#1242172). * phy: freescale: imx8m-pcie: assert phy reset and perst in power off (git- fixes). * pinctrl: renesas: rza2: Fix potential NULL pointer dereference (stable- fixes). * platform/x86/amd/pmc: Declare quirk_spurious_8042 for MECHREVO Wujie 14XA (GX4HRXL) (git-fixes). * platform/x86/amd: pmc: Require at least 2.5 seconds between HW sleep cycles (stable-fixes). * platform/x86/intel-uncore-freq: Fix missing uncore sysfs during CPU hotplug (git-fixes). * platform/x86/intel/vsec: Add Diamond Rapids support (stable-fixes). * platform/x86: ISST: Correct command storage data length (git-fixes). * platform/x86: asus-wmi: Fix wlan_ctrl_by_user detection (git-fixes). * platform/x86: intel-hid: fix volume buttons on Microsoft Surface Go 4 tablet (stable-fixes). * pm: cpupower: bench: Prevent NULL dereference on malloc failure (stable- fixes). * powercap: dtpm_devfreq: Fix error check against dev_pm_qos_add_request() (git-fixes). * powercap: intel_rapl: Introduce APIs for PMU support (bsc#1241010). * powercap: intel_rapl_tpmi: Enable PMU support (bsc#1241010). * powercap: intel_rapl_tpmi: Fix System Domain probing (git-fixes). * powercap: intel_rapl_tpmi: Fix bogus register reading (git-fixes). * powercap: intel_rapl_tpmi: Ignore minor version change (git-fixes). * powerpc/boot: Check for ld-option support (bsc#1215199). * powerpc/boot: Fix dash warning (bsc#1215199). * powerpc: Do not use --- in kernel logs (git-fixes). * pwm: fsl-ftm: Handle clk_get_rate() returning 0 (git-fixes). * pwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config() (git-fixes). * pwm: rcar: Improve register calculation (git-fixes). * rtc: pcf85063: do a SW reset if POR failed (stable-fixes). * rtnetlink: Allocate vfinfo size for VF GUIDs when supported (bsc#1224013). * s390/cio: Fix CHPID "configure" attribute caching (git-fixes bsc#1240979). * s390/pci: Fix zpci_bus_is_isolated_vf() for non-VFs (git-fixes bsc#1240978). * sched/topology: Add a new arch_scale_freq_ref() method (bsc#1238052) * scsi: core: Use GFP_NOIO to avoid circular locking dependency (git-fixes). * scsi: hisi_sas: Enable force phy when SATA disk directly connected (git- fixes). * scsi: iscsi: Fix missing scsi_host_put() in error path (git-fixes). * scsi: lpfc: Restore clearing of NLP_UNREG_INP in ndlp->nlp_flag (git-fixes). * scsi: mpi3mr: Fix locking in an error path (git-fixes). * scsi: mpt3sas: Fix a locking bug in an error path (git-fixes). * scsi: mpt3sas: Reduce log level of ignore_delay_remove message to KERN_INFO (git-fixes). * scsi: scsi_debug: Remove a reference to in_use_bm (git-fixes). * sctp: Fix undefined behavior in left shift operation (git-fixes). * sctp: add mutual exclusion in proc_sctp_do_udp_port() (git-fixes). * sctp: detect and prevent references to a freed transport in sendmsg (git- fixes). * sctp: ensure sk_state is set to CLOSED if hashing fails in sctp_listen_start (git-fixes). * sctp: fix association labeling in the duplicate COOKIE-ECHO case (git- fixes). * sctp: fix busy polling (git-fixes). * sctp: prefer struct_size over open coded arithmetic (git-fixes). * sctp: support MSG_ERRQUEUE flag in recvmsg() (git-fixes). * security, lsm: Introduce security_mptcp_add_subflow() (bsc#1240375). * selftests/bpf: Add a few tests to cover (git-fixes). * selftests/bpf: Add test for narrow ctx load for pointer args (git-fixes). * selftests/bpf: extend changes_pkt_data with cases w/o subprograms (bsc#1241590). * selftests/bpf: freplace tests for tracking of changes_packet_data (bsc#1241590). * selftests/bpf: test for changing packet data from global functions (bsc#1241590). * selftests/bpf: validate that tail call invalidates packet pointers (bsc#1241590). * selftests/futex: futex_waitv wouldblock test should fail (git-fixes). * selftests/mm: generate a temporary mountpoint for cgroup filesystem (git- fixes). * selinux: Implement mptcp_add_subflow hook (bsc#1240375). * serial: 8250_dma: terminate correct DMA in tx_dma_flush() (git-fixes). * serial: msm: Configure correct working mode before starting earlycon (git- fixes). * serial: sifive: lock port in startup()/shutdown() callbacks (git-fixes). * smb: client: fix folio leaks and perf improvements (bsc#1239997, bsc1241265). * smb: client: fix open_cached_dir retries with 'hard' mount option (bsc#1240616). * sound/virtio: Fix cancel_sync warnings on uninitialized work_structs (stable-fixes). * spi: tegra114: Do not fail set_cs_timing when delays are zero (git-fixes). * spi: tegra210-quad: add rate limiting and simplify timeout error message (stable-fixes). * spi: tegra210-quad: use WARN_ON_ONCE instead of WARN_ON for timeouts (stable-fixes). * splice: remove duplicate noinline from pipe_clear_nowait (bsc#1242328). * staging: axis-fifo: Correct handling of tx_fifo_depth for size validation (git-fixes). * staging: axis-fifo: Remove hardware resets for user errors (git-fixes). * staging: iio: adc: ad7816: Correct conditional logic for store mode (git- fixes). * staging: rtl8723bs: select CONFIG_CRYPTO_LIB_AES (git-fixes). * string: Add load_unaligned_zeropad() code path to sized_strscpy() (git- fixes). * tcp: fix mptcp DSS corruption due to large pmtu xmit (git-fixes). * thunderbolt: Scan retimers after device router has been enumerated (stable- fixes). * tools/hv: update route parsing in kvp daemon (git-fixes). * tools/power turbostat: Increase CPU_SUBSET_MAXCPUS to 8192 (bsc#1241175). * tools/power turbostat: report CoreThr per measurement interval (git-fixes). * topology: Set capacity_freq_ref in all cases (bsc#1238052) * tpm, tpm_tis: Workaround failed command reception on Infineon devices (bsc#1235870). * tpm: tis: Double the timeout B to 4s (bsc#1235870). * tpm_tis: Move CRC check to generic send routine (bsc#1235870). * tpm_tis: Use responseRetry to recover from data transfer errors (bsc#1235870). * tty: n_tty: use uint for space returned by tty_write_room() (git-fixes). * tty: serial: 8250: Add Brainboxes XC devices (stable-fixes). * tty: serial: 8250: Add some more device IDs (stable-fixes). * tty: serial: fsl_lpuart: disable transmitter before changing RS485 related registers (git-fixes). * tty: serial: lpuart: only disable CTS instead of overwriting the whole UARTMODIR register (git-fixes). * ublk: set_params: properly check if parameters can be applied (git-fixes). * ucsi_ccg: Do not show failed to get FW build information error (git-fixes). * udf: Fix inode_getblk() return value (bsc#1242313). * udf: Skip parent dir link count update if corrupted (bsc#1242315). * udf: Verify inode link counts before performing rename (bsc#1242314). * usb: cdns3: Fix deadlock when using NCM gadget (git-fixes). * usb: cdnsp: fix L1 resume issue for RTL_REVISION_NEW_LPM version (git- fixes). * usb: chipidea: ci_hdrc_imx: fix call balance of regulator routines (git- fixes). * usb: chipidea: ci_hdrc_imx: implement usb_phy_init() error handling (git- fixes). * usb: dwc3: Set SUSPENDENABLE soon after phy init (git-fixes). * usb: dwc3: gadget: Avoid using reserved endpoints on Intel Merrifield (stable-fixes). * usb: dwc3: gadget: Refactor loop to avoid NULL endpoints (stable-fixes). * usb: dwc3: gadget: check that event count does not exceed event buffer length (git-fixes). * usb: dwc3: xilinx: Prevent spike in reset signal (git-fixes). * usb: gadget: Use get_status callback to set remote wakeup capability (git- fixes). * usb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev() (stable- fixes). * usb: gadget: f_ecm: Add get_status callback (git-fixes). * usb: gadget: tegra-xudc: ACK ST_RC after clearing CTRL_RUN (git-fixes). * usb: host: max3421-hcd: Add missing spi_device_id table (stable-fixes). * usb: host: tegra: Prevent host controller crash when OTG port is used (git- fixes). * usb: host: xhci-plat: mvebu: use ->quirks instead of ->init_quirk() func (stable-fixes). * usb: quirks: Add delay init quirk for SanDisk 3.2Gen1 Flash Drive (stable- fixes). * usb: quirks: add DELAY_INIT quirk for Silicon Motion Flash Drive (stable- fixes). * usb: typec: tcpm: delay SNK_TRY_WAIT_DEBOUNCE to SRC_TRYWAIT transition (git-fixes). * usb: typec: ucsi: displayport: Fix NULL pointer access (git-fixes). * usb: uhci-platform: Make the clock really optional (git-fixes). * usb: usbtmc: Fix erroneous generic_read ioctl return (git-fixes). * usb: usbtmc: Fix erroneous get_stb ioctl error returns (git-fixes). * usb: usbtmc: Fix erroneous wait_srq ioctl return (git-fixes). * usb: xhci: correct debug message page size calculation (git-fixes). * usbnet:fix NPE during rx_complete (git-fixes). * vdpa/mlx5: Fix oversized null mkey longer than 32bit (git-fixes). * vfs: do not mod negative dentry count when on shrinker list (bsc#1242534). * virtchnl: make proto and filter action count unsigned (git-fixes). * vmxnet3: Fix tx queue race condition with XDP (bsc#1241394). * vmxnet3: unregister xdp rxq info in the reset path (bsc#1241394). * wifi: at76c50x: fix use after free access in at76_disconnect (git-fixes). * wifi: ath11k: fix memory leak in ath11k_xxx_remove() (git-fixes). * wifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi (stable-fixes). * wifi: ath12k: Fix invalid entry fetch in ath12k_dp_mon_srng_process (stable- fixes). * wifi: brcm80211: fmac: Add error handling for brcmf_usb_dl_writeimage() (git-fixes). * wifi: brcmfmac: keep power during suspend if board requires it (stable- fixes). * wifi: cfg80211: fix out-of-bounds access during multi-link element defragmentation (git-fixes). * wifi: iwlwifi: fw: allocate chained SG tables for dump (stable-fixes). * wifi: iwlwifi: mvm: use the right version of the rate API (stable-fixes). * wifi: mac80211: Purge vif txq in ieee80211_do_stop() (git-fixes). * wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue() (git-fixes). * wifi: mac80211: flush the station before moving it to UN-AUTHORIZED state (stable-fixes). * wifi: mt76: mt76x2u: add TP-Link TL-WDN6200 ID to device table (stable- fixes). * wifi: plfxlc: Remove erroneous assert in plfxlc_mac_release (git-fixes). * wifi: wl1251: fix memory leak in wl1251_tx_work (git-fixes). * x86/bhi: Do not set BHI_DIS_S in 32-bit mode (bsc#1242778). * x86/bpf: Add IBHF call at end of classic BPF (bsc#1242778). * x86/bpf: Call branch history clearing sequence on exit (bsc#1242778). * x86/bugs: Add RSB mitigation document (git-fixes). * x86/bugs: Do not fill RSB on VMEXIT with eIBRS+retpoline (git-fixes). * x86/bugs: Do not fill RSB on context switch with eIBRS (git-fixes). * x86/bugs: Fix RSB clearing in indirect_branch_prediction_barrier() (git- fixes). * x86/bugs: Rename entry_ibpb() to write_ibpb() (git-fixes). * x86/bugs: Use SBPB in write_ibpb() if applicable (git-fixes). * x86/dumpstack: Fix inaccurate unwinding from exception stacks due to misplaced assignment (git-fixes). * x86/entry: Fix ORC unwinder for PUSH_REGS with save_ret=1 (git-fixes). * x86/hyperv: Fix check of return value from snp_set_vmsa() (git-fixes). * x86/microcode/AMD: Fix a -Wsometimes-uninitialized clang false positive (git-fixes). * x86/microcode/AMD: Flush patch buffer mapping after application (git-fixes). * x86/microcode/AMD: Pay attention to the stepping dynamically (git-fixes). * x86/microcode/AMD: Split load_microcode_amd() (git-fixes). * x86/microcode/AMD: Use the family,model,stepping encoded in the patch ID (git-fixes). * x86/microcode/intel: Set new revision only after a successful update (git- fixes). * x86/microcode: Remove the driver announcement and version (git-fixes). * x86/microcode: Rework early revisions reporting (git-fixes). * x86/paravirt: Move halt paravirt calls under CONFIG_PARAVIRT (git-fixes). * x86/tdx: Emit warning if IRQs are enabled during HLT #VE handling (git- fixes). * x86/tdx: Fix arch_safe_halt() execution for TDX VMs (git-fixes). * x86/uaccess: Improve performance by aligning writes to 8 bytes in copy_user_generic(), on non-FSRM/ERMS CPUs (git-fixes). * xfs: flush inodegc before swapon (git-fixes). * xhci: Clean up stale comment on ERST_SIZE macro (stable-fixes). * xhci: Fix null pointer dereference during S4 resume when resetting ep0 (bsc#1235550). * xhci: Reconfigure endpoint 0 max packet size only during endpoint reset (bsc#1235550). * xhci: fix possible null pointer deref during xhci urb enqueue (bsc#1235550). * zap_pid_ns_processes: clear TIF_NOTIFY_SIGNAL along with TIF_SIGPENDING (bsc#1241167). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1707=1 openSUSE-SLE-15.6-2025-1707=1 * Public Cloud Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2025-1707=1 ## Package List: * openSUSE Leap 15.6 (aarch64 x86_64) * cluster-md-kmp-azure-6.4.0-150600.8.37.1 * ocfs2-kmp-azure-6.4.0-150600.8.37.1 * kernel-azure-optional-debuginfo-6.4.0-150600.8.37.1 * cluster-md-kmp-azure-debuginfo-6.4.0-150600.8.37.1 * kernel-azure-devel-6.4.0-150600.8.37.1 * kernel-azure-debugsource-6.4.0-150600.8.37.1 * kernel-azure-optional-6.4.0-150600.8.37.1 * reiserfs-kmp-azure-debuginfo-6.4.0-150600.8.37.1 * kernel-azure-extra-6.4.0-150600.8.37.1 * dlm-kmp-azure-6.4.0-150600.8.37.1 * kernel-azure-extra-debuginfo-6.4.0-150600.8.37.1 * gfs2-kmp-azure-debuginfo-6.4.0-150600.8.37.1 * kselftests-kmp-azure-debuginfo-6.4.0-150600.8.37.1 * kernel-azure-devel-debuginfo-6.4.0-150600.8.37.1 * kselftests-kmp-azure-6.4.0-150600.8.37.1 * reiserfs-kmp-azure-6.4.0-150600.8.37.1 * kernel-syms-azure-6.4.0-150600.8.37.1 * gfs2-kmp-azure-6.4.0-150600.8.37.1 * ocfs2-kmp-azure-debuginfo-6.4.0-150600.8.37.1 * kernel-azure-debuginfo-6.4.0-150600.8.37.1 * dlm-kmp-azure-debuginfo-6.4.0-150600.8.37.1 * openSUSE Leap 15.6 (aarch64 nosrc x86_64) * kernel-azure-6.4.0-150600.8.37.1 * openSUSE Leap 15.6 (x86_64) * kernel-azure-vdso-debuginfo-6.4.0-150600.8.37.1 * kernel-azure-vdso-6.4.0-150600.8.37.1 * openSUSE Leap 15.6 (noarch) * kernel-devel-azure-6.4.0-150600.8.37.1 * kernel-source-azure-6.4.0-150600.8.37.1 * Public Cloud Module 15-SP6 (aarch64 nosrc x86_64) * kernel-azure-6.4.0-150600.8.37.1 * Public Cloud Module 15-SP6 (aarch64 x86_64) * kernel-azure-devel-debuginfo-6.4.0-150600.8.37.1 * kernel-azure-debuginfo-6.4.0-150600.8.37.1 * kernel-syms-azure-6.4.0-150600.8.37.1 * kernel-azure-devel-6.4.0-150600.8.37.1 * kernel-azure-debugsource-6.4.0-150600.8.37.1 * Public Cloud Module 15-SP6 (noarch) * kernel-devel-azure-6.4.0-150600.8.37.1 * kernel-source-azure-6.4.0-150600.8.37.1 ## References: * https://www.suse.com/security/cve/CVE-2023-53034.html * https://www.suse.com/security/cve/CVE-2024-27018.html * https://www.suse.com/security/cve/CVE-2024-27415.html * https://www.suse.com/security/cve/CVE-2024-28956.html * https://www.suse.com/security/cve/CVE-2024-35840.html * https://www.suse.com/security/cve/CVE-2024-46763.html * https://www.suse.com/security/cve/CVE-2024-46865.html * https://www.suse.com/security/cve/CVE-2024-50038.html * https://www.suse.com/security/cve/CVE-2024-50083.html * https://www.suse.com/security/cve/CVE-2024-50162.html * https://www.suse.com/security/cve/CVE-2024-50163.html * https://www.suse.com/security/cve/CVE-2024-53124.html * https://www.suse.com/security/cve/CVE-2024-53139.html * https://www.suse.com/security/cve/CVE-2024-56641.html * https://www.suse.com/security/cve/CVE-2024-56702.html * https://www.suse.com/security/cve/CVE-2024-57924.html * https://www.suse.com/security/cve/CVE-2024-57998.html * https://www.suse.com/security/cve/CVE-2024-58001.html * https://www.suse.com/security/cve/CVE-2024-58018.html * https://www.suse.com/security/cve/CVE-2024-58068.html * https://www.suse.com/security/cve/CVE-2024-58070.html * https://www.suse.com/security/cve/CVE-2024-58071.html * https://www.suse.com/security/cve/CVE-2024-58088.html * https://www.suse.com/security/cve/CVE-2024-58093.html * https://www.suse.com/security/cve/CVE-2024-58094.html * https://www.suse.com/security/cve/CVE-2024-58095.html * https://www.suse.com/security/cve/CVE-2024-58096.html * https://www.suse.com/security/cve/CVE-2024-58097.html * https://www.suse.com/security/cve/CVE-2025-21683.html * https://www.suse.com/security/cve/CVE-2025-21696.html * https://www.suse.com/security/cve/CVE-2025-21707.html * https://www.suse.com/security/cve/CVE-2025-21729.html * https://www.suse.com/security/cve/CVE-2025-21755.html * https://www.suse.com/security/cve/CVE-2025-21758.html * https://www.suse.com/security/cve/CVE-2025-21768.html * https://www.suse.com/security/cve/CVE-2025-21792.html * https://www.suse.com/security/cve/CVE-2025-21806.html * https://www.suse.com/security/cve/CVE-2025-21808.html * https://www.suse.com/security/cve/CVE-2025-21812.html * https://www.suse.com/security/cve/CVE-2025-21833.html * https://www.suse.com/security/cve/CVE-2025-21836.html * https://www.suse.com/security/cve/CVE-2025-21852.html * https://www.suse.com/security/cve/CVE-2025-21853.html * https://www.suse.com/security/cve/CVE-2025-21854.html * https://www.suse.com/security/cve/CVE-2025-21863.html * https://www.suse.com/security/cve/CVE-2025-21867.html * https://www.suse.com/security/cve/CVE-2025-21873.html * https://www.suse.com/security/cve/CVE-2025-21875.html * https://www.suse.com/security/cve/CVE-2025-21881.html * https://www.suse.com/security/cve/CVE-2025-21884.html * https://www.suse.com/security/cve/CVE-2025-21887.html * https://www.suse.com/security/cve/CVE-2025-21889.html * https://www.suse.com/security/cve/CVE-2025-21894.html * https://www.suse.com/security/cve/CVE-2025-21895.html * https://www.suse.com/security/cve/CVE-2025-21904.html * https://www.suse.com/security/cve/CVE-2025-21905.html * https://www.suse.com/security/cve/CVE-2025-21906.html * https://www.suse.com/security/cve/CVE-2025-21908.html * https://www.suse.com/security/cve/CVE-2025-21909.html * https://www.suse.com/security/cve/CVE-2025-21910.html * https://www.suse.com/security/cve/CVE-2025-21912.html * https://www.suse.com/security/cve/CVE-2025-21913.html * https://www.suse.com/security/cve/CVE-2025-21914.html * https://www.suse.com/security/cve/CVE-2025-21915.html * https://www.suse.com/security/cve/CVE-2025-21916.html * https://www.suse.com/security/cve/CVE-2025-21917.html * https://www.suse.com/security/cve/CVE-2025-21918.html * https://www.suse.com/security/cve/CVE-2025-21922.html * https://www.suse.com/security/cve/CVE-2025-21923.html * https://www.suse.com/security/cve/CVE-2025-21924.html * https://www.suse.com/security/cve/CVE-2025-21925.html * https://www.suse.com/security/cve/CVE-2025-21926.html * https://www.suse.com/security/cve/CVE-2025-21927.html * https://www.suse.com/security/cve/CVE-2025-21928.html * https://www.suse.com/security/cve/CVE-2025-21930.html * https://www.suse.com/security/cve/CVE-2025-21931.html * https://www.suse.com/security/cve/CVE-2025-21934.html * https://www.suse.com/security/cve/CVE-2025-21935.html * https://www.suse.com/security/cve/CVE-2025-21936.html * https://www.suse.com/security/cve/CVE-2025-21937.html * https://www.suse.com/security/cve/CVE-2025-21941.html * https://www.suse.com/security/cve/CVE-2025-21943.html * https://www.suse.com/security/cve/CVE-2025-21948.html * https://www.suse.com/security/cve/CVE-2025-21950.html * https://www.suse.com/security/cve/CVE-2025-21951.html * https://www.suse.com/security/cve/CVE-2025-21953.html * https://www.suse.com/security/cve/CVE-2025-21956.html * https://www.suse.com/security/cve/CVE-2025-21957.html * https://www.suse.com/security/cve/CVE-2025-21960.html * https://www.suse.com/security/cve/CVE-2025-21961.html * https://www.suse.com/security/cve/CVE-2025-21962.html * https://www.suse.com/security/cve/CVE-2025-21963.html * https://www.suse.com/security/cve/CVE-2025-21964.html * https://www.suse.com/security/cve/CVE-2025-21966.html * https://www.suse.com/security/cve/CVE-2025-21968.html * https://www.suse.com/security/cve/CVE-2025-21969.html * https://www.suse.com/security/cve/CVE-2025-21970.html * https://www.suse.com/security/cve/CVE-2025-21971.html * https://www.suse.com/security/cve/CVE-2025-21972.html * https://www.suse.com/security/cve/CVE-2025-21975.html * https://www.suse.com/security/cve/CVE-2025-21978.html * https://www.suse.com/security/cve/CVE-2025-21979.html * https://www.suse.com/security/cve/CVE-2025-21980.html * https://www.suse.com/security/cve/CVE-2025-21981.html * https://www.suse.com/security/cve/CVE-2025-21985.html * https://www.suse.com/security/cve/CVE-2025-21991.html * https://www.suse.com/security/cve/CVE-2025-21992.html * https://www.suse.com/security/cve/CVE-2025-21993.html * https://www.suse.com/security/cve/CVE-2025-21995.html * https://www.suse.com/security/cve/CVE-2025-21996.html * https://www.suse.com/security/cve/CVE-2025-21999.html * https://www.suse.com/security/cve/CVE-2025-22001.html * https://www.suse.com/security/cve/CVE-2025-22003.html * https://www.suse.com/security/cve/CVE-2025-22004.html * https://www.suse.com/security/cve/CVE-2025-22007.html * https://www.suse.com/security/cve/CVE-2025-22008.html * https://www.suse.com/security/cve/CVE-2025-22009.html * https://www.suse.com/security/cve/CVE-2025-22010.html * https://www.suse.com/security/cve/CVE-2025-22013.html * https://www.suse.com/security/cve/CVE-2025-22014.html * https://www.suse.com/security/cve/CVE-2025-22015.html * https://www.suse.com/security/cve/CVE-2025-22016.html * https://www.suse.com/security/cve/CVE-2025-22017.html * https://www.suse.com/security/cve/CVE-2025-22018.html * https://www.suse.com/security/cve/CVE-2025-22020.html * https://www.suse.com/security/cve/CVE-2025-22025.html * https://www.suse.com/security/cve/CVE-2025-22027.html * https://www.suse.com/security/cve/CVE-2025-22029.html * https://www.suse.com/security/cve/CVE-2025-22033.html * https://www.suse.com/security/cve/CVE-2025-22036.html * https://www.suse.com/security/cve/CVE-2025-22044.html * https://www.suse.com/security/cve/CVE-2025-22045.html * https://www.suse.com/security/cve/CVE-2025-22050.html * https://www.suse.com/security/cve/CVE-2025-22053.html * https://www.suse.com/security/cve/CVE-2025-22055.html * https://www.suse.com/security/cve/CVE-2025-22058.html * https://www.suse.com/security/cve/CVE-2025-22060.html * https://www.suse.com/security/cve/CVE-2025-22062.html * https://www.suse.com/security/cve/CVE-2025-22064.html * https://www.suse.com/security/cve/CVE-2025-22065.html * https://www.suse.com/security/cve/CVE-2025-22075.html * https://www.suse.com/security/cve/CVE-2025-22080.html * https://www.suse.com/security/cve/CVE-2025-22086.html * https://www.suse.com/security/cve/CVE-2025-22088.html * https://www.suse.com/security/cve/CVE-2025-22090.html * https://www.suse.com/security/cve/CVE-2025-22093.html * https://www.suse.com/security/cve/CVE-2025-22097.html * https://www.suse.com/security/cve/CVE-2025-22102.html * https://www.suse.com/security/cve/CVE-2025-22104.html * https://www.suse.com/security/cve/CVE-2025-22105.html * https://www.suse.com/security/cve/CVE-2025-22106.html * https://www.suse.com/security/cve/CVE-2025-22107.html * https://www.suse.com/security/cve/CVE-2025-22108.html * https://www.suse.com/security/cve/CVE-2025-22109.html * https://www.suse.com/security/cve/CVE-2025-22115.html * https://www.suse.com/security/cve/CVE-2025-22116.html * https://www.suse.com/security/cve/CVE-2025-22121.html * https://www.suse.com/security/cve/CVE-2025-22128.html * https://www.suse.com/security/cve/CVE-2025-2312.html * https://www.suse.com/security/cve/CVE-2025-23129.html * https://www.suse.com/security/cve/CVE-2025-23131.html * https://www.suse.com/security/cve/CVE-2025-23133.html * https://www.suse.com/security/cve/CVE-2025-23136.html * https://www.suse.com/security/cve/CVE-2025-23138.html * https://www.suse.com/security/cve/CVE-2025-23145.html * https://www.suse.com/security/cve/CVE-2025-37785.html * https://www.suse.com/security/cve/CVE-2025-37798.html * https://www.suse.com/security/cve/CVE-2025-37799.html * https://www.suse.com/security/cve/CVE-2025-37860.html * https://www.suse.com/security/cve/CVE-2025-39728.html * https://bugzilla.suse.com/show_bug.cgi?id=1215199 * https://bugzilla.suse.com/show_bug.cgi?id=1223809 * https://bugzilla.suse.com/show_bug.cgi?id=1224013 * https://bugzilla.suse.com/show_bug.cgi?id=1224597 * https://bugzilla.suse.com/show_bug.cgi?id=1224757 * https://bugzilla.suse.com/show_bug.cgi?id=1228659 * https://bugzilla.suse.com/show_bug.cgi?id=1230764 * https://bugzilla.suse.com/show_bug.cgi?id=1231103 * https://bugzilla.suse.com/show_bug.cgi?id=1231910 * https://bugzilla.suse.com/show_bug.cgi?id=1232493 * https://bugzilla.suse.com/show_bug.cgi?id=1233075 * https://bugzilla.suse.com/show_bug.cgi?id=1233098 * https://bugzilla.suse.com/show_bug.cgi?id=1234074 * https://bugzilla.suse.com/show_bug.cgi?id=1234157 * https://bugzilla.suse.com/show_bug.cgi?id=1234698 * https://bugzilla.suse.com/show_bug.cgi?id=1235501 * https://bugzilla.suse.com/show_bug.cgi?id=1235526 * https://bugzilla.suse.com/show_bug.cgi?id=1235550 * https://bugzilla.suse.com/show_bug.cgi?id=1235870 * https://bugzilla.suse.com/show_bug.cgi?id=1236086 * https://bugzilla.suse.com/show_bug.cgi?id=1236704 * https://bugzilla.suse.com/show_bug.cgi?id=1237111 * https://bugzilla.suse.com/show_bug.cgi?id=1237874 * https://bugzilla.suse.com/show_bug.cgi?id=1237882 * https://bugzilla.suse.com/show_bug.cgi?id=1238052 * https://bugzilla.suse.com/show_bug.cgi?id=1238212 * https://bugzilla.suse.com/show_bug.cgi?id=1238471 * https://bugzilla.suse.com/show_bug.cgi?id=1238527 * https://bugzilla.suse.com/show_bug.cgi?id=1238565 * https://bugzilla.suse.com/show_bug.cgi?id=1238714 * https://bugzilla.suse.com/show_bug.cgi?id=1238737 * https://bugzilla.suse.com/show_bug.cgi?id=1238742 * https://bugzilla.suse.com/show_bug.cgi?id=1238745 * https://bugzilla.suse.com/show_bug.cgi?id=1238746 * https://bugzilla.suse.com/show_bug.cgi?id=1238862 * https://bugzilla.suse.com/show_bug.cgi?id=1238961 * https://bugzilla.suse.com/show_bug.cgi?id=1238970 * https://bugzilla.suse.com/show_bug.cgi?id=1238983 * https://bugzilla.suse.com/show_bug.cgi?id=1238990 * https://bugzilla.suse.com/show_bug.cgi?id=1239066 * https://bugzilla.suse.com/show_bug.cgi?id=1239079 * https://bugzilla.suse.com/show_bug.cgi?id=1239108 * https://bugzilla.suse.com/show_bug.cgi?id=1239470 * https://bugzilla.suse.com/show_bug.cgi?id=1239475 * https://bugzilla.suse.com/show_bug.cgi?id=1239476 * https://bugzilla.suse.com/show_bug.cgi?id=1239487 * https://bugzilla.suse.com/show_bug.cgi?id=1239510 * https://bugzilla.suse.com/show_bug.cgi?id=1239684 * https://bugzilla.suse.com/show_bug.cgi?id=1239906 * https://bugzilla.suse.com/show_bug.cgi?id=1239925 * https://bugzilla.suse.com/show_bug.cgi?id=1239997 * https://bugzilla.suse.com/show_bug.cgi?id=1240167 * https://bugzilla.suse.com/show_bug.cgi?id=1240168 * https://bugzilla.suse.com/show_bug.cgi?id=1240171 * https://bugzilla.suse.com/show_bug.cgi?id=1240176 * https://bugzilla.suse.com/show_bug.cgi?id=1240181 * https://bugzilla.suse.com/show_bug.cgi?id=1240184 * https://bugzilla.suse.com/show_bug.cgi?id=1240185 * https://bugzilla.suse.com/show_bug.cgi?id=1240375 * https://bugzilla.suse.com/show_bug.cgi?id=1240557 * https://bugzilla.suse.com/show_bug.cgi?id=1240575 * https://bugzilla.suse.com/show_bug.cgi?id=1240576 * https://bugzilla.suse.com/show_bug.cgi?id=1240581 * https://bugzilla.suse.com/show_bug.cgi?id=1240582 * https://bugzilla.suse.com/show_bug.cgi?id=1240583 * https://bugzilla.suse.com/show_bug.cgi?id=1240584 * https://bugzilla.suse.com/show_bug.cgi?id=1240585 * https://bugzilla.suse.com/show_bug.cgi?id=1240587 * https://bugzilla.suse.com/show_bug.cgi?id=1240590 * https://bugzilla.suse.com/show_bug.cgi?id=1240591 * https://bugzilla.suse.com/show_bug.cgi?id=1240592 * https://bugzilla.suse.com/show_bug.cgi?id=1240594 * https://bugzilla.suse.com/show_bug.cgi?id=1240595 * https://bugzilla.suse.com/show_bug.cgi?id=1240596 * https://bugzilla.suse.com/show_bug.cgi?id=1240600 * https://bugzilla.suse.com/show_bug.cgi?id=1240612 * https://bugzilla.suse.com/show_bug.cgi?id=1240616 * https://bugzilla.suse.com/show_bug.cgi?id=1240617 * https://bugzilla.suse.com/show_bug.cgi?id=1240639 * https://bugzilla.suse.com/show_bug.cgi?id=1240643 * https://bugzilla.suse.com/show_bug.cgi?id=1240647 * https://bugzilla.suse.com/show_bug.cgi?id=1240655 * https://bugzilla.suse.com/show_bug.cgi?id=1240691 * https://bugzilla.suse.com/show_bug.cgi?id=1240700 * https://bugzilla.suse.com/show_bug.cgi?id=1240701 * https://bugzilla.suse.com/show_bug.cgi?id=1240703 * https://bugzilla.suse.com/show_bug.cgi?id=1240708 * https://bugzilla.suse.com/show_bug.cgi?id=1240709 * https://bugzilla.suse.com/show_bug.cgi?id=1240712 * https://bugzilla.suse.com/show_bug.cgi?id=1240713 * https://bugzilla.suse.com/show_bug.cgi?id=1240714 * https://bugzilla.suse.com/show_bug.cgi?id=1240715 * https://bugzilla.suse.com/show_bug.cgi?id=1240716 * https://bugzilla.suse.com/show_bug.cgi?id=1240717 * https://bugzilla.suse.com/show_bug.cgi?id=1240718 * https://bugzilla.suse.com/show_bug.cgi?id=1240719 * https://bugzilla.suse.com/show_bug.cgi?id=1240720 * https://bugzilla.suse.com/show_bug.cgi?id=1240722 * https://bugzilla.suse.com/show_bug.cgi?id=1240727 * https://bugzilla.suse.com/show_bug.cgi?id=1240739 * https://bugzilla.suse.com/show_bug.cgi?id=1240740 * https://bugzilla.suse.com/show_bug.cgi?id=1240742 * https://bugzilla.suse.com/show_bug.cgi?id=1240779 * https://bugzilla.suse.com/show_bug.cgi?id=1240783 * https://bugzilla.suse.com/show_bug.cgi?id=1240784 * https://bugzilla.suse.com/show_bug.cgi?id=1240785 * https://bugzilla.suse.com/show_bug.cgi?id=1240795 * https://bugzilla.suse.com/show_bug.cgi?id=1240796 * https://bugzilla.suse.com/show_bug.cgi?id=1240797 * https://bugzilla.suse.com/show_bug.cgi?id=1240799 * https://bugzilla.suse.com/show_bug.cgi?id=1240801 * https://bugzilla.suse.com/show_bug.cgi?id=1240802 * https://bugzilla.suse.com/show_bug.cgi?id=1240806 * https://bugzilla.suse.com/show_bug.cgi?id=1240808 * https://bugzilla.suse.com/show_bug.cgi?id=1240809 * https://bugzilla.suse.com/show_bug.cgi?id=1240811 * https://bugzilla.suse.com/show_bug.cgi?id=1240812 * https://bugzilla.suse.com/show_bug.cgi?id=1240813 * https://bugzilla.suse.com/show_bug.cgi?id=1240815 * https://bugzilla.suse.com/show_bug.cgi?id=1240816 * https://bugzilla.suse.com/show_bug.cgi?id=1240819 * https://bugzilla.suse.com/show_bug.cgi?id=1240821 * https://bugzilla.suse.com/show_bug.cgi?id=1240825 * https://bugzilla.suse.com/show_bug.cgi?id=1240829 * https://bugzilla.suse.com/show_bug.cgi?id=1240835 * https://bugzilla.suse.com/show_bug.cgi?id=1240873 * https://bugzilla.suse.com/show_bug.cgi?id=1240934 * https://bugzilla.suse.com/show_bug.cgi?id=1240936 * https://bugzilla.suse.com/show_bug.cgi?id=1240937 * https://bugzilla.suse.com/show_bug.cgi?id=1240938 * https://bugzilla.suse.com/show_bug.cgi?id=1240940 * https://bugzilla.suse.com/show_bug.cgi?id=1240942 * https://bugzilla.suse.com/show_bug.cgi?id=1240943 * https://bugzilla.suse.com/show_bug.cgi?id=1240944 * https://bugzilla.suse.com/show_bug.cgi?id=1240978 * https://bugzilla.suse.com/show_bug.cgi?id=1240979 * https://bugzilla.suse.com/show_bug.cgi?id=1241010 * https://bugzilla.suse.com/show_bug.cgi?id=1241038 * https://bugzilla.suse.com/show_bug.cgi?id=1241051 * https://bugzilla.suse.com/show_bug.cgi?id=1241123 * https://bugzilla.suse.com/show_bug.cgi?id=1241151 * https://bugzilla.suse.com/show_bug.cgi?id=1241167 * https://bugzilla.suse.com/show_bug.cgi?id=1241175 * https://bugzilla.suse.com/show_bug.cgi?id=1241204 * https://bugzilla.suse.com/show_bug.cgi?id=1241250 * https://bugzilla.suse.com/show_bug.cgi?id=1241265 * https://bugzilla.suse.com/show_bug.cgi?id=1241266 * https://bugzilla.suse.com/show_bug.cgi?id=1241280 * https://bugzilla.suse.com/show_bug.cgi?id=1241332 * https://bugzilla.suse.com/show_bug.cgi?id=1241333 * https://bugzilla.suse.com/show_bug.cgi?id=1241341 * https://bugzilla.suse.com/show_bug.cgi?id=1241343 * https://bugzilla.suse.com/show_bug.cgi?id=1241344 * https://bugzilla.suse.com/show_bug.cgi?id=1241347 * https://bugzilla.suse.com/show_bug.cgi?id=1241357 * https://bugzilla.suse.com/show_bug.cgi?id=1241361 * https://bugzilla.suse.com/show_bug.cgi?id=1241369 * https://bugzilla.suse.com/show_bug.cgi?id=1241371 * https://bugzilla.suse.com/show_bug.cgi?id=1241373 * https://bugzilla.suse.com/show_bug.cgi?id=1241378 * https://bugzilla.suse.com/show_bug.cgi?id=1241394 * https://bugzilla.suse.com/show_bug.cgi?id=1241402 * https://bugzilla.suse.com/show_bug.cgi?id=1241412 * https://bugzilla.suse.com/show_bug.cgi?id=1241413 * https://bugzilla.suse.com/show_bug.cgi?id=1241416 * https://bugzilla.suse.com/show_bug.cgi?id=1241424 * https://bugzilla.suse.com/show_bug.cgi?id=1241426 * https://bugzilla.suse.com/show_bug.cgi?id=1241433 * https://bugzilla.suse.com/show_bug.cgi?id=1241436 * https://bugzilla.suse.com/show_bug.cgi?id=1241441 * https://bugzilla.suse.com/show_bug.cgi?id=1241442 * https://bugzilla.suse.com/show_bug.cgi?id=1241443 * https://bugzilla.suse.com/show_bug.cgi?id=1241451 * https://bugzilla.suse.com/show_bug.cgi?id=1241452 * https://bugzilla.suse.com/show_bug.cgi?id=1241456 * https://bugzilla.suse.com/show_bug.cgi?id=1241458 * https://bugzilla.suse.com/show_bug.cgi?id=1241459 * https://bugzilla.suse.com/show_bug.cgi?id=1241526 * https://bugzilla.suse.com/show_bug.cgi?id=1241528 * https://bugzilla.suse.com/show_bug.cgi?id=1241537 * https://bugzilla.suse.com/show_bug.cgi?id=1241541 * https://bugzilla.suse.com/show_bug.cgi?id=1241545 * https://bugzilla.suse.com/show_bug.cgi?id=1241547 * https://bugzilla.suse.com/show_bug.cgi?id=1241548 * https://bugzilla.suse.com/show_bug.cgi?id=1241550 * https://bugzilla.suse.com/show_bug.cgi?id=1241573 * https://bugzilla.suse.com/show_bug.cgi?id=1241574 * https://bugzilla.suse.com/show_bug.cgi?id=1241575 * https://bugzilla.suse.com/show_bug.cgi?id=1241578 * https://bugzilla.suse.com/show_bug.cgi?id=1241590 * https://bugzilla.suse.com/show_bug.cgi?id=1241593 * https://bugzilla.suse.com/show_bug.cgi?id=1241598 * https://bugzilla.suse.com/show_bug.cgi?id=1241599 * https://bugzilla.suse.com/show_bug.cgi?id=1241601 * https://bugzilla.suse.com/show_bug.cgi?id=1241626 * https://bugzilla.suse.com/show_bug.cgi?id=1241640 * https://bugzilla.suse.com/show_bug.cgi?id=1241648 * https://bugzilla.suse.com/show_bug.cgi?id=1242006 * https://bugzilla.suse.com/show_bug.cgi?id=1242044 * https://bugzilla.suse.com/show_bug.cgi?id=1242172 * https://bugzilla.suse.com/show_bug.cgi?id=1242283 * https://bugzilla.suse.com/show_bug.cgi?id=1242307 * https://bugzilla.suse.com/show_bug.cgi?id=1242313 * https://bugzilla.suse.com/show_bug.cgi?id=1242314 * https://bugzilla.suse.com/show_bug.cgi?id=1242315 * https://bugzilla.suse.com/show_bug.cgi?id=1242321 * https://bugzilla.suse.com/show_bug.cgi?id=1242326 * https://bugzilla.suse.com/show_bug.cgi?id=1242327 * https://bugzilla.suse.com/show_bug.cgi?id=1242328 * https://bugzilla.suse.com/show_bug.cgi?id=1242332 * https://bugzilla.suse.com/show_bug.cgi?id=1242333 * https://bugzilla.suse.com/show_bug.cgi?id=1242335 * https://bugzilla.suse.com/show_bug.cgi?id=1242336 * https://bugzilla.suse.com/show_bug.cgi?id=1242342 * https://bugzilla.suse.com/show_bug.cgi?id=1242343 * https://bugzilla.suse.com/show_bug.cgi?id=1242344 * https://bugzilla.suse.com/show_bug.cgi?id=1242345 * https://bugzilla.suse.com/show_bug.cgi?id=1242346 * https://bugzilla.suse.com/show_bug.cgi?id=1242347 * https://bugzilla.suse.com/show_bug.cgi?id=1242348 * https://bugzilla.suse.com/show_bug.cgi?id=1242414 * https://bugzilla.suse.com/show_bug.cgi?id=1242526 * https://bugzilla.suse.com/show_bug.cgi?id=1242528 * https://bugzilla.suse.com/show_bug.cgi?id=1242534 * https://bugzilla.suse.com/show_bug.cgi?id=1242535 * https://bugzilla.suse.com/show_bug.cgi?id=1242536 * https://bugzilla.suse.com/show_bug.cgi?id=1242537 * https://bugzilla.suse.com/show_bug.cgi?id=1242538 * https://bugzilla.suse.com/show_bug.cgi?id=1242539 * https://bugzilla.suse.com/show_bug.cgi?id=1242540 * https://bugzilla.suse.com/show_bug.cgi?id=1242546 * https://bugzilla.suse.com/show_bug.cgi?id=1242556 * https://bugzilla.suse.com/show_bug.cgi?id=1242596 * https://bugzilla.suse.com/show_bug.cgi?id=1242710 * https://bugzilla.suse.com/show_bug.cgi?id=1242778 * https://bugzilla.suse.com/show_bug.cgi?id=1242831 * https://bugzilla.suse.com/show_bug.cgi?id=1242985 * https://jira.suse.com/browse/PED-12309 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 26 12:33:28 2025 From: null at suse.de (SLE-UPDATES) Date: Mon, 26 May 2025 12:33:28 -0000 Subject: SUSE-SU-2025:01705-1: moderate: Security update for postgresql13 Message-ID: <174826280868.21917.1010359824574175030@smelt2.prg2.suse.org> # Security update for postgresql13 Announcement ID: SUSE-SU-2025:01705-1 Release Date: 2025-05-26T11:04:26Z Rating: moderate References: * bsc#1242931 Cross-References: * CVE-2025-4207 CVSS scores: * CVE-2025-4207 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-4207 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Galera for Ericsson 15 SP5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves one vulnerability can now be installed. ## Description: This update for postgresql13 fixes the following issues: Upgrade to 13.21: * CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation (bsc#1242931) Changelog: https://www.postgresql.org/docs/release/13.21/ ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1705=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1705=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1705=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1705=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1705=1 * Galera for Ericsson 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-ERICSSON-2025-1705=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1705=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1705=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1705=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * postgresql13-server-debuginfo-13.21-150200.5.72.1 * postgresql13-devel-debuginfo-13.21-150200.5.72.1 * postgresql13-13.21-150200.5.72.1 * postgresql13-plperl-13.21-150200.5.72.1 * postgresql13-server-devel-13.21-150200.5.72.1 * postgresql13-contrib-debuginfo-13.21-150200.5.72.1 * postgresql13-pltcl-debuginfo-13.21-150200.5.72.1 * postgresql13-plpython-debuginfo-13.21-150200.5.72.1 * postgresql13-debuginfo-13.21-150200.5.72.1 * postgresql13-contrib-13.21-150200.5.72.1 * postgresql13-server-13.21-150200.5.72.1 * postgresql13-debugsource-13.21-150200.5.72.1 * postgresql13-plperl-debuginfo-13.21-150200.5.72.1 * postgresql13-server-devel-debuginfo-13.21-150200.5.72.1 * postgresql13-devel-13.21-150200.5.72.1 * postgresql13-plpython-13.21-150200.5.72.1 * postgresql13-pltcl-13.21-150200.5.72.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * postgresql13-docs-13.21-150200.5.72.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * postgresql13-server-debuginfo-13.21-150200.5.72.1 * postgresql13-devel-debuginfo-13.21-150200.5.72.1 * postgresql13-13.21-150200.5.72.1 * postgresql13-plperl-13.21-150200.5.72.1 * postgresql13-server-devel-13.21-150200.5.72.1 * postgresql13-contrib-debuginfo-13.21-150200.5.72.1 * postgresql13-pltcl-debuginfo-13.21-150200.5.72.1 * postgresql13-plpython-debuginfo-13.21-150200.5.72.1 * postgresql13-debuginfo-13.21-150200.5.72.1 * postgresql13-contrib-13.21-150200.5.72.1 * postgresql13-server-13.21-150200.5.72.1 * postgresql13-llvmjit-devel-13.21-150200.5.72.1 * postgresql13-debugsource-13.21-150200.5.72.1 * postgresql13-llvmjit-13.21-150200.5.72.1 * postgresql13-plperl-debuginfo-13.21-150200.5.72.1 * postgresql13-devel-13.21-150200.5.72.1 * postgresql13-server-devel-debuginfo-13.21-150200.5.72.1 * postgresql13-llvmjit-debuginfo-13.21-150200.5.72.1 * postgresql13-plpython-13.21-150200.5.72.1 * postgresql13-pltcl-13.21-150200.5.72.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * postgresql13-docs-13.21-150200.5.72.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * postgresql13-server-debuginfo-13.21-150200.5.72.1 * postgresql13-devel-debuginfo-13.21-150200.5.72.1 * postgresql13-13.21-150200.5.72.1 * postgresql13-plperl-13.21-150200.5.72.1 * postgresql13-server-devel-13.21-150200.5.72.1 * postgresql13-contrib-debuginfo-13.21-150200.5.72.1 * postgresql13-pltcl-debuginfo-13.21-150200.5.72.1 * postgresql13-plpython-debuginfo-13.21-150200.5.72.1 * postgresql13-debuginfo-13.21-150200.5.72.1 * postgresql13-contrib-13.21-150200.5.72.1 * postgresql13-server-13.21-150200.5.72.1 * postgresql13-llvmjit-devel-13.21-150200.5.72.1 * postgresql13-debugsource-13.21-150200.5.72.1 * postgresql13-llvmjit-13.21-150200.5.72.1 * postgresql13-plperl-debuginfo-13.21-150200.5.72.1 * postgresql13-devel-13.21-150200.5.72.1 * postgresql13-server-devel-debuginfo-13.21-150200.5.72.1 * postgresql13-llvmjit-debuginfo-13.21-150200.5.72.1 * postgresql13-plpython-13.21-150200.5.72.1 * postgresql13-pltcl-13.21-150200.5.72.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * postgresql13-docs-13.21-150200.5.72.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * postgresql13-server-debuginfo-13.21-150200.5.72.1 * postgresql13-devel-debuginfo-13.21-150200.5.72.1 * postgresql13-13.21-150200.5.72.1 * postgresql13-plperl-13.21-150200.5.72.1 * postgresql13-server-devel-13.21-150200.5.72.1 * postgresql13-contrib-debuginfo-13.21-150200.5.72.1 * postgresql13-pltcl-debuginfo-13.21-150200.5.72.1 * postgresql13-plpython-debuginfo-13.21-150200.5.72.1 * postgresql13-debuginfo-13.21-150200.5.72.1 * postgresql13-contrib-13.21-150200.5.72.1 * postgresql13-server-13.21-150200.5.72.1 * postgresql13-debugsource-13.21-150200.5.72.1 * postgresql13-plperl-debuginfo-13.21-150200.5.72.1 * postgresql13-server-devel-debuginfo-13.21-150200.5.72.1 * postgresql13-devel-13.21-150200.5.72.1 * postgresql13-plpython-13.21-150200.5.72.1 * postgresql13-pltcl-13.21-150200.5.72.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * postgresql13-docs-13.21-150200.5.72.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * postgresql13-server-debuginfo-13.21-150200.5.72.1 * postgresql13-devel-debuginfo-13.21-150200.5.72.1 * postgresql13-13.21-150200.5.72.1 * postgresql13-plperl-13.21-150200.5.72.1 * postgresql13-server-devel-13.21-150200.5.72.1 * postgresql13-contrib-debuginfo-13.21-150200.5.72.1 * postgresql13-pltcl-debuginfo-13.21-150200.5.72.1 * postgresql13-plpython-debuginfo-13.21-150200.5.72.1 * postgresql13-debuginfo-13.21-150200.5.72.1 * postgresql13-contrib-13.21-150200.5.72.1 * postgresql13-server-13.21-150200.5.72.1 * postgresql13-llvmjit-devel-13.21-150200.5.72.1 * postgresql13-debugsource-13.21-150200.5.72.1 * postgresql13-llvmjit-13.21-150200.5.72.1 * postgresql13-plperl-debuginfo-13.21-150200.5.72.1 * postgresql13-devel-13.21-150200.5.72.1 * postgresql13-server-devel-debuginfo-13.21-150200.5.72.1 * postgresql13-llvmjit-debuginfo-13.21-150200.5.72.1 * postgresql13-plpython-13.21-150200.5.72.1 * postgresql13-pltcl-13.21-150200.5.72.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * postgresql13-docs-13.21-150200.5.72.1 * Galera for Ericsson 15 SP5 (x86_64) * postgresql13-server-debuginfo-13.21-150200.5.72.1 * postgresql13-devel-debuginfo-13.21-150200.5.72.1 * postgresql13-13.21-150200.5.72.1 * postgresql13-plperl-13.21-150200.5.72.1 * postgresql13-server-devel-13.21-150200.5.72.1 * postgresql13-contrib-debuginfo-13.21-150200.5.72.1 * postgresql13-pltcl-debuginfo-13.21-150200.5.72.1 * postgresql13-plpython-debuginfo-13.21-150200.5.72.1 * postgresql13-debuginfo-13.21-150200.5.72.1 * postgresql13-contrib-13.21-150200.5.72.1 * postgresql13-server-13.21-150200.5.72.1 * postgresql13-debugsource-13.21-150200.5.72.1 * postgresql13-plperl-debuginfo-13.21-150200.5.72.1 * postgresql13-server-devel-debuginfo-13.21-150200.5.72.1 * postgresql13-devel-13.21-150200.5.72.1 * postgresql13-plpython-13.21-150200.5.72.1 * postgresql13-pltcl-13.21-150200.5.72.1 * Galera for Ericsson 15 SP5 (noarch) * postgresql13-docs-13.21-150200.5.72.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * postgresql13-server-debuginfo-13.21-150200.5.72.1 * postgresql13-devel-debuginfo-13.21-150200.5.72.1 * postgresql13-13.21-150200.5.72.1 * postgresql13-plperl-13.21-150200.5.72.1 * postgresql13-server-devel-13.21-150200.5.72.1 * postgresql13-contrib-debuginfo-13.21-150200.5.72.1 * postgresql13-pltcl-debuginfo-13.21-150200.5.72.1 * postgresql13-plpython-debuginfo-13.21-150200.5.72.1 * postgresql13-debuginfo-13.21-150200.5.72.1 * postgresql13-contrib-13.21-150200.5.72.1 * postgresql13-server-13.21-150200.5.72.1 * postgresql13-debugsource-13.21-150200.5.72.1 * postgresql13-plperl-debuginfo-13.21-150200.5.72.1 * postgresql13-server-devel-debuginfo-13.21-150200.5.72.1 * postgresql13-devel-13.21-150200.5.72.1 * postgresql13-plpython-13.21-150200.5.72.1 * postgresql13-pltcl-13.21-150200.5.72.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * postgresql13-docs-13.21-150200.5.72.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * postgresql13-server-debuginfo-13.21-150200.5.72.1 * postgresql13-devel-debuginfo-13.21-150200.5.72.1 * postgresql13-13.21-150200.5.72.1 * postgresql13-plperl-13.21-150200.5.72.1 * postgresql13-server-devel-13.21-150200.5.72.1 * postgresql13-contrib-debuginfo-13.21-150200.5.72.1 * postgresql13-pltcl-debuginfo-13.21-150200.5.72.1 * postgresql13-plpython-debuginfo-13.21-150200.5.72.1 * postgresql13-debuginfo-13.21-150200.5.72.1 * postgresql13-contrib-13.21-150200.5.72.1 * postgresql13-server-13.21-150200.5.72.1 * postgresql13-llvmjit-devel-13.21-150200.5.72.1 * postgresql13-debugsource-13.21-150200.5.72.1 * postgresql13-llvmjit-13.21-150200.5.72.1 * postgresql13-plperl-debuginfo-13.21-150200.5.72.1 * postgresql13-devel-13.21-150200.5.72.1 * postgresql13-server-devel-debuginfo-13.21-150200.5.72.1 * postgresql13-llvmjit-debuginfo-13.21-150200.5.72.1 * postgresql13-plpython-13.21-150200.5.72.1 * postgresql13-pltcl-13.21-150200.5.72.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * postgresql13-docs-13.21-150200.5.72.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * postgresql13-server-debuginfo-13.21-150200.5.72.1 * postgresql13-devel-debuginfo-13.21-150200.5.72.1 * postgresql13-13.21-150200.5.72.1 * postgresql13-plperl-13.21-150200.5.72.1 * postgresql13-server-devel-13.21-150200.5.72.1 * postgresql13-contrib-debuginfo-13.21-150200.5.72.1 * postgresql13-pltcl-debuginfo-13.21-150200.5.72.1 * postgresql13-plpython-debuginfo-13.21-150200.5.72.1 * postgresql13-debuginfo-13.21-150200.5.72.1 * postgresql13-contrib-13.21-150200.5.72.1 * postgresql13-server-13.21-150200.5.72.1 * postgresql13-debugsource-13.21-150200.5.72.1 * postgresql13-plperl-debuginfo-13.21-150200.5.72.1 * postgresql13-server-devel-debuginfo-13.21-150200.5.72.1 * postgresql13-devel-13.21-150200.5.72.1 * postgresql13-plpython-13.21-150200.5.72.1 * postgresql13-pltcl-13.21-150200.5.72.1 * SUSE Enterprise Storage 7.1 (noarch) * postgresql13-docs-13.21-150200.5.72.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4207.html * https://bugzilla.suse.com/show_bug.cgi?id=1242931 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 26 12:33:31 2025 From: null at suse.de (SLE-UPDATES) Date: Mon, 26 May 2025 12:33:31 -0000 Subject: SUSE-SU-2025:01704-1: important: Security update for python-setuptools Message-ID: <174826281100.21917.1082944539037146866@smelt2.prg2.suse.org> # Security update for python-setuptools Announcement ID: SUSE-SU-2025:01704-1 Release Date: 2025-05-26T11:03:11Z Rating: important References: * bsc#1243313 Cross-References: * CVE-2025-47273 CVSS scores: * CVE-2025-47273 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-47273 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2025-47273 ( NVD ): 7.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.6 * Public Cloud Module 15-SP4 * Python 3 Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for python-setuptools fixes the following issues: * CVE-2025-47273: path traversal in PackageIndex.download may lead to an arbitrary file write (bsc#1243313). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1704=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1704=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1704=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2025-1704=1 * Python 3 Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2025-1704=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1704=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1704=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1704=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1704=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1704=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1704=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1704=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * python311-setuptools-67.7.2-150400.3.19.1 * openSUSE Leap 15.4 (noarch) * python311-setuptools-67.7.2-150400.3.19.1 * python311-setuptools-wheel-67.7.2-150400.3.19.1 * openSUSE Leap 15.6 (noarch) * python311-setuptools-67.7.2-150400.3.19.1 * python311-setuptools-wheel-67.7.2-150400.3.19.1 * Public Cloud Module 15-SP4 (noarch) * python311-setuptools-67.7.2-150400.3.19.1 * Python 3 Module 15-SP6 (noarch) * python311-setuptools-67.7.2-150400.3.19.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * python311-setuptools-67.7.2-150400.3.19.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * python311-setuptools-67.7.2-150400.3.19.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * python311-setuptools-67.7.2-150400.3.19.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * python311-setuptools-67.7.2-150400.3.19.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * python311-setuptools-67.7.2-150400.3.19.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * python311-setuptools-67.7.2-150400.3.19.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * python311-setuptools-67.7.2-150400.3.19.1 ## References: * https://www.suse.com/security/cve/CVE-2025-47273.html * https://bugzilla.suse.com/show_bug.cgi?id=1243313 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 26 16:30:04 2025 From: null at suse.de (SLE-UPDATES) Date: Mon, 26 May 2025 16:30:04 -0000 Subject: SUSE-RU-2025:01708-1: moderate: Recommended update for virt-manager Message-ID: <174827700480.21953.8586209189089604535@smelt2.prg2.suse.org> # Recommended update for virt-manager Announcement ID: SUSE-RU-2025:01708-1 Release Date: 2025-05-26T14:44:52Z Rating: moderate References: * bsc#1236252 * bsc#1243296 Affected Products: * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that has two fixes can now be installed. ## Description: This update for virt-manager fixes the following issue: * Add detection code for SLES 16 media (bsc#1236252, bsc#1243296). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1708=1 openSUSE-SLE-15.6-2025-1708=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-1708=1 ## Package List: * openSUSE Leap 15.6 (noarch) * virt-manager-4.1.0-150600.12.9.2 * virt-manager-common-4.1.0-150600.12.9.2 * virt-install-4.1.0-150600.12.9.2 * Server Applications Module 15-SP6 (noarch) * virt-manager-4.1.0-150600.12.9.2 * virt-manager-common-4.1.0-150600.12.9.2 * virt-install-4.1.0-150600.12.9.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1236252 * https://bugzilla.suse.com/show_bug.cgi?id=1243296 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 26 20:30:05 2025 From: null at suse.de (SLE-UPDATES) Date: Mon, 26 May 2025 20:30:05 -0000 Subject: SUSE-SU-2025:01710-1: important: Security update for MozillaFirefox Message-ID: <174829140501.21670.2755621990084041760@smelt2.prg2.suse.org> # Security update for MozillaFirefox Announcement ID: SUSE-SU-2025:01710-1 Release Date: 2025-05-26T17:33:53Z Rating: important References: * bsc#1243303 Cross-References: * CVE-2025-4918 * CVE-2025-4919 CVSS scores: * CVE-2025-4918 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-4918 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-4918 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-4919 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-4919 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-4919 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 128.10.1 ESR. * MFSA 2025-37 (bsc#1243303) * CVE-2025-4918: Out-of-bounds access when resolving Promise objects * CVE-2025-4919: Out-of-bounds access when optimizing linear sums ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-1710=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1710=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debugsource-128.10.1-112.259.1 * MozillaFirefox-debuginfo-128.10.1-112.259.1 * MozillaFirefox-translations-common-128.10.1-112.259.1 * MozillaFirefox-128.10.1-112.259.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * MozillaFirefox-devel-128.10.1-112.259.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * MozillaFirefox-debugsource-128.10.1-112.259.1 * MozillaFirefox-debuginfo-128.10.1-112.259.1 * MozillaFirefox-translations-common-128.10.1-112.259.1 * MozillaFirefox-128.10.1-112.259.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * MozillaFirefox-devel-128.10.1-112.259.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4918.html * https://www.suse.com/security/cve/CVE-2025-4919.html * https://bugzilla.suse.com/show_bug.cgi?id=1243303 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 26 20:30:09 2025 From: null at suse.de (SLE-UPDATES) Date: Mon, 26 May 2025 20:30:09 -0000 Subject: SUSE-SU-2025:01709-1: important: Security update for python310-setuptools Message-ID: <174829140913.21670.9634211525155020665@smelt2.prg2.suse.org> # Security update for python310-setuptools Announcement ID: SUSE-SU-2025:01709-1 Release Date: 2025-05-26T16:28:20Z Rating: important References: * bsc#1243313 Cross-References: * CVE-2025-47273 CVSS scores: * CVE-2025-47273 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-47273 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2025-47273 ( NVD ): 7.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves one vulnerability can now be installed. ## Description: This update for python310-setuptools fixes the following issues: * CVE-2025-47273: path traversal in PackageIndex.download may lead to an arbitrary file write (bsc#1243313). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1709=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1709=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1709=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1709=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1709=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1709=1 ## Package List: * openSUSE Leap 15.4 (noarch) * python310-setuptools-67.6.1-150400.4.12.1 * openSUSE Leap 15.6 (noarch) * python310-setuptools-67.6.1-150400.4.12.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * python310-setuptools-67.6.1-150400.4.12.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * python310-setuptools-67.6.1-150400.4.12.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * python310-setuptools-67.6.1-150400.4.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * python310-setuptools-67.6.1-150400.4.12.1 ## References: * https://www.suse.com/security/cve/CVE-2025-47273.html * https://bugzilla.suse.com/show_bug.cgi?id=1243313 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 27 08:30:03 2025 From: null at suse.de (SLE-UPDATES) Date: Tue, 27 May 2025 08:30:03 -0000 Subject: SUSE-RU-2025:01711-1: moderate: Recommended update for suse-build-key Message-ID: <174833460362.21953.15466972325112973269@smelt2.prg2.suse.org> # Recommended update for suse-build-key Announcement ID: SUSE-RU-2025:01711-1 Release Date: 2025-05-27T07:28:52Z Rating: moderate References: * jsc#PED-2777 Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that contains one feature can now be installed. ## Description: This update for suse-build-key fixes the following issues: * add and run a import-suse-build-key script, which will be run after installation using a systemd timer. (jsc#PED-2777) * import the SLES 15 SP6 and newer RSA 4k keys to allow migration. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-1711=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1711=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * suse-build-key-12.0-7.22.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * suse-build-key-12.0-7.22.1 ## References: * https://jira.suse.com/browse/PED-2777 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 27 12:30:01 2025 From: null at suse.de (SLE-UPDATES) Date: Tue, 27 May 2025 12:30:01 -0000 Subject: SUSE-RU-2025:01714-1: moderate: Recommended update for ncurses Message-ID: <174834900192.21564.16658902646235182640@smelt2.prg2.suse.org> # Recommended update for ncurses Announcement ID: SUSE-RU-2025:01714-1 Release Date: 2025-05-27T11:23:46Z Rating: moderate References: Affected Products: * Basesystem Module 15-SP6 * Development Tools Module 15-SP6 * Legacy Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that can now be installed. ## Description: This update for ncurses fixes the following issues: * Backport sclp terminfo description entry if for s390 sclp terminal lines * Add a further sclp entry for qemu s390 based systems * Make use of dumb ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1714=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1714=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1714=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1714=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1714=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-1714=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1714=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-1714=1 * Legacy Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2025-1714=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-1714=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1714=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1714=1 ## Package List: * openSUSE Leap 15.6 (x86_64) * libncurses6-32bit-6.1-150000.5.30.1 * libncurses5-32bit-debuginfo-6.1-150000.5.30.1 * ncurses5-devel-32bit-6.1-150000.5.30.1 * libncurses5-32bit-6.1-150000.5.30.1 * libncurses6-32bit-debuginfo-6.1-150000.5.30.1 * ncurses-devel-32bit-6.1-150000.5.30.1 * ncurses-devel-32bit-debuginfo-6.1-150000.5.30.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * ncurses-devel-debuginfo-6.1-150000.5.30.1 * ncurses-utils-6.1-150000.5.30.1 * libncurses6-6.1-150000.5.30.1 * ncurses-debugsource-6.1-150000.5.30.1 * libncurses6-debuginfo-6.1-150000.5.30.1 * terminfo-base-6.1-150000.5.30.1 * ncurses-devel-6.1-150000.5.30.1 * libncurses5-debuginfo-6.1-150000.5.30.1 * terminfo-6.1-150000.5.30.1 * tack-debuginfo-6.1-150000.5.30.1 * libncurses5-6.1-150000.5.30.1 * ncurses-utils-debuginfo-6.1-150000.5.30.1 * tack-6.1-150000.5.30.1 * terminfo-screen-6.1-150000.5.30.1 * ncurses5-devel-6.1-150000.5.30.1 * terminfo-iterm-6.1-150000.5.30.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * ncurses-utils-6.1-150000.5.30.1 * libncurses6-6.1-150000.5.30.1 * ncurses-debugsource-6.1-150000.5.30.1 * libncurses6-debuginfo-6.1-150000.5.30.1 * terminfo-base-6.1-150000.5.30.1 * ncurses-utils-debuginfo-6.1-150000.5.30.1 * terminfo-6.1-150000.5.30.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * ncurses-utils-6.1-150000.5.30.1 * libncurses6-6.1-150000.5.30.1 * ncurses-debugsource-6.1-150000.5.30.1 * libncurses6-debuginfo-6.1-150000.5.30.1 * terminfo-base-6.1-150000.5.30.1 * ncurses-utils-debuginfo-6.1-150000.5.30.1 * terminfo-6.1-150000.5.30.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * ncurses-utils-6.1-150000.5.30.1 * libncurses6-6.1-150000.5.30.1 * ncurses-debugsource-6.1-150000.5.30.1 * libncurses6-debuginfo-6.1-150000.5.30.1 * terminfo-base-6.1-150000.5.30.1 * ncurses-utils-debuginfo-6.1-150000.5.30.1 * terminfo-6.1-150000.5.30.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * ncurses-utils-6.1-150000.5.30.1 * libncurses6-6.1-150000.5.30.1 * ncurses-debugsource-6.1-150000.5.30.1 * libncurses6-debuginfo-6.1-150000.5.30.1 * terminfo-base-6.1-150000.5.30.1 * ncurses-utils-debuginfo-6.1-150000.5.30.1 * terminfo-6.1-150000.5.30.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * ncurses-utils-6.1-150000.5.30.1 * libncurses6-6.1-150000.5.30.1 * ncurses-debugsource-6.1-150000.5.30.1 * libncurses6-debuginfo-6.1-150000.5.30.1 * terminfo-base-6.1-150000.5.30.1 * ncurses-utils-debuginfo-6.1-150000.5.30.1 * terminfo-6.1-150000.5.30.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * ncurses-devel-debuginfo-6.1-150000.5.30.1 * ncurses-utils-6.1-150000.5.30.1 * libncurses6-6.1-150000.5.30.1 * ncurses-debugsource-6.1-150000.5.30.1 * libncurses6-debuginfo-6.1-150000.5.30.1 * terminfo-base-6.1-150000.5.30.1 * ncurses-devel-6.1-150000.5.30.1 * terminfo-6.1-150000.5.30.1 * tack-debuginfo-6.1-150000.5.30.1 * ncurses-utils-debuginfo-6.1-150000.5.30.1 * tack-6.1-150000.5.30.1 * terminfo-screen-6.1-150000.5.30.1 * terminfo-iterm-6.1-150000.5.30.1 * Basesystem Module 15-SP6 (x86_64) * libncurses6-32bit-debuginfo-6.1-150000.5.30.1 * libncurses6-32bit-6.1-150000.5.30.1 * Development Tools Module 15-SP6 (x86_64) * ncurses-devel-32bit-6.1-150000.5.30.1 * ncurses-devel-32bit-debuginfo-6.1-150000.5.30.1 * Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libncurses5-6.1-150000.5.30.1 * ncurses-debugsource-6.1-150000.5.30.1 * ncurses5-devel-6.1-150000.5.30.1 * libncurses5-debuginfo-6.1-150000.5.30.1 * Legacy Module 15-SP6 (x86_64) * libncurses5-32bit-debuginfo-6.1-150000.5.30.1 * libncurses5-32bit-6.1-150000.5.30.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * ncurses-utils-6.1-150000.5.30.1 * libncurses6-6.1-150000.5.30.1 * ncurses-debugsource-6.1-150000.5.30.1 * libncurses6-debuginfo-6.1-150000.5.30.1 * terminfo-base-6.1-150000.5.30.1 * ncurses-utils-debuginfo-6.1-150000.5.30.1 * terminfo-6.1-150000.5.30.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * ncurses-utils-6.1-150000.5.30.1 * libncurses6-6.1-150000.5.30.1 * ncurses-debugsource-6.1-150000.5.30.1 * libncurses6-debuginfo-6.1-150000.5.30.1 * terminfo-base-6.1-150000.5.30.1 * ncurses-utils-debuginfo-6.1-150000.5.30.1 * terminfo-6.1-150000.5.30.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * ncurses-utils-6.1-150000.5.30.1 * libncurses6-6.1-150000.5.30.1 * ncurses-debugsource-6.1-150000.5.30.1 * libncurses6-debuginfo-6.1-150000.5.30.1 * terminfo-base-6.1-150000.5.30.1 * ncurses-utils-debuginfo-6.1-150000.5.30.1 * terminfo-6.1-150000.5.30.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 27 12:30:03 2025 From: null at suse.de (SLE-UPDATES) Date: Tue, 27 May 2025 12:30:03 -0000 Subject: SUSE-SU-2025:01713-1: important: Security update for govulncheck-vulndb Message-ID: <174834900327.21564.11038880712780833508@smelt2.prg2.suse.org> # Security update for govulncheck-vulndb Announcement ID: SUSE-SU-2025:01713-1 Release Date: 2025-05-27T10:04:43Z Rating: important References: * jsc#PED-11136 Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that contains one feature can now be installed. ## Description: This update for govulncheck-vulndb fixes the following issues: * Update to version 0.0.20250523T151856 2025-05-23T15:18:56Z (jsc#PED-11136) * GO-2025-3699 * GO-2025-3690 * GO-2025-3691 * GO-2025-3692 * GO-2025-3693 * GO-2025-3694 * GO-2025-3696 * GO-2025-3697 * GO-2025-3698 * GO-2025-3699 * GO-2025-3700 * GO-2025-3701 * GO-2025-3702 * GO-2025-3703 * Update to version 0.0.20250522T165031 2025-05-22T16:50:31Z (jsc#PED-11136) * GO-2025-3695 * Update to version 0.0.20250520T172319 2025-05-20T17:23:19Z (jsc#PED-11136) * GO-2025-3664 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1713=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-1713=1 ## Package List: * openSUSE Leap 15.6 (noarch) * govulncheck-vulndb-0.0.20250523T151856-150000.1.77.1 * SUSE Package Hub 15 15-SP6 (noarch) * govulncheck-vulndb-0.0.20250523T151856-150000.1.77.1 ## References: * https://jira.suse.com/browse/PED-11136 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 28 09:29:59 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 28 May 2025 09:29:59 -0000 Subject: SUSE-SU-2025:20330-1: critical: Security update for python-h11, python-httpcore Message-ID: <174842459925.5223.1590783538225399543@smelt2.prg2.suse.org> # Security update for python-h11, python-httpcore Announcement ID: SUSE-SU-2025:20330-1 Release Date: May 20, 2025, 8:39 a.m. Rating: critical References: * bsc#1241872 Cross-References: * CVE-2025-43859 CVSS scores: * CVE-2025-43859 ( SUSE ): 9.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-43859 ( SUSE ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2025-43859 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N Affected Products: * SUSE Linux Micro 6.1 An update that solves one vulnerability can now be installed. ## Description: This update for python-h11, python-httpcore fixes the following issues: python-h11: \- Update 0.16.0: * CVE-2025-43859: Fixed accepting of malformed Chunked-Encoding bodies (bsc#1241872) \- 0.15.0: * Reject Content-Lengths >= 1 zettabyte (1 billion terabytes) early, without attempting to parse the integer (#181) python-httpcore: \- CVE-2025-43859: Fixed accepting of malformed Chunked- Encoding bodies (bsc#1241872) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-114=1 ## Package List: * SUSE Linux Micro 6.1 (noarch) * python311-h11-0.16.0-slfo.1.1_1.1 * python311-httpcore-0.16.3-slfo.1.1_2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-43859.html * https://bugzilla.suse.com/show_bug.cgi?id=1241872 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 28 09:30:03 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 28 May 2025 09:30:03 -0000 Subject: SUSE-RU-2025:20329-1: important: Recommended update for NetworkManager Message-ID: <174842460357.5223.3067439548374815010@smelt2.prg2.suse.org> # Recommended update for NetworkManager Announcement ID: SUSE-RU-2025:20329-1 Release Date: May 20, 2025, 8:06 a.m. Rating: important References: * bsc#1224868 Affected Products: * SUSE Linux Micro 6.1 An update that has one fix can now be installed. ## Description: This update for NetworkManager fixes the following issues: * Add config-server subpackage (bsc#1224868). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-113=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * NetworkManager-wwan-debuginfo-1.42.6-slfo.1.1_2.1 * typelib-1_0-NM-1_0-1.42.6-slfo.1.1_2.1 * NetworkManager-1.42.6-slfo.1.1_2.1 * NetworkManager-tui-1.42.6-slfo.1.1_2.1 * NetworkManager-pppoe-debuginfo-1.42.6-slfo.1.1_2.1 * NetworkManager-bluetooth-debuginfo-1.42.6-slfo.1.1_2.1 * NetworkManager-tui-debuginfo-1.42.6-slfo.1.1_2.1 * NetworkManager-cloud-setup-1.42.6-slfo.1.1_2.1 * NetworkManager-wwan-1.42.6-slfo.1.1_2.1 * NetworkManager-cloud-setup-debuginfo-1.42.6-slfo.1.1_2.1 * NetworkManager-debugsource-1.42.6-slfo.1.1_2.1 * libnm0-debuginfo-1.42.6-slfo.1.1_2.1 * NetworkManager-pppoe-1.42.6-slfo.1.1_2.1 * NetworkManager-bluetooth-1.42.6-slfo.1.1_2.1 * libnm0-1.42.6-slfo.1.1_2.1 * NetworkManager-debuginfo-1.42.6-slfo.1.1_2.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1224868 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 28 09:30:06 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 28 May 2025 09:30:06 -0000 Subject: SUSE-SU-2025:20328-1: important: Security update for elemental-operator Message-ID: <174842460647.5223.10330997325402570906@smelt2.prg2.suse.org> # Security update for elemental-operator Announcement ID: SUSE-SU-2025:20328-1 Release Date: May 15, 2025, 5:45 p.m. Rating: important References: * bsc#1238700 * bsc#1239335 Cross-References: * CVE-2025-22869 * CVE-2025-22870 CVSS scores: * CVE-2025-22869 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22869 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22869 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22870 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-22870 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2025-22870 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L Affected Products: * SUSE Linux Micro 6.1 An update that solves two vulnerabilities can now be installed. ## Description: This update for elemental-operator fixes the following issues: * Updated to v1.7.2: * Updated header year * CVE-2025-22870: golang.org/x/net/proxy: Fixed proxy bypass using IPv6 zone IDs (bsc#1238700) * CVE-2025-22869: golang.org/x/crypto/ssh: Fixed Denial of Service in the Key Exchange of golang.org/x/crypto/ssh (bsc#1239335) * Label Templates: add IP addresses to the Network variables (#885, #894) * Fixed generation of already present resources (#892, #893) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-111=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 x86_64) * elemental-register-1.7.2-slfo.1.1_1.1 * elemental-support-1.7.2-slfo.1.1_1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-22869.html * https://www.suse.com/security/cve/CVE-2025-22870.html * https://bugzilla.suse.com/show_bug.cgi?id=1238700 * https://bugzilla.suse.com/show_bug.cgi?id=1239335 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 28 09:30:19 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 28 May 2025 09:30:19 -0000 Subject: SUSE-SU-2025:20327-1: important: Security update for nvidia-open-driver-G06-signed Message-ID: <174842461942.5223.7459688007116244126@smelt2.prg2.suse.org> # Security update for nvidia-open-driver-G06-signed Announcement ID: SUSE-SU-2025:20327-1 Release Date: May 15, 2025, 3:59 p.m. Rating: important References: * bsc#1235461 * bsc#1235871 * bsc#1236191 * bsc#1236658 * bsc#1236746 * bsc#1237308 * bsc#1237585 * bsc#1239139 * bsc#1239653 * bsc#1241231 * jsc#PED-2658 * jsc#PED-7117 Cross-References: * CVE-2024-0131 * CVE-2024-0147 * CVE-2024-0149 * CVE-2024-0150 * CVE-2024-53869 CVSS scores: * CVE-2024-0131 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-0131 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0147 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0147 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0149 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-0149 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-0150 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-0150 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-53869 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53869 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.1 An update that solves five vulnerabilities, contains two features and has five fixes can now be installed. ## Description: This update for nvidia-open-driver-G06-signed fixes the following issues: Update CUDA variant to 570.133.20 Update non-CUDA variant to 570.144 (bsc#1241231) Update non-CUDA variant to 570.133.07 (bsc#1239653) * removed obsolete kernel-firmware-nvidia-gspx-G06-cuda; firmware has moved to nvidia-common-G06 and kernel-firmware-nvidia-gspx-G06 is no longer available either (bsc#1239139) Update CUDA variant to 570.124.06 Update non-CUDA variant to 570.124.04 (bsc#1237585) Update non-CUDA variant to 570.124.02 (bsc#1237585) In the module install path revert the order of the 'updates' subdirectory and the package name & version. This satisfies the kmp dependency checker (bsc#1237308). update non-CUDA variant to 570.86.16 (bsc#1236658) Update to 565.77 * non-CUDA variant: * get rid of modprobe.d and dracut.d files and udev magic; instead require nvidia-common-G06 * Supplements: switch to really supported devices; not only the initially supported ones without graphical output update non-CUDA and CUDA variant to 570.86.15 * preamble: let -cuda KMP conflict with no-cuda variants < 550.135 (bsc#1236191) Update to 550.144.03 (bsc#1235461, bsc#1235871) * fixes CVE-2024-0131, CVE-2024-0147, CVE-2024-0149, CVE-2024-0150, CVE-2024-53869 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-21=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 x86_64) * nvidia-open-driver-G06-signed-cuda-kmp-default-570.133.20_k6.4.0_28-1.1 * nvidia-open-driver-G06-signed-debugsource-570.144-1.1 * nvidia-open-driver-G06-signed-cuda-debugsource-570.133.20-1.1 * nvidia-open-driver-G06-signed-kmp-default-570.144_k6.4.0_28-1.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-570.144_k6.4.0_28-1.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-570.133.20_k6.4.0_28-1.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0131.html * https://www.suse.com/security/cve/CVE-2024-0147.html * https://www.suse.com/security/cve/CVE-2024-0149.html * https://www.suse.com/security/cve/CVE-2024-0150.html * https://www.suse.com/security/cve/CVE-2024-53869.html * https://bugzilla.suse.com/show_bug.cgi?id=1235461 * https://bugzilla.suse.com/show_bug.cgi?id=1235871 * https://bugzilla.suse.com/show_bug.cgi?id=1236191 * https://bugzilla.suse.com/show_bug.cgi?id=1236658 * https://bugzilla.suse.com/show_bug.cgi?id=1236746 * https://bugzilla.suse.com/show_bug.cgi?id=1237308 * https://bugzilla.suse.com/show_bug.cgi?id=1237585 * https://bugzilla.suse.com/show_bug.cgi?id=1239139 * https://bugzilla.suse.com/show_bug.cgi?id=1239653 * https://bugzilla.suse.com/show_bug.cgi?id=1241231 * https://jira.suse.com/browse/PED-2658 * https://jira.suse.com/browse/PED-7117 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 28 09:30:20 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 28 May 2025 09:30:20 -0000 Subject: SUSE-RU-2025:20324-1: moderate: Recommended update for scap-security-guide Message-ID: <174842462079.5223.8546001563221172576@smelt2.prg2.suse.org> # Recommended update for scap-security-guide Announcement ID: SUSE-RU-2025:20324-1 Release Date: May 19, 2025, 9:56 a.m. Rating: moderate References: * jsc#ECO-3319 Affected Products: * SUSE Linux Micro 6.0 An update that contains one feature can now be installed. ## Description: This update for scap-security-guide fixes the following issues: This updates add scap-security-guide in version 0.1.76 (jsc#ECO-3319): * Add new product for Ubuntu 24.04 and draft CIS profiles * Add pyproject.toml for the ssg package * AlmaLinux OS 9 as a new product * Documentation for ssg library * Extend SSG library to more easily collect profile selections * Extend SSG with functions to manage variables ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-326=1 ## Package List: * SUSE Linux Micro 6.0 (noarch) * scap-security-guide-0.1.76-1.1 ## References: * https://jira.suse.com/browse/ECO-3319 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 28 09:30:24 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 28 May 2025 09:30:24 -0000 Subject: SUSE-SU-2025:20323-1: moderate: Security update for sqlite3 Message-ID: <174842462449.5223.10706534745442446812@smelt2.prg2.suse.org> # Security update for sqlite3 Announcement ID: SUSE-SU-2025:20323-1 Release Date: May 16, 2025, 12:51 p.m. Rating: moderate References: * bsc#1241020 * bsc#1241078 Cross-References: * CVE-2025-29087 * CVE-2025-29088 CVSS scores: * CVE-2025-29087 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2025-29087 ( SUSE ): 5.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L * CVE-2025-29087 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-29087 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-29087 ( NVD ): 3.2 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L * CVE-2025-29088 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-29088 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-29088 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-29088 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L Affected Products: * SUSE Linux Micro 6.0 An update that solves two vulnerabilities can now be installed. ## Description: This update for sqlite3 fixes the following issues: * Update to release 3.49.1: * Improve portability of makefiles and configure scripts. * CVE-2025-29087, bsc#1241020: Fix a bug in the concat_ws() function, introduced in version 3.44.0, that could lead to a memory error if the separator string is very large (hundreds of megabytes). * CVE-2025-29088, bsc#1241078: Enhanced the SQLITE_DBCONFIG_LOOKASIDE interface to make it more robust against misuse. * Update to release 3.49.0: * Enhancements to the query planner: * Improve the query-time index optimization so that it works on WITHOUT ROWID tables. * Better query plans for large star-query joins. This fixes three different performance regressions that were reported on the SQLite Forum. * When two or more queries have the same estimated cost, use the one with the fewer bytes per row. * Enhance the iif() SQL function so that it can accept any number of arguments greater than or equal to two. * Enhance the session extension so that it works on databases that make use of generated columns. * Omit the SQLITE_USE_STDIO_FOR_CONSOLE compile-time option which was not implemented correctly and never worked right. In its place add the SQLITE_USE_W32_FOR_CONSOLE_IO compile-time option. This option applies to command-line tools like the CLI only, not to the SQLite core. It causes Win32 APIs to be used for console I/O instead of stdio. This option affects Windows builds only. * Three new options to sqlite3_db_config(). All default "on". SQLITE_DBCONFIG_ENABLE_ATTACH_CREATE SQLITE_DBCONFIG_ENABLE_ATTACH_WRITE SQLITE_DBCONFIG_ENABLE_COMMENTS * Re-enable SONAME which got disabled by default in 3.48.0. * https://www.sqlite.org/src/forumpost/5a3b44f510df8ded * https://sqlite.org/forum/forumpost/ab8f15697a * Update to release 3.48.0: * Improved EXPLAIN QUERY PLAN output for covering indexes. * Allow a two-argument version of the iif() SQL function. * Also allow if() as an alternative spelling for iif(). * Add the ".dbtotxt" command to the CLI. * Add the SQLITE_IOCAP_SUBPAGE_READ property to the xDeviceCharacteristics method of the sqlite3_io_methods object. * Add the SQLITE_PREPARE_DONT_LOG option to sqlite3_prepare_v3() that prevents warning messages being sent to the error log if the SQL is ill-formed. This allows sqlite3_prepare_v3() to be used to do test compiles of SQL to check for validity without polluting the error log with false messages. * Increase the minimum allowed value of SQLITE_LIMIT_LENGTH from 1 to 30. * Added the SQLITE_FCNTL_NULL_IO file control. * Extend the FTS5 auxiliary API xInstToken() to work with prefix queries via the insttoken configuration option and the fts5_insttoken() SQL function. * Increase the maximum number of arguments to an SQL function from 127 to 1000. * Update to release 3.47.2: * Fix a problem in text-to-floating-point conversion that affects text values where the first 16 significant digits are '1844674407370955'. This issue was introduced in 3.47.0 and only arises on x64 and i386 hardware. * Other minor bug fixes. * Enable the session extension, because NodeJS 22 needs it. * Update to release 3.47.1: * Fix the makefiles so that they once again honored DESTDIR for the "install" target. * Add the SQLITE_IOCAP_SUBPAGE_READ capability to the VFS, to work around issues on some non-standard VFSes caused by making SQLITE_DIRECT_OVERFLOW_READ the default in version 3.45.0. * Fix incorrect answers to certain obscure IN queries caused by new query optimizations added in the 3.47.0 release. * Other minor bug fixes. * Update to release 3.47.0: * Allow arbitrary expressions in the second argument to the RAISE function. * If the RHS of the ->> operator is negative, then access array elements counting from the right. * Fix a problem with rolling back hot journal files in the seldom-used unix- dotfile VFS. * FTS5 tables can now be dropped even if they use a non-standard tokenizer that has not been registered. * Fix the group_concat() aggregate function so that it returns an empty string, not a NULL, if it receives a single input value which is an empty string. * Enhance the generate_series() table-valued function so that it is able to recognize and use constraints on its output value. Preupdate hooks now recognize when a column added by ALTER TABLE ADD COLUMN has a non-null default value. * Improved reuse of subqueries associated with the IN operator, especially when the IN operator has been duplicated due to predicate push-down. * Use a Bloom filter on subqueries on the right-hand side of the IN operator, in cases where that seems likely to improve performance. * Ensure that queries like "SELECT func(a) FROM tab GROUP BY 1" only invoke the func() function once per row. * No attempt is made to create automatic indexes on a column that is known to be non-selective because of its use in other indexes that have been analyzed. * Adjustments to the query planner so that it produces better plans for star queries with a large number of dimension tables. * Add the "order-by-subquery" optimization, that seeks to disable sort operations in outer queries if the desired order is obtained naturally due to ORDER BY clauses in subqueries. * The "indexed-subtype-expr" optimization strives to use expressions that are part of an index rather than recomputing the expression based on table values, as long as the query planner can prove that the subtype of the expression will never be used. * Miscellaneous coding tweaks for faster runtimes. * Add the experimental sqlite3_rsync program. * Add extension functions median(), percentile(), percentile_cont(), and percentile_disc() to the CLI. * Add the .www dot-command to the CLI. * The sqlite3_analyzer utility now provides a break-out of statistics for WITHOUT ROWID tables. * The sqldiff utility avoids creating an empty database if its second argument does not exist. * Enhance the sqlite_dbpage table-valued function such that INSERT can be used to increase or decrease the size of the database file. * SQLite no longer makes any use of the "long double" data type, as hardware support for long double is becoming less common and long double creates challenges for some compiler tool chains. Instead, SQLite uses Dekker's algorithm when extended precision is needed. * The TCL Interface for SQLite supports TCL9. Everything probably still works for TCL 8.5 and later, though this is not guaranteed. Users are encouraged to upgrade to TCL9. * Fix a corruption-causing bug in the JavaScript "opfs" VFS. Correct "mode=ro" handling for the "opfs" VFS. Work around a couple of browser-specific OPFS quirks. * Add the fts5_tokenizer_v2 API and the locale=1 option, for creating custom locale-aware tokenizers and fts5 tables that may take advantage of them. * Add the contentless_unindexed=1 option, for creating contentless fts5 tables that store the values of any UNINDEXED columns persistently in the database. * Allow an FTS5 table to be dropped even if it uses a custom tokenizer whose implementation is not available. * Update to release 3.46.1: * Improved robustness while parsing the tokenize= arguments in FTS5. * Enhancements to covering index prediction in the query planner. * Do not let the number of terms on a VALUES clause be limited by SQLITE_LIMIT_COMPOUND_SELECT, even if the VALUES clause contains elements that appear to be variables due to double-quoted string literals. * Fix the window function version of group_concat() so that it returns an empty string if it has one or more empty string inputs. * In FTS5 secure-delete mode, fix false-positive integrity-check reports about corrupt indexes. * Syntax errors in ALTER TABLE should always return SQLITE_ERROR. In some cases, they were formerly returning SQLITE_INTERNAL. * Other minor fixes. * Update to release 3.46.0: * https://sqlite.org/releaselog/3_46_0.html * Enhance PRAGMA optimize in multiple ways. * Enhancements to the date and time functions. * Add support for underscore ("_") characters between digits in numeric literals. * Add the json_pretty() SQL function. * Query planner improvements. * Allocate additional memory from the heap for the SQL parser stack if that stack overflows, rather than reporting a "parser stack overflow" error. * Allow ASCII control characters within JSON5 string literals. * Fix the -> and ->> JSON operators so that when the right-hand side operand is a string that looks like an integer it is still treated as a string, because that is what PostgreSQL does. * Update to release 3.45.3: * Fix a long-standing bug (going back to version 3.24.0) that might (rarely) cause the "old.*" values of an UPDATE trigger to be incorrect if that trigger fires in response to an UPSERT. * Reduce the scope of the NOT NULL strength reduction optimization that was added as item 8e in version 3.35.0. The optimization was being attempted in some contexts where it did not work, resulting in incorrect query results. * Add SQLITE_STRICT_SUBTYPE=1 as recommended by upstream. * Update to release 3.45.2: * Added the SQLITE_RESULT_SUBTYPE property for application- defined SQL functions. * Enhancements to the JSON SQL functions * Add the FTS5 tokendata option to the FTS5 virtual table. * The SQLITE_DIRECT_OVERFLOW_READ optimization is now enabled by default. * Query planner improvements * Increase the default value for SQLITE_MAX_PAGE_COUNT from 1073741824 to 4294967294. * Enhancements to the CLI * Restore the JSON BLOB input bug, and promise to support the anomaly in subsequent releases, for backward compatibility. * Fix the PRAGMA integrity_check command so that it works on read-only databases that contain FTS3 and FTS5 tables. * Fix issues associated with processing corrupt JSONB inputs. * Fix a long-standing bug in which a read of a few bytes past the end of a memory-mapped segment might occur when accessing a craftily corrupted database using memory-mapped database. * Fix a long-standing bug in which a NULL pointer dereference might occur in the bytecode engine due to incorrect bytecode being generated for a class of SQL statements that are deliberately designed to stress the query planner but which are otherwise pointless. * Fix an error in UPSERT, introduced in version 3.35.0. * Reduce the scope of the NOT NULL strength reduction optimization that was added in version 3.35.0. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-325=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * sqlite3-debugsource-3.49.1-1.1 * libsqlite3-0-3.49.1-1.1 * libsqlite3-0-debuginfo-3.49.1-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-29087.html * https://www.suse.com/security/cve/CVE-2025-29088.html * https://bugzilla.suse.com/show_bug.cgi?id=1241020 * https://bugzilla.suse.com/show_bug.cgi?id=1241078 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 28 09:30:26 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 28 May 2025 09:30:26 -0000 Subject: SUSE-RU-2025:20322-1: moderate: Recommended update for elemental-operator Message-ID: <174842462686.5223.203048571066589966@smelt2.prg2.suse.org> # Recommended update for elemental-operator Announcement ID: SUSE-RU-2025:20322-1 Release Date: May 16, 2025, 9:48 a.m. Rating: moderate References: * bsc#1242901 Affected Products: * SUSE Linux Micro 6.0 An update that has one fix can now be installed. ## Description: This update for elemental-operator fixes the following issues: * Fix questions.yaml default tag * operator: update RBAC for upgrade plans (bsc#1242901) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-324=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 x86_64) * elemental-register-1.6.9-1.1 * elemental-support-1.6.9-1.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1242901 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 28 09:30:28 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 28 May 2025 09:30:28 -0000 Subject: SUSE-RU-2025:20321-1: moderate: Recommended update for pcr-oracle Message-ID: <174842462869.5223.9426192279143707346@smelt2.prg2.suse.org> # Recommended update for pcr-oracle Announcement ID: SUSE-RU-2025:20321-1 Release Date: May 16, 2025, 9:39 a.m. Rating: moderate References: * bsc#1241957 Affected Products: * SUSE Linux Micro 6.0 An update that has one fix can now be installed. ## Description: This update for pcr-oracle fixes the following issues: * Predict the EFI_VARIABLE_AUTHORITY event with the alternative database (bsc#1241957) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-323=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 x86_64) * pcr-oracle-0.4.6-4.1 * pcr-oracle-debugsource-0.4.6-4.1 * pcr-oracle-debuginfo-0.4.6-4.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1241957 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 28 09:30:30 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 28 May 2025 09:30:30 -0000 Subject: SUSE-RU-2025:20320-1: important: Recommended update for vim Message-ID: <174842463093.5223.6104601358834965789@smelt2.prg2.suse.org> # Recommended update for vim Announcement ID: SUSE-RU-2025:20320-1 Release Date: May 16, 2025, 6:43 a.m. Rating: important References: * bsc#1235751 Affected Products: * SUSE Linux Micro 6.0 * SUSE Linux Micro Extras 6.0 An update that has one fix can now be installed. ## Description: This update for vim fixes the following issues: * Introduce patch to fix bsc#1235751 (regression). * Update to 9.1.1176. Changes: * 9.1.1176: wrong indent when expanding multiple lines * 9.1.1175: inconsistent behaviour with exclusive selection and motion commands * 9.1.1174: tests: Test_complete_cmdline() may fail * 9.1.1173: filetype: ABNF files are not detected * 9.1.1172: [security]: overflow with 'nostartofline' and Ex command in tag file * 9.1.1171: tests: wrong arguments passed to assert_equal() * 9.1.1170: wildmenu highlighting in popup can be improved * 9.1.1169: using global variable for get_insert()/get_lambda_name() * 9.1.1168: wrong flags passed down to nextwild() * 9.1.1167: mark '] wrong after copying text object * 9.1.1166: command-line auto-completion hard with wildmenu * 9.1.1165: diff: regression with multi-file diff blocks * 9.1.1164: [security]: code execution with tar.vim and special crafted tar files * 9.1.1163: $MYVIMDIR is set too late * 9.1.1162: completion popup not cleared in cmdline * 9.1.1161: preinsert requires bot "menu" and "menuone" to be set * 9.1.1160: Ctrl-Y does not work well with "preinsert" when completing items * 9.1.1159: $MYVIMDIR may not always be set * 9.1.1158: :verbose set has wrong file name with :compiler! * 9.1.1157: command completion wrong for input() * 9.1.1156: tests: No test for what patch 9.1.1152 fixes * 9.1.1155: Mode message not cleared after :silent message * 9.1.1154: Vim9: not able to use autoload class accross scripts * 9.1.1153: build error on Haiku * 9.1.1152: Patch v9.1.1151 causes problems * 9.1.1151: too many strlen() calls in getchar.c * 9.1.1150: :hi completion may complete to wrong value * 9.1.1149: Unix Makefile does not support Brazilian lang for the installer * 9.1.1148: Vim9: finding imported scripts can be further improved * 9.1.1147: preview-window does not scroll correctly * 9.1.1146: Vim9: wrong context being used when evaluating class member * 9.1.1145: multi-line completion has wrong indentation for last line * 9.1.1144: no way to create raw strings from a blob * 9.1.1143: illegal memory access when putting a register * 9.1.1142: tests: test_startup fails if $HOME/$XDG_CONFIG_HOME is defined * 9.1.1141: Misplaced comment in readfile() * 9.1.1140: filetype: m17ndb files are not detected * 9.1.1139: [fifo] is not displayed when editing a fifo * 9.1.1138: cmdline completion for :hi is too simplistic * 9.1.1137: ins_str() is inefficient by calling STRLEN() * 9.1.1136: Match highlighting marks a buffer region as changed * 9.1.1135: 'suffixesadd' doesn't work with multiple items * 9.1.1134: filetype: Guile init file not recognized * 9.1.1133: filetype: xkb files not recognized everywhere * 9.1.1132: Mark positions wrong after triggering multiline completion * 9.1.1131: potential out-of-memory issue in search.c * 9.1.1130: 'listchars' "precedes" is not drawn on Tabs. * 9.1.1129: missing out-of-memory test in buf_write() * 9.1.1128: patch 9.1.1119 caused a regression with imports * 9.1.1127: preinsert text is not cleaned up correctly * 9.1.1126: patch 9.1.1121 used a wrong way to handle enter * 9.1.1125: cannot loop through pum menu with multiline items * 9.1.1124: No test for 'listchars' "precedes" with double-width char * 9.1.1123: popup hi groups not falling back to defaults * 9.1.1122: too many strlen() calls in findfile.c * 9.1.1121: Enter does not insert newline with "noselect" * 9.1.1120: tests: Test_registers fails * 9.1.1119: Vim9: Not able to use an autoloaded class from another autoloaded script * 9.1.1118: tests: test_termcodes fails * 9.1.1117: there are a few minor style issues * 9.1.1116: Vim9: super not supported in lambda expressions * 9.1.1115: [security]: use-after-free in str_to_reg() * 9.1.1114: enabling termguicolors automatically confuses users * 9.1.1113: tests: Test_terminal_builtin_without_gui waits 2 seconds * 9.1.1112: Inconsistencies in get_next_or_prev_match() * 9.1.1111: Vim9: variable not found in transitive import * 9.1.1110: Vim tests are slow and flaky * 9.1.1109: cmdexpand.c hard to read * 9.1.1108: 'smoothscroll' gets stuck with 'listchars' "eol" * 9.1.1107: cannot loop through completion menu with fuzzy * 9.1.1106: tests: Test_log_nonexistent() causes asan failure * 9.1.1105: Vim9: no support for protected new() method * 9.1.1104: CI: using Ubuntu 22.04 Github runners * 9.1.1103: if_perl: still some compile errors with Perl 5.38 * 9.1.1102: tests: Test_WinScrolled_Resized_eiw() uses wrong filename ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-322=1 * SUSE Linux Micro Extras 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-322=1 ## Package List: * SUSE Linux Micro 6.0 (noarch) * vim-data-common-9.1.1176-1.1 * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * vim-small-debuginfo-9.1.1176-1.1 * vim-small-9.1.1176-1.1 * vim-debugsource-9.1.1176-1.1 * SUSE Linux Micro Extras 6.0 (aarch64 s390x x86_64) * vim-debuginfo-9.1.1176-1.1 * vim-9.1.1176-1.1 * xxd-debuginfo-9.1.1176-1.1 * xxd-9.1.1176-1.1 * vim-debugsource-9.1.1176-1.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1235751 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 28 09:30:40 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 28 May 2025 09:30:40 -0000 Subject: SUSE-SU-2025:20319-1: important: Security update for nvidia-open-driver-G06-signed Message-ID: <174842464025.5223.4363379194521565155@smelt2.prg2.suse.org> # Security update for nvidia-open-driver-G06-signed Announcement ID: SUSE-SU-2025:20319-1 Release Date: May 15, 2025, 3:54 p.m. Rating: important References: * bsc#1235461 * bsc#1235871 * bsc#1236191 * bsc#1236658 * bsc#1236746 * bsc#1237308 * bsc#1237585 * bsc#1239139 * bsc#1239653 * bsc#1241231 * jsc#PED-2658 * jsc#PED-7117 Cross-References: * CVE-2024-0131 * CVE-2024-0147 * CVE-2024-0149 * CVE-2024-0150 * CVE-2024-53869 CVSS scores: * CVE-2024-0131 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-0131 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0147 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0147 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0149 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-0149 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-0150 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-0150 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-53869 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53869 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.0 An update that solves five vulnerabilities, contains two features and has five fixes can now be installed. ## Description: This update for nvidia-open-driver-G06-signed fixes the following issues: Update CUDA variant to 570.133.20 Update non-CUDA variant to 570.144 (bsc#1241231) Update non-CUDA variant to 570.133.07 (bsc#1239653) * removed obsolete kernel-firmware-nvidia-gspx-G06-cuda; firmware has moved to nvidia-common-G06 and kernel-firmware-nvidia-gspx-G06 is no longer available either (bsc#1239139) Update CUDA variant to 570.124.06 Update non-CUDA variant to 570.124.04 (bsc#1237585) Update non-CUDA variant to 570.124.02 (bsc#1237585) In the module install path revert the order of the 'updates' subdirectory and the package name & version. This satisfies the kmp dependency checker (bsc#1237308). update non-CUDA variant to 570.86.16 (bsc#1236658) Update to 565.77 * non-CUDA variant: * get rid of modprobe.d and dracut.d files and udev magic; instead require nvidia-common-G06 * Supplements: switch to really supported devices; not only the initially supported ones without graphical output update non-CUDA and CUDA variant to 570.86.15 * preamble: let -cuda KMP conflict with no-cuda variants < 550.135 (bsc#1236191) Update to 550.144.03 (bsc#1235461, bsc#1235871) * fixes CVE-2024-0131, CVE-2024-0147, CVE-2024-0149, CVE-2024-0150, CVE-2024-53869 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-21=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 x86_64) * nvidia-open-driver-G06-signed-cuda-kmp-default-570.133.20_k6.4.0_28-1.1 * nvidia-open-driver-G06-signed-debugsource-570.144-1.1 * nvidia-open-driver-G06-signed-cuda-debugsource-570.133.20-1.1 * nvidia-open-driver-G06-signed-kmp-default-570.144_k6.4.0_28-1.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-570.144_k6.4.0_28-1.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-570.133.20_k6.4.0_28-1.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0131.html * https://www.suse.com/security/cve/CVE-2024-0147.html * https://www.suse.com/security/cve/CVE-2024-0149.html * https://www.suse.com/security/cve/CVE-2024-0150.html * https://www.suse.com/security/cve/CVE-2024-53869.html * https://bugzilla.suse.com/show_bug.cgi?id=1235461 * https://bugzilla.suse.com/show_bug.cgi?id=1235871 * https://bugzilla.suse.com/show_bug.cgi?id=1236191 * https://bugzilla.suse.com/show_bug.cgi?id=1236658 * https://bugzilla.suse.com/show_bug.cgi?id=1236746 * https://bugzilla.suse.com/show_bug.cgi?id=1237308 * https://bugzilla.suse.com/show_bug.cgi?id=1237585 * https://bugzilla.suse.com/show_bug.cgi?id=1239139 * https://bugzilla.suse.com/show_bug.cgi?id=1239653 * https://bugzilla.suse.com/show_bug.cgi?id=1241231 * https://jira.suse.com/browse/PED-2658 * https://jira.suse.com/browse/PED-7117 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 28 12:30:12 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 28 May 2025 12:30:12 -0000 Subject: SUSE-SU-2025:01724-1: important: Security update for webkit2gtk3 Message-ID: <174843541230.5286.5745980100943892941@smelt2.prg2.suse.org> # Security update for webkit2gtk3 Announcement ID: SUSE-SU-2025:01724-1 Release Date: 2025-05-28T11:10:48Z Rating: important References: * bsc#1241158 * bsc#1241160 * bsc#1243282 * bsc#1243286 * bsc#1243288 * bsc#1243289 * bsc#1243424 * bsc#1243596 Cross-References: * CVE-2023-42875 * CVE-2023-42970 * CVE-2025-24223 * CVE-2025-31204 * CVE-2025-31205 * CVE-2025-31206 * CVE-2025-31215 * CVE-2025-31257 CVSS scores: * CVE-2023-42875 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2023-42875 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N * CVE-2023-42875 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N * CVE-2023-42970 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2023-42970 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2023-42970 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-24223 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-24223 ( SUSE ): 8.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2025-24223 ( NVD ): 8.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2025-31204 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-31204 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-31205 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2025-31205 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2025-31206 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-31206 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-31215 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-31215 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-31257 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-31257 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-31257 ( NVD ): 4.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves eight vulnerabilities can now be installed. ## Description: This update for webkit2gtk3 fixes the following issues: Update to version 2.48.2. Security issues fixed: * CVE-2025-31205: lack of checks may lead to cross-origin data exfiltration through a malicious website (bsc#1243282). * CVE-2025-31204: improper memory handling when processing certain web content may lead to memory corruption (bsc#1243286). * CVE-2025-31206: type confusion issue when processing certain web content may lead to an unexpected crash (bsc#1243288). * CVE-2025-31215: lack of checks when processing certain web content may lead to an unexpected crash (bsc#1243289). * CVE-2025-31257: improper memory handling when processing certain web content may lead to an unexpected crash (bsc#1243596). * CVE-2025-24223: improper memory handling when processing certain web content may lead to memory corruption (bsc#1243424). Other changes and issues fixed: * Enable CSS overscroll behavior by default. * Change threaded rendering implementation to use Skia API instead of WebCore display list that is not thread safe. * Fix rendering when device scale factor change comes before the web view geometry update. * Fix network process crash on exit. * Fix the build with ENABLE_RESOURCE_USAGE=OFF. * Fix several crashes and rendering issues. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1724=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1724=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1724=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1724=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1724=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1724=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1724=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1724=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1724=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-1724=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-1724=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-1724=1 ## Package List: * openSUSE Leap 15.4 (noarch) * WebKitGTK-4.0-lang-2.48.2-150400.4.119.1 * WebKitGTK-6.0-lang-2.48.2-150400.4.119.1 * WebKitGTK-4.1-lang-2.48.2-150400.4.119.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * webkitgtk-6_0-injected-bundles-debuginfo-2.48.2-150400.4.119.1 * libwebkit2gtk-4_1-0-2.48.2-150400.4.119.1 * libwebkit2gtk-4_0-37-debuginfo-2.48.2-150400.4.119.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.48.2-150400.4.119.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.48.2-150400.4.119.1 * libjavascriptcoregtk-6_0-1-2.48.2-150400.4.119.1 * webkit2gtk-4_1-injected-bundles-2.48.2-150400.4.119.1 * webkit-jsc-4-debuginfo-2.48.2-150400.4.119.1 * webkit2gtk3-soup2-minibrowser-debuginfo-2.48.2-150400.4.119.1 * typelib-1_0-JavaScriptCore-4_1-2.48.2-150400.4.119.1 * webkit-jsc-4.1-debuginfo-2.48.2-150400.4.119.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.2-150400.4.119.1 * typelib-1_0-WebKit2-4_1-2.48.2-150400.4.119.1 * webkit2gtk3-soup2-devel-2.48.2-150400.4.119.1 * webkit2gtk3-minibrowser-debuginfo-2.48.2-150400.4.119.1 * libjavascriptcoregtk-4_0-18-2.48.2-150400.4.119.1 * libwebkit2gtk-4_0-37-2.48.2-150400.4.119.1 * webkit2gtk3-soup2-minibrowser-2.48.2-150400.4.119.1 * webkitgtk-6_0-injected-bundles-2.48.2-150400.4.119.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.48.2-150400.4.119.1 * webkit2gtk4-devel-2.48.2-150400.4.119.1 * typelib-1_0-JavaScriptCore-4_0-2.48.2-150400.4.119.1 * webkit2gtk-4_0-injected-bundles-2.48.2-150400.4.119.1 * typelib-1_0-WebKit2WebExtension-4_1-2.48.2-150400.4.119.1 * libwebkit2gtk-4_1-0-debuginfo-2.48.2-150400.4.119.1 * webkit2gtk4-minibrowser-2.48.2-150400.4.119.1 * webkit2gtk3-debugsource-2.48.2-150400.4.119.1 * libwebkitgtk-6_0-4-debuginfo-2.48.2-150400.4.119.1 * libwebkitgtk-6_0-4-2.48.2-150400.4.119.1 * typelib-1_0-JavaScriptCore-6_0-2.48.2-150400.4.119.1 * typelib-1_0-WebKitWebProcessExtension-6_0-2.48.2-150400.4.119.1 * webkit-jsc-4-2.48.2-150400.4.119.1 * webkit2gtk4-debugsource-2.48.2-150400.4.119.1 * typelib-1_0-WebKit2WebExtension-4_0-2.48.2-150400.4.119.1 * libjavascriptcoregtk-4_1-0-2.48.2-150400.4.119.1 * webkit-jsc-4.1-2.48.2-150400.4.119.1 * webkit2gtk4-minibrowser-debuginfo-2.48.2-150400.4.119.1 * webkit2gtk3-devel-2.48.2-150400.4.119.1 * webkit2gtk3-minibrowser-2.48.2-150400.4.119.1 * webkit2gtk3-soup2-debugsource-2.48.2-150400.4.119.1 * typelib-1_0-WebKit-6_0-2.48.2-150400.4.119.1 * webkit-jsc-6.0-debuginfo-2.48.2-150400.4.119.1 * webkit-jsc-6.0-2.48.2-150400.4.119.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.48.2-150400.4.119.1 * typelib-1_0-WebKit2-4_0-2.48.2-150400.4.119.1 * openSUSE Leap 15.4 (x86_64) * libwebkit2gtk-4_0-37-32bit-2.48.2-150400.4.119.1 * libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.48.2-150400.4.119.1 * libwebkit2gtk-4_0-37-32bit-debuginfo-2.48.2-150400.4.119.1 * libwebkit2gtk-4_1-0-32bit-2.48.2-150400.4.119.1 * libjavascriptcoregtk-4_1-0-32bit-debuginfo-2.48.2-150400.4.119.1 * libjavascriptcoregtk-4_1-0-32bit-2.48.2-150400.4.119.1 * libwebkit2gtk-4_1-0-32bit-debuginfo-2.48.2-150400.4.119.1 * libjavascriptcoregtk-4_0-18-32bit-2.48.2-150400.4.119.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libwebkit2gtk-4_1-0-64bit-debuginfo-2.48.2-150400.4.119.1 * libjavascriptcoregtk-4_1-0-64bit-debuginfo-2.48.2-150400.4.119.1 * libjavascriptcoregtk-4_1-0-64bit-2.48.2-150400.4.119.1 * libwebkit2gtk-4_0-37-64bit-debuginfo-2.48.2-150400.4.119.1 * libwebkit2gtk-4_1-0-64bit-2.48.2-150400.4.119.1 * libwebkit2gtk-4_0-37-64bit-2.48.2-150400.4.119.1 * libjavascriptcoregtk-4_0-18-64bit-debuginfo-2.48.2-150400.4.119.1 * libjavascriptcoregtk-4_0-18-64bit-2.48.2-150400.4.119.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * WebKitGTK-4.0-lang-2.48.2-150400.4.119.1 * WebKitGTK-6.0-lang-2.48.2-150400.4.119.1 * WebKitGTK-4.1-lang-2.48.2-150400.4.119.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libwebkit2gtk-4_1-0-2.48.2-150400.4.119.1 * libwebkit2gtk-4_0-37-debuginfo-2.48.2-150400.4.119.1 * libjavascriptcoregtk-6_0-1-2.48.2-150400.4.119.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.48.2-150400.4.119.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.48.2-150400.4.119.1 * webkit2gtk-4_1-injected-bundles-2.48.2-150400.4.119.1 * typelib-1_0-JavaScriptCore-4_1-2.48.2-150400.4.119.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.2-150400.4.119.1 * typelib-1_0-WebKit2-4_1-2.48.2-150400.4.119.1 * webkit2gtk3-soup2-devel-2.48.2-150400.4.119.1 * libjavascriptcoregtk-4_0-18-2.48.2-150400.4.119.1 * libwebkit2gtk-4_0-37-2.48.2-150400.4.119.1 * webkitgtk-6_0-injected-bundles-2.48.2-150400.4.119.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.48.2-150400.4.119.1 * typelib-1_0-JavaScriptCore-4_0-2.48.2-150400.4.119.1 * webkit2gtk-4_0-injected-bundles-2.48.2-150400.4.119.1 * typelib-1_0-WebKit2WebExtension-4_1-2.48.2-150400.4.119.1 * libwebkit2gtk-4_1-0-debuginfo-2.48.2-150400.4.119.1 * webkit2gtk3-debugsource-2.48.2-150400.4.119.1 * libwebkitgtk-6_0-4-debuginfo-2.48.2-150400.4.119.1 * libwebkitgtk-6_0-4-2.48.2-150400.4.119.1 * webkit2gtk4-debugsource-2.48.2-150400.4.119.1 * typelib-1_0-WebKit2WebExtension-4_0-2.48.2-150400.4.119.1 * libjavascriptcoregtk-4_1-0-2.48.2-150400.4.119.1 * webkit2gtk3-devel-2.48.2-150400.4.119.1 * webkit2gtk3-soup2-debugsource-2.48.2-150400.4.119.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.48.2-150400.4.119.1 * typelib-1_0-WebKit2-4_0-2.48.2-150400.4.119.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * WebKitGTK-4.0-lang-2.48.2-150400.4.119.1 * WebKitGTK-6.0-lang-2.48.2-150400.4.119.1 * WebKitGTK-4.1-lang-2.48.2-150400.4.119.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libwebkit2gtk-4_1-0-2.48.2-150400.4.119.1 * libwebkit2gtk-4_0-37-debuginfo-2.48.2-150400.4.119.1 * libjavascriptcoregtk-6_0-1-2.48.2-150400.4.119.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.48.2-150400.4.119.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.48.2-150400.4.119.1 * webkit2gtk-4_1-injected-bundles-2.48.2-150400.4.119.1 * typelib-1_0-JavaScriptCore-4_1-2.48.2-150400.4.119.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.2-150400.4.119.1 * typelib-1_0-WebKit2-4_1-2.48.2-150400.4.119.1 * webkit2gtk3-soup2-devel-2.48.2-150400.4.119.1 * libjavascriptcoregtk-4_0-18-2.48.2-150400.4.119.1 * libwebkit2gtk-4_0-37-2.48.2-150400.4.119.1 * webkitgtk-6_0-injected-bundles-2.48.2-150400.4.119.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.48.2-150400.4.119.1 * typelib-1_0-JavaScriptCore-4_0-2.48.2-150400.4.119.1 * webkit2gtk-4_0-injected-bundles-2.48.2-150400.4.119.1 * typelib-1_0-WebKit2WebExtension-4_1-2.48.2-150400.4.119.1 * libwebkit2gtk-4_1-0-debuginfo-2.48.2-150400.4.119.1 * webkit2gtk3-debugsource-2.48.2-150400.4.119.1 * libwebkitgtk-6_0-4-debuginfo-2.48.2-150400.4.119.1 * libwebkitgtk-6_0-4-2.48.2-150400.4.119.1 * webkit2gtk4-debugsource-2.48.2-150400.4.119.1 * typelib-1_0-WebKit2WebExtension-4_0-2.48.2-150400.4.119.1 * libjavascriptcoregtk-4_1-0-2.48.2-150400.4.119.1 * webkit2gtk3-devel-2.48.2-150400.4.119.1 * webkit2gtk3-soup2-debugsource-2.48.2-150400.4.119.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.48.2-150400.4.119.1 * typelib-1_0-WebKit2-4_0-2.48.2-150400.4.119.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * WebKitGTK-4.0-lang-2.48.2-150400.4.119.1 * WebKitGTK-6.0-lang-2.48.2-150400.4.119.1 * WebKitGTK-4.1-lang-2.48.2-150400.4.119.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * libwebkit2gtk-4_1-0-2.48.2-150400.4.119.1 * libwebkit2gtk-4_0-37-debuginfo-2.48.2-150400.4.119.1 * libjavascriptcoregtk-6_0-1-2.48.2-150400.4.119.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.48.2-150400.4.119.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.48.2-150400.4.119.1 * webkit2gtk-4_1-injected-bundles-2.48.2-150400.4.119.1 * typelib-1_0-JavaScriptCore-4_1-2.48.2-150400.4.119.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.2-150400.4.119.1 * typelib-1_0-WebKit2-4_1-2.48.2-150400.4.119.1 * webkit2gtk3-soup2-devel-2.48.2-150400.4.119.1 * libjavascriptcoregtk-4_0-18-2.48.2-150400.4.119.1 * libwebkit2gtk-4_0-37-2.48.2-150400.4.119.1 * webkitgtk-6_0-injected-bundles-2.48.2-150400.4.119.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.48.2-150400.4.119.1 * typelib-1_0-JavaScriptCore-4_0-2.48.2-150400.4.119.1 * webkit2gtk-4_0-injected-bundles-2.48.2-150400.4.119.1 * typelib-1_0-WebKit2WebExtension-4_1-2.48.2-150400.4.119.1 * libwebkit2gtk-4_1-0-debuginfo-2.48.2-150400.4.119.1 * webkit2gtk3-debugsource-2.48.2-150400.4.119.1 * libwebkitgtk-6_0-4-debuginfo-2.48.2-150400.4.119.1 * libwebkitgtk-6_0-4-2.48.2-150400.4.119.1 * webkit2gtk4-debugsource-2.48.2-150400.4.119.1 * typelib-1_0-WebKit2WebExtension-4_0-2.48.2-150400.4.119.1 * libjavascriptcoregtk-4_1-0-2.48.2-150400.4.119.1 * webkit2gtk3-devel-2.48.2-150400.4.119.1 * webkit2gtk3-soup2-debugsource-2.48.2-150400.4.119.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.48.2-150400.4.119.1 * typelib-1_0-WebKit2-4_0-2.48.2-150400.4.119.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * WebKitGTK-4.0-lang-2.48.2-150400.4.119.1 * WebKitGTK-6.0-lang-2.48.2-150400.4.119.1 * WebKitGTK-4.1-lang-2.48.2-150400.4.119.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * libwebkit2gtk-4_1-0-2.48.2-150400.4.119.1 * libwebkit2gtk-4_0-37-debuginfo-2.48.2-150400.4.119.1 * libjavascriptcoregtk-6_0-1-2.48.2-150400.4.119.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.48.2-150400.4.119.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.48.2-150400.4.119.1 * webkit2gtk-4_1-injected-bundles-2.48.2-150400.4.119.1 * typelib-1_0-JavaScriptCore-4_1-2.48.2-150400.4.119.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.2-150400.4.119.1 * typelib-1_0-WebKit2-4_1-2.48.2-150400.4.119.1 * webkit2gtk3-soup2-devel-2.48.2-150400.4.119.1 * libjavascriptcoregtk-4_0-18-2.48.2-150400.4.119.1 * libwebkit2gtk-4_0-37-2.48.2-150400.4.119.1 * webkitgtk-6_0-injected-bundles-2.48.2-150400.4.119.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.48.2-150400.4.119.1 * typelib-1_0-JavaScriptCore-4_0-2.48.2-150400.4.119.1 * webkit2gtk-4_0-injected-bundles-2.48.2-150400.4.119.1 * typelib-1_0-WebKit2WebExtension-4_1-2.48.2-150400.4.119.1 * libwebkit2gtk-4_1-0-debuginfo-2.48.2-150400.4.119.1 * webkit2gtk3-debugsource-2.48.2-150400.4.119.1 * libwebkitgtk-6_0-4-debuginfo-2.48.2-150400.4.119.1 * libwebkitgtk-6_0-4-2.48.2-150400.4.119.1 * webkit2gtk4-debugsource-2.48.2-150400.4.119.1 * typelib-1_0-WebKit2WebExtension-4_0-2.48.2-150400.4.119.1 * libjavascriptcoregtk-4_1-0-2.48.2-150400.4.119.1 * webkit2gtk3-devel-2.48.2-150400.4.119.1 * webkit2gtk3-soup2-debugsource-2.48.2-150400.4.119.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.48.2-150400.4.119.1 * typelib-1_0-WebKit2-4_0-2.48.2-150400.4.119.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * WebKitGTK-4.0-lang-2.48.2-150400.4.119.1 * WebKitGTK-6.0-lang-2.48.2-150400.4.119.1 * WebKitGTK-4.1-lang-2.48.2-150400.4.119.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * libwebkit2gtk-4_1-0-2.48.2-150400.4.119.1 * libwebkit2gtk-4_0-37-debuginfo-2.48.2-150400.4.119.1 * libjavascriptcoregtk-6_0-1-2.48.2-150400.4.119.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.48.2-150400.4.119.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.48.2-150400.4.119.1 * webkit2gtk-4_1-injected-bundles-2.48.2-150400.4.119.1 * typelib-1_0-JavaScriptCore-4_1-2.48.2-150400.4.119.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.2-150400.4.119.1 * typelib-1_0-WebKit2-4_1-2.48.2-150400.4.119.1 * webkit2gtk3-soup2-devel-2.48.2-150400.4.119.1 * libjavascriptcoregtk-4_0-18-2.48.2-150400.4.119.1 * libwebkit2gtk-4_0-37-2.48.2-150400.4.119.1 * webkitgtk-6_0-injected-bundles-2.48.2-150400.4.119.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.48.2-150400.4.119.1 * typelib-1_0-JavaScriptCore-4_0-2.48.2-150400.4.119.1 * webkit2gtk-4_0-injected-bundles-2.48.2-150400.4.119.1 * typelib-1_0-WebKit2WebExtension-4_1-2.48.2-150400.4.119.1 * libwebkit2gtk-4_1-0-debuginfo-2.48.2-150400.4.119.1 * webkit2gtk3-debugsource-2.48.2-150400.4.119.1 * libwebkitgtk-6_0-4-debuginfo-2.48.2-150400.4.119.1 * libwebkitgtk-6_0-4-2.48.2-150400.4.119.1 * webkit2gtk4-debugsource-2.48.2-150400.4.119.1 * typelib-1_0-WebKit2WebExtension-4_0-2.48.2-150400.4.119.1 * libjavascriptcoregtk-4_1-0-2.48.2-150400.4.119.1 * webkit2gtk3-devel-2.48.2-150400.4.119.1 * webkit2gtk3-soup2-debugsource-2.48.2-150400.4.119.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.48.2-150400.4.119.1 * typelib-1_0-WebKit2-4_0-2.48.2-150400.4.119.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * WebKitGTK-4.0-lang-2.48.2-150400.4.119.1 * WebKitGTK-6.0-lang-2.48.2-150400.4.119.1 * WebKitGTK-4.1-lang-2.48.2-150400.4.119.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libwebkit2gtk-4_1-0-2.48.2-150400.4.119.1 * libwebkit2gtk-4_0-37-debuginfo-2.48.2-150400.4.119.1 * libjavascriptcoregtk-6_0-1-2.48.2-150400.4.119.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.48.2-150400.4.119.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.48.2-150400.4.119.1 * webkit2gtk-4_1-injected-bundles-2.48.2-150400.4.119.1 * typelib-1_0-JavaScriptCore-4_1-2.48.2-150400.4.119.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.2-150400.4.119.1 * typelib-1_0-WebKit2-4_1-2.48.2-150400.4.119.1 * webkit2gtk3-soup2-devel-2.48.2-150400.4.119.1 * libjavascriptcoregtk-4_0-18-2.48.2-150400.4.119.1 * libwebkit2gtk-4_0-37-2.48.2-150400.4.119.1 * webkitgtk-6_0-injected-bundles-2.48.2-150400.4.119.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.48.2-150400.4.119.1 * typelib-1_0-JavaScriptCore-4_0-2.48.2-150400.4.119.1 * webkit2gtk-4_0-injected-bundles-2.48.2-150400.4.119.1 * typelib-1_0-WebKit2WebExtension-4_1-2.48.2-150400.4.119.1 * libwebkit2gtk-4_1-0-debuginfo-2.48.2-150400.4.119.1 * webkit2gtk3-debugsource-2.48.2-150400.4.119.1 * libwebkitgtk-6_0-4-debuginfo-2.48.2-150400.4.119.1 * libwebkitgtk-6_0-4-2.48.2-150400.4.119.1 * webkit2gtk4-debugsource-2.48.2-150400.4.119.1 * typelib-1_0-WebKit2WebExtension-4_0-2.48.2-150400.4.119.1 * libjavascriptcoregtk-4_1-0-2.48.2-150400.4.119.1 * webkit2gtk3-devel-2.48.2-150400.4.119.1 * webkit2gtk3-soup2-debugsource-2.48.2-150400.4.119.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.48.2-150400.4.119.1 * typelib-1_0-WebKit2-4_0-2.48.2-150400.4.119.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * WebKitGTK-4.0-lang-2.48.2-150400.4.119.1 * WebKitGTK-6.0-lang-2.48.2-150400.4.119.1 * WebKitGTK-4.1-lang-2.48.2-150400.4.119.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libwebkit2gtk-4_1-0-2.48.2-150400.4.119.1 * libwebkit2gtk-4_0-37-debuginfo-2.48.2-150400.4.119.1 * libjavascriptcoregtk-6_0-1-2.48.2-150400.4.119.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.48.2-150400.4.119.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.48.2-150400.4.119.1 * webkit2gtk-4_1-injected-bundles-2.48.2-150400.4.119.1 * typelib-1_0-JavaScriptCore-4_1-2.48.2-150400.4.119.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.2-150400.4.119.1 * typelib-1_0-WebKit2-4_1-2.48.2-150400.4.119.1 * webkit2gtk3-soup2-devel-2.48.2-150400.4.119.1 * libjavascriptcoregtk-4_0-18-2.48.2-150400.4.119.1 * libwebkit2gtk-4_0-37-2.48.2-150400.4.119.1 * webkitgtk-6_0-injected-bundles-2.48.2-150400.4.119.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.48.2-150400.4.119.1 * typelib-1_0-JavaScriptCore-4_0-2.48.2-150400.4.119.1 * webkit2gtk-4_0-injected-bundles-2.48.2-150400.4.119.1 * typelib-1_0-WebKit2WebExtension-4_1-2.48.2-150400.4.119.1 * libwebkit2gtk-4_1-0-debuginfo-2.48.2-150400.4.119.1 * webkit2gtk3-debugsource-2.48.2-150400.4.119.1 * libwebkitgtk-6_0-4-debuginfo-2.48.2-150400.4.119.1 * libwebkitgtk-6_0-4-2.48.2-150400.4.119.1 * webkit2gtk4-debugsource-2.48.2-150400.4.119.1 * typelib-1_0-WebKit2WebExtension-4_0-2.48.2-150400.4.119.1 * libjavascriptcoregtk-4_1-0-2.48.2-150400.4.119.1 * webkit2gtk3-devel-2.48.2-150400.4.119.1 * webkit2gtk3-soup2-debugsource-2.48.2-150400.4.119.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.48.2-150400.4.119.1 * typelib-1_0-WebKit2-4_0-2.48.2-150400.4.119.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * WebKitGTK-4.0-lang-2.48.2-150400.4.119.1 * WebKitGTK-6.0-lang-2.48.2-150400.4.119.1 * WebKitGTK-4.1-lang-2.48.2-150400.4.119.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * libwebkit2gtk-4_1-0-2.48.2-150400.4.119.1 * libwebkit2gtk-4_0-37-debuginfo-2.48.2-150400.4.119.1 * libjavascriptcoregtk-6_0-1-2.48.2-150400.4.119.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.48.2-150400.4.119.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.48.2-150400.4.119.1 * webkit2gtk-4_1-injected-bundles-2.48.2-150400.4.119.1 * typelib-1_0-JavaScriptCore-4_1-2.48.2-150400.4.119.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.2-150400.4.119.1 * typelib-1_0-WebKit2-4_1-2.48.2-150400.4.119.1 * webkit2gtk3-soup2-devel-2.48.2-150400.4.119.1 * libjavascriptcoregtk-4_0-18-2.48.2-150400.4.119.1 * libwebkit2gtk-4_0-37-2.48.2-150400.4.119.1 * webkitgtk-6_0-injected-bundles-2.48.2-150400.4.119.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.48.2-150400.4.119.1 * typelib-1_0-JavaScriptCore-4_0-2.48.2-150400.4.119.1 * webkit2gtk-4_0-injected-bundles-2.48.2-150400.4.119.1 * typelib-1_0-WebKit2WebExtension-4_1-2.48.2-150400.4.119.1 * libwebkit2gtk-4_1-0-debuginfo-2.48.2-150400.4.119.1 * webkit2gtk3-debugsource-2.48.2-150400.4.119.1 * libwebkitgtk-6_0-4-debuginfo-2.48.2-150400.4.119.1 * libwebkitgtk-6_0-4-2.48.2-150400.4.119.1 * webkit2gtk4-debugsource-2.48.2-150400.4.119.1 * typelib-1_0-WebKit2WebExtension-4_0-2.48.2-150400.4.119.1 * libjavascriptcoregtk-4_1-0-2.48.2-150400.4.119.1 * webkit2gtk3-devel-2.48.2-150400.4.119.1 * webkit2gtk3-soup2-debugsource-2.48.2-150400.4.119.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.48.2-150400.4.119.1 * typelib-1_0-WebKit2-4_0-2.48.2-150400.4.119.1 * SUSE Manager Proxy 4.3 (noarch) * WebKitGTK-4.0-lang-2.48.2-150400.4.119.1 * SUSE Manager Proxy 4.3 (x86_64) * typelib-1_0-JavaScriptCore-4_0-2.48.2-150400.4.119.1 * webkit2gtk-4_0-injected-bundles-2.48.2-150400.4.119.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.2-150400.4.119.1 * webkit2gtk3-soup2-devel-2.48.2-150400.4.119.1 * libwebkit2gtk-4_0-37-2.48.2-150400.4.119.1 * libjavascriptcoregtk-4_0-18-2.48.2-150400.4.119.1 * webkit2gtk3-soup2-debugsource-2.48.2-150400.4.119.1 * libwebkit2gtk-4_0-37-debuginfo-2.48.2-150400.4.119.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.48.2-150400.4.119.1 * typelib-1_0-WebKit2WebExtension-4_0-2.48.2-150400.4.119.1 * typelib-1_0-WebKit2-4_0-2.48.2-150400.4.119.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * WebKitGTK-4.0-lang-2.48.2-150400.4.119.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * typelib-1_0-JavaScriptCore-4_0-2.48.2-150400.4.119.1 * webkit2gtk-4_0-injected-bundles-2.48.2-150400.4.119.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.2-150400.4.119.1 * webkit2gtk3-soup2-devel-2.48.2-150400.4.119.1 * libwebkit2gtk-4_0-37-2.48.2-150400.4.119.1 * libjavascriptcoregtk-4_0-18-2.48.2-150400.4.119.1 * webkit2gtk3-soup2-debugsource-2.48.2-150400.4.119.1 * libwebkit2gtk-4_0-37-debuginfo-2.48.2-150400.4.119.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.48.2-150400.4.119.1 * typelib-1_0-WebKit2WebExtension-4_0-2.48.2-150400.4.119.1 * typelib-1_0-WebKit2-4_0-2.48.2-150400.4.119.1 * SUSE Manager Server 4.3 (noarch) * WebKitGTK-4.0-lang-2.48.2-150400.4.119.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * typelib-1_0-JavaScriptCore-4_0-2.48.2-150400.4.119.1 * webkit2gtk-4_0-injected-bundles-2.48.2-150400.4.119.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.2-150400.4.119.1 * webkit2gtk3-soup2-devel-2.48.2-150400.4.119.1 * libwebkit2gtk-4_0-37-2.48.2-150400.4.119.1 * libjavascriptcoregtk-4_0-18-2.48.2-150400.4.119.1 * webkit2gtk3-soup2-debugsource-2.48.2-150400.4.119.1 * libwebkit2gtk-4_0-37-debuginfo-2.48.2-150400.4.119.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.48.2-150400.4.119.1 * typelib-1_0-WebKit2WebExtension-4_0-2.48.2-150400.4.119.1 * typelib-1_0-WebKit2-4_0-2.48.2-150400.4.119.1 ## References: * https://www.suse.com/security/cve/CVE-2023-42875.html * https://www.suse.com/security/cve/CVE-2023-42970.html * https://www.suse.com/security/cve/CVE-2025-24223.html * https://www.suse.com/security/cve/CVE-2025-31204.html * https://www.suse.com/security/cve/CVE-2025-31205.html * https://www.suse.com/security/cve/CVE-2025-31206.html * https://www.suse.com/security/cve/CVE-2025-31215.html * https://www.suse.com/security/cve/CVE-2025-31257.html * https://bugzilla.suse.com/show_bug.cgi?id=1241158 * https://bugzilla.suse.com/show_bug.cgi?id=1241160 * https://bugzilla.suse.com/show_bug.cgi?id=1243282 * https://bugzilla.suse.com/show_bug.cgi?id=1243286 * https://bugzilla.suse.com/show_bug.cgi?id=1243288 * https://bugzilla.suse.com/show_bug.cgi?id=1243289 * https://bugzilla.suse.com/show_bug.cgi?id=1243424 * https://bugzilla.suse.com/show_bug.cgi?id=1243596 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 28 12:30:16 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 28 May 2025 12:30:16 -0000 Subject: SUSE-SU-2025:01723-1: important: Security update for python39-setuptools Message-ID: <174843541665.5286.12250596899163027356@smelt2.prg2.suse.org> # Security update for python39-setuptools Announcement ID: SUSE-SU-2025:01723-1 Release Date: 2025-05-28T11:08:37Z Rating: important References: * bsc#1243313 Cross-References: * CVE-2025-47273 CVSS scores: * CVE-2025-47273 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-47273 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2025-47273 ( NVD ): 7.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves one vulnerability can now be installed. ## Description: This update for python39-setuptools fixes the following issues: * CVE-2025-47273: path traversal in PackageIndex.download may lead to an arbitrary file write (bsc#1243313). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-1723=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1723=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1723=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1723=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1723=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1723=1 ## Package List: * openSUSE Leap 15.3 (noarch) * python39-setuptools-44.1.1-150300.7.12.1 * openSUSE Leap 15.6 (noarch) * python39-setuptools-44.1.1-150300.7.12.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * python39-setuptools-44.1.1-150300.7.12.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * python39-setuptools-44.1.1-150300.7.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * python39-setuptools-44.1.1-150300.7.12.1 * SUSE Enterprise Storage 7.1 (noarch) * python39-setuptools-44.1.1-150300.7.12.1 ## References: * https://www.suse.com/security/cve/CVE-2025-47273.html * https://bugzilla.suse.com/show_bug.cgi?id=1243313 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 28 12:30:21 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 28 May 2025 12:30:21 -0000 Subject: SUSE-RU-2025:01722-1: important: Recommended update for osinfo-db Message-ID: <174843542195.5286.3481787594162923884@smelt2.prg2.suse.org> # Recommended update for osinfo-db Announcement ID: SUSE-RU-2025:01722-1 Release Date: 2025-05-28T09:37:26Z Rating: important References: * bsc#1236252 * bsc#1236401 * bsc#1240121 * bsc#1240338 * bsc#1243296 * jsc#PED-8910 Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that contains one feature and has five fixes can now be installed. ## Description: This update for osinfo-db fixes the following issues: * virt-manager-common package version which supports SLES16 ISO layout (bsc#1243296) * [SLEMicro6.2] osinfo-db: Add support for slem6.2 to the database (bsc#1240121) * virt-manager: Windows Server 2025 is not automatically detected and missing from manual selection (bsc#1240338) * Modify SLES and Leap 16 database entries to define new volume id of Agama 12 ISOs (bsc#1236401) * Add for SLES 16 / Leap 16, * Drop patches contained in new tarball * Add support for (jsc#PED-8910): * openSUSE Leap 16.0 * SLES-16 (bsc#1236252) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1722=1 openSUSE-SLE-15.6-2025-1722=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1722=1 ## Package List: * openSUSE Leap 15.6 (noarch) * osinfo-db-20250124-150600.5.8.1 * Basesystem Module 15-SP6 (noarch) * osinfo-db-20250124-150600.5.8.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1236252 * https://bugzilla.suse.com/show_bug.cgi?id=1236401 * https://bugzilla.suse.com/show_bug.cgi?id=1240121 * https://bugzilla.suse.com/show_bug.cgi?id=1240338 * https://bugzilla.suse.com/show_bug.cgi?id=1243296 * https://jira.suse.com/browse/PED-8910 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 28 12:30:24 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 28 May 2025 12:30:24 -0000 Subject: SUSE-RU-2025:01376-1: moderate: Recommended update for libgcrypt Message-ID: <174843542406.5286.16863694962451103728@smelt2.prg2.suse.org> # Recommended update for libgcrypt Announcement ID: SUSE-RU-2025:01376-1 Release Date: 2025-05-28T06:51:56Z Rating: moderate References: * bsc#1241605 Affected Products: * Certifications Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that has one fix can now be installed. ## Description: This update for libgcrypt fixes the following issues: * FIPS: Pad PKCS1.5 signatures with SHA3 correctly [bsc#1241605] ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Certifications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Certifications-15-SP7-2025-1376=1 ## Package List: * Certifications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libgcrypt20-debuginfo-1.10.3-150600.3.6.1 * libgcrypt-debugsource-1.10.3-150600.3.6.1 * libgcrypt20-1.10.3-150600.3.6.1 * libgcrypt-devel-1.10.3-150600.3.6.1 * libgcrypt-devel-debuginfo-1.10.3-150600.3.6.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1241605 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 28 12:30:25 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 28 May 2025 12:30:25 -0000 Subject: SUSE-RU-2025:01721-1: moderate: Recommended update for hwdata Message-ID: <174843542545.5286.10891833873112581468@smelt2.prg2.suse.org> # Recommended update for hwdata Announcement ID: SUSE-RU-2025:01721-1 Release Date: 2025-05-27T16:00:51Z Rating: moderate References: Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.3 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 * SUSE Linux Enterprise Desktop 15 SP1 * SUSE Linux Enterprise Desktop 15 SP2 * SUSE Linux Enterprise Desktop 15 SP3 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 * SUSE Linux Enterprise High Performance Computing 15 SP1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP1 * SUSE Linux Enterprise Real Time 15 SP2 * SUSE Linux Enterprise Real Time 15 SP3 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 * SUSE Linux Enterprise Server 15 SP1 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 * SUSE Linux Enterprise Server for SAP Applications 15 SP1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Manager Client Tools for SLE 15 * SUSE Manager Proxy 4.3 * SUSE Manager Proxy 4.3 Module * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 Module An update that can now be installed. ## Description: This update for hwdata fixes the following issue: * Version update 0.394: * Update pci, usb and vendor ids * Fix usb.ids encoding and a couple of typos * Fix configure to honor --prefix ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1721=1 * SUSE Manager Client Tools for SLE 15 zypper in -t patch SUSE-SLE-Manager-Tools-15-2025-1721=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1721=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1721=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1721=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1721=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-1721=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1721=1 * SUSE Manager Proxy 4.3 Module zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Proxy-4.3-2025-1721=1 * SUSE Manager Server 4.3 Module zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.3-2025-1721=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1721=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1721=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1721=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1721=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1721=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1721=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1721=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1721=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1721=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1721=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1721=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-1721=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-1721=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-1721=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1721=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1721=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1721=1 ## Package List: * openSUSE Leap 15.6 (noarch) * hwdata-0.394-150000.3.77.2 * SUSE Manager Client Tools for SLE 15 (noarch) * hwdata-0.394-150000.3.77.2 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * hwdata-0.394-150000.3.77.2 * SUSE Linux Enterprise Micro 5.3 (noarch) * hwdata-0.394-150000.3.77.2 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * hwdata-0.394-150000.3.77.2 * SUSE Linux Enterprise Micro 5.4 (noarch) * hwdata-0.394-150000.3.77.2 * SUSE Linux Enterprise Micro 5.5 (noarch) * hwdata-0.394-150000.3.77.2 * Basesystem Module 15-SP6 (noarch) * hwdata-0.394-150000.3.77.2 * SUSE Manager Proxy 4.3 Module (noarch) * hwdata-0.394-150000.3.77.2 * SUSE Manager Server 4.3 Module (noarch) * hwdata-0.394-150000.3.77.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * hwdata-0.394-150000.3.77.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * hwdata-0.394-150000.3.77.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * hwdata-0.394-150000.3.77.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * hwdata-0.394-150000.3.77.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * hwdata-0.394-150000.3.77.2 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * hwdata-0.394-150000.3.77.2 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * hwdata-0.394-150000.3.77.2 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * hwdata-0.394-150000.3.77.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * hwdata-0.394-150000.3.77.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * hwdata-0.394-150000.3.77.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * hwdata-0.394-150000.3.77.2 * SUSE Manager Proxy 4.3 (noarch) * hwdata-0.394-150000.3.77.2 * SUSE Manager Retail Branch Server 4.3 (noarch) * hwdata-0.394-150000.3.77.2 * SUSE Manager Server 4.3 (noarch) * hwdata-0.394-150000.3.77.2 * SUSE Enterprise Storage 7.1 (noarch) * hwdata-0.394-150000.3.77.2 * SUSE Linux Enterprise Micro 5.2 (noarch) * hwdata-0.394-150000.3.77.2 * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch) * hwdata-0.394-150000.3.77.2 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 28 12:30:32 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 28 May 2025 12:30:32 -0000 Subject: SUSE-SU-2025:01720-1: important: Security update for webkit2gtk3 Message-ID: <174843543242.5286.2267305377582165135@smelt2.prg2.suse.org> # Security update for webkit2gtk3 Announcement ID: SUSE-SU-2025:01720-1 Release Date: 2025-05-27T13:54:59Z Rating: important References: * bsc#1241158 * bsc#1241160 * bsc#1243282 * bsc#1243286 * bsc#1243288 * bsc#1243289 * bsc#1243424 * bsc#1243596 Cross-References: * CVE-2023-42875 * CVE-2023-42970 * CVE-2025-24223 * CVE-2025-31204 * CVE-2025-31205 * CVE-2025-31206 * CVE-2025-31215 * CVE-2025-31257 CVSS scores: * CVE-2023-42875 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2023-42875 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N * CVE-2023-42875 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N * CVE-2023-42970 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2023-42970 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2023-42970 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-24223 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-24223 ( SUSE ): 8.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2025-24223 ( NVD ): 8.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2025-31204 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-31204 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-31205 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2025-31205 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2025-31206 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-31206 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-31215 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-31215 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-31257 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-31257 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-31257 ( NVD ): 4.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves eight vulnerabilities can now be installed. ## Description: This update for webkit2gtk3 fixes the following issues: Update to version 2.48.2. Security issues fixed: * CVE-2025-31205: lack of checks may lead to cross-origin data exfiltration through a malicious website (bsc#1243282). * CVE-2025-31204: improper memory handling when processing certain web content may lead to memory corruption (bsc#1243286). * CVE-2025-31206: type confusion issue when processing certain web content may lead to an unexpected crash (bsc#1243288). * CVE-2025-31215: lack of checks when processing certain web content may lead to an unexpected crash (bsc#1243289). * CVE-2025-31257: improper memory handling when processing certain web content may lead to an unexpected crash (bsc#1243596). * CVE-2025-24223: improper memory handling when processing certain web content may lead to memory corruption (bsc#1243424). Other changes and issues fixed: * Enable CSS overscroll behavior by default. * Change threaded rendering implementation to use Skia API instead of WebCore display list that is not thread safe. * Fix rendering when device scale factor change comes before the web view geometry update. * Fix network process crash on exit. * Fix the build with ENABLE_RESOURCE_USAGE=OFF. * Fix several crashes and rendering issues. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-1720=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1720=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * webkit2gtk3-devel-2.48.2-4.38.1 * libwebkit2gtk-4_0-37-debuginfo-2.48.2-4.38.1 * typelib-1_0-WebKit2-4_0-2.48.2-4.38.1 * libjavascriptcoregtk-4_0-18-2.48.2-4.38.1 * libwebkit2gtk-4_0-37-2.48.2-4.38.1 * typelib-1_0-WebKit2WebExtension-4_0-2.48.2-4.38.1 * webkit2gtk-4_0-injected-bundles-2.48.2-4.38.1 * typelib-1_0-JavaScriptCore-4_0-2.48.2-4.38.1 * webkit2gtk3-debugsource-2.48.2-4.38.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.48.2-4.38.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * libwebkit2gtk3-lang-2.48.2-4.38.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (ppc64le s390x x86_64) * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.2-4.38.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * webkit2gtk3-devel-2.48.2-4.38.1 * libwebkit2gtk-4_0-37-debuginfo-2.48.2-4.38.1 * typelib-1_0-WebKit2-4_0-2.48.2-4.38.1 * libjavascriptcoregtk-4_0-18-2.48.2-4.38.1 * libwebkit2gtk-4_0-37-2.48.2-4.38.1 * typelib-1_0-WebKit2WebExtension-4_0-2.48.2-4.38.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.2-4.38.1 * webkit2gtk-4_0-injected-bundles-2.48.2-4.38.1 * typelib-1_0-JavaScriptCore-4_0-2.48.2-4.38.1 * webkit2gtk3-debugsource-2.48.2-4.38.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.48.2-4.38.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * libwebkit2gtk3-lang-2.48.2-4.38.1 ## References: * https://www.suse.com/security/cve/CVE-2023-42875.html * https://www.suse.com/security/cve/CVE-2023-42970.html * https://www.suse.com/security/cve/CVE-2025-24223.html * https://www.suse.com/security/cve/CVE-2025-31204.html * https://www.suse.com/security/cve/CVE-2025-31205.html * https://www.suse.com/security/cve/CVE-2025-31206.html * https://www.suse.com/security/cve/CVE-2025-31215.html * https://www.suse.com/security/cve/CVE-2025-31257.html * https://bugzilla.suse.com/show_bug.cgi?id=1241158 * https://bugzilla.suse.com/show_bug.cgi?id=1241160 * https://bugzilla.suse.com/show_bug.cgi?id=1243282 * https://bugzilla.suse.com/show_bug.cgi?id=1243286 * https://bugzilla.suse.com/show_bug.cgi?id=1243288 * https://bugzilla.suse.com/show_bug.cgi?id=1243289 * https://bugzilla.suse.com/show_bug.cgi?id=1243424 * https://bugzilla.suse.com/show_bug.cgi?id=1243596 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 28 12:30:33 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 28 May 2025 12:30:33 -0000 Subject: SUSE-RU-2025:01719-1: moderate: Recommended update for lifecycle-data-sle-module-containers Message-ID: <174843543378.5286.3090722043623249836@smelt2.prg2.suse.org> # Recommended update for lifecycle-data-sle-module-containers Announcement ID: SUSE-RU-2025:01719-1 Release Date: 2025-05-27T13:47:41Z Rating: moderate References: * jsc#PED-11106 Affected Products: * Containers Module 15-SP6 * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that contains one feature can now be installed. ## Description: This update for lifecycle-data-sle-module-containers fixes the following issues: * initial data for now EOL kubernetes client packages. (jsc#PED-11106) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-1719=1 * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2025-1719=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1719=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1719=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1719=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1719=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1719=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1719=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1719=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1719=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1719=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1719=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1719=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1719=1 ## Package List: * openSUSE Leap 15.3 (noarch) * lifecycle-data-sle-module-containers-1-150300.7.3.1 * Containers Module 15-SP6 (noarch) * lifecycle-data-sle-module-containers-1-150300.7.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * lifecycle-data-sle-module-containers-1-150300.7.3.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * lifecycle-data-sle-module-containers-1-150300.7.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * lifecycle-data-sle-module-containers-1-150300.7.3.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * lifecycle-data-sle-module-containers-1-150300.7.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * lifecycle-data-sle-module-containers-1-150300.7.3.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * lifecycle-data-sle-module-containers-1-150300.7.3.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * lifecycle-data-sle-module-containers-1-150300.7.3.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * lifecycle-data-sle-module-containers-1-150300.7.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * lifecycle-data-sle-module-containers-1-150300.7.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * lifecycle-data-sle-module-containers-1-150300.7.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * lifecycle-data-sle-module-containers-1-150300.7.3.1 * SUSE Enterprise Storage 7.1 (noarch) * lifecycle-data-sle-module-containers-1-150300.7.3.1 ## References: * https://jira.suse.com/browse/PED-11106 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 28 12:30:36 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 28 May 2025 12:30:36 -0000 Subject: SUSE-SU-2025:01718-1: important: Security update for gstreamer-plugins-bad Message-ID: <174843543694.5286.14565418701066968240@smelt2.prg2.suse.org> # Security update for gstreamer-plugins-bad Announcement ID: SUSE-SU-2025:01718-1 Release Date: 2025-05-27T12:53:49Z Rating: important References: * bsc#1242809 Cross-References: * CVE-2025-3887 CVSS scores: * CVE-2025-3887 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-3887 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-3887 ( NVD ): 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves one vulnerability can now be installed. ## Description: This update for gstreamer-plugins-bad fixes the following issues: * CVE-2025-3887: Fixed possible RCE vulnerability via buffer overflow in H265 Codec Parsing (bsc#1242809). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-1718=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1718=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1718=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1718=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1718=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * libgsturidownloader-1_0-0-debuginfo-1.16.3-150300.9.21.1 * libgstplayer-1_0-0-debuginfo-1.16.3-150300.9.21.1 * gstreamer-plugins-bad-doc-1.16.3-150300.9.21.1 * gstreamer-plugins-bad-1.16.3-150300.9.21.1 * gstreamer-plugins-bad-debuginfo-1.16.3-150300.9.21.1 * libgstisoff-1_0-0-1.16.3-150300.9.21.1 * libgstinsertbin-1_0-0-1.16.3-150300.9.21.1 * libgstphotography-1_0-0-debuginfo-1.16.3-150300.9.21.1 * libgstmpegts-1_0-0-1.16.3-150300.9.21.1 * libgstsctp-1_0-0-debuginfo-1.16.3-150300.9.21.1 * libgstinsertbin-1_0-0-debuginfo-1.16.3-150300.9.21.1 * libgstisoff-1_0-0-debuginfo-1.16.3-150300.9.21.1 * libgstcodecparsers-1_0-0-1.16.3-150300.9.21.1 * gstreamer-plugins-bad-debugsource-1.16.3-150300.9.21.1 * typelib-1_0-GstPlayer-1_0-1.16.3-150300.9.21.1 * libgstbadaudio-1_0-0-debuginfo-1.16.3-150300.9.21.1 * libgstwayland-1_0-0-debuginfo-1.16.3-150300.9.21.1 * libgstadaptivedemux-1_0-0-debuginfo-1.16.3-150300.9.21.1 * gstreamer-plugins-bad-chromaprint-1.16.3-150300.9.21.1 * gstreamer-plugins-bad-chromaprint-debuginfo-1.16.3-150300.9.21.1 * typelib-1_0-GstWebRTC-1_0-1.16.3-150300.9.21.1 * libgstsctp-1_0-0-1.16.3-150300.9.21.1 * libgstwayland-1_0-0-1.16.3-150300.9.21.1 * libgstmpegts-1_0-0-debuginfo-1.16.3-150300.9.21.1 * gstreamer-plugins-bad-devel-1.16.3-150300.9.21.1 * libgstbasecamerabinsrc-1_0-0-1.16.3-150300.9.21.1 * libgstwebrtc-1_0-0-debuginfo-1.16.3-150300.9.21.1 * libgstbadaudio-1_0-0-1.16.3-150300.9.21.1 * libgstcodecparsers-1_0-0-debuginfo-1.16.3-150300.9.21.1 * typelib-1_0-GstMpegts-1_0-1.16.3-150300.9.21.1 * libgstwebrtc-1_0-0-1.16.3-150300.9.21.1 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.16.3-150300.9.21.1 * typelib-1_0-GstInsertBin-1_0-1.16.3-150300.9.21.1 * libgsturidownloader-1_0-0-1.16.3-150300.9.21.1 * libgstadaptivedemux-1_0-0-1.16.3-150300.9.21.1 * libgstphotography-1_0-0-1.16.3-150300.9.21.1 * libgstplayer-1_0-0-1.16.3-150300.9.21.1 * openSUSE Leap 15.3 (x86_64) * libgstbadaudio-1_0-0-32bit-debuginfo-1.16.3-150300.9.21.1 * gstreamer-plugins-bad-chromaprint-32bit-debuginfo-1.16.3-150300.9.21.1 * gstreamer-plugins-bad-32bit-1.16.3-150300.9.21.1 * libgstmpegts-1_0-0-32bit-1.16.3-150300.9.21.1 * libgstcodecparsers-1_0-0-32bit-1.16.3-150300.9.21.1 * libgstsctp-1_0-0-32bit-1.16.3-150300.9.21.1 * libgsturidownloader-1_0-0-32bit-1.16.3-150300.9.21.1 * libgstwayland-1_0-0-32bit-debuginfo-1.16.3-150300.9.21.1 * libgstphotography-1_0-0-32bit-1.16.3-150300.9.21.1 * libgstbasecamerabinsrc-1_0-0-32bit-1.16.3-150300.9.21.1 * libgstadaptivedemux-1_0-0-32bit-debuginfo-1.16.3-150300.9.21.1 * libgstmpegts-1_0-0-32bit-debuginfo-1.16.3-150300.9.21.1 * libgstsctp-1_0-0-32bit-debuginfo-1.16.3-150300.9.21.1 * libgstwayland-1_0-0-32bit-1.16.3-150300.9.21.1 * libgstbasecamerabinsrc-1_0-0-32bit-debuginfo-1.16.3-150300.9.21.1 * gstreamer-plugins-bad-chromaprint-32bit-1.16.3-150300.9.21.1 * libgstinsertbin-1_0-0-32bit-1.16.3-150300.9.21.1 * libgstinsertbin-1_0-0-32bit-debuginfo-1.16.3-150300.9.21.1 * libgstphotography-1_0-0-32bit-debuginfo-1.16.3-150300.9.21.1 * libgstisoff-1_0-0-32bit-debuginfo-1.16.3-150300.9.21.1 * libgstcodecparsers-1_0-0-32bit-debuginfo-1.16.3-150300.9.21.1 * libgsturidownloader-1_0-0-32bit-debuginfo-1.16.3-150300.9.21.1 * libgstplayer-1_0-0-32bit-1.16.3-150300.9.21.1 * libgstwebrtc-1_0-0-32bit-debuginfo-1.16.3-150300.9.21.1 * libgstadaptivedemux-1_0-0-32bit-1.16.3-150300.9.21.1 * libgstbadaudio-1_0-0-32bit-1.16.3-150300.9.21.1 * libgstplayer-1_0-0-32bit-debuginfo-1.16.3-150300.9.21.1 * gstreamer-plugins-bad-32bit-debuginfo-1.16.3-150300.9.21.1 * libgstisoff-1_0-0-32bit-1.16.3-150300.9.21.1 * libgstwebrtc-1_0-0-32bit-1.16.3-150300.9.21.1 * openSUSE Leap 15.3 (noarch) * gstreamer-plugins-bad-lang-1.16.3-150300.9.21.1 * openSUSE Leap 15.3 (aarch64_ilp32) * libgstcodecparsers-1_0-0-64bit-debuginfo-1.16.3-150300.9.21.1 * libgstmpegts-1_0-0-64bit-1.16.3-150300.9.21.1 * gstreamer-plugins-bad-64bit-debuginfo-1.16.3-150300.9.21.1 * libgstinsertbin-1_0-0-64bit-debuginfo-1.16.3-150300.9.21.1 * gstreamer-plugins-bad-chromaprint-64bit-1.16.3-150300.9.21.1 * libgstmpegts-1_0-0-64bit-debuginfo-1.16.3-150300.9.21.1 * libgstbadaudio-1_0-0-64bit-debuginfo-1.16.3-150300.9.21.1 * libgstsctp-1_0-0-64bit-debuginfo-1.16.3-150300.9.21.1 * libgstadaptivedemux-1_0-0-64bit-1.16.3-150300.9.21.1 * gstreamer-plugins-bad-64bit-1.16.3-150300.9.21.1 * libgstbadaudio-1_0-0-64bit-1.16.3-150300.9.21.1 * libgstwebrtc-1_0-0-64bit-debuginfo-1.16.3-150300.9.21.1 * libgstcodecparsers-1_0-0-64bit-1.16.3-150300.9.21.1 * gstreamer-plugins-bad-chromaprint-64bit-debuginfo-1.16.3-150300.9.21.1 * libgstwebrtc-1_0-0-64bit-1.16.3-150300.9.21.1 * libgstisoff-1_0-0-64bit-debuginfo-1.16.3-150300.9.21.1 * libgstplayer-1_0-0-64bit-1.16.3-150300.9.21.1 * libgstinsertbin-1_0-0-64bit-1.16.3-150300.9.21.1 * libgsturidownloader-1_0-0-64bit-debuginfo-1.16.3-150300.9.21.1 * libgstbasecamerabinsrc-1_0-0-64bit-debuginfo-1.16.3-150300.9.21.1 * libgstisoff-1_0-0-64bit-1.16.3-150300.9.21.1 * libgstphotography-1_0-0-64bit-1.16.3-150300.9.21.1 * libgstwayland-1_0-0-64bit-debuginfo-1.16.3-150300.9.21.1 * libgstwayland-1_0-0-64bit-1.16.3-150300.9.21.1 * libgstadaptivedemux-1_0-0-64bit-debuginfo-1.16.3-150300.9.21.1 * libgstplayer-1_0-0-64bit-debuginfo-1.16.3-150300.9.21.1 * libgstbasecamerabinsrc-1_0-0-64bit-1.16.3-150300.9.21.1 * libgsturidownloader-1_0-0-64bit-1.16.3-150300.9.21.1 * libgstsctp-1_0-0-64bit-1.16.3-150300.9.21.1 * libgstphotography-1_0-0-64bit-debuginfo-1.16.3-150300.9.21.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * libgsturidownloader-1_0-0-debuginfo-1.16.3-150300.9.21.1 * libgstplayer-1_0-0-debuginfo-1.16.3-150300.9.21.1 * gstreamer-plugins-bad-1.16.3-150300.9.21.1 * gstreamer-plugins-bad-debuginfo-1.16.3-150300.9.21.1 * libgstisoff-1_0-0-1.16.3-150300.9.21.1 * libgstinsertbin-1_0-0-1.16.3-150300.9.21.1 * libgstphotography-1_0-0-debuginfo-1.16.3-150300.9.21.1 * libgstmpegts-1_0-0-1.16.3-150300.9.21.1 * libgstsctp-1_0-0-debuginfo-1.16.3-150300.9.21.1 * libgstinsertbin-1_0-0-debuginfo-1.16.3-150300.9.21.1 * libgstisoff-1_0-0-debuginfo-1.16.3-150300.9.21.1 * libgstcodecparsers-1_0-0-1.16.3-150300.9.21.1 * gstreamer-plugins-bad-debugsource-1.16.3-150300.9.21.1 * typelib-1_0-GstPlayer-1_0-1.16.3-150300.9.21.1 * libgstbadaudio-1_0-0-debuginfo-1.16.3-150300.9.21.1 * libgstwayland-1_0-0-debuginfo-1.16.3-150300.9.21.1 * libgstadaptivedemux-1_0-0-debuginfo-1.16.3-150300.9.21.1 * gstreamer-plugins-bad-chromaprint-1.16.3-150300.9.21.1 * gstreamer-plugins-bad-chromaprint-debuginfo-1.16.3-150300.9.21.1 * typelib-1_0-GstWebRTC-1_0-1.16.3-150300.9.21.1 * libgstsctp-1_0-0-1.16.3-150300.9.21.1 * libgstwayland-1_0-0-1.16.3-150300.9.21.1 * libgstmpegts-1_0-0-debuginfo-1.16.3-150300.9.21.1 * gstreamer-plugins-bad-devel-1.16.3-150300.9.21.1 * libgstbasecamerabinsrc-1_0-0-1.16.3-150300.9.21.1 * libgstwebrtc-1_0-0-debuginfo-1.16.3-150300.9.21.1 * libgstbadaudio-1_0-0-1.16.3-150300.9.21.1 * libgstcodecparsers-1_0-0-debuginfo-1.16.3-150300.9.21.1 * typelib-1_0-GstMpegts-1_0-1.16.3-150300.9.21.1 * libgstwebrtc-1_0-0-1.16.3-150300.9.21.1 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.16.3-150300.9.21.1 * typelib-1_0-GstInsertBin-1_0-1.16.3-150300.9.21.1 * libgsturidownloader-1_0-0-1.16.3-150300.9.21.1 * libgstadaptivedemux-1_0-0-1.16.3-150300.9.21.1 * libgstphotography-1_0-0-1.16.3-150300.9.21.1 * libgstplayer-1_0-0-1.16.3-150300.9.21.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * gstreamer-plugins-bad-lang-1.16.3-150300.9.21.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * libgsturidownloader-1_0-0-debuginfo-1.16.3-150300.9.21.1 * libgstplayer-1_0-0-debuginfo-1.16.3-150300.9.21.1 * gstreamer-plugins-bad-1.16.3-150300.9.21.1 * gstreamer-plugins-bad-debuginfo-1.16.3-150300.9.21.1 * libgstisoff-1_0-0-1.16.3-150300.9.21.1 * libgstinsertbin-1_0-0-1.16.3-150300.9.21.1 * libgstphotography-1_0-0-debuginfo-1.16.3-150300.9.21.1 * libgstmpegts-1_0-0-1.16.3-150300.9.21.1 * libgstsctp-1_0-0-debuginfo-1.16.3-150300.9.21.1 * libgstinsertbin-1_0-0-debuginfo-1.16.3-150300.9.21.1 * libgstisoff-1_0-0-debuginfo-1.16.3-150300.9.21.1 * libgstcodecparsers-1_0-0-1.16.3-150300.9.21.1 * gstreamer-plugins-bad-debugsource-1.16.3-150300.9.21.1 * typelib-1_0-GstPlayer-1_0-1.16.3-150300.9.21.1 * libgstbadaudio-1_0-0-debuginfo-1.16.3-150300.9.21.1 * libgstwayland-1_0-0-debuginfo-1.16.3-150300.9.21.1 * libgstadaptivedemux-1_0-0-debuginfo-1.16.3-150300.9.21.1 * gstreamer-plugins-bad-chromaprint-1.16.3-150300.9.21.1 * gstreamer-plugins-bad-chromaprint-debuginfo-1.16.3-150300.9.21.1 * typelib-1_0-GstWebRTC-1_0-1.16.3-150300.9.21.1 * libgstsctp-1_0-0-1.16.3-150300.9.21.1 * libgstwayland-1_0-0-1.16.3-150300.9.21.1 * libgstmpegts-1_0-0-debuginfo-1.16.3-150300.9.21.1 * gstreamer-plugins-bad-devel-1.16.3-150300.9.21.1 * libgstbasecamerabinsrc-1_0-0-1.16.3-150300.9.21.1 * libgstwebrtc-1_0-0-debuginfo-1.16.3-150300.9.21.1 * libgstbadaudio-1_0-0-1.16.3-150300.9.21.1 * libgstcodecparsers-1_0-0-debuginfo-1.16.3-150300.9.21.1 * typelib-1_0-GstMpegts-1_0-1.16.3-150300.9.21.1 * libgstwebrtc-1_0-0-1.16.3-150300.9.21.1 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.16.3-150300.9.21.1 * typelib-1_0-GstInsertBin-1_0-1.16.3-150300.9.21.1 * libgsturidownloader-1_0-0-1.16.3-150300.9.21.1 * libgstadaptivedemux-1_0-0-1.16.3-150300.9.21.1 * libgstphotography-1_0-0-1.16.3-150300.9.21.1 * libgstplayer-1_0-0-1.16.3-150300.9.21.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * gstreamer-plugins-bad-lang-1.16.3-150300.9.21.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * libgsturidownloader-1_0-0-debuginfo-1.16.3-150300.9.21.1 * libgstplayer-1_0-0-debuginfo-1.16.3-150300.9.21.1 * gstreamer-plugins-bad-1.16.3-150300.9.21.1 * gstreamer-plugins-bad-debuginfo-1.16.3-150300.9.21.1 * libgstisoff-1_0-0-1.16.3-150300.9.21.1 * libgstinsertbin-1_0-0-1.16.3-150300.9.21.1 * libgstphotography-1_0-0-debuginfo-1.16.3-150300.9.21.1 * libgstmpegts-1_0-0-1.16.3-150300.9.21.1 * libgstsctp-1_0-0-debuginfo-1.16.3-150300.9.21.1 * libgstinsertbin-1_0-0-debuginfo-1.16.3-150300.9.21.1 * libgstisoff-1_0-0-debuginfo-1.16.3-150300.9.21.1 * libgstcodecparsers-1_0-0-1.16.3-150300.9.21.1 * gstreamer-plugins-bad-debugsource-1.16.3-150300.9.21.1 * typelib-1_0-GstPlayer-1_0-1.16.3-150300.9.21.1 * libgstbadaudio-1_0-0-debuginfo-1.16.3-150300.9.21.1 * libgstwayland-1_0-0-debuginfo-1.16.3-150300.9.21.1 * libgstadaptivedemux-1_0-0-debuginfo-1.16.3-150300.9.21.1 * gstreamer-plugins-bad-chromaprint-1.16.3-150300.9.21.1 * gstreamer-plugins-bad-chromaprint-debuginfo-1.16.3-150300.9.21.1 * typelib-1_0-GstWebRTC-1_0-1.16.3-150300.9.21.1 * libgstsctp-1_0-0-1.16.3-150300.9.21.1 * libgstwayland-1_0-0-1.16.3-150300.9.21.1 * libgstmpegts-1_0-0-debuginfo-1.16.3-150300.9.21.1 * gstreamer-plugins-bad-devel-1.16.3-150300.9.21.1 * libgstbasecamerabinsrc-1_0-0-1.16.3-150300.9.21.1 * libgstwebrtc-1_0-0-debuginfo-1.16.3-150300.9.21.1 * libgstbadaudio-1_0-0-1.16.3-150300.9.21.1 * libgstcodecparsers-1_0-0-debuginfo-1.16.3-150300.9.21.1 * typelib-1_0-GstMpegts-1_0-1.16.3-150300.9.21.1 * libgstwebrtc-1_0-0-1.16.3-150300.9.21.1 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.16.3-150300.9.21.1 * typelib-1_0-GstInsertBin-1_0-1.16.3-150300.9.21.1 * libgsturidownloader-1_0-0-1.16.3-150300.9.21.1 * libgstadaptivedemux-1_0-0-1.16.3-150300.9.21.1 * libgstphotography-1_0-0-1.16.3-150300.9.21.1 * libgstplayer-1_0-0-1.16.3-150300.9.21.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * gstreamer-plugins-bad-lang-1.16.3-150300.9.21.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * libgsturidownloader-1_0-0-debuginfo-1.16.3-150300.9.21.1 * libgstplayer-1_0-0-debuginfo-1.16.3-150300.9.21.1 * gstreamer-plugins-bad-1.16.3-150300.9.21.1 * gstreamer-plugins-bad-debuginfo-1.16.3-150300.9.21.1 * libgstisoff-1_0-0-1.16.3-150300.9.21.1 * libgstinsertbin-1_0-0-1.16.3-150300.9.21.1 * libgstphotography-1_0-0-debuginfo-1.16.3-150300.9.21.1 * libgstmpegts-1_0-0-1.16.3-150300.9.21.1 * libgstsctp-1_0-0-debuginfo-1.16.3-150300.9.21.1 * libgstinsertbin-1_0-0-debuginfo-1.16.3-150300.9.21.1 * libgstisoff-1_0-0-debuginfo-1.16.3-150300.9.21.1 * libgstcodecparsers-1_0-0-1.16.3-150300.9.21.1 * gstreamer-plugins-bad-debugsource-1.16.3-150300.9.21.1 * typelib-1_0-GstPlayer-1_0-1.16.3-150300.9.21.1 * libgstbadaudio-1_0-0-debuginfo-1.16.3-150300.9.21.1 * libgstwayland-1_0-0-debuginfo-1.16.3-150300.9.21.1 * libgstadaptivedemux-1_0-0-debuginfo-1.16.3-150300.9.21.1 * gstreamer-plugins-bad-chromaprint-1.16.3-150300.9.21.1 * gstreamer-plugins-bad-chromaprint-debuginfo-1.16.3-150300.9.21.1 * typelib-1_0-GstWebRTC-1_0-1.16.3-150300.9.21.1 * libgstsctp-1_0-0-1.16.3-150300.9.21.1 * libgstwayland-1_0-0-1.16.3-150300.9.21.1 * libgstmpegts-1_0-0-debuginfo-1.16.3-150300.9.21.1 * gstreamer-plugins-bad-devel-1.16.3-150300.9.21.1 * libgstbasecamerabinsrc-1_0-0-1.16.3-150300.9.21.1 * libgstwebrtc-1_0-0-debuginfo-1.16.3-150300.9.21.1 * libgstbadaudio-1_0-0-1.16.3-150300.9.21.1 * libgstcodecparsers-1_0-0-debuginfo-1.16.3-150300.9.21.1 * typelib-1_0-GstMpegts-1_0-1.16.3-150300.9.21.1 * libgstwebrtc-1_0-0-1.16.3-150300.9.21.1 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.16.3-150300.9.21.1 * typelib-1_0-GstInsertBin-1_0-1.16.3-150300.9.21.1 * libgsturidownloader-1_0-0-1.16.3-150300.9.21.1 * libgstadaptivedemux-1_0-0-1.16.3-150300.9.21.1 * libgstphotography-1_0-0-1.16.3-150300.9.21.1 * libgstplayer-1_0-0-1.16.3-150300.9.21.1 * SUSE Enterprise Storage 7.1 (noarch) * gstreamer-plugins-bad-lang-1.16.3-150300.9.21.1 ## References: * https://www.suse.com/security/cve/CVE-2025-3887.html * https://bugzilla.suse.com/show_bug.cgi?id=1242809 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 28 12:30:39 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 28 May 2025 12:30:39 -0000 Subject: SUSE-SU-2025:01717-1: important: Security update for gstreamer-plugins-bad Message-ID: <174843543987.5286.12306065224350565445@smelt2.prg2.suse.org> # Security update for gstreamer-plugins-bad Announcement ID: SUSE-SU-2025:01717-1 Release Date: 2025-05-27T12:51:35Z Rating: important References: * bsc#1242809 Cross-References: * CVE-2025-3887 CVSS scores: * CVE-2025-3887 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-3887 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-3887 ( NVD ): 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for gstreamer-plugins-bad fixes the following issues: * CVE-2025-3887: Fixed possible RCE vulnerability via buffer overflow in H265 Codec Parsing (bsc#1242809). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-1717=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1717=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1717=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1717=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1717=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * gstreamer-plugins-bad-chromaprint-1.22.0-150500.3.28.1 * libgstmpegts-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstvulkan-1_0-0-1.22.0-150500.3.28.1 * gstreamer-plugins-bad-1.22.0-150500.3.28.1 * libgstplay-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstinsertbin-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgsttranscoder-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstwebrtcnice-1_0-0-debuginfo-1.22.0-150500.3.28.1 * typelib-1_0-GstVa-1_0-1.22.0-150500.3.28.1 * libgstsctp-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstwebrtc-1_0-0-debuginfo-1.22.0-150500.3.28.1 * typelib-1_0-GstVulkan-1_0-1.22.0-150500.3.28.1 * typelib-1_0-GstVulkanXCB-1_0-1.22.0-150500.3.28.1 * gstreamer-plugins-bad-debuginfo-1.22.0-150500.3.28.1 * libgsturidownloader-1_0-0-1.22.0-150500.3.28.1 * libgstisoff-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstwebrtcnice-1_0-0-1.22.0-150500.3.28.1 * libgstadaptivedemux-1_0-0-1.22.0-150500.3.28.1 * typelib-1_0-GstPlayer-1_0-1.22.0-150500.3.28.1 * libgstsctp-1_0-0-1.22.0-150500.3.28.1 * libgstphotography-1_0-0-1.22.0-150500.3.28.1 * libgstwayland-1_0-0-debuginfo-1.22.0-150500.3.28.1 * typelib-1_0-GstTranscoder-1_0-1.22.0-150500.3.28.1 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstcodecparsers-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstcodecs-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstwebrtc-1_0-0-1.22.0-150500.3.28.1 * libgsttranscoder-1_0-0-1.22.0-150500.3.28.1 * typelib-1_0-CudaGst-1_0-1.22.0-150500.3.28.1 * libgstplayer-1_0-0-debuginfo-1.22.0-150500.3.28.1 * typelib-1_0-GstPlay-1_0-1.22.0-150500.3.28.1 * libgstva-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstcuda-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstwayland-1_0-0-1.22.0-150500.3.28.1 * libgstisoff-1_0-0-1.22.0-150500.3.28.1 * typelib-1_0-GstBadAudio-1_0-1.22.0-150500.3.28.1 * libgstcuda-1_0-0-1.22.0-150500.3.28.1 * libgstplayer-1_0-0-1.22.0-150500.3.28.1 * libgstadaptivedemux-1_0-0-debuginfo-1.22.0-150500.3.28.1 * typelib-1_0-GstMpegts-1_0-1.22.0-150500.3.28.1 * libgstcodecs-1_0-0-1.22.0-150500.3.28.1 * libgstvulkan-1_0-0-debuginfo-1.22.0-150500.3.28.1 * gstreamer-transcoder-1.22.0-150500.3.28.1 * libgstmpegts-1_0-0-1.22.0-150500.3.28.1 * typelib-1_0-GstInsertBin-1_0-1.22.0-150500.3.28.1 * gstreamer-transcoder-debuginfo-1.22.0-150500.3.28.1 * gstreamer-plugins-bad-debugsource-1.22.0-150500.3.28.1 * typelib-1_0-GstCodecs-1_0-1.22.0-150500.3.28.1 * libgstcodecparsers-1_0-0-1.22.0-150500.3.28.1 * libgsturidownloader-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstva-1_0-0-1.22.0-150500.3.28.1 * libgstphotography-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstbasecamerabinsrc-1_0-0-1.22.0-150500.3.28.1 * libgstbadaudio-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstplay-1_0-0-1.22.0-150500.3.28.1 * gstreamer-plugins-bad-chromaprint-debuginfo-1.22.0-150500.3.28.1 * gstreamer-transcoder-devel-1.22.0-150500.3.28.1 * gstreamer-plugins-bad-devel-1.22.0-150500.3.28.1 * typelib-1_0-GstCuda-1_0-1.22.0-150500.3.28.1 * libgstbadaudio-1_0-0-1.22.0-150500.3.28.1 * typelib-1_0-GstWebRTC-1_0-1.22.0-150500.3.28.1 * libgstinsertbin-1_0-0-1.22.0-150500.3.28.1 * typelib-1_0-GstVulkanWayland-1_0-1.22.0-150500.3.28.1 * openSUSE Leap 15.5 (x86_64) * libgstcodecs-1_0-0-32bit-1.22.0-150500.3.28.1 * libgstmpegts-1_0-0-32bit-1.22.0-150500.3.28.1 * libgstmpegts-1_0-0-32bit-debuginfo-1.22.0-150500.3.28.1 * libgstinsertbin-1_0-0-32bit-debuginfo-1.22.0-150500.3.28.1 * libgstinsertbin-1_0-0-32bit-1.22.0-150500.3.28.1 * libgstisoff-1_0-0-32bit-1.22.0-150500.3.28.1 * libgstisoff-1_0-0-32bit-debuginfo-1.22.0-150500.3.28.1 * libgsturidownloader-1_0-0-32bit-1.22.0-150500.3.28.1 * libgstwebrtcnice-1_0-0-32bit-debuginfo-1.22.0-150500.3.28.1 * libgstphotography-1_0-0-32bit-1.22.0-150500.3.28.1 * libgstwebrtc-1_0-0-32bit-1.22.0-150500.3.28.1 * gstreamer-plugins-bad-32bit-debuginfo-1.22.0-150500.3.28.1 * libgstbasecamerabinsrc-1_0-0-32bit-1.22.0-150500.3.28.1 * libgstcuda-1_0-0-32bit-1.22.0-150500.3.28.1 * libgstcodecparsers-1_0-0-32bit-debuginfo-1.22.0-150500.3.28.1 * libgstadaptivedemux-1_0-0-32bit-1.22.0-150500.3.28.1 * gstreamer-plugins-bad-32bit-1.22.0-150500.3.28.1 * libgstwebrtcnice-1_0-0-32bit-1.22.0-150500.3.28.1 * libgstadaptivedemux-1_0-0-32bit-debuginfo-1.22.0-150500.3.28.1 * libgstbadaudio-1_0-0-32bit-debuginfo-1.22.0-150500.3.28.1 * libgstva-1_0-0-32bit-1.22.0-150500.3.28.1 * gstreamer-plugins-bad-chromaprint-32bit-1.22.0-150500.3.28.1 * libgstbasecamerabinsrc-1_0-0-32bit-debuginfo-1.22.0-150500.3.28.1 * libgstcuda-1_0-0-32bit-debuginfo-1.22.0-150500.3.28.1 * libgstplayer-1_0-0-32bit-debuginfo-1.22.0-150500.3.28.1 * libgstwayland-1_0-0-32bit-debuginfo-1.22.0-150500.3.28.1 * libgsturidownloader-1_0-0-32bit-debuginfo-1.22.0-150500.3.28.1 * libgstplay-1_0-0-32bit-debuginfo-1.22.0-150500.3.28.1 * libgstcodecs-1_0-0-32bit-debuginfo-1.22.0-150500.3.28.1 * libgstsctp-1_0-0-32bit-1.22.0-150500.3.28.1 * libgstplayer-1_0-0-32bit-1.22.0-150500.3.28.1 * libgstvulkan-1_0-0-32bit-debuginfo-1.22.0-150500.3.28.1 * libgstplay-1_0-0-32bit-1.22.0-150500.3.28.1 * libgstva-1_0-0-32bit-debuginfo-1.22.0-150500.3.28.1 * libgstwebrtc-1_0-0-32bit-debuginfo-1.22.0-150500.3.28.1 * libgstbadaudio-1_0-0-32bit-1.22.0-150500.3.28.1 * libgstcodecparsers-1_0-0-32bit-1.22.0-150500.3.28.1 * libgstsctp-1_0-0-32bit-debuginfo-1.22.0-150500.3.28.1 * libgstphotography-1_0-0-32bit-debuginfo-1.22.0-150500.3.28.1 * libgstvulkan-1_0-0-32bit-1.22.0-150500.3.28.1 * gstreamer-plugins-bad-chromaprint-32bit-debuginfo-1.22.0-150500.3.28.1 * libgstwayland-1_0-0-32bit-1.22.0-150500.3.28.1 * openSUSE Leap 15.5 (noarch) * gstreamer-plugins-bad-lang-1.22.0-150500.3.28.1 * openSUSE Leap 15.5 (aarch64_ilp32) * libgstva-1_0-0-64bit-1.22.0-150500.3.28.1 * gstreamer-plugins-bad-chromaprint-64bit-1.22.0-150500.3.28.1 * libgstplay-1_0-0-64bit-1.22.0-150500.3.28.1 * libgsturidownloader-1_0-0-64bit-debuginfo-1.22.0-150500.3.28.1 * libgstplayer-1_0-0-64bit-debuginfo-1.22.0-150500.3.28.1 * libgstwebrtc-1_0-0-64bit-debuginfo-1.22.0-150500.3.28.1 * libgstbasecamerabinsrc-1_0-0-64bit-debuginfo-1.22.0-150500.3.28.1 * gstreamer-plugins-bad-64bit-1.22.0-150500.3.28.1 * libgstcodecs-1_0-0-64bit-1.22.0-150500.3.28.1 * libgstplayer-1_0-0-64bit-1.22.0-150500.3.28.1 * libgstwebrtcnice-1_0-0-64bit-1.22.0-150500.3.28.1 * libgstplay-1_0-0-64bit-debuginfo-1.22.0-150500.3.28.1 * libgstbadaudio-1_0-0-64bit-1.22.0-150500.3.28.1 * libgstwebrtcnice-1_0-0-64bit-debuginfo-1.22.0-150500.3.28.1 * libgsturidownloader-1_0-0-64bit-1.22.0-150500.3.28.1 * libgstcodecparsers-1_0-0-64bit-debuginfo-1.22.0-150500.3.28.1 * libgstsctp-1_0-0-64bit-1.22.0-150500.3.28.1 * gstreamer-plugins-bad-chromaprint-64bit-debuginfo-1.22.0-150500.3.28.1 * libgstwayland-1_0-0-64bit-debuginfo-1.22.0-150500.3.28.1 * libgstcodecparsers-1_0-0-64bit-1.22.0-150500.3.28.1 * libgstvulkan-1_0-0-64bit-1.22.0-150500.3.28.1 * libgstadaptivedemux-1_0-0-64bit-debuginfo-1.22.0-150500.3.28.1 * libgstcuda-1_0-0-64bit-1.22.0-150500.3.28.1 * libgstsctp-1_0-0-64bit-debuginfo-1.22.0-150500.3.28.1 * libgstphotography-1_0-0-64bit-debuginfo-1.22.0-150500.3.28.1 * libgstmpegts-1_0-0-64bit-debuginfo-1.22.0-150500.3.28.1 * libgstwayland-1_0-0-64bit-1.22.0-150500.3.28.1 * libgstinsertbin-1_0-0-64bit-debuginfo-1.22.0-150500.3.28.1 * gstreamer-plugins-bad-64bit-debuginfo-1.22.0-150500.3.28.1 * libgstvulkan-1_0-0-64bit-debuginfo-1.22.0-150500.3.28.1 * libgstva-1_0-0-64bit-debuginfo-1.22.0-150500.3.28.1 * libgstcodecs-1_0-0-64bit-debuginfo-1.22.0-150500.3.28.1 * libgstcuda-1_0-0-64bit-debuginfo-1.22.0-150500.3.28.1 * libgstinsertbin-1_0-0-64bit-1.22.0-150500.3.28.1 * libgstbadaudio-1_0-0-64bit-debuginfo-1.22.0-150500.3.28.1 * libgstbasecamerabinsrc-1_0-0-64bit-1.22.0-150500.3.28.1 * libgstisoff-1_0-0-64bit-1.22.0-150500.3.28.1 * libgstmpegts-1_0-0-64bit-1.22.0-150500.3.28.1 * libgstwebrtc-1_0-0-64bit-1.22.0-150500.3.28.1 * libgstisoff-1_0-0-64bit-debuginfo-1.22.0-150500.3.28.1 * libgstadaptivedemux-1_0-0-64bit-1.22.0-150500.3.28.1 * libgstphotography-1_0-0-64bit-1.22.0-150500.3.28.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * gstreamer-plugins-bad-chromaprint-1.22.0-150500.3.28.1 * libgstmpegts-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstvulkan-1_0-0-1.22.0-150500.3.28.1 * gstreamer-plugins-bad-1.22.0-150500.3.28.1 * libgstplay-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstinsertbin-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgsttranscoder-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstwebrtcnice-1_0-0-debuginfo-1.22.0-150500.3.28.1 * typelib-1_0-GstVa-1_0-1.22.0-150500.3.28.1 * libgstsctp-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstwebrtc-1_0-0-debuginfo-1.22.0-150500.3.28.1 * gstreamer-plugins-bad-debuginfo-1.22.0-150500.3.28.1 * libgsturidownloader-1_0-0-1.22.0-150500.3.28.1 * libgstisoff-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstwebrtcnice-1_0-0-1.22.0-150500.3.28.1 * libgstadaptivedemux-1_0-0-1.22.0-150500.3.28.1 * typelib-1_0-GstPlayer-1_0-1.22.0-150500.3.28.1 * libgstsctp-1_0-0-1.22.0-150500.3.28.1 * libgstphotography-1_0-0-1.22.0-150500.3.28.1 * libgstwayland-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstcodecparsers-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstcodecs-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstwebrtc-1_0-0-1.22.0-150500.3.28.1 * libgsttranscoder-1_0-0-1.22.0-150500.3.28.1 * typelib-1_0-CudaGst-1_0-1.22.0-150500.3.28.1 * libgstplayer-1_0-0-debuginfo-1.22.0-150500.3.28.1 * typelib-1_0-GstPlay-1_0-1.22.0-150500.3.28.1 * libgstva-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstcuda-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstwayland-1_0-0-1.22.0-150500.3.28.1 * libgstisoff-1_0-0-1.22.0-150500.3.28.1 * typelib-1_0-GstBadAudio-1_0-1.22.0-150500.3.28.1 * libgstcuda-1_0-0-1.22.0-150500.3.28.1 * libgstplayer-1_0-0-1.22.0-150500.3.28.1 * libgstadaptivedemux-1_0-0-debuginfo-1.22.0-150500.3.28.1 * typelib-1_0-GstMpegts-1_0-1.22.0-150500.3.28.1 * libgstcodecs-1_0-0-1.22.0-150500.3.28.1 * libgstvulkan-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstmpegts-1_0-0-1.22.0-150500.3.28.1 * typelib-1_0-GstInsertBin-1_0-1.22.0-150500.3.28.1 * typelib-1_0-GstCodecs-1_0-1.22.0-150500.3.28.1 * gstreamer-plugins-bad-debugsource-1.22.0-150500.3.28.1 * libgstcodecparsers-1_0-0-1.22.0-150500.3.28.1 * libgsturidownloader-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstva-1_0-0-1.22.0-150500.3.28.1 * libgstphotography-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstbasecamerabinsrc-1_0-0-1.22.0-150500.3.28.1 * libgstbadaudio-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstplay-1_0-0-1.22.0-150500.3.28.1 * gstreamer-plugins-bad-chromaprint-debuginfo-1.22.0-150500.3.28.1 * gstreamer-plugins-bad-devel-1.22.0-150500.3.28.1 * typelib-1_0-GstCuda-1_0-1.22.0-150500.3.28.1 * libgstbadaudio-1_0-0-1.22.0-150500.3.28.1 * typelib-1_0-GstWebRTC-1_0-1.22.0-150500.3.28.1 * libgstinsertbin-1_0-0-1.22.0-150500.3.28.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * gstreamer-plugins-bad-lang-1.22.0-150500.3.28.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * gstreamer-plugins-bad-chromaprint-1.22.0-150500.3.28.1 * libgstmpegts-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstvulkan-1_0-0-1.22.0-150500.3.28.1 * gstreamer-plugins-bad-1.22.0-150500.3.28.1 * libgstplay-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstinsertbin-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgsttranscoder-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstwebrtcnice-1_0-0-debuginfo-1.22.0-150500.3.28.1 * typelib-1_0-GstVa-1_0-1.22.0-150500.3.28.1 * libgstsctp-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstwebrtc-1_0-0-debuginfo-1.22.0-150500.3.28.1 * gstreamer-plugins-bad-debuginfo-1.22.0-150500.3.28.1 * libgsturidownloader-1_0-0-1.22.0-150500.3.28.1 * libgstisoff-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstwebrtcnice-1_0-0-1.22.0-150500.3.28.1 * libgstadaptivedemux-1_0-0-1.22.0-150500.3.28.1 * typelib-1_0-GstPlayer-1_0-1.22.0-150500.3.28.1 * libgstsctp-1_0-0-1.22.0-150500.3.28.1 * libgstphotography-1_0-0-1.22.0-150500.3.28.1 * libgstwayland-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstcodecparsers-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstcodecs-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstwebrtc-1_0-0-1.22.0-150500.3.28.1 * libgsttranscoder-1_0-0-1.22.0-150500.3.28.1 * typelib-1_0-CudaGst-1_0-1.22.0-150500.3.28.1 * libgstplayer-1_0-0-debuginfo-1.22.0-150500.3.28.1 * typelib-1_0-GstPlay-1_0-1.22.0-150500.3.28.1 * libgstva-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstcuda-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstwayland-1_0-0-1.22.0-150500.3.28.1 * libgstisoff-1_0-0-1.22.0-150500.3.28.1 * typelib-1_0-GstBadAudio-1_0-1.22.0-150500.3.28.1 * libgstcuda-1_0-0-1.22.0-150500.3.28.1 * libgstplayer-1_0-0-1.22.0-150500.3.28.1 * libgstadaptivedemux-1_0-0-debuginfo-1.22.0-150500.3.28.1 * typelib-1_0-GstMpegts-1_0-1.22.0-150500.3.28.1 * libgstcodecs-1_0-0-1.22.0-150500.3.28.1 * libgstvulkan-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstmpegts-1_0-0-1.22.0-150500.3.28.1 * typelib-1_0-GstInsertBin-1_0-1.22.0-150500.3.28.1 * typelib-1_0-GstCodecs-1_0-1.22.0-150500.3.28.1 * gstreamer-plugins-bad-debugsource-1.22.0-150500.3.28.1 * libgstcodecparsers-1_0-0-1.22.0-150500.3.28.1 * libgsturidownloader-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstva-1_0-0-1.22.0-150500.3.28.1 * libgstphotography-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstbasecamerabinsrc-1_0-0-1.22.0-150500.3.28.1 * libgstbadaudio-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstplay-1_0-0-1.22.0-150500.3.28.1 * gstreamer-plugins-bad-chromaprint-debuginfo-1.22.0-150500.3.28.1 * gstreamer-plugins-bad-devel-1.22.0-150500.3.28.1 * typelib-1_0-GstCuda-1_0-1.22.0-150500.3.28.1 * libgstbadaudio-1_0-0-1.22.0-150500.3.28.1 * typelib-1_0-GstWebRTC-1_0-1.22.0-150500.3.28.1 * libgstinsertbin-1_0-0-1.22.0-150500.3.28.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * gstreamer-plugins-bad-lang-1.22.0-150500.3.28.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * gstreamer-plugins-bad-chromaprint-1.22.0-150500.3.28.1 * libgstmpegts-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstvulkan-1_0-0-1.22.0-150500.3.28.1 * gstreamer-plugins-bad-1.22.0-150500.3.28.1 * libgstplay-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstinsertbin-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgsttranscoder-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstwebrtcnice-1_0-0-debuginfo-1.22.0-150500.3.28.1 * typelib-1_0-GstVa-1_0-1.22.0-150500.3.28.1 * libgstsctp-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstwebrtc-1_0-0-debuginfo-1.22.0-150500.3.28.1 * gstreamer-plugins-bad-debuginfo-1.22.0-150500.3.28.1 * libgsturidownloader-1_0-0-1.22.0-150500.3.28.1 * libgstisoff-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstwebrtcnice-1_0-0-1.22.0-150500.3.28.1 * libgstadaptivedemux-1_0-0-1.22.0-150500.3.28.1 * typelib-1_0-GstPlayer-1_0-1.22.0-150500.3.28.1 * libgstsctp-1_0-0-1.22.0-150500.3.28.1 * libgstphotography-1_0-0-1.22.0-150500.3.28.1 * libgstwayland-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstcodecparsers-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstcodecs-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstwebrtc-1_0-0-1.22.0-150500.3.28.1 * libgsttranscoder-1_0-0-1.22.0-150500.3.28.1 * typelib-1_0-CudaGst-1_0-1.22.0-150500.3.28.1 * libgstplayer-1_0-0-debuginfo-1.22.0-150500.3.28.1 * typelib-1_0-GstPlay-1_0-1.22.0-150500.3.28.1 * libgstva-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstcuda-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstwayland-1_0-0-1.22.0-150500.3.28.1 * libgstisoff-1_0-0-1.22.0-150500.3.28.1 * typelib-1_0-GstBadAudio-1_0-1.22.0-150500.3.28.1 * libgstcuda-1_0-0-1.22.0-150500.3.28.1 * libgstplayer-1_0-0-1.22.0-150500.3.28.1 * libgstadaptivedemux-1_0-0-debuginfo-1.22.0-150500.3.28.1 * typelib-1_0-GstMpegts-1_0-1.22.0-150500.3.28.1 * libgstcodecs-1_0-0-1.22.0-150500.3.28.1 * libgstvulkan-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstmpegts-1_0-0-1.22.0-150500.3.28.1 * typelib-1_0-GstInsertBin-1_0-1.22.0-150500.3.28.1 * typelib-1_0-GstCodecs-1_0-1.22.0-150500.3.28.1 * gstreamer-plugins-bad-debugsource-1.22.0-150500.3.28.1 * libgstcodecparsers-1_0-0-1.22.0-150500.3.28.1 * libgsturidownloader-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstva-1_0-0-1.22.0-150500.3.28.1 * libgstphotography-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstbasecamerabinsrc-1_0-0-1.22.0-150500.3.28.1 * libgstbadaudio-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstplay-1_0-0-1.22.0-150500.3.28.1 * gstreamer-plugins-bad-chromaprint-debuginfo-1.22.0-150500.3.28.1 * gstreamer-plugins-bad-devel-1.22.0-150500.3.28.1 * typelib-1_0-GstCuda-1_0-1.22.0-150500.3.28.1 * libgstbadaudio-1_0-0-1.22.0-150500.3.28.1 * typelib-1_0-GstWebRTC-1_0-1.22.0-150500.3.28.1 * libgstinsertbin-1_0-0-1.22.0-150500.3.28.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * gstreamer-plugins-bad-lang-1.22.0-150500.3.28.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * gstreamer-plugins-bad-chromaprint-1.22.0-150500.3.28.1 * libgstmpegts-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstvulkan-1_0-0-1.22.0-150500.3.28.1 * gstreamer-plugins-bad-1.22.0-150500.3.28.1 * libgstplay-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstinsertbin-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgsttranscoder-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstwebrtcnice-1_0-0-debuginfo-1.22.0-150500.3.28.1 * typelib-1_0-GstVa-1_0-1.22.0-150500.3.28.1 * libgstsctp-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstwebrtc-1_0-0-debuginfo-1.22.0-150500.3.28.1 * gstreamer-plugins-bad-debuginfo-1.22.0-150500.3.28.1 * libgsturidownloader-1_0-0-1.22.0-150500.3.28.1 * libgstisoff-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstwebrtcnice-1_0-0-1.22.0-150500.3.28.1 * libgstadaptivedemux-1_0-0-1.22.0-150500.3.28.1 * typelib-1_0-GstPlayer-1_0-1.22.0-150500.3.28.1 * libgstsctp-1_0-0-1.22.0-150500.3.28.1 * libgstphotography-1_0-0-1.22.0-150500.3.28.1 * libgstwayland-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstcodecparsers-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstcodecs-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstwebrtc-1_0-0-1.22.0-150500.3.28.1 * libgsttranscoder-1_0-0-1.22.0-150500.3.28.1 * typelib-1_0-CudaGst-1_0-1.22.0-150500.3.28.1 * libgstplayer-1_0-0-debuginfo-1.22.0-150500.3.28.1 * typelib-1_0-GstPlay-1_0-1.22.0-150500.3.28.1 * libgstva-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstcuda-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstwayland-1_0-0-1.22.0-150500.3.28.1 * libgstisoff-1_0-0-1.22.0-150500.3.28.1 * typelib-1_0-GstBadAudio-1_0-1.22.0-150500.3.28.1 * libgstcuda-1_0-0-1.22.0-150500.3.28.1 * libgstplayer-1_0-0-1.22.0-150500.3.28.1 * libgstadaptivedemux-1_0-0-debuginfo-1.22.0-150500.3.28.1 * typelib-1_0-GstMpegts-1_0-1.22.0-150500.3.28.1 * libgstcodecs-1_0-0-1.22.0-150500.3.28.1 * libgstvulkan-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstmpegts-1_0-0-1.22.0-150500.3.28.1 * typelib-1_0-GstInsertBin-1_0-1.22.0-150500.3.28.1 * typelib-1_0-GstCodecs-1_0-1.22.0-150500.3.28.1 * gstreamer-plugins-bad-debugsource-1.22.0-150500.3.28.1 * libgstcodecparsers-1_0-0-1.22.0-150500.3.28.1 * libgsturidownloader-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstva-1_0-0-1.22.0-150500.3.28.1 * libgstphotography-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstbasecamerabinsrc-1_0-0-1.22.0-150500.3.28.1 * libgstbadaudio-1_0-0-debuginfo-1.22.0-150500.3.28.1 * libgstplay-1_0-0-1.22.0-150500.3.28.1 * gstreamer-plugins-bad-chromaprint-debuginfo-1.22.0-150500.3.28.1 * gstreamer-plugins-bad-devel-1.22.0-150500.3.28.1 * typelib-1_0-GstCuda-1_0-1.22.0-150500.3.28.1 * libgstbadaudio-1_0-0-1.22.0-150500.3.28.1 * typelib-1_0-GstWebRTC-1_0-1.22.0-150500.3.28.1 * libgstinsertbin-1_0-0-1.22.0-150500.3.28.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * gstreamer-plugins-bad-lang-1.22.0-150500.3.28.1 ## References: * https://www.suse.com/security/cve/CVE-2025-3887.html * https://bugzilla.suse.com/show_bug.cgi?id=1242809 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 28 12:30:42 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 28 May 2025 12:30:42 -0000 Subject: SUSE-SU-2025:01716-1: moderate: Security update for mariadb Message-ID: <174843544298.5286.8891023569082463432@smelt2.prg2.suse.org> # Security update for mariadb Announcement ID: SUSE-SU-2025:01716-1 Release Date: 2025-05-27T12:44:15Z Rating: moderate References: * bsc#1243356 Cross-References: * CVE-2025-21490 CVSS scores: * CVE-2025-21490 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21490 ( SUSE ): 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21490 ( NVD ): 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H Affected Products: * Galera for Ericsson 15 SP6 * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves one vulnerability can now be installed. ## Description: This update for mariadb fixes the following issues: Update to version 10.11.11. * CVE-2025-21490: vulnerability allows high privileged attacker with network access to cause hangs and frequent crashes on affected servers (bsc#1243356). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1716=1 openSUSE-SLE-15.6-2025-1716=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-1716=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-1716=1 * Galera for Ericsson 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-ERICSSON-2025-1716=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * mariadb-rpm-macros-10.11.11-150600.4.10.1 * libmariadbd19-debuginfo-10.11.11-150600.4.10.1 * mariadb-debugsource-10.11.11-150600.4.10.1 * mariadb-galera-10.11.11-150600.4.10.1 * mariadb-client-debuginfo-10.11.11-150600.4.10.1 * mariadb-test-10.11.11-150600.4.10.1 * mariadb-client-10.11.11-150600.4.10.1 * mariadb-debuginfo-10.11.11-150600.4.10.1 * mariadb-10.11.11-150600.4.10.1 * mariadb-bench-debuginfo-10.11.11-150600.4.10.1 * mariadb-test-debuginfo-10.11.11-150600.4.10.1 * libmariadbd19-10.11.11-150600.4.10.1 * libmariadbd-devel-10.11.11-150600.4.10.1 * mariadb-tools-10.11.11-150600.4.10.1 * mariadb-bench-10.11.11-150600.4.10.1 * mariadb-tools-debuginfo-10.11.11-150600.4.10.1 * openSUSE Leap 15.6 (noarch) * mariadb-errormessages-10.11.11-150600.4.10.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * mariadb-debuginfo-10.11.11-150600.4.10.1 * mariadb-debugsource-10.11.11-150600.4.10.1 * mariadb-galera-10.11.11-150600.4.10.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libmariadbd19-debuginfo-10.11.11-150600.4.10.1 * mariadb-debugsource-10.11.11-150600.4.10.1 * mariadb-client-debuginfo-10.11.11-150600.4.10.1 * mariadb-client-10.11.11-150600.4.10.1 * mariadb-debuginfo-10.11.11-150600.4.10.1 * mariadb-10.11.11-150600.4.10.1 * libmariadbd19-10.11.11-150600.4.10.1 * mariadb-tools-10.11.11-150600.4.10.1 * libmariadbd-devel-10.11.11-150600.4.10.1 * mariadb-tools-debuginfo-10.11.11-150600.4.10.1 * Server Applications Module 15-SP6 (noarch) * mariadb-errormessages-10.11.11-150600.4.10.1 * Galera for Ericsson 15 SP6 (x86_64) * mariadb-debuginfo-10.11.11-150600.4.10.1 * mariadb-debugsource-10.11.11-150600.4.10.1 * mariadb-galera-10.11.11-150600.4.10.1 ## References: * https://www.suse.com/security/cve/CVE-2025-21490.html * https://bugzilla.suse.com/show_bug.cgi?id=1243356 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 28 12:30:45 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 28 May 2025 12:30:45 -0000 Subject: SUSE-SU-2025:01715-1: important: Security update for python-setuptools Message-ID: <174843544536.5286.18151596555349594142@smelt2.prg2.suse.org> # Security update for python-setuptools Announcement ID: SUSE-SU-2025:01715-1 Release Date: 2025-05-27T12:34:48Z Rating: important References: * bsc#1243313 Cross-References: * CVE-2025-47273 CVSS scores: * CVE-2025-47273 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-47273 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2025-47273 ( NVD ): 7.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves one vulnerability can now be installed. ## Description: This update for python-setuptools fixes the following issues: * CVE-2025-47273: path traversal in PackageIndex.download may lead to an arbitrary file write (bsc#1243313). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1715=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1715=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1715=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1715=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-1715=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1715=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1715=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * python3-setuptools-wheel-40.5.0-150100.6.12.1 * python3-setuptools-40.5.0-150100.6.12.1 * python3-setuptools-test-40.5.0-150100.6.12.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * python3-setuptools-wheel-40.5.0-150100.6.12.1 * python3-setuptools-40.5.0-150100.6.12.1 * python3-setuptools-test-40.5.0-150100.6.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * python3-setuptools-wheel-40.5.0-150100.6.12.1 * python3-setuptools-40.5.0-150100.6.12.1 * python3-setuptools-test-40.5.0-150100.6.12.1 * SUSE Enterprise Storage 7.1 (noarch) * python3-setuptools-wheel-40.5.0-150100.6.12.1 * python3-setuptools-40.5.0-150100.6.12.1 * python3-setuptools-test-40.5.0-150100.6.12.1 * SUSE Linux Enterprise Micro 5.1 (noarch) * python3-setuptools-40.5.0-150100.6.12.1 * SUSE Linux Enterprise Micro 5.2 (noarch) * python3-setuptools-40.5.0-150100.6.12.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch) * python3-setuptools-40.5.0-150100.6.12.1 ## References: * https://www.suse.com/security/cve/CVE-2025-47273.html * https://bugzilla.suse.com/show_bug.cgi?id=1243313 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 28 16:30:03 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 28 May 2025 16:30:03 -0000 Subject: SUSE-SU-2025:01732-1: important: Security update for python-tornado Message-ID: <174844980363.5223.11751662474504228666@smelt2.prg2.suse.org> # Security update for python-tornado Announcement ID: SUSE-SU-2025:01732-1 Release Date: 2025-05-28T14:44:52Z Rating: important References: * bsc#1243268 Cross-References: * CVE-2025-47287 CVSS scores: * CVE-2025-47287 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-47287 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-47287 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Desktop 12 * SUSE Linux Enterprise Desktop 12 SP1 * SUSE Linux Enterprise Desktop 12 SP2 * SUSE Linux Enterprise Desktop 12 SP3 * SUSE Linux Enterprise Desktop 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Server for the Raspberry Pi 12-SP2 * SUSE Manager Client Tools for SLE 12 An update that solves one vulnerability can now be installed. ## Description: This update for python-tornado fixes the following issues: * CVE-2025-47287: excessive logging when parsing malformed `multipart/form- data` can lead to a denial-of-service (bsc#1243268). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for SLE 12 zypper in -t patch SUSE-SLE-Manager-Tools-12-2025-1732=1 ## Package List: * SUSE Manager Client Tools for SLE 12 (aarch64 ppc64le s390x x86_64) * python3-tornado-4.2.1-17.10.1 * python-tornado-debuginfo-4.2.1-17.10.1 * python-tornado-debugsource-4.2.1-17.10.1 * python-tornado-4.2.1-17.10.1 ## References: * https://www.suse.com/security/cve/CVE-2025-47287.html * https://bugzilla.suse.com/show_bug.cgi?id=1243268 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 28 16:30:10 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 28 May 2025 16:30:10 -0000 Subject: SUSE-SU-2025:01731-1: moderate: Security update for go1.23-openssl Message-ID: <174844981026.5223.5606496580506119286@smelt2.prg2.suse.org> # Security update for go1.23-openssl Announcement ID: SUSE-SU-2025:01731-1 Release Date: 2025-05-28T14:33:28Z Rating: moderate References: * bsc#1229122 * bsc#1236045 * bsc#1236046 * bsc#1236801 * bsc#1238572 * bsc#1240550 * jsc#SLE-18320 Cross-References: * CVE-2024-45336 * CVE-2024-45341 * CVE-2025-22866 * CVE-2025-22870 * CVE-2025-22871 CVSS scores: * CVE-2024-45336 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-45336 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-45341 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-45341 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2025-22866 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-22866 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2025-22866 ( NVD ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2025-22870 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-22870 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2025-22870 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2025-22871 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N * CVE-2025-22871 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-22871 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves five vulnerabilities, contains one feature and has one security fix can now be installed. ## Description: This update for go1.23-openssl fixes the following issues: Update to version 1.23.9 (bsc#1229122): Security fixes: * CVE-2024-45336: net/http: sensitive headers incorrectly sent after cross- domain redirect (bsc#1236046) * CVE-2024-45341: crypto/x509: usage of IPv6 zone IDs can bypass URI name constraints (bsc#1236045) * CVE-2025-22866: crypto/internal/fips140/nistec: p256NegCond is variable time on ppc64le (bsc#1236801) * CVE-2025-22870: net/http, x/net/proxy, x/net/http/httpproxy: proxy bypass using IPv6 zone IDs (bsc#1238572) * CVE-2025-22871: net/http: reject bare LF in chunked encoding (bsc#1240550) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1731=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1731=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1731=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1731=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1731=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1731=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1731=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1731=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1731=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1731=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1731=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1731=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * go1.23-openssl-race-1.23.9-150000.1.9.1 * go1.23-openssl-1.23.9-150000.1.9.1 * go1.23-openssl-debuginfo-1.23.9-150000.1.9.1 * go1.23-openssl-doc-1.23.9-150000.1.9.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * go1.23-openssl-race-1.23.9-150000.1.9.1 * go1.23-openssl-1.23.9-150000.1.9.1 * go1.23-openssl-debuginfo-1.23.9-150000.1.9.1 * go1.23-openssl-doc-1.23.9-150000.1.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * go1.23-openssl-race-1.23.9-150000.1.9.1 * go1.23-openssl-1.23.9-150000.1.9.1 * go1.23-openssl-debuginfo-1.23.9-150000.1.9.1 * go1.23-openssl-doc-1.23.9-150000.1.9.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * go1.23-openssl-race-1.23.9-150000.1.9.1 * go1.23-openssl-1.23.9-150000.1.9.1 * go1.23-openssl-debuginfo-1.23.9-150000.1.9.1 * go1.23-openssl-doc-1.23.9-150000.1.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * go1.23-openssl-race-1.23.9-150000.1.9.1 * go1.23-openssl-1.23.9-150000.1.9.1 * go1.23-openssl-debuginfo-1.23.9-150000.1.9.1 * go1.23-openssl-doc-1.23.9-150000.1.9.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * go1.23-openssl-race-1.23.9-150000.1.9.1 * go1.23-openssl-1.23.9-150000.1.9.1 * go1.23-openssl-debuginfo-1.23.9-150000.1.9.1 * go1.23-openssl-doc-1.23.9-150000.1.9.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * go1.23-openssl-race-1.23.9-150000.1.9.1 * go1.23-openssl-1.23.9-150000.1.9.1 * go1.23-openssl-debuginfo-1.23.9-150000.1.9.1 * go1.23-openssl-doc-1.23.9-150000.1.9.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * go1.23-openssl-race-1.23.9-150000.1.9.1 * go1.23-openssl-1.23.9-150000.1.9.1 * go1.23-openssl-debuginfo-1.23.9-150000.1.9.1 * go1.23-openssl-doc-1.23.9-150000.1.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * go1.23-openssl-race-1.23.9-150000.1.9.1 * go1.23-openssl-1.23.9-150000.1.9.1 * go1.23-openssl-debuginfo-1.23.9-150000.1.9.1 * go1.23-openssl-doc-1.23.9-150000.1.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * go1.23-openssl-race-1.23.9-150000.1.9.1 * go1.23-openssl-1.23.9-150000.1.9.1 * go1.23-openssl-debuginfo-1.23.9-150000.1.9.1 * go1.23-openssl-doc-1.23.9-150000.1.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * go1.23-openssl-race-1.23.9-150000.1.9.1 * go1.23-openssl-1.23.9-150000.1.9.1 * go1.23-openssl-debuginfo-1.23.9-150000.1.9.1 * go1.23-openssl-doc-1.23.9-150000.1.9.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * go1.23-openssl-race-1.23.9-150000.1.9.1 * go1.23-openssl-1.23.9-150000.1.9.1 * go1.23-openssl-debuginfo-1.23.9-150000.1.9.1 * go1.23-openssl-doc-1.23.9-150000.1.9.1 ## References: * https://www.suse.com/security/cve/CVE-2024-45336.html * https://www.suse.com/security/cve/CVE-2024-45341.html * https://www.suse.com/security/cve/CVE-2025-22866.html * https://www.suse.com/security/cve/CVE-2025-22870.html * https://www.suse.com/security/cve/CVE-2025-22871.html * https://bugzilla.suse.com/show_bug.cgi?id=1229122 * https://bugzilla.suse.com/show_bug.cgi?id=1236045 * https://bugzilla.suse.com/show_bug.cgi?id=1236046 * https://bugzilla.suse.com/show_bug.cgi?id=1236801 * https://bugzilla.suse.com/show_bug.cgi?id=1238572 * https://bugzilla.suse.com/show_bug.cgi?id=1240550 * https://jira.suse.com/browse/SLE-18320 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 28 16:30:11 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 28 May 2025 16:30:11 -0000 Subject: SUSE-RU-2025:01730-1: moderate: Recommended update for lifecycle-data-sle-module-python3 Message-ID: <174844981167.5223.4411801208525401717@smelt2.prg2.suse.org> # Recommended update for lifecycle-data-sle-module-python3 Announcement ID: SUSE-RU-2025:01730-1 Release Date: 2025-05-28T14:30:42Z Rating: moderate References: * jsc#PED-12726 Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.6 * Python 3 Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that contains one feature can now be installed. ## Description: This update for lifecycle-data-sle-module-python3 fixes the following issues: * document python312 and python313 lifecycle (jsc#PED-12726) * extend python311 lifecycle (jsc#PED-12726) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1730=1 * Python 3 Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2025-1730=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1730=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1730=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1730=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1730=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1730=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1730=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1730=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1730=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1730=1 ## Package List: * openSUSE Leap 15.6 (noarch) * lifecycle-data-sle-module-python3-1-150400.9.6.1 * Python 3 Module 15-SP6 (noarch) * lifecycle-data-sle-module-python3-1-150400.9.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * lifecycle-data-sle-module-python3-1-150400.9.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * lifecycle-data-sle-module-python3-1-150400.9.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * lifecycle-data-sle-module-python3-1-150400.9.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * lifecycle-data-sle-module-python3-1-150400.9.6.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * lifecycle-data-sle-module-python3-1-150400.9.6.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * lifecycle-data-sle-module-python3-1-150400.9.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * lifecycle-data-sle-module-python3-1-150400.9.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * lifecycle-data-sle-module-python3-1-150400.9.6.1 * openSUSE Leap 15.4 (noarch) * lifecycle-data-sle-module-python3-1-150400.9.6.1 ## References: * https://jira.suse.com/browse/PED-12726 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 28 16:30:17 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 28 May 2025 16:30:17 -0000 Subject: SUSE-SU-2025:01729-1: important: Security update for gstreamer-plugins-bad Message-ID: <174844981782.5223.700080232684136373@smelt2.prg2.suse.org> # Security update for gstreamer-plugins-bad Announcement ID: SUSE-SU-2025:01729-1 Release Date: 2025-05-28T14:28:50Z Rating: important References: * bsc#1242809 Cross-References: * CVE-2025-3887 CVSS scores: * CVE-2025-3887 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-3887 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-3887 ( NVD ): 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for gstreamer-plugins-bad fixes the following issues: * CVE-2025-3887: Fixed possible RCE vulnerability via buffer overflow in H265 Codec Parsing (bsc#1242809). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-1729=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1729=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libgstbadvideo-1_0-0-1.8.3-18.18.1 * libgstbadvideo-1_0-0-debuginfo-1.8.3-18.18.1 * libgstmpegts-1_0-0-1.8.3-18.18.1 * libgstcodecparsers-1_0-0-debuginfo-1.8.3-18.18.1 * libgstbasecamerabinsrc-1_0-0-1.8.3-18.18.1 * libgstphotography-1_0-0-1.8.3-18.18.1 * gstreamer-plugins-bad-debugsource-1.8.3-18.18.1 * libgstphotography-1_0-0-debuginfo-1.8.3-18.18.1 * libgstbadbase-1_0-0-1.8.3-18.18.1 * libgstbadbase-1_0-0-debuginfo-1.8.3-18.18.1 * libgstgl-1_0-0-1.8.3-18.18.1 * gstreamer-plugins-bad-debuginfo-1.8.3-18.18.1 * libgstmpegts-1_0-0-debuginfo-1.8.3-18.18.1 * gstreamer-plugins-bad-1.8.3-18.18.1 * libgstbadaudio-1_0-0-debuginfo-1.8.3-18.18.1 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.8.3-18.18.1 * libgsturidownloader-1_0-0-1.8.3-18.18.1 * gstreamer-plugins-bad-devel-1.8.3-18.18.1 * libgstadaptivedemux-1_0-0-debuginfo-1.8.3-18.18.1 * libgstgl-1_0-0-debuginfo-1.8.3-18.18.1 * libgstcodecparsers-1_0-0-1.8.3-18.18.1 * libgstbadaudio-1_0-0-1.8.3-18.18.1 * libgstadaptivedemux-1_0-0-1.8.3-18.18.1 * libgsturidownloader-1_0-0-debuginfo-1.8.3-18.18.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * gstreamer-plugins-bad-lang-1.8.3-18.18.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libgstbadvideo-1_0-0-1.8.3-18.18.1 * libgstbadvideo-1_0-0-debuginfo-1.8.3-18.18.1 * libgstmpegts-1_0-0-1.8.3-18.18.1 * libgstcodecparsers-1_0-0-debuginfo-1.8.3-18.18.1 * libgstbasecamerabinsrc-1_0-0-1.8.3-18.18.1 * libgstphotography-1_0-0-1.8.3-18.18.1 * gstreamer-plugins-bad-debugsource-1.8.3-18.18.1 * libgstphotography-1_0-0-debuginfo-1.8.3-18.18.1 * libgstbadbase-1_0-0-1.8.3-18.18.1 * libgstbadbase-1_0-0-debuginfo-1.8.3-18.18.1 * libgstgl-1_0-0-1.8.3-18.18.1 * gstreamer-plugins-bad-debuginfo-1.8.3-18.18.1 * libgstmpegts-1_0-0-debuginfo-1.8.3-18.18.1 * gstreamer-plugins-bad-1.8.3-18.18.1 * libgstbadaudio-1_0-0-debuginfo-1.8.3-18.18.1 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.8.3-18.18.1 * libgsturidownloader-1_0-0-1.8.3-18.18.1 * gstreamer-plugins-bad-devel-1.8.3-18.18.1 * libgstadaptivedemux-1_0-0-debuginfo-1.8.3-18.18.1 * libgstgl-1_0-0-debuginfo-1.8.3-18.18.1 * libgstcodecparsers-1_0-0-1.8.3-18.18.1 * libgstbadaudio-1_0-0-1.8.3-18.18.1 * libgstadaptivedemux-1_0-0-1.8.3-18.18.1 * libgsturidownloader-1_0-0-debuginfo-1.8.3-18.18.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * gstreamer-plugins-bad-lang-1.8.3-18.18.1 ## References: * https://www.suse.com/security/cve/CVE-2025-3887.html * https://bugzilla.suse.com/show_bug.cgi?id=1242809 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 28 16:30:20 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 28 May 2025 16:30:20 -0000 Subject: SUSE-RU-2025:01728-1: moderate: Recommended update for abseil-cpp Message-ID: <174844982046.5223.13330900414144307865@smelt2.prg2.suse.org> # Recommended update for abseil-cpp Announcement ID: SUSE-RU-2025:01728-1 Release Date: 2025-05-28T14:22:12Z Rating: moderate References: * bsc#1236438 Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that has one fix can now be installed. ## Description: This update for abseil-cpp fixes the following issue: * Version update 20240116.3 * Fix potential integer overflow in hash container create/resize (bsc#1236438). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1728=1 openSUSE-SLE-15.6-2025-1728=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1728=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * abseil-cpp-debugsource-20240116.3-150600.19.3.15 * libabsl2401_0_0-debuginfo-20240116.3-150600.19.3.15 * libabsl2401_0_0-20240116.3-150600.19.3.15 * abseil-cpp-devel-20240116.3-150600.19.3.15 * openSUSE Leap 15.6 (x86_64) * libabsl2401_0_0-32bit-20240116.3-150600.19.3.15 * libabsl2401_0_0-32bit-debuginfo-20240116.3-150600.19.3.15 * openSUSE Leap 15.6 (aarch64_ilp32) * libabsl2401_0_0-64bit-20240116.3-150600.19.3.15 * libabsl2401_0_0-64bit-debuginfo-20240116.3-150600.19.3.15 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * abseil-cpp-debugsource-20240116.3-150600.19.3.15 * libabsl2401_0_0-debuginfo-20240116.3-150600.19.3.15 * libabsl2401_0_0-20240116.3-150600.19.3.15 * abseil-cpp-devel-20240116.3-150600.19.3.15 * Basesystem Module 15-SP6 (x86_64) * libabsl2401_0_0-32bit-20240116.3-150600.19.3.15 * libabsl2401_0_0-32bit-debuginfo-20240116.3-150600.19.3.15 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1236438 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 28 16:30:22 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 28 May 2025 16:30:22 -0000 Subject: SUSE-SU-2025:01726-1: important: Security update for python-tornado Message-ID: <174844982249.5223.15319843145488361353@smelt2.prg2.suse.org> # Security update for python-tornado Announcement ID: SUSE-SU-2025:01726-1 Release Date: 2025-05-28T13:46:19Z Rating: important References: * bsc#1243268 Cross-References: * CVE-2025-47287 CVSS scores: * CVE-2025-47287 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-47287 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-47287 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for python-tornado fixes the following issues: * CVE-2025-47287: excessive logging when parsing malformed `multipart/form- data` can lead to a denial-of-service (bsc#1243268). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1726=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1726=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1726=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1726=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-1726=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1726=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1726=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1726=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1726=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1726=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1726=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1726=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1726=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1726=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1726=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1726=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1726=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-1726=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-1726=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-1726=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1726=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1726=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1726=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * python-tornado-debuginfo-4.5.3-150000.3.10.1 * python-tornado-debugsource-4.5.3-150000.3.10.1 * python3-tornado-debuginfo-4.5.3-150000.3.10.1 * python3-tornado-4.5.3-150000.3.10.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * python-tornado-debuginfo-4.5.3-150000.3.10.1 * python-tornado-debugsource-4.5.3-150000.3.10.1 * python3-tornado-debuginfo-4.5.3-150000.3.10.1 * python3-tornado-4.5.3-150000.3.10.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * python-tornado-debuginfo-4.5.3-150000.3.10.1 * python-tornado-debugsource-4.5.3-150000.3.10.1 * python3-tornado-debuginfo-4.5.3-150000.3.10.1 * python3-tornado-4.5.3-150000.3.10.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * python-tornado-debuginfo-4.5.3-150000.3.10.1 * python-tornado-debugsource-4.5.3-150000.3.10.1 * python3-tornado-debuginfo-4.5.3-150000.3.10.1 * python3-tornado-4.5.3-150000.3.10.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * python-tornado-debuginfo-4.5.3-150000.3.10.1 * python-tornado-debugsource-4.5.3-150000.3.10.1 * python3-tornado-debuginfo-4.5.3-150000.3.10.1 * python3-tornado-4.5.3-150000.3.10.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * python-tornado-debuginfo-4.5.3-150000.3.10.1 * python-tornado-debugsource-4.5.3-150000.3.10.1 * python3-tornado-debuginfo-4.5.3-150000.3.10.1 * python3-tornado-4.5.3-150000.3.10.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * python-tornado-debuginfo-4.5.3-150000.3.10.1 * python-tornado-debugsource-4.5.3-150000.3.10.1 * python3-tornado-debuginfo-4.5.3-150000.3.10.1 * python3-tornado-4.5.3-150000.3.10.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * python-tornado-debuginfo-4.5.3-150000.3.10.1 * python-tornado-debugsource-4.5.3-150000.3.10.1 * python3-tornado-debuginfo-4.5.3-150000.3.10.1 * python3-tornado-4.5.3-150000.3.10.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * python-tornado-debuginfo-4.5.3-150000.3.10.1 * python-tornado-debugsource-4.5.3-150000.3.10.1 * python3-tornado-debuginfo-4.5.3-150000.3.10.1 * python3-tornado-4.5.3-150000.3.10.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * python-tornado-debuginfo-4.5.3-150000.3.10.1 * python-tornado-debugsource-4.5.3-150000.3.10.1 * python3-tornado-debuginfo-4.5.3-150000.3.10.1 * python3-tornado-4.5.3-150000.3.10.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * python-tornado-debuginfo-4.5.3-150000.3.10.1 * python-tornado-debugsource-4.5.3-150000.3.10.1 * python3-tornado-debuginfo-4.5.3-150000.3.10.1 * python3-tornado-4.5.3-150000.3.10.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * python-tornado-debuginfo-4.5.3-150000.3.10.1 * python-tornado-debugsource-4.5.3-150000.3.10.1 * python3-tornado-debuginfo-4.5.3-150000.3.10.1 * python3-tornado-4.5.3-150000.3.10.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * python-tornado-debuginfo-4.5.3-150000.3.10.1 * python-tornado-debugsource-4.5.3-150000.3.10.1 * python3-tornado-debuginfo-4.5.3-150000.3.10.1 * python3-tornado-4.5.3-150000.3.10.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * python-tornado-debuginfo-4.5.3-150000.3.10.1 * python-tornado-debugsource-4.5.3-150000.3.10.1 * python3-tornado-debuginfo-4.5.3-150000.3.10.1 * python3-tornado-4.5.3-150000.3.10.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * python-tornado-debuginfo-4.5.3-150000.3.10.1 * python-tornado-debugsource-4.5.3-150000.3.10.1 * python3-tornado-debuginfo-4.5.3-150000.3.10.1 * python3-tornado-4.5.3-150000.3.10.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * python-tornado-debuginfo-4.5.3-150000.3.10.1 * python-tornado-debugsource-4.5.3-150000.3.10.1 * python3-tornado-debuginfo-4.5.3-150000.3.10.1 * python3-tornado-4.5.3-150000.3.10.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * python-tornado-debuginfo-4.5.3-150000.3.10.1 * python-tornado-debugsource-4.5.3-150000.3.10.1 * python3-tornado-debuginfo-4.5.3-150000.3.10.1 * python3-tornado-4.5.3-150000.3.10.1 * SUSE Manager Proxy 4.3 (x86_64) * python-tornado-debuginfo-4.5.3-150000.3.10.1 * python-tornado-debugsource-4.5.3-150000.3.10.1 * python3-tornado-debuginfo-4.5.3-150000.3.10.1 * python3-tornado-4.5.3-150000.3.10.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * python-tornado-debuginfo-4.5.3-150000.3.10.1 * python-tornado-debugsource-4.5.3-150000.3.10.1 * python3-tornado-debuginfo-4.5.3-150000.3.10.1 * python3-tornado-4.5.3-150000.3.10.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * python-tornado-debuginfo-4.5.3-150000.3.10.1 * python-tornado-debugsource-4.5.3-150000.3.10.1 * python3-tornado-debuginfo-4.5.3-150000.3.10.1 * python3-tornado-4.5.3-150000.3.10.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * python-tornado-debuginfo-4.5.3-150000.3.10.1 * python-tornado-debugsource-4.5.3-150000.3.10.1 * python3-tornado-debuginfo-4.5.3-150000.3.10.1 * python3-tornado-4.5.3-150000.3.10.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * python-tornado-debuginfo-4.5.3-150000.3.10.1 * python-tornado-debugsource-4.5.3-150000.3.10.1 * python3-tornado-debuginfo-4.5.3-150000.3.10.1 * python3-tornado-4.5.3-150000.3.10.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * python-tornado-debuginfo-4.5.3-150000.3.10.1 * python-tornado-debugsource-4.5.3-150000.3.10.1 * python3-tornado-debuginfo-4.5.3-150000.3.10.1 * python3-tornado-4.5.3-150000.3.10.1 ## References: * https://www.suse.com/security/cve/CVE-2025-47287.html * https://bugzilla.suse.com/show_bug.cgi?id=1243268 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 28 16:30:25 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 28 May 2025 16:30:25 -0000 Subject: SUSE-SU-2025:01725-1: important: Security update for gstreamer-plugins-bad Message-ID: <174844982506.5223.9904413507928221924@smelt2.prg2.suse.org> # Security update for gstreamer-plugins-bad Announcement ID: SUSE-SU-2025:01725-1 Release Date: 2025-05-28T13:44:14Z Rating: important References: * bsc#1242809 Cross-References: * CVE-2025-3887 CVSS scores: * CVE-2025-3887 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-3887 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-3887 ( NVD ): 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for gstreamer-plugins-bad fixes the following issues: * CVE-2025-3887: Fixed possible RCE vulnerability via buffer overflow in H265 Codec Parsing (bsc#1242809). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1725=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1725=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1725=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-1725=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-1725=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-1725=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1725=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1725=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libgstadaptivedemux-1_0-0-1.20.1-150400.3.26.1 * libgstvulkan-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstwebrtc-1_0-0-1.20.1-150400.3.26.1 * libgstinsertbin-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstplayer-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstcodecs-1_0-0-1.20.1-150400.3.26.1 * gstreamer-plugins-bad-1.20.1-150400.3.26.1 * typelib-1_0-GstPlayer-1_0-1.20.1-150400.3.26.1 * typelib-1_0-GstPlay-1_0-1.20.1-150400.3.26.1 * libgstinsertbin-1_0-0-1.20.1-150400.3.26.1 * typelib-1_0-GstMpegts-1_0-1.20.1-150400.3.26.1 * libgstplay-1_0-0-1.20.1-150400.3.26.1 * typelib-1_0-GstWebRTC-1_0-1.20.1-150400.3.26.1 * libgstsctp-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgsturidownloader-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstsctp-1_0-0-1.20.1-150400.3.26.1 * gstreamer-plugins-bad-chromaprint-debuginfo-1.20.1-150400.3.26.1 * libgstbadaudio-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstmpegts-1_0-0-1.20.1-150400.3.26.1 * gstreamer-plugins-bad-devel-1.20.1-150400.3.26.1 * gstreamer-plugins-bad-chromaprint-1.20.1-150400.3.26.1 * libgstbasecamerabinsrc-1_0-0-1.20.1-150400.3.26.1 * libgstva-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgsturidownloader-1_0-0-1.20.1-150400.3.26.1 * gstreamer-plugins-bad-debuginfo-1.20.1-150400.3.26.1 * libgstphotography-1_0-0-1.20.1-150400.3.26.1 * libgstvulkan-1_0-0-1.20.1-150400.3.26.1 * libgstwebrtc-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstmpegts-1_0-0-debuginfo-1.20.1-150400.3.26.1 * typelib-1_0-GstBadAudio-1_0-1.20.1-150400.3.26.1 * libgstisoff-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstwayland-1_0-0-debuginfo-1.20.1-150400.3.26.1 * typelib-1_0-GstInsertBin-1_0-1.20.1-150400.3.26.1 * libgstphotography-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstbadaudio-1_0-0-1.20.1-150400.3.26.1 * libgstcodecparsers-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstcodecs-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstadaptivedemux-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstwayland-1_0-0-1.20.1-150400.3.26.1 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.20.1-150400.3.26.1 * gstreamer-plugins-bad-debugsource-1.20.1-150400.3.26.1 * libgstisoff-1_0-0-1.20.1-150400.3.26.1 * libgstplayer-1_0-0-1.20.1-150400.3.26.1 * libgstplay-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstva-1_0-0-1.20.1-150400.3.26.1 * libgstcodecparsers-1_0-0-1.20.1-150400.3.26.1 * typelib-1_0-GstCodecs-1_0-1.20.1-150400.3.26.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * gstreamer-plugins-bad-lang-1.20.1-150400.3.26.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * libgstadaptivedemux-1_0-0-1.20.1-150400.3.26.1 * libgstvulkan-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstwebrtc-1_0-0-1.20.1-150400.3.26.1 * libgstinsertbin-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstplayer-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstcodecs-1_0-0-1.20.1-150400.3.26.1 * gstreamer-plugins-bad-1.20.1-150400.3.26.1 * typelib-1_0-GstPlayer-1_0-1.20.1-150400.3.26.1 * typelib-1_0-GstPlay-1_0-1.20.1-150400.3.26.1 * libgstinsertbin-1_0-0-1.20.1-150400.3.26.1 * typelib-1_0-GstMpegts-1_0-1.20.1-150400.3.26.1 * libgstplay-1_0-0-1.20.1-150400.3.26.1 * typelib-1_0-GstWebRTC-1_0-1.20.1-150400.3.26.1 * libgstsctp-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgsturidownloader-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstsctp-1_0-0-1.20.1-150400.3.26.1 * gstreamer-plugins-bad-chromaprint-debuginfo-1.20.1-150400.3.26.1 * libgstbadaudio-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstmpegts-1_0-0-1.20.1-150400.3.26.1 * gstreamer-plugins-bad-devel-1.20.1-150400.3.26.1 * gstreamer-plugins-bad-chromaprint-1.20.1-150400.3.26.1 * libgstbasecamerabinsrc-1_0-0-1.20.1-150400.3.26.1 * libgstva-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgsturidownloader-1_0-0-1.20.1-150400.3.26.1 * gstreamer-plugins-bad-debuginfo-1.20.1-150400.3.26.1 * libgstphotography-1_0-0-1.20.1-150400.3.26.1 * libgstvulkan-1_0-0-1.20.1-150400.3.26.1 * libgstwebrtc-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstmpegts-1_0-0-debuginfo-1.20.1-150400.3.26.1 * typelib-1_0-GstBadAudio-1_0-1.20.1-150400.3.26.1 * libgstisoff-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstwayland-1_0-0-debuginfo-1.20.1-150400.3.26.1 * typelib-1_0-GstInsertBin-1_0-1.20.1-150400.3.26.1 * libgstphotography-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstbadaudio-1_0-0-1.20.1-150400.3.26.1 * libgstcodecparsers-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstcodecs-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstadaptivedemux-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstwayland-1_0-0-1.20.1-150400.3.26.1 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.20.1-150400.3.26.1 * gstreamer-plugins-bad-debugsource-1.20.1-150400.3.26.1 * libgstisoff-1_0-0-1.20.1-150400.3.26.1 * libgstplayer-1_0-0-1.20.1-150400.3.26.1 * libgstplay-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstva-1_0-0-1.20.1-150400.3.26.1 * libgstcodecparsers-1_0-0-1.20.1-150400.3.26.1 * typelib-1_0-GstCodecs-1_0-1.20.1-150400.3.26.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * gstreamer-plugins-bad-lang-1.20.1-150400.3.26.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libgstadaptivedemux-1_0-0-1.20.1-150400.3.26.1 * libgstvulkan-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstwebrtc-1_0-0-1.20.1-150400.3.26.1 * libgstinsertbin-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstplayer-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstcodecs-1_0-0-1.20.1-150400.3.26.1 * gstreamer-plugins-bad-1.20.1-150400.3.26.1 * typelib-1_0-GstPlayer-1_0-1.20.1-150400.3.26.1 * typelib-1_0-GstPlay-1_0-1.20.1-150400.3.26.1 * libgstinsertbin-1_0-0-1.20.1-150400.3.26.1 * typelib-1_0-GstMpegts-1_0-1.20.1-150400.3.26.1 * libgstplay-1_0-0-1.20.1-150400.3.26.1 * typelib-1_0-GstWebRTC-1_0-1.20.1-150400.3.26.1 * libgstsctp-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgsturidownloader-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstsctp-1_0-0-1.20.1-150400.3.26.1 * gstreamer-plugins-bad-chromaprint-debuginfo-1.20.1-150400.3.26.1 * libgstbadaudio-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstmpegts-1_0-0-1.20.1-150400.3.26.1 * gstreamer-plugins-bad-devel-1.20.1-150400.3.26.1 * gstreamer-plugins-bad-chromaprint-1.20.1-150400.3.26.1 * libgstbasecamerabinsrc-1_0-0-1.20.1-150400.3.26.1 * libgstva-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgsturidownloader-1_0-0-1.20.1-150400.3.26.1 * gstreamer-plugins-bad-debuginfo-1.20.1-150400.3.26.1 * libgstphotography-1_0-0-1.20.1-150400.3.26.1 * libgstvulkan-1_0-0-1.20.1-150400.3.26.1 * libgstwebrtc-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstmpegts-1_0-0-debuginfo-1.20.1-150400.3.26.1 * typelib-1_0-GstBadAudio-1_0-1.20.1-150400.3.26.1 * libgstisoff-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstwayland-1_0-0-debuginfo-1.20.1-150400.3.26.1 * typelib-1_0-GstInsertBin-1_0-1.20.1-150400.3.26.1 * libgstphotography-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstbadaudio-1_0-0-1.20.1-150400.3.26.1 * libgstcodecparsers-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstcodecs-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstadaptivedemux-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstwayland-1_0-0-1.20.1-150400.3.26.1 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.20.1-150400.3.26.1 * gstreamer-plugins-bad-debugsource-1.20.1-150400.3.26.1 * libgstisoff-1_0-0-1.20.1-150400.3.26.1 * libgstplayer-1_0-0-1.20.1-150400.3.26.1 * libgstplay-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstva-1_0-0-1.20.1-150400.3.26.1 * libgstcodecparsers-1_0-0-1.20.1-150400.3.26.1 * typelib-1_0-GstCodecs-1_0-1.20.1-150400.3.26.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * gstreamer-plugins-bad-lang-1.20.1-150400.3.26.1 * SUSE Manager Proxy 4.3 (x86_64) * gstreamer-plugins-bad-debuginfo-1.20.1-150400.3.26.1 * gstreamer-plugins-bad-debugsource-1.20.1-150400.3.26.1 * libgstplayer-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstplayer-1_0-0-1.20.1-150400.3.26.1 * libgstplay-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstplay-1_0-0-1.20.1-150400.3.26.1 * libgstphotography-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstphotography-1_0-0-1.20.1-150400.3.26.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * gstreamer-plugins-bad-debuginfo-1.20.1-150400.3.26.1 * gstreamer-plugins-bad-debugsource-1.20.1-150400.3.26.1 * libgstplayer-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstplayer-1_0-0-1.20.1-150400.3.26.1 * libgstplay-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstplay-1_0-0-1.20.1-150400.3.26.1 * libgstphotography-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstphotography-1_0-0-1.20.1-150400.3.26.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * gstreamer-plugins-bad-debuginfo-1.20.1-150400.3.26.1 * gstreamer-plugins-bad-debugsource-1.20.1-150400.3.26.1 * libgstplayer-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstplayer-1_0-0-1.20.1-150400.3.26.1 * libgstplay-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstplay-1_0-0-1.20.1-150400.3.26.1 * libgstphotography-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstphotography-1_0-0-1.20.1-150400.3.26.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libgstadaptivedemux-1_0-0-1.20.1-150400.3.26.1 * libgstvulkan-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstwebrtc-1_0-0-1.20.1-150400.3.26.1 * libgstinsertbin-1_0-0-debuginfo-1.20.1-150400.3.26.1 * typelib-1_0-GstTranscoder-1_0-1.20.1-150400.3.26.1 * libgstplayer-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstcodecs-1_0-0-1.20.1-150400.3.26.1 * gstreamer-plugins-bad-1.20.1-150400.3.26.1 * typelib-1_0-GstPlayer-1_0-1.20.1-150400.3.26.1 * typelib-1_0-GstPlay-1_0-1.20.1-150400.3.26.1 * libgstinsertbin-1_0-0-1.20.1-150400.3.26.1 * typelib-1_0-GstMpegts-1_0-1.20.1-150400.3.26.1 * libgstplay-1_0-0-1.20.1-150400.3.26.1 * libgsttranscoder-1_0-0-1.20.1-150400.3.26.1 * typelib-1_0-GstWebRTC-1_0-1.20.1-150400.3.26.1 * libgstsctp-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgsturidownloader-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstsctp-1_0-0-1.20.1-150400.3.26.1 * gstreamer-plugins-bad-chromaprint-debuginfo-1.20.1-150400.3.26.1 * typelib-1_0-GstVulkanXCB-1_0-1.20.1-150400.3.26.1 * libgstbadaudio-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstmpegts-1_0-0-1.20.1-150400.3.26.1 * gstreamer-transcoder-1.20.1-150400.3.26.1 * gstreamer-plugins-bad-devel-1.20.1-150400.3.26.1 * gstreamer-plugins-bad-chromaprint-1.20.1-150400.3.26.1 * libgstbasecamerabinsrc-1_0-0-1.20.1-150400.3.26.1 * libgstva-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgsturidownloader-1_0-0-1.20.1-150400.3.26.1 * gstreamer-plugins-bad-debuginfo-1.20.1-150400.3.26.1 * libgstphotography-1_0-0-1.20.1-150400.3.26.1 * libgstvulkan-1_0-0-1.20.1-150400.3.26.1 * typelib-1_0-GstVulkanWayland-1_0-1.20.1-150400.3.26.1 * gstreamer-transcoder-devel-1.20.1-150400.3.26.1 * libgstwebrtc-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstmpegts-1_0-0-debuginfo-1.20.1-150400.3.26.1 * typelib-1_0-GstBadAudio-1_0-1.20.1-150400.3.26.1 * libgstisoff-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstwayland-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgsttranscoder-1_0-0-debuginfo-1.20.1-150400.3.26.1 * typelib-1_0-GstInsertBin-1_0-1.20.1-150400.3.26.1 * typelib-1_0-GstVulkan-1_0-1.20.1-150400.3.26.1 * libgstphotography-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstbadaudio-1_0-0-1.20.1-150400.3.26.1 * libgstcodecparsers-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstcodecs-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstadaptivedemux-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstwayland-1_0-0-1.20.1-150400.3.26.1 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.20.1-150400.3.26.1 * gstreamer-plugins-bad-debugsource-1.20.1-150400.3.26.1 * libgstisoff-1_0-0-1.20.1-150400.3.26.1 * libgstplayer-1_0-0-1.20.1-150400.3.26.1 * libgstplay-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstva-1_0-0-1.20.1-150400.3.26.1 * gstreamer-transcoder-debuginfo-1.20.1-150400.3.26.1 * libgstcodecparsers-1_0-0-1.20.1-150400.3.26.1 * typelib-1_0-GstCodecs-1_0-1.20.1-150400.3.26.1 * openSUSE Leap 15.4 (x86_64) * libgsturidownloader-1_0-0-32bit-1.20.1-150400.3.26.1 * libgstplayer-1_0-0-32bit-1.20.1-150400.3.26.1 * libgstinsertbin-1_0-0-32bit-1.20.1-150400.3.26.1 * libgstbadaudio-1_0-0-32bit-debuginfo-1.20.1-150400.3.26.1 * libgstsctp-1_0-0-32bit-1.20.1-150400.3.26.1 * libgstva-1_0-0-32bit-1.20.1-150400.3.26.1 * libgstcodecparsers-1_0-0-32bit-debuginfo-1.20.1-150400.3.26.1 * gstreamer-plugins-bad-chromaprint-32bit-1.20.1-150400.3.26.1 * libgstphotography-1_0-0-32bit-debuginfo-1.20.1-150400.3.26.1 * libgstphotography-1_0-0-32bit-1.20.1-150400.3.26.1 * libgstbasecamerabinsrc-1_0-0-32bit-debuginfo-1.20.1-150400.3.26.1 * libgstvulkan-1_0-0-32bit-debuginfo-1.20.1-150400.3.26.1 * libgstwebrtc-1_0-0-32bit-1.20.1-150400.3.26.1 * libgstsctp-1_0-0-32bit-debuginfo-1.20.1-150400.3.26.1 * libgstadaptivedemux-1_0-0-32bit-debuginfo-1.20.1-150400.3.26.1 * libgstbasecamerabinsrc-1_0-0-32bit-1.20.1-150400.3.26.1 * libgstvulkan-1_0-0-32bit-1.20.1-150400.3.26.1 * libgstcodecs-1_0-0-32bit-debuginfo-1.20.1-150400.3.26.1 * gstreamer-plugins-bad-32bit-debuginfo-1.20.1-150400.3.26.1 * libgstcodecparsers-1_0-0-32bit-1.20.1-150400.3.26.1 * libgstwayland-1_0-0-32bit-1.20.1-150400.3.26.1 * libgstmpegts-1_0-0-32bit-debuginfo-1.20.1-150400.3.26.1 * gstreamer-plugins-bad-chromaprint-32bit-debuginfo-1.20.1-150400.3.26.1 * libgstmpegts-1_0-0-32bit-1.20.1-150400.3.26.1 * libgstisoff-1_0-0-32bit-1.20.1-150400.3.26.1 * libgstisoff-1_0-0-32bit-debuginfo-1.20.1-150400.3.26.1 * gstreamer-plugins-bad-32bit-1.20.1-150400.3.26.1 * libgstcodecs-1_0-0-32bit-1.20.1-150400.3.26.1 * libgstinsertbin-1_0-0-32bit-debuginfo-1.20.1-150400.3.26.1 * libgstwebrtc-1_0-0-32bit-debuginfo-1.20.1-150400.3.26.1 * libgsturidownloader-1_0-0-32bit-debuginfo-1.20.1-150400.3.26.1 * libgstwayland-1_0-0-32bit-debuginfo-1.20.1-150400.3.26.1 * libgstplay-1_0-0-32bit-1.20.1-150400.3.26.1 * libgstplayer-1_0-0-32bit-debuginfo-1.20.1-150400.3.26.1 * libgstadaptivedemux-1_0-0-32bit-1.20.1-150400.3.26.1 * libgstbadaudio-1_0-0-32bit-1.20.1-150400.3.26.1 * libgstva-1_0-0-32bit-debuginfo-1.20.1-150400.3.26.1 * libgstplay-1_0-0-32bit-debuginfo-1.20.1-150400.3.26.1 * openSUSE Leap 15.4 (noarch) * gstreamer-plugins-bad-lang-1.20.1-150400.3.26.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libgstwebrtc-1_0-0-64bit-1.20.1-150400.3.26.1 * libgstvulkan-1_0-0-64bit-debuginfo-1.20.1-150400.3.26.1 * libgstmpegts-1_0-0-64bit-1.20.1-150400.3.26.1 * libgstwayland-1_0-0-64bit-debuginfo-1.20.1-150400.3.26.1 * libgsturidownloader-1_0-0-64bit-debuginfo-1.20.1-150400.3.26.1 * libgstcodecparsers-1_0-0-64bit-1.20.1-150400.3.26.1 * libgstwayland-1_0-0-64bit-1.20.1-150400.3.26.1 * gstreamer-plugins-bad-64bit-debuginfo-1.20.1-150400.3.26.1 * gstreamer-plugins-bad-chromaprint-64bit-debuginfo-1.20.1-150400.3.26.1 * libgstphotography-1_0-0-64bit-1.20.1-150400.3.26.1 * libgstwebrtc-1_0-0-64bit-debuginfo-1.20.1-150400.3.26.1 * libgstplay-1_0-0-64bit-1.20.1-150400.3.26.1 * libgsturidownloader-1_0-0-64bit-1.20.1-150400.3.26.1 * libgstva-1_0-0-64bit-1.20.1-150400.3.26.1 * libgstcodecs-1_0-0-64bit-1.20.1-150400.3.26.1 * libgstplay-1_0-0-64bit-debuginfo-1.20.1-150400.3.26.1 * libgstinsertbin-1_0-0-64bit-1.20.1-150400.3.26.1 * libgstbasecamerabinsrc-1_0-0-64bit-1.20.1-150400.3.26.1 * libgstisoff-1_0-0-64bit-debuginfo-1.20.1-150400.3.26.1 * libgstphotography-1_0-0-64bit-debuginfo-1.20.1-150400.3.26.1 * libgstsctp-1_0-0-64bit-1.20.1-150400.3.26.1 * libgstvulkan-1_0-0-64bit-1.20.1-150400.3.26.1 * libgstmpegts-1_0-0-64bit-debuginfo-1.20.1-150400.3.26.1 * gstreamer-plugins-bad-chromaprint-64bit-1.20.1-150400.3.26.1 * gstreamer-plugins-bad-64bit-1.20.1-150400.3.26.1 * libgstisoff-1_0-0-64bit-1.20.1-150400.3.26.1 * libgstcodecparsers-1_0-0-64bit-debuginfo-1.20.1-150400.3.26.1 * libgstplayer-1_0-0-64bit-1.20.1-150400.3.26.1 * libgstbadaudio-1_0-0-64bit-debuginfo-1.20.1-150400.3.26.1 * libgstadaptivedemux-1_0-0-64bit-debuginfo-1.20.1-150400.3.26.1 * libgstva-1_0-0-64bit-debuginfo-1.20.1-150400.3.26.1 * libgstbasecamerabinsrc-1_0-0-64bit-debuginfo-1.20.1-150400.3.26.1 * libgstadaptivedemux-1_0-0-64bit-1.20.1-150400.3.26.1 * libgstcodecs-1_0-0-64bit-debuginfo-1.20.1-150400.3.26.1 * libgstinsertbin-1_0-0-64bit-debuginfo-1.20.1-150400.3.26.1 * libgstbadaudio-1_0-0-64bit-1.20.1-150400.3.26.1 * libgstsctp-1_0-0-64bit-debuginfo-1.20.1-150400.3.26.1 * libgstplayer-1_0-0-64bit-debuginfo-1.20.1-150400.3.26.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libgstadaptivedemux-1_0-0-1.20.1-150400.3.26.1 * libgstvulkan-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstwebrtc-1_0-0-1.20.1-150400.3.26.1 * libgstinsertbin-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstplayer-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstcodecs-1_0-0-1.20.1-150400.3.26.1 * gstreamer-plugins-bad-1.20.1-150400.3.26.1 * typelib-1_0-GstPlayer-1_0-1.20.1-150400.3.26.1 * typelib-1_0-GstPlay-1_0-1.20.1-150400.3.26.1 * libgstinsertbin-1_0-0-1.20.1-150400.3.26.1 * typelib-1_0-GstMpegts-1_0-1.20.1-150400.3.26.1 * libgstplay-1_0-0-1.20.1-150400.3.26.1 * typelib-1_0-GstWebRTC-1_0-1.20.1-150400.3.26.1 * libgstsctp-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgsturidownloader-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstsctp-1_0-0-1.20.1-150400.3.26.1 * gstreamer-plugins-bad-chromaprint-debuginfo-1.20.1-150400.3.26.1 * libgstbadaudio-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstmpegts-1_0-0-1.20.1-150400.3.26.1 * gstreamer-plugins-bad-devel-1.20.1-150400.3.26.1 * gstreamer-plugins-bad-chromaprint-1.20.1-150400.3.26.1 * libgstbasecamerabinsrc-1_0-0-1.20.1-150400.3.26.1 * libgstva-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgsturidownloader-1_0-0-1.20.1-150400.3.26.1 * gstreamer-plugins-bad-debuginfo-1.20.1-150400.3.26.1 * libgstphotography-1_0-0-1.20.1-150400.3.26.1 * libgstvulkan-1_0-0-1.20.1-150400.3.26.1 * libgstwebrtc-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstmpegts-1_0-0-debuginfo-1.20.1-150400.3.26.1 * typelib-1_0-GstBadAudio-1_0-1.20.1-150400.3.26.1 * libgstisoff-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstwayland-1_0-0-debuginfo-1.20.1-150400.3.26.1 * typelib-1_0-GstInsertBin-1_0-1.20.1-150400.3.26.1 * libgstphotography-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstbadaudio-1_0-0-1.20.1-150400.3.26.1 * libgstcodecparsers-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstcodecs-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstadaptivedemux-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstwayland-1_0-0-1.20.1-150400.3.26.1 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.20.1-150400.3.26.1 * gstreamer-plugins-bad-debugsource-1.20.1-150400.3.26.1 * libgstisoff-1_0-0-1.20.1-150400.3.26.1 * libgstplayer-1_0-0-1.20.1-150400.3.26.1 * libgstplay-1_0-0-debuginfo-1.20.1-150400.3.26.1 * libgstva-1_0-0-1.20.1-150400.3.26.1 * libgstcodecparsers-1_0-0-1.20.1-150400.3.26.1 * typelib-1_0-GstCodecs-1_0-1.20.1-150400.3.26.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * gstreamer-plugins-bad-lang-1.20.1-150400.3.26.1 ## References: * https://www.suse.com/security/cve/CVE-2025-3887.html * https://bugzilla.suse.com/show_bug.cgi?id=1242809 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 28 20:30:04 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 28 May 2025 20:30:04 -0000 Subject: SUSE-RU-2025:01734-1: moderate: Recommended update for nvidia-container-runtime Message-ID: <174846420448.10278.12812801151409605395@smelt2.prg2.suse.org> # Recommended update for nvidia-container-runtime Announcement ID: SUSE-RU-2025:01734-1 Release Date: 2025-05-28T16:48:28Z Rating: moderate References: * bsc#1242429 Affected Products: * Containers Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that has one fix can now be installed. ## Description: This update for nvidia-container-runtime fixes the following issues: * disable PIE again, the tool does not start. (bsc#1242429) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1734=1 * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2025-1734=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le x86_64) * nvidia-container-runtime-3.5.0-150200.5.9.1 * Containers Module 15-SP6 (aarch64 ppc64le x86_64) * nvidia-container-runtime-3.5.0-150200.5.9.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1242429 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 28 20:30:06 2025 From: null at suse.de (SLE-UPDATES) Date: Wed, 28 May 2025 20:30:06 -0000 Subject: SUSE-RU-2025:01733-1: moderate: Recommended update for krb5 Message-ID: <174846420676.10278.9228449834649893272@smelt2.prg2.suse.org> # Recommended update for krb5 Announcement ID: SUSE-RU-2025:01733-1 Release Date: 2025-05-28T16:00:02Z Rating: moderate References: * bsc#1242060 Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that has one fix can now be installed. ## Description: This update for krb5 fixes the following issue: * Remove references to the LMDB backend in the kdc.conf manpage (bsc#1242060). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1733=1 SUSE-2025-1733=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1733=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-1733=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * krb5-plugin-preauth-pkinit-debuginfo-1.20.1-150600.11.11.2 * krb5-mini-devel-1.20.1-150600.11.11.2 * krb5-debuginfo-1.20.1-150600.11.11.2 * krb5-plugin-kdb-ldap-debuginfo-1.20.1-150600.11.11.2 * krb5-client-debuginfo-1.20.1-150600.11.11.2 * krb5-devel-1.20.1-150600.11.11.2 * krb5-plugin-preauth-pkinit-1.20.1-150600.11.11.2 * krb5-mini-debugsource-1.20.1-150600.11.11.2 * krb5-server-1.20.1-150600.11.11.2 * krb5-mini-debuginfo-1.20.1-150600.11.11.2 * krb5-plugin-preauth-otp-1.20.1-150600.11.11.2 * krb5-plugin-kdb-ldap-1.20.1-150600.11.11.2 * krb5-plugin-preauth-otp-debuginfo-1.20.1-150600.11.11.2 * krb5-plugin-preauth-spake-debuginfo-1.20.1-150600.11.11.2 * krb5-mini-1.20.1-150600.11.11.2 * krb5-plugin-preauth-spake-1.20.1-150600.11.11.2 * krb5-debugsource-1.20.1-150600.11.11.2 * krb5-1.20.1-150600.11.11.2 * krb5-server-debuginfo-1.20.1-150600.11.11.2 * krb5-client-1.20.1-150600.11.11.2 * openSUSE Leap 15.6 (x86_64) * krb5-32bit-1.20.1-150600.11.11.2 * krb5-devel-32bit-1.20.1-150600.11.11.2 * krb5-32bit-debuginfo-1.20.1-150600.11.11.2 * openSUSE Leap 15.6 (aarch64_ilp32) * krb5-64bit-1.20.1-150600.11.11.2 * krb5-64bit-debuginfo-1.20.1-150600.11.11.2 * krb5-devel-64bit-1.20.1-150600.11.11.2 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * krb5-plugin-preauth-pkinit-debuginfo-1.20.1-150600.11.11.2 * krb5-debuginfo-1.20.1-150600.11.11.2 * krb5-plugin-preauth-pkinit-1.20.1-150600.11.11.2 * krb5-client-debuginfo-1.20.1-150600.11.11.2 * krb5-devel-1.20.1-150600.11.11.2 * krb5-plugin-preauth-otp-1.20.1-150600.11.11.2 * krb5-plugin-preauth-otp-debuginfo-1.20.1-150600.11.11.2 * krb5-debugsource-1.20.1-150600.11.11.2 * krb5-1.20.1-150600.11.11.2 * krb5-client-1.20.1-150600.11.11.2 * Basesystem Module 15-SP6 (x86_64) * krb5-32bit-1.20.1-150600.11.11.2 * krb5-32bit-debuginfo-1.20.1-150600.11.11.2 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * krb5-debuginfo-1.20.1-150600.11.11.2 * krb5-plugin-kdb-ldap-debuginfo-1.20.1-150600.11.11.2 * krb5-server-1.20.1-150600.11.11.2 * krb5-plugin-kdb-ldap-1.20.1-150600.11.11.2 * krb5-debugsource-1.20.1-150600.11.11.2 * krb5-server-debuginfo-1.20.1-150600.11.11.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1242060 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 08:30:05 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 08:30:05 -0000 Subject: SUSE-SU-2025:01735-1: low: Security update for wxWidgets-3_2 Message-ID: <174850740590.30200.8502898035795376536@smelt2.prg2.suse.org> # Security update for wxWidgets-3_2 Announcement ID: SUSE-SU-2025:01735-1 Release Date: 2025-05-29T04:11:16Z Rating: low References: * bsc#1239902 Cross-References: * CVE-2024-58249 CVSS scores: * CVE-2024-58249 ( SUSE ): 2.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-58249 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2024-58249 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP6 * SUSE Package Hub 15 15-SP7 An update that solves one vulnerability can now be installed. ## Description: This update for wxWidgets-3_2 fixes the following issues: * CVE-2024-58249: Fixed crash when connection is refused in wxWebRequestCURL (bsc#1239902) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-1735=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1735=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1735=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-1735=1 ## Package List: * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64) * libwx_gtk3u_propgrid-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_propgrid-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_core-suse5_0_0-3.1.5-150400.3.10.1 * wxGTK3-3_2-debuginfo-3.1.5-150400.3.10.1 * wxQt-3_2-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_html-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_xrc-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk2u_media-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_ribbon-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_aui-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_baseu_net-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * wxQt-3_2-devel-3.1.5-150400.3.10.1 * libwx_gtk2u_propgrid-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk2u_richtext-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk2u_core-suse5_0_0-3.1.5-150400.3.10.1 * libwx_baseu-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_stc-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_richtext-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk2u_xrc-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_gl-suse5_0_0-3.1.5-150400.3.10.1 * libwx_baseu_net-suse5_0_0-3.1.5-150400.3.10.1 * libwx_baseu_xml-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * wxWidgets-3_2-devel-3.1.5-150400.3.10.1 * wxWidgets-3_2-plugin-sound_sdlu-3_2-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_adv-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_aui-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_stc-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_gl-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_xrc-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_qa-suse5_0_0-3.1.5-150400.3.10.1 * wxQt-3_2-devel-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_richtext-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * wxWidgets-3_2-plugin-sound_sdlu-3_2-3.1.5-150400.3.10.1 * libwx_gtk3u_html-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_core-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_ribbon-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * wxGTK3-3_2-debugsource-3.1.5-150400.3.10.1 * libwx_gtk2u_core-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_media-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk2u_stc-suse5_0_0-3.1.5-150400.3.10.1 * wxQt-3_2-debugsource-3.1.5-150400.3.10.1 * libwx_gtk3u_propgrid-suse5_0_0-3.1.5-150400.3.10.1 * libwx_baseu-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * wxWidgets-3_2-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_html-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_html-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk2u_qa-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_ribbon-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_webview-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_xrc-suse5_0_0-3.1.5-150400.3.10.1 * wxGTK3-3_2-devel-3.1.5-150400.3.10.1 * libwx_gtk2u_adv-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_aui-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_stc-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_gl-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk2u_ribbon-suse5_0_0-3.1.5-150400.3.10.1 * libwx_baseu_xml-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_richtext-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * wxWidgets-3_2-devel-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_aui-suse5_0_0-3.1.5-150400.3.10.1 * libwx_base-suse-devel-3.1.5-150400.3.10.1 * wxGTK3-3_2-devel-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_gl-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_webview-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_media-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * wxWidgets-3_2-debugsource-3.1.5-150400.3.10.1 * libwx_gtk2u_media-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libwx_gtk3u_adv-suse-nostl5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_html-suse-nostl5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_baseu_net-suse-nostl5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_qa-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_qa-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_stc-suse-nostl5_0_0-3.1.5-150400.3.10.1 * libwx_baseu-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_aui-suse-nostl5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_richtext-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_ribbon-suse-nostl5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_qtu_adv-suse5_0_0-3.1.5-150400.3.10.1 * libwx_qtu_propgrid-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_xrc-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_media-suse-nostl5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_richtext-suse-nostl5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_qtu_aui-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_base-suse-nostl-devel-3.1.5-150400.3.10.1 * wxQt-3_2-debugsource-3.1.5-150400.3.10.1 * wxWidgets-3_2-debuginfo-3.1.5-150400.3.10.1 * libwx_qtu_media-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_qa-suse-nostl5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_richtext-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_qtu_aui-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk2u_aui-suse5_0_0-3.1.5-150400.3.10.1 * libwx_qtu_media-suse5_0_0-3.1.5-150400.3.10.1 * libwx_qtu_adv-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_core-suse-nostl5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_qtu_ribbon-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_qa-suse-nostl5_0_0-3.1.5-150400.3.10.1 * libwx_baseu_xml-suse-nostl5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_gl-suse-nostl5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_core-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk2u_html-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_xrc-suse5_0_0-3.1.5-150400.3.10.1 * libwx_qtu_ribbon-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_qtu_richtext-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk2u_richtext-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_stc-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_richtext-suse-nostl5_0_0-3.1.5-150400.3.10.1 * libwx_gtk2u_gl-suse5_0_0-3.1.5-150400.3.10.1 * libwx_baseu_net-suse5_0_0-3.1.5-150400.3.10.1 * libwx_baseu_xml-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_gl-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_qtu_stc-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk2u_qa-suse5_0_0-3.1.5-150400.3.10.1 * wxQt-3_2-devel-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_richtext-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * wxWidgets-3_2-plugin-sound_sdlu-3_2-3.1.5-150400.3.10.1 * libwx_gtk3u_html-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk2u_core-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_stc-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_propgrid-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_html-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_qtu_richtext-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_ribbon-suse5_0_0-3.1.5-150400.3.10.1 * libwx_baseu-suse-nostl5_0_0-3.1.5-150400.3.10.1 * wxWidgets-3_2-nostl-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_xrc-suse5_0_0-3.1.5-150400.3.10.1 * libwx_qtu_qa-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_adv-suse-nostl5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_aui-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_gl-suse5_0_0-3.1.5-150400.3.10.1 * libwx_qtu_core-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_gl-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_qtu_xrc-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_qtu_propgrid-suse5_0_0-3.1.5-150400.3.10.1 * libwx_qtu_qa-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_media-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_baseu_net-suse-nostl5_0_0-debuginfo-3.1.5-150400.3.10.1 * wxGTK3-3_2-debuginfo-3.1.5-150400.3.10.1 * wxQt-3_2-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_media-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_ribbon-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_qtu_core-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_html-suse-nostl5_0_0-3.1.5-150400.3.10.1 * wxQt-3_2-devel-3.1.5-150400.3.10.1 * libwx_gtk2u_core-suse5_0_0-3.1.5-150400.3.10.1 * wxWidgets-3_2-plugin-sound_sdlu-3_2-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_xrc-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * wxWidgets-3_2-nostl-devel-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_adv-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_baseu-suse-nostl5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_baseu_xml-suse-nostl5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_core-suse-nostl5_0_0-3.1.5-150400.3.10.1 * wxGTK3-3_2-debugsource-3.1.5-150400.3.10.1 * wxWidgets-3_2-nostl-devel-3.1.5-150400.3.10.1 * libwx_gtk3u_adv-suse5_0_0-3.1.5-150400.3.10.1 * libwx_baseu-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_qtu_html-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_qa-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_xrc-suse-nostl5_0_0-3.1.5-150400.3.10.1 * wxGTK3-3_2-devel-3.1.5-150400.3.10.1 * libwx_gtk2u_stc-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_ribbon-suse5_0_0-3.1.5-150400.3.10.1 * wxWidgets-3_2-devel-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_adv-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * wxGTK3-3_2-devel-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_webview-suse5_0_0-3.1.5-150400.3.10.1 * libwx_qtu_stc-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_propgrid-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_propgrid-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_stc-suse-nostl5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_qtu_gl-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_aui-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_xrc-suse-nostl5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_baseu_net-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_propgrid-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_aui-suse-nostl5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_media-suse-nostl5_0_0-3.1.5-150400.3.10.1 * libwx_qtu_xrc-suse5_0_0-3.1.5-150400.3.10.1 * wxWidgets-3_2-devel-3.1.5-150400.3.10.1 * libwx_gtk3u_aui-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_stc-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_core-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_ribbon-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * wxWidgets-3_2-nostl-debugsource-3.1.5-150400.3.10.1 * libwx_gtk3u_media-suse5_0_0-3.1.5-150400.3.10.1 * libwx_qtu_gl-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_gl-suse-nostl5_0_0-3.1.5-150400.3.10.1 * libwx_gtk2u_html-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_webview-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_adv-suse5_0_0-3.1.5-150400.3.10.1 * libwx_baseu_xml-suse5_0_0-3.1.5-150400.3.10.1 * libwx_base-suse-devel-3.1.5-150400.3.10.1 * libwx_qtu_html-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_media-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_propgrid-suse-nostl5_0_0-debuginfo-3.1.5-150400.3.10.1 * wxWidgets-3_2-debugsource-3.1.5-150400.3.10.1 * libwx_gtk3u_ribbon-suse-nostl5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_propgrid-suse-nostl5_0_0-3.1.5-150400.3.10.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * libwx_gtk3u_adv-suse-nostl5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_html-suse-nostl5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_baseu_net-suse-nostl5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_qa-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_stc-suse-nostl5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_qa-suse5_0_0-3.1.5-150400.3.10.1 * libwx_baseu-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_aui-suse-nostl5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_richtext-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_ribbon-suse-nostl5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_qtu_adv-suse5_0_0-3.1.5-150400.3.10.1 * libwx_qtu_propgrid-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_xrc-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_media-suse-nostl5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_richtext-suse-nostl5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_qtu_aui-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_base-suse-nostl-devel-3.1.5-150400.3.10.1 * wxQt-3_2-debugsource-3.1.5-150400.3.10.1 * libwx_qtu_media-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * wxWidgets-3_2-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_qa-suse-nostl5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_richtext-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_qtu_aui-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk2u_aui-suse5_0_0-3.1.5-150400.3.10.1 * libwx_qtu_media-suse5_0_0-3.1.5-150400.3.10.1 * libwx_qtu_adv-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_core-suse-nostl5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_qtu_ribbon-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_qa-suse-nostl5_0_0-3.1.5-150400.3.10.1 * libwx_baseu_xml-suse-nostl5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_gl-suse-nostl5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_core-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk2u_html-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_xrc-suse5_0_0-3.1.5-150400.3.10.1 * libwx_qtu_ribbon-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_qtu_richtext-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk2u_richtext-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_stc-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_richtext-suse-nostl5_0_0-3.1.5-150400.3.10.1 * libwx_gtk2u_gl-suse5_0_0-3.1.5-150400.3.10.1 * libwx_baseu_net-suse5_0_0-3.1.5-150400.3.10.1 * libwx_baseu_xml-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_gl-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_qtu_stc-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk2u_qa-suse5_0_0-3.1.5-150400.3.10.1 * wxQt-3_2-devel-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_richtext-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * wxWidgets-3_2-plugin-sound_sdlu-3_2-3.1.5-150400.3.10.1 * libwx_gtk3u_html-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk2u_core-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_stc-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_propgrid-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_html-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_qtu_richtext-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_baseu-suse-nostl5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_ribbon-suse5_0_0-3.1.5-150400.3.10.1 * libwx_qtu_qa-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_xrc-suse5_0_0-3.1.5-150400.3.10.1 * wxWidgets-3_2-nostl-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_adv-suse-nostl5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_aui-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_gl-suse5_0_0-3.1.5-150400.3.10.1 * libwx_qtu_core-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_gl-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_qtu_xrc-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_qtu_propgrid-suse5_0_0-3.1.5-150400.3.10.1 * libwx_qtu_qa-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_media-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_baseu_net-suse-nostl5_0_0-debuginfo-3.1.5-150400.3.10.1 * wxGTK3-3_2-debuginfo-3.1.5-150400.3.10.1 * wxQt-3_2-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_media-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_ribbon-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_qtu_core-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_html-suse-nostl5_0_0-3.1.5-150400.3.10.1 * wxQt-3_2-devel-3.1.5-150400.3.10.1 * libwx_gtk2u_core-suse5_0_0-3.1.5-150400.3.10.1 * wxWidgets-3_2-plugin-sound_sdlu-3_2-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_xrc-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * wxWidgets-3_2-nostl-devel-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_adv-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_baseu-suse-nostl5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_baseu_xml-suse-nostl5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_core-suse-nostl5_0_0-3.1.5-150400.3.10.1 * wxGTK3-3_2-debugsource-3.1.5-150400.3.10.1 * wxWidgets-3_2-nostl-devel-3.1.5-150400.3.10.1 * libwx_gtk3u_adv-suse5_0_0-3.1.5-150400.3.10.1 * libwx_baseu-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_qtu_html-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_qa-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_xrc-suse-nostl5_0_0-3.1.5-150400.3.10.1 * wxGTK3-3_2-devel-3.1.5-150400.3.10.1 * libwx_gtk2u_stc-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_ribbon-suse5_0_0-3.1.5-150400.3.10.1 * wxWidgets-3_2-devel-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_adv-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * wxGTK3-3_2-devel-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_webview-suse5_0_0-3.1.5-150400.3.10.1 * libwx_qtu_stc-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_propgrid-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_propgrid-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_stc-suse-nostl5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_qtu_gl-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_aui-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_xrc-suse-nostl5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_baseu_net-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_propgrid-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_aui-suse-nostl5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_media-suse-nostl5_0_0-3.1.5-150400.3.10.1 * libwx_qtu_xrc-suse5_0_0-3.1.5-150400.3.10.1 * wxWidgets-3_2-devel-3.1.5-150400.3.10.1 * libwx_gtk3u_aui-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_stc-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_core-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_ribbon-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * wxWidgets-3_2-nostl-debugsource-3.1.5-150400.3.10.1 * libwx_gtk3u_media-suse5_0_0-3.1.5-150400.3.10.1 * libwx_qtu_gl-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_gl-suse-nostl5_0_0-3.1.5-150400.3.10.1 * libwx_gtk2u_html-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_webview-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_adv-suse5_0_0-3.1.5-150400.3.10.1 * libwx_baseu_xml-suse5_0_0-3.1.5-150400.3.10.1 * libwx_base-suse-devel-3.1.5-150400.3.10.1 * libwx_qtu_html-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_media-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_propgrid-suse-nostl5_0_0-debuginfo-3.1.5-150400.3.10.1 * wxWidgets-3_2-debugsource-3.1.5-150400.3.10.1 * libwx_gtk3u_ribbon-suse-nostl5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_propgrid-suse-nostl5_0_0-3.1.5-150400.3.10.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * libwx_gtk3u_propgrid-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_propgrid-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_core-suse5_0_0-3.1.5-150400.3.10.1 * wxGTK3-3_2-debuginfo-3.1.5-150400.3.10.1 * wxQt-3_2-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_html-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_xrc-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk2u_media-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_ribbon-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_aui-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_baseu_net-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * wxQt-3_2-devel-3.1.5-150400.3.10.1 * libwx_gtk2u_propgrid-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk2u_richtext-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk2u_core-suse5_0_0-3.1.5-150400.3.10.1 * libwx_baseu-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_stc-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_richtext-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk2u_xrc-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_gl-suse5_0_0-3.1.5-150400.3.10.1 * libwx_baseu_net-suse5_0_0-3.1.5-150400.3.10.1 * libwx_baseu_xml-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * wxWidgets-3_2-devel-3.1.5-150400.3.10.1 * wxWidgets-3_2-plugin-sound_sdlu-3_2-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_adv-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_aui-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_stc-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_gl-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_xrc-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_qa-suse5_0_0-3.1.5-150400.3.10.1 * wxQt-3_2-devel-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_richtext-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * wxWidgets-3_2-plugin-sound_sdlu-3_2-3.1.5-150400.3.10.1 * libwx_gtk3u_html-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_core-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_ribbon-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * wxGTK3-3_2-debugsource-3.1.5-150400.3.10.1 * libwx_gtk2u_core-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_media-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk2u_stc-suse5_0_0-3.1.5-150400.3.10.1 * wxQt-3_2-debugsource-3.1.5-150400.3.10.1 * libwx_gtk3u_propgrid-suse5_0_0-3.1.5-150400.3.10.1 * libwx_baseu-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * wxWidgets-3_2-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_html-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_html-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk2u_qa-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_ribbon-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_webview-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_xrc-suse5_0_0-3.1.5-150400.3.10.1 * wxGTK3-3_2-devel-3.1.5-150400.3.10.1 * libwx_gtk2u_adv-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_aui-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_stc-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_gl-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk2u_ribbon-suse5_0_0-3.1.5-150400.3.10.1 * libwx_baseu_xml-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_richtext-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * wxWidgets-3_2-devel-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk2u_aui-suse5_0_0-3.1.5-150400.3.10.1 * libwx_base-suse-devel-3.1.5-150400.3.10.1 * wxGTK3-3_2-devel-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_gl-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * libwx_gtk3u_webview-suse5_0_0-3.1.5-150400.3.10.1 * libwx_gtk3u_media-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 * wxWidgets-3_2-debugsource-3.1.5-150400.3.10.1 * libwx_gtk2u_media-suse5_0_0-debuginfo-3.1.5-150400.3.10.1 ## References: * https://www.suse.com/security/cve/CVE-2024-58249.html * https://bugzilla.suse.com/show_bug.cgi?id=1239902 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 12:30:02 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 12:30:02 -0000 Subject: SUSE-SU-2025:01744-1: important: Security update for python313-setuptools Message-ID: <174852180241.5224.16075779230368644281@smelt2.prg2.suse.org> # Security update for python313-setuptools Announcement ID: SUSE-SU-2025:01744-1 Release Date: 2025-05-29T11:48:52Z Rating: important References: * bsc#1243313 Cross-References: * CVE-2025-47273 CVSS scores: * CVE-2025-47273 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-47273 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2025-47273 ( NVD ): 7.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * Python 3 Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for python313-setuptools fixes the following issues: * CVE-2025-47273: path traversal in PackageIndex.download may lead to an arbitrary file write (bsc#1243313). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Python 3 Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Python3-15-SP7-2025-1744=1 ## Package List: * Python 3 Module 15-SP7 (noarch) * python313-setuptools-72.1.0-150700.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-47273.html * https://bugzilla.suse.com/show_bug.cgi?id=1243313 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 12:30:08 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 12:30:08 -0000 Subject: SUSE-SU-2025:01743-1: important: Security update for dnsdist Message-ID: <174852180872.5224.4160248831567298521@smelt2.prg2.suse.org> # Security update for dnsdist Announcement ID: SUSE-SU-2025:01743-1 Release Date: 2025-05-29T11:44:30Z Rating: important References: * bsc#1242028 * bsc#1243378 Cross-References: * CVE-2025-30193 * CVE-2025-30194 CVSS scores: * CVE-2025-30193 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-30193 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-30193 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-30194 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-30194 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-30194 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves two vulnerabilities can now be installed. ## Description: This update for dnsdist fixes the following issues: Update to version 1.9.10. * CVE-2025-30194: illegal memory access (double-free) when processing specially crafted DoH exchanges leads to a denial-of-service (bsc#1242028). * CVE-2025-30193: stack exhaustion when processing too many queries on incoming TCP connections leads to a denial-of-service (bsc#1243378). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-1743=1 ## Package List: * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * dnsdist-debuginfo-1.9.10-150700.3.3.1 * dnsdist-debugsource-1.9.10-150700.3.3.1 * dnsdist-1.9.10-150700.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-30193.html * https://www.suse.com/security/cve/CVE-2025-30194.html * https://bugzilla.suse.com/show_bug.cgi?id=1242028 * https://bugzilla.suse.com/show_bug.cgi?id=1243378 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 12:30:12 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 12:30:12 -0000 Subject: SUSE-RU-2025:01742-1: important: Recommended update for nvidia-open-driver-G06-signed Message-ID: <174852181207.5224.11221433056653004638@smelt2.prg2.suse.org> # Recommended update for nvidia-open-driver-G06-signed Announcement ID: SUSE-RU-2025:01742-1 Release Date: 2025-05-29T11:41:25Z Rating: important References: * bsc#1242054 * bsc#1243192 Affected Products: * Basesystem Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that has two fixes can now be installed. ## Description: This update for nvidia-open-driver-G06-signed fixes the following issues: * Update non-CUDA variant to 570.153.02 (bsc#1243192) * Disabled unsupported -rt flavor (bsc#1242054) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-1742=1 ## Package List: * Basesystem Module 15-SP7 (aarch64 x86_64) * nv-prefer-signed-open-driver-570.133.20-150700.3.3.1 * nvidia-open-driver-G06-signed-cuda-debugsource-570.133.20-150700.3.3.1 * nvidia-open-driver-G06-signed-cuda-default-devel-570.133.20-150700.3.3.1 * nvidia-open-driver-G06-signed-kmp-default-570.153.02_k6.4.0_150700.51-150700.3.3.1 * nvidia-open-driver-G06-signed-debugsource-570.153.02-150700.3.3.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-570.153.02_k6.4.0_150700.51-150700.3.3.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-570.133.20_k6.4.0_150700.51-150700.3.3.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-570.133.20_k6.4.0_150700.51-150700.3.3.1 * nvidia-open-driver-G06-signed-default-devel-570.153.02-150700.3.3.1 * Basesystem Module 15-SP7 (aarch64) * nvidia-open-driver-G06-signed-cuda-kmp-64kb-debuginfo-570.133.20_k6.4.0_150700.51-150700.3.3.1 * nvidia-open-driver-G06-signed-kmp-64kb-debuginfo-570.153.02_k6.4.0_150700.51-150700.3.3.1 * nvidia-open-driver-G06-signed-cuda-kmp-64kb-570.133.20_k6.4.0_150700.51-150700.3.3.1 * nvidia-open-driver-G06-signed-kmp-64kb-570.153.02_k6.4.0_150700.51-150700.3.3.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1242054 * https://bugzilla.suse.com/show_bug.cgi?id=1243192 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 12:30:14 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 12:30:14 -0000 Subject: SUSE-RU-2025:01552-1: moderate: Recommended update for go1.23 Message-ID: <174852181490.5224.2973500237836936678@smelt2.prg2.suse.org> # Recommended update for go1.23 Announcement ID: SUSE-RU-2025:01552-1 Release Date: 2025-05-29T11:33:44Z Rating: moderate References: * bsc#1229122 Affected Products: * Development Tools Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that has one fix can now be installed. ## Description: This update for go1.23 fixes the following issues: go1.23.9 (released 2025-05-06) includes fixes to the runtime and the linker. (bsc#1229122) * go#73091 cmd/link: linkname directive on userspace variable can override runtime variable * go#73380 runtime, x/sys/unix: Connectx is broken on darwin/amd64 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Development Tools Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP7-2025-1552=1 ## Package List: * Development Tools Module 15-SP7 (aarch64 ppc64le s390x x86_64) * go1.23-race-1.23.9-150000.1.30.1 * go1.23-1.23.9-150000.1.30.1 * go1.23-doc-1.23.9-150000.1.30.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1229122 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 12:30:18 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 12:30:18 -0000 Subject: SUSE-RU-2025:01741-1: important: Recommended update for autoyast2 Message-ID: <174852181845.5224.10259227158570516207@smelt2.prg2.suse.org> # Recommended update for autoyast2 Announcement ID: SUSE-RU-2025:01741-1 Release Date: 2025-05-29T10:56:02Z Rating: important References: * bsc#1243185 Affected Products: * Basesystem Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that has one fix can now be installed. ## Description: This update for autoyast2 fixes the following issues: * Move the firewall section before software in inst_autosetup (bsc#1243185) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP7 zypper in -t patch SUSE-SLE-INSTALLER-15-SP7-2025-1741=1 * SUSE Linux Enterprise High Performance Computing 15 SP7 zypper in -t patch SUSE-SLE-INSTALLER-15-SP7-2025-1741=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 zypper in -t patch SUSE-SLE-INSTALLER-15-SP7-2025-1741=1 * SUSE Linux Enterprise Desktop 15 SP7 zypper in -t patch SUSE-SLE-INSTALLER-15-SP7-2025-1741=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-1741=1 ## Package List: * SUSE Linux Enterprise Server 15 SP7 (noarch) * autoyast2-installation-4.7.3-150700.3.3.1 * autoyast2-4.7.3-150700.3.3.1 * SUSE Linux Enterprise High Performance Computing 15 SP7 (noarch) * autoyast2-installation-4.7.3-150700.3.3.1 * autoyast2-4.7.3-150700.3.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 (noarch) * autoyast2-installation-4.7.3-150700.3.3.1 * autoyast2-4.7.3-150700.3.3.1 * SUSE Linux Enterprise Desktop 15 SP7 (noarch) * autoyast2-installation-4.7.3-150700.3.3.1 * autoyast2-4.7.3-150700.3.3.1 * Basesystem Module 15-SP7 (noarch) * autoyast2-installation-4.7.3-150700.3.3.1 * autoyast2-4.7.3-150700.3.3.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1243185 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 12:30:22 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 12:30:22 -0000 Subject: SUSE-RU-2025:01740-1: important: Recommended update for sssd Message-ID: <174852182289.5224.6365503482838533035@smelt2.prg2.suse.org> # Recommended update for sssd Announcement ID: SUSE-RU-2025:01740-1 Release Date: 2025-05-29T10:55:47Z Rating: important References: * bsc#1229655 * bsc#1234368 * bsc#1234384 * bsc#1234420 * jsc#PED-12097 Affected Products: * Basesystem Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that contains one feature and has four fixes can now be installed. ## Description: This update for sssd fixes the following issues: * Build with openldap 2.5 which supports TLS channel binding (bsc#1229655) * Allow multiple services per port (bsc#1234368) * Fix filedescriptor leak related to getpwnam()/getpwuid() (bsc#1234384) * Revert the change dropping /etc/sssd/conf.d dir (bsc#1234420) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-1740=1 ## Package List: * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * python3-sssd-config-debuginfo-2.9.3-150700.9.3.1 * sssd-krb5-2.9.3-150700.9.3.1 * sssd-krb5-common-debuginfo-2.9.3-150700.9.3.1 * sssd-kcm-2.9.3-150700.9.3.1 * libipa_hbac0-2.9.3-150700.9.3.1 * libipa_hbac0-debuginfo-2.9.3-150700.9.3.1 * sssd-proxy-debuginfo-2.9.3-150700.9.3.1 * sssd-tools-debuginfo-2.9.3-150700.9.3.1 * libsss_idmap0-debuginfo-2.9.3-150700.9.3.1 * libsss_simpleifp0-2.9.3-150700.9.3.1 * sssd-2.9.3-150700.9.3.1 * sssd-ipa-2.9.3-150700.9.3.1 * sssd-ipa-debuginfo-2.9.3-150700.9.3.1 * libsss_nss_idmap0-2.9.3-150700.9.3.1 * sssd-winbind-idmap-debuginfo-2.9.3-150700.9.3.1 * sssd-ldap-2.9.3-150700.9.3.1 * libsss_certmap0-2.9.3-150700.9.3.1 * libsss_simpleifp0-debuginfo-2.9.3-150700.9.3.1 * sssd-ad-2.9.3-150700.9.3.1 * sssd-kcm-debuginfo-2.9.3-150700.9.3.1 * sssd-dbus-2.9.3-150700.9.3.1 * sssd-proxy-2.9.3-150700.9.3.1 * libsss_certmap0-debuginfo-2.9.3-150700.9.3.1 * libsss_nss_idmap0-debuginfo-2.9.3-150700.9.3.1 * libsss_idmap0-2.9.3-150700.9.3.1 * libsss_simpleifp-devel-2.9.3-150700.9.3.1 * sssd-ldap-debuginfo-2.9.3-150700.9.3.1 * sssd-krb5-debuginfo-2.9.3-150700.9.3.1 * sssd-debuginfo-2.9.3-150700.9.3.1 * sssd-ad-debuginfo-2.9.3-150700.9.3.1 * sssd-krb5-common-2.9.3-150700.9.3.1 * sssd-dbus-debuginfo-2.9.3-150700.9.3.1 * libipa_hbac-devel-2.9.3-150700.9.3.1 * sssd-tools-2.9.3-150700.9.3.1 * sssd-winbind-idmap-2.9.3-150700.9.3.1 * python3-sssd-config-2.9.3-150700.9.3.1 * libsss_certmap-devel-2.9.3-150700.9.3.1 * libsss_idmap-devel-2.9.3-150700.9.3.1 * sssd-debugsource-2.9.3-150700.9.3.1 * libsss_nss_idmap-devel-2.9.3-150700.9.3.1 * Basesystem Module 15-SP7 (x86_64) * sssd-32bit-debuginfo-2.9.3-150700.9.3.1 * sssd-32bit-2.9.3-150700.9.3.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1229655 * https://bugzilla.suse.com/show_bug.cgi?id=1234368 * https://bugzilla.suse.com/show_bug.cgi?id=1234384 * https://bugzilla.suse.com/show_bug.cgi?id=1234420 * https://jira.suse.com/browse/PED-12097 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 12:30:25 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 12:30:25 -0000 Subject: SUSE-RU-2025:01612-2: moderate: Recommended update for python-durationpy Message-ID: <174852182527.5224.10348074593343804476@smelt2.prg2.suse.org> # Recommended update for python-durationpy Announcement ID: SUSE-RU-2025:01612-2 Release Date: 2025-05-29T09:41:52Z Rating: moderate References: * jsc#PED-12477 * jsc#PED-12710 Affected Products: * Containers Module 15-SP7 * Python 3 Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that contains two features can now be installed. ## Description: This update for python-durationpy, python3-kubernetes fixes the following issues: python3-kubernetes was updated from version 26.1.0 to 31.0.0 (jsc#PED-12710, PED-12477): * Key changes in version 31.0.0: * Alignment with significant API changes in Kubernetes. * Enhancements to Dynamic Resource Allocation (DRA) with new API versions and features. * Node improvements like user namespace support and supplemental group policies scheduling performance upgrades. * Changes to API servers include such as atomic updates for Ingress objects and tricter validation of encryption provider configurations. * Kube-proxy now has a "primary" nodeport address option, and several feature gates have graduated or been removed. * Improvements to CustomResourceDefinitions (CRDs), Service CIDR allocation, OCI artifact-based volumes, and logging. * Full list of changes: https://github.com/kubernetes- client/python/blob/v31.0.0/CHANGELOG.md * Key changes in version 29.0.0: * Updates to API versions for scheduling components and priority/fairness mechanism. * Enhanced configuration options for kube-proxy (including a new experimental mode). * Improved handling of authentication and authorization through configuration files. * New capabilities for pod lifecycle management (pre-stop hooks), resource management (image garbage collection), and network configuration, along with more flexible options for pod affinity and anti-affinity rules. * Full list of changes: https://github.com/kubernetes- client/python/blob/v29.0.0/CHANGELOG.md#v2900 * Key changes in version 28.1.0: * API improvements and updates, notably the removal of a deprecated API version for kube-scheduler configurations, requiring migration. * New features were also added, such as sidecar containers for enhanced pod lifecycle management, more granular control over Job retry limits, and improvements to CustomResourceDefinition (CRD) validation. * Updates were also made to pod management, networking, and security, with a general focus on enhancing flexibility, performance, and user experience. * Full list of changes: https://github.com/kubernetes- client/python/blob/v28.1.0/CHANGELOG.md * Key changes in version 27.2.0: * Enhancements to admission control policies, including features for runtime cost calculation and audit annotations. * Networking received updates with a new ClusterIP allocator, and a new API (ClusterTrustBundle) was introduced. * Scheduling was optimized through adjustments to pod affinity, and API interactions were improved with the implementation of streaming for the watch-cache. * Component updates included increased QPS limits for the kubelet. * Changes related to pods involve label updates, mutable resource type and resize policies. * Changes to API server encryption. * Improved logging capabilities. * Deprecations and removals of older features. * Full list of changes: https://github.com/kubernetes- client/python/blob/v27.2.0/CHANGELOG.md ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Containers Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Containers-15-SP7-2025-1612=1 * Python 3 Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Python3-15-SP7-2025-1612=1 ## Package List: * Containers Module 15-SP7 (noarch) * python3-kubernetes-31.0.0-150400.21.2 * Python 3 Module 15-SP7 (aarch64 ppc64le s390x x86_64) * python3-durationpy-0.9-150400.9.6.2 * python311-durationpy-0.9-150400.9.6.2 ## References: * https://jira.suse.com/browse/PED-12477 * https://jira.suse.com/browse/PED-12710 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 12:30:29 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 12:30:29 -0000 Subject: SUSE-RU-2025:01739-1: important: Recommended update for systemd Message-ID: <174852182949.5224.1198754266526883953@smelt2.prg2.suse.org> # Recommended update for systemd Announcement ID: SUSE-RU-2025:01739-1 Release Date: 2025-05-29T09:41:21Z Rating: important References: * bsc#1236177 * bsc#1237496 * bsc#1242938 * bsc#1243259 Affected Products: * Basesystem Module 15-SP6 * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP6 * SUSE Package Hub 15 15-SP7 An update that has four fixes can now be installed. ## Description: This update for systemd fixes the following issues: * Add missing 'systemd-journal-remote' package to 15-SP7 (bsc#1243259) * umount: do not move busy network mounts (bsc#1236177) * Apply coredump sysctl settings on systemd-coredump updates/removals. * Fix the issue with journalctl not working for users in Container UID range (bsc#1242938) Don't write messages sent from users with UID falling into the container UID range to the system journal. Daemons in the container don't talk to the outside journald as they talk to the inner one directly, which does its journal splitting based on shifted uids. * man/pstore.conf: pstore.conf template is not always installed in /etc * man: coredump.conf template is not always installed in /etc (bsc#1237496) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1739=1 openSUSE-SLE-15.6-2025-1739=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1739=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-1739=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-1739=1 * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-1739=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libsystemd0-debuginfo-254.24-150600.4.33.1 * systemd-debuginfo-254.24-150600.4.33.1 * systemd-experimental-debuginfo-254.24-150600.4.33.1 * systemd-network-254.24-150600.4.33.1 * udev-254.24-150600.4.33.1 * systemd-mini-container-debuginfo-254.24-150600.4.33.1 * systemd-debugsource-254.24-150600.4.33.1 * systemd-mini-devel-254.24-150600.4.33.1 * systemd-journal-remote-254.24-150600.4.33.1 * systemd-journal-remote-debuginfo-254.24-150600.4.33.1 * systemd-mini-debugsource-254.24-150600.4.33.1 * libsystemd0-mini-debuginfo-254.24-150600.4.33.1 * systemd-experimental-254.24-150600.4.33.1 * systemd-sysvcompat-254.24-150600.4.33.1 * systemd-portable-debuginfo-254.24-150600.4.33.1 * systemd-mini-254.24-150600.4.33.1 * systemd-254.24-150600.4.33.1 * systemd-coredump-debuginfo-254.24-150600.4.33.1 * systemd-mini-container-254.24-150600.4.33.1 * udev-mini-254.24-150600.4.33.1 * systemd-testsuite-254.24-150600.4.33.1 * libsystemd0-mini-254.24-150600.4.33.1 * libudev1-debuginfo-254.24-150600.4.33.1 * systemd-coredump-254.24-150600.4.33.1 * libudev-mini1-debuginfo-254.24-150600.4.33.1 * systemd-testsuite-debuginfo-254.24-150600.4.33.1 * systemd-doc-254.24-150600.4.33.1 * libudev-mini1-254.24-150600.4.33.1 * systemd-devel-254.24-150600.4.33.1 * systemd-sysvcompat-debuginfo-254.24-150600.4.33.1 * systemd-homed-254.24-150600.4.33.1 * systemd-network-debuginfo-254.24-150600.4.33.1 * udev-debuginfo-254.24-150600.4.33.1 * systemd-mini-debuginfo-254.24-150600.4.33.1 * systemd-homed-debuginfo-254.24-150600.4.33.1 * libudev1-254.24-150600.4.33.1 * libsystemd0-254.24-150600.4.33.1 * udev-mini-debuginfo-254.24-150600.4.33.1 * systemd-portable-254.24-150600.4.33.1 * systemd-container-254.24-150600.4.33.1 * systemd-container-debuginfo-254.24-150600.4.33.1 * openSUSE Leap 15.6 (x86_64) * systemd-32bit-254.24-150600.4.33.1 * libsystemd0-32bit-debuginfo-254.24-150600.4.33.1 * libsystemd0-32bit-254.24-150600.4.33.1 * libudev1-32bit-debuginfo-254.24-150600.4.33.1 * systemd-32bit-debuginfo-254.24-150600.4.33.1 * systemd-devel-32bit-254.24-150600.4.33.1 * libudev1-32bit-254.24-150600.4.33.1 * openSUSE Leap 15.6 (aarch64 x86_64 i586) * systemd-boot-254.24-150600.4.33.1 * systemd-boot-debuginfo-254.24-150600.4.33.1 * openSUSE Leap 15.6 (noarch) * systemd-lang-254.24-150600.4.33.1 * openSUSE Leap 15.6 (aarch64_ilp32) * systemd-64bit-debuginfo-254.24-150600.4.33.1 * systemd-devel-64bit-254.24-150600.4.33.1 * libsystemd0-64bit-254.24-150600.4.33.1 * libudev1-64bit-254.24-150600.4.33.1 * libsystemd0-64bit-debuginfo-254.24-150600.4.33.1 * libudev1-64bit-debuginfo-254.24-150600.4.33.1 * systemd-64bit-254.24-150600.4.33.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * systemd-sysvcompat-254.24-150600.4.33.1 * libsystemd0-debuginfo-254.24-150600.4.33.1 * systemd-debuginfo-254.24-150600.4.33.1 * udev-254.24-150600.4.33.1 * udev-debuginfo-254.24-150600.4.33.1 * libudev1-debuginfo-254.24-150600.4.33.1 * systemd-coredump-254.24-150600.4.33.1 * libudev1-254.24-150600.4.33.1 * systemd-debugsource-254.24-150600.4.33.1 * systemd-doc-254.24-150600.4.33.1 * systemd-journal-remote-254.24-150600.4.33.1 * systemd-254.24-150600.4.33.1 * systemd-coredump-debuginfo-254.24-150600.4.33.1 * libsystemd0-254.24-150600.4.33.1 * systemd-devel-254.24-150600.4.33.1 * systemd-sysvcompat-debuginfo-254.24-150600.4.33.1 * systemd-container-254.24-150600.4.33.1 * systemd-container-debuginfo-254.24-150600.4.33.1 * Basesystem Module 15-SP6 (noarch) * systemd-lang-254.24-150600.4.33.1 * Basesystem Module 15-SP6 (x86_64) * systemd-32bit-254.24-150600.4.33.1 * libsystemd0-32bit-debuginfo-254.24-150600.4.33.1 * libsystemd0-32bit-254.24-150600.4.33.1 * libudev1-32bit-debuginfo-254.24-150600.4.33.1 * systemd-32bit-debuginfo-254.24-150600.4.33.1 * libudev1-32bit-254.24-150600.4.33.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * systemd-sysvcompat-254.24-150600.4.33.1 * libsystemd0-debuginfo-254.24-150600.4.33.1 * systemd-debuginfo-254.24-150600.4.33.1 * udev-254.24-150600.4.33.1 * udev-debuginfo-254.24-150600.4.33.1 * libudev1-debuginfo-254.24-150600.4.33.1 * systemd-coredump-254.24-150600.4.33.1 * libudev1-254.24-150600.4.33.1 * systemd-debugsource-254.24-150600.4.33.1 * systemd-doc-254.24-150600.4.33.1 * systemd-journal-remote-254.24-150600.4.33.1 * systemd-254.24-150600.4.33.1 * systemd-coredump-debuginfo-254.24-150600.4.33.1 * systemd-journal-remote-debuginfo-254.24-150600.4.33.1 * libsystemd0-254.24-150600.4.33.1 * systemd-devel-254.24-150600.4.33.1 * systemd-sysvcompat-debuginfo-254.24-150600.4.33.1 * systemd-container-254.24-150600.4.33.1 * systemd-container-debuginfo-254.24-150600.4.33.1 * Basesystem Module 15-SP7 (noarch) * systemd-lang-254.24-150600.4.33.1 * Basesystem Module 15-SP7 (x86_64) * systemd-32bit-254.24-150600.4.33.1 * libsystemd0-32bit-debuginfo-254.24-150600.4.33.1 * libsystemd0-32bit-254.24-150600.4.33.1 * libudev1-32bit-debuginfo-254.24-150600.4.33.1 * systemd-32bit-debuginfo-254.24-150600.4.33.1 * libudev1-32bit-254.24-150600.4.33.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * systemd-network-254.24-150600.4.33.1 * systemd-debuginfo-254.24-150600.4.33.1 * systemd-network-debuginfo-254.24-150600.4.33.1 * systemd-debugsource-254.24-150600.4.33.1 * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64) * systemd-network-254.24-150600.4.33.1 * systemd-debuginfo-254.24-150600.4.33.1 * systemd-network-debuginfo-254.24-150600.4.33.1 * systemd-debugsource-254.24-150600.4.33.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1236177 * https://bugzilla.suse.com/show_bug.cgi?id=1237496 * https://bugzilla.suse.com/show_bug.cgi?id=1242938 * https://bugzilla.suse.com/show_bug.cgi?id=1243259 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 12:30:31 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 12:30:31 -0000 Subject: SUSE-SU-2025:01651-2: moderate: Security update for ucode-intel Message-ID: <174852183159.5224.2992290840617235403@smelt2.prg2.suse.org> # Security update for ucode-intel Announcement ID: SUSE-SU-2025:01651-2 Release Date: 2025-05-29T09:40:22Z Rating: moderate References: * bsc#1243123 Cross-References: * CVE-2024-28956 * CVE-2024-43420 * CVE-2024-45332 * CVE-2025-20012 * CVE-2025-20054 * CVE-2025-20103 * CVE-2025-20623 * CVE-2025-24495 CVSS scores: * CVE-2024-28956 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-28956 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-28956 ( NVD ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-28956 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-43420 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-43420 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-43420 ( NVD ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-43420 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-45332 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-45332 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-45332 ( NVD ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-45332 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2025-20012 ( SUSE ): 4.1 CVSS:4.0/AV:P/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-20012 ( SUSE ): 4.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N * CVE-2025-20012 ( NVD ): 4.1 CVSS:4.0/AV:P/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-20012 ( NVD ): 4.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N * CVE-2025-20054 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-20054 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2025-20103 ( NVD ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-20103 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2025-20623 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-20623 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2025-20623 ( NVD ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-20623 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2025-24495 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2025-24495 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2025-24495 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-24495 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N Affected Products: * Basesystem Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves eight vulnerabilities can now be installed. ## Description: This update for ucode-intel fixes the following issues: Intel CPU Microcode was updated to the 20250512 release (bsc#1243123) * CVE-2024-28956: Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel Processors may allow an authenticated user to potentially enable information disclosure via local access. * CVE-2025-20103: Insufficient resource pool in the core management mechanism for some Intel Processors may allow an authenticated user to potentially enable denial of service via local access. * CVE-2025-20054: Uncaught exception in the core management mechanism for some Intel Processors may allow an authenticated user to potentially enable denial of service via local access. * CVE-2024-43420: Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some Intel Atom processors may allow an authenticated user to potentially enable information disclosure via local access. * CVE-2025-20623: Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some Intel Core processors (10th Generation) may allow an authenticated user to potentially enable information disclosure via local access. * CVE-2024-45332: Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution in the indirect branch predictors for some Intel Processors may allow an authenticated user to potentially enable information disclosure via local access. * CVE-2025-24495: Incorrect initialization of resource in the branch prediction unit for some Intel Core Ultra Processors may allow an authenticated user to potentially enable information disclosure via local access. * CVE-2025-20012: Incorrect behavior order for some Intel Core Ultra Processors may allow an unauthenticated user to potentially enable information disclosure via physical access. * Updates for functional issues. * New Platforms Processor Stepping F-M-S/PI Old Ver New Ver Products ARL-U A1 06-b5-00/80 0000000a Core Ultra Processor (Series2) ARL-S/HX (8P) B0 06-c6-02/82 00000118 Core Ultra Processor (Series2) ARL-H A1 06-c5-02/82 00000118 Core Ultra Processor (Series2) GNR-AP/SP B0 06-ad-01/95 010003a2 Xeon Scalable Gen6 GNR-AP/SP H0 06-ad-01/20 0a0000d1 Xeon Scalable Gen6 LNL B0 06-bd-01/80 0000011f Core Ultra 200 V Series Processor * Updated Platforms Processor Stepping F-M-S/PI Old Ver New Ver Products ADL C0 06-97-02/07 00000038 0000003a Core Gen12 ADL H0 06-97-05/07 00000038 0000003a Core Gen12 ADL L0 06-9a-03/80 00000436 00000437 Core Gen12 ADL R0 06-9a-04/80 00000436 00000437 Core Gen12 ADL-N N0 06-be-00/19 0000001c 0000001d Core i3-N305/N300, N50/N97/N100/N200, Atom x7211E/x7213E/x7425E AML-Y42 V0 06-8e-0c/94 000000fc 00000100 Core Gen10 Mobile AZB A0/R0 06-9a-04/40 00000009 0000000a Intel(R) Atom(R) C1100 CFL-H R0 06-9e-0d/22 00000102 00000104 Core Gen9 Mobile CLX-SP B1 06-55-07/bf 05003707 05003901 Xeon Scalable Gen2 CML-H R1 06-a5-02/20 000000fc 00000100 Core Gen10 Mobile CML-S102 Q0 06-a5-05/22 000000fc 00000100 Core Gen10 CML-S62 G1 06-a5-03/22 000000fc 00000100 Core Gen10 CML-U42 V0 06-8e-0c/94 000000fc 00000100 Core Gen10 Mobile CML-U62 V1 A0 06-a6-00/80 000000fe 00000102 Core Gen10 Mobile CML-U62 V2 K1 06-a6-01/80 000000fc 00000100 Core Gen10 Mobile CML-Y42 V0 06-8e-0c/94 000000fc 00000100 Core Gen10 Mobile CPX-SP A1 06-55-0b/bf 07002904 07002b01 Xeon Scalable Gen3 EMR-SP A1 06-cf-02/87 21000291 210002a9 Xeon Scalable Gen5 GLK-R R0 06-7a-08/01 00000024 00000026 Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120 ICL-D B0 06-6c-01/10 010002c0 010002d0 Xeon D-17xx, D-27xx ICL-U/Y D1 06-7e-05/80 000000c6 000000ca Core Gen10 Mobile ICX-SP Dx/M1 06-6a-06/87 0d0003f5 0d000404 Xeon Scalable Gen3 MTL C0 06-aa-04/e6 00000020 00000024 Core Ultra Processor RKL-S B0 06-a7-01/02 00000063 00000064 Core Gen11 RPL-E/HX/S B0 06-b7-01/32 0000012c 0000012f Core Gen13/Gen14 RPL-H/P/PX 6+8 J0 06-ba-02/e0 00004124 00004128 Core Gen13 RPL-HX/S C0 06-bf-02/07 00000038 0000003a Core Gen13/Gen14 RPL-S H0 06-bf-05/07 00000038 0000003a Core Gen13/Gen14 RPL-U 2+8 Q0 06-ba-03/e0 00004124 00004128 Core Gen13 SPR-HBM Bx 06-8f-08/10 2c0003e0 2c0003f7 Xeon Max SPR-SP E4/S2 06-8f-07/87 2b000620 2b000639 Xeon Scalable Gen4 SPR-SP E5/S3 06-8f-08/87 2b000620 2b000639 Xeon Scalable Gen4 SRF-SP C0 06-af-03/01 03000330 03000341 Xeon 6700-Series Processors with E-Cores TGL B0/B1 06-8c-01/80 000000b8 000000bc Core Gen11 Mobile TGL-H R0 06-8d-01/c2 00000052 00000056 Core Gen11 Mobile TGL-R C0 06-8c-02/c2 00000038 0000003c Core Gen11 Mobile TWL N0 06-be-00/19 0000001c 0000001d Core i3-N305/N300, N50/N97/N100/N200, Atom x7211E/x7213E/x7425E WHL-U V0 06-8e-0c/94 000000fc 00000100 Core Gen8 Mobile ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-1651=1 ## Package List: * Basesystem Module 15-SP7 (x86_64) * ucode-intel-20250512-150200.56.1 ## References: * https://www.suse.com/security/cve/CVE-2024-28956.html * https://www.suse.com/security/cve/CVE-2024-43420.html * https://www.suse.com/security/cve/CVE-2024-45332.html * https://www.suse.com/security/cve/CVE-2025-20012.html * https://www.suse.com/security/cve/CVE-2025-20054.html * https://www.suse.com/security/cve/CVE-2025-20103.html * https://www.suse.com/security/cve/CVE-2025-20623.html * https://www.suse.com/security/cve/CVE-2025-24495.html * https://bugzilla.suse.com/show_bug.cgi?id=1243123 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 12:30:34 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 12:30:34 -0000 Subject: SUSE-SU-2025:01511-1: moderate: Security update for apparmor Message-ID: <174852183477.5224.814320793775780944@smelt2.prg2.suse.org> # Security update for apparmor Announcement ID: SUSE-SU-2025:01511-1 Release Date: 2025-05-29T09:40:04Z Rating: moderate References: * bsc#1241678 Cross-References: * CVE-2024-10041 CVSS scores: * CVE-2024-10041 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-10041 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-10041 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * Basesystem Module 15-SP7 * Development Tools Module 15-SP7 * Server Applications Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for apparmor fixes the following issues: * Add dac_read_search capability for unix_chkpwd to allow it to read the shadow file even if it has 000 permissions. This is needed after the CVE-2024-10041 fix in PAM. (bsc#1241678) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-1511=1 * Development Tools Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP7-2025-1511=1 * Server Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2025-1511=1 ## Package List: * Basesystem Module 15-SP7 (noarch) * apparmor-parser-lang-3.1.7-150600.5.9.1 * apparmor-docs-3.1.7-150600.5.9.1 * apparmor-abstractions-3.1.7-150600.5.9.1 * apparmor-profiles-3.1.7-150600.5.9.1 * apparmor-utils-3.1.7-150600.5.9.1 * apparmor-utils-lang-3.1.7-150600.5.9.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * pam_apparmor-debuginfo-3.1.7-150600.5.9.1 * python3-apparmor-debuginfo-3.1.7-150600.5.9.1 * apparmor-parser-debuginfo-3.1.7-150600.5.9.1 * apparmor-debugsource-3.1.7-150600.5.9.1 * libapparmor-devel-3.1.7-150600.5.9.1 * libapparmor1-debuginfo-3.1.7-150600.5.9.1 * apparmor-parser-3.1.7-150600.5.9.1 * libapparmor1-3.1.7-150600.5.9.1 * python3-apparmor-3.1.7-150600.5.9.1 * pam_apparmor-3.1.7-150600.5.9.1 * libapparmor-debugsource-3.1.7-150600.5.9.1 * Basesystem Module 15-SP7 (x86_64) * pam_apparmor-32bit-debuginfo-3.1.7-150600.5.9.1 * libapparmor1-32bit-debuginfo-3.1.7-150600.5.9.1 * libapparmor1-32bit-3.1.7-150600.5.9.1 * pam_apparmor-32bit-3.1.7-150600.5.9.1 * Development Tools Module 15-SP7 (aarch64 ppc64le s390x x86_64) * perl-apparmor-debuginfo-3.1.7-150600.5.9.1 * apparmor-debugsource-3.1.7-150600.5.9.1 * perl-apparmor-3.1.7-150600.5.9.1 * Server Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * apache2-mod_apparmor-3.1.7-150600.5.9.1 * apparmor-debugsource-3.1.7-150600.5.9.1 * apache2-mod_apparmor-debuginfo-3.1.7-150600.5.9.1 ## References: * https://www.suse.com/security/cve/CVE-2024-10041.html * https://bugzilla.suse.com/show_bug.cgi?id=1241678 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 12:30:38 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 12:30:38 -0000 Subject: SUSE-SU-2025:01738-1: important: Security update for jetty-minimal Message-ID: <174852183855.5224.14435133716607175826@smelt2.prg2.suse.org> # Security update for jetty-minimal Announcement ID: SUSE-SU-2025:01738-1 Release Date: 2025-05-29T09:38:50Z Rating: important References: * bsc#1231652 * bsc#1243271 Cross-References: * CVE-2024-13009 * CVE-2024-6763 CVSS scores: * CVE-2024-13009 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N * CVE-2024-13009 ( NVD ): 7.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N * CVE-2024-6763 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-6763 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2024-6763 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-6763 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Affected Products: * Development Tools Module 15-SP6 * Development Tools Module 15-SP7 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP6 * SUSE Package Hub 15 15-SP7 An update that solves two vulnerabilities can now be installed. ## Description: This update for jetty-minimal fixes the following issues: Upgrade to version 9.4.57.v20241219 * CVE-2024-6763: the HttpURI class does insufficient validation on the authority segment of a URI (bsc#1231652) * CVE-2024-13009: Gzip Request Body Buffer (bsc#1243271) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1738=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1738=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1738=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1738=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1738=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1738=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1738=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1738=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1738=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1738=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1738=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1738=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1738=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-1738=1 * Development Tools Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP7-2025-1738=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-1738=1 * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-1738=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * jetty-util-9.4.57-150200.3.31.1 * jetty-servlet-9.4.57-150200.3.31.1 * jetty-util-ajax-9.4.57-150200.3.31.1 * jetty-io-9.4.57-150200.3.31.1 * jetty-http-9.4.57-150200.3.31.1 * jetty-security-9.4.57-150200.3.31.1 * jetty-server-9.4.57-150200.3.31.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * jetty-util-9.4.57-150200.3.31.1 * jetty-servlet-9.4.57-150200.3.31.1 * jetty-util-ajax-9.4.57-150200.3.31.1 * jetty-io-9.4.57-150200.3.31.1 * jetty-http-9.4.57-150200.3.31.1 * jetty-security-9.4.57-150200.3.31.1 * jetty-server-9.4.57-150200.3.31.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * jetty-util-9.4.57-150200.3.31.1 * jetty-servlet-9.4.57-150200.3.31.1 * jetty-util-ajax-9.4.57-150200.3.31.1 * jetty-io-9.4.57-150200.3.31.1 * jetty-http-9.4.57-150200.3.31.1 * jetty-security-9.4.57-150200.3.31.1 * jetty-server-9.4.57-150200.3.31.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * jetty-util-9.4.57-150200.3.31.1 * jetty-servlet-9.4.57-150200.3.31.1 * jetty-util-ajax-9.4.57-150200.3.31.1 * jetty-io-9.4.57-150200.3.31.1 * jetty-http-9.4.57-150200.3.31.1 * jetty-security-9.4.57-150200.3.31.1 * jetty-server-9.4.57-150200.3.31.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * jetty-util-9.4.57-150200.3.31.1 * jetty-servlet-9.4.57-150200.3.31.1 * jetty-util-ajax-9.4.57-150200.3.31.1 * jetty-io-9.4.57-150200.3.31.1 * jetty-http-9.4.57-150200.3.31.1 * jetty-security-9.4.57-150200.3.31.1 * jetty-server-9.4.57-150200.3.31.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * jetty-util-9.4.57-150200.3.31.1 * jetty-servlet-9.4.57-150200.3.31.1 * jetty-util-ajax-9.4.57-150200.3.31.1 * jetty-io-9.4.57-150200.3.31.1 * jetty-http-9.4.57-150200.3.31.1 * jetty-security-9.4.57-150200.3.31.1 * jetty-server-9.4.57-150200.3.31.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * jetty-util-9.4.57-150200.3.31.1 * jetty-servlet-9.4.57-150200.3.31.1 * jetty-util-ajax-9.4.57-150200.3.31.1 * jetty-io-9.4.57-150200.3.31.1 * jetty-http-9.4.57-150200.3.31.1 * jetty-security-9.4.57-150200.3.31.1 * jetty-server-9.4.57-150200.3.31.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * jetty-util-9.4.57-150200.3.31.1 * jetty-servlet-9.4.57-150200.3.31.1 * jetty-util-ajax-9.4.57-150200.3.31.1 * jetty-io-9.4.57-150200.3.31.1 * jetty-http-9.4.57-150200.3.31.1 * jetty-security-9.4.57-150200.3.31.1 * jetty-server-9.4.57-150200.3.31.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * jetty-util-9.4.57-150200.3.31.1 * jetty-servlet-9.4.57-150200.3.31.1 * jetty-util-ajax-9.4.57-150200.3.31.1 * jetty-io-9.4.57-150200.3.31.1 * jetty-http-9.4.57-150200.3.31.1 * jetty-security-9.4.57-150200.3.31.1 * jetty-server-9.4.57-150200.3.31.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * jetty-util-9.4.57-150200.3.31.1 * jetty-servlet-9.4.57-150200.3.31.1 * jetty-util-ajax-9.4.57-150200.3.31.1 * jetty-io-9.4.57-150200.3.31.1 * jetty-http-9.4.57-150200.3.31.1 * jetty-security-9.4.57-150200.3.31.1 * jetty-server-9.4.57-150200.3.31.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * jetty-util-9.4.57-150200.3.31.1 * jetty-servlet-9.4.57-150200.3.31.1 * jetty-util-ajax-9.4.57-150200.3.31.1 * jetty-io-9.4.57-150200.3.31.1 * jetty-http-9.4.57-150200.3.31.1 * jetty-security-9.4.57-150200.3.31.1 * jetty-server-9.4.57-150200.3.31.1 * SUSE Enterprise Storage 7.1 (noarch) * jetty-util-9.4.57-150200.3.31.1 * jetty-servlet-9.4.57-150200.3.31.1 * jetty-util-ajax-9.4.57-150200.3.31.1 * jetty-io-9.4.57-150200.3.31.1 * jetty-http-9.4.57-150200.3.31.1 * jetty-security-9.4.57-150200.3.31.1 * jetty-server-9.4.57-150200.3.31.1 * openSUSE Leap 15.6 (noarch) * jetty-servlets-9.4.57-150200.3.31.1 * jetty-deploy-9.4.57-150200.3.31.1 * jetty-continuation-9.4.57-150200.3.31.1 * jetty-jndi-9.4.57-150200.3.31.1 * jetty-rewrite-9.4.57-150200.3.31.1 * jetty-minimal-javadoc-9.4.57-150200.3.31.1 * jetty-util-9.4.57-150200.3.31.1 * jetty-util-ajax-9.4.57-150200.3.31.1 * jetty-proxy-9.4.57-150200.3.31.1 * jetty-io-9.4.57-150200.3.31.1 * jetty-http-9.4.57-150200.3.31.1 * jetty-start-9.4.57-150200.3.31.1 * jetty-jaas-9.4.57-150200.3.31.1 * jetty-jsp-9.4.57-150200.3.31.1 * jetty-annotations-9.4.57-150200.3.31.1 * jetty-servlet-9.4.57-150200.3.31.1 * jetty-quickstart-9.4.57-150200.3.31.1 * jetty-openid-9.4.57-150200.3.31.1 * jetty-server-9.4.57-150200.3.31.1 * jetty-xml-9.4.57-150200.3.31.1 * jetty-cdi-9.4.57-150200.3.31.1 * jetty-jmx-9.4.57-150200.3.31.1 * jetty-webapp-9.4.57-150200.3.31.1 * jetty-plus-9.4.57-150200.3.31.1 * jetty-security-9.4.57-150200.3.31.1 * jetty-client-9.4.57-150200.3.31.1 * jetty-http-spi-9.4.57-150200.3.31.1 * jetty-ant-9.4.57-150200.3.31.1 * jetty-fcgi-9.4.57-150200.3.31.1 * Development Tools Module 15-SP6 (noarch) * jetty-util-9.4.57-150200.3.31.1 * jetty-servlet-9.4.57-150200.3.31.1 * jetty-util-ajax-9.4.57-150200.3.31.1 * jetty-io-9.4.57-150200.3.31.1 * jetty-http-9.4.57-150200.3.31.1 * jetty-security-9.4.57-150200.3.31.1 * jetty-server-9.4.57-150200.3.31.1 * Development Tools Module 15-SP7 (noarch) * jetty-util-9.4.57-150200.3.31.1 * jetty-servlet-9.4.57-150200.3.31.1 * jetty-util-ajax-9.4.57-150200.3.31.1 * jetty-io-9.4.57-150200.3.31.1 * jetty-http-9.4.57-150200.3.31.1 * jetty-security-9.4.57-150200.3.31.1 * jetty-server-9.4.57-150200.3.31.1 * SUSE Package Hub 15 15-SP6 (noarch) * jetty-continuation-9.4.57-150200.3.31.1 * SUSE Package Hub 15 15-SP7 (noarch) * jetty-continuation-9.4.57-150200.3.31.1 ## References: * https://www.suse.com/security/cve/CVE-2024-13009.html * https://www.suse.com/security/cve/CVE-2024-6763.html * https://bugzilla.suse.com/show_bug.cgi?id=1231652 * https://bugzilla.suse.com/show_bug.cgi?id=1243271 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 12:30:42 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 12:30:42 -0000 Subject: SUSE-SU-2025:01737-1: important: Security update for gstreamer-plugins-bad Message-ID: <174852184200.5224.1027421700276307693@smelt2.prg2.suse.org> # Security update for gstreamer-plugins-bad Announcement ID: SUSE-SU-2025:01737-1 Release Date: 2025-05-29T09:36:47Z Rating: important References: * bsc#1242809 Cross-References: * CVE-2025-3887 CVSS scores: * CVE-2025-3887 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-3887 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-3887 ( NVD ): 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP6 * Basesystem Module 15-SP7 * Desktop Applications Module 15-SP6 * Desktop Applications Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP6 * SUSE Package Hub 15 15-SP7 An update that solves one vulnerability can now be installed. ## Description: This update for gstreamer-plugins-bad fixes the following issues: * CVE-2025-3887: Fixed possible RCE vulnerability via buffer overflow in H265 Codec Parsing (bsc#1242809). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1737=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1737=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-1737=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-1737=1 * Desktop Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP7-2025-1737=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-1737=1 * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-1737=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libgstbadaudio-1_0-0-1.24.0-150600.4.3.1 * typelib-1_0-GstInsertBin-1_0-1.24.0-150600.4.3.1 * typelib-1_0-GstCodecs-1_0-1.24.0-150600.4.3.1 * libgsttranscoder-1_0-0-1.24.0-150600.4.3.1 * libgstdxva-1_0-0-debuginfo-1.24.0-150600.4.3.1 * typelib-1_0-CudaGst-1_0-1.24.0-150600.4.3.1 * libgstvulkan-1_0-0-debuginfo-1.24.0-150600.4.3.1 * libgstanalytics-1_0-0-1.24.0-150600.4.3.1 * typelib-1_0-GstDxva-1_0-1.24.0-150600.4.3.1 * libgstwebrtcnice-1_0-0-debuginfo-1.24.0-150600.4.3.1 * libgstplayer-1_0-0-1.24.0-150600.4.3.1 * libgstsctp-1_0-0-1.24.0-150600.4.3.1 * libgstcuda-1_0-0-1.24.0-150600.4.3.1 * gstreamer-plugins-bad-chromaprint-1.24.0-150600.4.3.1 * libgstwebrtcnice-1_0-0-1.24.0-150600.4.3.1 * typelib-1_0-GstBadAudio-1_0-1.24.0-150600.4.3.1 * libgstwebrtc-1_0-0-debuginfo-1.24.0-150600.4.3.1 * gstreamer-plugins-bad-debugsource-1.24.0-150600.4.3.1 * libgsturidownloader-1_0-0-1.24.0-150600.4.3.1 * gstreamer-plugins-bad-chromaprint-debuginfo-1.24.0-150600.4.3.1 * typelib-1_0-GstVa-1_0-1.24.0-150600.4.3.1 * libgstcodecs-1_0-0-debuginfo-1.24.0-150600.4.3.1 * gstreamer-plugins-bad-debuginfo-1.24.0-150600.4.3.1 * libgstdxva-1_0-0-1.24.0-150600.4.3.1 * typelib-1_0-GstMpegts-1_0-1.24.0-150600.4.3.1 * libgstphotography-1_0-0-1.24.0-150600.4.3.1 * libgstcodecparsers-1_0-0-debuginfo-1.24.0-150600.4.3.1 * typelib-1_0-GstCuda-1_0-1.24.0-150600.4.3.1 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.24.0-150600.4.3.1 * typelib-1_0-GstTranscoder-1_0-1.24.0-150600.4.3.1 * typelib-1_0-GstWebRTC-1_0-1.24.0-150600.4.3.1 * libgstplay-1_0-0-1.24.0-150600.4.3.1 * libgstwayland-1_0-0-debuginfo-1.24.0-150600.4.3.1 * gstreamer-transcoder-1.24.0-150600.4.3.1 * typelib-1_0-GstPlayer-1_0-1.24.0-150600.4.3.1 * libgstadaptivedemux-1_0-0-debuginfo-1.24.0-150600.4.3.1 * libgstmpegts-1_0-0-debuginfo-1.24.0-150600.4.3.1 * typelib-1_0-GstMse-1_0-1.24.0-150600.4.3.1 * typelib-1_0-GstPlay-1_0-1.24.0-150600.4.3.1 * libgsttranscoder-1_0-0-debuginfo-1.24.0-150600.4.3.1 * libgstmse-1_0-0-1.24.0-150600.4.3.1 * libgstadaptivedemux-1_0-0-1.24.0-150600.4.3.1 * libgstphotography-1_0-0-debuginfo-1.24.0-150600.4.3.1 * gstreamer-plugins-bad-devel-1.24.0-150600.4.3.1 * libgstplayer-1_0-0-debuginfo-1.24.0-150600.4.3.1 * libgstanalytics-1_0-0-debuginfo-1.24.0-150600.4.3.1 * libgstmse-1_0-0-debuginfo-1.24.0-150600.4.3.1 * libgstwayland-1_0-0-1.24.0-150600.4.3.1 * libgstbasecamerabinsrc-1_0-0-1.24.0-150600.4.3.1 * gstreamer-transcoder-debuginfo-1.24.0-150600.4.3.1 * gstreamer-plugins-bad-1.24.0-150600.4.3.1 * libgstmpegts-1_0-0-1.24.0-150600.4.3.1 * libgstinsertbin-1_0-0-debuginfo-1.24.0-150600.4.3.1 * libgstcodecparsers-1_0-0-1.24.0-150600.4.3.1 * libgstcuda-1_0-0-debuginfo-1.24.0-150600.4.3.1 * libgstwebrtc-1_0-0-1.24.0-150600.4.3.1 * typelib-1_0-GstAnalytics-1_0-1.24.0-150600.4.3.1 * libgstva-1_0-0-debuginfo-1.24.0-150600.4.3.1 * typelib-1_0-GstVulkanXCB-1_0-1.24.0-150600.4.3.1 * typelib-1_0-GstVulkan-1_0-1.24.0-150600.4.3.1 * libgstcodecs-1_0-0-1.24.0-150600.4.3.1 * libgstbadaudio-1_0-0-debuginfo-1.24.0-150600.4.3.1 * libgsturidownloader-1_0-0-debuginfo-1.24.0-150600.4.3.1 * libgstva-1_0-0-1.24.0-150600.4.3.1 * libgstvulkan-1_0-0-1.24.0-150600.4.3.1 * libgstinsertbin-1_0-0-1.24.0-150600.4.3.1 * libgstplay-1_0-0-debuginfo-1.24.0-150600.4.3.1 * libgstisoff-1_0-0-debuginfo-1.24.0-150600.4.3.1 * libgstsctp-1_0-0-debuginfo-1.24.0-150600.4.3.1 * typelib-1_0-GstVulkanWayland-1_0-1.24.0-150600.4.3.1 * libgstisoff-1_0-0-1.24.0-150600.4.3.1 * gstreamer-transcoder-devel-1.24.0-150600.4.3.1 * openSUSE Leap 15.6 (x86_64) * libgstcodecs-1_0-0-32bit-1.24.0-150600.4.3.1 * gstreamer-plugins-bad-32bit-debuginfo-1.24.0-150600.4.3.1 * libgstwebrtcnice-1_0-0-32bit-1.24.0-150600.4.3.1 * libgstsctp-1_0-0-32bit-1.24.0-150600.4.3.1 * gstreamer-plugins-bad-chromaprint-32bit-debuginfo-1.24.0-150600.4.3.1 * libgstvulkan-1_0-0-32bit-debuginfo-1.24.0-150600.4.3.1 * libgstadaptivedemux-1_0-0-32bit-1.24.0-150600.4.3.1 * libgstcodecs-1_0-0-32bit-debuginfo-1.24.0-150600.4.3.1 * libgstinsertbin-1_0-0-32bit-debuginfo-1.24.0-150600.4.3.1 * libgsturidownloader-1_0-0-32bit-1.24.0-150600.4.3.1 * libgstmse-1_0-0-32bit-debuginfo-1.24.0-150600.4.3.1 * libgstmpegts-1_0-0-32bit-debuginfo-1.24.0-150600.4.3.1 * libgstanalytics-1_0-0-32bit-debuginfo-1.24.0-150600.4.3.1 * libgstcodecparsers-1_0-0-32bit-debuginfo-1.24.0-150600.4.3.1 * libgstbasecamerabinsrc-1_0-0-32bit-1.24.0-150600.4.3.1 * libgstphotography-1_0-0-32bit-debuginfo-1.24.0-150600.4.3.1 * libgstdxva-1_0-0-32bit-debuginfo-1.24.0-150600.4.3.1 * libgstplayer-1_0-0-32bit-1.24.0-150600.4.3.1 * libgstvulkan-1_0-0-32bit-1.24.0-150600.4.3.1 * libgstwayland-1_0-0-32bit-1.24.0-150600.4.3.1 * libgstwebrtc-1_0-0-32bit-debuginfo-1.24.0-150600.4.3.1 * libgstsctp-1_0-0-32bit-debuginfo-1.24.0-150600.4.3.1 * libgstplayer-1_0-0-32bit-debuginfo-1.24.0-150600.4.3.1 * libgstwayland-1_0-0-32bit-debuginfo-1.24.0-150600.4.3.1 * libgstanalytics-1_0-0-32bit-1.24.0-150600.4.3.1 * libgsttranscoder-1_0-0-32bit-1.24.0-150600.4.3.1 * libgstbadaudio-1_0-0-32bit-debuginfo-1.24.0-150600.4.3.1 * libgstwebrtc-1_0-0-32bit-1.24.0-150600.4.3.1 * libgstdxva-1_0-0-32bit-1.24.0-150600.4.3.1 * libgstcuda-1_0-0-32bit-debuginfo-1.24.0-150600.4.3.1 * libgstisoff-1_0-0-32bit-1.24.0-150600.4.3.1 * gstreamer-plugins-bad-32bit-1.24.0-150600.4.3.1 * libgstcodecparsers-1_0-0-32bit-1.24.0-150600.4.3.1 * libgstmse-1_0-0-32bit-1.24.0-150600.4.3.1 * libgstplay-1_0-0-32bit-debuginfo-1.24.0-150600.4.3.1 * libgstplay-1_0-0-32bit-1.24.0-150600.4.3.1 * libgsttranscoder-1_0-0-32bit-debuginfo-1.24.0-150600.4.3.1 * gstreamer-plugins-bad-chromaprint-32bit-1.24.0-150600.4.3.1 * libgstadaptivedemux-1_0-0-32bit-debuginfo-1.24.0-150600.4.3.1 * libgstva-1_0-0-32bit-debuginfo-1.24.0-150600.4.3.1 * libgstcuda-1_0-0-32bit-1.24.0-150600.4.3.1 * libgstbasecamerabinsrc-1_0-0-32bit-debuginfo-1.24.0-150600.4.3.1 * libgstisoff-1_0-0-32bit-debuginfo-1.24.0-150600.4.3.1 * libgsturidownloader-1_0-0-32bit-debuginfo-1.24.0-150600.4.3.1 * libgstwebrtcnice-1_0-0-32bit-debuginfo-1.24.0-150600.4.3.1 * libgstmpegts-1_0-0-32bit-1.24.0-150600.4.3.1 * libgstinsertbin-1_0-0-32bit-1.24.0-150600.4.3.1 * libgstphotography-1_0-0-32bit-1.24.0-150600.4.3.1 * libgstva-1_0-0-32bit-1.24.0-150600.4.3.1 * libgstbadaudio-1_0-0-32bit-1.24.0-150600.4.3.1 * openSUSE Leap 15.6 (noarch) * gstreamer-plugins-bad-lang-1.24.0-150600.4.3.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libgstphotography-1_0-0-64bit-1.24.0-150600.4.3.1 * libgstisoff-1_0-0-64bit-1.24.0-150600.4.3.1 * libgstwayland-1_0-0-64bit-debuginfo-1.24.0-150600.4.3.1 * libgstvulkan-1_0-0-64bit-debuginfo-1.24.0-150600.4.3.1 * libgstplayer-1_0-0-64bit-1.24.0-150600.4.3.1 * gstreamer-plugins-bad-64bit-1.24.0-150600.4.3.1 * libgstplay-1_0-0-64bit-debuginfo-1.24.0-150600.4.3.1 * libgstsctp-1_0-0-64bit-debuginfo-1.24.0-150600.4.3.1 * libgstcodecs-1_0-0-64bit-debuginfo-1.24.0-150600.4.3.1 * libgstisoff-1_0-0-64bit-debuginfo-1.24.0-150600.4.3.1 * libgstva-1_0-0-64bit-debuginfo-1.24.0-150600.4.3.1 * libgstmse-1_0-0-64bit-1.24.0-150600.4.3.1 * libgstinsertbin-1_0-0-64bit-1.24.0-150600.4.3.1 * libgstwebrtcnice-1_0-0-64bit-1.24.0-150600.4.3.1 * libgstmse-1_0-0-64bit-debuginfo-1.24.0-150600.4.3.1 * libgstwayland-1_0-0-64bit-1.24.0-150600.4.3.1 * libgstwebrtcnice-1_0-0-64bit-debuginfo-1.24.0-150600.4.3.1 * libgstadaptivedemux-1_0-0-64bit-debuginfo-1.24.0-150600.4.3.1 * libgstplayer-1_0-0-64bit-debuginfo-1.24.0-150600.4.3.1 * libgstcodecparsers-1_0-0-64bit-debuginfo-1.24.0-150600.4.3.1 * libgstmpegts-1_0-0-64bit-debuginfo-1.24.0-150600.4.3.1 * libgsttranscoder-1_0-0-64bit-1.24.0-150600.4.3.1 * libgstcodecparsers-1_0-0-64bit-1.24.0-150600.4.3.1 * libgstanalytics-1_0-0-64bit-1.24.0-150600.4.3.1 * libgstphotography-1_0-0-64bit-debuginfo-1.24.0-150600.4.3.1 * libgstbadaudio-1_0-0-64bit-1.24.0-150600.4.3.1 * gstreamer-plugins-bad-chromaprint-64bit-1.24.0-150600.4.3.1 * gstreamer-plugins-bad-chromaprint-64bit-debuginfo-1.24.0-150600.4.3.1 * libgstcuda-1_0-0-64bit-debuginfo-1.24.0-150600.4.3.1 * libgstbasecamerabinsrc-1_0-0-64bit-debuginfo-1.24.0-150600.4.3.1 * gstreamer-plugins-bad-64bit-debuginfo-1.24.0-150600.4.3.1 * libgstva-1_0-0-64bit-1.24.0-150600.4.3.1 * libgstadaptivedemux-1_0-0-64bit-1.24.0-150600.4.3.1 * libgstcodecs-1_0-0-64bit-1.24.0-150600.4.3.1 * libgstwebrtc-1_0-0-64bit-debuginfo-1.24.0-150600.4.3.1 * libgstsctp-1_0-0-64bit-1.24.0-150600.4.3.1 * libgstdxva-1_0-0-64bit-debuginfo-1.24.0-150600.4.3.1 * libgstinsertbin-1_0-0-64bit-debuginfo-1.24.0-150600.4.3.1 * libgstbadaudio-1_0-0-64bit-debuginfo-1.24.0-150600.4.3.1 * libgsturidownloader-1_0-0-64bit-debuginfo-1.24.0-150600.4.3.1 * libgstdxva-1_0-0-64bit-1.24.0-150600.4.3.1 * libgstmpegts-1_0-0-64bit-1.24.0-150600.4.3.1 * libgstplay-1_0-0-64bit-1.24.0-150600.4.3.1 * libgsturidownloader-1_0-0-64bit-1.24.0-150600.4.3.1 * libgstwebrtc-1_0-0-64bit-1.24.0-150600.4.3.1 * libgstbasecamerabinsrc-1_0-0-64bit-1.24.0-150600.4.3.1 * libgsttranscoder-1_0-0-64bit-debuginfo-1.24.0-150600.4.3.1 * libgstcuda-1_0-0-64bit-1.24.0-150600.4.3.1 * libgstanalytics-1_0-0-64bit-debuginfo-1.24.0-150600.4.3.1 * libgstvulkan-1_0-0-64bit-1.24.0-150600.4.3.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libgstplay-1_0-0-1.24.0-150600.4.3.1 * gstreamer-plugins-bad-debugsource-1.24.0-150600.4.3.1 * libgsttranscoder-1_0-0-1.24.0-150600.4.3.1 * gstreamer-plugins-bad-debuginfo-1.24.0-150600.4.3.1 * libgsttranscoder-1_0-0-debuginfo-1.24.0-150600.4.3.1 * libgstphotography-1_0-0-1.24.0-150600.4.3.1 * libgstplayer-1_0-0-debuginfo-1.24.0-150600.4.3.1 * libgstphotography-1_0-0-debuginfo-1.24.0-150600.4.3.1 * libgstplay-1_0-0-debuginfo-1.24.0-150600.4.3.1 * libgstplayer-1_0-0-1.24.0-150600.4.3.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libgstplay-1_0-0-1.24.0-150600.4.3.1 * gstreamer-plugins-bad-debugsource-1.24.0-150600.4.3.1 * libgsttranscoder-1_0-0-1.24.0-150600.4.3.1 * gstreamer-plugins-bad-debuginfo-1.24.0-150600.4.3.1 * libgsttranscoder-1_0-0-debuginfo-1.24.0-150600.4.3.1 * libgstphotography-1_0-0-1.24.0-150600.4.3.1 * libgstplayer-1_0-0-debuginfo-1.24.0-150600.4.3.1 * libgstphotography-1_0-0-debuginfo-1.24.0-150600.4.3.1 * libgstplay-1_0-0-debuginfo-1.24.0-150600.4.3.1 * libgstplayer-1_0-0-1.24.0-150600.4.3.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libgstbadaudio-1_0-0-1.24.0-150600.4.3.1 * typelib-1_0-GstInsertBin-1_0-1.24.0-150600.4.3.1 * libgstdxva-1_0-0-debuginfo-1.24.0-150600.4.3.1 * typelib-1_0-CudaGst-1_0-1.24.0-150600.4.3.1 * libgstvulkan-1_0-0-debuginfo-1.24.0-150600.4.3.1 * libgstanalytics-1_0-0-1.24.0-150600.4.3.1 * typelib-1_0-GstDxva-1_0-1.24.0-150600.4.3.1 * libgstwebrtcnice-1_0-0-debuginfo-1.24.0-150600.4.3.1 * libgstsctp-1_0-0-1.24.0-150600.4.3.1 * libgstcuda-1_0-0-1.24.0-150600.4.3.1 * libgstwebrtcnice-1_0-0-1.24.0-150600.4.3.1 * typelib-1_0-GstBadAudio-1_0-1.24.0-150600.4.3.1 * gstreamer-plugins-bad-debugsource-1.24.0-150600.4.3.1 * libgsturidownloader-1_0-0-1.24.0-150600.4.3.1 * typelib-1_0-GstVa-1_0-1.24.0-150600.4.3.1 * libgstcodecs-1_0-0-debuginfo-1.24.0-150600.4.3.1 * gstreamer-plugins-bad-debuginfo-1.24.0-150600.4.3.1 * libgstdxva-1_0-0-1.24.0-150600.4.3.1 * typelib-1_0-GstMpegts-1_0-1.24.0-150600.4.3.1 * libgstcodecparsers-1_0-0-debuginfo-1.24.0-150600.4.3.1 * typelib-1_0-GstCuda-1_0-1.24.0-150600.4.3.1 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.24.0-150600.4.3.1 * typelib-1_0-GstWebRTC-1_0-1.24.0-150600.4.3.1 * libgstwayland-1_0-0-debuginfo-1.24.0-150600.4.3.1 * typelib-1_0-GstPlayer-1_0-1.24.0-150600.4.3.1 * libgstadaptivedemux-1_0-0-debuginfo-1.24.0-150600.4.3.1 * libgstmpegts-1_0-0-debuginfo-1.24.0-150600.4.3.1 * typelib-1_0-GstMse-1_0-1.24.0-150600.4.3.1 * typelib-1_0-GstPlay-1_0-1.24.0-150600.4.3.1 * libgstmse-1_0-0-1.24.0-150600.4.3.1 * libgstadaptivedemux-1_0-0-1.24.0-150600.4.3.1 * gstreamer-plugins-bad-devel-1.24.0-150600.4.3.1 * libgstwebrtc-1_0-0-debuginfo-1.24.0-150600.4.3.1 * libgstanalytics-1_0-0-debuginfo-1.24.0-150600.4.3.1 * libgstmse-1_0-0-debuginfo-1.24.0-150600.4.3.1 * libgstwayland-1_0-0-1.24.0-150600.4.3.1 * libgstbasecamerabinsrc-1_0-0-1.24.0-150600.4.3.1 * gstreamer-plugins-bad-1.24.0-150600.4.3.1 * libgstmpegts-1_0-0-1.24.0-150600.4.3.1 * libgstwebrtc-1_0-0-1.24.0-150600.4.3.1 * libgstinsertbin-1_0-0-debuginfo-1.24.0-150600.4.3.1 * libgstcodecparsers-1_0-0-1.24.0-150600.4.3.1 * libgstcuda-1_0-0-debuginfo-1.24.0-150600.4.3.1 * typelib-1_0-GstAnalytics-1_0-1.24.0-150600.4.3.1 * typelib-1_0-GstCodecs-1_0-1.24.0-150600.4.3.1 * libgstva-1_0-0-debuginfo-1.24.0-150600.4.3.1 * libgstcodecs-1_0-0-1.24.0-150600.4.3.1 * libgstbadaudio-1_0-0-debuginfo-1.24.0-150600.4.3.1 * libgsturidownloader-1_0-0-debuginfo-1.24.0-150600.4.3.1 * libgstva-1_0-0-1.24.0-150600.4.3.1 * libgstvulkan-1_0-0-1.24.0-150600.4.3.1 * libgstinsertbin-1_0-0-1.24.0-150600.4.3.1 * libgstisoff-1_0-0-debuginfo-1.24.0-150600.4.3.1 * libgstsctp-1_0-0-debuginfo-1.24.0-150600.4.3.1 * libgstisoff-1_0-0-1.24.0-150600.4.3.1 * Desktop Applications Module 15-SP6 (noarch) * gstreamer-plugins-bad-lang-1.24.0-150600.4.3.1 * Desktop Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libgstbadaudio-1_0-0-1.24.0-150600.4.3.1 * typelib-1_0-GstInsertBin-1_0-1.24.0-150600.4.3.1 * libgstdxva-1_0-0-debuginfo-1.24.0-150600.4.3.1 * typelib-1_0-CudaGst-1_0-1.24.0-150600.4.3.1 * libgstvulkan-1_0-0-debuginfo-1.24.0-150600.4.3.1 * libgstanalytics-1_0-0-1.24.0-150600.4.3.1 * typelib-1_0-GstDxva-1_0-1.24.0-150600.4.3.1 * libgstwebrtcnice-1_0-0-debuginfo-1.24.0-150600.4.3.1 * libgstsctp-1_0-0-1.24.0-150600.4.3.1 * libgstcuda-1_0-0-1.24.0-150600.4.3.1 * libgstwebrtcnice-1_0-0-1.24.0-150600.4.3.1 * typelib-1_0-GstBadAudio-1_0-1.24.0-150600.4.3.1 * gstreamer-plugins-bad-debugsource-1.24.0-150600.4.3.1 * libgsturidownloader-1_0-0-1.24.0-150600.4.3.1 * typelib-1_0-GstVa-1_0-1.24.0-150600.4.3.1 * libgstcodecs-1_0-0-debuginfo-1.24.0-150600.4.3.1 * gstreamer-plugins-bad-debuginfo-1.24.0-150600.4.3.1 * libgstdxva-1_0-0-1.24.0-150600.4.3.1 * typelib-1_0-GstMpegts-1_0-1.24.0-150600.4.3.1 * libgstcodecparsers-1_0-0-debuginfo-1.24.0-150600.4.3.1 * typelib-1_0-GstCuda-1_0-1.24.0-150600.4.3.1 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.24.0-150600.4.3.1 * typelib-1_0-GstWebRTC-1_0-1.24.0-150600.4.3.1 * libgstwayland-1_0-0-debuginfo-1.24.0-150600.4.3.1 * typelib-1_0-GstPlayer-1_0-1.24.0-150600.4.3.1 * libgstadaptivedemux-1_0-0-debuginfo-1.24.0-150600.4.3.1 * libgstmpegts-1_0-0-debuginfo-1.24.0-150600.4.3.1 * typelib-1_0-GstMse-1_0-1.24.0-150600.4.3.1 * typelib-1_0-GstPlay-1_0-1.24.0-150600.4.3.1 * libgstmse-1_0-0-1.24.0-150600.4.3.1 * libgstadaptivedemux-1_0-0-1.24.0-150600.4.3.1 * gstreamer-plugins-bad-devel-1.24.0-150600.4.3.1 * libgstwebrtc-1_0-0-debuginfo-1.24.0-150600.4.3.1 * libgstanalytics-1_0-0-debuginfo-1.24.0-150600.4.3.1 * libgstmse-1_0-0-debuginfo-1.24.0-150600.4.3.1 * libgstwayland-1_0-0-1.24.0-150600.4.3.1 * libgstbasecamerabinsrc-1_0-0-1.24.0-150600.4.3.1 * gstreamer-plugins-bad-1.24.0-150600.4.3.1 * libgstmpegts-1_0-0-1.24.0-150600.4.3.1 * libgstwebrtc-1_0-0-1.24.0-150600.4.3.1 * libgstinsertbin-1_0-0-debuginfo-1.24.0-150600.4.3.1 * libgstcodecparsers-1_0-0-1.24.0-150600.4.3.1 * libgstcuda-1_0-0-debuginfo-1.24.0-150600.4.3.1 * typelib-1_0-GstAnalytics-1_0-1.24.0-150600.4.3.1 * typelib-1_0-GstCodecs-1_0-1.24.0-150600.4.3.1 * libgstva-1_0-0-debuginfo-1.24.0-150600.4.3.1 * libgstcodecs-1_0-0-1.24.0-150600.4.3.1 * libgstbadaudio-1_0-0-debuginfo-1.24.0-150600.4.3.1 * libgsturidownloader-1_0-0-debuginfo-1.24.0-150600.4.3.1 * libgstva-1_0-0-1.24.0-150600.4.3.1 * libgstvulkan-1_0-0-1.24.0-150600.4.3.1 * libgstinsertbin-1_0-0-1.24.0-150600.4.3.1 * libgstisoff-1_0-0-debuginfo-1.24.0-150600.4.3.1 * libgstsctp-1_0-0-debuginfo-1.24.0-150600.4.3.1 * libgstisoff-1_0-0-1.24.0-150600.4.3.1 * Desktop Applications Module 15-SP7 (noarch) * gstreamer-plugins-bad-lang-1.24.0-150600.4.3.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * libgsttranscoder-1_0-0-debuginfo-1.24.0-150600.4.3.1 * libgsttranscoder-1_0-0-1.24.0-150600.4.3.1 * gstreamer-plugins-bad-debugsource-1.24.0-150600.4.3.1 * gstreamer-plugins-bad-debuginfo-1.24.0-150600.4.3.1 * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64) * libgsttranscoder-1_0-0-debuginfo-1.24.0-150600.4.3.1 * libgsttranscoder-1_0-0-1.24.0-150600.4.3.1 * gstreamer-plugins-bad-debugsource-1.24.0-150600.4.3.1 * gstreamer-plugins-bad-debuginfo-1.24.0-150600.4.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-3887.html * https://bugzilla.suse.com/show_bug.cgi?id=1242809 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 12:30:44 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 12:30:44 -0000 Subject: SUSE-RU-2025:01736-1: moderate: Recommended update for container-suseconnect Message-ID: <174852184475.5224.1603248608567760930@smelt2.prg2.suse.org> # Recommended update for container-suseconnect Announcement ID: SUSE-RU-2025:01736-1 Release Date: 2025-05-29T09:35:35Z Rating: moderate References: * bsc#1243360 Affected Products: * Containers Module 15-SP6 * Containers Module 15-SP7 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that has one fix can now be installed. ## Description: This update for container-suseconnect fixes the following issues: * Version update v2.5.3 (bsc#1243360): * only handle command line options for the default * parse and ignore the previously removed log-credentials-errors * Restore usage output on unhandled command line options * Switch to go stable and update mod to 1.24.0 * Various golangci-lint v2.1x warnings fixed * Also allow optionally to pass down the system_token * Log everything to stderr * Code formatting * remove unnecessary packaging buildrequires ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2025-1736=1 * Containers Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Containers-15-SP7-2025-1736=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1736=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1736=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1736=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1736=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1736=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1736=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1736=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1736=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1736=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1736=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1736=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1736=1 ## Package List: * Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64) * container-suseconnect-2.5.3-150000.4.61.2 * Containers Module 15-SP7 (aarch64 ppc64le s390x x86_64) * container-suseconnect-2.5.3-150000.4.61.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * container-suseconnect-2.5.3-150000.4.61.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * container-suseconnect-2.5.3-150000.4.61.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * container-suseconnect-2.5.3-150000.4.61.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * container-suseconnect-2.5.3-150000.4.61.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * container-suseconnect-2.5.3-150000.4.61.2 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * container-suseconnect-2.5.3-150000.4.61.2 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * container-suseconnect-2.5.3-150000.4.61.2 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * container-suseconnect-2.5.3-150000.4.61.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * container-suseconnect-2.5.3-150000.4.61.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * container-suseconnect-2.5.3-150000.4.61.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * container-suseconnect-2.5.3-150000.4.61.2 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * container-suseconnect-2.5.3-150000.4.61.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1243360 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 12:30:46 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 12:30:46 -0000 Subject: SUSE-SU-2025:01660-2: important: Security update for MozillaThunderbird Message-ID: <174852184684.5224.13582388782628468769@smelt2.prg2.suse.org> # Security update for MozillaThunderbird Announcement ID: SUSE-SU-2025:01660-2 Release Date: 2025-05-29T09:33:56Z Rating: important References: * bsc#1243216 Cross-References: * CVE-2025-3875 * CVE-2025-3877 * CVE-2025-3909 * CVE-2025-3932 CVSS scores: * CVE-2025-3875 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-3877 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L * CVE-2025-3909 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-3932 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Linux Enterprise Workstation Extension 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves four vulnerabilities can now be installed. ## Description: This update for MozillaThunderbird fixes the following issues: Update to Mozilla Thunderbird 128.10.1. Security fixes: * MFSA 2025-34 (bsc#1243216) * CVE-2025-3875: Sender Spoofing via Malformed From Header in Thunderbird. * CVE-2025-3877: Unsolicited File Download, Disk Space Exhaustion, and Credential Leakage via mailbox:/// Links. * CVE-2025-3909: JavaScript Execution via Spoofed PDF Attachment and file:/// Link. * CVE-2025-3932: Tracking Links in Attachments Bypassed Remote Content Blocking. Other bug fixes: * Fixed: standalone message windows/tabs that no longer responded after folder compaction. * Fixed: Thunderbird could crash when importing Outlook messages. * Visual and UX improvements. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-1660=1 * SUSE Linux Enterprise Workstation Extension 15 SP7 zypper in -t patch SUSE-SLE-Product-WE-15-SP7-2025-1660=1 ## Package List: * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x) * MozillaThunderbird-translations-other-128.10.1-150200.8.215.1 * MozillaThunderbird-128.10.1-150200.8.215.1 * MozillaThunderbird-translations-common-128.10.1-150200.8.215.1 * MozillaThunderbird-debugsource-128.10.1-150200.8.215.1 * MozillaThunderbird-debuginfo-128.10.1-150200.8.215.1 * SUSE Linux Enterprise Workstation Extension 15 SP7 (x86_64) * MozillaThunderbird-translations-other-128.10.1-150200.8.215.1 * MozillaThunderbird-128.10.1-150200.8.215.1 * MozillaThunderbird-translations-common-128.10.1-150200.8.215.1 * MozillaThunderbird-debugsource-128.10.1-150200.8.215.1 * MozillaThunderbird-debuginfo-128.10.1-150200.8.215.1 ## References: * https://www.suse.com/security/cve/CVE-2025-3875.html * https://www.suse.com/security/cve/CVE-2025-3877.html * https://www.suse.com/security/cve/CVE-2025-3909.html * https://www.suse.com/security/cve/CVE-2025-3932.html * https://bugzilla.suse.com/show_bug.cgi?id=1243216 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 12:30:49 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 12:30:49 -0000 Subject: SUSE-SU-2025:01464-1: moderate: Security update for ImageMagick Message-ID: <174852184976.5224.1634329461850847000@smelt2.prg2.suse.org> # Security update for ImageMagick Announcement ID: SUSE-SU-2025:01464-1 Release Date: 2025-05-29T09:33:51Z Rating: moderate References: * bsc#1241658 * bsc#1241659 Cross-References: * CVE-2025-43965 * CVE-2025-46393 CVSS scores: * CVE-2025-43965 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2025-43965 ( SUSE ): 5.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L * CVE-2025-43965 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-46393 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2025-46393 ( SUSE ): 5.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L * CVE-2025-46393 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * Desktop Applications Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves two vulnerabilities can now be installed. ## Description: This update for ImageMagick fixes the following issues: * CVE-2025-43965: Fixed mishandling of image depth after SetQuantumFormat is used in MIFF image processing. (bsc#1241659) * CVE-2025-46393: Fixed mishandling of packet_size leads to rendering of channels in arbitrary order in multispectral MIFF image processing. (bsc#1241658) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Desktop Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP7-2025-1464=1 ## Package List: * Desktop Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * ImageMagick-debugsource-7.1.0.9-150400.6.30.1 * ImageMagick-config-7-upstream-7.1.0.9-150400.6.30.1 * ImageMagick-debuginfo-7.1.0.9-150400.6.30.1 ## References: * https://www.suse.com/security/cve/CVE-2025-43965.html * https://www.suse.com/security/cve/CVE-2025-46393.html * https://bugzilla.suse.com/show_bug.cgi?id=1241658 * https://bugzilla.suse.com/show_bug.cgi?id=1241659 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 12:30:52 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 12:30:52 -0000 Subject: SUSE-SU-2025:01551-1: moderate: Security update for go1.24 Message-ID: <174852185258.5224.10693363149234395216@smelt2.prg2.suse.org> # Security update for go1.24 Announcement ID: SUSE-SU-2025:01551-1 Release Date: 2025-05-29T09:29:39Z Rating: moderate References: * bsc#1236217 * bsc#1242715 Cross-References: * CVE-2025-22873 CVSS scores: * CVE-2025-22873 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-22873 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N Affected Products: * Development Tools Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for go1.24 fixes the following issues: Update to go1.24.3 (bsc#1236217): Security fixes: * CVE-2025-22873: Fixed os.Root permits access to parent directory (bsc#1242715) Changelog: * go#73556 go#73555 security: fix CVE-2025-22873 os: Root permits access to parent directory * go#73082 os: Root.Open panics when opening a symlink referencing the root * go#73092 cmd/link: linkname directive on userspace variable can override runtime variable * go#73118 crypto/tls: ECH decodeInnerClientHello incorrectly rejects ClientHello with GREASE values in supportedVersions * go#73144 runtime: segmentation fault from vgetrandomPutState and runtime.growslice w/ runtime.OSLockThread * go#73192 runtime: -race data race map traceback report incorrect functions * go#73281 cmd/compile: program compiles to wasm but is invalid: go:wasmexport: integer too large * go#73379 runtime, x/sys/unix: Connectx is broken on darwin/amd64 * go#73440 cmd/compile: infinite loop in the inliner * go#73500 cmd/go: +dirty in version stamping doesn't combine well with +incompatible ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Development Tools Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP7-2025-1551=1 ## Package List: * Development Tools Module 15-SP7 (aarch64 ppc64le s390x x86_64) * go1.24-doc-1.24.3-150000.1.23.1 * go1.24-race-1.24.3-150000.1.23.1 * go1.24-1.24.3-150000.1.23.1 ## References: * https://www.suse.com/security/cve/CVE-2025-22873.html * https://bugzilla.suse.com/show_bug.cgi?id=1236217 * https://bugzilla.suse.com/show_bug.cgi?id=1242715 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 12:30:56 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 12:30:56 -0000 Subject: SUSE-SU-2025:01537-1: important: Security update for tomcat10 Message-ID: <174852185671.5224.15150476395193544469@smelt2.prg2.suse.org> # Security update for tomcat10 Announcement ID: SUSE-SU-2025:01537-1 Release Date: 2025-05-29T09:04:28Z Rating: important References: * bsc#1242008 * bsc#1242009 Cross-References: * CVE-2025-31650 * CVE-2025-31651 CVSS scores: * CVE-2025-31650 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-31650 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-31650 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-31650 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-31651 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-31651 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-31651 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-31651 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * Web and Scripting Module 15-SP7 An update that solves two vulnerabilities can now be installed. ## Description: This update for tomcat10 fixes the following issues: Update to Tomcat 10.1.40 * CVE-2025-31650: invalid priority field values should be ignored (bsc#1242008) * CVE-2025-31651: Better handling of URLs with literal ';' and '?' (bsc#1242009) Full changelog: https://tomcat.apache.org/tomcat-10.1-doc/changelog.html ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Web and Scripting Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP7-2025-1537=1 ## Package List: * Web and Scripting Module 15-SP7 (noarch) * tomcat10-servlet-6_0-api-10.1.40-150200.5.40.1 * tomcat10-jsp-3_1-api-10.1.40-150200.5.40.1 * tomcat10-lib-10.1.40-150200.5.40.1 * tomcat10-webapps-10.1.40-150200.5.40.1 * tomcat10-el-5_0-api-10.1.40-150200.5.40.1 * tomcat10-10.1.40-150200.5.40.1 * tomcat10-admin-webapps-10.1.40-150200.5.40.1 ## References: * https://www.suse.com/security/cve/CVE-2025-31650.html * https://www.suse.com/security/cve/CVE-2025-31651.html * https://bugzilla.suse.com/show_bug.cgi?id=1242008 * https://bugzilla.suse.com/show_bug.cgi?id=1242009 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 16:30:06 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 16:30:06 -0000 Subject: SUSE-SU-2025:01760-1: important: Security update for slurm Message-ID: <174853620681.5267.17173040170455962244@smelt2.prg2.suse.org> # Security update for slurm Announcement ID: SUSE-SU-2025:01760-1 Release Date: 2025-05-29T14:54:19Z Rating: important References: * bsc#1243666 Cross-References: * CVE-2025-43904 CVSS scores: * CVE-2025-43904 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-43904 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 An update that solves one vulnerability can now be installed. ## Description: This update for slurm fixes the following issues: * CVE-2025-43904: an issue with permission handling for Coordinators within the accounting system allowed Coordinators to promote a user to Administrator (bsc#1243666). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-1760=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1760=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le x86_64) * slurm-munge-20.11.9-150300.4.15.1 * slurm-slurmdbd-debuginfo-20.11.9-150300.4.15.1 * slurm-pam_slurm-20.11.9-150300.4.15.1 * slurm-sql-20.11.9-150300.4.15.1 * slurm-config-man-20.11.9-150300.4.15.1 * libslurm36-20.11.9-150300.4.15.1 * slurm-doc-20.11.9-150300.4.15.1 * slurm-sview-debuginfo-20.11.9-150300.4.15.1 * slurm-torque-debuginfo-20.11.9-150300.4.15.1 * slurm-plugins-20.11.9-150300.4.15.1 * slurm-devel-20.11.9-150300.4.15.1 * slurm-debugsource-20.11.9-150300.4.15.1 * slurm-seff-20.11.9-150300.4.15.1 * slurm-webdoc-20.11.9-150300.4.15.1 * slurm-auth-none-20.11.9-150300.4.15.1 * slurm-torque-20.11.9-150300.4.15.1 * slurm-node-20.11.9-150300.4.15.1 * perl-slurm-20.11.9-150300.4.15.1 * slurm-slurmdbd-20.11.9-150300.4.15.1 * slurm-auth-none-debuginfo-20.11.9-150300.4.15.1 * libnss_slurm2-20.11.9-150300.4.15.1 * slurm-munge-debuginfo-20.11.9-150300.4.15.1 * slurm-debuginfo-20.11.9-150300.4.15.1 * slurm-config-20.11.9-150300.4.15.1 * slurm-sview-20.11.9-150300.4.15.1 * slurm-pam_slurm-debuginfo-20.11.9-150300.4.15.1 * slurm-sjstat-20.11.9-150300.4.15.1 * libnss_slurm2-debuginfo-20.11.9-150300.4.15.1 * slurm-hdf5-20.11.9-150300.4.15.1 * libpmi0-20.11.9-150300.4.15.1 * slurm-plugins-debuginfo-20.11.9-150300.4.15.1 * slurm-hdf5-debuginfo-20.11.9-150300.4.15.1 * slurm-openlava-20.11.9-150300.4.15.1 * libslurm36-debuginfo-20.11.9-150300.4.15.1 * slurm-lua-20.11.9-150300.4.15.1 * libpmi0-debuginfo-20.11.9-150300.4.15.1 * slurm-cray-debuginfo-20.11.9-150300.4.15.1 * slurm-testsuite-20.11.9-150300.4.15.1 * slurm-sql-debuginfo-20.11.9-150300.4.15.1 * slurm-rest-20.11.9-150300.4.15.1 * perl-slurm-debuginfo-20.11.9-150300.4.15.1 * slurm-lua-debuginfo-20.11.9-150300.4.15.1 * slurm-node-debuginfo-20.11.9-150300.4.15.1 * slurm-cray-20.11.9-150300.4.15.1 * slurm-20.11.9-150300.4.15.1 * slurm-rest-debuginfo-20.11.9-150300.4.15.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * slurm-munge-20.11.9-150300.4.15.1 * slurm-slurmdbd-debuginfo-20.11.9-150300.4.15.1 * slurm-pam_slurm-20.11.9-150300.4.15.1 * slurm-sql-20.11.9-150300.4.15.1 * slurm-config-man-20.11.9-150300.4.15.1 * libslurm36-20.11.9-150300.4.15.1 * slurm-doc-20.11.9-150300.4.15.1 * slurm-sview-debuginfo-20.11.9-150300.4.15.1 * slurm-torque-debuginfo-20.11.9-150300.4.15.1 * slurm-plugins-20.11.9-150300.4.15.1 * slurm-devel-20.11.9-150300.4.15.1 * slurm-debugsource-20.11.9-150300.4.15.1 * slurm-webdoc-20.11.9-150300.4.15.1 * slurm-auth-none-20.11.9-150300.4.15.1 * slurm-torque-20.11.9-150300.4.15.1 * slurm-node-20.11.9-150300.4.15.1 * perl-slurm-20.11.9-150300.4.15.1 * slurm-slurmdbd-20.11.9-150300.4.15.1 * slurm-auth-none-debuginfo-20.11.9-150300.4.15.1 * libnss_slurm2-20.11.9-150300.4.15.1 * slurm-munge-debuginfo-20.11.9-150300.4.15.1 * slurm-debuginfo-20.11.9-150300.4.15.1 * slurm-config-20.11.9-150300.4.15.1 * slurm-sview-20.11.9-150300.4.15.1 * slurm-pam_slurm-debuginfo-20.11.9-150300.4.15.1 * libnss_slurm2-debuginfo-20.11.9-150300.4.15.1 * libpmi0-20.11.9-150300.4.15.1 * slurm-plugins-debuginfo-20.11.9-150300.4.15.1 * libslurm36-debuginfo-20.11.9-150300.4.15.1 * slurm-lua-20.11.9-150300.4.15.1 * libpmi0-debuginfo-20.11.9-150300.4.15.1 * slurm-sql-debuginfo-20.11.9-150300.4.15.1 * slurm-rest-20.11.9-150300.4.15.1 * perl-slurm-debuginfo-20.11.9-150300.4.15.1 * slurm-lua-debuginfo-20.11.9-150300.4.15.1 * slurm-node-debuginfo-20.11.9-150300.4.15.1 * slurm-20.11.9-150300.4.15.1 * slurm-rest-debuginfo-20.11.9-150300.4.15.1 ## References: * https://www.suse.com/security/cve/CVE-2025-43904.html * https://bugzilla.suse.com/show_bug.cgi?id=1243666 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 16:30:10 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 16:30:10 -0000 Subject: SUSE-SU-2025:01759-1: important: Security update for slurm Message-ID: <174853621098.5267.12600506415681030253@smelt2.prg2.suse.org> # Security update for slurm Announcement ID: SUSE-SU-2025:01759-1 Release Date: 2025-05-29T14:54:09Z Rating: important References: * bsc#1243666 Cross-References: * CVE-2025-43904 CVSS scores: * CVE-2025-43904 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-43904 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * HPC Module 15-SP6 * HPC Module 15-SP7 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves one vulnerability can now be installed. ## Description: This update for slurm fixes the following issues: * CVE-2025-43904: an issue with permission handling for Coordinators within the accounting system allowed Coordinators to promote a user to Administrator (bsc#1243666). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-1759=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1759=1 * HPC Module 15-SP6 zypper in -t patch SUSE-SLE-Module-HPC-15-SP6-2025-1759=1 * HPC Module 15-SP7 zypper in -t patch SUSE-SLE-Module-HPC-15-SP7-2025-1759=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-1759=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1759=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1759=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * perl-slurm-23.02.7-150500.5.18.1 * slurm-auth-none-debuginfo-23.02.7-150500.5.18.1 * slurm-debugsource-23.02.7-150500.5.18.1 * slurm-plugins-23.02.7-150500.5.18.1 * slurm-slurmdbd-debuginfo-23.02.7-150500.5.18.1 * libslurm39-23.02.7-150500.5.18.1 * slurm-munge-23.02.7-150500.5.18.1 * slurm-23.02.7-150500.5.18.1 * libnss_slurm2-23.02.7-150500.5.18.1 * slurm-devel-23.02.7-150500.5.18.1 * slurm-pam_slurm-debuginfo-23.02.7-150500.5.18.1 * libpmi0-23.02.7-150500.5.18.1 * slurm-plugin-ext-sensors-rrd-23.02.7-150500.5.18.1 * libpmi0-debuginfo-23.02.7-150500.5.18.1 * perl-slurm-debuginfo-23.02.7-150500.5.18.1 * slurm-rest-debuginfo-23.02.7-150500.5.18.1 * slurm-auth-none-23.02.7-150500.5.18.1 * slurm-node-23.02.7-150500.5.18.1 * slurm-munge-debuginfo-23.02.7-150500.5.18.1 * slurm-lua-23.02.7-150500.5.18.1 * slurm-sql-23.02.7-150500.5.18.1 * slurm-torque-23.02.7-150500.5.18.1 * slurm-cray-23.02.7-150500.5.18.1 * slurm-rest-23.02.7-150500.5.18.1 * slurm-hdf5-debuginfo-23.02.7-150500.5.18.1 * slurm-slurmdbd-23.02.7-150500.5.18.1 * slurm-plugins-debuginfo-23.02.7-150500.5.18.1 * slurm-sview-debuginfo-23.02.7-150500.5.18.1 * slurm-cray-debuginfo-23.02.7-150500.5.18.1 * slurm-pam_slurm-23.02.7-150500.5.18.1 * slurm-lua-debuginfo-23.02.7-150500.5.18.1 * slurm-torque-debuginfo-23.02.7-150500.5.18.1 * slurm-node-debuginfo-23.02.7-150500.5.18.1 * slurm-sview-23.02.7-150500.5.18.1 * slurm-sql-debuginfo-23.02.7-150500.5.18.1 * libslurm39-debuginfo-23.02.7-150500.5.18.1 * slurm-debuginfo-23.02.7-150500.5.18.1 * slurm-hdf5-23.02.7-150500.5.18.1 * libnss_slurm2-debuginfo-23.02.7-150500.5.18.1 * slurm-plugin-ext-sensors-rrd-debuginfo-23.02.7-150500.5.18.1 * slurm-testsuite-23.02.7-150500.5.18.1 * openSUSE Leap 15.5 (noarch) * slurm-doc-23.02.7-150500.5.18.1 * slurm-seff-23.02.7-150500.5.18.1 * slurm-webdoc-23.02.7-150500.5.18.1 * slurm-openlava-23.02.7-150500.5.18.1 * slurm-config-man-23.02.7-150500.5.18.1 * slurm-sjstat-23.02.7-150500.5.18.1 * slurm-config-23.02.7-150500.5.18.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * perl-slurm-23.02.7-150500.5.18.1 * slurm-auth-none-debuginfo-23.02.7-150500.5.18.1 * slurm-debugsource-23.02.7-150500.5.18.1 * slurm-plugins-23.02.7-150500.5.18.1 * slurm-slurmdbd-debuginfo-23.02.7-150500.5.18.1 * libslurm39-23.02.7-150500.5.18.1 * slurm-munge-23.02.7-150500.5.18.1 * slurm-23.02.7-150500.5.18.1 * libnss_slurm2-23.02.7-150500.5.18.1 * slurm-devel-23.02.7-150500.5.18.1 * slurm-pam_slurm-debuginfo-23.02.7-150500.5.18.1 * libpmi0-23.02.7-150500.5.18.1 * slurm-plugin-ext-sensors-rrd-23.02.7-150500.5.18.1 * libpmi0-debuginfo-23.02.7-150500.5.18.1 * perl-slurm-debuginfo-23.02.7-150500.5.18.1 * slurm-rest-debuginfo-23.02.7-150500.5.18.1 * slurm-auth-none-23.02.7-150500.5.18.1 * slurm-node-23.02.7-150500.5.18.1 * slurm-munge-debuginfo-23.02.7-150500.5.18.1 * slurm-lua-23.02.7-150500.5.18.1 * slurm-sql-23.02.7-150500.5.18.1 * slurm-torque-23.02.7-150500.5.18.1 * slurm-cray-23.02.7-150500.5.18.1 * slurm-rest-23.02.7-150500.5.18.1 * slurm-hdf5-debuginfo-23.02.7-150500.5.18.1 * slurm-slurmdbd-23.02.7-150500.5.18.1 * slurm-plugins-debuginfo-23.02.7-150500.5.18.1 * slurm-sview-debuginfo-23.02.7-150500.5.18.1 * slurm-cray-debuginfo-23.02.7-150500.5.18.1 * slurm-pam_slurm-23.02.7-150500.5.18.1 * slurm-lua-debuginfo-23.02.7-150500.5.18.1 * slurm-torque-debuginfo-23.02.7-150500.5.18.1 * slurm-node-debuginfo-23.02.7-150500.5.18.1 * slurm-sview-23.02.7-150500.5.18.1 * slurm-sql-debuginfo-23.02.7-150500.5.18.1 * libslurm39-debuginfo-23.02.7-150500.5.18.1 * slurm-debuginfo-23.02.7-150500.5.18.1 * slurm-hdf5-23.02.7-150500.5.18.1 * libnss_slurm2-debuginfo-23.02.7-150500.5.18.1 * slurm-plugin-ext-sensors-rrd-debuginfo-23.02.7-150500.5.18.1 * slurm-testsuite-23.02.7-150500.5.18.1 * openSUSE Leap 15.6 (noarch) * slurm-doc-23.02.7-150500.5.18.1 * slurm-seff-23.02.7-150500.5.18.1 * slurm-webdoc-23.02.7-150500.5.18.1 * slurm-openlava-23.02.7-150500.5.18.1 * slurm-config-man-23.02.7-150500.5.18.1 * slurm-sjstat-23.02.7-150500.5.18.1 * slurm-config-23.02.7-150500.5.18.1 * HPC Module 15-SP6 (aarch64 x86_64) * perl-slurm-23.02.7-150500.5.18.1 * slurm-auth-none-debuginfo-23.02.7-150500.5.18.1 * slurm-debugsource-23.02.7-150500.5.18.1 * slurm-plugins-23.02.7-150500.5.18.1 * slurm-slurmdbd-debuginfo-23.02.7-150500.5.18.1 * libslurm39-23.02.7-150500.5.18.1 * slurm-munge-23.02.7-150500.5.18.1 * slurm-23.02.7-150500.5.18.1 * libnss_slurm2-23.02.7-150500.5.18.1 * slurm-devel-23.02.7-150500.5.18.1 * slurm-pam_slurm-debuginfo-23.02.7-150500.5.18.1 * libpmi0-23.02.7-150500.5.18.1 * slurm-plugin-ext-sensors-rrd-23.02.7-150500.5.18.1 * libpmi0-debuginfo-23.02.7-150500.5.18.1 * perl-slurm-debuginfo-23.02.7-150500.5.18.1 * slurm-rest-debuginfo-23.02.7-150500.5.18.1 * slurm-auth-none-23.02.7-150500.5.18.1 * slurm-munge-debuginfo-23.02.7-150500.5.18.1 * slurm-lua-23.02.7-150500.5.18.1 * slurm-sql-23.02.7-150500.5.18.1 * slurm-torque-23.02.7-150500.5.18.1 * slurm-cray-23.02.7-150500.5.18.1 * slurm-rest-23.02.7-150500.5.18.1 * slurm-slurmdbd-23.02.7-150500.5.18.1 * slurm-plugins-debuginfo-23.02.7-150500.5.18.1 * slurm-sview-debuginfo-23.02.7-150500.5.18.1 * slurm-cray-debuginfo-23.02.7-150500.5.18.1 * slurm-pam_slurm-23.02.7-150500.5.18.1 * slurm-lua-debuginfo-23.02.7-150500.5.18.1 * slurm-torque-debuginfo-23.02.7-150500.5.18.1 * slurm-node-debuginfo-23.02.7-150500.5.18.1 * slurm-sview-23.02.7-150500.5.18.1 * slurm-sql-debuginfo-23.02.7-150500.5.18.1 * libslurm39-debuginfo-23.02.7-150500.5.18.1 * slurm-debuginfo-23.02.7-150500.5.18.1 * slurm-node-23.02.7-150500.5.18.1 * libnss_slurm2-debuginfo-23.02.7-150500.5.18.1 * slurm-plugin-ext-sensors-rrd-debuginfo-23.02.7-150500.5.18.1 * HPC Module 15-SP6 (noarch) * slurm-config-man-23.02.7-150500.5.18.1 * slurm-doc-23.02.7-150500.5.18.1 * slurm-webdoc-23.02.7-150500.5.18.1 * slurm-config-23.02.7-150500.5.18.1 * HPC Module 15-SP7 (aarch64 x86_64) * slurm-plugin-ext-sensors-rrd-debuginfo-23.02.7-150500.5.18.1 * slurm-debugsource-23.02.7-150500.5.18.1 * slurm-debuginfo-23.02.7-150500.5.18.1 * slurm-plugin-ext-sensors-rrd-23.02.7-150500.5.18.1 * SUSE Package Hub 15 15-SP6 (ppc64le s390x) * perl-slurm-23.02.7-150500.5.18.1 * slurm-auth-none-debuginfo-23.02.7-150500.5.18.1 * slurm-debugsource-23.02.7-150500.5.18.1 * slurm-plugins-23.02.7-150500.5.18.1 * slurm-slurmdbd-debuginfo-23.02.7-150500.5.18.1 * slurm-munge-23.02.7-150500.5.18.1 * slurm-23.02.7-150500.5.18.1 * libnss_slurm2-23.02.7-150500.5.18.1 * slurm-devel-23.02.7-150500.5.18.1 * slurm-pam_slurm-debuginfo-23.02.7-150500.5.18.1 * libpmi0-23.02.7-150500.5.18.1 * libpmi0-debuginfo-23.02.7-150500.5.18.1 * perl-slurm-debuginfo-23.02.7-150500.5.18.1 * slurm-rest-debuginfo-23.02.7-150500.5.18.1 * slurm-auth-none-23.02.7-150500.5.18.1 * slurm-munge-debuginfo-23.02.7-150500.5.18.1 * slurm-lua-23.02.7-150500.5.18.1 * slurm-sql-23.02.7-150500.5.18.1 * slurm-torque-23.02.7-150500.5.18.1 * slurm-cray-23.02.7-150500.5.18.1 * slurm-rest-23.02.7-150500.5.18.1 * slurm-hdf5-debuginfo-23.02.7-150500.5.18.1 * slurm-slurmdbd-23.02.7-150500.5.18.1 * slurm-plugins-debuginfo-23.02.7-150500.5.18.1 * slurm-sview-debuginfo-23.02.7-150500.5.18.1 * slurm-cray-debuginfo-23.02.7-150500.5.18.1 * slurm-pam_slurm-23.02.7-150500.5.18.1 * slurm-lua-debuginfo-23.02.7-150500.5.18.1 * slurm-torque-debuginfo-23.02.7-150500.5.18.1 * slurm-node-debuginfo-23.02.7-150500.5.18.1 * slurm-sview-23.02.7-150500.5.18.1 * slurm-sql-debuginfo-23.02.7-150500.5.18.1 * slurm-debuginfo-23.02.7-150500.5.18.1 * slurm-node-23.02.7-150500.5.18.1 * slurm-hdf5-23.02.7-150500.5.18.1 * libnss_slurm2-debuginfo-23.02.7-150500.5.18.1 * SUSE Package Hub 15 15-SP6 (noarch) * slurm-doc-23.02.7-150500.5.18.1 * slurm-seff-23.02.7-150500.5.18.1 * slurm-webdoc-23.02.7-150500.5.18.1 * slurm-openlava-23.02.7-150500.5.18.1 * slurm-config-man-23.02.7-150500.5.18.1 * slurm-sjstat-23.02.7-150500.5.18.1 * slurm-config-23.02.7-150500.5.18.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * perl-slurm-23.02.7-150500.5.18.1 * slurm-auth-none-debuginfo-23.02.7-150500.5.18.1 * slurm-debugsource-23.02.7-150500.5.18.1 * slurm-plugins-23.02.7-150500.5.18.1 * slurm-slurmdbd-debuginfo-23.02.7-150500.5.18.1 * libslurm39-23.02.7-150500.5.18.1 * slurm-munge-23.02.7-150500.5.18.1 * slurm-23.02.7-150500.5.18.1 * libnss_slurm2-23.02.7-150500.5.18.1 * slurm-devel-23.02.7-150500.5.18.1 * slurm-pam_slurm-debuginfo-23.02.7-150500.5.18.1 * libpmi0-23.02.7-150500.5.18.1 * slurm-plugin-ext-sensors-rrd-23.02.7-150500.5.18.1 * libpmi0-debuginfo-23.02.7-150500.5.18.1 * perl-slurm-debuginfo-23.02.7-150500.5.18.1 * slurm-rest-debuginfo-23.02.7-150500.5.18.1 * slurm-auth-none-23.02.7-150500.5.18.1 * slurm-munge-debuginfo-23.02.7-150500.5.18.1 * slurm-lua-23.02.7-150500.5.18.1 * slurm-sql-23.02.7-150500.5.18.1 * slurm-torque-23.02.7-150500.5.18.1 * slurm-cray-23.02.7-150500.5.18.1 * slurm-rest-23.02.7-150500.5.18.1 * slurm-slurmdbd-23.02.7-150500.5.18.1 * slurm-plugins-debuginfo-23.02.7-150500.5.18.1 * slurm-sview-debuginfo-23.02.7-150500.5.18.1 * slurm-cray-debuginfo-23.02.7-150500.5.18.1 * slurm-pam_slurm-23.02.7-150500.5.18.1 * slurm-lua-debuginfo-23.02.7-150500.5.18.1 * slurm-torque-debuginfo-23.02.7-150500.5.18.1 * slurm-node-debuginfo-23.02.7-150500.5.18.1 * slurm-sview-23.02.7-150500.5.18.1 * slurm-sql-debuginfo-23.02.7-150500.5.18.1 * libslurm39-debuginfo-23.02.7-150500.5.18.1 * slurm-debuginfo-23.02.7-150500.5.18.1 * slurm-node-23.02.7-150500.5.18.1 * libnss_slurm2-debuginfo-23.02.7-150500.5.18.1 * slurm-plugin-ext-sensors-rrd-debuginfo-23.02.7-150500.5.18.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * slurm-config-man-23.02.7-150500.5.18.1 * slurm-doc-23.02.7-150500.5.18.1 * slurm-webdoc-23.02.7-150500.5.18.1 * slurm-config-23.02.7-150500.5.18.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * perl-slurm-23.02.7-150500.5.18.1 * slurm-auth-none-debuginfo-23.02.7-150500.5.18.1 * slurm-debugsource-23.02.7-150500.5.18.1 * slurm-plugins-23.02.7-150500.5.18.1 * slurm-slurmdbd-debuginfo-23.02.7-150500.5.18.1 * libslurm39-23.02.7-150500.5.18.1 * slurm-munge-23.02.7-150500.5.18.1 * slurm-23.02.7-150500.5.18.1 * libnss_slurm2-23.02.7-150500.5.18.1 * slurm-devel-23.02.7-150500.5.18.1 * slurm-pam_slurm-debuginfo-23.02.7-150500.5.18.1 * libpmi0-23.02.7-150500.5.18.1 * slurm-plugin-ext-sensors-rrd-23.02.7-150500.5.18.1 * libpmi0-debuginfo-23.02.7-150500.5.18.1 * perl-slurm-debuginfo-23.02.7-150500.5.18.1 * slurm-rest-debuginfo-23.02.7-150500.5.18.1 * slurm-auth-none-23.02.7-150500.5.18.1 * slurm-munge-debuginfo-23.02.7-150500.5.18.1 * slurm-lua-23.02.7-150500.5.18.1 * slurm-sql-23.02.7-150500.5.18.1 * slurm-torque-23.02.7-150500.5.18.1 * slurm-cray-23.02.7-150500.5.18.1 * slurm-rest-23.02.7-150500.5.18.1 * slurm-slurmdbd-23.02.7-150500.5.18.1 * slurm-plugins-debuginfo-23.02.7-150500.5.18.1 * slurm-sview-debuginfo-23.02.7-150500.5.18.1 * slurm-cray-debuginfo-23.02.7-150500.5.18.1 * slurm-pam_slurm-23.02.7-150500.5.18.1 * slurm-lua-debuginfo-23.02.7-150500.5.18.1 * slurm-torque-debuginfo-23.02.7-150500.5.18.1 * slurm-node-debuginfo-23.02.7-150500.5.18.1 * slurm-sview-23.02.7-150500.5.18.1 * slurm-sql-debuginfo-23.02.7-150500.5.18.1 * libslurm39-debuginfo-23.02.7-150500.5.18.1 * slurm-debuginfo-23.02.7-150500.5.18.1 * slurm-node-23.02.7-150500.5.18.1 * libnss_slurm2-debuginfo-23.02.7-150500.5.18.1 * slurm-plugin-ext-sensors-rrd-debuginfo-23.02.7-150500.5.18.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * slurm-config-man-23.02.7-150500.5.18.1 * slurm-doc-23.02.7-150500.5.18.1 * slurm-webdoc-23.02.7-150500.5.18.1 * slurm-config-23.02.7-150500.5.18.1 ## References: * https://www.suse.com/security/cve/CVE-2025-43904.html * https://bugzilla.suse.com/show_bug.cgi?id=1243666 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 16:30:13 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 16:30:13 -0000 Subject: SUSE-SU-2025:01758-1: important: Security update for slurm_23_02 Message-ID: <174853621371.5267.11704233874006543281@smelt2.prg2.suse.org> # Security update for slurm_23_02 Announcement ID: SUSE-SU-2025:01758-1 Release Date: 2025-05-29T14:49:13Z Rating: important References: * bsc#1243666 Cross-References: * CVE-2025-43904 CVSS scores: * CVE-2025-43904 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-43904 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * HPC Module 15-SP7 * openSUSE Leap 15.3 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for slurm_23_02 fixes the following issues: * CVE-2025-43904: an issue with permission handling for Coordinators within the accounting system allowed Coordinators to promote a user to Administrator (bsc#1243666). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-1758=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1758=1 * HPC Module 15-SP7 zypper in -t patch SUSE-SLE-Module-HPC-15-SP7-2025-1758=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1758=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1758=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1758=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64) * slurm_23_02-debugsource-23.02.7-150300.7.20.1 * slurm_23_02-plugin-ext-sensors-rrd-23.02.7-150300.7.20.1 * slurm_23_02-torque-23.02.7-150300.7.20.1 * slurm_23_02-devel-23.02.7-150300.7.20.1 * slurm_23_02-munge-23.02.7-150300.7.20.1 * slurm_23_02-plugins-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-node-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-hdf5-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-sql-23.02.7-150300.7.20.1 * slurm_23_02-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-hdf5-23.02.7-150300.7.20.1 * slurm_23_02-plugins-23.02.7-150300.7.20.1 * slurm_23_02-pam_slurm-23.02.7-150300.7.20.1 * slurm_23_02-rest-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-slurmdbd-23.02.7-150300.7.20.1 * slurm_23_02-23.02.7-150300.7.20.1 * slurm_23_02-lua-23.02.7-150300.7.20.1 * slurm_23_02-sview-23.02.7-150300.7.20.1 * slurm_23_02-node-23.02.7-150300.7.20.1 * slurm_23_02-cray-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-lua-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-auth-none-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-munge-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-sql-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-auth-none-23.02.7-150300.7.20.1 * slurm_23_02-rest-23.02.7-150300.7.20.1 * slurm_23_02-cray-23.02.7-150300.7.20.1 * slurm_23_02-pam_slurm-debuginfo-23.02.7-150300.7.20.1 * libpmi0_23_02-23.02.7-150300.7.20.1 * libpmi0_23_02-debuginfo-23.02.7-150300.7.20.1 * perl-slurm_23_02-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-torque-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-slurmdbd-debuginfo-23.02.7-150300.7.20.1 * libnss_slurm2_23_02-23.02.7-150300.7.20.1 * slurm_23_02-plugin-ext-sensors-rrd-debuginfo-23.02.7-150300.7.20.1 * perl-slurm_23_02-23.02.7-150300.7.20.1 * slurm_23_02-sview-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-testsuite-23.02.7-150300.7.20.1 * libslurm39-23.02.7-150300.7.20.1 * libnss_slurm2_23_02-debuginfo-23.02.7-150300.7.20.1 * libslurm39-debuginfo-23.02.7-150300.7.20.1 * openSUSE Leap 15.3 (noarch) * slurm_23_02-doc-23.02.7-150300.7.20.1 * slurm_23_02-config-man-23.02.7-150300.7.20.1 * slurm_23_02-sjstat-23.02.7-150300.7.20.1 * slurm_23_02-config-23.02.7-150300.7.20.1 * slurm_23_02-webdoc-23.02.7-150300.7.20.1 * slurm_23_02-seff-23.02.7-150300.7.20.1 * slurm_23_02-openlava-23.02.7-150300.7.20.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * slurm_23_02-debugsource-23.02.7-150300.7.20.1 * slurm_23_02-plugin-ext-sensors-rrd-23.02.7-150300.7.20.1 * slurm_23_02-torque-23.02.7-150300.7.20.1 * slurm_23_02-devel-23.02.7-150300.7.20.1 * slurm_23_02-munge-23.02.7-150300.7.20.1 * slurm_23_02-plugins-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-node-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-hdf5-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-sql-23.02.7-150300.7.20.1 * slurm_23_02-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-hdf5-23.02.7-150300.7.20.1 * slurm_23_02-plugins-23.02.7-150300.7.20.1 * slurm_23_02-rest-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-slurmdbd-23.02.7-150300.7.20.1 * slurm_23_02-23.02.7-150300.7.20.1 * slurm_23_02-lua-23.02.7-150300.7.20.1 * slurm_23_02-sview-23.02.7-150300.7.20.1 * slurm_23_02-node-23.02.7-150300.7.20.1 * slurm_23_02-cray-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-lua-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-auth-none-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-munge-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-sql-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-auth-none-23.02.7-150300.7.20.1 * slurm_23_02-rest-23.02.7-150300.7.20.1 * slurm_23_02-cray-23.02.7-150300.7.20.1 * slurm_23_02-pam_slurm-debuginfo-23.02.7-150300.7.20.1 * libpmi0_23_02-23.02.7-150300.7.20.1 * libpmi0_23_02-debuginfo-23.02.7-150300.7.20.1 * perl-slurm_23_02-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-torque-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-slurmdbd-debuginfo-23.02.7-150300.7.20.1 * libnss_slurm2_23_02-23.02.7-150300.7.20.1 * slurm_23_02-plugin-ext-sensors-rrd-debuginfo-23.02.7-150300.7.20.1 * perl-slurm_23_02-23.02.7-150300.7.20.1 * slurm_23_02-sview-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-testsuite-23.02.7-150300.7.20.1 * slurm_23_02-pam_slurm-23.02.7-150300.7.20.1 * libnss_slurm2_23_02-debuginfo-23.02.7-150300.7.20.1 * openSUSE Leap 15.6 (noarch) * slurm_23_02-doc-23.02.7-150300.7.20.1 * slurm_23_02-config-man-23.02.7-150300.7.20.1 * slurm_23_02-sjstat-23.02.7-150300.7.20.1 * slurm_23_02-config-23.02.7-150300.7.20.1 * slurm_23_02-webdoc-23.02.7-150300.7.20.1 * slurm_23_02-seff-23.02.7-150300.7.20.1 * slurm_23_02-openlava-23.02.7-150300.7.20.1 * HPC Module 15-SP7 (noarch) * slurm_23_02-config-23.02.7-150300.7.20.1 * HPC Module 15-SP7 (aarch64 x86_64) * slurm_23_02-plugins-23.02.7-150300.7.20.1 * slurm_23_02-debugsource-23.02.7-150300.7.20.1 * slurm_23_02-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-plugins-debuginfo-23.02.7-150300.7.20.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * slurm_23_02-debugsource-23.02.7-150300.7.20.1 * slurm_23_02-plugin-ext-sensors-rrd-23.02.7-150300.7.20.1 * slurm_23_02-torque-23.02.7-150300.7.20.1 * slurm_23_02-devel-23.02.7-150300.7.20.1 * slurm_23_02-munge-23.02.7-150300.7.20.1 * slurm_23_02-plugins-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-node-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-sql-23.02.7-150300.7.20.1 * slurm_23_02-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-plugins-23.02.7-150300.7.20.1 * slurm_23_02-pam_slurm-23.02.7-150300.7.20.1 * slurm_23_02-rest-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-slurmdbd-23.02.7-150300.7.20.1 * slurm_23_02-23.02.7-150300.7.20.1 * slurm_23_02-lua-23.02.7-150300.7.20.1 * slurm_23_02-sview-23.02.7-150300.7.20.1 * slurm_23_02-node-23.02.7-150300.7.20.1 * slurm_23_02-cray-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-lua-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-auth-none-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-munge-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-sql-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-auth-none-23.02.7-150300.7.20.1 * slurm_23_02-rest-23.02.7-150300.7.20.1 * slurm_23_02-cray-23.02.7-150300.7.20.1 * slurm_23_02-pam_slurm-debuginfo-23.02.7-150300.7.20.1 * libpmi0_23_02-23.02.7-150300.7.20.1 * libpmi0_23_02-debuginfo-23.02.7-150300.7.20.1 * perl-slurm_23_02-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-torque-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-slurmdbd-debuginfo-23.02.7-150300.7.20.1 * libnss_slurm2_23_02-23.02.7-150300.7.20.1 * slurm_23_02-plugin-ext-sensors-rrd-debuginfo-23.02.7-150300.7.20.1 * perl-slurm_23_02-23.02.7-150300.7.20.1 * slurm_23_02-sview-debuginfo-23.02.7-150300.7.20.1 * libslurm39-23.02.7-150300.7.20.1 * libnss_slurm2_23_02-debuginfo-23.02.7-150300.7.20.1 * libslurm39-debuginfo-23.02.7-150300.7.20.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * slurm_23_02-config-23.02.7-150300.7.20.1 * slurm_23_02-webdoc-23.02.7-150300.7.20.1 * slurm_23_02-doc-23.02.7-150300.7.20.1 * slurm_23_02-config-man-23.02.7-150300.7.20.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * slurm_23_02-debugsource-23.02.7-150300.7.20.1 * slurm_23_02-plugin-ext-sensors-rrd-23.02.7-150300.7.20.1 * slurm_23_02-torque-23.02.7-150300.7.20.1 * slurm_23_02-devel-23.02.7-150300.7.20.1 * slurm_23_02-munge-23.02.7-150300.7.20.1 * slurm_23_02-plugins-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-node-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-sql-23.02.7-150300.7.20.1 * slurm_23_02-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-plugins-23.02.7-150300.7.20.1 * slurm_23_02-pam_slurm-23.02.7-150300.7.20.1 * slurm_23_02-rest-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-slurmdbd-23.02.7-150300.7.20.1 * slurm_23_02-23.02.7-150300.7.20.1 * slurm_23_02-lua-23.02.7-150300.7.20.1 * slurm_23_02-sview-23.02.7-150300.7.20.1 * slurm_23_02-node-23.02.7-150300.7.20.1 * slurm_23_02-cray-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-lua-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-auth-none-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-munge-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-sql-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-auth-none-23.02.7-150300.7.20.1 * slurm_23_02-rest-23.02.7-150300.7.20.1 * slurm_23_02-cray-23.02.7-150300.7.20.1 * slurm_23_02-pam_slurm-debuginfo-23.02.7-150300.7.20.1 * libpmi0_23_02-23.02.7-150300.7.20.1 * libpmi0_23_02-debuginfo-23.02.7-150300.7.20.1 * perl-slurm_23_02-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-torque-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-slurmdbd-debuginfo-23.02.7-150300.7.20.1 * libnss_slurm2_23_02-23.02.7-150300.7.20.1 * slurm_23_02-plugin-ext-sensors-rrd-debuginfo-23.02.7-150300.7.20.1 * perl-slurm_23_02-23.02.7-150300.7.20.1 * slurm_23_02-sview-debuginfo-23.02.7-150300.7.20.1 * libslurm39-23.02.7-150300.7.20.1 * libnss_slurm2_23_02-debuginfo-23.02.7-150300.7.20.1 * libslurm39-debuginfo-23.02.7-150300.7.20.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * slurm_23_02-config-23.02.7-150300.7.20.1 * slurm_23_02-webdoc-23.02.7-150300.7.20.1 * slurm_23_02-doc-23.02.7-150300.7.20.1 * slurm_23_02-config-man-23.02.7-150300.7.20.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * slurm_23_02-debugsource-23.02.7-150300.7.20.1 * slurm_23_02-plugin-ext-sensors-rrd-23.02.7-150300.7.20.1 * slurm_23_02-torque-23.02.7-150300.7.20.1 * slurm_23_02-devel-23.02.7-150300.7.20.1 * slurm_23_02-munge-23.02.7-150300.7.20.1 * slurm_23_02-plugins-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-node-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-sql-23.02.7-150300.7.20.1 * slurm_23_02-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-plugins-23.02.7-150300.7.20.1 * slurm_23_02-pam_slurm-23.02.7-150300.7.20.1 * slurm_23_02-rest-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-slurmdbd-23.02.7-150300.7.20.1 * slurm_23_02-23.02.7-150300.7.20.1 * slurm_23_02-lua-23.02.7-150300.7.20.1 * slurm_23_02-sview-23.02.7-150300.7.20.1 * slurm_23_02-node-23.02.7-150300.7.20.1 * slurm_23_02-cray-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-lua-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-auth-none-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-munge-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-sql-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-auth-none-23.02.7-150300.7.20.1 * slurm_23_02-rest-23.02.7-150300.7.20.1 * slurm_23_02-cray-23.02.7-150300.7.20.1 * slurm_23_02-pam_slurm-debuginfo-23.02.7-150300.7.20.1 * libpmi0_23_02-23.02.7-150300.7.20.1 * libpmi0_23_02-debuginfo-23.02.7-150300.7.20.1 * perl-slurm_23_02-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-torque-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-slurmdbd-debuginfo-23.02.7-150300.7.20.1 * libnss_slurm2_23_02-23.02.7-150300.7.20.1 * slurm_23_02-plugin-ext-sensors-rrd-debuginfo-23.02.7-150300.7.20.1 * perl-slurm_23_02-23.02.7-150300.7.20.1 * slurm_23_02-sview-debuginfo-23.02.7-150300.7.20.1 * libslurm39-23.02.7-150300.7.20.1 * libnss_slurm2_23_02-debuginfo-23.02.7-150300.7.20.1 * libslurm39-debuginfo-23.02.7-150300.7.20.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * slurm_23_02-config-23.02.7-150300.7.20.1 * slurm_23_02-webdoc-23.02.7-150300.7.20.1 * slurm_23_02-doc-23.02.7-150300.7.20.1 * slurm_23_02-config-man-23.02.7-150300.7.20.1 ## References: * https://www.suse.com/security/cve/CVE-2025-43904.html * https://bugzilla.suse.com/show_bug.cgi?id=1243666 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 16:30:16 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 16:30:16 -0000 Subject: SUSE-SU-2025:01757-1: important: Security update for slurm_24_11 Message-ID: <174853621646.5267.14728814244909437395@smelt2.prg2.suse.org> # Security update for slurm_24_11 Announcement ID: SUSE-SU-2025:01757-1 Release Date: 2025-05-29T14:47:58Z Rating: important References: * bsc#1243666 Cross-References: * CVE-2025-43904 CVSS scores: * CVE-2025-43904 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-43904 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * HPC Module 12 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for slurm_24_11 fixes the following issues: Update to version 24.11.5. Security issues fixed: * CVE-2025-43904: an issue with permission handling for Coordinators within the accounting system allowed Coordinators to promote a user to Administrator (bsc#1243666). Other changes and issues fixed: * Changes from version 24.11.5 * Return error to `scontrol` reboot on bad nodelists. * `slurmrestd` \- Report an error when QOS resolution fails for v0.0.40 endpoints. * `slurmrestd` \- Report an error when QOS resolution fails for v0.0.41 endpoints. * `slurmrestd` \- Report an error when QOS resolution fails for v0.0.42 endpoints. * `data_parser/v0.0.42` \- Added `+inline_enums` flag which modifies the output when generating OpenAPI specification. It causes enum arrays to not be defined in their own schema with references (`$ref`) to them. Instead they will be dumped inline. * Fix binding error with `tres-bind map/mask` on partial node allocations. * Fix `stepmgr` enabled steps being able to request features. * Reject step creation if requested feature is not available in job. * `slurmd` \- Restrict listening for new incoming RPC requests further into startup. * `slurmd` \- Avoid `auth/slurm` related hangs of CLI commands during startup and shutdown. * `slurmctld` \- Restrict processing new incoming RPC requests further into startup. Stop processing requests sooner during shutdown. * `slurmcltd` \- Avoid auth/slurm related hangs of CLI commands during startup and shutdown. * `slurmctld` \- Avoid race condition during shutdown or ereconfigure that could result in a crash due delayed processing of a connection while plugins are unloaded. * Fix small memleak when getting the job list from the database. * Fix incorrect printing of `%` escape characters when printing stdio fields for jobs. * Fix padding parsing when printing stdio fields for jobs. * Fix printing `%A` array job id when expanding patterns. * Fix reservations causing jobs to be held for `Bad Constraints`. * `switch/hpe_slingshot` \- Prevent potential segfault on failed curl request to the fabric manager. * Fix printing incorrect array job id when expanding stdio file names. The `%A` will now be substituted by the correct value. * Fix printing incorrect array job id when expanding stdio file names. The `%A` will now be substituted by the correct value. * `switch/hpe_slingshot` \- Fix VNI range not updating on slurmctld restart or reconfigre. * Fix steps not being created when using certain combinations of `-c` and `-n` inferior to the jobs requested resources, when using stepmgr and nodes are configured with `CPUs == Sockets*CoresPerSocket`. * Permit configuring the number of retry attempts to destroy CXI service via the new destroy_retries `SwitchParameter`. * Do not reset `memory.high` and `memory.swap.max` in slurmd startup or reconfigure as we are never really touching this in `slurmd`. * Fix reconfigure failure of slurmd when it has been started manually and the `CoreSpecLimits` have been removed from `slurm.conf`. * Set or reset CoreSpec limits when slurmd is reconfigured and it was started with systemd. * `switch/hpe-slingshot` \- Make sure the slurmctld can free step VNIs after the controller restarts or reconfigures while the job is running. * Fix backup `slurmctld` failure on 2nd takeover. * Changes from version 24.11.4 * `slurmctld`,`slurmrestd` \- Avoid possible race condition that could have caused process to crash when listener socket was closed while accepting a new connection. * `slurmrestd` \- Avoid race condition that could have resulted in address logged for a UNIX socket to be incorrect. * `slurmrestd` \- Fix parameters in OpenAPI specification for the following endpoints to have `job_id` field: `GET /slurm/v0.0.40/jobs/state/ GET /slurm/v0.0.41/jobs/state/ GET /slurm/v0.0.42/jobs/state/ GET /slurm/v0.0.43/jobs/state/` * `slurmd` \- Fix tracking of thread counts that could cause incoming connections to be ignored after burst of simultaneous incoming connections that trigger delayed response logic. * Avoid unnecessary `SRUN_TIMEOUT` forwarding to `stepmgr`. * Fix jobs being scheduled on higher weighted powered down nodes. * Fix how backfill scheduler filters nodes from the available nodes based on exclusive user and `mcs_label` requirements. * `acct_gather_energy/{gpu,ipmi}` \- Fix potential energy consumption adjustment calculation underflow. * `acct_gather_energy/ipmi` \- Fix regression introduced in 24.05.5 (which introduced the new way of preserving energy measurements through slurmd restarts) when `EnergyIPMICalcAdjustment=yes`. * Prevent `slurmctld` deadlock in the assoc mgr. * Fix memory leak when `RestrictedCoresPerGPU` is enabled. * Fix preemptor jobs not entering execution due to wrong calculation of accounting policy limits. * Fix certain job requests that were incorrectly denied with node configuration unavailable error. * `slurmd` \- Avoid crash due when slurmd has a communications failure with `slurmstepd`. * Fix memory leak when parsing yaml input. * Prevent `slurmctld` from showing error message about `PreemptMode=GANG` being a cluster-wide option for `scontrol update part` calls that don't attempt to modify partition PreemptMode. * Fix setting `GANG` preemption on partition when updating `PreemptMode` with `scontrol`. * Fix `CoreSpec` and `MemSpec` limits not being removed from previously configured slurmd. * Avoid race condition that could lead to a deadlock when `slurmd`, `slurmstepd`, `slurmctld`, `slurmrestd` or `sackd` have a fatal event. * Fix jobs using `--ntasks-per-node` and `--mem` keep pending forever when the requested mem divided by the number of CPUs will surpass the configured `MaxMemPerCPU`. * `slurmd` \- Fix address logged upon new incoming RPC connection from `INVALID` to IP address. * Fix memory leak when retrieving reservations. This affects `scontrol`, `sinfo`, `sview`, and the following `slurmrestd` endpoints: `GET /slurm/{any_data_parser}/reservation/{reservation_name}` `GET /slurm/{any_data_parser}/reservations` * Log warning instead of `debuflags=conmgr` gated log when deferring new incoming connections when number of active connections exceed `conmgr_max_connections`. * Avoid race condition that could result in worker thread pool not activating all threads at once after a reconfigure resulting in lower utilization of available CPU threads until enough internal activity wakes up all threads in the worker pool. * Avoid theoretical race condition that could result in new incoming RPC socket connections being ignored after reconfigure. * slurmd - Avoid race condition that could result in a state where new incoming RPC connections will always be ignored. * Add ReconfigFlags=KeepNodeStateFuture to restore saved `FUTURE` node state on restart and reconfig instead of reverting to `FUTURE` state. This will be made the default in 25.05. * Fix case where hetjob submit would cause `slurmctld` to crash. * Fix jobs using `--cpus-per-gpu` and `--mem` keep pending forever when the requested mem divided by the number of CPUs will surpass the configured `MaxMemPerCPU`. * Enforce that jobs using `--mem` and several `--*-per-*` options do not violate the `MaxMemPerCPU` in place. * `slurmctld` \- Fix use-cases of jobs incorrectly pending held when `--prefer` features are not initially satisfied. * `slurmctld` \- Fix jobs incorrectly held when `--prefer` not satisfied in some use-cases. * Ensure `RestrictedCoresPerGPU` and `CoreSpecCount` don't overlap. * Changes from version 24.11.3 * Fix database cluster ID generation not being random. * Fix a regression in which `slurmd -G` gave no output. * Fix a long-standing crash in `slurmctld` after updating a reservation with an empty nodelist. The crash could occur after restarting slurmctld, or if downing/draining a node in the reservation with the `REPLACE` or `REPLACE_DOWN` flag. * Avoid changing process name to "`watch`" from original daemon name. This could potentially breaking some monitoring scripts. * Avoid `slurmctld` being killed by `SIGALRM` due to race condition at startup. * Fix race condition in slurmrestd that resulted in "`Requested data_parser plugin does not support OpenAPI plugin`" error being returned for valid endpoints. * Fix race between `task/cgroup` CPUset and `jobacctgather/cgroup`. The first was removing the pid from `task_X` cgroup directory causing memory limits to not being applied. * If multiple partitions are requested, set the `SLURM_JOB_PARTITION` output environment variable to the partition in which the job is running for `salloc` and `srun` in order to match the documentation and the behavior of `sbatch`. * `srun` \- Fixed wrongly constructed `SLURM_CPU_BIND` env variable that could get propagated to downward srun calls in certain mpi environments, causing launch failures. * Don't print misleading errors for stepmgr enabled steps. * `slurmrestd` \- Avoid connection to slurmdbd for the following endpoints: `GET /slurm/v0.0.41/jobs GET /slurm/v0.0.41/job/{job_id}` * `slurmrestd` \- Avoid connection to slurmdbd for the following endpoints: `GET /slurm/v0.0.40/jobs GET /slurm/v0.0.40/job/{job_id}` * `slurmrestd` \- Fix possible memory leak when parsing arrays with `data_parser/v0.0.40`. * `slurmrestd` \- Fix possible memory leak when parsing arrays with `data_parser/v0.0.41`. * `slurmrestd` \- Fix possible memory leak when parsing arrays with `data_parser/v0.0.42`. * Changes from version 24.11.2 * Fix segfault when submitting `--test-only` jobs that can preempt. * Fix regression introduced in 23.11 that prevented the following flags from being added to a reservation on an update: `DAILY`, `HOURLY`, `WEEKLY`, `WEEKDAY`, and `WEEKEND`. * Fix crash and issues evaluating job's suitability for running in nodes with already suspended job(s) there. * `slurmctld` will ensure that healthy nodes are not reported as `UnavailableNodes` in job reason codes. * Fix handling of jobs submitted to a current reservation with flags `OVERLAP,FLEX` or `OVERLAP,ANY_NODES` when it overlaps nodes with a future maintenance reservation. When a job submission had a time limit that overlapped with the future maintenance reservation, it was rejected. Now the job is accepted but stays pending with the reason "`ReqNodeNotAvail, Reserved for maintenance`". * `pam_slurm_adopt` \- avoid errors when explicitly setting some arguments to the default value. * Fix QOS preemption with `PreemptMode=SUSPEND`. * `slurmdbd` \- When changing a user's name update lineage at the same time. * Fix regression in 24.11 in which `burst_buffer.lua` does not inherit the `SLURM_CONF` environment variable from `slurmctld` and fails to run if slurm.conf is in a non-standard location. * Fix memory leak in slurmctld if `select/linear` and the `PreemptParameters=reclaim_licenses` options are both set in `slurm.conf`. Regression in 24.11.1. * Fix running jobs, that requested multiple partitions, from potentially being set to the wrong partition on restart. * `switch/hpe_slingshot` \- Fix compatibility with newer cxi drivers, specifically when specifying `disable_rdzv_get`. * Add `ABORT_ON_FATAL` environment variable to capture a backtrace from any `fatal()` message. * Fix printing invalid address in rate limiting log statement. * `sched/backfill` \- Fix node state `PLANNED` not being cleared from fully allocated nodes during a backfill cycle. * `select/cons_tres` \- Fix future planning of jobs with `bf_licenses`. * Prevent redundant "`on_data returned rc: Rate limit exceeded, please retry momentarily`" error message from being printed in slurmctld logs. * Fix loading non-default QOS on pending jobs from pre-24.11 state. * Fix pending jobs displaying `QOS=(null)` when not explicitly requesting a QOS. * Fix segfault issue from job record with no `job_resrcs`. * Fix failing `sacctmgr delete/modify/show` account operations with `where` clauses. * Fix regression in 24.11 in which Slurm daemons started catching several `SIGTSTP`, `SIGTTIN` and `SIGUSR1` signals and ignored them, while before they were not ignoring them. This also caused slurmctld to not being able to shutdown after a `SIGTSTP` because slurmscriptd caught the signal and stopped while slurmctld ignored it. Unify and fix these situations and get back to the previous behavior for these signals. * Document that `SIGQUIT` is no longer ignored by `slurmctld`, `slurmdbd`, and slurmd in 24.11. As of 24.11.0rc1, `SIGQUIT` is identical to `SIGINT` and `SIGTERM` for these daemons, but this change was not documented. * Fix not considering nodes marked for reboot without ASAP in the scheduler. * Remove the `boot^` state on unexpected node reboot after return to service. * Do not allow new jobs to start on a node which is being rebooted with the flag `nextstate=resume`. * Prevent lower priority job running after cancelling an ASAP reboot. * Fix srun jobs starting on `nextstate=resume` rebooting nodes. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * HPC Module 12 zypper in -t patch SUSE-SLE-Module-HPC-12-2025-1757=1 ## Package List: * HPC Module 12 (aarch64 x86_64) * slurm_24_11-24.11.5-3.8.1 * slurm_24_11-torque-debuginfo-24.11.5-3.8.1 * slurm_24_11-munge-debuginfo-24.11.5-3.8.1 * slurm_24_11-node-24.11.5-3.8.1 * slurm_24_11-auth-none-debuginfo-24.11.5-3.8.1 * slurm_24_11-node-debuginfo-24.11.5-3.8.1 * slurm_24_11-pam_slurm-24.11.5-3.8.1 * libnss_slurm2_24_11-debuginfo-24.11.5-3.8.1 * slurm_24_11-sview-24.11.5-3.8.1 * slurm_24_11-lua-debuginfo-24.11.5-3.8.1 * libnss_slurm2_24_11-24.11.5-3.8.1 * slurm_24_11-devel-24.11.5-3.8.1 * slurm_24_11-slurmdbd-debuginfo-24.11.5-3.8.1 * slurm_24_11-torque-24.11.5-3.8.1 * slurm_24_11-munge-24.11.5-3.8.1 * slurm_24_11-sview-debuginfo-24.11.5-3.8.1 * slurm_24_11-plugins-debuginfo-24.11.5-3.8.1 * slurm_24_11-sql-24.11.5-3.8.1 * libpmi0_24_11-24.11.5-3.8.1 * slurm_24_11-slurmdbd-24.11.5-3.8.1 * perl-slurm_24_11-24.11.5-3.8.1 * slurm_24_11-debuginfo-24.11.5-3.8.1 * libpmi0_24_11-debuginfo-24.11.5-3.8.1 * slurm_24_11-auth-none-24.11.5-3.8.1 * slurm_24_11-cray-24.11.5-3.8.1 * libslurm42-debuginfo-24.11.5-3.8.1 * slurm_24_11-plugins-24.11.5-3.8.1 * slurm_24_11-sql-debuginfo-24.11.5-3.8.1 * slurm_24_11-lua-24.11.5-3.8.1 * slurm_24_11-pam_slurm-debuginfo-24.11.5-3.8.1 * perl-slurm_24_11-debuginfo-24.11.5-3.8.1 * libslurm42-24.11.5-3.8.1 * HPC Module 12 (noarch) * slurm_24_11-doc-24.11.5-3.8.1 * slurm_24_11-webdoc-24.11.5-3.8.1 * slurm_24_11-config-man-24.11.5-3.8.1 * slurm_24_11-config-24.11.5-3.8.1 ## References: * https://www.suse.com/security/cve/CVE-2025-43904.html * https://bugzilla.suse.com/show_bug.cgi?id=1243666 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 16:30:19 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 16:30:19 -0000 Subject: SUSE-SU-2025:01756-1: important: Security update for slurm_22_05 Message-ID: <174853621925.5267.7825506539142890981@smelt2.prg2.suse.org> # Security update for slurm_22_05 Announcement ID: SUSE-SU-2025:01756-1 Release Date: 2025-05-29T14:39:19Z Rating: important References: * bsc#1243666 Cross-References: * CVE-2025-43904 CVSS scores: * CVE-2025-43904 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-43904 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 An update that solves one vulnerability can now be installed. ## Description: This update for slurm_22_05 fixes the following issues: * CVE-2025-43904: an issue with permission handling for Coordinators within the accounting system allowed Coordinators to promote a user to Administrator (bsc#1243666). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-1756=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1756=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1756=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1756=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1756=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64) * slurm_22_05-torque-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-22.05.11-150300.7.12.1 * slurm_22_05-hdf5-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-torque-22.05.11-150300.7.12.1 * libnss_slurm2_22_05-22.05.11-150300.7.12.1 * slurm_22_05-debugsource-22.05.11-150300.7.12.1 * slurm_22_05-hdf5-22.05.11-150300.7.12.1 * slurm_22_05-testsuite-22.05.11-150300.7.12.1 * slurm_22_05-lua-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-auth-none-22.05.11-150300.7.12.1 * libslurm38-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-rest-22.05.11-150300.7.12.1 * slurm_22_05-node-22.05.11-150300.7.12.1 * slurm_22_05-node-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-auth-none-debuginfo-22.05.11-150300.7.12.1 * libnss_slurm2_22_05-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-rest-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-devel-22.05.11-150300.7.12.1 * slurm_22_05-pam_slurm-22.05.11-150300.7.12.1 * slurm_22_05-plugins-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-openlava-22.05.11-150300.7.12.1 * libslurm38-22.05.11-150300.7.12.1 * slurm_22_05-munge-debuginfo-22.05.11-150300.7.12.1 * perl-slurm_22_05-22.05.11-150300.7.12.1 * slurm_22_05-sjstat-22.05.11-150300.7.12.1 * slurm_22_05-lua-22.05.11-150300.7.12.1 * slurm_22_05-plugins-22.05.11-150300.7.12.1 * perl-slurm_22_05-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-cray-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-cray-22.05.11-150300.7.12.1 * slurm_22_05-munge-22.05.11-150300.7.12.1 * slurm_22_05-slurmdbd-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-sql-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-seff-22.05.11-150300.7.12.1 * slurm_22_05-sql-22.05.11-150300.7.12.1 * libpmi0_22_05-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-slurmdbd-22.05.11-150300.7.12.1 * slurm_22_05-sview-22.05.11-150300.7.12.1 * slurm_22_05-sview-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-pam_slurm-debuginfo-22.05.11-150300.7.12.1 * libpmi0_22_05-22.05.11-150300.7.12.1 * openSUSE Leap 15.3 (noarch) * slurm_22_05-webdoc-22.05.11-150300.7.12.1 * slurm_22_05-config-man-22.05.11-150300.7.12.1 * slurm_22_05-doc-22.05.11-150300.7.12.1 * slurm_22_05-config-22.05.11-150300.7.12.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * slurm_22_05-torque-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-22.05.11-150300.7.12.1 * slurm_22_05-hdf5-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-torque-22.05.11-150300.7.12.1 * libnss_slurm2_22_05-22.05.11-150300.7.12.1 * slurm_22_05-debugsource-22.05.11-150300.7.12.1 * slurm_22_05-hdf5-22.05.11-150300.7.12.1 * slurm_22_05-testsuite-22.05.11-150300.7.12.1 * slurm_22_05-lua-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-auth-none-22.05.11-150300.7.12.1 * libslurm38-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-rest-22.05.11-150300.7.12.1 * slurm_22_05-node-22.05.11-150300.7.12.1 * slurm_22_05-node-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-auth-none-debuginfo-22.05.11-150300.7.12.1 * libnss_slurm2_22_05-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-rest-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-devel-22.05.11-150300.7.12.1 * slurm_22_05-pam_slurm-22.05.11-150300.7.12.1 * slurm_22_05-plugins-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-openlava-22.05.11-150300.7.12.1 * libslurm38-22.05.11-150300.7.12.1 * slurm_22_05-munge-debuginfo-22.05.11-150300.7.12.1 * perl-slurm_22_05-22.05.11-150300.7.12.1 * slurm_22_05-sjstat-22.05.11-150300.7.12.1 * slurm_22_05-lua-22.05.11-150300.7.12.1 * slurm_22_05-plugins-22.05.11-150300.7.12.1 * perl-slurm_22_05-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-cray-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-cray-22.05.11-150300.7.12.1 * slurm_22_05-munge-22.05.11-150300.7.12.1 * slurm_22_05-slurmdbd-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-sql-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-seff-22.05.11-150300.7.12.1 * slurm_22_05-sql-22.05.11-150300.7.12.1 * libpmi0_22_05-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-slurmdbd-22.05.11-150300.7.12.1 * slurm_22_05-sview-22.05.11-150300.7.12.1 * slurm_22_05-sview-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-pam_slurm-debuginfo-22.05.11-150300.7.12.1 * libpmi0_22_05-22.05.11-150300.7.12.1 * openSUSE Leap 15.6 (noarch) * slurm_22_05-webdoc-22.05.11-150300.7.12.1 * slurm_22_05-config-man-22.05.11-150300.7.12.1 * slurm_22_05-doc-22.05.11-150300.7.12.1 * slurm_22_05-config-22.05.11-150300.7.12.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * slurm_22_05-torque-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-22.05.11-150300.7.12.1 * slurm_22_05-torque-22.05.11-150300.7.12.1 * libnss_slurm2_22_05-22.05.11-150300.7.12.1 * slurm_22_05-debugsource-22.05.11-150300.7.12.1 * slurm_22_05-lua-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-auth-none-22.05.11-150300.7.12.1 * libslurm38-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-rest-22.05.11-150300.7.12.1 * slurm_22_05-node-22.05.11-150300.7.12.1 * slurm_22_05-node-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-auth-none-debuginfo-22.05.11-150300.7.12.1 * libnss_slurm2_22_05-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-rest-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-devel-22.05.11-150300.7.12.1 * slurm_22_05-pam_slurm-22.05.11-150300.7.12.1 * slurm_22_05-plugins-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-munge-debuginfo-22.05.11-150300.7.12.1 * libslurm38-22.05.11-150300.7.12.1 * perl-slurm_22_05-22.05.11-150300.7.12.1 * slurm_22_05-lua-22.05.11-150300.7.12.1 * slurm_22_05-plugins-22.05.11-150300.7.12.1 * perl-slurm_22_05-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-munge-22.05.11-150300.7.12.1 * slurm_22_05-slurmdbd-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-sql-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-sql-22.05.11-150300.7.12.1 * libpmi0_22_05-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-slurmdbd-22.05.11-150300.7.12.1 * slurm_22_05-sview-22.05.11-150300.7.12.1 * slurm_22_05-sview-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-pam_slurm-debuginfo-22.05.11-150300.7.12.1 * libpmi0_22_05-22.05.11-150300.7.12.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * slurm_22_05-webdoc-22.05.11-150300.7.12.1 * slurm_22_05-config-man-22.05.11-150300.7.12.1 * slurm_22_05-doc-22.05.11-150300.7.12.1 * slurm_22_05-config-22.05.11-150300.7.12.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * slurm_22_05-torque-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-22.05.11-150300.7.12.1 * slurm_22_05-torque-22.05.11-150300.7.12.1 * libnss_slurm2_22_05-22.05.11-150300.7.12.1 * slurm_22_05-debugsource-22.05.11-150300.7.12.1 * slurm_22_05-lua-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-auth-none-22.05.11-150300.7.12.1 * libslurm38-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-rest-22.05.11-150300.7.12.1 * slurm_22_05-node-22.05.11-150300.7.12.1 * slurm_22_05-node-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-auth-none-debuginfo-22.05.11-150300.7.12.1 * libnss_slurm2_22_05-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-rest-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-devel-22.05.11-150300.7.12.1 * slurm_22_05-pam_slurm-22.05.11-150300.7.12.1 * slurm_22_05-plugins-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-munge-debuginfo-22.05.11-150300.7.12.1 * libslurm38-22.05.11-150300.7.12.1 * perl-slurm_22_05-22.05.11-150300.7.12.1 * slurm_22_05-lua-22.05.11-150300.7.12.1 * slurm_22_05-plugins-22.05.11-150300.7.12.1 * perl-slurm_22_05-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-cray-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-cray-22.05.11-150300.7.12.1 * slurm_22_05-munge-22.05.11-150300.7.12.1 * slurm_22_05-slurmdbd-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-sql-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-sql-22.05.11-150300.7.12.1 * libpmi0_22_05-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-slurmdbd-22.05.11-150300.7.12.1 * slurm_22_05-sview-22.05.11-150300.7.12.1 * slurm_22_05-sview-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-pam_slurm-debuginfo-22.05.11-150300.7.12.1 * libpmi0_22_05-22.05.11-150300.7.12.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * slurm_22_05-webdoc-22.05.11-150300.7.12.1 * slurm_22_05-config-man-22.05.11-150300.7.12.1 * slurm_22_05-doc-22.05.11-150300.7.12.1 * slurm_22_05-config-22.05.11-150300.7.12.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * slurm_22_05-torque-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-22.05.11-150300.7.12.1 * slurm_22_05-torque-22.05.11-150300.7.12.1 * libnss_slurm2_22_05-22.05.11-150300.7.12.1 * slurm_22_05-debugsource-22.05.11-150300.7.12.1 * slurm_22_05-lua-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-auth-none-22.05.11-150300.7.12.1 * libslurm38-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-rest-22.05.11-150300.7.12.1 * slurm_22_05-node-22.05.11-150300.7.12.1 * slurm_22_05-node-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-auth-none-debuginfo-22.05.11-150300.7.12.1 * libnss_slurm2_22_05-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-rest-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-devel-22.05.11-150300.7.12.1 * slurm_22_05-pam_slurm-22.05.11-150300.7.12.1 * slurm_22_05-plugins-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-munge-debuginfo-22.05.11-150300.7.12.1 * libslurm38-22.05.11-150300.7.12.1 * perl-slurm_22_05-22.05.11-150300.7.12.1 * slurm_22_05-lua-22.05.11-150300.7.12.1 * slurm_22_05-plugins-22.05.11-150300.7.12.1 * perl-slurm_22_05-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-cray-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-cray-22.05.11-150300.7.12.1 * slurm_22_05-munge-22.05.11-150300.7.12.1 * slurm_22_05-slurmdbd-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-sql-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-sql-22.05.11-150300.7.12.1 * libpmi0_22_05-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-slurmdbd-22.05.11-150300.7.12.1 * slurm_22_05-sview-22.05.11-150300.7.12.1 * slurm_22_05-sview-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-pam_slurm-debuginfo-22.05.11-150300.7.12.1 * libpmi0_22_05-22.05.11-150300.7.12.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * slurm_22_05-webdoc-22.05.11-150300.7.12.1 * slurm_22_05-config-man-22.05.11-150300.7.12.1 * slurm_22_05-doc-22.05.11-150300.7.12.1 * slurm_22_05-config-22.05.11-150300.7.12.1 ## References: * https://www.suse.com/security/cve/CVE-2025-43904.html * https://bugzilla.suse.com/show_bug.cgi?id=1243666 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 16:30:22 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 16:30:22 -0000 Subject: SUSE-SU-2025:01755-1: important: Security update for slurm_22_05 Message-ID: <174853622239.5267.6816892297619727906@smelt2.prg2.suse.org> # Security update for slurm_22_05 Announcement ID: SUSE-SU-2025:01755-1 Release Date: 2025-05-29T14:37:35Z Rating: important References: * bsc#1243666 Cross-References: * CVE-2025-43904 CVSS scores: * CVE-2025-43904 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-43904 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * HPC Module 12 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for slurm_22_05 fixes the following issues: * CVE-2025-43904: an issue with permission handling for Coordinators within the accounting system allowed Coordinators to promote a user to Administrator (bsc#1243666). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * HPC Module 12 zypper in -t patch SUSE-SLE-Module-HPC-12-2025-1755=1 ## Package List: * HPC Module 12 (aarch64 x86_64) * slurm_22_05-debuginfo-22.05.11-3.12.1 * slurm_22_05-auth-none-debuginfo-22.05.11-3.12.1 * slurm_22_05-debugsource-22.05.11-3.12.1 * slurm_22_05-lua-debuginfo-22.05.11-3.12.1 * libnss_slurm2_22_05-debuginfo-22.05.11-3.12.1 * slurm_22_05-devel-22.05.11-3.12.1 * slurm_22_05-munge-debuginfo-22.05.11-3.12.1 * slurm_22_05-sql-22.05.11-3.12.1 * libpmi0_22_05-22.05.11-3.12.1 * slurm_22_05-node-debuginfo-22.05.11-3.12.1 * slurm_22_05-plugins-22.05.11-3.12.1 * slurm_22_05-node-22.05.11-3.12.1 * slurm_22_05-sql-debuginfo-22.05.11-3.12.1 * slurm_22_05-lua-22.05.11-3.12.1 * slurm_22_05-22.05.11-3.12.1 * slurm_22_05-pam_slurm-debuginfo-22.05.11-3.12.1 * perl-slurm_22_05-debuginfo-22.05.11-3.12.1 * perl-slurm_22_05-22.05.11-3.12.1 * libnss_slurm2_22_05-22.05.11-3.12.1 * libslurm38-debuginfo-22.05.11-3.12.1 * slurm_22_05-torque-22.05.11-3.12.1 * slurm_22_05-sview-22.05.11-3.12.1 * slurm_22_05-torque-debuginfo-22.05.11-3.12.1 * slurm_22_05-pam_slurm-22.05.11-3.12.1 * slurm_22_05-sview-debuginfo-22.05.11-3.12.1 * libpmi0_22_05-debuginfo-22.05.11-3.12.1 * slurm_22_05-auth-none-22.05.11-3.12.1 * libslurm38-22.05.11-3.12.1 * slurm_22_05-munge-22.05.11-3.12.1 * slurm_22_05-slurmdbd-22.05.11-3.12.1 * slurm_22_05-plugins-debuginfo-22.05.11-3.12.1 * slurm_22_05-slurmdbd-debuginfo-22.05.11-3.12.1 * HPC Module 12 (noarch) * slurm_22_05-webdoc-22.05.11-3.12.1 * slurm_22_05-config-man-22.05.11-3.12.1 * slurm_22_05-doc-22.05.11-3.12.1 * slurm_22_05-config-22.05.11-3.12.1 ## References: * https://www.suse.com/security/cve/CVE-2025-43904.html * https://bugzilla.suse.com/show_bug.cgi?id=1243666 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 16:30:24 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 16:30:24 -0000 Subject: SUSE-SU-2025:01754-1: low: Security update for augeas Message-ID: <174853622444.5267.3281653272407283768@smelt2.prg2.suse.org> # Security update for augeas Announcement ID: SUSE-SU-2025:01754-1 Release Date: 2025-05-29T14:19:21Z Rating: low References: * bsc#1239909 Cross-References: * CVE-2025-2588 CVSS scores: * CVE-2025-2588 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-2588 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-2588 ( NVD ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-2588 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-2588 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for augeas fixes the following issues: * CVE-2025-2588: Check for NULL pointers when calling re_case_expand in function fa_expand_nocase. (bsc#1239909) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1754=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * augeas-debugsource-1.10.1-4.6.1 * augeas-1.10.1-4.6.1 * libaugeas0-1.10.1-4.6.1 * augeas-lenses-1.10.1-4.6.1 * libaugeas0-debuginfo-1.10.1-4.6.1 * augeas-devel-1.10.1-4.6.1 * augeas-debuginfo-1.10.1-4.6.1 ## References: * https://www.suse.com/security/cve/CVE-2025-2588.html * https://bugzilla.suse.com/show_bug.cgi?id=1239909 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 16:30:27 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 16:30:27 -0000 Subject: SUSE-SU-2025:01521-1: important: Security update for tomcat Message-ID: <174853622723.5267.419350702405409539@smelt2.prg2.suse.org> # Security update for tomcat Announcement ID: SUSE-SU-2025:01521-1 Release Date: 2025-05-29T14:04:14Z Rating: important References: * bsc#1242008 * bsc#1242009 Cross-References: * CVE-2025-31650 * CVE-2025-31651 CVSS scores: * CVE-2025-31650 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-31650 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-31650 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-31650 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-31651 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-31651 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-31651 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-31651 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * Web and Scripting Module 15-SP7 An update that solves two vulnerabilities can now be installed. ## Description: This update for tomcat fixes the following issues: Update to Tomcat 9.0.104 * CVE-2025-31650: invalid priority field values should be ignored (bsc#1242008) * CVE-2025-31651: Better handling of URLs with literal ';' and '?' (bsc#1242009) Full changelog: https://tomcat.apache.org/tomcat-9.0-doc/changelog.htm ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Web and Scripting Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP7-2025-1521=1 ## Package List: * Web and Scripting Module 15-SP7 (noarch) * tomcat-webapps-9.0.104-150200.81.1 * tomcat-lib-9.0.104-150200.81.1 * tomcat-el-3_0-api-9.0.104-150200.81.1 * tomcat-servlet-4_0-api-9.0.104-150200.81.1 * tomcat-admin-webapps-9.0.104-150200.81.1 * tomcat-9.0.104-150200.81.1 * tomcat-jsp-2_3-api-9.0.104-150200.81.1 ## References: * https://www.suse.com/security/cve/CVE-2025-31650.html * https://www.suse.com/security/cve/CVE-2025-31651.html * https://bugzilla.suse.com/show_bug.cgi?id=1242008 * https://bugzilla.suse.com/show_bug.cgi?id=1242009 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 16:30:29 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 16:30:29 -0000 Subject: SUSE-SU-2025:01582-1: moderate: Security update for brltty Message-ID: <174853622926.5267.2311835220184456848@smelt2.prg2.suse.org> # Security update for brltty Announcement ID: SUSE-SU-2025:01582-1 Release Date: 2025-05-29T13:34:22Z Rating: moderate References: * bsc#1235438 Affected Products: * Basesystem Module 15-SP7 * Desktop Applications Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that has one security fix can now be installed. ## Description: This update for brltty fixes the following issues: * Avoid having brlapi.key temporarily world-readable during creation (bsc#1235438). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-1582=1 * Desktop Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP7-2025-1582=1 ## Package List: * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libbrlapi0_8-debuginfo-6.6-150600.3.3.1 * brlapi-devel-6.6-150600.3.3.1 * brltty-debuginfo-6.6-150600.3.3.1 * python3-brlapi-debuginfo-6.6-150600.3.3.1 * brltty-debugsource-6.6-150600.3.3.1 * libbrlapi0_8-6.6-150600.3.3.1 * python3-brlapi-6.6-150600.3.3.1 * Basesystem Module 15-SP7 (noarch) * system-user-brltty-6.6-150600.3.3.1 * Desktop Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * brltty-driver-brlapi-6.6-150600.3.3.1 * brltty-driver-at-spi2-6.6-150600.3.3.1 * brltty-driver-brlapi-debuginfo-6.6-150600.3.3.1 * brltty-debuginfo-6.6-150600.3.3.1 * brltty-debugsource-6.6-150600.3.3.1 * brltty-6.6-150600.3.3.1 * brltty-driver-speech-dispatcher-6.6-150600.3.3.1 * brltty-driver-at-spi2-debuginfo-6.6-150600.3.3.1 * brltty-driver-speech-dispatcher-debuginfo-6.6-150600.3.3.1 * Desktop Applications Module 15-SP7 (noarch) * brltty-lang-6.6-150600.3.3.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1235438 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 16:30:40 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 16:30:40 -0000 Subject: SUSE-SU-2025:01504-1: important: Security update for libsoup Message-ID: <174853624038.5267.3356264521262984580@smelt2.prg2.suse.org> # Security update for libsoup Announcement ID: SUSE-SU-2025:01504-1 Release Date: 2025-05-29T13:33:47Z Rating: important References: * bsc#1240750 * bsc#1240752 * bsc#1240754 * bsc#1240756 * bsc#1240757 * bsc#1241162 * bsc#1241164 * bsc#1241214 * bsc#1241222 * bsc#1241223 * bsc#1241226 * bsc#1241238 * bsc#1241252 * bsc#1241263 * bsc#1241686 * bsc#1241688 Cross-References: * CVE-2025-2784 * CVE-2025-32050 * CVE-2025-32051 * CVE-2025-32052 * CVE-2025-32053 * CVE-2025-32906 * CVE-2025-32907 * CVE-2025-32908 * CVE-2025-32909 * CVE-2025-32910 * CVE-2025-32911 * CVE-2025-32912 * CVE-2025-32913 * CVE-2025-32914 * CVE-2025-46420 * CVE-2025-46421 CVSS scores: * CVE-2025-2784 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-2784 ( SUSE ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2025-2784 ( NVD ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2025-32050 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-32050 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32050 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32051 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-32051 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32051 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32052 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-32052 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2025-32052 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2025-32053 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-32053 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2025-32053 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2025-32906 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2025-32906 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32907 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-32907 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32907 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-32908 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-32908 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32908 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32909 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-32909 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2025-32909 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-32910 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-32910 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-32910 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-32911 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-32911 ( NVD ): 9.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H * CVE-2025-32912 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-32912 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-32913 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32913 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32914 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-32914 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2025-46420 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-46420 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-46420 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-46421 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N * CVE-2025-46421 ( NVD ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N Affected Products: * Basesystem Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves 16 vulnerabilities can now be installed. ## Description: This update for libsoup fixes the following issues: * CVE-2025-2784: Fixed heap buffer over-read in `skip_insignificant_space` when sniffing conten (bsc#1240750) * CVE-2025-32050: Fixed integer overflow in append_param_quoted (bsc#1240752) * CVE-2025-32051: Fixed segmentation fault when parsing malformed data URI (bsc#1240754) * CVE-2025-32052: Fixed heap buffer overflow in sniff_unknown() (bsc#1240756) * CVE-2025-32053: Fixed heap buffer overflows in sniff_feed_or_html() and skip_insignificant_space() (bsc#1240757) * CVE-2025-32906: Fixed out of bounds reads in soup_headers_parse_request() (bsc#1241263) * CVE-2025-32907: Fixed excessive memory consumption in server when client requests a large amount of overlapping ranges in a single HTTP request (bsc#1241222) * CVE-2025-32908: Fixed HTTP request may lead to server crash due to HTTP/2 server not fully validating the values of pseudo-headers (bsc#1241223) * CVE-2025-32909: Fixed NULL pointer dereference in the sniff_mp4 function in soup-content-sniffer.c (bsc#1241226) * CVE-2025-32910: Fixed NULL pointer deference on client when server omits the realm parameter in an Unauthorized response with Digest authentication (bsc#1241252) * CVE-2025-32911: Fixed double free on soup_message_headers_get_content_disposition() via "params" (bsc#1241238) * CVE-2025-32912: Fixed NULL pointer dereference in SoupAuthDigest (bsc#1241214) * CVE-2025-32913: Fixed NULL pointer dereference in soup_message_headers_get_content_disposition (bsc#1241162) * CVE-2025-32914: Fixed out of bounds read in `soup_multipart_new_from_message()` (bsc#1241164) * CVE-2025-46420: Fixed memory leak on soup_header_parse_quality_list() via soup-headers.c (bsc#1241686) * CVE-2025-46421: Fixed HTTP Authorization Header leak via an HTTP redirect (bsc#1241688) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-1504=1 ## Package List: * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libsoup-devel-3.4.4-150600.3.7.1 * typelib-1_0-Soup-3_0-3.4.4-150600.3.7.1 * libsoup-debugsource-3.4.4-150600.3.7.1 * libsoup-3_0-0-debuginfo-3.4.4-150600.3.7.1 * libsoup-3_0-0-3.4.4-150600.3.7.1 * Basesystem Module 15-SP7 (noarch) * libsoup-lang-3.4.4-150600.3.7.1 ## References: * https://www.suse.com/security/cve/CVE-2025-2784.html * https://www.suse.com/security/cve/CVE-2025-32050.html * https://www.suse.com/security/cve/CVE-2025-32051.html * https://www.suse.com/security/cve/CVE-2025-32052.html * https://www.suse.com/security/cve/CVE-2025-32053.html * https://www.suse.com/security/cve/CVE-2025-32906.html * https://www.suse.com/security/cve/CVE-2025-32907.html * https://www.suse.com/security/cve/CVE-2025-32908.html * https://www.suse.com/security/cve/CVE-2025-32909.html * https://www.suse.com/security/cve/CVE-2025-32910.html * https://www.suse.com/security/cve/CVE-2025-32911.html * https://www.suse.com/security/cve/CVE-2025-32912.html * https://www.suse.com/security/cve/CVE-2025-32913.html * https://www.suse.com/security/cve/CVE-2025-32914.html * https://www.suse.com/security/cve/CVE-2025-46420.html * https://www.suse.com/security/cve/CVE-2025-46421.html * https://bugzilla.suse.com/show_bug.cgi?id=1240750 * https://bugzilla.suse.com/show_bug.cgi?id=1240752 * https://bugzilla.suse.com/show_bug.cgi?id=1240754 * https://bugzilla.suse.com/show_bug.cgi?id=1240756 * https://bugzilla.suse.com/show_bug.cgi?id=1240757 * https://bugzilla.suse.com/show_bug.cgi?id=1241162 * https://bugzilla.suse.com/show_bug.cgi?id=1241164 * https://bugzilla.suse.com/show_bug.cgi?id=1241214 * https://bugzilla.suse.com/show_bug.cgi?id=1241222 * https://bugzilla.suse.com/show_bug.cgi?id=1241223 * https://bugzilla.suse.com/show_bug.cgi?id=1241226 * https://bugzilla.suse.com/show_bug.cgi?id=1241238 * https://bugzilla.suse.com/show_bug.cgi?id=1241252 * https://bugzilla.suse.com/show_bug.cgi?id=1241263 * https://bugzilla.suse.com/show_bug.cgi?id=1241686 * https://bugzilla.suse.com/show_bug.cgi?id=1241688 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 16:30:47 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 16:30:47 -0000 Subject: SUSE-SU-2025:01503-1: important: Security update for libsoup2 Message-ID: <174853624737.5267.12259533206051501672@smelt2.prg2.suse.org> # Security update for libsoup2 Announcement ID: SUSE-SU-2025:01503-1 Release Date: 2025-05-29T13:33:40Z Rating: important References: * bsc#1240750 * bsc#1240752 * bsc#1240756 * bsc#1240757 * bsc#1241164 * bsc#1241222 * bsc#1241686 * bsc#1241688 Cross-References: * CVE-2025-2784 * CVE-2025-32050 * CVE-2025-32052 * CVE-2025-32053 * CVE-2025-32907 * CVE-2025-32914 * CVE-2025-46420 * CVE-2025-46421 CVSS scores: * CVE-2025-2784 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-2784 ( SUSE ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2025-2784 ( NVD ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2025-32050 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-32050 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32050 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32052 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-32052 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2025-32052 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2025-32053 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-32053 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2025-32053 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2025-32907 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-32907 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32907 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-32914 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-32914 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2025-46420 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-46420 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-46420 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-46421 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N * CVE-2025-46421 ( NVD ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N Affected Products: * Basesystem Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves eight vulnerabilities can now be installed. ## Description: This update for libsoup2 fixes the following issues: * CVE-2025-2784: Fixed heap buffer over-read in `skip_insignificant_space` when sniffing conten (bsc#1240750) * CVE-2025-32050: Fixed integer overflow in append_param_quoted (bsc#1240752) * CVE-2025-32052: Fixed heap buffer overflow in sniff_unknown() (bsc#1240756) * CVE-2025-32053: Fixed heap buffer overflows in sniff_feed_or_html() and skip_insignificant_space() (bsc#1240757) * CVE-2025-32907: Fixed excessive memory consumption in server when client requests a large amount of overlapping ranges in a single HTTP request (bsc#1241222) * CVE-2025-32914: Fixed out of bounds read in `soup_multipart_new_from_message()` (bsc#1241164) * CVE-2025-46420: Fixed memory leak on soup_header_parse_quality_list() via soup-headers.c (bsc#1241686) * CVE-2025-46421: Fixed HTTP Authorization Header leak via an HTTP redirect (bsc#1241688) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-1503=1 ## Package List: * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * typelib-1_0-Soup-2_4-2.74.3-150600.4.6.1 * libsoup2-debugsource-2.74.3-150600.4.6.1 * libsoup2-devel-2.74.3-150600.4.6.1 * libsoup-2_4-1-debuginfo-2.74.3-150600.4.6.1 * libsoup-2_4-1-2.74.3-150600.4.6.1 * Basesystem Module 15-SP7 (noarch) * libsoup2-lang-2.74.3-150600.4.6.1 ## References: * https://www.suse.com/security/cve/CVE-2025-2784.html * https://www.suse.com/security/cve/CVE-2025-32050.html * https://www.suse.com/security/cve/CVE-2025-32052.html * https://www.suse.com/security/cve/CVE-2025-32053.html * https://www.suse.com/security/cve/CVE-2025-32907.html * https://www.suse.com/security/cve/CVE-2025-32914.html * https://www.suse.com/security/cve/CVE-2025-46420.html * https://www.suse.com/security/cve/CVE-2025-46421.html * https://bugzilla.suse.com/show_bug.cgi?id=1240750 * https://bugzilla.suse.com/show_bug.cgi?id=1240752 * https://bugzilla.suse.com/show_bug.cgi?id=1240756 * https://bugzilla.suse.com/show_bug.cgi?id=1240757 * https://bugzilla.suse.com/show_bug.cgi?id=1241164 * https://bugzilla.suse.com/show_bug.cgi?id=1241222 * https://bugzilla.suse.com/show_bug.cgi?id=1241686 * https://bugzilla.suse.com/show_bug.cgi?id=1241688 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 16:30:49 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 16:30:49 -0000 Subject: SUSE-SU-2025:01662-2: low: Security update for python-cryptography Message-ID: <174853624964.5267.18376290315204300717@smelt2.prg2.suse.org> # Security update for python-cryptography Announcement ID: SUSE-SU-2025:01662-2 Release Date: 2025-05-29T13:31:03Z Rating: low References: * bsc#1242631 Cross-References: * CVE-2025-3416 CVSS scores: * CVE-2025-3416 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-3416 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-3416 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * Python 3 Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for python-cryptography fixes the following issues: * CVE-2025-3416: openssl: use-after-free in `Md::fetch` and `Cipher::fetch` when `Some(...)` value passed as `properties` argument to either function (bsc#1242631). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Python 3 Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Python3-15-SP7-2025-1662=1 ## Package List: * Python 3 Module 15-SP7 (aarch64 ppc64le s390x x86_64) * python311-cryptography-41.0.3-150600.23.6.1 ## References: * https://www.suse.com/security/cve/CVE-2025-3416.html * https://bugzilla.suse.com/show_bug.cgi?id=1242631 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 16:30:55 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 16:30:55 -0000 Subject: SUSE-SU-2025:01753-1: important: Security update for slurm_20_11 Message-ID: <174853625560.5267.9578957169911806719@smelt2.prg2.suse.org> # Security update for slurm_20_11 Announcement ID: SUSE-SU-2025:01753-1 Release Date: 2025-05-29T12:55:14Z Rating: important References: * bsc#1243666 Cross-References: * CVE-2025-43904 CVSS scores: * CVE-2025-43904 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-43904 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * HPC Module 12 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for slurm_20_11 fixes the following issues: * CVE-2025-43904: an issue with permission handling for Coordinators within the accounting system allowed Coordinators to promote a user to Administrator (bsc#1243666). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * HPC Module 12 zypper in -t patch SUSE-SLE-Module-HPC-12-2025-1753=1 ## Package List: * HPC Module 12 (aarch64 x86_64) * slurm_20_11-sview-debuginfo-20.11.9-3.22.1 * libpmi0_20_11-20.11.9-3.22.1 * slurm_20_11-auth-none-20.11.9-3.22.1 * slurm_20_11-node-debuginfo-20.11.9-3.22.1 * slurm_20_11-sql-debuginfo-20.11.9-3.22.1 * slurm_20_11-torque-debuginfo-20.11.9-3.22.1 * libpmi0_20_11-debuginfo-20.11.9-3.22.1 * slurm_20_11-slurmdbd-20.11.9-3.22.1 * slurm_20_11-sql-20.11.9-3.22.1 * slurm_20_11-slurmdbd-debuginfo-20.11.9-3.22.1 * perl-slurm_20_11-debuginfo-20.11.9-3.22.1 * slurm_20_11-20.11.9-3.22.1 * slurm_20_11-pam_slurm-20.11.9-3.22.1 * slurm_20_11-auth-none-debuginfo-20.11.9-3.22.1 * libnss_slurm2_20_11-debuginfo-20.11.9-3.22.1 * libslurm36-debuginfo-20.11.9-3.22.1 * libslurm36-20.11.9-3.22.1 * slurm_20_11-debugsource-20.11.9-3.22.1 * slurm_20_11-plugins-debuginfo-20.11.9-3.22.1 * slurm_20_11-lua-20.11.9-3.22.1 * slurm_20_11-lua-debuginfo-20.11.9-3.22.1 * slurm_20_11-munge-debuginfo-20.11.9-3.22.1 * slurm_20_11-doc-20.11.9-3.22.1 * slurm_20_11-munge-20.11.9-3.22.1 * slurm_20_11-plugins-20.11.9-3.22.1 * perl-slurm_20_11-20.11.9-3.22.1 * slurm_20_11-debuginfo-20.11.9-3.22.1 * slurm_20_11-pam_slurm-debuginfo-20.11.9-3.22.1 * slurm_20_11-sview-20.11.9-3.22.1 * slurm_20_11-webdoc-20.11.9-3.22.1 * slurm_20_11-config-20.11.9-3.22.1 * libnss_slurm2_20_11-20.11.9-3.22.1 * slurm_20_11-node-20.11.9-3.22.1 * slurm_20_11-torque-20.11.9-3.22.1 * slurm_20_11-devel-20.11.9-3.22.1 * slurm_20_11-config-man-20.11.9-3.22.1 ## References: * https://www.suse.com/security/cve/CVE-2025-43904.html * https://bugzilla.suse.com/show_bug.cgi?id=1243666 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 16:30:53 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 16:30:53 -0000 Subject: SUSE-SU-2025:01644-2: moderate: Security update for postgresql17 Message-ID: <174853625309.5267.1760512095436375904@smelt2.prg2.suse.org> # Security update for postgresql17 Announcement ID: SUSE-SU-2025:01644-2 Release Date: 2025-05-29T13:30:20Z Rating: moderate References: * bsc#1242931 Cross-References: * CVE-2025-4207 CVSS scores: * CVE-2025-4207 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-4207 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP7 * Server Applications Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves one vulnerability can now be installed. ## Description: This update for postgresql17 fixes the following issues: Upgrade to 17.5: * CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation (bsc#1242931) Changelog: https://www.postgresql.org/docs/release/17.5/ ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-1644=1 * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-1644=1 * Server Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2025-1644=1 ## Package List: * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * postgresql17-17.5-150600.13.13.1 * postgresql17-debuginfo-17.5-150600.13.13.1 * postgresql17-debugsource-17.5-150600.13.13.1 * libpq5-17.5-150600.13.13.1 * libpq5-debuginfo-17.5-150600.13.13.1 * Basesystem Module 15-SP7 (x86_64) * libpq5-32bit-debuginfo-17.5-150600.13.13.1 * libpq5-32bit-17.5-150600.13.13.1 * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64) * postgresql17-llvmjit-devel-17.5-150600.13.13.1 * postgresql17-llvmjit-17.5-150600.13.13.1 * postgresql17-debuginfo-17.5-150600.13.13.1 * postgresql17-llvmjit-debuginfo-17.5-150600.13.13.1 * postgresql17-test-17.5-150600.13.13.1 * postgresql17-debugsource-17.5-150600.13.13.1 * Server Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * postgresql17-devel-17.5-150600.13.13.1 * postgresql17-plperl-debuginfo-17.5-150600.13.13.1 * postgresql17-plperl-17.5-150600.13.13.1 * postgresql17-pltcl-debuginfo-17.5-150600.13.13.1 * postgresql17-contrib-17.5-150600.13.13.1 * postgresql17-debugsource-17.5-150600.13.13.1 * postgresql17-devel-debuginfo-17.5-150600.13.13.1 * postgresql17-pltcl-17.5-150600.13.13.1 * postgresql17-server-debuginfo-17.5-150600.13.13.1 * postgresql17-debuginfo-17.5-150600.13.13.1 * postgresql17-server-17.5-150600.13.13.1 * postgresql17-server-devel-17.5-150600.13.13.1 * postgresql17-plpython-17.5-150600.13.13.1 * postgresql17-plpython-debuginfo-17.5-150600.13.13.1 * postgresql17-server-devel-debuginfo-17.5-150600.13.13.1 * libecpg6-debuginfo-17.5-150600.13.13.1 * libecpg6-17.5-150600.13.13.1 * postgresql17-contrib-debuginfo-17.5-150600.13.13.1 * Server Applications Module 15-SP7 (noarch) * postgresql17-docs-17.5-150600.13.13.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4207.html * https://bugzilla.suse.com/show_bug.cgi?id=1242931 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 16:30:57 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 16:30:57 -0000 Subject: SUSE-SU-2025:01752-1: important: Security update for slurm_23_02 Message-ID: <174853625783.5267.4968393069989830853@smelt2.prg2.suse.org> # Security update for slurm_23_02 Announcement ID: SUSE-SU-2025:01752-1 Release Date: 2025-05-29T12:54:31Z Rating: important References: * bsc#1243666 Cross-References: * CVE-2025-43904 CVSS scores: * CVE-2025-43904 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-43904 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * HPC Module 12 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for slurm_23_02 fixes the following issues: * CVE-2025-43904: an issue with permission handling for Coordinators within the accounting system allowed Coordinators to promote a user to Administrator (bsc#1243666). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * HPC Module 12 zypper in -t patch SUSE-SLE-Module-HPC-12-2025-1752=1 ## Package List: * HPC Module 12 (aarch64 x86_64) * perl-slurm_23_02-23.02.7-3.19.1 * slurm_23_02-sview-23.02.7-3.19.1 * slurm_23_02-cray-debuginfo-23.02.7-3.19.1 * slurm_23_02-pam_slurm-23.02.7-3.19.1 * slurm_23_02-auth-none-debuginfo-23.02.7-3.19.1 * slurm_23_02-debugsource-23.02.7-3.19.1 * slurm_23_02-devel-23.02.7-3.19.1 * slurm_23_02-debuginfo-23.02.7-3.19.1 * slurm_23_02-sql-23.02.7-3.19.1 * libslurm39-debuginfo-23.02.7-3.19.1 * slurm_23_02-plugins-debuginfo-23.02.7-3.19.1 * slurm_23_02-torque-23.02.7-3.19.1 * slurm_23_02-sql-debuginfo-23.02.7-3.19.1 * libnss_slurm2_23_02-23.02.7-3.19.1 * slurm_23_02-munge-debuginfo-23.02.7-3.19.1 * slurm_23_02-node-23.02.7-3.19.1 * libpmi0_23_02-debuginfo-23.02.7-3.19.1 * slurm_23_02-plugin-ext-sensors-rrd-23.02.7-3.19.1 * slurm_23_02-slurmdbd-debuginfo-23.02.7-3.19.1 * slurm_23_02-plugins-23.02.7-3.19.1 * slurm_23_02-auth-none-23.02.7-3.19.1 * libnss_slurm2_23_02-debuginfo-23.02.7-3.19.1 * slurm_23_02-pam_slurm-debuginfo-23.02.7-3.19.1 * libslurm39-23.02.7-3.19.1 * libpmi0_23_02-23.02.7-3.19.1 * slurm_23_02-node-debuginfo-23.02.7-3.19.1 * slurm_23_02-torque-debuginfo-23.02.7-3.19.1 * perl-slurm_23_02-debuginfo-23.02.7-3.19.1 * slurm_23_02-lua-23.02.7-3.19.1 * slurm_23_02-23.02.7-3.19.1 * slurm_23_02-lua-debuginfo-23.02.7-3.19.1 * slurm_23_02-cray-23.02.7-3.19.1 * slurm_23_02-slurmdbd-23.02.7-3.19.1 * slurm_23_02-plugin-ext-sensors-rrd-debuginfo-23.02.7-3.19.1 * slurm_23_02-munge-23.02.7-3.19.1 * slurm_23_02-sview-debuginfo-23.02.7-3.19.1 * HPC Module 12 (noarch) * slurm_23_02-doc-23.02.7-3.19.1 * slurm_23_02-webdoc-23.02.7-3.19.1 * slurm_23_02-config-man-23.02.7-3.19.1 * slurm_23_02-config-23.02.7-3.19.1 ## References: * https://www.suse.com/security/cve/CVE-2025-43904.html * https://bugzilla.suse.com/show_bug.cgi?id=1243666 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 16:31:04 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 16:31:04 -0000 Subject: SUSE-SU-2025:01750-1: moderate: Security update for postgresql13 Message-ID: <174853626468.5267.4577318131498063774@smelt2.prg2.suse.org> # Security update for postgresql13 Announcement ID: SUSE-SU-2025:01750-1 Release Date: 2025-05-29T12:48:13Z Rating: moderate References: * bsc#1242931 Cross-References: * CVE-2025-4207 CVSS scores: * CVE-2025-4207 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-4207 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for postgresql13 fixes the following issues: Upgrade to 13.21: * CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation (bsc#1242931) Changelog: https://www.postgresql.org/docs/release/13.21/ ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-1750=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1750=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * postgresql13-contrib-debuginfo-13.21-3.63.1 * postgresql13-devel-13.21-3.63.1 * postgresql13-server-debuginfo-13.21-3.63.1 * postgresql13-plperl-debuginfo-13.21-3.63.1 * postgresql13-contrib-13.21-3.63.1 * postgresql13-plperl-13.21-3.63.1 * postgresql13-debuginfo-13.21-3.63.1 * postgresql13-plpython-13.21-3.63.1 * postgresql13-plpython-debuginfo-13.21-3.63.1 * postgresql13-pltcl-debuginfo-13.21-3.63.1 * postgresql13-server-13.21-3.63.1 * postgresql13-debugsource-13.21-3.63.1 * postgresql13-13.21-3.63.1 * postgresql13-pltcl-13.21-3.63.1 * postgresql13-devel-debuginfo-13.21-3.63.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * postgresql13-docs-13.21-3.63.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (ppc64le s390x x86_64) * postgresql13-server-devel-debuginfo-13.21-3.63.1 * postgresql13-server-devel-13.21-3.63.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * postgresql13-contrib-debuginfo-13.21-3.63.1 * postgresql13-devel-13.21-3.63.1 * postgresql13-server-devel-13.21-3.63.1 * postgresql13-server-debuginfo-13.21-3.63.1 * postgresql13-plperl-debuginfo-13.21-3.63.1 * postgresql13-contrib-13.21-3.63.1 * postgresql13-plperl-13.21-3.63.1 * postgresql13-debuginfo-13.21-3.63.1 * postgresql13-plpython-13.21-3.63.1 * postgresql13-plpython-debuginfo-13.21-3.63.1 * postgresql13-pltcl-debuginfo-13.21-3.63.1 * postgresql13-server-13.21-3.63.1 * postgresql13-server-devel-debuginfo-13.21-3.63.1 * postgresql13-debugsource-13.21-3.63.1 * postgresql13-13.21-3.63.1 * postgresql13-pltcl-13.21-3.63.1 * postgresql13-devel-debuginfo-13.21-3.63.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * postgresql13-docs-13.21-3.63.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4207.html * https://bugzilla.suse.com/show_bug.cgi?id=1242931 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 16:31:01 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 16:31:01 -0000 Subject: SUSE-SU-2025:01751-1: important: Security update for slurm Message-ID: <174853626129.5267.14568090928540226544@smelt2.prg2.suse.org> # Security update for slurm Announcement ID: SUSE-SU-2025:01751-1 Release Date: 2025-05-29T12:53:41Z Rating: important References: * bsc#1243666 Cross-References: * CVE-2025-43904 CVSS scores: * CVE-2025-43904 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-43904 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * HPC Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves one vulnerability can now be installed. ## Description: This update for slurm fixes the following issues: Update to version 24.11.5. Security issues fixed: * CVE-2025-43904: an issue with permission handling for Coordinators within the accounting system allowed Coordinators to promote a user to Administrator (bsc#1243666). Other changes and issues fixed: * Changes from version 24.11.5 * Return error to `scontrol` reboot on bad nodelists. * `slurmrestd` \- Report an error when QOS resolution fails for v0.0.40 endpoints. * `slurmrestd` \- Report an error when QOS resolution fails for v0.0.41 endpoints. * `slurmrestd` \- Report an error when QOS resolution fails for v0.0.42 endpoints. * `data_parser/v0.0.42` \- Added `+inline_enums` flag which modifies the output when generating OpenAPI specification. It causes enum arrays to not be defined in their own schema with references (`$ref`) to them. Instead they will be dumped inline. * Fix binding error with `tres-bind map/mask` on partial node allocations. * Fix `stepmgr` enabled steps being able to request features. * Reject step creation if requested feature is not available in job. * `slurmd` \- Restrict listening for new incoming RPC requests further into startup. * `slurmd` \- Avoid `auth/slurm` related hangs of CLI commands during startup and shutdown. * `slurmctld` \- Restrict processing new incoming RPC requests further into startup. Stop processing requests sooner during shutdown. * `slurmcltd` \- Avoid auth/slurm related hangs of CLI commands during startup and shutdown. * `slurmctld` \- Avoid race condition during shutdown or ereconfigure that could result in a crash due delayed processing of a connection while plugins are unloaded. * Fix small memleak when getting the job list from the database. * Fix incorrect printing of `%` escape characters when printing stdio fields for jobs. * Fix padding parsing when printing stdio fields for jobs. * Fix printing `%A` array job id when expanding patterns. * Fix reservations causing jobs to be held for `Bad Constraints`. * `switch/hpe_slingshot` \- Prevent potential segfault on failed curl request to the fabric manager. * Fix printing incorrect array job id when expanding stdio file names. The `%A` will now be substituted by the correct value. * Fix printing incorrect array job id when expanding stdio file names. The `%A` will now be substituted by the correct value. * `switch/hpe_slingshot` \- Fix VNI range not updating on slurmctld restart or reconfigre. * Fix steps not being created when using certain combinations of `-c` and `-n` inferior to the jobs requested resources, when using stepmgr and nodes are configured with `CPUs == Sockets*CoresPerSocket`. * Permit configuring the number of retry attempts to destroy CXI service via the new destroy_retries `SwitchParameter`. * Do not reset `memory.high` and `memory.swap.max` in slurmd startup or reconfigure as we are never really touching this in `slurmd`. * Fix reconfigure failure of slurmd when it has been started manually and the `CoreSpecLimits` have been removed from `slurm.conf`. * Set or reset CoreSpec limits when slurmd is reconfigured and it was started with systemd. * `switch/hpe-slingshot` \- Make sure the slurmctld can free step VNIs after the controller restarts or reconfigures while the job is running. * Fix backup `slurmctld` failure on 2nd takeover. * Changes from version 24.11.4 * `slurmctld`,`slurmrestd` \- Avoid possible race condition that could have caused process to crash when listener socket was closed while accepting a new connection. * `slurmrestd` \- Avoid race condition that could have resulted in address logged for a UNIX socket to be incorrect. * `slurmrestd` \- Fix parameters in OpenAPI specification for the following endpoints to have `job_id` field: `GET /slurm/v0.0.40/jobs/state/ GET /slurm/v0.0.41/jobs/state/ GET /slurm/v0.0.42/jobs/state/ GET /slurm/v0.0.43/jobs/state/` * `slurmd` \- Fix tracking of thread counts that could cause incoming connections to be ignored after burst of simultaneous incoming connections that trigger delayed response logic. * Avoid unnecessary `SRUN_TIMEOUT` forwarding to `stepmgr`. * Fix jobs being scheduled on higher weighted powered down nodes. * Fix how backfill scheduler filters nodes from the available nodes based on exclusive user and `mcs_label` requirements. * `acct_gather_energy/{gpu,ipmi}` \- Fix potential energy consumption adjustment calculation underflow. * `acct_gather_energy/ipmi` \- Fix regression introduced in 24.05.5 (which introduced the new way of preserving energy measurements through slurmd restarts) when `EnergyIPMICalcAdjustment=yes`. * Prevent `slurmctld` deadlock in the assoc mgr. * Fix memory leak when `RestrictedCoresPerGPU` is enabled. * Fix preemptor jobs not entering execution due to wrong calculation of accounting policy limits. * Fix certain job requests that were incorrectly denied with node configuration unavailable error. * `slurmd` \- Avoid crash due when slurmd has a communications failure with `slurmstepd`. * Fix memory leak when parsing yaml input. * Prevent `slurmctld` from showing error message about `PreemptMode=GANG` being a cluster-wide option for `scontrol update part` calls that don't attempt to modify partition PreemptMode. * Fix setting `GANG` preemption on partition when updating `PreemptMode` with `scontrol`. * Fix `CoreSpec` and `MemSpec` limits not being removed from previously configured slurmd. * Avoid race condition that could lead to a deadlock when `slurmd`, `slurmstepd`, `slurmctld`, `slurmrestd` or `sackd` have a fatal event. * Fix jobs using `--ntasks-per-node` and `--mem` keep pending forever when the requested mem divided by the number of CPUs will surpass the configured `MaxMemPerCPU`. * `slurmd` \- Fix address logged upon new incoming RPC connection from `INVALID` to IP address. * Fix memory leak when retrieving reservations. This affects `scontrol`, `sinfo`, `sview`, and the following `slurmrestd` endpoints: `GET /slurm/{any_data_parser}/reservation/{reservation_name}` `GET /slurm/{any_data_parser}/reservations` * Log warning instead of `debuflags=conmgr` gated log when deferring new incoming connections when number of active connections exceed `conmgr_max_connections`. * Avoid race condition that could result in worker thread pool not activating all threads at once after a reconfigure resulting in lower utilization of available CPU threads until enough internal activity wakes up all threads in the worker pool. * Avoid theoretical race condition that could result in new incoming RPC socket connections being ignored after reconfigure. * slurmd - Avoid race condition that could result in a state where new incoming RPC connections will always be ignored. * Add ReconfigFlags=KeepNodeStateFuture to restore saved `FUTURE` node state on restart and reconfig instead of reverting to `FUTURE` state. This will be made the default in 25.05. * Fix case where hetjob submit would cause `slurmctld` to crash. * Fix jobs using `--cpus-per-gpu` and `--mem` keep pending forever when the requested mem divided by the number of CPUs will surpass the configured `MaxMemPerCPU`. * Enforce that jobs using `--mem` and several `--*-per-*` options do not violate the `MaxMemPerCPU` in place. * `slurmctld` \- Fix use-cases of jobs incorrectly pending held when `--prefer` features are not initially satisfied. * `slurmctld` \- Fix jobs incorrectly held when `--prefer` not satisfied in some use-cases. * Ensure `RestrictedCoresPerGPU` and `CoreSpecCount` don't overlap. * Changes from version 24.11.3 * Fix database cluster ID generation not being random. * Fix a regression in which `slurmd -G` gave no output. * Fix a long-standing crash in `slurmctld` after updating a reservation with an empty nodelist. The crash could occur after restarting slurmctld, or if downing/draining a node in the reservation with the `REPLACE` or `REPLACE_DOWN` flag. * Avoid changing process name to "`watch`" from original daemon name. This could potentially breaking some monitoring scripts. * Avoid `slurmctld` being killed by `SIGALRM` due to race condition at startup. * Fix race condition in slurmrestd that resulted in "`Requested data_parser plugin does not support OpenAPI plugin`" error being returned for valid endpoints. * Fix race between `task/cgroup` CPUset and `jobacctgather/cgroup`. The first was removing the pid from `task_X` cgroup directory causing memory limits to not being applied. * If multiple partitions are requested, set the `SLURM_JOB_PARTITION` output environment variable to the partition in which the job is running for `salloc` and `srun` in order to match the documentation and the behavior of `sbatch`. * `srun` \- Fixed wrongly constructed `SLURM_CPU_BIND` env variable that could get propagated to downward srun calls in certain mpi environments, causing launch failures. * Don't print misleading errors for stepmgr enabled steps. * `slurmrestd` \- Avoid connection to slurmdbd for the following endpoints: `GET /slurm/v0.0.41/jobs GET /slurm/v0.0.41/job/{job_id}` * `slurmrestd` \- Avoid connection to slurmdbd for the following endpoints: `GET /slurm/v0.0.40/jobs GET /slurm/v0.0.40/job/{job_id}` * `slurmrestd` \- Fix possible memory leak when parsing arrays with `data_parser/v0.0.40`. * `slurmrestd` \- Fix possible memory leak when parsing arrays with `data_parser/v0.0.41`. * `slurmrestd` \- Fix possible memory leak when parsing arrays with `data_parser/v0.0.42`. * Changes from version 24.11.2 * Fix segfault when submitting `--test-only` jobs that can preempt. * Fix regression introduced in 23.11 that prevented the following flags from being added to a reservation on an update: `DAILY`, `HOURLY`, `WEEKLY`, `WEEKDAY`, and `WEEKEND`. * Fix crash and issues evaluating job's suitability for running in nodes with already suspended job(s) there. * `slurmctld` will ensure that healthy nodes are not reported as `UnavailableNodes` in job reason codes. * Fix handling of jobs submitted to a current reservation with flags `OVERLAP,FLEX` or `OVERLAP,ANY_NODES` when it overlaps nodes with a future maintenance reservation. When a job submission had a time limit that overlapped with the future maintenance reservation, it was rejected. Now the job is accepted but stays pending with the reason "`ReqNodeNotAvail, Reserved for maintenance`". * `pam_slurm_adopt` \- avoid errors when explicitly setting some arguments to the default value. * Fix QOS preemption with `PreemptMode=SUSPEND`. * `slurmdbd` \- When changing a user's name update lineage at the same time. * Fix regression in 24.11 in which `burst_buffer.lua` does not inherit the `SLURM_CONF` environment variable from `slurmctld` and fails to run if slurm.conf is in a non-standard location. * Fix memory leak in slurmctld if `select/linear` and the `PreemptParameters=reclaim_licenses` options are both set in `slurm.conf`. Regression in 24.11.1. * Fix running jobs, that requested multiple partitions, from potentially being set to the wrong partition on restart. * `switch/hpe_slingshot` \- Fix compatibility with newer cxi drivers, specifically when specifying `disable_rdzv_get`. * Add `ABORT_ON_FATAL` environment variable to capture a backtrace from any `fatal()` message. * Fix printing invalid address in rate limiting log statement. * `sched/backfill` \- Fix node state `PLANNED` not being cleared from fully allocated nodes during a backfill cycle. * `select/cons_tres` \- Fix future planning of jobs with `bf_licenses`. * Prevent redundant "`on_data returned rc: Rate limit exceeded, please retry momentarily`" error message from being printed in slurmctld logs. * Fix loading non-default QOS on pending jobs from pre-24.11 state. * Fix pending jobs displaying `QOS=(null)` when not explicitly requesting a QOS. * Fix segfault issue from job record with no `job_resrcs`. * Fix failing `sacctmgr delete/modify/show` account operations with `where` clauses. * Fix regression in 24.11 in which Slurm daemons started catching several `SIGTSTP`, `SIGTTIN` and `SIGUSR1` signals and ignored them, while before they were not ignoring them. This also caused slurmctld to not being able to shutdown after a `SIGTSTP` because slurmscriptd caught the signal and stopped while slurmctld ignored it. Unify and fix these situations and get back to the previous behavior for these signals. * Document that `SIGQUIT` is no longer ignored by `slurmctld`, `slurmdbd`, and slurmd in 24.11. As of 24.11.0rc1, `SIGQUIT` is identical to `SIGINT` and `SIGTERM` for these daemons, but this change was not documented. * Fix not considering nodes marked for reboot without ASAP in the scheduler. * Remove the `boot^` state on unexpected node reboot after return to service. * Do not allow new jobs to start on a node which is being rebooted with the flag `nextstate=resume`. * Prevent lower priority job running after cancelling an ASAP reboot. * Fix srun jobs starting on `nextstate=resume` rebooting nodes. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * HPC Module 15-SP7 zypper in -t patch SUSE-SLE-Module-HPC-15-SP7-2025-1751=1 * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-1751=1 ## Package List: * HPC Module 15-SP7 (aarch64 x86_64) * slurm-sql-debuginfo-24.11.5-150700.3.3.1 * slurm-lua-debuginfo-24.11.5-150700.3.3.1 * slurm-rest-debuginfo-24.11.5-150700.3.3.1 * slurm-cray-24.11.5-150700.3.3.1 * slurm-auth-none-24.11.5-150700.3.3.1 * slurm-munge-24.11.5-150700.3.3.1 * slurm-slurmdbd-debuginfo-24.11.5-150700.3.3.1 * slurm-torque-debuginfo-24.11.5-150700.3.3.1 * slurm-lua-24.11.5-150700.3.3.1 * libnss_slurm2-24.11.5-150700.3.3.1 * slurm-node-24.11.5-150700.3.3.1 * slurm-slurmdbd-24.11.5-150700.3.3.1 * slurm-pam_slurm-debuginfo-24.11.5-150700.3.3.1 * slurm-debugsource-24.11.5-150700.3.3.1 * slurm-sview-24.11.5-150700.3.3.1 * libpmi0-debuginfo-24.11.5-150700.3.3.1 * slurm-node-debuginfo-24.11.5-150700.3.3.1 * perl-slurm-24.11.5-150700.3.3.1 * slurm-sql-24.11.5-150700.3.3.1 * slurm-torque-24.11.5-150700.3.3.1 * slurm-plugins-24.11.5-150700.3.3.1 * slurm-debuginfo-24.11.5-150700.3.3.1 * libpmi0-24.11.5-150700.3.3.1 * slurm-cray-debuginfo-24.11.5-150700.3.3.1 * libnss_slurm2-debuginfo-24.11.5-150700.3.3.1 * slurm-24.11.5-150700.3.3.1 * slurm-pam_slurm-24.11.5-150700.3.3.1 * slurm-munge-debuginfo-24.11.5-150700.3.3.1 * slurm-plugins-debuginfo-24.11.5-150700.3.3.1 * perl-slurm-debuginfo-24.11.5-150700.3.3.1 * libslurm42-24.11.5-150700.3.3.1 * libslurm42-debuginfo-24.11.5-150700.3.3.1 * slurm-devel-24.11.5-150700.3.3.1 * slurm-auth-none-debuginfo-24.11.5-150700.3.3.1 * slurm-rest-24.11.5-150700.3.3.1 * slurm-sview-debuginfo-24.11.5-150700.3.3.1 * HPC Module 15-SP7 (noarch) * slurm-doc-24.11.5-150700.3.3.1 * slurm-config-man-24.11.5-150700.3.3.1 * slurm-webdoc-24.11.5-150700.3.3.1 * slurm-config-24.11.5-150700.3.3.1 * SUSE Package Hub 15 15-SP7 (ppc64le s390x) * slurm-sql-debuginfo-24.11.5-150700.3.3.1 * slurm-lua-debuginfo-24.11.5-150700.3.3.1 * slurm-rest-debuginfo-24.11.5-150700.3.3.1 * slurm-cray-24.11.5-150700.3.3.1 * slurm-auth-none-24.11.5-150700.3.3.1 * slurm-munge-24.11.5-150700.3.3.1 * slurm-slurmdbd-debuginfo-24.11.5-150700.3.3.1 * slurm-torque-debuginfo-24.11.5-150700.3.3.1 * slurm-lua-24.11.5-150700.3.3.1 * libnss_slurm2-24.11.5-150700.3.3.1 * slurm-node-24.11.5-150700.3.3.1 * slurm-slurmdbd-24.11.5-150700.3.3.1 * slurm-pam_slurm-debuginfo-24.11.5-150700.3.3.1 * slurm-debugsource-24.11.5-150700.3.3.1 * slurm-sview-24.11.5-150700.3.3.1 * libpmi0-debuginfo-24.11.5-150700.3.3.1 * slurm-node-debuginfo-24.11.5-150700.3.3.1 * perl-slurm-24.11.5-150700.3.3.1 * slurm-sql-24.11.5-150700.3.3.1 * slurm-torque-24.11.5-150700.3.3.1 * slurm-plugins-24.11.5-150700.3.3.1 * slurm-debuginfo-24.11.5-150700.3.3.1 * libpmi0-24.11.5-150700.3.3.1 * slurm-cray-debuginfo-24.11.5-150700.3.3.1 * libnss_slurm2-debuginfo-24.11.5-150700.3.3.1 * slurm-24.11.5-150700.3.3.1 * slurm-pam_slurm-24.11.5-150700.3.3.1 * slurm-munge-debuginfo-24.11.5-150700.3.3.1 * slurm-plugins-debuginfo-24.11.5-150700.3.3.1 * perl-slurm-debuginfo-24.11.5-150700.3.3.1 * slurm-hdf5-24.11.5-150700.3.3.1 * slurm-devel-24.11.5-150700.3.3.1 * slurm-auth-none-debuginfo-24.11.5-150700.3.3.1 * slurm-hdf5-debuginfo-24.11.5-150700.3.3.1 * slurm-rest-24.11.5-150700.3.3.1 * slurm-sview-debuginfo-24.11.5-150700.3.3.1 * SUSE Package Hub 15 15-SP7 (noarch) * slurm-doc-24.11.5-150700.3.3.1 * slurm-config-man-24.11.5-150700.3.3.1 * slurm-config-24.11.5-150700.3.3.1 * slurm-sjstat-24.11.5-150700.3.3.1 * slurm-openlava-24.11.5-150700.3.3.1 * slurm-seff-24.11.5-150700.3.3.1 * slurm-webdoc-24.11.5-150700.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-43904.html * https://bugzilla.suse.com/show_bug.cgi?id=1243666 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 16:31:09 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 16:31:09 -0000 Subject: SUSE-SU-2025:01748-1: moderate: Security update for postgresql15 Message-ID: <174853626918.5267.10194502612404137955@smelt2.prg2.suse.org> # Security update for postgresql15 Announcement ID: SUSE-SU-2025:01748-1 Release Date: 2025-05-29T12:42:25Z Rating: moderate References: * bsc#1242931 Cross-References: * CVE-2025-4207 CVSS scores: * CVE-2025-4207 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-4207 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Legacy Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for postgresql15 fixes the following issues: Upgrade to 15.13: * CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation (bsc#1242931) Changelog: https://www.postgresql.org/docs/release/15.13/ ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1748=1 openSUSE-SLE-15.6-2025-1748=1 * Legacy Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2025-1748=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * postgresql15-contrib-debuginfo-15.13-150600.16.17.1 * postgresql15-plperl-15.13-150600.16.17.1 * postgresql15-server-debuginfo-15.13-150600.16.17.1 * postgresql15-plpython-debuginfo-15.13-150600.16.17.1 * postgresql15-pltcl-debuginfo-15.13-150600.16.17.1 * postgresql15-llvmjit-devel-15.13-150600.16.17.1 * postgresql15-contrib-15.13-150600.16.17.1 * postgresql15-pltcl-15.13-150600.16.17.1 * postgresql15-server-devel-debuginfo-15.13-150600.16.17.1 * postgresql15-debuginfo-15.13-150600.16.17.1 * postgresql15-devel-debuginfo-15.13-150600.16.17.1 * postgresql15-15.13-150600.16.17.1 * postgresql15-plperl-debuginfo-15.13-150600.16.17.1 * postgresql15-plpython-15.13-150600.16.17.1 * postgresql15-debugsource-15.13-150600.16.17.1 * postgresql15-llvmjit-15.13-150600.16.17.1 * postgresql15-server-devel-15.13-150600.16.17.1 * postgresql15-devel-15.13-150600.16.17.1 * postgresql15-server-15.13-150600.16.17.1 * postgresql15-llvmjit-debuginfo-15.13-150600.16.17.1 * postgresql15-test-15.13-150600.16.17.1 * openSUSE Leap 15.6 (noarch) * postgresql15-docs-15.13-150600.16.17.1 * Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64) * postgresql15-server-debuginfo-15.13-150600.16.17.1 * postgresql15-plpython-15.13-150600.16.17.1 * postgresql15-debugsource-15.13-150600.16.17.1 * postgresql15-devel-debuginfo-15.13-150600.16.17.1 * postgresql15-contrib-debuginfo-15.13-150600.16.17.1 * postgresql15-plpython-debuginfo-15.13-150600.16.17.1 * postgresql15-pltcl-debuginfo-15.13-150600.16.17.1 * postgresql15-server-devel-15.13-150600.16.17.1 * postgresql15-contrib-15.13-150600.16.17.1 * postgresql15-devel-15.13-150600.16.17.1 * postgresql15-pltcl-15.13-150600.16.17.1 * postgresql15-server-15.13-150600.16.17.1 * postgresql15-server-devel-debuginfo-15.13-150600.16.17.1 * postgresql15-plperl-15.13-150600.16.17.1 * postgresql15-15.13-150600.16.17.1 * postgresql15-plperl-debuginfo-15.13-150600.16.17.1 * postgresql15-debuginfo-15.13-150600.16.17.1 * Legacy Module 15-SP6 (noarch) * postgresql15-docs-15.13-150600.16.17.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4207.html * https://bugzilla.suse.com/show_bug.cgi?id=1242931 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 16:31:07 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 16:31:07 -0000 Subject: SUSE-SU-2025:01749-1: moderate: Security update for postgresql15 Message-ID: <174853626710.5267.6054618881503508287@smelt2.prg2.suse.org> # Security update for postgresql15 Announcement ID: SUSE-SU-2025:01749-1 Release Date: 2025-05-29T12:44:13Z Rating: moderate References: * bsc#1242931 Cross-References: * CVE-2025-4207 CVSS scores: * CVE-2025-4207 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-4207 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for postgresql15 fixes the following issues: Upgrade to 15.13: * CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation (bsc#1242931) Changelog: https://www.postgresql.org/docs/release/15.13/ ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-1749=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1749=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * postgresql15-debuginfo-15.13-3.41.1 * postgresql15-server-15.13-3.41.1 * postgresql15-debugsource-15.13-3.41.1 * postgresql15-devel-debuginfo-15.13-3.41.1 * postgresql15-plperl-debuginfo-15.13-3.41.1 * postgresql15-pltcl-debuginfo-15.13-3.41.1 * postgresql15-pltcl-15.13-3.41.1 * postgresql15-server-devel-15.13-3.41.1 * postgresql15-contrib-debuginfo-15.13-3.41.1 * postgresql15-plpython-debuginfo-15.13-3.41.1 * postgresql15-devel-15.13-3.41.1 * postgresql15-plpython-15.13-3.41.1 * postgresql15-server-devel-debuginfo-15.13-3.41.1 * postgresql15-contrib-15.13-3.41.1 * postgresql15-plperl-15.13-3.41.1 * postgresql15-server-debuginfo-15.13-3.41.1 * postgresql15-15.13-3.41.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * postgresql15-docs-15.13-3.41.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * postgresql15-debuginfo-15.13-3.41.1 * postgresql15-server-15.13-3.41.1 * postgresql15-debugsource-15.13-3.41.1 * postgresql15-devel-debuginfo-15.13-3.41.1 * postgresql15-plperl-debuginfo-15.13-3.41.1 * postgresql15-pltcl-debuginfo-15.13-3.41.1 * postgresql15-pltcl-15.13-3.41.1 * postgresql15-server-devel-15.13-3.41.1 * postgresql15-contrib-debuginfo-15.13-3.41.1 * postgresql15-plpython-debuginfo-15.13-3.41.1 * postgresql15-devel-15.13-3.41.1 * postgresql15-plpython-15.13-3.41.1 * postgresql15-server-devel-debuginfo-15.13-3.41.1 * postgresql15-contrib-15.13-3.41.1 * postgresql15-plperl-15.13-3.41.1 * postgresql15-server-debuginfo-15.13-3.41.1 * postgresql15-15.13-3.41.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * postgresql15-docs-15.13-3.41.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4207.html * https://bugzilla.suse.com/show_bug.cgi?id=1242931 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 16:31:12 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 16:31:12 -0000 Subject: SUSE-SU-2025:01747-1: moderate: Security update for grub2 Message-ID: <174853627217.5267.8698898249121621036@smelt2.prg2.suse.org> # Security update for grub2 Announcement ID: SUSE-SU-2025:01747-1 Release Date: 2025-05-29T12:40:35Z Rating: moderate References: * bsc#1237174 * bsc#1242971 Cross-References: * CVE-2025-4382 CVSS scores: * CVE-2025-4382 ( SUSE ): 8.4 CVSS:4.0/AV:P/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N * CVE-2025-4382 ( SUSE ): 5.9 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2025-4382 ( NVD ): 5.9 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N Affected Products: * Basesystem Module 15-SP7 * Server Applications Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for grub2 fixes the following issues: Security fixes: * CVE-2025-4382: exposure of data from encrypted device through CLI once the root device is successfully unlocked via TPM (bsc#1242971). Other bug fixes: * Fix incorrect nvme disks and boot order in bootlist output (bsc#1237174). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-1747=1 * Server Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2025-1747=1 ## Package List: * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * grub2-debuginfo-2.12-150700.19.3.1 * grub2-2.12-150700.19.3.1 * Basesystem Module 15-SP7 (noarch) * grub2-snapper-plugin-2.12-150700.19.3.1 * grub2-arm64-efi-2.12-150700.19.3.1 * grub2-systemd-sleep-plugin-2.12-150700.19.3.1 * grub2-x86_64-efi-2.12-150700.19.3.1 * grub2-powerpc-ieee1275-2.12-150700.19.3.1 * grub2-i386-pc-2.12-150700.19.3.1 * Basesystem Module 15-SP7 (aarch64 s390x x86_64) * grub2-debugsource-2.12-150700.19.3.1 * Basesystem Module 15-SP7 (s390x) * grub2-s390x-emu-2.12-150700.19.3.1 * Server Applications Module 15-SP7 (noarch) * grub2-x86_64-xen-2.12-150700.19.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4382.html * https://bugzilla.suse.com/show_bug.cgi?id=1237174 * https://bugzilla.suse.com/show_bug.cgi?id=1242971 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 16:31:27 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 16:31:27 -0000 Subject: SUSE-SU-2025:20352-1: moderate: Security update for s390-tools Message-ID: <174853628730.5267.5567489254831678624@smelt2.prg2.suse.org> # Security update for s390-tools Announcement ID: SUSE-SU-2025:20352-1 Release Date: May 23, 2025, 7:48 a.m. Rating: moderate References: * bsc#1242622 Cross-References: * CVE-2025-3416 CVSS scores: * CVE-2025-3416 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-3416 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-3416 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Micro 6.0 An update that solves one vulnerability can now be installed. ## Description: This update for s390-tools fixes the following issues: * CVE-2025-3416: s390-tools: openssl: Fixed Use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate (bsc#1242622) * Amended the .spec file * Updated the '_service' file * Removed the obsolete file 'cargo_config' * Updated 'cputype' and 'read_value.c' * Added the new IBM z17 (9175) processor type ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-335=1 ## Package List: * SUSE Linux Micro 6.0 (s390x) * libekmfweb1-2.31.0-2.1 * s390-tools-debugsource-2.31.0-2.1 * libekmfweb1-debuginfo-2.31.0-2.1 * s390-tools-2.31.0-2.1 * libkmipclient1-debuginfo-2.31.0-2.1 * libkmipclient1-2.31.0-2.1 * s390-tools-debuginfo-2.31.0-2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-3416.html * https://bugzilla.suse.com/show_bug.cgi?id=1242622 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 16:31:23 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 16:31:23 -0000 Subject: SUSE-SU-2025:01745-1: important: Security update for dnsdist Message-ID: <174853628363.5267.14320262686807722740@smelt2.prg2.suse.org> # Security update for dnsdist Announcement ID: SUSE-SU-2025:01745-1 Release Date: 2025-05-29T12:22:10Z Rating: important References: * bsc#1243378 Cross-References: * CVE-2025-30193 CVSS scores: * CVE-2025-30193 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-30193 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-30193 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.4 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for dnsdist fixes the following issues: * CVE-2025-30193: stack exhaustion when processing too many queries on incoming TCP connections leads to a denial-of-service (bsc#1243378). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-1745=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-1745=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-1745=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1745=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1745=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1745=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1745=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1745=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1745=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1745=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1745=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1745=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1745=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1745=1 ## Package List: * SUSE Manager Proxy 4.3 (x86_64) * dnsdist-debuginfo-1.8.0-150400.9.6.1 * dnsdist-1.8.0-150400.9.6.1 * dnsdist-debugsource-1.8.0-150400.9.6.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * dnsdist-debuginfo-1.8.0-150400.9.6.1 * dnsdist-1.8.0-150400.9.6.1 * dnsdist-debugsource-1.8.0-150400.9.6.1 * SUSE Manager Server 4.3 (x86_64) * dnsdist-debuginfo-1.8.0-150400.9.6.1 * dnsdist-1.8.0-150400.9.6.1 * dnsdist-debugsource-1.8.0-150400.9.6.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * dnsdist-debuginfo-1.8.0-150400.9.6.1 * dnsdist-1.8.0-150400.9.6.1 * dnsdist-debugsource-1.8.0-150400.9.6.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * dnsdist-debuginfo-1.8.0-150400.9.6.1 * dnsdist-1.8.0-150400.9.6.1 * dnsdist-debugsource-1.8.0-150400.9.6.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * dnsdist-debuginfo-1.8.0-150400.9.6.1 * dnsdist-1.8.0-150400.9.6.1 * dnsdist-debugsource-1.8.0-150400.9.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * dnsdist-debuginfo-1.8.0-150400.9.6.1 * dnsdist-1.8.0-150400.9.6.1 * dnsdist-debugsource-1.8.0-150400.9.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * dnsdist-debuginfo-1.8.0-150400.9.6.1 * dnsdist-1.8.0-150400.9.6.1 * dnsdist-debugsource-1.8.0-150400.9.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * dnsdist-debuginfo-1.8.0-150400.9.6.1 * dnsdist-1.8.0-150400.9.6.1 * dnsdist-debugsource-1.8.0-150400.9.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * dnsdist-debuginfo-1.8.0-150400.9.6.1 * dnsdist-1.8.0-150400.9.6.1 * dnsdist-debugsource-1.8.0-150400.9.6.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 x86_64) * dnsdist-debuginfo-1.8.0-150400.9.6.1 * dnsdist-1.8.0-150400.9.6.1 * dnsdist-debugsource-1.8.0-150400.9.6.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * dnsdist-debuginfo-1.8.0-150400.9.6.1 * dnsdist-1.8.0-150400.9.6.1 * dnsdist-debugsource-1.8.0-150400.9.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * dnsdist-debuginfo-1.8.0-150400.9.6.1 * dnsdist-1.8.0-150400.9.6.1 * dnsdist-debugsource-1.8.0-150400.9.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * dnsdist-debuginfo-1.8.0-150400.9.6.1 * dnsdist-1.8.0-150400.9.6.1 * dnsdist-debugsource-1.8.0-150400.9.6.1 ## References: * https://www.suse.com/security/cve/CVE-2025-30193.html * https://bugzilla.suse.com/show_bug.cgi?id=1243378 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 16:31:19 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 16:31:19 -0000 Subject: SUSE-SU-2025:01746-1: important: Security update for webkit2gtk3 Message-ID: <174853627997.5267.433868554954970296@smelt2.prg2.suse.org> # Security update for webkit2gtk3 Announcement ID: SUSE-SU-2025:01746-1 Release Date: 2025-05-29T12:38:02Z Rating: important References: * bsc#1222905 * bsc#1241158 * bsc#1241160 * bsc#1243282 * bsc#1243286 * bsc#1243288 * bsc#1243289 * bsc#1243424 * bsc#1243596 Cross-References: * CVE-2023-42875 * CVE-2023-42970 * CVE-2024-23226 * CVE-2025-24223 * CVE-2025-31204 * CVE-2025-31205 * CVE-2025-31206 * CVE-2025-31215 * CVE-2025-31257 CVSS scores: * CVE-2023-42875 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2023-42875 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N * CVE-2023-42875 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N * CVE-2023-42970 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2023-42970 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2023-42970 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-23226 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-23226 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-23226 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-24223 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-24223 ( SUSE ): 8.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2025-24223 ( NVD ): 8.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2025-31204 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-31204 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-31205 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2025-31205 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2025-31206 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-31206 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-31215 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-31215 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-31257 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-31257 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-31257 ( NVD ): 4.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:L Affected Products: * Basesystem Module 15-SP6 * Basesystem Module 15-SP7 * Desktop Applications Module 15-SP6 * Desktop Applications Module 15-SP7 * Development Tools Module 15-SP6 * Development Tools Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves nine vulnerabilities can now be installed. ## Description: This update for webkit2gtk3 fixes the following issues: Update to version 2.48.2. Security issues fixed: * CVE-2025-31205: lack of checks may lead to cross-origin data exfiltration through a malicious website (bsc#1243282). * CVE-2025-31204: improper memory handling when processing certain web content may lead to memory corruption (bsc#1243286). * CVE-2025-31206: type confusion issue when processing certain web content may lead to an unexpected crash (bsc#1243288). * CVE-2025-31215: lack of checks when processing certain web content may lead to an unexpected crash (bsc#1243289). * CVE-2025-31257: improper memory handling when processing certain web content may lead to an unexpected crash (bsc#1243596). * CVE-2025-24223: improper memory handling when processing certain web content may lead to memory corruption (bsc#1243424). Other changes and issues fixed: * Enable CSS overscroll behavior by default. * Change threaded rendering implementation to use Skia API instead of WebCore display list that is not thread safe. * Fix rendering when device scale factor change comes before the web view geometry update. * Fix network process crash on exit. * Fix the build with ENABLE_RESOURCE_USAGE=OFF. * Fix several crashes and rendering issues. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1746=1 openSUSE-SLE-15.6-2025-1746=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1746=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-1746=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-1746=1 * Desktop Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP7-2025-1746=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-1746=1 * Development Tools Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP7-2025-1746=1 ## Package List: * openSUSE Leap 15.6 (noarch) * WebKitGTK-4.1-lang-2.48.2-150600.12.40.2 * WebKitGTK-4.0-lang-2.48.2-150600.12.40.2 * WebKitGTK-6.0-lang-2.48.2-150600.12.40.2 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * webkit2gtk-4_1-injected-bundles-2.48.2-150600.12.40.2 * libwebkitgtk-6_0-4-debuginfo-2.48.2-150600.12.40.2 * webkit2gtk3-minibrowser-debuginfo-2.48.2-150600.12.40.2 * libjavascriptcoregtk-4_1-0-2.48.2-150600.12.40.2 * typelib-1_0-JavaScriptCore-4_1-2.48.2-150600.12.40.2 * typelib-1_0-JavaScriptCore-4_0-2.48.2-150600.12.40.2 * typelib-1_0-WebKit2-4_0-2.48.2-150600.12.40.2 * libwebkit2gtk-4_0-37-debuginfo-2.48.2-150600.12.40.2 * libjavascriptcoregtk-6_0-1-2.48.2-150600.12.40.2 * webkit-jsc-6.0-2.48.2-150600.12.40.2 * webkit2gtk3-devel-2.48.2-150600.12.40.2 * libjavascriptcoregtk-6_0-1-debuginfo-2.48.2-150600.12.40.2 * typelib-1_0-WebKit-6_0-2.48.2-150600.12.40.2 * webkit2gtk4-minibrowser-debuginfo-2.48.2-150600.12.40.2 * webkit-jsc-4-2.48.2-150600.12.40.2 * libwebkit2gtk-4_1-0-2.48.2-150600.12.40.2 * libjavascriptcoregtk-4_1-0-debuginfo-2.48.2-150600.12.40.2 * webkit-jsc-6.0-debuginfo-2.48.2-150600.12.40.2 * libwebkit2gtk-4_1-0-debuginfo-2.48.2-150600.12.40.2 * typelib-1_0-WebKit2WebExtension-4_1-2.48.2-150600.12.40.2 * webkit2gtk4-minibrowser-2.48.2-150600.12.40.2 * webkitgtk-6_0-injected-bundles-2.48.2-150600.12.40.2 * webkit2gtk-4_0-injected-bundles-2.48.2-150600.12.40.2 * webkit2gtk-4_1-injected-bundles-debuginfo-2.48.2-150600.12.40.2 * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.2-150600.12.40.2 * webkit-jsc-4-debuginfo-2.48.2-150600.12.40.2 * webkit2gtk3-debugsource-2.48.2-150600.12.40.2 * typelib-1_0-WebKitWebProcessExtension-6_0-2.48.2-150600.12.40.2 * webkit2gtk3-soup2-minibrowser-2.48.2-150600.12.40.2 * webkit2gtk3-minibrowser-2.48.2-150600.12.40.2 * webkitgtk-6_0-injected-bundles-debuginfo-2.48.2-150600.12.40.2 * typelib-1_0-JavaScriptCore-6_0-2.48.2-150600.12.40.2 * libjavascriptcoregtk-4_0-18-debuginfo-2.48.2-150600.12.40.2 * webkit2gtk3-soup2-minibrowser-debuginfo-2.48.2-150600.12.40.2 * typelib-1_0-WebKit2-4_1-2.48.2-150600.12.40.2 * typelib-1_0-WebKit2WebExtension-4_0-2.48.2-150600.12.40.2 * libjavascriptcoregtk-4_0-18-2.48.2-150600.12.40.2 * webkit-jsc-4.1-2.48.2-150600.12.40.2 * webkit2gtk3-soup2-devel-2.48.2-150600.12.40.2 * libwebkit2gtk-4_0-37-2.48.2-150600.12.40.2 * webkit-jsc-4.1-debuginfo-2.48.2-150600.12.40.2 * webkit2gtk4-devel-2.48.2-150600.12.40.2 * webkit2gtk3-soup2-debugsource-2.48.2-150600.12.40.2 * libwebkitgtk-6_0-4-2.48.2-150600.12.40.2 * webkit2gtk4-debugsource-2.48.2-150600.12.40.2 * openSUSE Leap 15.6 (x86_64) * libjavascriptcoregtk-4_1-0-32bit-2.48.2-150600.12.40.2 * libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.48.2-150600.12.40.2 * libjavascriptcoregtk-4_0-18-32bit-2.48.2-150600.12.40.2 * libjavascriptcoregtk-4_1-0-32bit-debuginfo-2.48.2-150600.12.40.2 * libwebkit2gtk-4_1-0-32bit-2.48.2-150600.12.40.2 * libwebkit2gtk-4_0-37-32bit-2.48.2-150600.12.40.2 * libwebkit2gtk-4_0-37-32bit-debuginfo-2.48.2-150600.12.40.2 * libwebkit2gtk-4_1-0-32bit-debuginfo-2.48.2-150600.12.40.2 * openSUSE Leap 15.6 (aarch64_ilp32) * libjavascriptcoregtk-4_1-0-64bit-2.48.2-150600.12.40.2 * libjavascriptcoregtk-4_0-18-64bit-2.48.2-150600.12.40.2 * libjavascriptcoregtk-4_1-0-64bit-debuginfo-2.48.2-150600.12.40.2 * libwebkit2gtk-4_1-0-64bit-debuginfo-2.48.2-150600.12.40.2 * libwebkit2gtk-4_0-37-64bit-2.48.2-150600.12.40.2 * libwebkit2gtk-4_0-37-64bit-debuginfo-2.48.2-150600.12.40.2 * libwebkit2gtk-4_1-0-64bit-2.48.2-150600.12.40.2 * libjavascriptcoregtk-4_0-18-64bit-debuginfo-2.48.2-150600.12.40.2 * Basesystem Module 15-SP6 (noarch) * WebKitGTK-4.0-lang-2.48.2-150600.12.40.2 * WebKitGTK-6.0-lang-2.48.2-150600.12.40.2 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libjavascriptcoregtk-4_0-18-2.48.2-150600.12.40.2 * libwebkitgtk-6_0-4-debuginfo-2.48.2-150600.12.40.2 * webkit2gtk3-soup2-devel-2.48.2-150600.12.40.2 * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.2-150600.12.40.2 * typelib-1_0-JavaScriptCore-4_0-2.48.2-150600.12.40.2 * typelib-1_0-WebKit2-4_0-2.48.2-150600.12.40.2 * webkitgtk-6_0-injected-bundles-debuginfo-2.48.2-150600.12.40.2 * libwebkit2gtk-4_0-37-debuginfo-2.48.2-150600.12.40.2 * libjavascriptcoregtk-6_0-1-2.48.2-150600.12.40.2 * libwebkit2gtk-4_0-37-2.48.2-150600.12.40.2 * libjavascriptcoregtk-4_0-18-debuginfo-2.48.2-150600.12.40.2 * webkitgtk-6_0-injected-bundles-2.48.2-150600.12.40.2 * webkit2gtk-4_0-injected-bundles-2.48.2-150600.12.40.2 * webkit2gtk3-soup2-debugsource-2.48.2-150600.12.40.2 * libwebkitgtk-6_0-4-2.48.2-150600.12.40.2 * libjavascriptcoregtk-6_0-1-debuginfo-2.48.2-150600.12.40.2 * typelib-1_0-WebKit2WebExtension-4_0-2.48.2-150600.12.40.2 * webkit2gtk4-debugsource-2.48.2-150600.12.40.2 * Basesystem Module 15-SP7 (noarch) * WebKitGTK-4.0-lang-2.48.2-150600.12.40.2 * WebKitGTK-6.0-lang-2.48.2-150600.12.40.2 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libjavascriptcoregtk-4_0-18-2.48.2-150600.12.40.2 * libwebkitgtk-6_0-4-debuginfo-2.48.2-150600.12.40.2 * webkit2gtk3-soup2-devel-2.48.2-150600.12.40.2 * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.2-150600.12.40.2 * typelib-1_0-JavaScriptCore-4_0-2.48.2-150600.12.40.2 * typelib-1_0-WebKit2-4_0-2.48.2-150600.12.40.2 * webkitgtk-6_0-injected-bundles-debuginfo-2.48.2-150600.12.40.2 * libwebkit2gtk-4_0-37-debuginfo-2.48.2-150600.12.40.2 * libjavascriptcoregtk-6_0-1-2.48.2-150600.12.40.2 * libwebkit2gtk-4_0-37-2.48.2-150600.12.40.2 * libjavascriptcoregtk-4_0-18-debuginfo-2.48.2-150600.12.40.2 * webkitgtk-6_0-injected-bundles-2.48.2-150600.12.40.2 * webkit2gtk-4_0-injected-bundles-2.48.2-150600.12.40.2 * webkit2gtk3-soup2-debugsource-2.48.2-150600.12.40.2 * libwebkitgtk-6_0-4-2.48.2-150600.12.40.2 * libjavascriptcoregtk-6_0-1-debuginfo-2.48.2-150600.12.40.2 * typelib-1_0-WebKit2WebExtension-4_0-2.48.2-150600.12.40.2 * webkit2gtk4-debugsource-2.48.2-150600.12.40.2 * Desktop Applications Module 15-SP6 (noarch) * WebKitGTK-4.1-lang-2.48.2-150600.12.40.2 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * webkit2gtk-4_1-injected-bundles-2.48.2-150600.12.40.2 * webkit2gtk-4_1-injected-bundles-debuginfo-2.48.2-150600.12.40.2 * libwebkit2gtk-4_1-0-2.48.2-150600.12.40.2 * libjavascriptcoregtk-4_1-0-debuginfo-2.48.2-150600.12.40.2 * libjavascriptcoregtk-4_1-0-2.48.2-150600.12.40.2 * typelib-1_0-JavaScriptCore-4_1-2.48.2-150600.12.40.2 * libwebkit2gtk-4_1-0-debuginfo-2.48.2-150600.12.40.2 * webkit2gtk3-debugsource-2.48.2-150600.12.40.2 * typelib-1_0-WebKit2WebExtension-4_1-2.48.2-150600.12.40.2 * webkit2gtk3-devel-2.48.2-150600.12.40.2 * typelib-1_0-WebKit2-4_1-2.48.2-150600.12.40.2 * Desktop Applications Module 15-SP7 (noarch) * WebKitGTK-4.1-lang-2.48.2-150600.12.40.2 * Desktop Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * webkit2gtk-4_1-injected-bundles-2.48.2-150600.12.40.2 * webkit2gtk-4_1-injected-bundles-debuginfo-2.48.2-150600.12.40.2 * libwebkit2gtk-4_1-0-2.48.2-150600.12.40.2 * libjavascriptcoregtk-4_1-0-debuginfo-2.48.2-150600.12.40.2 * libjavascriptcoregtk-4_1-0-2.48.2-150600.12.40.2 * typelib-1_0-JavaScriptCore-4_1-2.48.2-150600.12.40.2 * libwebkit2gtk-4_1-0-debuginfo-2.48.2-150600.12.40.2 * webkit2gtk3-debugsource-2.48.2-150600.12.40.2 * typelib-1_0-WebKit2WebExtension-4_1-2.48.2-150600.12.40.2 * webkit2gtk3-devel-2.48.2-150600.12.40.2 * typelib-1_0-WebKit2-4_1-2.48.2-150600.12.40.2 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * typelib-1_0-WebKitWebProcessExtension-6_0-2.48.2-150600.12.40.2 * typelib-1_0-JavaScriptCore-6_0-2.48.2-150600.12.40.2 * webkit2gtk4-devel-2.48.2-150600.12.40.2 * typelib-1_0-WebKit-6_0-2.48.2-150600.12.40.2 * webkit2gtk4-debugsource-2.48.2-150600.12.40.2 * Development Tools Module 15-SP7 (aarch64 ppc64le s390x x86_64) * typelib-1_0-WebKitWebProcessExtension-6_0-2.48.2-150600.12.40.2 * typelib-1_0-JavaScriptCore-6_0-2.48.2-150600.12.40.2 * webkit2gtk4-devel-2.48.2-150600.12.40.2 * typelib-1_0-WebKit-6_0-2.48.2-150600.12.40.2 * webkit2gtk4-debugsource-2.48.2-150600.12.40.2 ## References: * https://www.suse.com/security/cve/CVE-2023-42875.html * https://www.suse.com/security/cve/CVE-2023-42970.html * https://www.suse.com/security/cve/CVE-2024-23226.html * https://www.suse.com/security/cve/CVE-2025-24223.html * https://www.suse.com/security/cve/CVE-2025-31204.html * https://www.suse.com/security/cve/CVE-2025-31205.html * https://www.suse.com/security/cve/CVE-2025-31206.html * https://www.suse.com/security/cve/CVE-2025-31215.html * https://www.suse.com/security/cve/CVE-2025-31257.html * https://bugzilla.suse.com/show_bug.cgi?id=1222905 * https://bugzilla.suse.com/show_bug.cgi?id=1241158 * https://bugzilla.suse.com/show_bug.cgi?id=1241160 * https://bugzilla.suse.com/show_bug.cgi?id=1243282 * https://bugzilla.suse.com/show_bug.cgi?id=1243286 * https://bugzilla.suse.com/show_bug.cgi?id=1243288 * https://bugzilla.suse.com/show_bug.cgi?id=1243289 * https://bugzilla.suse.com/show_bug.cgi?id=1243424 * https://bugzilla.suse.com/show_bug.cgi?id=1243596 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 16:31:42 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 16:31:42 -0000 Subject: SUSE-RU-2025:20348-1: important: Recommended update for cloud-regionsrv-client Message-ID: <174853630269.5267.5033709828616629488@smelt2.prg2.suse.org> # Recommended update for cloud-regionsrv-client Announcement ID: SUSE-RU-2025:20348-1 Release Date: May 27, 2025, 7:16 a.m. Rating: important References: * bsc#1218345 * bsc#1240310 * bsc#1240311 * bsc#1240997 Affected Products: * SUSE Linux Micro 6.0 An update that has four fixes can now be installed. ## Description: This update for cloud-regionsrv-client fixes the following issues: * Update version to 10.4.0 * Remove repositories when the package is being removed We do not want to leave repositories behind refering to the plugin that is being removed when the package gets removed (bsc#1240310, bsc#1240311) * Turn docker into an optional setup (jsc#PCT-560) Change the Requires into a Recommends and adapt the code accordingly * Support flexible licenses in GCE (jsc#PCT-531) * Drop the azure-addon package it is geting replaced by the license-watcher package which has a generic implementation of the same functionality. * Handle cache inconsistencies (bsc#1218345) * Properly handle the zypper root target argument (bsc#1240997) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-339=1 ## Package List: * SUSE Linux Micro 6.0 (noarch) * cloud-regionsrv-client-plugin-azure-2.0.0-4.1 * cloud-regionsrv-client-generic-config-1.0.0-4.1 * cloud-regionsrv-client-10.4.0-4.1 * cloud-regionsrv-client-plugin-ec2-1.0.5-4.1 * cloud-regionsrv-client-plugin-gce-1.0.0-4.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1218345 * https://bugzilla.suse.com/show_bug.cgi?id=1240310 * https://bugzilla.suse.com/show_bug.cgi?id=1240311 * https://bugzilla.suse.com/show_bug.cgi?id=1240997 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 16:31:34 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 16:31:34 -0000 Subject: SUSE-SU-2025:20350-1: moderate: Security update for kernel-livepatch-MICRO-6-0_Update_5 Message-ID: <174853629488.5267.14423817686474552680@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0_Update_5 Announcement ID: SUSE-SU-2025:20350-1 Release Date: May 28, 2025, 9:53 a.m. Rating: moderate References: * bsc#1235916 Cross-References: * CVE-2024-57882 CVSS scores: * CVE-2024-57882 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57882 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-57882 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves one vulnerability can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0_Update_5 fixes the following issues: * CVE-2024-57882: mptcp: fix TCP options overflow. (bsc#1235916) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-30=1 ## Package List: * SUSE Linux Micro 6.0 (s390x x86_64) * kernel-livepatch-MICRO-6-0_Update_5-debugsource-2-1.2 * kernel-livepatch-6_4_0-25-default-debuginfo-2-1.2 * kernel-livepatch-6_4_0-25-default-2-1.2 ## References: * https://www.suse.com/security/cve/CVE-2024-57882.html * https://bugzilla.suse.com/show_bug.cgi?id=1235916 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 16:31:38 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 16:31:38 -0000 Subject: SUSE-SU-2025:20349-1: moderate: Security update for kernel-livepatch-MICRO-6-0_Update_3 Message-ID: <174853629879.5267.1417635688338697575@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0_Update_3 Announcement ID: SUSE-SU-2025:20349-1 Release Date: May 28, 2025, 9:52 a.m. Rating: moderate References: * bsc#1233019 * bsc#1233678 * bsc#1234847 Cross-References: * CVE-2024-50115 * CVE-2024-53042 * CVE-2024-53156 CVSS scores: * CVE-2024-50115 ( SUSE ): 4.5 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H * CVE-2024-50115 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:H * CVE-2024-50115 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53042 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53042 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53156 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53156 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53156 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves three vulnerabilities can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0_Update_3 fixes the following issues: * CVE-2024-53042: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow() (bsc#1233678) * CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234847) * CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1233019) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-29=1 ## Package List: * SUSE Linux Micro 6.0 (s390x x86_64) * kernel-livepatch-6_4_0-20-default-5-1.2 * kernel-livepatch-MICRO-6-0_Update_3-debugsource-5-1.2 * kernel-livepatch-6_4_0-20-default-debuginfo-5-1.2 ## References: * https://www.suse.com/security/cve/CVE-2024-50115.html * https://www.suse.com/security/cve/CVE-2024-53042.html * https://www.suse.com/security/cve/CVE-2024-53156.html * https://bugzilla.suse.com/show_bug.cgi?id=1233019 * https://bugzilla.suse.com/show_bug.cgi?id=1233678 * https://bugzilla.suse.com/show_bug.cgi?id=1234847 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 16:31:32 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 16:31:32 -0000 Subject: SUSE-SU-2025:20351-1: moderate: Security update for kernel-livepatch-MICRO-6-0_Update_2 Message-ID: <174853629279.5267.7649813914160383312@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0_Update_2 Announcement ID: SUSE-SU-2025:20351-1 Release Date: May 28, 2025, 10:02 a.m. Rating: moderate References: * bsc#1233019 * bsc#1233678 * bsc#1234847 Cross-References: * CVE-2024-50115 * CVE-2024-53042 * CVE-2024-53156 CVSS scores: * CVE-2024-50115 ( SUSE ): 4.5 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H * CVE-2024-50115 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:H * CVE-2024-50115 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53042 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53042 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53156 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53156 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53156 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves three vulnerabilities can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0_Update_2 fixes the following issues: * CVE-2024-53042: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow() (bsc#1233678) * CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234847) * CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1233019) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-28=1 ## Package List: * SUSE Linux Micro 6.0 (s390x x86_64) * kernel-livepatch-6_4_0-19-default-debuginfo-5-1.1 * kernel-livepatch-MICRO-6-0_Update_2-debugsource-5-1.1 * kernel-livepatch-6_4_0-19-default-5-1.1 ## References: * https://www.suse.com/security/cve/CVE-2024-50115.html * https://www.suse.com/security/cve/CVE-2024-53042.html * https://www.suse.com/security/cve/CVE-2024-53156.html * https://bugzilla.suse.com/show_bug.cgi?id=1233019 * https://bugzilla.suse.com/show_bug.cgi?id=1233678 * https://bugzilla.suse.com/show_bug.cgi?id=1234847 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 16:31:51 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 16:31:51 -0000 Subject: SUSE-SU-2025:20345-1: moderate: Security update for augeas Message-ID: <174853631118.5267.17617260824894172659@smelt2.prg2.suse.org> # Security update for augeas Announcement ID: SUSE-SU-2025:20345-1 Release Date: May 23, 2025, 1 p.m. Rating: moderate References: * bsc#1239909 Cross-References: * CVE-2025-2588 CVSS scores: * CVE-2025-2588 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-2588 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-2588 ( NVD ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-2588 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-2588 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Micro 6.0 An update that solves one vulnerability can now be installed. ## Description: This update for augeas fixes the following issues: * CVE-2025-2588: Fixed check for NULL pointers when calling re_case_expand in function fa_expand_nocase (bsc#1239909) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-337=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * augeas-debuginfo-1.14.1-2.1 * augeas-lenses-1.14.1-2.1 * libaugeas0-debuginfo-1.14.1-2.1 * augeas-debugsource-1.14.1-2.1 * augeas-1.14.1-2.1 * libfa1-debuginfo-1.14.1-2.1 * libaugeas0-1.14.1-2.1 * libfa1-1.14.1-2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-2588.html * https://bugzilla.suse.com/show_bug.cgi?id=1239909 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 16:31:48 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 16:31:48 -0000 Subject: SUSE-SU-2025:20346-1: moderate: Security update for python311 Message-ID: <174853630897.5267.1531217890009362024@smelt2.prg2.suse.org> # Security update for python311 Announcement ID: SUSE-SU-2025:20346-1 Release Date: May 23, 2025, 1:55 p.m. Rating: moderate References: * bsc#1236705 * bsc#1241067 Cross-References: * CVE-2025-0938 CVSS scores: * CVE-2025-0938 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N * CVE-2025-0938 ( SUSE ): 4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N * CVE-2025-0938 ( NVD ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Linux Micro 6.0 An update that solves one vulnerability and has one fix can now be installed. ## Description: This update for python311 fixes the following issues: * Updated to 3.11.12: * gh-131809: Updated bundled libexpat to 2.7.1 * gh-131261: Upgraded to libexpat 2.7.0 * CVE-2025-0938: Fixed functions `urllib.parse.urlsplit` and `urlparse` accepting domain names including square brackets (bsc#1236705) * gh-121284: Fixed bug in the folding of rfc2047 encoded-words when flattening an email message using a modern email policy. Previously when an encoded- word was too long for a line, it would be decoded, split across lines, and re-encoded. But commas and other special characters in the original text could be left unencoded and unquoted. This could theoretically be used to spoof header lines using a carefully constructed encoded-word if the resulting rendered email was transmitted or re-parsed. * gh-80222: Fixed bug in the folding of quoted strings when flattening an email message using a modern email policy. Previously when a quoted string was folded so that it spanned more than one line, the surrounding quotes and internal escapes would be omitted. This could theoretically be used to spoof header lines using a carefully constructed quoted string if the resulting rendered email was transmitted or re-parsed. * gh-119511: Fixed a potential denial of service in the imaplib module. When connecting to a malicious server, it could cause an arbitrary amount of memory to be allocated. On many systems this is harmless as unused virtual memory is only a mapping, but if this hit a virtual address size limit it could lead to a MemoryError or other process crash. On unusual systems or builds where all allocated memory is touched and backed by actual ram or storage it could?ve consumed resources doing so until similarly crashing. * gh-127257: In ssl, system call failures that OpenSSL reports using ERR_LIB_SYS are now raised as OSError. * gh-121277: Writers of CPython?s documentation can now use next as the version for the versionchanged, versionadded, deprecated directives. * gh-106883: Disabled GC during the _PyThread_CurrentFrames() and _PyThread_CurrentExceptions() calls to avoid the interpreter to deadlock. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-336=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * python311-3.11.12-1.1 * python311-curses-debuginfo-3.11.12-1.1 * libpython3_11-1_0-3.11.12-1.1 * python311-core-debugsource-3.11.12-1.1 * python311-base-debuginfo-3.11.12-1.1 * python311-debuginfo-3.11.12-1.1 * python311-base-3.11.12-1.1 * python311-curses-3.11.12-1.1 * libpython3_11-1_0-debuginfo-3.11.12-1.1 * python311-debugsource-3.11.12-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-0938.html * https://bugzilla.suse.com/show_bug.cgi?id=1236705 * https://bugzilla.suse.com/show_bug.cgi?id=1241067 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 16:31:46 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 16:31:46 -0000 Subject: SUSE-RU-2025:20347-1: moderate: Recommended update for dracut Message-ID: <174853630612.5267.6931722688258538579@smelt2.prg2.suse.org> # Recommended update for dracut Announcement ID: SUSE-RU-2025:20347-1 Release Date: May 26, 2025, 10:04 a.m. Rating: moderate References: * bsc#1217885 * bsc#1240919 Affected Products: * SUSE Linux Micro 6.0 An update that has two fixes can now be installed. ## Description: This update for dracut fixes the following issues: Update to version 059+suse.597.gb05a38d8: * fix(dmsquash-live): do not check ISO md5 if image filesystem (bsc#1240919) * fix(nfs): set correct ownership of rpc.statd state directories (bsc#1217885) * perf(nfs): remove references to old rpcbind state dir * fix(nfs): libnfsidmap plugins not added in some distributions ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-338=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * dracut-debugsource-059+suse.597.gb05a38d8-1.1 * dracut-059+suse.597.gb05a38d8-1.1 * dracut-fips-059+suse.597.gb05a38d8-1.1 * dracut-debuginfo-059+suse.597.gb05a38d8-1.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1217885 * https://bugzilla.suse.com/show_bug.cgi?id=1240919 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 16:33:29 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 16:33:29 -0000 Subject: SUSE-SU-2025:20344-1: important: Security update for the Linux Kernel Message-ID: <174853640917.5267.2995304998388306054@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:20344-1 Release Date: May 23, 2025, 7:28 a.m. Rating: important References: * bsc#1215199 * bsc#1223809 * bsc#1224013 * bsc#1224597 * bsc#1224757 * bsc#1228659 * bsc#1230764 * bsc#1231103 * bsc#1232493 * bsc#1233075 * bsc#1233098 * bsc#1235501 * bsc#1235526 * bsc#1236086 * bsc#1236704 * bsc#1237111 * bsc#1238212 * bsc#1238471 * bsc#1238527 * bsc#1238714 * bsc#1238737 * bsc#1238742 * bsc#1238745 * bsc#1238862 * bsc#1238961 * bsc#1238983 * bsc#1239079 * bsc#1239108 * bsc#1239470 * bsc#1239476 * bsc#1239487 * bsc#1239510 * bsc#1239997 * bsc#1240181 * bsc#1240557 * bsc#1240576 * bsc#1240655 * bsc#1240709 * bsc#1240712 * bsc#1240713 * bsc#1240717 * bsc#1240740 * bsc#1240785 * bsc#1240802 * bsc#1240809 * bsc#1240811 * bsc#1240835 * bsc#1240934 * bsc#1240936 * bsc#1240944 * bsc#1241010 * bsc#1241038 * bsc#1241051 * bsc#1241123 * bsc#1241151 * bsc#1241167 * bsc#1241175 * bsc#1241204 * bsc#1241250 * bsc#1241265 * bsc#1241266 * bsc#1241280 * bsc#1241332 * bsc#1241333 * bsc#1241341 * bsc#1241343 * bsc#1241344 * bsc#1241347 * bsc#1241357 * bsc#1241361 * bsc#1241369 * bsc#1241371 * bsc#1241373 * bsc#1241378 * bsc#1241394 * bsc#1241402 * bsc#1241412 * bsc#1241413 * bsc#1241416 * bsc#1241424 * bsc#1241426 * bsc#1241433 * bsc#1241436 * bsc#1241441 * bsc#1241442 * bsc#1241443 * bsc#1241451 * bsc#1241452 * bsc#1241456 * bsc#1241458 * bsc#1241459 * bsc#1241526 * bsc#1241528 * bsc#1241537 * bsc#1241541 * bsc#1241545 * bsc#1241547 * bsc#1241548 * bsc#1241550 * bsc#1241573 * bsc#1241574 * bsc#1241575 * bsc#1241578 * bsc#1241590 * bsc#1241593 * bsc#1241598 * bsc#1241599 * bsc#1241601 * bsc#1241626 * bsc#1241640 * bsc#1241648 * bsc#1242006 * bsc#1242044 * bsc#1242172 * bsc#1242283 * bsc#1242307 * bsc#1242313 * bsc#1242314 * bsc#1242315 * bsc#1242321 * bsc#1242326 * bsc#1242327 * bsc#1242328 * bsc#1242332 * bsc#1242333 * bsc#1242335 * bsc#1242336 * bsc#1242342 * bsc#1242343 * bsc#1242344 * bsc#1242345 * bsc#1242346 * bsc#1242347 * bsc#1242348 * bsc#1242414 * bsc#1242526 * bsc#1242528 * bsc#1242534 * bsc#1242535 * bsc#1242536 * bsc#1242537 * bsc#1242538 * bsc#1242539 * bsc#1242540 * bsc#1242546 * bsc#1242556 * bsc#1242596 * bsc#1242710 * bsc#1242778 * bsc#1242831 * bsc#1242985 Cross-References: * CVE-2023-53034 * CVE-2024-27018 * CVE-2024-27415 * CVE-2024-28956 * CVE-2024-35840 * CVE-2024-46763 * CVE-2024-46865 * CVE-2024-50083 * CVE-2024-50162 * CVE-2024-50163 * CVE-2024-56641 * CVE-2024-56702 * CVE-2024-57924 * CVE-2024-57998 * CVE-2024-58001 * CVE-2024-58068 * CVE-2024-58070 * CVE-2024-58088 * CVE-2024-58093 * CVE-2024-58094 * CVE-2024-58095 * CVE-2024-58096 * CVE-2024-58097 * CVE-2025-21683 * CVE-2025-21696 * CVE-2025-21707 * CVE-2025-21758 * CVE-2025-21768 * CVE-2025-21792 * CVE-2025-21808 * CVE-2025-21812 * CVE-2025-21833 * CVE-2025-21852 * CVE-2025-21853 * CVE-2025-21854 * CVE-2025-21867 * CVE-2025-21904 * CVE-2025-21925 * CVE-2025-21926 * CVE-2025-21931 * CVE-2025-21962 * CVE-2025-21963 * CVE-2025-21964 * CVE-2025-21980 * CVE-2025-21985 * CVE-2025-21999 * CVE-2025-22004 * CVE-2025-22015 * CVE-2025-22016 * CVE-2025-22017 * CVE-2025-22018 * CVE-2025-22020 * CVE-2025-22025 * CVE-2025-22027 * CVE-2025-22029 * CVE-2025-22033 * CVE-2025-22036 * CVE-2025-22044 * CVE-2025-22045 * CVE-2025-22050 * CVE-2025-22053 * CVE-2025-22055 * CVE-2025-22058 * CVE-2025-22060 * CVE-2025-22062 * CVE-2025-22064 * CVE-2025-22065 * CVE-2025-22075 * CVE-2025-22080 * CVE-2025-22086 * CVE-2025-22088 * CVE-2025-22090 * CVE-2025-22093 * CVE-2025-22097 * CVE-2025-22102 * CVE-2025-22104 * CVE-2025-22105 * CVE-2025-22106 * CVE-2025-22107 * CVE-2025-22108 * CVE-2025-22109 * CVE-2025-22115 * CVE-2025-22116 * CVE-2025-22121 * CVE-2025-22128 * CVE-2025-23129 * CVE-2025-23131 * CVE-2025-23133 * CVE-2025-23136 * CVE-2025-23138 * CVE-2025-23145 * CVE-2025-37785 * CVE-2025-37798 * CVE-2025-37799 * CVE-2025-37860 * CVE-2025-39728 CVSS scores: * CVE-2023-53034 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2023-53034 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-27018 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27018 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27415 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L * CVE-2024-28956 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-28956 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-28956 ( NVD ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-28956 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-35840 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46763 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46763 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46865 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46865 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-50083 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50083 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50162 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50162 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50162 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50163 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50163 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50163 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56641 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56641 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56702 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56702 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56702 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57924 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-57924 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57998 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58001 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-58001 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-58068 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58068 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58070 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58070 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58088 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-58088 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58088 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58093 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-58093 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58094 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-58094 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58095 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-58095 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58096 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-58096 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-58097 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-58097 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58097 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21683 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-21683 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-21683 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21696 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21696 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21707 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21707 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21758 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21768 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21792 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21808 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21812 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21812 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21812 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21833 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21833 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21833 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21852 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21852 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21853 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21853 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21854 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21854 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21867 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21867 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21904 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21904 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21904 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21925 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21925 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21926 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21926 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21931 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21931 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21962 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-21962 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-21962 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21963 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21963 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21963 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21964 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21964 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21964 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21980 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21980 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21980 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21985 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21985 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21999 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21999 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21999 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22004 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22004 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22015 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22015 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22016 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22016 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22017 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22017 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22018 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22018 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22018 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22020 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22020 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22020 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22025 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-22025 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-22027 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22027 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22027 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22029 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22029 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22033 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22033 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22033 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22036 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22036 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22036 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22044 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22044 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22045 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22045 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22050 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22050 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22053 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22053 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22055 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22055 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-22058 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-22058 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-22060 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22060 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22062 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22062 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22062 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22064 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22064 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22065 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22065 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22065 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22075 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22075 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22080 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22080 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22080 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22086 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22086 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22088 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22088 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22088 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22090 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22090 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22093 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22093 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22097 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22097 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-22097 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22102 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22102 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22104 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22104 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-22105 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22105 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22106 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22106 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22107 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-22107 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H * CVE-2025-22108 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-22108 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2025-22109 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22109 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22115 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22115 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22116 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-22116 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2025-22121 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22121 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22128 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22128 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23129 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-23129 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23131 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-23131 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23133 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-23133 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-23136 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-23136 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23136 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23138 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-23138 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23145 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-23145 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37785 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37785 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H * CVE-2025-37785 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-37798 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37799 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37860 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37860 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37860 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-39728 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-39728 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-39728 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.0 * SUSE Linux Micro Extras 6.0 An update that solves 96 vulnerabilities and has 55 fixes can now be installed. ## Description: The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-28956: x86/ibt: Keep IBT disabled during alternative patching (bsc#1242006). * CVE-2024-35840: mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect() (bsc#1224597). * CVE-2024-50162: bpf: selftests: send packet to devmap redirect XDP (bsc#1233075). * CVE-2024-50163: bpf: Make sure internal and UAPI bpf_redirect flags do not overlap (bsc#1233098). * CVE-2024-57924: fs: relax assertions on failure to encode file handles (bsc#1236086). * CVE-2024-58068: OPP: fix dev_pm_opp_find_bw_*() when bandwidth table not initialized (bsc#1238961). * CVE-2024-58070: bpf: bpf_local_storage: Always use bpf_mem_alloc in PREEMPT_RT (bsc#1238983). * CVE-2024-58088: bpf: Fix deadlock when freeing cgroup storage (bsc#1239510). * CVE-2025-21683: bpf: Fix bpf_sk_select_reuseport() memory leak (bsc#1236704). * CVE-2025-21696: mm: clear uffd-wp PTE/PMD state on mremap() (bsc#1237111). * CVE-2025-21707: mptcp: consolidate suboption status (bsc#1238862). * CVE-2025-21758: ipv6: mcast: add RCU protection to mld_newpack() (bsc#1238737). * CVE-2025-21768: net: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels (bsc#1238714). * CVE-2025-21792: ax25: Fix refcount leak caused by setting SO_BINDTODEVICE sockopt (bsc#1238745). * CVE-2025-21808: net: xdp: Disallow attaching device-bound programs in generic mode (bsc#1238742). * CVE-2025-21812: ax25: rcu protect dev->ax25_ptr (bsc#1238471). * CVE-2025-21833: iommu/vt-d: Avoid use of NULL after WARN_ON_ONCE (bsc#1239108). * CVE-2025-21854: selftest/bpf: Add vsock test for sockmap rejecting unconnected (bsc#1239470). * CVE-2025-21867: bpf, test_run: Fix use-after-free issue in eth_skb_pkt_type() (bsc#1240181). * CVE-2025-21904: caif_virtio: fix wrong pointer check in cfv_probe() (bsc#1240576). * CVE-2025-21925: llc: do not use skb_get() before dev_queue_xmit() (bsc#1240713). * CVE-2025-21926: net: gso: fix ownership in __udp_gso_segment (bsc#1240712). * CVE-2025-21931: hwpoison, memory_hotplug: lock folio before unmap hwpoisoned folio (bsc#1240709). * CVE-2025-21962: cifs: Fix integer overflow while processing closetimeo mount option (bsc#1240655). * CVE-2025-21963: cifs: Fix integer overflow while processing acdirmax mount option (bsc#1240717). * CVE-2025-21964: cifs: Fix integer overflow while processing acregmax mount option (bsc#1240740). * CVE-2025-21980: sched: address a potential NULL pointer dereference in the GRED scheduler (bsc#1240809). * CVE-2025-21985: drm/amd/display: Fix out-of-bound accesses (bsc#1240811). * CVE-2025-21999: proc: fix UAF in proc_get_inode() (bsc#1240802). * CVE-2025-22004: net: atm: fix use after free in lec_send() (bsc#1240835). * CVE-2025-22015: mm/migrate: fix shmem xarray update during migration (bsc#1240944). * CVE-2025-22016: dpll: fix xa_alloc_cyclic() error handling (bsc#1240934). * CVE-2025-22017: devlink: fix xa_alloc_cyclic() error handling (bsc#1240936). * CVE-2025-22018: atm: Fix NULL pointer dereference (bsc#1241266). * CVE-2025-22029: exec: fix the racy usage of fs_struct->in_exec (bsc#1241378). * CVE-2025-22036: exfat: fix random stack corruption after get_block (bsc#1241426). * CVE-2025-22045: x86/mm: Fix flush_tlb_range() when used for zapping normal PMDs (bsc#1241433). * CVE-2025-22053: net: ibmveth: make veth_pool_store stop hanging (bsc#1241373). * CVE-2025-22055: net: fix geneve_opt length integer overflow (bsc#1241371). * CVE-2025-22058: udp: Fix memory accounting leak (bsc#1241332). * CVE-2025-22060: net: mvpp2: Prevent parser TCAM memory corruption (bsc#1241526). * CVE-2025-22064: netfilter: nf_tables: do not unregister hook when table is dormant (bsc#1241413). * CVE-2025-22080: fs/ntfs3: Prevent integer overflow in hdr_first_de() (bsc#1241416). * CVE-2025-22090: mm: (un)track_pfn_copy() fix + doc improvements (bsc#1241537). * CVE-2025-22102: Bluetooth: btnxpuart: Fix kernel panic during FW release (bsc#1241456). * CVE-2025-22104: ibmvnic: Use kernel helpers for hex dumps (bsc#1241550). * CVE-2025-22105, CVE-2025-37860: Add missing bugzilla references (bsc#1241452 bsc#1241548). * CVE-2025-22107: net: dsa: sja1105: fix kasan out-of-bounds warning in sja1105_table_delete_entry() (bsc#1241575). * CVE-2025-22109: ax25: Remove broken autobind (bsc#1241573). * CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241578). * CVE-2025-22121: ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all() (bsc#1241593). * CVE-2025-23133: wifi: ath11k: update channel list in reg notifier instead reg worker (bsc#1241451). * CVE-2025-23138: watch_queue: fix pipe accounting mismatch (bsc#1241648). * CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242596). * CVE-2025-37785: ext4: fix OOB read when checking dotdot dir (bsc#1241640). * CVE-2025-37798: codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() (bsc#1242414). * CVE-2025-37799: vmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp (bsc#1242283). * CVE-2025-39728: clk: samsung: Fix UBSAN panic in samsung_clk_init() (bsc#1241626). The following non-security bugs were fixed: * ACPI PPTT: Fix coding mistakes in a couple of sizeof() calls (stable-fixes). * ACPI: EC: Set ec_no_wakeup for Lenovo Go S (stable-fixes). * ALSA: hda/realtek - Enable speaker for HP platform (git-fixes). * ALSA: hda/realtek - Fixed ASUS platform headset Mic issue (git-fixes). * ALSA: hda/realtek: Fix built-mic regression on other ASUS models (git- fixes). * ALSA: hda: intel: Add Lenovo IdeaPad Z570 to probe denylist (stable-fixes). * ALSA: hda: intel: Fix Optimus when GPU has no sound (stable-fixes). * ALSA: ump: Fix buffer overflow at UMP SysEx message conversion (bsc#1242044). * ALSA: usb-audio: Add retry on -EPROTO from usb_set_interface() (stable- fixes). * ALSA: usb-audio: Add second USB ID for Jabra Evolve 65 headset (stable- fixes). * ALSA: usb-audio: Fix CME quirk for UF series keyboards (stable-fixes). * ASoC: Intel: avs: Fix null-ptr-deref in avs_component_probe() (git-fixes). * ASoC: SOF: topology: Use krealloc_array() to replace krealloc() (stable- fixes). * ASoC: Use of_property_read_bool() (stable-fixes). * ASoC: amd: Add DMI quirk for ACP6X mic support (stable-fixes). * ASoC: amd: yc: update quirk data for new Lenovo model (stable-fixes). * ASoC: codecs:lpass-wsa-macro: Fix logic of enabling vi channels (git-fixes). * ASoC: codecs:lpass-wsa-macro: Fix vi feedback rate (git-fixes). * ASoC: fsl_audmix: register card device depends on 'dais' property (stable- fixes). * ASoC: qcom: Fix sc7280 lpass potential buffer overflow (git-fixes). * ASoC: soc-core: Stop using of_property_read_bool() for non-boolean properties (stable-fixes). * ASoC: soc-pcm: Fix hw_params() and DAPM widget sequence (git-fixes). * Bluetooth: btrtl: Prevent potential NULL dereference (git-fixes). * Bluetooth: btusb: avoid NULL pointer dereference in skb_dequeue() (git- fixes). * Bluetooth: hci_event: Fix sending MGMT_EV_DEVICE_FOUND for invalid address (git-fixes). * Bluetooth: hci_uart: Fix another race during initialization (git-fixes). * Bluetooth: hci_uart: fix race during initialization (stable-fixes). * Bluetooth: l2cap: Check encryption key size on incoming connection (git- fixes). * Bluetooth: l2cap: Process valid commands in too long frame (stable-fixes). * Bluetooth: vhci: Avoid needless snprintf() calls (git-fixes). * Correct the upsteram version numbers in the previous patches * Drop PCI patch that caused a regression (bsc#1241123) * Input: cyttsp5 - ensure minimum reset pulse width (git-fixes). * Input: mtk-pmic-keys - fix possible null pointer dereference (git-fixes). * Input: xpad - fix two controller table values (git-fixes). * Move upstreamed smb patch into sorted section Also move other out-of-tree patches into the proper section * Move upstreamed sound patch into sorted section * OPP: add index check to assert to avoid buffer overflow in _read_freq() (bsc#1238961) * PCI/MSI: Add an option to write MSIX ENTRY_DATA before any reads (git- fixes). * PCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type (stable-fixes). * RDMA/cma: Fix workqueue crash in cma_netevent_work_handler (git-fixes) * RDMA/core: Silence oversized kvmalloc() warning (git-fixes) * RDMA/hns: Fix wrong maximum DMA segment size (git-fixes) * RDMA/mana_ib: Ensure variable err is initialized (git-fixes). * RDMA/usnic: Fix passing zero to PTR_ERR in usnic_ib_pci_probe() (git-fixes) * Revert "drivers: core: synchronize really_probe() and dev_uevent()" (stable- fixes). * Revert "drm/meson: vclk: fix calculation of 59.94 fractional rates" (git- fixes). * Revert "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()" (git-fixes). * USB: OHCI: Add quirk for LS7A OHCI controller (rev 0x02) (stable-fixes). * USB: VLI disk crashes if LPM is used (stable-fixes). * USB: serial: ftdi_sio: add support for Abacus Electrics Optical Probe (stable-fixes). * USB: serial: option: add Sierra Wireless EM9291 (stable-fixes). * USB: serial: simple: add OWON HDS200 series oscilloscope support (stable- fixes). * USB: storage: quirk for ADATA Portable HDD CH94 (stable-fixes). * USB: usbtmc: use interruptible sleep in usbtmc_read (git-fixes). * USB: wdm: add annotation (git-fixes). * USB: wdm: close race between wdm_open and wdm_wwan_port_stop (git-fixes). * USB: wdm: handle IO errors in wdm_wwan_port_start (git-fixes). * USB: wdm: wdm_wwan_port_tx_complete mutex in atomic context (git-fixes). * ahci: add PCI ID for Marvell 88SE9215 SATA Controller (stable-fixes). * asus-laptop: Fix an uninitialized variable (git-fixes). * ata: libata-sata: Save all fields from sense data descriptor (git-fixes). * ata: libata-scsi: Fix ata_mselect_control_ata_feature() return type (git- fixes). * ata: libata-scsi: Fix ata_msense_control_ata_feature() (git-fixes). * ata: libata-scsi: Improve CDL control (git-fixes). * ata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe() (git-fixes). * ata: sata_sx4: Add error handling in pdc20621_i2c_read() (git-fixes). * auxdisplay: hd44780: Convert to platform remove callback returning void (stable-fixes). * auxdisplay: hd44780: Fix an API misuse in hd44780.c (git-fixes). * badblocks: Fix error shitf ops (git-fixes). * badblocks: fix merge issue when new badblocks align with pre+1 (git-fixes). * badblocks: fix missing bad blocks on retry in _badblocks_check() (git- fixes). * badblocks: fix the using of MAX_BADBLOCKS (git-fixes). * badblocks: return error directly when setting badblocks exceeds 512 (git- fixes). * badblocks: return error if any badblock set fails (git-fixes). * blk-throttle: fix lower bps rate by throtl_trim_slice() (git-fixes). * block: change blk_mq_add_to_batch() third argument type to bool (git-fixes). * block: fix 'kmem_cache of name 'bio-108' already exists' (git-fixes). * block: fix conversion of GPT partition name to 7-bit (git-fixes). * block: fix resource leak in blk_register_queue() error path (git-fixes). * block: integrity: Do not call set_page_dirty_lock() (git-fixes). * block: make sure ->nr_integrity_segments is cloned in blk_rq_prep_clone (git-fixes). * bnxt_en: Linearize TX SKB if the fragments exceed the max (git-fixes). * bnxt_en: Mask the bd_cnt field in the TX BD properly (git-fixes). * bpf: Add missed var_off setting in coerce_subreg_to_size_sx() (git-fixes). * bpf: Add missed var_off setting in set_sext32_default_val() (git-fixes). * bpf: add find_containing_subprog() utility function (bsc#1241590). * bpf: check changes_pkt_data property for extension programs (bsc#1241590). * bpf: consider that tail calls invalidate packet pointers (bsc#1241590). * bpf: fix null dereference when computing changes_pkt_data of prog w/o subprogs (bsc#1241590). * bpf: refactor bpf_helper_changes_pkt_data to use helper number (bsc#1241590). * bpf: track changes_pkt_data property for global functions (bsc#1241590). * btrfs: add and use helper to verify the calling task has locked the inode (bsc#1241204). * btrfs: always fallback to buffered write if the inode requires checksum (bsc#1242831 bsc#1242710). * btrfs: fix hole expansion when writing at an offset beyond EOF (bsc#1241151). * btrfs: fix missing snapshot drew unlock when root is dead during swap activation (bsc#1241204). * btrfs: fix race with memory mapped writes when activating swap file (bsc#1241204). * btrfs: fix swap file activation failure due to extents that used to be shared (bsc#1241204). * can: gw: fix RCU/BH usage in cgw_create_job() (git-fixes). * can: mcan: m_can_class_unregister(): fix order of unregistration calls (git- fixes). * can: mcp251xfd: fix TDC setting for low data bit rates (git-fixes). * can: mcp251xfd: mcp251xfd_remove(): fix order of unregistration calls (git- fixes). * cdc_ether|r8152: ThinkPad Hybrid USB-C/A Dock quirk (stable-fixes). * char: misc: register chrdev region with all possible minors (git-fixes). * cifs: Fix integer overflow while processing actimeo mount option (git- fixes). * crypto: atmel-sha204a - Set hwrng quality to lowest possible (git-fixes). * crypto: caam/qi - Fix drv_ctx refcount bug (git-fixes). * crypto: ccp - Add support for PCI device 0x1134 (stable-fixes). * cxgb4: fix memory leak in cxgb4_init_ethtool_filters() error path (git- fixes). * dm-bufio: do not schedule in atomic context (git-fixes). * dm-ebs: fix prefetch-vs-suspend race (git-fixes). * dm-integrity: set ti->error on memory allocation failure (git-fixes). * dm-verity: fix prefetch-vs-suspend race (git-fixes). * dm: add missing unlock on in dm_keyslot_evict() (git-fixes). * dm: always update the array size in realloc_argv on success (git-fixes). * dm: fix copying after src array boundaries (git-fixes). * dmaengine: dmatest: Fix dmatest waiting less when interrupted (stable- fixes). * drivers: base: devres: Allow to release group on device release (stable- fixes). * drm/amd/display: Add scoped mutexes for amdgpu_dm_dhcp (stable-fixes). * drm/amd/display: Copy AUX read reply data whenever length > 0 (git-fixes). * drm/amd/display: Fix gpu reset in multidisplay config (git-fixes). * drm/amd/display: Fix slab-use-after-free in hdcp (git-fixes). * drm/amd/display: Fix wrong handling for AUX_DEFER case (git-fixes). * drm/amd/display: Force full update in gpu reset (stable-fixes). * drm/amd/display: Remove incorrect checking in dmub aux handler (git-fixes). * drm/amd/display: Shift DMUB AUX reply command if necessary (git-fixes). * drm/amd/display: add workaround flag to link to force FFE preset (stable- fixes). * drm/amd: Handle being compiled without SI or CIK support better (stable- fixes). * drm/amdgpu/hdp5.2: use memcfg register to post the write for HDP flush (git- fixes). * drm/amdgpu: handle amdgpu_cgs_create_device() errors in amd_powerplay_create() (stable-fixes). * drm/amdkfd: Fix mode1 reset crash issue (stable-fixes). * drm/amdkfd: Fix pqm_destroy_queue race with GPU reset (stable-fixes). * drm/amdkfd: clamp queue size to minimum (stable-fixes). * drm/amdkfd: debugfs hang_hws skip GPU with MES (stable-fixes). * drm/bridge: panel: forbid initializing a panel with unknown connector type (stable-fixes). * drm/fdinfo: Protect against driver unbind (git-fixes). * drm/i915/dg2: wait for HuC load completion before running selftests (stable- fixes). * drm/i915/gvt: fix unterminated-string-initialization warning (stable-fixes). * drm/i915/pxp: fix undefined reference to `intel_pxp_gsccs_is_ready_for_sessions' (git-fixes). * drm/i915/xelpg: Extend driver code of Xe_LPG to Xe_LPG+ (stable-fixes). * drm/i915: Disable RPG during live selftest (git-fixes). * drm/mediatek: mtk_dpi: Explicitly manage TVD clock in power on/off (stable- fixes). * drm/mediatek: mtk_dpi: Move the input_2p_en bit to platform data (stable- fixes). * drm/nouveau: Fix WARN_ON in nouveau_fence_context_kill() (git-fixes). * drm/panel: simple: Update timings for AUO G101EVN010 (git-fixes). * drm/tests: Add helper to create mock crtc (stable-fixes). * drm/tests: Add helper to create mock plane (stable-fixes). * drm/tests: Build KMS helpers when DRM_KUNIT_TEST_HELPERS is enabled (git- fixes). * drm/tests: cmdline: Fix drm_display_mode memory leak (git-fixes). * drm/tests: helpers: Add atomic helpers (stable-fixes). * drm/tests: helpers: Add helper for drm_display_mode_from_cea_vic() (stable- fixes). * drm/tests: helpers: Create kunit helper to destroy a drm_display_mode (stable-fixes). * drm/tests: helpers: Fix compiler warning (git-fixes). * drm/tests: modes: Fix drm_display_mode memory leak (git-fixes). * drm/tests: probe-helper: Fix drm_display_mode memory leak (git-fixes). * drm: Select DRM_KMS_HELPER from DRM_DEBUG_DP_MST_TOPOLOGY_REFS (git-fixes). * drm: allow encoder mode_set even when connectors change for crtc (stable- fixes). * drm: panel-orientation-quirks: Add new quirk for GPD Win 2 (stable-fixes). * drm: panel-orientation-quirks: Add quirk for AYA NEO Slide (stable-fixes). * drm: panel-orientation-quirks: Add quirk for OneXPlayer Mini (Intel) (stable-fixes). * drm: panel-orientation-quirks: Add quirks for AYA NEO Flip DS and KB (stable-fixes). * drm: panel-orientation-quirks: Add support for AYANEO 2S (stable-fixes). * e1000e: change k1 configuration on MTP and later platforms (git-fixes). * eth: bnxt: fix missing ring index trim on error path (git-fixes). * ethtool: Fix context creation with no parameters (git-fixes). * ethtool: Fix set RXNFC command with symmetric RSS hash (git-fixes). * ethtool: Fix wrong mod state in case of verbose and no_mask bitset (git- fixes). * ethtool: do not propagate EOPNOTSUPP from dumps (git-fixes). * ethtool: fix setting key and resetting indir at once (git-fixes). * ethtool: netlink: Add missing ethnl_ops_begin/complete (git-fixes). * ethtool: netlink: do not return SQI value if link is down (git-fixes). * ethtool: plca: fix plca enable data type while parsing the value (git- fixes). * ethtool: rss: echo the context number back (git-fixes). * exfat: do not fallback to buffered write (git-fixes). * exfat: drop ->i_size_ondisk (git-fixes). * exfat: fix soft lockup in exfat_clear_bitmap (git-fixes). * exfat: short-circuit zero-byte writes in exfat_file_write_iter (git-fixes). * ext4: add missing brelse() for bh2 in ext4_dx_add_entry() (bsc#1242342). * ext4: correct encrypted dentry name hash when not casefolded (bsc#1242540). * ext4: do not over-report free space or inodes in statvfs (bsc#1242345). * ext4: do not treat fhandle lookup of ea_inode as FS corruption (bsc#1242347). * ext4: fix FS_IOC_GETFSMAP handling (bsc#1240557). * ext4: goto right label 'out_mmap_sem' in ext4_setattr() (bsc#1242556). * ext4: make block validity check resistent to sb bh corruption (bsc#1242348). * ext4: partial zero eof block on unaligned inode size extension (bsc#1242336). * ext4: protect ext4_release_dquot against freezing (bsc#1242335). * ext4: replace the traditional ternary conditional operator with with max()/min() (bsc#1242536). * ext4: treat end of range as exclusive in ext4_zero_range() (bsc#1242539). * ext4: unify the type of flexbg_size to unsigned int (bsc#1242538). * fbdev: omapfb: Add 'plane' value check (stable-fixes). * firmware: arm_ffa: Skip Rx buffer ownership release if not acquired (git- fixes). * firmware: arm_scmi: Balance device refcount when destroying devices (git- fixes). * fs/jfs: Prevent integer overflow in AG size calculation (git-fixes). * fs/jfs: cast inactags to s64 to prevent potential overflow (git-fixes). * fs/ntfs3: add prefix to bitmap_size() and use BITS_TO_U64() (bsc#1241250). * fs: better handle deep ancestor chains in is_subdir() (bsc#1242528). * fs: consistently deref the files table with rcu_dereference_raw() (bsc#1242535). * fs: do not allow non-init s_user_ns for filesystems without FS_USERNS_MOUNT (bsc#1242526). * fs: support relative paths with FSCONFIG_SET_STRING (git-fixes). * gpio: zynq: Fix wakeup source leaks on device unbind (stable-fixes). * gve: handle overflow when reporting TX consumed descriptors (git-fixes). * gve: set xdp redirect target only when it is available (git-fixes). * hfs/hfsplus: fix slab-out-of-bounds in hfs_bnode_read_key (git-fixes). * i2c: cros-ec-tunnel: defer probe if parent EC is not present (git-fixes). * i2c: imx-lpi2c: Fix clock count when probe defers (git-fixes). * ice: Add check for devm_kzalloc() (git-fixes). * ice: fix reservation of resources for RDMA when disabled (git-fixes). * ice: stop truncating queue ids when checking (git-fixes). * idpf: check error for register_netdev() on init (git-fixes). * idpf: fix adapter NULL pointer dereference on reboot (git-fixes). * igb: reject invalid external timestamp requests for 82580-based HW (git- fixes). * igc: add lock preventing multiple simultaneous PTM transactions (git-fixes). * igc: cleanup PTP module if probe fails (git-fixes). * igc: fix PTM cycle trigger logic (git-fixes). * igc: handle the IGC_PTP_ENABLED flag correctly (git-fixes). * igc: increase wait time before retrying PTM (git-fixes). * igc: move ktime snapshot into PTM retry loop (git-fixes). * iio: accel: adxl367: fix setting odr for activity time update (git-fixes). * iio: adc: ad7606: fix serial register access (git-fixes). * iio: adc: ad7768-1: Fix conversion result sign (git-fixes). * iio: adc: ad7768-1: Move setting of val a bit later to avoid unnecessary return value check (stable-fixes). * iio: adis16201: Correct inclinometer channel resolution (git-fixes). * iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_fifo (git- fixes). * iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_tagged_fifo (git-fixes). * iio: temp: maxim-thermocouple: Fix potential lack of DMA safe buffer (git- fixes). * iommu: Fix two issues in iommu_copy_struct_from_user() (git-fixes). * ipv4: fib: annotate races around nh->nh_saddr_genid and nh->nh_saddr (git- fixes). * irqchip/davinci: Remove leftover header (git-fixes). * irqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode() (git-fixes). * irqchip/qcom-mpm: Prevent crash when trying to handle non-wake GPIOs (git- fixes). * isofs: fix KMSAN uninit-value bug in do_isofs_readdir() (bsc#1242307). * jbd2: add a missing data flush during file and fs synchronization (bsc#1242346). * jbd2: fix off-by-one while erasing journal (bsc#1242344). * jbd2: flush filesystem device before updating tail sequence (bsc#1242333). * jbd2: increase IO priority for writing revoke records (bsc#1242332). * jbd2: increase the journal IO's priority (bsc#1242537). * jbd2: remove wrong sb->s_sequence check (bsc#1242343). * jfs: Fix uninit-value access of imap allocated in the diMount() function (git-fixes). * jfs: Prevent copying of nlink with value 0 from disk inode (git-fixes). * jfs: add sanity check for agwidth in dbMount (git-fixes). * kABI fix for sctp: detect and prevent references to a freed transport in sendmsg (git-fixes). * kABI workaround for powercap update (bsc#1241010). * ktest: Fix Test Failures Due to Missing LOG_FILE Directories (stable-fixes). * kunit: qemu_configs: SH: Respect kunit cmdline (git-fixes). * loop: LOOP_SET_FD: send uevents for partitions (git-fixes). * loop: properly send KOBJ_CHANGED uevent for disk device (git-fixes). * loop: stop using vfs_iter_{read,write} for buffered I/O (git-fixes). * md/md-bitmap: fix wrong bitmap_limit for clustermd when write sb (bsc#1238212) * media: uvcvideo: Add quirk for Actions UVC05 (stable-fixes). * mei: me: add panther lake H DID (stable-fixes). * misc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration (git-fixes). * misc: microchip: pci1xxxx: Fix incorrect IRQ status handling during ack (git-fixes). * mm/readahead: fix large folio support in async readahead (bsc#1242321). * mm: fix error handling in __filemap_get_folio() with FGP_NOWAIT (bsc#1242326). * mm: fix filemap_get_folios_contig returning batches of identical folios (bsc#1242327). * mm: fix oops when filemap_map_pmd() without prealloc_pte (bsc#1242546). * mmc: dw_mmc: add a quirk for accessing 64-bit FIFOs in two halves (stable- fixes). * mmc: renesas_sdhi: Fix error handling in renesas_sdhi_probe (git-fixes). * mptcp: mptcp_parse_option() fix for MPTCPOPT_MP_JOIN (git-fixes). * mptcp: refine opt_mp_capable determination (git-fixes). * mptcp: relax check on MPC passive fallback (git-fixes). * mptcp: strict validation before using mp_opt->hmac (git-fixes). * mptcp: use OPTION_MPTCP_MPJ_SYN in subflow_check_req() (git-fixes). * net/mlx5: Fill out devlink dev info only for PFs (git-fixes). * net/mlx5: IRQ, Fix null string in debug print (git-fixes). * net/mlx5: Lag, Check shared fdb before creating MultiPort E-Switch (git- fixes). * net/mlx5: Start health poll after enable hca (git-fixes). * net/mlx5e: Fix ethtool -N flow-type ip4 to RSS context (git-fixes). * net/mlx5e: Prevent bridge link show failure for non-eswitch-allowed devices (git-fixes). * net/mlx5e: SHAMPO, Make reserved size independent of page size (git-fixes). * net/tcp: refactor tcp_inet6_sk() (git-fixes). * net: annotate data-races around sk->sk_dst_pending_confirm (git-fixes). * net: annotate data-races around sk->sk_tx_queue_mapping (git-fixes). * net: blackhole_dev: fix build warning for ethh set but not used (git-fixes). * net: ethtool: Do not call .cleanup_data when prepare_data fails (git-fixes). * net: ethtool: Fix RSS setting (git-fixes). * net: ipv6: fix UDPv6 GSO segmentation with NAT (git-fixes). * net: mana: Switch to page pool for jumbo frames (git-fixes). * net: mark racy access on sk->sk_rcvbuf (git-fixes). * net: phy: leds: fix memory leak (git-fixes). * net: phy: microchip: force IRQ polling mode for lan88xx (git-fixes). * net: sctp: fix skb leak in sctp_inq_free() (git-fixes). * net: set SOCK_RCU_FREE before inserting socket into hashtable (git-fixes). * net: usb: asix_devices: add FiberGecko DeviceID (stable-fixes). * net_sched: drr: Fix double list add in class with netem as child qdisc (git- fixes). * net_sched: ets: Fix double list add in class with netem as child qdisc (git- fixes). * net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (git-fixes). * net_sched: qfq: Fix double list add in class with netem as child qdisc (git- fixes). * netpoll: Use rcu_access_pointer() in netpoll_poll_lock (git-fixes). * nfs: add missing selections of CONFIG_CRC32 (git-fixes). * nfsd: decrease sc_count directly if fail to queue dl_recall (git-fixes). * ntb: reduce stack usage in idt_scan_mws (stable-fixes). * ntb_hw_amd: Add NTB PCI ID for new gen CPU (stable-fixes). * nvme-pci: clean up CMBMSC when registering CMB fails (git-fixes). * nvme-pci: fix stuck reset on concurrent DPC and HP (git-fixes). * nvme-pci: skip CMB blocks incompatible with PCI P2P DMA (git-fixes). * nvme-pci: skip nvme_write_sq_db on empty rqlist (git-fixes). * nvme-tcp: fix possible UAF in nvme_tcp_poll (git-fixes). * nvme/ioctl: do not warn on vectorized uring_cmd with fixed buffer (git- fixes). * nvmet-fcloop: swap list_add_tail arguments (git-fixes). * perf: arm_cspmu: nvidia: enable NVLINK-C2C port filtering (bsc#1242172) * perf: arm_cspmu: nvidia: fix sysfs path in the kernel doc (bsc#1242172) * perf: arm_cspmu: nvidia: monitor all ports by default (bsc#1242172) * perf: arm_cspmu: nvidia: remove unsupported SCF events (bsc#1242172) * phy: freescale: imx8m-pcie: assert phy reset and perst in power off (git- fixes). * pinctrl: renesas: rza2: Fix potential NULL pointer dereference (stable- fixes). * platform/x86/amd/pmc: Declare quirk_spurious_8042 for MECHREVO Wujie 14XA (GX4HRXL) (git-fixes). * platform/x86/amd: pmc: Require at least 2.5 seconds between HW sleep cycles (stable-fixes). * platform/x86/intel-uncore-freq: Fix missing uncore sysfs during CPU hotplug (git-fixes). * platform/x86: asus-wmi: Fix wlan_ctrl_by_user detection (git-fixes). * pm: cpupower: bench: Prevent NULL dereference on malloc failure (stable- fixes). * powercap: intel_rapl: Introduce APIs for PMU support (bsc#1241010). * powercap: intel_rapl_tpmi: Enable PMU support (bsc#1241010). * powerpc/boot: Check for ld-option support (bsc#1215199). * powerpc/boot: Fix dash warning (bsc#1215199). * powerpc: Do not use --- in kernel logs (git-fixes). * pwm: fsl-ftm: Handle clk_get_rate() returning 0 (git-fixes). * pwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config() (git-fixes). * pwm: rcar: Improve register calculation (git-fixes). * rpm/check-for-config-changes: Add GCC_ASM_FLAG_OUTPUT_BROKEN * rpm/kernel-binary.spec.in: Also order against update-bootloader (boo#1228659, boo#1240785, boo#1241038). * rpm/package-descriptions: Add rt and rt_debug descriptions * rtc: pcf85063: do a SW reset if POR failed (stable-fixes). * scsi: core: Use GFP_NOIO to avoid circular locking dependency (git-fixes). * scsi: hisi_sas: Enable force phy when SATA disk directly connected (git- fixes). * scsi: iscsi: Fix missing scsi_host_put() in error path (git-fixes). * scsi: lpfc: Restore clearing of NLP_UNREG_INP in ndlp->nlp_flag (git-fixes). * scsi: mpi3mr: Fix locking in an error path (git-fixes). * scsi: mpt3sas: Fix a locking bug in an error path (git-fixes). * scsi: mpt3sas: Reduce log level of ignore_delay_remove message to KERN_INFO (git-fixes). * scsi: scsi_debug: Remove a reference to in_use_bm (git-fixes). * sctp: Fix undefined behavior in left shift operation (git-fixes). * sctp: add mutual exclusion in proc_sctp_do_udp_port() (git-fixes). * sctp: detect and prevent references to a freed transport in sendmsg (git- fixes). * sctp: ensure sk_state is set to CLOSED if hashing fails in sctp_listen_start (git-fixes). * sctp: fix association labeling in the duplicate COOKIE-ECHO case (git- fixes). * sctp: fix busy polling (git-fixes). * sctp: prefer struct_size over open coded arithmetic (git-fixes). * sctp: support MSG_ERRQUEUE flag in recvmsg() (git-fixes). * selftests/bpf: Add a few tests to cover (git-fixes). * selftests/bpf: extend changes_pkt_data with cases w/o subprograms (bsc#1241590). * selftests/bpf: freplace tests for tracking of changes_packet_data (bsc#1241590). * selftests/bpf: test for changing packet data from global functions (bsc#1241590). * selftests/bpf: validate that tail call invalidates packet pointers (bsc#1241590). * selftests/futex: futex_waitv wouldblock test should fail (git-fixes). * selftests/mm: generate a temporary mountpoint for cgroup filesystem (git- fixes). * serial: msm: Configure correct working mode before starting earlycon (git- fixes). * serial: sifive: lock port in startup()/shutdown() callbacks (git-fixes). * smb: client: fix folio leaks and perf improvements (bsc#1239997, bsc1241265). * sound/virtio: Fix cancel_sync warnings on uninitialized work_structs (stable-fixes). * spi: tegra114: Do not fail set_cs_timing when delays are zero (git-fixes). * spi: tegra210-quad: add rate limiting and simplify timeout error message (stable-fixes). * spi: tegra210-quad: use WARN_ON_ONCE instead of WARN_ON for timeouts (stable-fixes). * splice: remove duplicate noinline from pipe_clear_nowait (bsc#1242328). * staging: axis-fifo: Correct handling of tx_fifo_depth for size validation (git-fixes). * staging: axis-fifo: Remove hardware resets for user errors (git-fixes). * staging: iio: adc: ad7816: Correct conditional logic for store mode (git- fixes). * string: Add load_unaligned_zeropad() code path to sized_strscpy() (git- fixes). * tcp: fix mptcp DSS corruption due to large pmtu xmit (git-fixes). * thunderbolt: Scan retimers after device router has been enumerated (stable- fixes). * tools/hv: update route parsing in kvp daemon (git-fixes). * tools/power turbostat: Increase CPU_SUBSET_MAXCPUS to 8192 (bsc#1241175). * tools/power turbostat: report CoreThr per measurement interval (git-fixes). * tty: n_tty: use uint for space returned by tty_write_room() (git-fixes). * ublk: set_params: properly check if parameters can be applied (git-fixes). * udf: Fix inode_getblk() return value (bsc#1242313). * udf: Skip parent dir link count update if corrupted (bsc#1242315). * udf: Verify inode link counts before performing rename (bsc#1242314). * usb: cdns3: Fix deadlock when using NCM gadget (git-fixes). * usb: cdnsp: fix L1 resume issue for RTL_REVISION_NEW_LPM version (git- fixes). * usb: chipidea: ci_hdrc_imx: fix call balance of regulator routines (git- fixes). * usb: chipidea: ci_hdrc_imx: implement usb_phy_init() error handling (git- fixes). * usb: dwc3: gadget: Avoid using reserved endpoints on Intel Merrifield (stable-fixes). * usb: dwc3: gadget: Refactor loop to avoid NULL endpoints (stable-fixes). * usb: dwc3: gadget: check that event count does not exceed event buffer length (git-fixes). * usb: dwc3: xilinx: Prevent spike in reset signal (git-fixes). * usb: gadget: Use get_status callback to set remote wakeup capability (git- fixes). * usb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev() (stable- fixes). * usb: gadget: f_ecm: Add get_status callback (git-fixes). * usb: gadget: tegra-xudc: ACK ST_RC after clearing CTRL_RUN (git-fixes). * usb: host: max3421-hcd: Add missing spi_device_id table (stable-fixes). * usb: host: tegra: Prevent host controller crash when OTG port is used (git- fixes). * usb: host: xhci-plat: mvebu: use ->quirks instead of ->init_quirk() func (stable-fixes). * usb: quirks: Add delay init quirk for SanDisk 3.2Gen1 Flash Drive (stable- fixes). * usb: quirks: add DELAY_INIT quirk for Silicon Motion Flash Drive (stable- fixes). * usb: typec: tcpm: delay SNK_TRY_WAIT_DEBOUNCE to SRC_TRYWAIT transition (git-fixes). * usb: typec: ucsi: displayport: Fix NULL pointer access (git-fixes). * usb: uhci-platform: Make the clock really optional (git-fixes). * usb: usbtmc: Fix erroneous generic_read ioctl return (git-fixes). * usb: usbtmc: Fix erroneous get_stb ioctl error returns (git-fixes). * usb: usbtmc: Fix erroneous wait_srq ioctl return (git-fixes). * vdpa/mlx5: Fix oversized null mkey longer than 32bit (git-fixes). * vfs: do not mod negative dentry count when on shrinker list (bsc#1242534). * virtchnl: make proto and filter action count unsigned (git-fixes). * vmxnet3: Fix tx queue race condition with XDP (bsc#1241394). * vmxnet3: unregister xdp rxq info in the reset path (bsc#1241394). * wifi: at76c50x: fix use after free access in at76_disconnect (git-fixes). * wifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi (stable-fixes). * wifi: ath12k: Fix invalid entry fetch in ath12k_dp_mon_srng_process (stable- fixes). * wifi: brcm80211: fmac: Add error handling for brcmf_usb_dl_writeimage() (git-fixes). * wifi: cfg80211: fix out-of-bounds access during multi-link element defragmentation (git-fixes). * wifi: mac80211: Purge vif txq in ieee80211_do_stop() (git-fixes). * wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue() (git-fixes). * wifi: mt76: mt76x2u: add TP-Link TL-WDN6200 ID to device table (stable- fixes). * wifi: plfxlc: Remove erroneous assert in plfxlc_mac_release (git-fixes). * wifi: wl1251: fix memory leak in wl1251_tx_work (git-fixes). * x86/bhi: Do not set BHI_DIS_S in 32-bit mode (bsc#1242778). * x86/bpf: Add IBHF call at end of classic BPF (bsc#1242778). * x86/bpf: Call branch history clearing sequence on exit (bsc#1242778). * x86/bugs: Add RSB mitigation document (git-fixes). * x86/bugs: Do not fill RSB on VMEXIT with eIBRS+retpoline (git-fixes). * x86/bugs: Do not fill RSB on context switch with eIBRS (git-fixes). * x86/bugs: Fix RSB clearing in indirect_branch_prediction_barrier() (git- fixes). * x86/bugs: Rename entry_ibpb() to write_ibpb() (git-fixes). * x86/bugs: Use SBPB in write_ibpb() if applicable (git-fixes). * x86/dumpstack: Fix inaccurate unwinding from exception stacks due to misplaced assignment (git-fixes). * x86/entry: Fix ORC unwinder for PUSH_REGS with save_ret=1 (git-fixes). * x86/hyperv: Fix check of return value from snp_set_vmsa() (git-fixes). * x86/microcode/AMD: Fix a -Wsometimes-uninitialized clang false positive (git-fixes). * x86/microcode/AMD: Flush patch buffer mapping after application (git-fixes). * x86/microcode/AMD: Pay attention to the stepping dynamically (git-fixes). * x86/microcode/AMD: Split load_microcode_amd() (git-fixes). * x86/microcode/AMD: Use the family,model,stepping encoded in the patch ID (git-fixes). * x86/microcode/intel: Set new revision only after a successful update (git- fixes). * x86/microcode: Remove the driver announcement and version (git-fixes). * x86/microcode: Rework early revisions reporting (git-fixes). * x86/paravirt: Move halt paravirt calls under CONFIG_PARAVIRT (git-fixes). * x86/tdx: Emit warning if IRQs are enabled during HLT #VE handling (git- fixes). * x86/tdx: Fix arch_safe_halt() execution for TDX VMs (git-fixes). * x86/uaccess: Improve performance by aligning writes to 8 bytes in copy_user_generic(), on non-FSRM/ERMS CPUs (git-fixes). * xfs: flush inodegc before swapon (git-fixes). * xhci: Clean up stale comment on ERST_SIZE macro (stable-fixes). * zap_pid_ns_processes: clear TIF_NOTIFY_SIGNAL along with TIF_SIGPENDING (bsc#1241167). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-23=1 * SUSE Linux Micro Extras 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-23=1 ## Package List: * SUSE Linux Micro 6.0 (noarch) * kernel-devel-rt-6.4.0-31.1 * kernel-source-rt-6.4.0-31.1 * SUSE Linux Micro 6.0 (nosrc x86_64) * kernel-rt-6.4.0-31.1 * SUSE Linux Micro 6.0 (x86_64) * kernel-livepatch-MICRO-6-0-RT_Update_8-debugsource-1-1.2 * kernel-rt-debuginfo-6.4.0-31.1 * kernel-livepatch-6_4_0-31-rt-1-1.2 * kernel-rt-livepatch-6.4.0-31.1 * kernel-livepatch-6_4_0-31-rt-debuginfo-1-1.2 * kernel-rt-debugsource-6.4.0-31.1 * SUSE Linux Micro Extras 6.0 (nosrc) * kernel-rt-6.4.0-31.1 * SUSE Linux Micro Extras 6.0 (x86_64) * kernel-rt-devel-debuginfo-6.4.0-31.1 * kernel-rt-debugsource-6.4.0-31.1 * kernel-rt-devel-6.4.0-31.1 ## References: * https://www.suse.com/security/cve/CVE-2023-53034.html * https://www.suse.com/security/cve/CVE-2024-27018.html * https://www.suse.com/security/cve/CVE-2024-27415.html * https://www.suse.com/security/cve/CVE-2024-28956.html * https://www.suse.com/security/cve/CVE-2024-35840.html * https://www.suse.com/security/cve/CVE-2024-46763.html * https://www.suse.com/security/cve/CVE-2024-46865.html * https://www.suse.com/security/cve/CVE-2024-50083.html * https://www.suse.com/security/cve/CVE-2024-50162.html * https://www.suse.com/security/cve/CVE-2024-50163.html * https://www.suse.com/security/cve/CVE-2024-56641.html * https://www.suse.com/security/cve/CVE-2024-56702.html * https://www.suse.com/security/cve/CVE-2024-57924.html * https://www.suse.com/security/cve/CVE-2024-57998.html * https://www.suse.com/security/cve/CVE-2024-58001.html * https://www.suse.com/security/cve/CVE-2024-58068.html * https://www.suse.com/security/cve/CVE-2024-58070.html * https://www.suse.com/security/cve/CVE-2024-58088.html * https://www.suse.com/security/cve/CVE-2024-58093.html * https://www.suse.com/security/cve/CVE-2024-58094.html * https://www.suse.com/security/cve/CVE-2024-58095.html * https://www.suse.com/security/cve/CVE-2024-58096.html * https://www.suse.com/security/cve/CVE-2024-58097.html * https://www.suse.com/security/cve/CVE-2025-21683.html * https://www.suse.com/security/cve/CVE-2025-21696.html * https://www.suse.com/security/cve/CVE-2025-21707.html * https://www.suse.com/security/cve/CVE-2025-21758.html * https://www.suse.com/security/cve/CVE-2025-21768.html * https://www.suse.com/security/cve/CVE-2025-21792.html * https://www.suse.com/security/cve/CVE-2025-21808.html * https://www.suse.com/security/cve/CVE-2025-21812.html * https://www.suse.com/security/cve/CVE-2025-21833.html * https://www.suse.com/security/cve/CVE-2025-21852.html * https://www.suse.com/security/cve/CVE-2025-21853.html * https://www.suse.com/security/cve/CVE-2025-21854.html * https://www.suse.com/security/cve/CVE-2025-21867.html * https://www.suse.com/security/cve/CVE-2025-21904.html * https://www.suse.com/security/cve/CVE-2025-21925.html * https://www.suse.com/security/cve/CVE-2025-21926.html * https://www.suse.com/security/cve/CVE-2025-21931.html * https://www.suse.com/security/cve/CVE-2025-21962.html * https://www.suse.com/security/cve/CVE-2025-21963.html * https://www.suse.com/security/cve/CVE-2025-21964.html * https://www.suse.com/security/cve/CVE-2025-21980.html * https://www.suse.com/security/cve/CVE-2025-21985.html * https://www.suse.com/security/cve/CVE-2025-21999.html * https://www.suse.com/security/cve/CVE-2025-22004.html * https://www.suse.com/security/cve/CVE-2025-22015.html * https://www.suse.com/security/cve/CVE-2025-22016.html * https://www.suse.com/security/cve/CVE-2025-22017.html * https://www.suse.com/security/cve/CVE-2025-22018.html * https://www.suse.com/security/cve/CVE-2025-22020.html * https://www.suse.com/security/cve/CVE-2025-22025.html * https://www.suse.com/security/cve/CVE-2025-22027.html * https://www.suse.com/security/cve/CVE-2025-22029.html * https://www.suse.com/security/cve/CVE-2025-22033.html * https://www.suse.com/security/cve/CVE-2025-22036.html * https://www.suse.com/security/cve/CVE-2025-22044.html * https://www.suse.com/security/cve/CVE-2025-22045.html * https://www.suse.com/security/cve/CVE-2025-22050.html * https://www.suse.com/security/cve/CVE-2025-22053.html * https://www.suse.com/security/cve/CVE-2025-22055.html * https://www.suse.com/security/cve/CVE-2025-22058.html * https://www.suse.com/security/cve/CVE-2025-22060.html * https://www.suse.com/security/cve/CVE-2025-22062.html * https://www.suse.com/security/cve/CVE-2025-22064.html * https://www.suse.com/security/cve/CVE-2025-22065.html * https://www.suse.com/security/cve/CVE-2025-22075.html * https://www.suse.com/security/cve/CVE-2025-22080.html * https://www.suse.com/security/cve/CVE-2025-22086.html * https://www.suse.com/security/cve/CVE-2025-22088.html * https://www.suse.com/security/cve/CVE-2025-22090.html * https://www.suse.com/security/cve/CVE-2025-22093.html * https://www.suse.com/security/cve/CVE-2025-22097.html * https://www.suse.com/security/cve/CVE-2025-22102.html * https://www.suse.com/security/cve/CVE-2025-22104.html * https://www.suse.com/security/cve/CVE-2025-22105.html * https://www.suse.com/security/cve/CVE-2025-22106.html * https://www.suse.com/security/cve/CVE-2025-22107.html * https://www.suse.com/security/cve/CVE-2025-22108.html * https://www.suse.com/security/cve/CVE-2025-22109.html * https://www.suse.com/security/cve/CVE-2025-22115.html * https://www.suse.com/security/cve/CVE-2025-22116.html * https://www.suse.com/security/cve/CVE-2025-22121.html * https://www.suse.com/security/cve/CVE-2025-22128.html * https://www.suse.com/security/cve/CVE-2025-23129.html * https://www.suse.com/security/cve/CVE-2025-23131.html * https://www.suse.com/security/cve/CVE-2025-23133.html * https://www.suse.com/security/cve/CVE-2025-23136.html * https://www.suse.com/security/cve/CVE-2025-23138.html * https://www.suse.com/security/cve/CVE-2025-23145.html * https://www.suse.com/security/cve/CVE-2025-37785.html * https://www.suse.com/security/cve/CVE-2025-37798.html * https://www.suse.com/security/cve/CVE-2025-37799.html * https://www.suse.com/security/cve/CVE-2025-37860.html * https://www.suse.com/security/cve/CVE-2025-39728.html * https://bugzilla.suse.com/show_bug.cgi?id=1215199 * https://bugzilla.suse.com/show_bug.cgi?id=1223809 * https://bugzilla.suse.com/show_bug.cgi?id=1224013 * https://bugzilla.suse.com/show_bug.cgi?id=1224597 * https://bugzilla.suse.com/show_bug.cgi?id=1224757 * https://bugzilla.suse.com/show_bug.cgi?id=1228659 * https://bugzilla.suse.com/show_bug.cgi?id=1230764 * https://bugzilla.suse.com/show_bug.cgi?id=1231103 * https://bugzilla.suse.com/show_bug.cgi?id=1232493 * https://bugzilla.suse.com/show_bug.cgi?id=1233075 * https://bugzilla.suse.com/show_bug.cgi?id=1233098 * https://bugzilla.suse.com/show_bug.cgi?id=1235501 * https://bugzilla.suse.com/show_bug.cgi?id=1235526 * https://bugzilla.suse.com/show_bug.cgi?id=1236086 * https://bugzilla.suse.com/show_bug.cgi?id=1236704 * https://bugzilla.suse.com/show_bug.cgi?id=1237111 * https://bugzilla.suse.com/show_bug.cgi?id=1238212 * https://bugzilla.suse.com/show_bug.cgi?id=1238471 * https://bugzilla.suse.com/show_bug.cgi?id=1238527 * https://bugzilla.suse.com/show_bug.cgi?id=1238714 * https://bugzilla.suse.com/show_bug.cgi?id=1238737 * https://bugzilla.suse.com/show_bug.cgi?id=1238742 * https://bugzilla.suse.com/show_bug.cgi?id=1238745 * https://bugzilla.suse.com/show_bug.cgi?id=1238862 * https://bugzilla.suse.com/show_bug.cgi?id=1238961 * https://bugzilla.suse.com/show_bug.cgi?id=1238983 * https://bugzilla.suse.com/show_bug.cgi?id=1239079 * https://bugzilla.suse.com/show_bug.cgi?id=1239108 * https://bugzilla.suse.com/show_bug.cgi?id=1239470 * https://bugzilla.suse.com/show_bug.cgi?id=1239476 * https://bugzilla.suse.com/show_bug.cgi?id=1239487 * https://bugzilla.suse.com/show_bug.cgi?id=1239510 * https://bugzilla.suse.com/show_bug.cgi?id=1239997 * https://bugzilla.suse.com/show_bug.cgi?id=1240181 * https://bugzilla.suse.com/show_bug.cgi?id=1240557 * https://bugzilla.suse.com/show_bug.cgi?id=1240576 * https://bugzilla.suse.com/show_bug.cgi?id=1240655 * https://bugzilla.suse.com/show_bug.cgi?id=1240709 * https://bugzilla.suse.com/show_bug.cgi?id=1240712 * https://bugzilla.suse.com/show_bug.cgi?id=1240713 * https://bugzilla.suse.com/show_bug.cgi?id=1240717 * https://bugzilla.suse.com/show_bug.cgi?id=1240740 * https://bugzilla.suse.com/show_bug.cgi?id=1240785 * https://bugzilla.suse.com/show_bug.cgi?id=1240802 * https://bugzilla.suse.com/show_bug.cgi?id=1240809 * https://bugzilla.suse.com/show_bug.cgi?id=1240811 * https://bugzilla.suse.com/show_bug.cgi?id=1240835 * https://bugzilla.suse.com/show_bug.cgi?id=1240934 * https://bugzilla.suse.com/show_bug.cgi?id=1240936 * https://bugzilla.suse.com/show_bug.cgi?id=1240944 * https://bugzilla.suse.com/show_bug.cgi?id=1241010 * https://bugzilla.suse.com/show_bug.cgi?id=1241038 * https://bugzilla.suse.com/show_bug.cgi?id=1241051 * https://bugzilla.suse.com/show_bug.cgi?id=1241123 * https://bugzilla.suse.com/show_bug.cgi?id=1241151 * https://bugzilla.suse.com/show_bug.cgi?id=1241167 * https://bugzilla.suse.com/show_bug.cgi?id=1241175 * https://bugzilla.suse.com/show_bug.cgi?id=1241204 * https://bugzilla.suse.com/show_bug.cgi?id=1241250 * https://bugzilla.suse.com/show_bug.cgi?id=1241265 * https://bugzilla.suse.com/show_bug.cgi?id=1241266 * https://bugzilla.suse.com/show_bug.cgi?id=1241280 * https://bugzilla.suse.com/show_bug.cgi?id=1241332 * https://bugzilla.suse.com/show_bug.cgi?id=1241333 * https://bugzilla.suse.com/show_bug.cgi?id=1241341 * https://bugzilla.suse.com/show_bug.cgi?id=1241343 * https://bugzilla.suse.com/show_bug.cgi?id=1241344 * https://bugzilla.suse.com/show_bug.cgi?id=1241347 * https://bugzilla.suse.com/show_bug.cgi?id=1241357 * https://bugzilla.suse.com/show_bug.cgi?id=1241361 * https://bugzilla.suse.com/show_bug.cgi?id=1241369 * https://bugzilla.suse.com/show_bug.cgi?id=1241371 * https://bugzilla.suse.com/show_bug.cgi?id=1241373 * https://bugzilla.suse.com/show_bug.cgi?id=1241378 * https://bugzilla.suse.com/show_bug.cgi?id=1241394 * https://bugzilla.suse.com/show_bug.cgi?id=1241402 * https://bugzilla.suse.com/show_bug.cgi?id=1241412 * https://bugzilla.suse.com/show_bug.cgi?id=1241413 * https://bugzilla.suse.com/show_bug.cgi?id=1241416 * https://bugzilla.suse.com/show_bug.cgi?id=1241424 * https://bugzilla.suse.com/show_bug.cgi?id=1241426 * https://bugzilla.suse.com/show_bug.cgi?id=1241433 * https://bugzilla.suse.com/show_bug.cgi?id=1241436 * https://bugzilla.suse.com/show_bug.cgi?id=1241441 * https://bugzilla.suse.com/show_bug.cgi?id=1241442 * https://bugzilla.suse.com/show_bug.cgi?id=1241443 * https://bugzilla.suse.com/show_bug.cgi?id=1241451 * https://bugzilla.suse.com/show_bug.cgi?id=1241452 * https://bugzilla.suse.com/show_bug.cgi?id=1241456 * https://bugzilla.suse.com/show_bug.cgi?id=1241458 * https://bugzilla.suse.com/show_bug.cgi?id=1241459 * https://bugzilla.suse.com/show_bug.cgi?id=1241526 * https://bugzilla.suse.com/show_bug.cgi?id=1241528 * https://bugzilla.suse.com/show_bug.cgi?id=1241537 * https://bugzilla.suse.com/show_bug.cgi?id=1241541 * https://bugzilla.suse.com/show_bug.cgi?id=1241545 * https://bugzilla.suse.com/show_bug.cgi?id=1241547 * https://bugzilla.suse.com/show_bug.cgi?id=1241548 * https://bugzilla.suse.com/show_bug.cgi?id=1241550 * https://bugzilla.suse.com/show_bug.cgi?id=1241573 * https://bugzilla.suse.com/show_bug.cgi?id=1241574 * https://bugzilla.suse.com/show_bug.cgi?id=1241575 * https://bugzilla.suse.com/show_bug.cgi?id=1241578 * https://bugzilla.suse.com/show_bug.cgi?id=1241590 * https://bugzilla.suse.com/show_bug.cgi?id=1241593 * https://bugzilla.suse.com/show_bug.cgi?id=1241598 * https://bugzilla.suse.com/show_bug.cgi?id=1241599 * https://bugzilla.suse.com/show_bug.cgi?id=1241601 * https://bugzilla.suse.com/show_bug.cgi?id=1241626 * https://bugzilla.suse.com/show_bug.cgi?id=1241640 * https://bugzilla.suse.com/show_bug.cgi?id=1241648 * https://bugzilla.suse.com/show_bug.cgi?id=1242006 * https://bugzilla.suse.com/show_bug.cgi?id=1242044 * https://bugzilla.suse.com/show_bug.cgi?id=1242172 * https://bugzilla.suse.com/show_bug.cgi?id=1242283 * https://bugzilla.suse.com/show_bug.cgi?id=1242307 * https://bugzilla.suse.com/show_bug.cgi?id=1242313 * https://bugzilla.suse.com/show_bug.cgi?id=1242314 * https://bugzilla.suse.com/show_bug.cgi?id=1242315 * https://bugzilla.suse.com/show_bug.cgi?id=1242321 * https://bugzilla.suse.com/show_bug.cgi?id=1242326 * https://bugzilla.suse.com/show_bug.cgi?id=1242327 * https://bugzilla.suse.com/show_bug.cgi?id=1242328 * https://bugzilla.suse.com/show_bug.cgi?id=1242332 * https://bugzilla.suse.com/show_bug.cgi?id=1242333 * https://bugzilla.suse.com/show_bug.cgi?id=1242335 * https://bugzilla.suse.com/show_bug.cgi?id=1242336 * https://bugzilla.suse.com/show_bug.cgi?id=1242342 * https://bugzilla.suse.com/show_bug.cgi?id=1242343 * https://bugzilla.suse.com/show_bug.cgi?id=1242344 * https://bugzilla.suse.com/show_bug.cgi?id=1242345 * https://bugzilla.suse.com/show_bug.cgi?id=1242346 * https://bugzilla.suse.com/show_bug.cgi?id=1242347 * https://bugzilla.suse.com/show_bug.cgi?id=1242348 * https://bugzilla.suse.com/show_bug.cgi?id=1242414 * https://bugzilla.suse.com/show_bug.cgi?id=1242526 * https://bugzilla.suse.com/show_bug.cgi?id=1242528 * https://bugzilla.suse.com/show_bug.cgi?id=1242534 * https://bugzilla.suse.com/show_bug.cgi?id=1242535 * https://bugzilla.suse.com/show_bug.cgi?id=1242536 * https://bugzilla.suse.com/show_bug.cgi?id=1242537 * https://bugzilla.suse.com/show_bug.cgi?id=1242538 * https://bugzilla.suse.com/show_bug.cgi?id=1242539 * https://bugzilla.suse.com/show_bug.cgi?id=1242540 * https://bugzilla.suse.com/show_bug.cgi?id=1242546 * https://bugzilla.suse.com/show_bug.cgi?id=1242556 * https://bugzilla.suse.com/show_bug.cgi?id=1242596 * https://bugzilla.suse.com/show_bug.cgi?id=1242710 * https://bugzilla.suse.com/show_bug.cgi?id=1242778 * https://bugzilla.suse.com/show_bug.cgi?id=1242831 * https://bugzilla.suse.com/show_bug.cgi?id=1242985 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 16:35:20 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 16:35:20 -0000 Subject: SUSE-SU-2025:20343-1: important: Security update for the Linux Kernel Message-ID: <174853652014.5267.5036946619681950448@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:20343-1 Release Date: May 23, 2025, 7:19 a.m. Rating: important References: * bsc#1215199 * bsc#1223809 * bsc#1224013 * bsc#1224597 * bsc#1224757 * bsc#1228659 * bsc#1230764 * bsc#1231103 * bsc#1232493 * bsc#1233075 * bsc#1233098 * bsc#1235501 * bsc#1235526 * bsc#1236086 * bsc#1236704 * bsc#1237111 * bsc#1238212 * bsc#1238471 * bsc#1238527 * bsc#1238714 * bsc#1238737 * bsc#1238742 * bsc#1238745 * bsc#1238862 * bsc#1238961 * bsc#1238983 * bsc#1239079 * bsc#1239108 * bsc#1239470 * bsc#1239476 * bsc#1239487 * bsc#1239510 * bsc#1239997 * bsc#1240181 * bsc#1240557 * bsc#1240576 * bsc#1240655 * bsc#1240709 * bsc#1240712 * bsc#1240713 * bsc#1240717 * bsc#1240740 * bsc#1240785 * bsc#1240802 * bsc#1240809 * bsc#1240811 * bsc#1240835 * bsc#1240934 * bsc#1240936 * bsc#1240944 * bsc#1241010 * bsc#1241038 * bsc#1241051 * bsc#1241123 * bsc#1241151 * bsc#1241167 * bsc#1241175 * bsc#1241204 * bsc#1241250 * bsc#1241265 * bsc#1241266 * bsc#1241280 * bsc#1241332 * bsc#1241333 * bsc#1241341 * bsc#1241343 * bsc#1241344 * bsc#1241347 * bsc#1241357 * bsc#1241361 * bsc#1241369 * bsc#1241371 * bsc#1241373 * bsc#1241378 * bsc#1241394 * bsc#1241402 * bsc#1241412 * bsc#1241413 * bsc#1241416 * bsc#1241424 * bsc#1241426 * bsc#1241433 * bsc#1241436 * bsc#1241441 * bsc#1241442 * bsc#1241443 * bsc#1241451 * bsc#1241452 * bsc#1241456 * bsc#1241458 * bsc#1241459 * bsc#1241526 * bsc#1241528 * bsc#1241537 * bsc#1241541 * bsc#1241545 * bsc#1241547 * bsc#1241548 * bsc#1241550 * bsc#1241573 * bsc#1241574 * bsc#1241575 * bsc#1241578 * bsc#1241590 * bsc#1241593 * bsc#1241598 * bsc#1241599 * bsc#1241601 * bsc#1241626 * bsc#1241640 * bsc#1241648 * bsc#1242006 * bsc#1242044 * bsc#1242172 * bsc#1242283 * bsc#1242307 * bsc#1242313 * bsc#1242314 * bsc#1242315 * bsc#1242321 * bsc#1242326 * bsc#1242327 * bsc#1242328 * bsc#1242332 * bsc#1242333 * bsc#1242335 * bsc#1242336 * bsc#1242342 * bsc#1242343 * bsc#1242344 * bsc#1242345 * bsc#1242346 * bsc#1242347 * bsc#1242348 * bsc#1242414 * bsc#1242526 * bsc#1242528 * bsc#1242534 * bsc#1242535 * bsc#1242536 * bsc#1242537 * bsc#1242538 * bsc#1242539 * bsc#1242540 * bsc#1242546 * bsc#1242556 * bsc#1242596 * bsc#1242710 * bsc#1242778 * bsc#1242831 * bsc#1242985 Cross-References: * CVE-2023-53034 * CVE-2024-27018 * CVE-2024-27415 * CVE-2024-28956 * CVE-2024-35840 * CVE-2024-46763 * CVE-2024-46865 * CVE-2024-50083 * CVE-2024-50162 * CVE-2024-50163 * CVE-2024-56641 * CVE-2024-56702 * CVE-2024-57924 * CVE-2024-57998 * CVE-2024-58001 * CVE-2024-58068 * CVE-2024-58070 * CVE-2024-58088 * CVE-2024-58093 * CVE-2024-58094 * CVE-2024-58095 * CVE-2024-58096 * CVE-2024-58097 * CVE-2025-21683 * CVE-2025-21696 * CVE-2025-21707 * CVE-2025-21758 * CVE-2025-21768 * CVE-2025-21792 * CVE-2025-21808 * CVE-2025-21812 * CVE-2025-21833 * CVE-2025-21852 * CVE-2025-21853 * CVE-2025-21854 * CVE-2025-21867 * CVE-2025-21904 * CVE-2025-21925 * CVE-2025-21926 * CVE-2025-21931 * CVE-2025-21962 * CVE-2025-21963 * CVE-2025-21964 * CVE-2025-21980 * CVE-2025-21985 * CVE-2025-21999 * CVE-2025-22004 * CVE-2025-22015 * CVE-2025-22016 * CVE-2025-22017 * CVE-2025-22018 * CVE-2025-22020 * CVE-2025-22025 * CVE-2025-22027 * CVE-2025-22029 * CVE-2025-22033 * CVE-2025-22036 * CVE-2025-22044 * CVE-2025-22045 * CVE-2025-22050 * CVE-2025-22053 * CVE-2025-22055 * CVE-2025-22058 * CVE-2025-22060 * CVE-2025-22062 * CVE-2025-22064 * CVE-2025-22065 * CVE-2025-22075 * CVE-2025-22080 * CVE-2025-22086 * CVE-2025-22088 * CVE-2025-22090 * CVE-2025-22093 * CVE-2025-22097 * CVE-2025-22102 * CVE-2025-22104 * CVE-2025-22105 * CVE-2025-22106 * CVE-2025-22107 * CVE-2025-22108 * CVE-2025-22109 * CVE-2025-22115 * CVE-2025-22116 * CVE-2025-22121 * CVE-2025-22128 * CVE-2025-23129 * CVE-2025-23131 * CVE-2025-23133 * CVE-2025-23136 * CVE-2025-23138 * CVE-2025-23145 * CVE-2025-37785 * CVE-2025-37798 * CVE-2025-37799 * CVE-2025-37860 * CVE-2025-39728 CVSS scores: * CVE-2023-53034 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2023-53034 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-27018 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27018 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27415 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L * CVE-2024-28956 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-28956 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-28956 ( NVD ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-28956 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-35840 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46763 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46763 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46865 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46865 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-50083 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50083 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50162 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50162 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50162 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50163 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50163 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50163 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56641 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56641 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56702 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56702 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56702 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57924 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-57924 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57998 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58001 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-58001 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-58068 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58068 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58070 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58070 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58088 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-58088 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58088 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58093 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-58093 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58094 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-58094 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58095 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-58095 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58096 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-58096 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-58097 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-58097 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58097 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21683 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-21683 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-21683 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21696 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21696 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21707 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21707 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21758 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21768 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21792 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21808 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21812 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21812 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21812 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21833 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21833 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21833 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21852 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21852 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21853 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21853 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21854 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21854 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21867 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21867 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21904 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21904 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21904 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21925 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21925 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21926 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21926 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21931 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21931 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21962 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-21962 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-21962 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21963 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21963 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21963 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21964 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21964 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21964 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21980 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21980 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21980 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21985 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21985 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21999 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21999 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21999 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22004 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22004 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22015 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22015 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22016 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22016 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22017 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22017 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22018 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22018 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22018 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22020 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22020 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22020 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22025 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-22025 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-22027 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22027 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22027 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22029 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22029 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22033 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22033 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22033 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22036 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22036 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22036 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22044 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22044 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22045 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22045 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22050 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22050 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22053 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22053 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22055 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22055 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-22058 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-22058 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-22060 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22060 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22062 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22062 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22062 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22064 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22064 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22065 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22065 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22065 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22075 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22075 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22080 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22080 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22080 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22086 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22086 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22088 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22088 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22088 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22090 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22090 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22093 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22093 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22097 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22097 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-22097 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22102 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22102 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22104 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22104 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-22105 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22105 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22106 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22106 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22107 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-22107 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H * CVE-2025-22108 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-22108 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2025-22109 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22109 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22115 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22115 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22116 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-22116 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2025-22121 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22121 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22128 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22128 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23129 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-23129 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23131 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-23131 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23133 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-23133 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-23136 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-23136 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23136 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23138 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-23138 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23145 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-23145 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37785 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37785 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H * CVE-2025-37785 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-37798 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37799 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37860 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37860 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37860 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-39728 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-39728 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-39728 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.0 * SUSE Linux Micro Extras 6.0 An update that solves 96 vulnerabilities and has 55 fixes can now be installed. ## Description: The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-28956: x86/ibt: Keep IBT disabled during alternative patching (bsc#1242006). * CVE-2024-35840: mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect() (bsc#1224597). * CVE-2024-50162: bpf: selftests: send packet to devmap redirect XDP (bsc#1233075). * CVE-2024-50163: bpf: Make sure internal and UAPI bpf_redirect flags do not overlap (bsc#1233098). * CVE-2024-57924: fs: relax assertions on failure to encode file handles (bsc#1236086). * CVE-2024-58068: OPP: fix dev_pm_opp_find_bw_*() when bandwidth table not initialized (bsc#1238961). * CVE-2024-58070: bpf: bpf_local_storage: Always use bpf_mem_alloc in PREEMPT_RT (bsc#1238983). * CVE-2024-58088: bpf: Fix deadlock when freeing cgroup storage (bsc#1239510). * CVE-2025-21683: bpf: Fix bpf_sk_select_reuseport() memory leak (bsc#1236704). * CVE-2025-21696: mm: clear uffd-wp PTE/PMD state on mremap() (bsc#1237111). * CVE-2025-21707: mptcp: consolidate suboption status (bsc#1238862). * CVE-2025-21758: ipv6: mcast: add RCU protection to mld_newpack() (bsc#1238737). * CVE-2025-21768: net: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels (bsc#1238714). * CVE-2025-21792: ax25: Fix refcount leak caused by setting SO_BINDTODEVICE sockopt (bsc#1238745). * CVE-2025-21808: net: xdp: Disallow attaching device-bound programs in generic mode (bsc#1238742). * CVE-2025-21812: ax25: rcu protect dev->ax25_ptr (bsc#1238471). * CVE-2025-21833: iommu/vt-d: Avoid use of NULL after WARN_ON_ONCE (bsc#1239108). * CVE-2025-21854: selftest/bpf: Add vsock test for sockmap rejecting unconnected (bsc#1239470). * CVE-2025-21867: bpf, test_run: Fix use-after-free issue in eth_skb_pkt_type() (bsc#1240181). * CVE-2025-21904: caif_virtio: fix wrong pointer check in cfv_probe() (bsc#1240576). * CVE-2025-21925: llc: do not use skb_get() before dev_queue_xmit() (bsc#1240713). * CVE-2025-21926: net: gso: fix ownership in __udp_gso_segment (bsc#1240712). * CVE-2025-21931: hwpoison, memory_hotplug: lock folio before unmap hwpoisoned folio (bsc#1240709). * CVE-2025-21962: cifs: Fix integer overflow while processing closetimeo mount option (bsc#1240655). * CVE-2025-21963: cifs: Fix integer overflow while processing acdirmax mount option (bsc#1240717). * CVE-2025-21964: cifs: Fix integer overflow while processing acregmax mount option (bsc#1240740). * CVE-2025-21980: sched: address a potential NULL pointer dereference in the GRED scheduler (bsc#1240809). * CVE-2025-21985: drm/amd/display: Fix out-of-bound accesses (bsc#1240811). * CVE-2025-21999: proc: fix UAF in proc_get_inode() (bsc#1240802). * CVE-2025-22004: net: atm: fix use after free in lec_send() (bsc#1240835). * CVE-2025-22015: mm/migrate: fix shmem xarray update during migration (bsc#1240944). * CVE-2025-22016: dpll: fix xa_alloc_cyclic() error handling (bsc#1240934). * CVE-2025-22017: devlink: fix xa_alloc_cyclic() error handling (bsc#1240936). * CVE-2025-22018: atm: Fix NULL pointer dereference (bsc#1241266). * CVE-2025-22029: exec: fix the racy usage of fs_struct->in_exec (bsc#1241378). * CVE-2025-22036: exfat: fix random stack corruption after get_block (bsc#1241426). * CVE-2025-22045: x86/mm: Fix flush_tlb_range() when used for zapping normal PMDs (bsc#1241433). * CVE-2025-22053: net: ibmveth: make veth_pool_store stop hanging (bsc#1241373). * CVE-2025-22055: net: fix geneve_opt length integer overflow (bsc#1241371). * CVE-2025-22058: udp: Fix memory accounting leak (bsc#1241332). * CVE-2025-22060: net: mvpp2: Prevent parser TCAM memory corruption (bsc#1241526). * CVE-2025-22064: netfilter: nf_tables: do not unregister hook when table is dormant (bsc#1241413). * CVE-2025-22080: fs/ntfs3: Prevent integer overflow in hdr_first_de() (bsc#1241416). * CVE-2025-22090: mm: (un)track_pfn_copy() fix + doc improvements (bsc#1241537). * CVE-2025-22102: Bluetooth: btnxpuart: Fix kernel panic during FW release (bsc#1241456). * CVE-2025-22104: ibmvnic: Use kernel helpers for hex dumps (bsc#1241550). * CVE-2025-22105, CVE-2025-37860: Add missing bugzilla references (bsc#1241452 bsc#1241548). * CVE-2025-22107: net: dsa: sja1105: fix kasan out-of-bounds warning in sja1105_table_delete_entry() (bsc#1241575). * CVE-2025-22109: ax25: Remove broken autobind (bsc#1241573). * CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241578). * CVE-2025-22121: ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all() (bsc#1241593). * CVE-2025-23133: wifi: ath11k: update channel list in reg notifier instead reg worker (bsc#1241451). * CVE-2025-23138: watch_queue: fix pipe accounting mismatch (bsc#1241648). * CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242596). * CVE-2025-37785: ext4: fix OOB read when checking dotdot dir (bsc#1241640). * CVE-2025-37798: codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() (bsc#1242414). * CVE-2025-37799: vmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp (bsc#1242283). * CVE-2025-39728: clk: samsung: Fix UBSAN panic in samsung_clk_init() (bsc#1241626). The following non-security bugs were fixed: * ACPI PPTT: Fix coding mistakes in a couple of sizeof() calls (stable-fixes). * ACPI: EC: Set ec_no_wakeup for Lenovo Go S (stable-fixes). * ALSA: hda/realtek - Enable speaker for HP platform (git-fixes). * ALSA: hda/realtek - Fixed ASUS platform headset Mic issue (git-fixes). * ALSA: hda/realtek: Fix built-mic regression on other ASUS models (git- fixes). * ALSA: hda: intel: Add Lenovo IdeaPad Z570 to probe denylist (stable-fixes). * ALSA: hda: intel: Fix Optimus when GPU has no sound (stable-fixes). * ALSA: ump: Fix buffer overflow at UMP SysEx message conversion (bsc#1242044). * ALSA: usb-audio: Add retry on -EPROTO from usb_set_interface() (stable- fixes). * ALSA: usb-audio: Add second USB ID for Jabra Evolve 65 headset (stable- fixes). * ALSA: usb-audio: Fix CME quirk for UF series keyboards (stable-fixes). * ASoC: Intel: avs: Fix null-ptr-deref in avs_component_probe() (git-fixes). * ASoC: SOF: topology: Use krealloc_array() to replace krealloc() (stable- fixes). * ASoC: Use of_property_read_bool() (stable-fixes). * ASoC: amd: Add DMI quirk for ACP6X mic support (stable-fixes). * ASoC: amd: yc: update quirk data for new Lenovo model (stable-fixes). * ASoC: codecs:lpass-wsa-macro: Fix logic of enabling vi channels (git-fixes). * ASoC: codecs:lpass-wsa-macro: Fix vi feedback rate (git-fixes). * ASoC: fsl_audmix: register card device depends on 'dais' property (stable- fixes). * ASoC: qcom: Fix sc7280 lpass potential buffer overflow (git-fixes). * ASoC: soc-core: Stop using of_property_read_bool() for non-boolean properties (stable-fixes). * ASoC: soc-pcm: Fix hw_params() and DAPM widget sequence (git-fixes). * Bluetooth: btrtl: Prevent potential NULL dereference (git-fixes). * Bluetooth: btusb: avoid NULL pointer dereference in skb_dequeue() (git- fixes). * Bluetooth: hci_event: Fix sending MGMT_EV_DEVICE_FOUND for invalid address (git-fixes). * Bluetooth: hci_uart: Fix another race during initialization (git-fixes). * Bluetooth: hci_uart: fix race during initialization (stable-fixes). * Bluetooth: l2cap: Check encryption key size on incoming connection (git- fixes). * Bluetooth: l2cap: Process valid commands in too long frame (stable-fixes). * Bluetooth: vhci: Avoid needless snprintf() calls (git-fixes). * Drop PCI patch that caused a regression (bsc#1241123) * Input: cyttsp5 - ensure minimum reset pulse width (git-fixes). * Input: mtk-pmic-keys - fix possible null pointer dereference (git-fixes). * Input: xpad - fix two controller table values (git-fixes). * OPP: add index check to assert to avoid buffer overflow in _read_freq() (bsc#1238961) * PCI/MSI: Add an option to write MSIX ENTRY_DATA before any reads (git- fixes). * PCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type (stable-fixes). * RDMA/cma: Fix workqueue crash in cma_netevent_work_handler (git-fixes) * RDMA/core: Silence oversized kvmalloc() warning (git-fixes) * RDMA/hns: Fix wrong maximum DMA segment size (git-fixes) * RDMA/mana_ib: Ensure variable err is initialized (git-fixes). * RDMA/usnic: Fix passing zero to PTR_ERR in usnic_ib_pci_probe() (git-fixes) * Revert "drivers: core: synchronize really_probe() and dev_uevent()" (stable- fixes). * Revert "drm/meson: vclk: fix calculation of 59.94 fractional rates" (git- fixes). * Revert "tcp: Fix bind() regression for v6-only wildcard and" * Revert "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()" (git-fixes). * USB: OHCI: Add quirk for LS7A OHCI controller (rev 0x02) (stable-fixes). * USB: VLI disk crashes if LPM is used (stable-fixes). * USB: serial: ftdi_sio: add support for Abacus Electrics Optical Probe (stable-fixes). * USB: serial: option: add Sierra Wireless EM9291 (stable-fixes). * USB: serial: simple: add OWON HDS200 series oscilloscope support (stable- fixes). * USB: storage: quirk for ADATA Portable HDD CH94 (stable-fixes). * USB: usbtmc: use interruptible sleep in usbtmc_read (git-fixes). * USB: wdm: add annotation (git-fixes). * USB: wdm: close race between wdm_open and wdm_wwan_port_stop (git-fixes). * USB: wdm: handle IO errors in wdm_wwan_port_start (git-fixes). * USB: wdm: wdm_wwan_port_tx_complete mutex in atomic context (git-fixes). * ahci: add PCI ID for Marvell 88SE9215 SATA Controller (stable-fixes). * asus-laptop: Fix an uninitialized variable (git-fixes). * ata: libata-sata: Save all fields from sense data descriptor (git-fixes). * ata: libata-scsi: Fix ata_mselect_control_ata_feature() return type (git- fixes). * ata: libata-scsi: Fix ata_msense_control_ata_feature() (git-fixes). * ata: libata-scsi: Improve CDL control (git-fixes). * ata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe() (git-fixes). * ata: sata_sx4: Add error handling in pdc20621_i2c_read() (git-fixes). * auxdisplay: hd44780: Convert to platform remove callback returning void (stable-fixes). * auxdisplay: hd44780: Fix an API misuse in hd44780.c (git-fixes). * badblocks: Fix error shitf ops (git-fixes). * badblocks: fix merge issue when new badblocks align with pre+1 (git-fixes). * badblocks: fix missing bad blocks on retry in _badblocks_check() (git- fixes). * badblocks: fix the using of MAX_BADBLOCKS (git-fixes). * badblocks: return error directly when setting badblocks exceeds 512 (git- fixes). * badblocks: return error if any badblock set fails (git-fixes). * blk-throttle: fix lower bps rate by throtl_trim_slice() (git-fixes). * block: change blk_mq_add_to_batch() third argument type to bool (git-fixes). * block: fix 'kmem_cache of name 'bio-108' already exists' (git-fixes). * block: fix conversion of GPT partition name to 7-bit (git-fixes). * block: fix resource leak in blk_register_queue() error path (git-fixes). * block: integrity: Do not call set_page_dirty_lock() (git-fixes). * block: make sure ->nr_integrity_segments is cloned in blk_rq_prep_clone (git-fixes). * bnxt_en: Linearize TX SKB if the fragments exceed the max (git-fixes). * bnxt_en: Mask the bd_cnt field in the TX BD properly (git-fixes). * bpf: Add missed var_off setting in coerce_subreg_to_size_sx() (git-fixes). * bpf: Add missed var_off setting in set_sext32_default_val() (git-fixes). * bpf: add find_containing_subprog() utility function (bsc#1241590). * bpf: check changes_pkt_data property for extension programs (bsc#1241590). * bpf: consider that tail calls invalidate packet pointers (bsc#1241590). * bpf: fix null dereference when computing changes_pkt_data of prog w/o subprogs (bsc#1241590). * bpf: refactor bpf_helper_changes_pkt_data to use helper number (bsc#1241590). * bpf: track changes_pkt_data property for global functions (bsc#1241590). * btrfs: add and use helper to verify the calling task has locked the inode (bsc#1241204). * btrfs: always fallback to buffered write if the inode requires checksum (bsc#1242831 bsc#1242710). * btrfs: fix hole expansion when writing at an offset beyond EOF (bsc#1241151). * btrfs: fix missing snapshot drew unlock when root is dead during swap activation (bsc#1241204). * btrfs: fix race with memory mapped writes when activating swap file (bsc#1241204). * btrfs: fix swap file activation failure due to extents that used to be shared (bsc#1241204). * can: gw: fix RCU/BH usage in cgw_create_job() (git-fixes). * can: mcan: m_can_class_unregister(): fix order of unregistration calls (git- fixes). * can: mcp251xfd: fix TDC setting for low data bit rates (git-fixes). * can: mcp251xfd: mcp251xfd_remove(): fix order of unregistration calls (git- fixes). * cdc_ether|r8152: ThinkPad Hybrid USB-C/A Dock quirk (stable-fixes). * char: misc: register chrdev region with all possible minors (git-fixes). * cifs: Fix integer overflow while processing actimeo mount option (git- fixes). * crypto: atmel-sha204a - Set hwrng quality to lowest possible (git-fixes). * crypto: caam/qi - Fix drv_ctx refcount bug (git-fixes). * crypto: ccp - Add support for PCI device 0x1134 (stable-fixes). * cxgb4: fix memory leak in cxgb4_init_ethtool_filters() error path (git- fixes). * dm-bufio: do not schedule in atomic context (git-fixes). * dm-ebs: fix prefetch-vs-suspend race (git-fixes). * dm-integrity: set ti->error on memory allocation failure (git-fixes). * dm-verity: fix prefetch-vs-suspend race (git-fixes). * dm: add missing unlock on in dm_keyslot_evict() (git-fixes). * dm: always update the array size in realloc_argv on success (git-fixes). * dm: fix copying after src array boundaries (git-fixes). * dmaengine: dmatest: Fix dmatest waiting less when interrupted (stable- fixes). * drivers: base: devres: Allow to release group on device release (stable- fixes). * drm/amd/display: Add scoped mutexes for amdgpu_dm_dhcp (stable-fixes). * drm/amd/display: Copy AUX read reply data whenever length > 0 (git-fixes). * drm/amd/display: Fix gpu reset in multidisplay config (git-fixes). * drm/amd/display: Fix slab-use-after-free in hdcp (git-fixes). * drm/amd/display: Fix wrong handling for AUX_DEFER case (git-fixes). * drm/amd/display: Force full update in gpu reset (stable-fixes). * drm/amd/display: Remove incorrect checking in dmub aux handler (git-fixes). * drm/amd/display: Shift DMUB AUX reply command if necessary (git-fixes). * drm/amd/display: add workaround flag to link to force FFE preset (stable- fixes). * drm/amd: Handle being compiled without SI or CIK support better (stable- fixes). * drm/amdgpu/hdp5.2: use memcfg register to post the write for HDP flush (git- fixes). * drm/amdgpu: handle amdgpu_cgs_create_device() errors in amd_powerplay_create() (stable-fixes). * drm/amdkfd: Fix mode1 reset crash issue (stable-fixes). * drm/amdkfd: Fix pqm_destroy_queue race with GPU reset (stable-fixes). * drm/amdkfd: clamp queue size to minimum (stable-fixes). * drm/amdkfd: debugfs hang_hws skip GPU with MES (stable-fixes). * drm/bridge: panel: forbid initializing a panel with unknown connector type (stable-fixes). * drm/fdinfo: Protect against driver unbind (git-fixes). * drm/i915/dg2: wait for HuC load completion before running selftests (stable- fixes). * drm/i915/gvt: fix unterminated-string-initialization warning (stable-fixes). * drm/i915/pxp: fix undefined reference to `intel_pxp_gsccs_is_ready_for_sessions' (git-fixes). * drm/i915/xelpg: Extend driver code of Xe_LPG to Xe_LPG+ (stable-fixes). * drm/i915: Disable RPG during live selftest (git-fixes). * drm/mediatek: mtk_dpi: Explicitly manage TVD clock in power on/off (stable- fixes). * drm/mediatek: mtk_dpi: Move the input_2p_en bit to platform data (stable- fixes). * drm/nouveau: Fix WARN_ON in nouveau_fence_context_kill() (git-fixes). * drm/panel: simple: Update timings for AUO G101EVN010 (git-fixes). * drm/tests: Add helper to create mock crtc (stable-fixes). * drm/tests: Add helper to create mock plane (stable-fixes). * drm/tests: Build KMS helpers when DRM_KUNIT_TEST_HELPERS is enabled (git- fixes). * drm/tests: cmdline: Fix drm_display_mode memory leak (git-fixes). * drm/tests: helpers: Add atomic helpers (stable-fixes). * drm/tests: helpers: Add helper for drm_display_mode_from_cea_vic() (stable- fixes). * drm/tests: helpers: Create kunit helper to destroy a drm_display_mode (stable-fixes). * drm/tests: helpers: Fix compiler warning (git-fixes). * drm/tests: modes: Fix drm_display_mode memory leak (git-fixes). * drm/tests: probe-helper: Fix drm_display_mode memory leak (git-fixes). * drm: Select DRM_KMS_HELPER from DRM_DEBUG_DP_MST_TOPOLOGY_REFS (git-fixes). * drm: allow encoder mode_set even when connectors change for crtc (stable- fixes). * drm: panel-orientation-quirks: Add new quirk for GPD Win 2 (stable-fixes). * drm: panel-orientation-quirks: Add quirk for AYA NEO Slide (stable-fixes). * drm: panel-orientation-quirks: Add quirk for OneXPlayer Mini (Intel) (stable-fixes). * drm: panel-orientation-quirks: Add quirks for AYA NEO Flip DS and KB (stable-fixes). * drm: panel-orientation-quirks: Add support for AYANEO 2S (stable-fixes). * e1000e: change k1 configuration on MTP and later platforms (git-fixes). * eth: bnxt: fix missing ring index trim on error path (git-fixes). * ethtool: Fix context creation with no parameters (git-fixes). * ethtool: Fix set RXNFC command with symmetric RSS hash (git-fixes). * ethtool: Fix wrong mod state in case of verbose and no_mask bitset (git- fixes). * ethtool: do not propagate EOPNOTSUPP from dumps (git-fixes). * ethtool: fix setting key and resetting indir at once (git-fixes). * ethtool: netlink: Add missing ethnl_ops_begin/complete (git-fixes). * ethtool: netlink: do not return SQI value if link is down (git-fixes). * ethtool: plca: fix plca enable data type while parsing the value (git- fixes). * ethtool: rss: echo the context number back (git-fixes). * exfat: do not fallback to buffered write (git-fixes). * exfat: drop ->i_size_ondisk (git-fixes). * exfat: fix soft lockup in exfat_clear_bitmap (git-fixes). * exfat: short-circuit zero-byte writes in exfat_file_write_iter (git-fixes). * ext4: add missing brelse() for bh2 in ext4_dx_add_entry() (bsc#1242342). * ext4: correct encrypted dentry name hash when not casefolded (bsc#1242540). * ext4: do not over-report free space or inodes in statvfs (bsc#1242345). * ext4: do not treat fhandle lookup of ea_inode as FS corruption (bsc#1242347). * ext4: fix FS_IOC_GETFSMAP handling (bsc#1240557). * ext4: goto right label 'out_mmap_sem' in ext4_setattr() (bsc#1242556). * ext4: make block validity check resistent to sb bh corruption (bsc#1242348). * ext4: partial zero eof block on unaligned inode size extension (bsc#1242336). * ext4: protect ext4_release_dquot against freezing (bsc#1242335). * ext4: replace the traditional ternary conditional operator with with max()/min() (bsc#1242536). * ext4: treat end of range as exclusive in ext4_zero_range() (bsc#1242539). * ext4: unify the type of flexbg_size to unsigned int (bsc#1242538). * fbdev: omapfb: Add 'plane' value check (stable-fixes). * firmware: arm_ffa: Skip Rx buffer ownership release if not acquired (git- fixes). * firmware: arm_scmi: Balance device refcount when destroying devices (git- fixes). * fs/jfs: Prevent integer overflow in AG size calculation (git-fixes). * fs/jfs: cast inactags to s64 to prevent potential overflow (git-fixes). * fs/ntfs3: add prefix to bitmap_size() and use BITS_TO_U64() (bsc#1241250). * fs: better handle deep ancestor chains in is_subdir() (bsc#1242528). * fs: consistently deref the files table with rcu_dereference_raw() (bsc#1242535). * fs: do not allow non-init s_user_ns for filesystems without FS_USERNS_MOUNT (bsc#1242526). * fs: support relative paths with FSCONFIG_SET_STRING (git-fixes). * gpio: zynq: Fix wakeup source leaks on device unbind (stable-fixes). * gve: handle overflow when reporting TX consumed descriptors (git-fixes). * gve: set xdp redirect target only when it is available (git-fixes). * hfs/hfsplus: fix slab-out-of-bounds in hfs_bnode_read_key (git-fixes). * i2c: cros-ec-tunnel: defer probe if parent EC is not present (git-fixes). * i2c: imx-lpi2c: Fix clock count when probe defers (git-fixes). * ice: Add check for devm_kzalloc() (git-fixes). * ice: fix reservation of resources for RDMA when disabled (git-fixes). * ice: stop truncating queue ids when checking (git-fixes). * idpf: check error for register_netdev() on init (git-fixes). * idpf: fix adapter NULL pointer dereference on reboot (git-fixes). * igb: reject invalid external timestamp requests for 82580-based HW (git- fixes). * igc: add lock preventing multiple simultaneous PTM transactions (git-fixes). * igc: cleanup PTP module if probe fails (git-fixes). * igc: fix PTM cycle trigger logic (git-fixes). * igc: handle the IGC_PTP_ENABLED flag correctly (git-fixes). * igc: increase wait time before retrying PTM (git-fixes). * igc: move ktime snapshot into PTM retry loop (git-fixes). * iio: accel: adxl367: fix setting odr for activity time update (git-fixes). * iio: adc: ad7606: fix serial register access (git-fixes). * iio: adc: ad7768-1: Fix conversion result sign (git-fixes). * iio: adc: ad7768-1: Move setting of val a bit later to avoid unnecessary return value check (stable-fixes). * iio: adis16201: Correct inclinometer channel resolution (git-fixes). * iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_fifo (git- fixes). * iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_tagged_fifo (git-fixes). * iio: temp: maxim-thermocouple: Fix potential lack of DMA safe buffer (git- fixes). * iommu: Fix two issues in iommu_copy_struct_from_user() (git-fixes). * ipv4: fib: annotate races around nh->nh_saddr_genid and nh->nh_saddr (git- fixes). * irqchip/davinci: Remove leftover header (git-fixes). * irqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode() (git-fixes). * irqchip/qcom-mpm: Prevent crash when trying to handle non-wake GPIOs (git- fixes). * isofs: fix KMSAN uninit-value bug in do_isofs_readdir() (bsc#1242307). * jbd2: add a missing data flush during file and fs synchronization (bsc#1242346). * jbd2: fix off-by-one while erasing journal (bsc#1242344). * jbd2: flush filesystem device before updating tail sequence (bsc#1242333). * jbd2: increase IO priority for writing revoke records (bsc#1242332). * jbd2: increase the journal IO's priority (bsc#1242537). * jbd2: remove wrong sb->s_sequence check (bsc#1242343). * jfs: Fix uninit-value access of imap allocated in the diMount() function (git-fixes). * jfs: Prevent copying of nlink with value 0 from disk inode (git-fixes). * jfs: add sanity check for agwidth in dbMount (git-fixes). * kABI fix for sctp: detect and prevent references to a freed transport in sendmsg (git-fixes). * kABI workaround for powercap update (bsc#1241010). * ktest: Fix Test Failures Due to Missing LOG_FILE Directories (stable-fixes). * kunit: qemu_configs: SH: Respect kunit cmdline (git-fixes). * loop: LOOP_SET_FD: send uevents for partitions (git-fixes). * loop: properly send KOBJ_CHANGED uevent for disk device (git-fixes). * loop: stop using vfs_iter_{read,write} for buffered I/O (git-fixes). * md/md-bitmap: fix wrong bitmap_limit for clustermd when write sb (bsc#1238212) * media: uvcvideo: Add quirk for Actions UVC05 (stable-fixes). * mei: me: add panther lake H DID (stable-fixes). * misc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration (git-fixes). * misc: microchip: pci1xxxx: Fix incorrect IRQ status handling during ack (git-fixes). * mm/readahead: fix large folio support in async readahead (bsc#1242321). * mm: fix error handling in __filemap_get_folio() with FGP_NOWAIT (bsc#1242326). * mm: fix filemap_get_folios_contig returning batches of identical folios (bsc#1242327). * mm: fix oops when filemap_map_pmd() without prealloc_pte (bsc#1242546). * mmc: dw_mmc: add a quirk for accessing 64-bit FIFOs in two halves (stable- fixes). * mmc: renesas_sdhi: Fix error handling in renesas_sdhi_probe (git-fixes). * mptcp: mptcp_parse_option() fix for MPTCPOPT_MP_JOIN (git-fixes). * mptcp: refine opt_mp_capable determination (git-fixes). * mptcp: relax check on MPC passive fallback (git-fixes). * mptcp: strict validation before using mp_opt->hmac (git-fixes). * mptcp: use OPTION_MPTCP_MPJ_SYN in subflow_check_req() (git-fixes). * net/mlx5: Fill out devlink dev info only for PFs (git-fixes). * net/mlx5: IRQ, Fix null string in debug print (git-fixes). * net/mlx5: Lag, Check shared fdb before creating MultiPort E-Switch (git- fixes). * net/mlx5: Start health poll after enable hca (git-fixes). * net/mlx5e: Fix ethtool -N flow-type ip4 to RSS context (git-fixes). * net/mlx5e: Prevent bridge link show failure for non-eswitch-allowed devices (git-fixes). * net/mlx5e: SHAMPO, Make reserved size independent of page size (git-fixes). * net/tcp: refactor tcp_inet6_sk() (git-fixes). * net: annotate data-races around sk->sk_dst_pending_confirm (git-fixes). * net: annotate data-races around sk->sk_tx_queue_mapping (git-fixes). * net: blackhole_dev: fix build warning for ethh set but not used (git-fixes). * net: ethtool: Do not call .cleanup_data when prepare_data fails (git-fixes). * net: ethtool: Fix RSS setting (git-fixes). * net: ipv6: fix UDPv6 GSO segmentation with NAT (git-fixes). * net: mana: Switch to page pool for jumbo frames (git-fixes). * net: mark racy access on sk->sk_rcvbuf (git-fixes). * net: phy: leds: fix memory leak (git-fixes). * net: phy: microchip: force IRQ polling mode for lan88xx (git-fixes). * net: sctp: fix skb leak in sctp_inq_free() (git-fixes). * net: set SOCK_RCU_FREE before inserting socket into hashtable (git-fixes). * net: usb: asix_devices: add FiberGecko DeviceID (stable-fixes). * net_sched: drr: Fix double list add in class with netem as child qdisc (git- fixes). * net_sched: ets: Fix double list add in class with netem as child qdisc (git- fixes). * net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (git-fixes). * net_sched: qfq: Fix double list add in class with netem as child qdisc (git- fixes). * netpoll: Use rcu_access_pointer() in netpoll_poll_lock (git-fixes). * nfs: add missing selections of CONFIG_CRC32 (git-fixes). * nfsd: decrease sc_count directly if fail to queue dl_recall (git-fixes). * ntb: reduce stack usage in idt_scan_mws (stable-fixes). * ntb_hw_amd: Add NTB PCI ID for new gen CPU (stable-fixes). * nvme-pci: clean up CMBMSC when registering CMB fails (git-fixes). * nvme-pci: fix stuck reset on concurrent DPC and HP (git-fixes). * nvme-pci: skip CMB blocks incompatible with PCI P2P DMA (git-fixes). * nvme-pci: skip nvme_write_sq_db on empty rqlist (git-fixes). * nvme-tcp: fix possible UAF in nvme_tcp_poll (git-fixes). * nvme/ioctl: do not warn on vectorized uring_cmd with fixed buffer (git- fixes). * nvmet-fcloop: swap list_add_tail arguments (git-fixes). * perf: arm_cspmu: nvidia: enable NVLINK-C2C port filtering (bsc#1242172) * perf: arm_cspmu: nvidia: fix sysfs path in the kernel doc (bsc#1242172) * perf: arm_cspmu: nvidia: monitor all ports by default (bsc#1242172) * perf: arm_cspmu: nvidia: remove unsupported SCF events (bsc#1242172) * phy: freescale: imx8m-pcie: assert phy reset and perst in power off (git- fixes). * pinctrl: renesas: rza2: Fix potential NULL pointer dereference (stable- fixes). * platform/x86/amd/pmc: Declare quirk_spurious_8042 for MECHREVO Wujie 14XA (GX4HRXL) (git-fixes). * platform/x86/amd: pmc: Require at least 2.5 seconds between HW sleep cycles (stable-fixes). * platform/x86/intel-uncore-freq: Fix missing uncore sysfs during CPU hotplug (git-fixes). * platform/x86: asus-wmi: Fix wlan_ctrl_by_user detection (git-fixes). * pm: cpupower: bench: Prevent NULL dereference on malloc failure (stable- fixes). * powercap: intel_rapl: Introduce APIs for PMU support (bsc#1241010). * powercap: intel_rapl_tpmi: Enable PMU support (bsc#1241010). * powerpc/boot: Check for ld-option support (bsc#1215199). * powerpc/boot: Fix dash warning (bsc#1215199). * powerpc: Do not use --- in kernel logs (git-fixes). * pwm: fsl-ftm: Handle clk_get_rate() returning 0 (git-fixes). * pwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config() (git-fixes). * pwm: rcar: Improve register calculation (git-fixes). * rpm/check-for-config-changes: Add GCC_ASM_FLAG_OUTPUT_BROKEN * rpm/kernel-binary.spec.in: Also order against update-bootloader (boo#1228659, boo#1240785, boo#1241038). * rpm/package-descriptions: Add rt and rt_debug descriptions * rtc: pcf85063: do a SW reset if POR failed (stable-fixes). * scsi: core: Use GFP_NOIO to avoid circular locking dependency (git-fixes). * scsi: hisi_sas: Enable force phy when SATA disk directly connected (git- fixes). * scsi: iscsi: Fix missing scsi_host_put() in error path (git-fixes). * scsi: lpfc: Restore clearing of NLP_UNREG_INP in ndlp->nlp_flag (git-fixes). * scsi: mpi3mr: Fix locking in an error path (git-fixes). * scsi: mpt3sas: Fix a locking bug in an error path (git-fixes). * scsi: mpt3sas: Reduce log level of ignore_delay_remove message to KERN_INFO (git-fixes). * scsi: scsi_debug: Remove a reference to in_use_bm (git-fixes). * sctp: Fix undefined behavior in left shift operation (git-fixes). * sctp: add mutual exclusion in proc_sctp_do_udp_port() (git-fixes). * sctp: detect and prevent references to a freed transport in sendmsg (git- fixes). * sctp: ensure sk_state is set to CLOSED if hashing fails in sctp_listen_start (git-fixes). * sctp: fix association labeling in the duplicate COOKIE-ECHO case (git- fixes). * sctp: fix busy polling (git-fixes). * sctp: prefer struct_size over open coded arithmetic (git-fixes). * sctp: support MSG_ERRQUEUE flag in recvmsg() (git-fixes). * selftests/bpf: Add a few tests to cover (git-fixes). * selftests/bpf: extend changes_pkt_data with cases w/o subprograms (bsc#1241590). * selftests/bpf: freplace tests for tracking of changes_packet_data (bsc#1241590). * selftests/bpf: test for changing packet data from global functions (bsc#1241590). * selftests/bpf: validate that tail call invalidates packet pointers (bsc#1241590). * selftests/futex: futex_waitv wouldblock test should fail (git-fixes). * selftests/mm: generate a temporary mountpoint for cgroup filesystem (git- fixes). * serial: msm: Configure correct working mode before starting earlycon (git- fixes). * serial: sifive: lock port in startup()/shutdown() callbacks (git-fixes). * smb: client: fix folio leaks and perf improvements (bsc#1239997, bsc1241265). * sound/virtio: Fix cancel_sync warnings on uninitialized work_structs (stable-fixes). * spi: tegra114: Do not fail set_cs_timing when delays are zero (git-fixes). * spi: tegra210-quad: add rate limiting and simplify timeout error message (stable-fixes). * spi: tegra210-quad: use WARN_ON_ONCE instead of WARN_ON for timeouts (stable-fixes). * splice: remove duplicate noinline from pipe_clear_nowait (bsc#1242328). * staging: axis-fifo: Correct handling of tx_fifo_depth for size validation (git-fixes). * staging: axis-fifo: Remove hardware resets for user errors (git-fixes). * staging: iio: adc: ad7816: Correct conditional logic for store mode (git- fixes). * string: Add load_unaligned_zeropad() code path to sized_strscpy() (git- fixes). * tcp: fix mptcp DSS corruption due to large pmtu xmit (git-fixes). * thunderbolt: Scan retimers after device router has been enumerated (stable- fixes). * tools/hv: update route parsing in kvp daemon (git-fixes). * tools/power turbostat: Increase CPU_SUBSET_MAXCPUS to 8192 (bsc#1241175). * tools/power turbostat: report CoreThr per measurement interval (git-fixes). * tty: n_tty: use uint for space returned by tty_write_room() (git-fixes). * ublk: set_params: properly check if parameters can be applied (git-fixes). * udf: Fix inode_getblk() return value (bsc#1242313). * udf: Skip parent dir link count update if corrupted (bsc#1242315). * udf: Verify inode link counts before performing rename (bsc#1242314). * usb: cdns3: Fix deadlock when using NCM gadget (git-fixes). * usb: cdnsp: fix L1 resume issue for RTL_REVISION_NEW_LPM version (git- fixes). * usb: chipidea: ci_hdrc_imx: fix call balance of regulator routines (git- fixes). * usb: chipidea: ci_hdrc_imx: implement usb_phy_init() error handling (git- fixes). * usb: dwc3: gadget: Avoid using reserved endpoints on Intel Merrifield (stable-fixes). * usb: dwc3: gadget: Refactor loop to avoid NULL endpoints (stable-fixes). * usb: dwc3: gadget: check that event count does not exceed event buffer length (git-fixes). * usb: dwc3: xilinx: Prevent spike in reset signal (git-fixes). * usb: gadget: Use get_status callback to set remote wakeup capability (git- fixes). * usb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev() (stable- fixes). * usb: gadget: f_ecm: Add get_status callback (git-fixes). * usb: gadget: tegra-xudc: ACK ST_RC after clearing CTRL_RUN (git-fixes). * usb: host: max3421-hcd: Add missing spi_device_id table (stable-fixes). * usb: host: tegra: Prevent host controller crash when OTG port is used (git- fixes). * usb: host: xhci-plat: mvebu: use ->quirks instead of ->init_quirk() func (stable-fixes). * usb: quirks: Add delay init quirk for SanDisk 3.2Gen1 Flash Drive (stable- fixes). * usb: quirks: add DELAY_INIT quirk for Silicon Motion Flash Drive (stable- fixes). * usb: typec: tcpm: delay SNK_TRY_WAIT_DEBOUNCE to SRC_TRYWAIT transition (git-fixes). * usb: typec: ucsi: displayport: Fix NULL pointer access (git-fixes). * usb: uhci-platform: Make the clock really optional (git-fixes). * usb: usbtmc: Fix erroneous generic_read ioctl return (git-fixes). * usb: usbtmc: Fix erroneous get_stb ioctl error returns (git-fixes). * usb: usbtmc: Fix erroneous wait_srq ioctl return (git-fixes). * vdpa/mlx5: Fix oversized null mkey longer than 32bit (git-fixes). * vfs: do not mod negative dentry count when on shrinker list (bsc#1242534). * virtchnl: make proto and filter action count unsigned (git-fixes). * vmxnet3: Fix tx queue race condition with XDP (bsc#1241394). * vmxnet3: unregister xdp rxq info in the reset path (bsc#1241394). * wifi: at76c50x: fix use after free access in at76_disconnect (git-fixes). * wifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi (stable-fixes). * wifi: ath12k: Fix invalid entry fetch in ath12k_dp_mon_srng_process (stable- fixes). * wifi: brcm80211: fmac: Add error handling for brcmf_usb_dl_writeimage() (git-fixes). * wifi: cfg80211: fix out-of-bounds access during multi-link element defragmentation (git-fixes). * wifi: mac80211: Purge vif txq in ieee80211_do_stop() (git-fixes). * wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue() (git-fixes). * wifi: mt76: mt76x2u: add TP-Link TL-WDN6200 ID to device table (stable- fixes). * wifi: plfxlc: Remove erroneous assert in plfxlc_mac_release (git-fixes). * wifi: wl1251: fix memory leak in wl1251_tx_work (git-fixes). * x86/bhi: Do not set BHI_DIS_S in 32-bit mode (bsc#1242778). * x86/bpf: Add IBHF call at end of classic BPF (bsc#1242778). * x86/bpf: Call branch history clearing sequence on exit (bsc#1242778). * x86/bugs: Add RSB mitigation document (git-fixes). * x86/bugs: Do not fill RSB on VMEXIT with eIBRS+retpoline (git-fixes). * x86/bugs: Do not fill RSB on context switch with eIBRS (git-fixes). * x86/bugs: Fix RSB clearing in indirect_branch_prediction_barrier() (git- fixes). * x86/bugs: Rename entry_ibpb() to write_ibpb() (git-fixes). * x86/bugs: Use SBPB in write_ibpb() if applicable (git-fixes). * x86/dumpstack: Fix inaccurate unwinding from exception stacks due to misplaced assignment (git-fixes). * x86/entry: Fix ORC unwinder for PUSH_REGS with save_ret=1 (git-fixes). * x86/hyperv: Fix check of return value from snp_set_vmsa() (git-fixes). * x86/microcode/AMD: Fix a -Wsometimes-uninitialized clang false positive (git-fixes). * x86/microcode/AMD: Flush patch buffer mapping after application (git-fixes). * x86/microcode/AMD: Pay attention to the stepping dynamically (git-fixes). * x86/microcode/AMD: Split load_microcode_amd() (git-fixes). * x86/microcode/AMD: Use the family,model,stepping encoded in the patch ID (git-fixes). * x86/microcode/intel: Set new revision only after a successful update (git- fixes). * x86/microcode: Remove the driver announcement and version (git-fixes). * x86/microcode: Rework early revisions reporting (git-fixes). * x86/paravirt: Move halt paravirt calls under CONFIG_PARAVIRT (git-fixes). * x86/tdx: Emit warning if IRQs are enabled during HLT #VE handling (git- fixes). * x86/tdx: Fix arch_safe_halt() execution for TDX VMs (git-fixes). * x86/uaccess: Improve performance by aligning writes to 8 bytes in copy_user_generic(), on non-FSRM/ERMS CPUs (git-fixes). * xfs: flush inodegc before swapon (git-fixes). * xhci: Clean up stale comment on ERST_SIZE macro (stable-fixes). * zap_pid_ns_processes: clear TIF_NOTIFY_SIGNAL along with TIF_SIGPENDING (bsc#1241167). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-22=1 * SUSE Linux Micro Extras 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-22=1 ## Package List: * SUSE Linux Micro 6.0 (noarch) * kernel-devel-6.4.0-29.1 * kernel-macros-6.4.0-29.1 * kernel-source-6.4.0-29.1 * SUSE Linux Micro 6.0 (aarch64 nosrc s390x x86_64) * kernel-default-6.4.0-29.1 * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * kernel-default-debugsource-6.4.0-29.1 * kernel-default-debuginfo-6.4.0-29.1 * SUSE Linux Micro 6.0 (s390x x86_64) * kernel-default-livepatch-6.4.0-29.1 * kernel-livepatch-6_4_0-29-default-1-1.2 * kernel-livepatch-MICRO-6-0_Update_7-debugsource-1-1.2 * kernel-livepatch-6_4_0-29-default-debuginfo-1-1.2 * SUSE Linux Micro 6.0 (nosrc x86_64) * kernel-kvmsmall-6.4.0-29.1 * SUSE Linux Micro 6.0 (x86_64) * kernel-kvmsmall-debugsource-6.4.0-29.1 * kernel-kvmsmall-debuginfo-6.4.0-29.1 * SUSE Linux Micro 6.0 (aarch64 x86_64) * kernel-default-base-6.4.0-29.1.21.7 * SUSE Linux Micro Extras 6.0 (nosrc) * kernel-default-6.4.0-29.1 * kernel-64kb-6.4.0-29.1 * SUSE Linux Micro Extras 6.0 (aarch64) * kernel-64kb-devel-6.4.0-29.1 * kernel-64kb-debugsource-6.4.0-29.1 * SUSE Linux Micro Extras 6.0 (aarch64 s390x x86_64) * kernel-obs-build-6.4.0-29.1 * kernel-syms-6.4.0-29.1 * kernel-default-debugsource-6.4.0-29.1 * kernel-obs-build-debugsource-6.4.0-29.1 * kernel-default-devel-6.4.0-29.1 * SUSE Linux Micro Extras 6.0 (x86_64) * kernel-default-devel-debuginfo-6.4.0-29.1 ## References: * https://www.suse.com/security/cve/CVE-2023-53034.html * https://www.suse.com/security/cve/CVE-2024-27018.html * https://www.suse.com/security/cve/CVE-2024-27415.html * https://www.suse.com/security/cve/CVE-2024-28956.html * https://www.suse.com/security/cve/CVE-2024-35840.html * https://www.suse.com/security/cve/CVE-2024-46763.html * https://www.suse.com/security/cve/CVE-2024-46865.html * https://www.suse.com/security/cve/CVE-2024-50083.html * https://www.suse.com/security/cve/CVE-2024-50162.html * https://www.suse.com/security/cve/CVE-2024-50163.html * https://www.suse.com/security/cve/CVE-2024-56641.html * https://www.suse.com/security/cve/CVE-2024-56702.html * https://www.suse.com/security/cve/CVE-2024-57924.html * https://www.suse.com/security/cve/CVE-2024-57998.html * https://www.suse.com/security/cve/CVE-2024-58001.html * https://www.suse.com/security/cve/CVE-2024-58068.html * https://www.suse.com/security/cve/CVE-2024-58070.html * https://www.suse.com/security/cve/CVE-2024-58088.html * https://www.suse.com/security/cve/CVE-2024-58093.html * https://www.suse.com/security/cve/CVE-2024-58094.html * https://www.suse.com/security/cve/CVE-2024-58095.html * https://www.suse.com/security/cve/CVE-2024-58096.html * https://www.suse.com/security/cve/CVE-2024-58097.html * https://www.suse.com/security/cve/CVE-2025-21683.html * https://www.suse.com/security/cve/CVE-2025-21696.html * https://www.suse.com/security/cve/CVE-2025-21707.html * https://www.suse.com/security/cve/CVE-2025-21758.html * https://www.suse.com/security/cve/CVE-2025-21768.html * https://www.suse.com/security/cve/CVE-2025-21792.html * https://www.suse.com/security/cve/CVE-2025-21808.html * https://www.suse.com/security/cve/CVE-2025-21812.html * https://www.suse.com/security/cve/CVE-2025-21833.html * https://www.suse.com/security/cve/CVE-2025-21852.html * https://www.suse.com/security/cve/CVE-2025-21853.html * https://www.suse.com/security/cve/CVE-2025-21854.html * https://www.suse.com/security/cve/CVE-2025-21867.html * https://www.suse.com/security/cve/CVE-2025-21904.html * https://www.suse.com/security/cve/CVE-2025-21925.html * https://www.suse.com/security/cve/CVE-2025-21926.html * https://www.suse.com/security/cve/CVE-2025-21931.html * https://www.suse.com/security/cve/CVE-2025-21962.html * https://www.suse.com/security/cve/CVE-2025-21963.html * https://www.suse.com/security/cve/CVE-2025-21964.html * https://www.suse.com/security/cve/CVE-2025-21980.html * https://www.suse.com/security/cve/CVE-2025-21985.html * https://www.suse.com/security/cve/CVE-2025-21999.html * https://www.suse.com/security/cve/CVE-2025-22004.html * https://www.suse.com/security/cve/CVE-2025-22015.html * https://www.suse.com/security/cve/CVE-2025-22016.html * https://www.suse.com/security/cve/CVE-2025-22017.html * https://www.suse.com/security/cve/CVE-2025-22018.html * https://www.suse.com/security/cve/CVE-2025-22020.html * https://www.suse.com/security/cve/CVE-2025-22025.html * https://www.suse.com/security/cve/CVE-2025-22027.html * https://www.suse.com/security/cve/CVE-2025-22029.html * https://www.suse.com/security/cve/CVE-2025-22033.html * https://www.suse.com/security/cve/CVE-2025-22036.html * https://www.suse.com/security/cve/CVE-2025-22044.html * https://www.suse.com/security/cve/CVE-2025-22045.html * https://www.suse.com/security/cve/CVE-2025-22050.html * https://www.suse.com/security/cve/CVE-2025-22053.html * https://www.suse.com/security/cve/CVE-2025-22055.html * https://www.suse.com/security/cve/CVE-2025-22058.html * https://www.suse.com/security/cve/CVE-2025-22060.html * https://www.suse.com/security/cve/CVE-2025-22062.html * https://www.suse.com/security/cve/CVE-2025-22064.html * https://www.suse.com/security/cve/CVE-2025-22065.html * https://www.suse.com/security/cve/CVE-2025-22075.html * https://www.suse.com/security/cve/CVE-2025-22080.html * https://www.suse.com/security/cve/CVE-2025-22086.html * https://www.suse.com/security/cve/CVE-2025-22088.html * https://www.suse.com/security/cve/CVE-2025-22090.html * https://www.suse.com/security/cve/CVE-2025-22093.html * https://www.suse.com/security/cve/CVE-2025-22097.html * https://www.suse.com/security/cve/CVE-2025-22102.html * https://www.suse.com/security/cve/CVE-2025-22104.html * https://www.suse.com/security/cve/CVE-2025-22105.html * https://www.suse.com/security/cve/CVE-2025-22106.html * https://www.suse.com/security/cve/CVE-2025-22107.html * https://www.suse.com/security/cve/CVE-2025-22108.html * https://www.suse.com/security/cve/CVE-2025-22109.html * https://www.suse.com/security/cve/CVE-2025-22115.html * https://www.suse.com/security/cve/CVE-2025-22116.html * https://www.suse.com/security/cve/CVE-2025-22121.html * https://www.suse.com/security/cve/CVE-2025-22128.html * https://www.suse.com/security/cve/CVE-2025-23129.html * https://www.suse.com/security/cve/CVE-2025-23131.html * https://www.suse.com/security/cve/CVE-2025-23133.html * https://www.suse.com/security/cve/CVE-2025-23136.html * https://www.suse.com/security/cve/CVE-2025-23138.html * https://www.suse.com/security/cve/CVE-2025-23145.html * https://www.suse.com/security/cve/CVE-2025-37785.html * https://www.suse.com/security/cve/CVE-2025-37798.html * https://www.suse.com/security/cve/CVE-2025-37799.html * https://www.suse.com/security/cve/CVE-2025-37860.html * https://www.suse.com/security/cve/CVE-2025-39728.html * https://bugzilla.suse.com/show_bug.cgi?id=1215199 * https://bugzilla.suse.com/show_bug.cgi?id=1223809 * https://bugzilla.suse.com/show_bug.cgi?id=1224013 * https://bugzilla.suse.com/show_bug.cgi?id=1224597 * https://bugzilla.suse.com/show_bug.cgi?id=1224757 * https://bugzilla.suse.com/show_bug.cgi?id=1228659 * https://bugzilla.suse.com/show_bug.cgi?id=1230764 * https://bugzilla.suse.com/show_bug.cgi?id=1231103 * https://bugzilla.suse.com/show_bug.cgi?id=1232493 * https://bugzilla.suse.com/show_bug.cgi?id=1233075 * https://bugzilla.suse.com/show_bug.cgi?id=1233098 * https://bugzilla.suse.com/show_bug.cgi?id=1235501 * https://bugzilla.suse.com/show_bug.cgi?id=1235526 * https://bugzilla.suse.com/show_bug.cgi?id=1236086 * https://bugzilla.suse.com/show_bug.cgi?id=1236704 * https://bugzilla.suse.com/show_bug.cgi?id=1237111 * https://bugzilla.suse.com/show_bug.cgi?id=1238212 * https://bugzilla.suse.com/show_bug.cgi?id=1238471 * https://bugzilla.suse.com/show_bug.cgi?id=1238527 * https://bugzilla.suse.com/show_bug.cgi?id=1238714 * https://bugzilla.suse.com/show_bug.cgi?id=1238737 * https://bugzilla.suse.com/show_bug.cgi?id=1238742 * https://bugzilla.suse.com/show_bug.cgi?id=1238745 * https://bugzilla.suse.com/show_bug.cgi?id=1238862 * https://bugzilla.suse.com/show_bug.cgi?id=1238961 * https://bugzilla.suse.com/show_bug.cgi?id=1238983 * https://bugzilla.suse.com/show_bug.cgi?id=1239079 * https://bugzilla.suse.com/show_bug.cgi?id=1239108 * https://bugzilla.suse.com/show_bug.cgi?id=1239470 * https://bugzilla.suse.com/show_bug.cgi?id=1239476 * https://bugzilla.suse.com/show_bug.cgi?id=1239487 * https://bugzilla.suse.com/show_bug.cgi?id=1239510 * https://bugzilla.suse.com/show_bug.cgi?id=1239997 * https://bugzilla.suse.com/show_bug.cgi?id=1240181 * https://bugzilla.suse.com/show_bug.cgi?id=1240557 * https://bugzilla.suse.com/show_bug.cgi?id=1240576 * https://bugzilla.suse.com/show_bug.cgi?id=1240655 * https://bugzilla.suse.com/show_bug.cgi?id=1240709 * https://bugzilla.suse.com/show_bug.cgi?id=1240712 * https://bugzilla.suse.com/show_bug.cgi?id=1240713 * https://bugzilla.suse.com/show_bug.cgi?id=1240717 * https://bugzilla.suse.com/show_bug.cgi?id=1240740 * https://bugzilla.suse.com/show_bug.cgi?id=1240785 * https://bugzilla.suse.com/show_bug.cgi?id=1240802 * https://bugzilla.suse.com/show_bug.cgi?id=1240809 * https://bugzilla.suse.com/show_bug.cgi?id=1240811 * https://bugzilla.suse.com/show_bug.cgi?id=1240835 * https://bugzilla.suse.com/show_bug.cgi?id=1240934 * https://bugzilla.suse.com/show_bug.cgi?id=1240936 * https://bugzilla.suse.com/show_bug.cgi?id=1240944 * https://bugzilla.suse.com/show_bug.cgi?id=1241010 * https://bugzilla.suse.com/show_bug.cgi?id=1241038 * https://bugzilla.suse.com/show_bug.cgi?id=1241051 * https://bugzilla.suse.com/show_bug.cgi?id=1241123 * https://bugzilla.suse.com/show_bug.cgi?id=1241151 * https://bugzilla.suse.com/show_bug.cgi?id=1241167 * https://bugzilla.suse.com/show_bug.cgi?id=1241175 * https://bugzilla.suse.com/show_bug.cgi?id=1241204 * https://bugzilla.suse.com/show_bug.cgi?id=1241250 * https://bugzilla.suse.com/show_bug.cgi?id=1241265 * https://bugzilla.suse.com/show_bug.cgi?id=1241266 * https://bugzilla.suse.com/show_bug.cgi?id=1241280 * https://bugzilla.suse.com/show_bug.cgi?id=1241332 * https://bugzilla.suse.com/show_bug.cgi?id=1241333 * https://bugzilla.suse.com/show_bug.cgi?id=1241341 * https://bugzilla.suse.com/show_bug.cgi?id=1241343 * https://bugzilla.suse.com/show_bug.cgi?id=1241344 * https://bugzilla.suse.com/show_bug.cgi?id=1241347 * https://bugzilla.suse.com/show_bug.cgi?id=1241357 * https://bugzilla.suse.com/show_bug.cgi?id=1241361 * https://bugzilla.suse.com/show_bug.cgi?id=1241369 * https://bugzilla.suse.com/show_bug.cgi?id=1241371 * https://bugzilla.suse.com/show_bug.cgi?id=1241373 * https://bugzilla.suse.com/show_bug.cgi?id=1241378 * https://bugzilla.suse.com/show_bug.cgi?id=1241394 * https://bugzilla.suse.com/show_bug.cgi?id=1241402 * https://bugzilla.suse.com/show_bug.cgi?id=1241412 * https://bugzilla.suse.com/show_bug.cgi?id=1241413 * https://bugzilla.suse.com/show_bug.cgi?id=1241416 * https://bugzilla.suse.com/show_bug.cgi?id=1241424 * https://bugzilla.suse.com/show_bug.cgi?id=1241426 * https://bugzilla.suse.com/show_bug.cgi?id=1241433 * https://bugzilla.suse.com/show_bug.cgi?id=1241436 * https://bugzilla.suse.com/show_bug.cgi?id=1241441 * https://bugzilla.suse.com/show_bug.cgi?id=1241442 * https://bugzilla.suse.com/show_bug.cgi?id=1241443 * https://bugzilla.suse.com/show_bug.cgi?id=1241451 * https://bugzilla.suse.com/show_bug.cgi?id=1241452 * https://bugzilla.suse.com/show_bug.cgi?id=1241456 * https://bugzilla.suse.com/show_bug.cgi?id=1241458 * https://bugzilla.suse.com/show_bug.cgi?id=1241459 * https://bugzilla.suse.com/show_bug.cgi?id=1241526 * https://bugzilla.suse.com/show_bug.cgi?id=1241528 * https://bugzilla.suse.com/show_bug.cgi?id=1241537 * https://bugzilla.suse.com/show_bug.cgi?id=1241541 * https://bugzilla.suse.com/show_bug.cgi?id=1241545 * https://bugzilla.suse.com/show_bug.cgi?id=1241547 * https://bugzilla.suse.com/show_bug.cgi?id=1241548 * https://bugzilla.suse.com/show_bug.cgi?id=1241550 * https://bugzilla.suse.com/show_bug.cgi?id=1241573 * https://bugzilla.suse.com/show_bug.cgi?id=1241574 * https://bugzilla.suse.com/show_bug.cgi?id=1241575 * https://bugzilla.suse.com/show_bug.cgi?id=1241578 * https://bugzilla.suse.com/show_bug.cgi?id=1241590 * https://bugzilla.suse.com/show_bug.cgi?id=1241593 * https://bugzilla.suse.com/show_bug.cgi?id=1241598 * https://bugzilla.suse.com/show_bug.cgi?id=1241599 * https://bugzilla.suse.com/show_bug.cgi?id=1241601 * https://bugzilla.suse.com/show_bug.cgi?id=1241626 * https://bugzilla.suse.com/show_bug.cgi?id=1241640 * https://bugzilla.suse.com/show_bug.cgi?id=1241648 * https://bugzilla.suse.com/show_bug.cgi?id=1242006 * https://bugzilla.suse.com/show_bug.cgi?id=1242044 * https://bugzilla.suse.com/show_bug.cgi?id=1242172 * https://bugzilla.suse.com/show_bug.cgi?id=1242283 * https://bugzilla.suse.com/show_bug.cgi?id=1242307 * https://bugzilla.suse.com/show_bug.cgi?id=1242313 * https://bugzilla.suse.com/show_bug.cgi?id=1242314 * https://bugzilla.suse.com/show_bug.cgi?id=1242315 * https://bugzilla.suse.com/show_bug.cgi?id=1242321 * https://bugzilla.suse.com/show_bug.cgi?id=1242326 * https://bugzilla.suse.com/show_bug.cgi?id=1242327 * https://bugzilla.suse.com/show_bug.cgi?id=1242328 * https://bugzilla.suse.com/show_bug.cgi?id=1242332 * https://bugzilla.suse.com/show_bug.cgi?id=1242333 * https://bugzilla.suse.com/show_bug.cgi?id=1242335 * https://bugzilla.suse.com/show_bug.cgi?id=1242336 * https://bugzilla.suse.com/show_bug.cgi?id=1242342 * https://bugzilla.suse.com/show_bug.cgi?id=1242343 * https://bugzilla.suse.com/show_bug.cgi?id=1242344 * https://bugzilla.suse.com/show_bug.cgi?id=1242345 * https://bugzilla.suse.com/show_bug.cgi?id=1242346 * https://bugzilla.suse.com/show_bug.cgi?id=1242347 * https://bugzilla.suse.com/show_bug.cgi?id=1242348 * https://bugzilla.suse.com/show_bug.cgi?id=1242414 * https://bugzilla.suse.com/show_bug.cgi?id=1242526 * https://bugzilla.suse.com/show_bug.cgi?id=1242528 * https://bugzilla.suse.com/show_bug.cgi?id=1242534 * https://bugzilla.suse.com/show_bug.cgi?id=1242535 * https://bugzilla.suse.com/show_bug.cgi?id=1242536 * https://bugzilla.suse.com/show_bug.cgi?id=1242537 * https://bugzilla.suse.com/show_bug.cgi?id=1242538 * https://bugzilla.suse.com/show_bug.cgi?id=1242539 * https://bugzilla.suse.com/show_bug.cgi?id=1242540 * https://bugzilla.suse.com/show_bug.cgi?id=1242546 * https://bugzilla.suse.com/show_bug.cgi?id=1242556 * https://bugzilla.suse.com/show_bug.cgi?id=1242596 * https://bugzilla.suse.com/show_bug.cgi?id=1242710 * https://bugzilla.suse.com/show_bug.cgi?id=1242778 * https://bugzilla.suse.com/show_bug.cgi?id=1242831 * https://bugzilla.suse.com/show_bug.cgi?id=1242985 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 16:35:23 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 16:35:23 -0000 Subject: SUSE-SU-2025:20342-1: moderate: Security update for kernel-livepatch-MICRO-6-0-RT_Update_5 Message-ID: <174853652310.5267.3769844617846081205@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0-RT_Update_5 Announcement ID: SUSE-SU-2025:20342-1 Release Date: May 22, 2025, 1:03 p.m. Rating: moderate References: * bsc#1235916 Cross-References: * CVE-2024-57882 CVSS scores: * CVE-2024-57882 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57882 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-57882 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves one vulnerability can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0-RT_Update_5 fixes the following issues: * CVE-2024-57882: mptcp: fix TCP options overflow. (bsc#1235916) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-27=1 ## Package List: * SUSE Linux Micro 6.0 (x86_64) * kernel-livepatch-6_4_0-25-rt-debuginfo-2-1.1 * kernel-livepatch-MICRO-6-0-RT_Update_5-debugsource-2-1.1 * kernel-livepatch-6_4_0-25-rt-2-1.1 ## References: * https://www.suse.com/security/cve/CVE-2024-57882.html * https://bugzilla.suse.com/show_bug.cgi?id=1235916 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 16:35:28 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 16:35:28 -0000 Subject: SUSE-SU-2025:20341-1: moderate: Security update for kernel-livepatch-MICRO-6-0-RT_Update_4 Message-ID: <174853652843.5267.11786497925426381916@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0-RT_Update_4 Announcement ID: SUSE-SU-2025:20341-1 Release Date: May 22, 2025, 1:03 p.m. Rating: moderate References: * bsc#1235008 * bsc#1235218 * bsc#1235431 * bsc#1235916 Cross-References: * CVE-2024-53237 * CVE-2024-56600 * CVE-2024-56650 * CVE-2024-57882 CVSS scores: * CVE-2024-53237 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53237 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53237 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53237 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56600 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56600 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56600 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56600 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56650 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56650 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56650 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-57882 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57882 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-57882 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves four vulnerabilities can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0-RT_Update_4 fixes the following issues: * CVE-2024-53237: Bluetooth: fix use-after-free in device_for_each_child() (bsc#1235008) * CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check() (bsc#1235431) * CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in inet6_create() (CVE-2024-56600) * CVE-2024-57882: mptcp: fix TCP options overflow. (bsc#1235916) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-26=1 ## Package List: * SUSE Linux Micro 6.0 (x86_64) * kernel-livepatch-MICRO-6-0-RT_Update_4-debugsource-2-1.1 * kernel-livepatch-6_4_0-22-rt-debuginfo-2-1.1 * kernel-livepatch-6_4_0-22-rt-2-1.1 ## References: * https://www.suse.com/security/cve/CVE-2024-53237.html * https://www.suse.com/security/cve/CVE-2024-56600.html * https://www.suse.com/security/cve/CVE-2024-56650.html * https://www.suse.com/security/cve/CVE-2024-57882.html * https://bugzilla.suse.com/show_bug.cgi?id=1235008 * https://bugzilla.suse.com/show_bug.cgi?id=1235218 * https://bugzilla.suse.com/show_bug.cgi?id=1235431 * https://bugzilla.suse.com/show_bug.cgi?id=1235916 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 16:35:32 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 16:35:32 -0000 Subject: SUSE-SU-2025:20340-1: moderate: Security update for kernel-livepatch-MICRO-6-0-RT_Update_3 Message-ID: <174853653282.5267.10408194596343824943@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0-RT_Update_3 Announcement ID: SUSE-SU-2025:20340-1 Release Date: May 22, 2025, 1:03 p.m. Rating: moderate References: * bsc#1233019 * bsc#1233678 * bsc#1234847 Cross-References: * CVE-2024-50115 * CVE-2024-53042 * CVE-2024-53156 CVSS scores: * CVE-2024-50115 ( SUSE ): 4.5 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H * CVE-2024-50115 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:H * CVE-2024-50115 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53042 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53042 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53156 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53156 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53156 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves three vulnerabilities can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0-RT_Update_3 fixes the following issues: * CVE-2024-53042: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow() (bsc#1233678) * CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234847) * CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1233019) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-25=1 ## Package List: * SUSE Linux Micro 6.0 (x86_64) * kernel-livepatch-6_4_0-11-rt-debuginfo-5-1.2 * kernel-livepatch-6_4_0-11-rt-5-1.2 * kernel-livepatch-MICRO-6-0-RT_Update_3-debugsource-5-1.2 ## References: * https://www.suse.com/security/cve/CVE-2024-50115.html * https://www.suse.com/security/cve/CVE-2024-53042.html * https://www.suse.com/security/cve/CVE-2024-53156.html * https://bugzilla.suse.com/show_bug.cgi?id=1233019 * https://bugzilla.suse.com/show_bug.cgi?id=1233678 * https://bugzilla.suse.com/show_bug.cgi?id=1234847 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 16:35:36 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 16:35:36 -0000 Subject: SUSE-SU-2025:20339-1: moderate: Security update for kernel-livepatch-MICRO-6-0-RT_Update_2 Message-ID: <174853653613.5267.2417865565166686098@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0-RT_Update_2 Announcement ID: SUSE-SU-2025:20339-1 Release Date: May 22, 2025, 1:03 p.m. Rating: moderate References: * bsc#1233019 * bsc#1233678 * bsc#1234847 Cross-References: * CVE-2024-50115 * CVE-2024-53042 * CVE-2024-53156 CVSS scores: * CVE-2024-50115 ( SUSE ): 4.5 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H * CVE-2024-50115 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:H * CVE-2024-50115 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53042 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53042 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53156 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53156 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53156 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves three vulnerabilities can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0-RT_Update_2 fixes the following issues: * CVE-2024-53042: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow() (bsc#1233678) * CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234847) * CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1233019) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-24=1 ## Package List: * SUSE Linux Micro 6.0 (x86_64) * kernel-livepatch-6_4_0-10-rt-5-1.1 * kernel-livepatch-6_4_0-10-rt-debuginfo-5-1.1 * kernel-livepatch-MICRO-6-0-RT_Update_2-debugsource-5-1.1 ## References: * https://www.suse.com/security/cve/CVE-2024-50115.html * https://www.suse.com/security/cve/CVE-2024-53042.html * https://www.suse.com/security/cve/CVE-2024-53156.html * https://bugzilla.suse.com/show_bug.cgi?id=1233019 * https://bugzilla.suse.com/show_bug.cgi?id=1233678 * https://bugzilla.suse.com/show_bug.cgi?id=1234847 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 16:35:41 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 16:35:41 -0000 Subject: SUSE-RU-2025:20338-1: moderate: Recommended update for python-M2Crypto Message-ID: <174853654117.5267.8214540828655891494@smelt2.prg2.suse.org> # Recommended update for python-M2Crypto Announcement ID: SUSE-RU-2025:20338-1 Release Date: May 22, 2025, 7:42 a.m. Rating: moderate References: * bsc#1205042 * bsc#1217782 * bsc#1231589 * bsc#1236664 Affected Products: * SUSE Linux Micro 6.0 An update that has four fixes can now be installed. ## Description: This update for python-M2Crypto fixes the following issues: Update to 0.44.0: - fix(rsa): introduce internal cache for rsa.check_key() (bsc#1236664, srht#mcepl/m2crypto#369) - fix[authcookie]: modernize the module - fix(_lib): add missing #include for windows - ci: relax fedora crypto policy to legacy. - enhance setup.py for macos compatibility - prefer packaging.version over distutils.version - fix segfault with openssl 3.4.0 - fix[ec]: raise ioerror instead when load_key_bio() cannot read the file. - doc: update installation instructions for windows. - fix setting x509.verify_* variables - fix building against openssl in non-standard location - test_x509: use only x509_version_1 (0) as version for csr. Update to 0.43.0: * feat[m2]: add m2.time_t_bits to checking for 32bitness. * fix[tests]: Use only X509_VERSION_1 (0) as version for CSR. * fix[EC]: raise ValueError when load_key_bio() cannot read the file (bsc#1231589). * ci: use -mpip wheel instead of -mbuild * fix: use PyMem_Malloc() instead of malloc() * fix[hints]: more work on conversion of type hints to the py3k ones * fix: make the package build even on Python 3.6 * ci[local]: skip freezing local tests * fix[hints]: remove AnyStr type * test: add suggested test for RSA.{get,set}_ex_data * fix: implement interfaces for RSA_{get,set} _ex_new_ * fix: generate src/SWIG/x509_v_flag.h to overcome weaknesses of swig * fix: replace literal enumeration of all VERIFY_ constants by a cycle * test: unify various test cases in test_ssl related to ftpslib * fix: replace deprecated url keyword in setup.cfg with complete project_urls map Update 0.42.0: * allow ASN1_{Integer,String} be initialized directly * minimal infrastructure for type hints for a C extension and some type hints for some basic modules * time_t on 32bit Linux is 32bit (integer) not 64bit (long) * EOS for CentOS 7 * correct checking for OpenSSL version number on Windows * make compatible with Python 3.13 (replace PyEval_CallObject with PyObject_CallObject) * fix typo in extern function signature (and proper type of engine_ctrl_cmd_string()) * move the package to Sorucehut * setup CI to use Sourcehut CI * setup CI on GitLab for Windows as well (remove Appveyor) * initial draft of documentation for migration to pyca/cryptography * fix Read the Docs configuration (contributed kindly by Facundo Tuesca) Update to 0.40.0: * BREAKING CHANGES: * There are no SWIG generated files (src/SWIG/_m2crytpo_wrap.c) included anymore, so swig must be installed, no exceptions! Also, for compatibility with Python 3.12+, swig 4.0+ is required. * All support for asyncore has been removed, as it has been removed in Python 3.12 as well (which means also removal of contrib/dispatcher.py, M2Crypto/SSL/ssl_dispatcher.py, ZServerSSL). * All use of distutils (including the bundled ones in setuptools) has been removed, so `setup.py clean` is no more. * Excessively complicated and error-prone __init__py has been cleaned and `import M2Crypto` doesn?t include everything anymore. Imports should specified as for example with `from M2Crypto import foo`. * ASN1_Time handling has been mostly rewritten and it almost works even on Windows. * All tests in Gitlab CI (with exceptions of some skipped tests especially on Windows) are now green, tests of Python 2.7 on CentOS 7 have been included. * Introduce m2.err_clear_error() * Make X509_verify_cert() accessible as m2.x509_verify_cert ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-334=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * python-M2Crypto-debugsource-0.44.0-1.1 * python311-M2Crypto-debuginfo-0.44.0-1.1 * python311-M2Crypto-0.44.0-1.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1205042 * https://bugzilla.suse.com/show_bug.cgi?id=1217782 * https://bugzilla.suse.com/show_bug.cgi?id=1231589 * https://bugzilla.suse.com/show_bug.cgi?id=1236664 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 16:35:44 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 16:35:44 -0000 Subject: SUSE-RU-2025:20337-1: moderate: Recommended update for supportutils Message-ID: <174853654448.5267.8712816416307004690@smelt2.prg2.suse.org> # Recommended update for supportutils Announcement ID: SUSE-RU-2025:20337-1 Release Date: May 22, 2025, 7:36 a.m. Rating: moderate References: * bsc#1222650 * bsc#1230371 * bsc#1231838 Affected Products: * SUSE Linux Micro 6.0 An update that has three fixes can now be installed. ## Description: This update for supportutils fixes the following issues: Changes to version 3.2.10: * network.txt collect all firewalld zones (pr#233) * Collects gfs2 info (PED-11853, pr#235, pr#236) * Ignore tasks/threads to prevent collecting duplicate fd data in open_files (bsc#1230371, pr#237) * Added openldap2_5 support for SLES (pr#238) * Collects additional hawk details (pr#239) * Optimized filtering D/Z processes (pr#241) * Collect firewalld permanent configuration (pr#243) * ldap_info: support for multiple DBs and sanitize olcRootPW (bsc#1231838, pr#247) * Added dbus_info for dbus.txt (bsc#1222650, pr#248) Changes to version 3.2.10: * network.txt collect all firewalld zones (pr#233) * Collects gfs2 info (PED-11853, pr#235, pr#236) * Ignore tasks/threads to prevent collecting duplicate fd data in open_files (bsc#1230371, pr#237) * Added openldap2_5 support for SLES (pr#238) * Collects additional hawk details (pr#239) * Optimized filtering D/Z processes (pr#241) * Collect firewalld permanent configuration (pr#243) * ldap_info: support for multiple DBs and sanitize olcRootPW (bsc#1231838, pr#247) * Added dbus_info for dbus.txt (bsc#1222650, pr#248) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-333=1 ## Package List: * SUSE Linux Micro 6.0 (noarch) * supportutils-3.2.10-1.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1222650 * https://bugzilla.suse.com/show_bug.cgi?id=1230371 * https://bugzilla.suse.com/show_bug.cgi?id=1231838 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 16:35:50 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 16:35:50 -0000 Subject: SUSE-SU-2025:20336-1: moderate: Security update for ca-certificates-mozilla Message-ID: <174853655047.5267.7807850896915920171@smelt2.prg2.suse.org> # Security update for ca-certificates-mozilla Announcement ID: SUSE-SU-2025:20336-1 Release Date: May 21, 2025, 3:38 p.m. Rating: moderate References: * bsc#1010996 * bsc#1199079 * bsc#1229003 * bsc#1234798 * bsc#1240009 * bsc#1240343 * bsc#441356 Affected Products: * SUSE Linux Micro 6.0 An update that has seven fixes can now be installed. ## Description: This update for ca-certificates-mozilla fixes the following issues: * test for a concretely missing certificate rather than just the directory, as the latter is now also provided by openssl-3 * Re-create java-cacerts with SOURCE_DATE_EPOCH set for reproducible builds (bsc#1229003) * explicit remove distrusted certs, as the distrust does not get exported correctly and the SSL certs are still trusted. (bsc#1240343) * Entrust.net Premium 2048 Secure Server CA * Entrust Root Certification Authority * AffirmTrust Commercial * AffirmTrust Networking * AffirmTrust Premium * AffirmTrust Premium ECC * Entrust Root Certification Authority - G2 * Entrust Root Certification Authority - EC1 * GlobalSign Root E46 * GLOBALTRUST 2020 * pass file argument to awk (bsc#1240009) * update to 2.74 state of Mozilla SSL root CAs: Removed: * SwissSign Silver CA - G2 Added: * D-TRUST BR Root CA 2 2023 * D-TRUST EV Root CA 2 2023 * remove extensive signature printing in comments of the cert bundle * Define two macros to break a build cycle with p11-kit. * Updated to 2.72 state of Mozilla SSL root CAs (bsc#1234798) Removed: * SecureSign RootCA11 * Security Communication RootCA3 Added: * TWCA CYBER Root CA * TWCA Global Root CA G2 * SecureSign Root CA12 * SecureSign Root CA14 * SecureSign Root CA15 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-331=1 ## Package List: * SUSE Linux Micro 6.0 (noarch) * ca-certificates-mozilla-2.74-1.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1010996 * https://bugzilla.suse.com/show_bug.cgi?id=1199079 * https://bugzilla.suse.com/show_bug.cgi?id=1229003 * https://bugzilla.suse.com/show_bug.cgi?id=1234798 * https://bugzilla.suse.com/show_bug.cgi?id=1240009 * https://bugzilla.suse.com/show_bug.cgi?id=1240343 * https://bugzilla.suse.com/show_bug.cgi?id=441356 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 16:35:55 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 16:35:55 -0000 Subject: SUSE-SU-2025:20335-1: moderate: Security update for runc Message-ID: <174853655504.5267.10837720868909221605@smelt2.prg2.suse.org> # Security update for runc Announcement ID: SUSE-SU-2025:20335-1 Release Date: May 21, 2025, 3:36 p.m. Rating: moderate References: * bsc#1214960 * bsc#1230092 Cross-References: * CVE-2024-45310 CVSS scores: * CVE-2024-45310 ( SUSE ): 3.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N * CVE-2024-45310 ( NVD ): 3.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N Affected Products: * SUSE Linux Micro 6.0 An update that solves one vulnerability and has one fix can now be installed. ## Description: This update for runc fixes the following issues: * Update to runc v1.2.6. Upstream changelog is available from https://github.com/opencontainers/runc/releases/tag/v1.2.6 * CVE-2024-45310: Fixed runc can be tricked into creating empty files/directories on host (bsc#1230092) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-332=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * runc-1.2.6-1.1 * runc-debuginfo-1.2.6-1.1 ## References: * https://www.suse.com/security/cve/CVE-2024-45310.html * https://bugzilla.suse.com/show_bug.cgi?id=1214960 * https://bugzilla.suse.com/show_bug.cgi?id=1230092 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 16:35:57 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 16:35:57 -0000 Subject: SUSE-SU-2025:20334-1: important: Security update for perl Message-ID: <174853655739.5267.12720004221682251297@smelt2.prg2.suse.org> # Security update for perl Announcement ID: SUSE-SU-2025:20334-1 Release Date: May 21, 2025, 3:36 p.m. Rating: important References: * bsc#1241083 Cross-References: * CVE-2024-56406 CVSS scores: * CVE-2024-56406 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56406 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56406 ( NVD ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves one vulnerability can now be installed. ## Description: This update for perl fixes the following issues: * CVE-2024-56406: Fixed heap buffer overflow with tr// [bsc#1241083] ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-330=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * perl-base-5.38.2-2.1 * perl-debugsource-5.38.2-2.1 * perl-debuginfo-5.38.2-2.1 * perl-5.38.2-2.1 * perl-base-debuginfo-5.38.2-2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-56406.html * https://bugzilla.suse.com/show_bug.cgi?id=1241083 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 16:36:00 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 16:36:00 -0000 Subject: SUSE-SU-2025:20333-1: moderate: Security update for libxml2 Message-ID: <174853656022.5267.4511324667335379406@smelt2.prg2.suse.org> # Security update for libxml2 Announcement ID: SUSE-SU-2025:20333-1 Release Date: May 21, 2025, 11:23 a.m. Rating: moderate References: * bsc#1241453 * bsc#1241551 Cross-References: * CVE-2025-32414 * CVE-2025-32415 CVSS scores: * CVE-2025-32414 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L * CVE-2025-32414 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L * CVE-2025-32414 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32414 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L * CVE-2025-32415 ( SUSE ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-32415 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-32415 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves two vulnerabilities can now be installed. ## Description: This update for libxml2 fixes the following issues: * CVE-2025-32414: Fixed out-of-bounds read when parsing text via the Python API (bsc#1241551) * CVE-2025-32415: Fixed a crafted XML document may lead to a heap-based buffer under-read (bsc#1241453) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-329=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * libxml2-debugsource-2.11.6-8.1 * libxml2-tools-2.11.6-8.1 * libxml2-2-debuginfo-2.11.6-8.1 * libxml2-2-2.11.6-8.1 * libxml2-tools-debuginfo-2.11.6-8.1 ## References: * https://www.suse.com/security/cve/CVE-2025-32414.html * https://www.suse.com/security/cve/CVE-2025-32415.html * https://bugzilla.suse.com/show_bug.cgi?id=1241453 * https://bugzilla.suse.com/show_bug.cgi?id=1241551 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 16:36:03 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 16:36:03 -0000 Subject: SUSE-SU-2025:20332-1: critical: Security update for glibc Message-ID: <174853656365.5267.9242540458961257551@smelt2.prg2.suse.org> # Security update for glibc Announcement ID: SUSE-SU-2025:20332-1 Release Date: May 21, 2025, 11:06 a.m. Rating: critical References: * bsc#1234128 * bsc#1239883 * bsc#1243317 Cross-References: * CVE-2025-4802 CVSS scores: * CVE-2025-4802 ( SUSE ): 9.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2025-4802 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-4802 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves one vulnerability and has two fixes can now be installed. ## Description: This update for glibc fixes the following issues: * CVE-2025-4802: Fixed local root exploits when using static built setuid root applications. (elf: Ignore LD_LIBRARY_PATH and debug env var for setuid for static) (bsc#1243317) * pthreads NPTL: lost wakeup fix 2 (bsc#1234128, BZ #25847) * Mark functions in libc_nonshared.a as hidden (bsc#1239883) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-328=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * glibc-locale-2.38-9.1 * glibc-2.38-9.1 * glibc-locale-base-debuginfo-2.38-9.1 * glibc-locale-base-2.38-9.1 * glibc-devel-debuginfo-2.38-9.1 * glibc-debugsource-2.38-9.1 * glibc-devel-2.38-9.1 * glibc-debuginfo-2.38-9.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4802.html * https://bugzilla.suse.com/show_bug.cgi?id=1234128 * https://bugzilla.suse.com/show_bug.cgi?id=1239883 * https://bugzilla.suse.com/show_bug.cgi?id=1243317 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 16:36:05 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 16:36:05 -0000 Subject: SUSE-SU-2025:20331-1: critical: Security update for python-httpcore, python-h11 Message-ID: <174853656577.5267.3100805005376940600@smelt2.prg2.suse.org> # Security update for python-httpcore, python-h11 Announcement ID: SUSE-SU-2025:20331-1 Release Date: May 20, 2025, 8:51 a.m. Rating: critical References: * bsc#1241872 Cross-References: * CVE-2025-43859 CVSS scores: * CVE-2025-43859 ( SUSE ): 9.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-43859 ( SUSE ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2025-43859 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N Affected Products: * SUSE Linux Micro 6.0 An update that solves one vulnerability can now be installed. ## Description: This update for python-httpcore, python-h11 fixes the following issues: python-h11: \- Update 0.16.0: * CVE-2025-43859: Fixed accepting of malformed Chunked-Encoding bodies (bsc#1241872) \- 0.15.0: * Reject Content-Lengths >= 1 zettabyte (1 billion terabytes) early, without attempting to parse the integer (#181) python-httpcore: \- CVE-2025-43859: Fixed accepting of malformed Chunked- Encoding bodies (bsc#1241872) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-327=1 ## Package List: * SUSE Linux Micro 6.0 (noarch) * python311-h11-0.16.0-1.1 * python311-httpcore-0.16.3-7.1 ## References: * https://www.suse.com/security/cve/CVE-2025-43859.html * https://bugzilla.suse.com/show_bug.cgi?id=1241872 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 20:30:04 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 20:30:04 -0000 Subject: SUSE-RU-2025:01581-1: moderate: Recommended update for python-google-cloud-compute Message-ID: <174855060480.5286.2404594983747944722@smelt2.prg2.suse.org> # Recommended update for python-google-cloud-compute Announcement ID: SUSE-RU-2025:01581-1 Release Date: 2025-05-29T18:12:09Z Rating: moderate References: * bsc#1241310 Affected Products: * Public Cloud Module 15-SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that has one fix can now be installed. ## Description: This update for python-google-cloud-compute fixes the following issues: * Update to 1.29.0 * Update Compute Engine API to revision 20250320 * Update to 1.28.0 * Update Compute Engine API to revision 20250302 * Update to 1.27.0 * Allow Protobuf 6.x * remove setup.cfg configuration for creating universal wheels * Update to 1.26.0 * Update Compute Engine API to revision 20250211 * Update to 1.25.0 * Add REST Interceptors which support reading metadata * Add support for reading selective GAPIC generation methods from service YAML * Update to 1.24.0 * Update Compute Engine API to revision 20250107 * Update to 1.23.0 * Update Compute Engine API to revision 20241201 * Add support for opt-in debug logging * Fix typing issue with gRPC metadata when key ends in -bin * Update to 1.22.0 * Update Compute Engine API to revision 20241105 * Update to 1.21.0 (bsc#1241310) * Update Compute Engine API to revision 20241015 * Update to 1.20.1 * disable universe-domain validation * Update to 1.20.0 * Add support for Python 3.13 * Update to 1.19.2 * Retry and timeout values do not propagate in requests during pagination * Update to 1.19.1 * Allow protobuf 5.x * Update to 1.19.0 * Update Compute Engine API to revision 20240430 * update to 1.18: * Update Compute Engine API to revision 20240220 * Add google-auth as a direct dependency * Add staticmethod decorator to _get_client_cert_source and _get_api_endpoint * Resolve AttributeError 'Credentials' object has no attribute 'universe_domain' * Allow users to explicitly configure universe domain ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Public Cloud Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP7-2025-1581=1 ## Package List: * Public Cloud Module 15-SP7 (noarch) * python311-google-cloud-compute-1.29.0-150400.9.6.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1241310 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 20:30:08 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 20:30:08 -0000 Subject: SUSE-SU-2025:01761-1: important: Security update for slurm_24_11 Message-ID: <174855060872.5286.16080046528953752498@smelt2.prg2.suse.org> # Security update for slurm_24_11 Announcement ID: SUSE-SU-2025:01761-1 Release Date: 2025-05-29T16:08:50Z Rating: important References: * bsc#1243666 Cross-References: * CVE-2025-43904 CVSS scores: * CVE-2025-43904 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-43904 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * HPC Module 15-SP6 * openSUSE Leap 15.3 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for slurm_24_11 fixes the following issues: Update to version 24.11.5. Security issues fixed: * CVE-2025-43904: an issue with permission handling for Coordinators within the accounting system allowed Coordinators to promote a user to Administrator (bsc#1243666). Other changes and issues fixed: * Changes from version 24.11.5 * Return error to `scontrol` reboot on bad nodelists. * `slurmrestd` \- Report an error when QOS resolution fails for v0.0.40 endpoints. * `slurmrestd` \- Report an error when QOS resolution fails for v0.0.41 endpoints. * `slurmrestd` \- Report an error when QOS resolution fails for v0.0.42 endpoints. * `data_parser/v0.0.42` \- Added `+inline_enums` flag which modifies the output when generating OpenAPI specification. It causes enum arrays to not be defined in their own schema with references (`$ref`) to them. Instead they will be dumped inline. * Fix binding error with `tres-bind map/mask` on partial node allocations. * Fix `stepmgr` enabled steps being able to request features. * Reject step creation if requested feature is not available in job. * `slurmd` \- Restrict listening for new incoming RPC requests further into startup. * `slurmd` \- Avoid `auth/slurm` related hangs of CLI commands during startup and shutdown. * `slurmctld` \- Restrict processing new incoming RPC requests further into startup. Stop processing requests sooner during shutdown. * `slurmcltd` \- Avoid auth/slurm related hangs of CLI commands during startup and shutdown. * `slurmctld` \- Avoid race condition during shutdown or ereconfigure that could result in a crash due delayed processing of a connection while plugins are unloaded. * Fix small memleak when getting the job list from the database. * Fix incorrect printing of `%` escape characters when printing stdio fields for jobs. * Fix padding parsing when printing stdio fields for jobs. * Fix printing `%A` array job id when expanding patterns. * Fix reservations causing jobs to be held for `Bad Constraints`. * `switch/hpe_slingshot` \- Prevent potential segfault on failed curl request to the fabric manager. * Fix printing incorrect array job id when expanding stdio file names. The `%A` will now be substituted by the correct value. * Fix printing incorrect array job id when expanding stdio file names. The `%A` will now be substituted by the correct value. * `switch/hpe_slingshot` \- Fix VNI range not updating on slurmctld restart or reconfigre. * Fix steps not being created when using certain combinations of `-c` and `-n` inferior to the jobs requested resources, when using stepmgr and nodes are configured with `CPUs == Sockets*CoresPerSocket`. * Permit configuring the number of retry attempts to destroy CXI service via the new destroy_retries `SwitchParameter`. * Do not reset `memory.high` and `memory.swap.max` in slurmd startup or reconfigure as we are never really touching this in `slurmd`. * Fix reconfigure failure of slurmd when it has been started manually and the `CoreSpecLimits` have been removed from `slurm.conf`. * Set or reset CoreSpec limits when slurmd is reconfigured and it was started with systemd. * `switch/hpe-slingshot` \- Make sure the slurmctld can free step VNIs after the controller restarts or reconfigures while the job is running. * Fix backup `slurmctld` failure on 2nd takeover. * Changes from version 24.11.4 * `slurmctld`,`slurmrestd` \- Avoid possible race condition that could have caused process to crash when listener socket was closed while accepting a new connection. * `slurmrestd` \- Avoid race condition that could have resulted in address logged for a UNIX socket to be incorrect. * `slurmrestd` \- Fix parameters in OpenAPI specification for the following endpoints to have `job_id` field: `GET /slurm/v0.0.40/jobs/state/ GET /slurm/v0.0.41/jobs/state/ GET /slurm/v0.0.42/jobs/state/ GET /slurm/v0.0.43/jobs/state/` * `slurmd` \- Fix tracking of thread counts that could cause incoming connections to be ignored after burst of simultaneous incoming connections that trigger delayed response logic. * Avoid unnecessary `SRUN_TIMEOUT` forwarding to `stepmgr`. * Fix jobs being scheduled on higher weighted powered down nodes. * Fix how backfill scheduler filters nodes from the available nodes based on exclusive user and `mcs_label` requirements. * `acct_gather_energy/{gpu,ipmi}` \- Fix potential energy consumption adjustment calculation underflow. * `acct_gather_energy/ipmi` \- Fix regression introduced in 24.05.5 (which introduced the new way of preserving energy measurements through slurmd restarts) when `EnergyIPMICalcAdjustment=yes`. * Prevent `slurmctld` deadlock in the assoc mgr. * Fix memory leak when `RestrictedCoresPerGPU` is enabled. * Fix preemptor jobs not entering execution due to wrong calculation of accounting policy limits. * Fix certain job requests that were incorrectly denied with node configuration unavailable error. * `slurmd` \- Avoid crash due when slurmd has a communications failure with `slurmstepd`. * Fix memory leak when parsing yaml input. * Prevent `slurmctld` from showing error message about `PreemptMode=GANG` being a cluster-wide option for `scontrol update part` calls that don't attempt to modify partition PreemptMode. * Fix setting `GANG` preemption on partition when updating `PreemptMode` with `scontrol`. * Fix `CoreSpec` and `MemSpec` limits not being removed from previously configured slurmd. * Avoid race condition that could lead to a deadlock when `slurmd`, `slurmstepd`, `slurmctld`, `slurmrestd` or `sackd` have a fatal event. * Fix jobs using `--ntasks-per-node` and `--mem` keep pending forever when the requested mem divided by the number of CPUs will surpass the configured `MaxMemPerCPU`. * `slurmd` \- Fix address logged upon new incoming RPC connection from `INVALID` to IP address. * Fix memory leak when retrieving reservations. This affects `scontrol`, `sinfo`, `sview`, and the following `slurmrestd` endpoints: `GET /slurm/{any_data_parser}/reservation/{reservation_name}` `GET /slurm/{any_data_parser}/reservations` * Log warning instead of `debuflags=conmgr` gated log when deferring new incoming connections when number of active connections exceed `conmgr_max_connections`. * Avoid race condition that could result in worker thread pool not activating all threads at once after a reconfigure resulting in lower utilization of available CPU threads until enough internal activity wakes up all threads in the worker pool. * Avoid theoretical race condition that could result in new incoming RPC socket connections being ignored after reconfigure. * slurmd - Avoid race condition that could result in a state where new incoming RPC connections will always be ignored. * Add ReconfigFlags=KeepNodeStateFuture to restore saved `FUTURE` node state on restart and reconfig instead of reverting to `FUTURE` state. This will be made the default in 25.05. * Fix case where hetjob submit would cause `slurmctld` to crash. * Fix jobs using `--cpus-per-gpu` and `--mem` keep pending forever when the requested mem divided by the number of CPUs will surpass the configured `MaxMemPerCPU`. * Enforce that jobs using `--mem` and several `--*-per-*` options do not violate the `MaxMemPerCPU` in place. * `slurmctld` \- Fix use-cases of jobs incorrectly pending held when `--prefer` features are not initially satisfied. * `slurmctld` \- Fix jobs incorrectly held when `--prefer` not satisfied in some use-cases. * Ensure `RestrictedCoresPerGPU` and `CoreSpecCount` don't overlap. * Changes from version 24.11.3 * Fix database cluster ID generation not being random. * Fix a regression in which `slurmd -G` gave no output. * Fix a long-standing crash in `slurmctld` after updating a reservation with an empty nodelist. The crash could occur after restarting slurmctld, or if downing/draining a node in the reservation with the `REPLACE` or `REPLACE_DOWN` flag. * Avoid changing process name to "`watch`" from original daemon name. This could potentially breaking some monitoring scripts. * Avoid `slurmctld` being killed by `SIGALRM` due to race condition at startup. * Fix race condition in slurmrestd that resulted in "`Requested data_parser plugin does not support OpenAPI plugin`" error being returned for valid endpoints. * Fix race between `task/cgroup` CPUset and `jobacctgather/cgroup`. The first was removing the pid from `task_X` cgroup directory causing memory limits to not being applied. * If multiple partitions are requested, set the `SLURM_JOB_PARTITION` output environment variable to the partition in which the job is running for `salloc` and `srun` in order to match the documentation and the behavior of `sbatch`. * `srun` \- Fixed wrongly constructed `SLURM_CPU_BIND` env variable that could get propagated to downward srun calls in certain mpi environments, causing launch failures. * Don't print misleading errors for stepmgr enabled steps. * `slurmrestd` \- Avoid connection to slurmdbd for the following endpoints: `GET /slurm/v0.0.41/jobs GET /slurm/v0.0.41/job/{job_id}` * `slurmrestd` \- Avoid connection to slurmdbd for the following endpoints: `GET /slurm/v0.0.40/jobs GET /slurm/v0.0.40/job/{job_id}` * `slurmrestd` \- Fix possible memory leak when parsing arrays with `data_parser/v0.0.40`. * `slurmrestd` \- Fix possible memory leak when parsing arrays with `data_parser/v0.0.41`. * `slurmrestd` \- Fix possible memory leak when parsing arrays with `data_parser/v0.0.42`. * Changes from version 24.11.2 * Fix segfault when submitting `--test-only` jobs that can preempt. * Fix regression introduced in 23.11 that prevented the following flags from being added to a reservation on an update: `DAILY`, `HOURLY`, `WEEKLY`, `WEEKDAY`, and `WEEKEND`. * Fix crash and issues evaluating job's suitability for running in nodes with already suspended job(s) there. * `slurmctld` will ensure that healthy nodes are not reported as `UnavailableNodes` in job reason codes. * Fix handling of jobs submitted to a current reservation with flags `OVERLAP,FLEX` or `OVERLAP,ANY_NODES` when it overlaps nodes with a future maintenance reservation. When a job submission had a time limit that overlapped with the future maintenance reservation, it was rejected. Now the job is accepted but stays pending with the reason "`ReqNodeNotAvail, Reserved for maintenance`". * `pam_slurm_adopt` \- avoid errors when explicitly setting some arguments to the default value. * Fix QOS preemption with `PreemptMode=SUSPEND`. * `slurmdbd` \- When changing a user's name update lineage at the same time. * Fix regression in 24.11 in which `burst_buffer.lua` does not inherit the `SLURM_CONF` environment variable from `slurmctld` and fails to run if slurm.conf is in a non-standard location. * Fix memory leak in slurmctld if `select/linear` and the `PreemptParameters=reclaim_licenses` options are both set in `slurm.conf`. Regression in 24.11.1. * Fix running jobs, that requested multiple partitions, from potentially being set to the wrong partition on restart. * `switch/hpe_slingshot` \- Fix compatibility with newer cxi drivers, specifically when specifying `disable_rdzv_get`. * Add `ABORT_ON_FATAL` environment variable to capture a backtrace from any `fatal()` message. * Fix printing invalid address in rate limiting log statement. * `sched/backfill` \- Fix node state `PLANNED` not being cleared from fully allocated nodes during a backfill cycle. * `select/cons_tres` \- Fix future planning of jobs with `bf_licenses`. * Prevent redundant "`on_data returned rc: Rate limit exceeded, please retry momentarily`" error message from being printed in slurmctld logs. * Fix loading non-default QOS on pending jobs from pre-24.11 state. * Fix pending jobs displaying `QOS=(null)` when not explicitly requesting a QOS. * Fix segfault issue from job record with no `job_resrcs`. * Fix failing `sacctmgr delete/modify/show` account operations with `where` clauses. * Fix regression in 24.11 in which Slurm daemons started catching several `SIGTSTP`, `SIGTTIN` and `SIGUSR1` signals and ignored them, while before they were not ignoring them. This also caused slurmctld to not being able to shutdown after a `SIGTSTP` because slurmscriptd caught the signal and stopped while slurmctld ignored it. Unify and fix these situations and get back to the previous behavior for these signals. * Document that `SIGQUIT` is no longer ignored by `slurmctld`, `slurmdbd`, and slurmd in 24.11. As of 24.11.0rc1, `SIGQUIT` is identical to `SIGINT` and `SIGTERM` for these daemons, but this change was not documented. * Fix not considering nodes marked for reboot without ASAP in the scheduler. * Remove the `boot^` state on unexpected node reboot after return to service. * Do not allow new jobs to start on a node which is being rebooted with the flag `nextstate=resume`. * Prevent lower priority job running after cancelling an ASAP reboot. * Fix srun jobs starting on `nextstate=resume` rebooting nodes. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1761=1 * HPC Module 15-SP6 zypper in -t patch SUSE-SLE-Module-HPC-15-SP6-2025-1761=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1761=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1761=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1761=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1761=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1761=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-1761=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * slurm_24_11-plugins-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-node-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-hdf5-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-node-24.11.5-150300.7.8.1 * slurm_24_11-24.11.5-150300.7.8.1 * slurm_24_11-plugins-24.11.5-150300.7.8.1 * slurm_24_11-slurmdbd-24.11.5-150300.7.8.1 * libnss_slurm2_24_11-24.11.5-150300.7.8.1 * slurm_24_11-sql-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-lua-debuginfo-24.11.5-150300.7.8.1 * libpmi0_24_11-24.11.5-150300.7.8.1 * slurm_24_11-munge-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-sql-24.11.5-150300.7.8.1 * slurm_24_11-hdf5-24.11.5-150300.7.8.1 * slurm_24_11-auth-none-debuginfo-24.11.5-150300.7.8.1 * libslurm42-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-cray-24.11.5-150300.7.8.1 * slurm_24_11-lua-24.11.5-150300.7.8.1 * slurm_24_11-pam_slurm-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-auth-none-24.11.5-150300.7.8.1 * slurm_24_11-torque-debuginfo-24.11.5-150300.7.8.1 * perl-slurm_24_11-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-devel-24.11.5-150300.7.8.1 * slurm_24_11-rest-24.11.5-150300.7.8.1 * slurm_24_11-torque-24.11.5-150300.7.8.1 * slurm_24_11-sview-24.11.5-150300.7.8.1 * slurm_24_11-sview-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-pam_slurm-24.11.5-150300.7.8.1 * slurm_24_11-debugsource-24.11.5-150300.7.8.1 * slurm_24_11-testsuite-24.11.5-150300.7.8.1 * libslurm42-24.11.5-150300.7.8.1 * slurm_24_11-cray-debuginfo-24.11.5-150300.7.8.1 * libpmi0_24_11-debuginfo-24.11.5-150300.7.8.1 * libnss_slurm2_24_11-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-rest-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-slurmdbd-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-munge-24.11.5-150300.7.8.1 * perl-slurm_24_11-24.11.5-150300.7.8.1 * openSUSE Leap 15.6 (noarch) * slurm_24_11-seff-24.11.5-150300.7.8.1 * slurm_24_11-sjstat-24.11.5-150300.7.8.1 * slurm_24_11-config-24.11.5-150300.7.8.1 * slurm_24_11-doc-24.11.5-150300.7.8.1 * slurm_24_11-config-man-24.11.5-150300.7.8.1 * slurm_24_11-openlava-24.11.5-150300.7.8.1 * slurm_24_11-webdoc-24.11.5-150300.7.8.1 * HPC Module 15-SP6 (aarch64 x86_64) * slurm_24_11-plugins-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-node-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-hdf5-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-node-24.11.5-150300.7.8.1 * slurm_24_11-24.11.5-150300.7.8.1 * slurm_24_11-plugins-24.11.5-150300.7.8.1 * slurm_24_11-slurmdbd-24.11.5-150300.7.8.1 * libnss_slurm2_24_11-24.11.5-150300.7.8.1 * slurm_24_11-sql-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-munge-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-lua-debuginfo-24.11.5-150300.7.8.1 * libpmi0_24_11-24.11.5-150300.7.8.1 * slurm_24_11-sql-24.11.5-150300.7.8.1 * slurm_24_11-auth-none-debuginfo-24.11.5-150300.7.8.1 * libslurm42-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-cray-24.11.5-150300.7.8.1 * slurm_24_11-lua-24.11.5-150300.7.8.1 * slurm_24_11-pam_slurm-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-auth-none-24.11.5-150300.7.8.1 * slurm_24_11-torque-debuginfo-24.11.5-150300.7.8.1 * perl-slurm_24_11-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-devel-24.11.5-150300.7.8.1 * slurm_24_11-rest-24.11.5-150300.7.8.1 * slurm_24_11-torque-24.11.5-150300.7.8.1 * slurm_24_11-sview-24.11.5-150300.7.8.1 * slurm_24_11-sview-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-pam_slurm-24.11.5-150300.7.8.1 * libslurm42-24.11.5-150300.7.8.1 * libpmi0_24_11-debuginfo-24.11.5-150300.7.8.1 * libnss_slurm2_24_11-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-rest-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-slurmdbd-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-munge-24.11.5-150300.7.8.1 * perl-slurm_24_11-24.11.5-150300.7.8.1 * HPC Module 15-SP6 (noarch) * slurm_24_11-config-man-24.11.5-150300.7.8.1 * slurm_24_11-config-24.11.5-150300.7.8.1 * slurm_24_11-webdoc-24.11.5-150300.7.8.1 * slurm_24_11-doc-24.11.5-150300.7.8.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * slurm_24_11-plugins-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-node-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-hdf5-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-node-24.11.5-150300.7.8.1 * slurm_24_11-24.11.5-150300.7.8.1 * slurm_24_11-plugins-24.11.5-150300.7.8.1 * slurm_24_11-slurmdbd-24.11.5-150300.7.8.1 * libnss_slurm2_24_11-24.11.5-150300.7.8.1 * slurm_24_11-sql-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-munge-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-lua-debuginfo-24.11.5-150300.7.8.1 * libpmi0_24_11-24.11.5-150300.7.8.1 * slurm_24_11-sql-24.11.5-150300.7.8.1 * slurm_24_11-auth-none-debuginfo-24.11.5-150300.7.8.1 * libslurm42-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-cray-24.11.5-150300.7.8.1 * slurm_24_11-lua-24.11.5-150300.7.8.1 * slurm_24_11-pam_slurm-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-auth-none-24.11.5-150300.7.8.1 * slurm_24_11-torque-debuginfo-24.11.5-150300.7.8.1 * perl-slurm_24_11-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-devel-24.11.5-150300.7.8.1 * slurm_24_11-rest-24.11.5-150300.7.8.1 * slurm_24_11-torque-24.11.5-150300.7.8.1 * slurm_24_11-sview-24.11.5-150300.7.8.1 * slurm_24_11-sview-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-pam_slurm-24.11.5-150300.7.8.1 * libslurm42-24.11.5-150300.7.8.1 * libpmi0_24_11-debuginfo-24.11.5-150300.7.8.1 * libnss_slurm2_24_11-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-rest-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-slurmdbd-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-munge-24.11.5-150300.7.8.1 * perl-slurm_24_11-24.11.5-150300.7.8.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * slurm_24_11-config-man-24.11.5-150300.7.8.1 * slurm_24_11-config-24.11.5-150300.7.8.1 * slurm_24_11-webdoc-24.11.5-150300.7.8.1 * slurm_24_11-doc-24.11.5-150300.7.8.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * slurm_24_11-plugins-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-node-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-hdf5-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-node-24.11.5-150300.7.8.1 * slurm_24_11-24.11.5-150300.7.8.1 * slurm_24_11-plugins-24.11.5-150300.7.8.1 * slurm_24_11-slurmdbd-24.11.5-150300.7.8.1 * libnss_slurm2_24_11-24.11.5-150300.7.8.1 * slurm_24_11-sql-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-munge-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-lua-debuginfo-24.11.5-150300.7.8.1 * libpmi0_24_11-24.11.5-150300.7.8.1 * slurm_24_11-sql-24.11.5-150300.7.8.1 * slurm_24_11-auth-none-debuginfo-24.11.5-150300.7.8.1 * libslurm42-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-cray-24.11.5-150300.7.8.1 * slurm_24_11-lua-24.11.5-150300.7.8.1 * slurm_24_11-pam_slurm-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-auth-none-24.11.5-150300.7.8.1 * slurm_24_11-torque-debuginfo-24.11.5-150300.7.8.1 * perl-slurm_24_11-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-devel-24.11.5-150300.7.8.1 * slurm_24_11-rest-24.11.5-150300.7.8.1 * slurm_24_11-torque-24.11.5-150300.7.8.1 * slurm_24_11-sview-24.11.5-150300.7.8.1 * slurm_24_11-sview-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-pam_slurm-24.11.5-150300.7.8.1 * libslurm42-24.11.5-150300.7.8.1 * libpmi0_24_11-debuginfo-24.11.5-150300.7.8.1 * libnss_slurm2_24_11-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-rest-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-slurmdbd-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-munge-24.11.5-150300.7.8.1 * perl-slurm_24_11-24.11.5-150300.7.8.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * slurm_24_11-config-man-24.11.5-150300.7.8.1 * slurm_24_11-config-24.11.5-150300.7.8.1 * slurm_24_11-webdoc-24.11.5-150300.7.8.1 * slurm_24_11-doc-24.11.5-150300.7.8.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * slurm_24_11-plugins-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-node-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-hdf5-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-node-24.11.5-150300.7.8.1 * slurm_24_11-24.11.5-150300.7.8.1 * slurm_24_11-plugins-24.11.5-150300.7.8.1 * slurm_24_11-slurmdbd-24.11.5-150300.7.8.1 * libnss_slurm2_24_11-24.11.5-150300.7.8.1 * slurm_24_11-sql-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-munge-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-lua-debuginfo-24.11.5-150300.7.8.1 * libpmi0_24_11-24.11.5-150300.7.8.1 * slurm_24_11-sql-24.11.5-150300.7.8.1 * slurm_24_11-auth-none-debuginfo-24.11.5-150300.7.8.1 * libslurm42-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-cray-24.11.5-150300.7.8.1 * slurm_24_11-lua-24.11.5-150300.7.8.1 * slurm_24_11-pam_slurm-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-auth-none-24.11.5-150300.7.8.1 * slurm_24_11-torque-debuginfo-24.11.5-150300.7.8.1 * perl-slurm_24_11-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-devel-24.11.5-150300.7.8.1 * slurm_24_11-rest-24.11.5-150300.7.8.1 * slurm_24_11-torque-24.11.5-150300.7.8.1 * slurm_24_11-sview-24.11.5-150300.7.8.1 * slurm_24_11-sview-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-pam_slurm-24.11.5-150300.7.8.1 * libslurm42-24.11.5-150300.7.8.1 * libpmi0_24_11-debuginfo-24.11.5-150300.7.8.1 * libnss_slurm2_24_11-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-rest-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-slurmdbd-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-munge-24.11.5-150300.7.8.1 * perl-slurm_24_11-24.11.5-150300.7.8.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * slurm_24_11-config-man-24.11.5-150300.7.8.1 * slurm_24_11-config-24.11.5-150300.7.8.1 * slurm_24_11-webdoc-24.11.5-150300.7.8.1 * slurm_24_11-doc-24.11.5-150300.7.8.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * slurm_24_11-plugins-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-node-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-hdf5-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-node-24.11.5-150300.7.8.1 * slurm_24_11-24.11.5-150300.7.8.1 * slurm_24_11-plugins-24.11.5-150300.7.8.1 * slurm_24_11-slurmdbd-24.11.5-150300.7.8.1 * libnss_slurm2_24_11-24.11.5-150300.7.8.1 * slurm_24_11-sql-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-munge-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-lua-debuginfo-24.11.5-150300.7.8.1 * libpmi0_24_11-24.11.5-150300.7.8.1 * slurm_24_11-sql-24.11.5-150300.7.8.1 * slurm_24_11-auth-none-debuginfo-24.11.5-150300.7.8.1 * libslurm42-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-cray-24.11.5-150300.7.8.1 * slurm_24_11-lua-24.11.5-150300.7.8.1 * slurm_24_11-pam_slurm-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-auth-none-24.11.5-150300.7.8.1 * slurm_24_11-torque-debuginfo-24.11.5-150300.7.8.1 * perl-slurm_24_11-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-devel-24.11.5-150300.7.8.1 * slurm_24_11-rest-24.11.5-150300.7.8.1 * slurm_24_11-torque-24.11.5-150300.7.8.1 * slurm_24_11-sview-24.11.5-150300.7.8.1 * slurm_24_11-sview-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-pam_slurm-24.11.5-150300.7.8.1 * libslurm42-24.11.5-150300.7.8.1 * libpmi0_24_11-debuginfo-24.11.5-150300.7.8.1 * libnss_slurm2_24_11-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-rest-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-slurmdbd-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-munge-24.11.5-150300.7.8.1 * perl-slurm_24_11-24.11.5-150300.7.8.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * slurm_24_11-config-man-24.11.5-150300.7.8.1 * slurm_24_11-config-24.11.5-150300.7.8.1 * slurm_24_11-webdoc-24.11.5-150300.7.8.1 * slurm_24_11-doc-24.11.5-150300.7.8.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * slurm_24_11-plugins-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-node-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-hdf5-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-node-24.11.5-150300.7.8.1 * slurm_24_11-24.11.5-150300.7.8.1 * slurm_24_11-plugins-24.11.5-150300.7.8.1 * slurm_24_11-slurmdbd-24.11.5-150300.7.8.1 * libnss_slurm2_24_11-24.11.5-150300.7.8.1 * slurm_24_11-sql-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-munge-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-lua-debuginfo-24.11.5-150300.7.8.1 * libpmi0_24_11-24.11.5-150300.7.8.1 * slurm_24_11-sql-24.11.5-150300.7.8.1 * slurm_24_11-auth-none-debuginfo-24.11.5-150300.7.8.1 * libslurm42-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-cray-24.11.5-150300.7.8.1 * slurm_24_11-lua-24.11.5-150300.7.8.1 * slurm_24_11-pam_slurm-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-auth-none-24.11.5-150300.7.8.1 * slurm_24_11-torque-debuginfo-24.11.5-150300.7.8.1 * perl-slurm_24_11-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-devel-24.11.5-150300.7.8.1 * slurm_24_11-rest-24.11.5-150300.7.8.1 * slurm_24_11-torque-24.11.5-150300.7.8.1 * slurm_24_11-sview-24.11.5-150300.7.8.1 * slurm_24_11-sview-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-pam_slurm-24.11.5-150300.7.8.1 * libslurm42-24.11.5-150300.7.8.1 * libpmi0_24_11-debuginfo-24.11.5-150300.7.8.1 * libnss_slurm2_24_11-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-rest-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-slurmdbd-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-munge-24.11.5-150300.7.8.1 * perl-slurm_24_11-24.11.5-150300.7.8.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * slurm_24_11-config-man-24.11.5-150300.7.8.1 * slurm_24_11-config-24.11.5-150300.7.8.1 * slurm_24_11-webdoc-24.11.5-150300.7.8.1 * slurm_24_11-doc-24.11.5-150300.7.8.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64) * slurm_24_11-plugins-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-node-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-hdf5-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-node-24.11.5-150300.7.8.1 * slurm_24_11-24.11.5-150300.7.8.1 * slurm_24_11-plugins-24.11.5-150300.7.8.1 * slurm_24_11-slurmdbd-24.11.5-150300.7.8.1 * libnss_slurm2_24_11-24.11.5-150300.7.8.1 * slurm_24_11-sql-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-lua-debuginfo-24.11.5-150300.7.8.1 * libpmi0_24_11-24.11.5-150300.7.8.1 * slurm_24_11-munge-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-sql-24.11.5-150300.7.8.1 * slurm_24_11-hdf5-24.11.5-150300.7.8.1 * slurm_24_11-auth-none-debuginfo-24.11.5-150300.7.8.1 * libslurm42-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-cray-24.11.5-150300.7.8.1 * slurm_24_11-lua-24.11.5-150300.7.8.1 * slurm_24_11-pam_slurm-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-auth-none-24.11.5-150300.7.8.1 * slurm_24_11-torque-debuginfo-24.11.5-150300.7.8.1 * perl-slurm_24_11-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-devel-24.11.5-150300.7.8.1 * slurm_24_11-rest-24.11.5-150300.7.8.1 * slurm_24_11-torque-24.11.5-150300.7.8.1 * slurm_24_11-sview-24.11.5-150300.7.8.1 * slurm_24_11-sview-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-pam_slurm-24.11.5-150300.7.8.1 * slurm_24_11-debugsource-24.11.5-150300.7.8.1 * slurm_24_11-testsuite-24.11.5-150300.7.8.1 * libslurm42-24.11.5-150300.7.8.1 * slurm_24_11-cray-debuginfo-24.11.5-150300.7.8.1 * libpmi0_24_11-debuginfo-24.11.5-150300.7.8.1 * libnss_slurm2_24_11-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-rest-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-slurmdbd-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-munge-24.11.5-150300.7.8.1 * perl-slurm_24_11-24.11.5-150300.7.8.1 * openSUSE Leap 15.3 (noarch) * slurm_24_11-seff-24.11.5-150300.7.8.1 * slurm_24_11-sjstat-24.11.5-150300.7.8.1 * slurm_24_11-config-24.11.5-150300.7.8.1 * slurm_24_11-doc-24.11.5-150300.7.8.1 * slurm_24_11-config-man-24.11.5-150300.7.8.1 * slurm_24_11-openlava-24.11.5-150300.7.8.1 * slurm_24_11-webdoc-24.11.5-150300.7.8.1 ## References: * https://www.suse.com/security/cve/CVE-2025-43904.html * https://bugzilla.suse.com/show_bug.cgi?id=1243666 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 20:30:18 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 20:30:18 -0000 Subject: SUSE-RU-2025:01527-1: important: Recommended update for libsolv, libzypp, zypper Message-ID: <174855061845.5286.11854325991849879786@smelt2.prg2.suse.org> # Recommended update for libsolv, libzypp, zypper Announcement ID: SUSE-RU-2025:01527-1 Release Date: 2025-05-29T16:06:22Z Rating: important References: * bsc#1222044 * bsc#1230267 * bsc#1235598 * bsc#1237172 * bsc#1237587 * bsc#1237949 * bsc#1238315 * bsc#1239809 * bsc#1240529 Affected Products: * Basesystem Module 15-SP7 * Development Tools Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that has nine fixes can now be installed. ## Description: This update for libsolv, libzypp, zypper fixes the following issues: * Support the apk package and repository format (both v2 and v3) * New dataiterator_final_{repo,solvable} functions * Provide a symbol specific for the ruby-version so yast does not break across updates (bsc#1235598) * XmlReader: Fix detection of bad input streams * rpm: Fix detection of %triggerscript starts (bsc#1222044) * RepoindexFileReader: add more related attributes a service may set * Drop workaround for broken rpm-4.18 in Code16 (bsc#1237172) * Drop usage of SHA1 hash algorithm because it will become unavailable in FIPS mode (bsc#1240529) * Fix zypp.conf dupAllowVendorChange to reflect the correct default (false) * zypp.conf: Add `lock_timeout` ($ZYPP_LOCK_TIMEOUT) (bsc#1239809) * Fix computation of RepStatus if Repo URLs change * Fix lost double slash when appending to an absolute FTP url (bsc#1238315) * Add a transaction package preloader * Strip a mediahandler tag from baseUrl querystrings * Updated translations (bsc#1230267) * Do not double encode URL strings passed on the commandline (bsc#1237587) * info,search: add option to search and list Enhances (bsc#1237949) ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-1527=1 * Development Tools Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP7-2025-1527=1 ## Package List: * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libsolv-tools-base-debuginfo-0.7.32-150600.8.10.1 * libsolv-tools-debuginfo-0.7.32-150600.8.10.1 * libzypp-debuginfo-17.36.7-150600.3.53.1 * libzypp-17.36.7-150600.3.53.1 * libzypp-devel-17.36.7-150600.3.53.1 * libzypp-debugsource-17.36.7-150600.3.53.1 * ruby-solv-0.7.32-150600.8.10.1 * ruby-solv-debuginfo-0.7.32-150600.8.10.1 * zypper-1.14.89-150600.10.31.1 * python3-solv-0.7.32-150600.8.10.1 * libsolv-tools-base-0.7.32-150600.8.10.1 * libsolv-devel-0.7.32-150600.8.10.1 * python3-solv-debuginfo-0.7.32-150600.8.10.1 * zypper-debuginfo-1.14.89-150600.10.31.1 * libsolv-debugsource-0.7.32-150600.8.10.1 * libsolv-debuginfo-0.7.32-150600.8.10.1 * libsolv-devel-debuginfo-0.7.32-150600.8.10.1 * zypper-debugsource-1.14.89-150600.10.31.1 * libsolv-tools-0.7.32-150600.8.10.1 * Basesystem Module 15-SP7 (noarch) * zypper-log-1.14.89-150600.10.31.1 * zypper-needs-restarting-1.14.89-150600.10.31.1 * Development Tools Module 15-SP7 (aarch64 ppc64le s390x x86_64) * perl-solv-debuginfo-0.7.32-150600.8.10.1 * libsolv-debuginfo-0.7.32-150600.8.10.1 * perl-solv-0.7.32-150600.8.10.1 * libsolv-debugsource-0.7.32-150600.8.10.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1222044 * https://bugzilla.suse.com/show_bug.cgi?id=1230267 * https://bugzilla.suse.com/show_bug.cgi?id=1235598 * https://bugzilla.suse.com/show_bug.cgi?id=1237172 * https://bugzilla.suse.com/show_bug.cgi?id=1237587 * https://bugzilla.suse.com/show_bug.cgi?id=1237949 * https://bugzilla.suse.com/show_bug.cgi?id=1238315 * https://bugzilla.suse.com/show_bug.cgi?id=1239809 * https://bugzilla.suse.com/show_bug.cgi?id=1240529 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 20:30:20 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 20:30:20 -0000 Subject: SUSE-RU-2025:01606-2: moderate: Recommended update for librdkafka Message-ID: <174855062060.5286.3576823286378735315@smelt2.prg2.suse.org> # Recommended update for librdkafka Announcement ID: SUSE-RU-2025:01606-2 Release Date: 2025-05-29T16:01:46Z Rating: moderate References: * bsc#1242842 Affected Products: * Basesystem Module 15-SP7 * Server Applications Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that has one fix can now be installed. ## Description: This update for librdkafka fixes the following issues: * Avoid endless loops under certain circumstances (bsc#1242842) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-1606=1 * Server Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2025-1606=1 ## Package List: * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * librdkafka1-debuginfo-0.11.6-150600.16.3.1 * librdkafka1-0.11.6-150600.16.3.1 * librdkafka-debugsource-0.11.6-150600.16.3.1 * Server Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * librdkafka-devel-0.11.6-150600.16.3.1 * librdkafka-debugsource-0.11.6-150600.16.3.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1242842 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 29 20:30:24 2025 From: null at suse.de (SLE-UPDATES) Date: Thu, 29 May 2025 20:30:24 -0000 Subject: SUSE-SU-2025:01565-1: moderate: Security update for open-vm-tools Message-ID: <174855062440.5286.15376699149951381888@smelt2.prg2.suse.org> # Security update for open-vm-tools Announcement ID: SUSE-SU-2025:01565-1 Release Date: 2025-05-29T16:00:43Z Rating: moderate References: * bsc#1237147 * bsc#1241938 * bsc#1243106 Cross-References: * CVE-2025-22247 CVSS scores: * CVE-2025-22247 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-22247 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N * CVE-2025-22247 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N Affected Products: * Basesystem Module 15-SP7 * Containers Module 15-SP7 * Desktop Applications Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability and has two security fixes can now be installed. ## Description: This update for open-vm-tools fixes the following issues: Update to 12.5.2: Security fixes: * CVE-2025-22247: Fixed Insecure file handling (bsc#1243106) Other fixes: * Fixed GCC 15 compile time error (bsc#1241938) * Fix building with containerd 1.7.25+ (bsc#1237147) Full changelog: https://github.com/vmware/open-vm-tools/blob/stable-12.5.2/ReleaseNotes.md https://github.com/vmware/open-vm-tools/blob/stable-12.5.2/open-vm- tools/ChangeLog ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-1565=1 * Containers Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Containers-15-SP7-2025-1565=1 * Desktop Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP7-2025-1565=1 ## Package List: * Basesystem Module 15-SP7 (aarch64 x86_64) * open-vm-tools-12.5.2-150600.3.12.1 * open-vm-tools-sdmp-12.5.2-150600.3.12.1 * libvmtools0-debuginfo-12.5.2-150600.3.12.1 * open-vm-tools-sdmp-debuginfo-12.5.2-150600.3.12.1 * libvmtools0-12.5.2-150600.3.12.1 * open-vm-tools-debuginfo-12.5.2-150600.3.12.1 * open-vm-tools-debugsource-12.5.2-150600.3.12.1 * Basesystem Module 15-SP7 (x86_64) * open-vm-tools-salt-minion-12.5.2-150600.3.12.1 * libvmtools-devel-12.5.2-150600.3.12.1 * Containers Module 15-SP7 (aarch64 x86_64) * open-vm-tools-containerinfo-12.5.2-150600.3.12.1 * open-vm-tools-debuginfo-12.5.2-150600.3.12.1 * open-vm-tools-debugsource-12.5.2-150600.3.12.1 * open-vm-tools-containerinfo-debuginfo-12.5.2-150600.3.12.1 * Desktop Applications Module 15-SP7 (aarch64 x86_64) * open-vm-tools-desktop-12.5.2-150600.3.12.1 * open-vm-tools-debuginfo-12.5.2-150600.3.12.1 * open-vm-tools-debugsource-12.5.2-150600.3.12.1 * open-vm-tools-desktop-debuginfo-12.5.2-150600.3.12.1 ## References: * https://www.suse.com/security/cve/CVE-2025-22247.html * https://bugzilla.suse.com/show_bug.cgi?id=1237147 * https://bugzilla.suse.com/show_bug.cgi?id=1241938 * https://bugzilla.suse.com/show_bug.cgi?id=1243106 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 30 08:30:09 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 30 May 2025 08:30:09 -0000 Subject: SUSE-SU-2025:01767-1: moderate: Security update for postgresql16 Message-ID: <174859380993.30168.15669453094987178573@smelt2.prg2.suse.org> # Security update for postgresql16 Announcement ID: SUSE-SU-2025:01767-1 Release Date: 2025-05-30T07:47:23Z Rating: moderate References: * bsc#1242931 Cross-References: * CVE-2025-4207 CVSS scores: * CVE-2025-4207 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-4207 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for postgresql16 fixes the following issues: Upgrade to 16.9: * CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation (bsc#1242931) Changelog: https://www.postgresql.org/docs/release/16.9/ ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-1767=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1767=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * postgresql16-server-devel-debuginfo-16.9-3.29.1 * postgresql16-plpython-16.9-3.29.1 * postgresql16-devel-16.9-3.29.1 * postgresql16-plpython-debuginfo-16.9-3.29.1 * postgresql16-pltcl-debuginfo-16.9-3.29.1 * postgresql16-contrib-debuginfo-16.9-3.29.1 * postgresql16-plperl-debuginfo-16.9-3.29.1 * postgresql16-server-16.9-3.29.1 * postgresql16-devel-debuginfo-16.9-3.29.1 * postgresql16-16.9-3.29.1 * postgresql16-pltcl-16.9-3.29.1 * postgresql16-server-devel-16.9-3.29.1 * postgresql16-plperl-16.9-3.29.1 * postgresql16-server-debuginfo-16.9-3.29.1 * postgresql16-contrib-16.9-3.29.1 * postgresql16-debuginfo-16.9-3.29.1 * postgresql16-debugsource-16.9-3.29.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * postgresql16-docs-16.9-3.29.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * postgresql16-server-devel-debuginfo-16.9-3.29.1 * postgresql16-plpython-16.9-3.29.1 * postgresql16-devel-16.9-3.29.1 * postgresql16-plpython-debuginfo-16.9-3.29.1 * postgresql16-pltcl-debuginfo-16.9-3.29.1 * postgresql16-contrib-debuginfo-16.9-3.29.1 * postgresql16-plperl-debuginfo-16.9-3.29.1 * postgresql16-server-16.9-3.29.1 * postgresql16-devel-debuginfo-16.9-3.29.1 * postgresql16-16.9-3.29.1 * postgresql16-pltcl-16.9-3.29.1 * postgresql16-server-devel-16.9-3.29.1 * postgresql16-plperl-16.9-3.29.1 * postgresql16-server-debuginfo-16.9-3.29.1 * postgresql16-contrib-16.9-3.29.1 * postgresql16-debuginfo-16.9-3.29.1 * postgresql16-debugsource-16.9-3.29.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * postgresql16-docs-16.9-3.29.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4207.html * https://bugzilla.suse.com/show_bug.cgi?id=1242931 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 30 08:30:15 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 30 May 2025 08:30:15 -0000 Subject: SUSE-SU-2025:01766-1: moderate: Security update for postgresql16 Message-ID: <174859381548.30168.11253740073251311158@smelt2.prg2.suse.org> # Security update for postgresql16 Announcement ID: SUSE-SU-2025:01766-1 Release Date: 2025-05-30T07:45:55Z Rating: moderate References: * bsc#1242931 Cross-References: * CVE-2025-4207 CVSS scores: * CVE-2025-4207 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-4207 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves one vulnerability can now be installed. ## Description: This update for postgresql16 fixes the following issues: Upgrade to 16.9: * CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation (bsc#1242931) Changelog: https://www.postgresql.org/docs/release/16.9/ ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1766=1 SUSE-2025-1766=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1766=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-1766=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-1766=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * postgresql16-debugsource-16.9-150600.16.18.1 * postgresql16-16.9-150600.16.18.1 * postgresql16-plpython-16.9-150600.16.18.1 * postgresql16-llvmjit-16.9-150600.16.18.1 * postgresql16-contrib-debuginfo-16.9-150600.16.18.1 * postgresql16-pltcl-16.9-150600.16.18.1 * postgresql16-debuginfo-16.9-150600.16.18.1 * postgresql16-server-debuginfo-16.9-150600.16.18.1 * postgresql16-server-16.9-150600.16.18.1 * postgresql16-server-devel-debuginfo-16.9-150600.16.18.1 * postgresql16-llvmjit-debuginfo-16.9-150600.16.18.1 * postgresql16-llvmjit-devel-16.9-150600.16.18.1 * postgresql16-plperl-debuginfo-16.9-150600.16.18.1 * postgresql16-pltcl-debuginfo-16.9-150600.16.18.1 * postgresql16-devel-debuginfo-16.9-150600.16.18.1 * postgresql16-test-16.9-150600.16.18.1 * postgresql16-plperl-16.9-150600.16.18.1 * postgresql16-contrib-16.9-150600.16.18.1 * postgresql16-devel-16.9-150600.16.18.1 * postgresql16-server-devel-16.9-150600.16.18.1 * postgresql16-plpython-debuginfo-16.9-150600.16.18.1 * openSUSE Leap 15.6 (noarch) * postgresql16-docs-16.9-150600.16.18.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * postgresql16-debuginfo-16.9-150600.16.18.1 * postgresql16-debugsource-16.9-150600.16.18.1 * postgresql16-16.9-150600.16.18.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * postgresql16-debugsource-16.9-150600.16.18.1 * postgresql16-test-16.9-150600.16.18.1 * postgresql16-debuginfo-16.9-150600.16.18.1 * postgresql16-llvmjit-debuginfo-16.9-150600.16.18.1 * postgresql16-llvmjit-16.9-150600.16.18.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * postgresql16-devel-debuginfo-16.9-150600.16.18.1 * postgresql16-debugsource-16.9-150600.16.18.1 * postgresql16-plperl-16.9-150600.16.18.1 * postgresql16-debuginfo-16.9-150600.16.18.1 * postgresql16-server-debuginfo-16.9-150600.16.18.1 * postgresql16-server-16.9-150600.16.18.1 * postgresql16-devel-16.9-150600.16.18.1 * postgresql16-server-devel-debuginfo-16.9-150600.16.18.1 * postgresql16-plpython-16.9-150600.16.18.1 * postgresql16-contrib-debuginfo-16.9-150600.16.18.1 * postgresql16-pltcl-16.9-150600.16.18.1 * postgresql16-server-devel-16.9-150600.16.18.1 * postgresql16-plperl-debuginfo-16.9-150600.16.18.1 * postgresql16-plpython-debuginfo-16.9-150600.16.18.1 * postgresql16-contrib-16.9-150600.16.18.1 * postgresql16-pltcl-debuginfo-16.9-150600.16.18.1 * Server Applications Module 15-SP6 (noarch) * postgresql16-docs-16.9-150600.16.18.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4207.html * https://bugzilla.suse.com/show_bug.cgi?id=1242931 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 30 08:30:19 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 30 May 2025 08:30:19 -0000 Subject: SUSE-SU-2025:01765-1: moderate: Security update for postgresql17 Message-ID: <174859381917.30168.16457852009814247872@smelt2.prg2.suse.org> # Security update for postgresql17 Announcement ID: SUSE-SU-2025:01765-1 Release Date: 2025-05-30T07:44:44Z Rating: moderate References: * bsc#1242931 Cross-References: * CVE-2025-4207 CVSS scores: * CVE-2025-4207 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-4207 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for postgresql17 fixes the following issues: Upgrade to 17.5: * CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation (bsc#1242931) Changelog: https://www.postgresql.org/docs/release/17.5/ ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-1765=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1765=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libecpg6-debuginfo-17.5-3.13.1 * libpq5-debuginfo-17.5-3.13.1 * libpq5-17.5-3.13.1 * libecpg6-17.5-3.13.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x x86_64) * libecpg6-debuginfo-32bit-17.5-3.13.1 * libecpg6-32bit-17.5-3.13.1 * libpq5-32bit-17.5-3.13.1 * libpq5-debuginfo-32bit-17.5-3.13.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libecpg6-debuginfo-17.5-3.13.1 * libecpg6-debuginfo-32bit-17.5-3.13.1 * libpq5-debuginfo-32bit-17.5-3.13.1 * libecpg6-32bit-17.5-3.13.1 * libecpg6-17.5-3.13.1 * libpq5-32bit-17.5-3.13.1 * libpq5-17.5-3.13.1 * libpq5-debuginfo-17.5-3.13.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4207.html * https://bugzilla.suse.com/show_bug.cgi?id=1242931 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 30 08:30:21 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 30 May 2025 08:30:21 -0000 Subject: SUSE-RU-2025:01764-1: important: Recommended update for kexec-tools Message-ID: <174859382128.30168.6563345231027562513@smelt2.prg2.suse.org> # Recommended update for kexec-tools Announcement ID: SUSE-RU-2025:01764-1 Release Date: 2025-05-30T06:45:50Z Rating: important References: * bsc#1241249 Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise Micro 5.5 An update that has one fix can now be installed. ## Description: This update for kexec-tools fixes the following issues: * add support for lockless ringbuffer (bsc#1241249) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-1764=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-1764=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * kexec-tools-2.0.20-150500.20.3.1 * kexec-tools-debugsource-2.0.20-150500.20.3.1 * kexec-tools-debuginfo-2.0.20-150500.20.3.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * kexec-tools-2.0.20-150500.20.3.1 * kexec-tools-debugsource-2.0.20-150500.20.3.1 * kexec-tools-debuginfo-2.0.20-150500.20.3.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1241249 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 30 08:30:25 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 30 May 2025 08:30:25 -0000 Subject: SUSE-SU-2025:01763-1: low: Security update for augeas Message-ID: <174859382533.30168.12046247807732634213@smelt2.prg2.suse.org> # Security update for augeas Announcement ID: SUSE-SU-2025:01763-1 Release Date: 2025-05-29T20:55:39Z Rating: low References: * bsc#1239909 Cross-References: * CVE-2025-2588 CVSS scores: * CVE-2025-2588 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-2588 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-2588 ( NVD ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-2588 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-2588 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that solves one vulnerability can now be installed. ## Description: This update for augeas fixes the following issues: * CVE-2025-2588: Check for NULL pointers when calling re_case_expand in function fa_expand_nocase. (bsc#1239909) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-1763=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1763=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1763=1 ## Package List: * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * augeas-lenses-1.10.1-150000.3.15.1 * augeas-debugsource-1.10.1-150000.3.15.1 * libaugeas0-debuginfo-1.10.1-150000.3.15.1 * augeas-debuginfo-1.10.1-150000.3.15.1 * augeas-1.10.1-150000.3.15.1 * libaugeas0-1.10.1-150000.3.15.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * augeas-lenses-1.10.1-150000.3.15.1 * augeas-debugsource-1.10.1-150000.3.15.1 * libaugeas0-debuginfo-1.10.1-150000.3.15.1 * augeas-debuginfo-1.10.1-150000.3.15.1 * augeas-1.10.1-150000.3.15.1 * libaugeas0-1.10.1-150000.3.15.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * augeas-lenses-1.10.1-150000.3.15.1 * augeas-debugsource-1.10.1-150000.3.15.1 * libaugeas0-debuginfo-1.10.1-150000.3.15.1 * augeas-debuginfo-1.10.1-150000.3.15.1 * augeas-1.10.1-150000.3.15.1 * libaugeas0-1.10.1-150000.3.15.1 ## References: * https://www.suse.com/security/cve/CVE-2025-2588.html * https://bugzilla.suse.com/show_bug.cgi?id=1239909 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 30 08:30:27 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 30 May 2025 08:30:27 -0000 Subject: SUSE-SU-2025:01762-1: moderate: Security update for brotli Message-ID: <174859382782.30168.17298840070752667378@smelt2.prg2.suse.org> # Security update for brotli Announcement ID: SUSE-SU-2025:01762-1 Release Date: 2025-05-29T20:55:27Z Rating: moderate References: * bsc#1175825 Cross-References: * CVE-2020-8927 CVSS scores: * CVE-2020-8927 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2020-8927 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L Affected Products: * SUSE Linux Enterprise Micro 5.1 An update that solves one vulnerability can now be installed. ## Description: This update for brotli fixes the following issues: * CVE-2020-8927: Fixed integer overflow when input chunk is larger than 2GiB (bsc#1175825). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-1762=1 ## Package List: * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * libbrotlicommon1-1.0.7-3.3.1 * libbrotlidec1-debuginfo-1.0.7-3.3.1 * brotli-debuginfo-1.0.7-3.3.1 * libbrotlidec1-1.0.7-3.3.1 * brotli-debugsource-1.0.7-3.3.1 * libbrotlicommon1-debuginfo-1.0.7-3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2020-8927.html * https://bugzilla.suse.com/show_bug.cgi?id=1175825 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 30 12:30:08 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 30 May 2025 12:30:08 -0000 Subject: SUSE-RU-2025:01773-1: important: Recommended update for release-notes-sles Message-ID: <174860820831.30194.6747310470932752367@smelt2.prg2.suse.org> # Recommended update for release-notes-sles Announcement ID: SUSE-RU-2025:01773-1 Release Date: 2025-05-30T11:16:11Z Rating: important References: * bsc#1232762 * bsc#1237496 * bsc#933411 Affected Products: * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that has three fixes can now be installed. ## Description: This update for release-notes-sles fixes the following issues: * Update to 15.7.20250528 (tracked in bsc#933411) * Added note about systemd configs in /usr (bsc#1237496) * Added note about Non Unified image SEV (bsc#1232762) * Removed note about ceph client package removal ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP7 zypper in -t patch SUSE-SLE-INSTALLER-15-SP7-2025-1773=1 SUSE-SLE-Product- SLES-15-SP7-2025-1773=1 * SUSE Linux Enterprise High Performance Computing 15 SP7 zypper in -t patch SUSE-SLE-INSTALLER-15-SP7-2025-1773=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 zypper in -t patch SUSE-SLE-INSTALLER-15-SP7-2025-1773=1 * SUSE Linux Enterprise Desktop 15 SP7 zypper in -t patch SUSE-SLE-INSTALLER-15-SP7-2025-1773=1 ## Package List: * SUSE Linux Enterprise Server 15 SP7 (noarch) * release-notes-sles-15.7.20250528-150700.3.3.3 * SUSE Linux Enterprise High Performance Computing 15 SP7 (noarch) * release-notes-sles-15.7.20250528-150700.3.3.3 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 (noarch) * release-notes-sles-15.7.20250528-150700.3.3.3 * SUSE Linux Enterprise Desktop 15 SP7 (noarch) * release-notes-sles-15.7.20250528-150700.3.3.3 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1232762 * https://bugzilla.suse.com/show_bug.cgi?id=1237496 * https://bugzilla.suse.com/show_bug.cgi?id=933411 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 30 12:30:11 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 30 May 2025 12:30:11 -0000 Subject: SUSE-SU-2025:01772-1: moderate: Security update for postgresql14 Message-ID: <174860821154.30194.8451928698906863006@smelt2.prg2.suse.org> # Security update for postgresql14 Announcement ID: SUSE-SU-2025:01772-1 Release Date: 2025-05-30T10:44:52Z Rating: moderate References: * bsc#1242931 Cross-References: * CVE-2025-4207 CVSS scores: * CVE-2025-4207 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-4207 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for postgresql14 fixes the following issues: Upgrade to 14.18: * CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation (bsc#1242931) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-1772=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1772=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * postgresql14-contrib-14.18-3.57.1 * postgresql14-pltcl-debuginfo-14.18-3.57.1 * postgresql14-debugsource-14.18-3.57.1 * postgresql14-devel-14.18-3.57.1 * postgresql14-plperl-14.18-3.57.1 * postgresql14-server-14.18-3.57.1 * postgresql14-plperl-debuginfo-14.18-3.57.1 * postgresql14-server-debuginfo-14.18-3.57.1 * postgresql14-plpython-debuginfo-14.18-3.57.1 * postgresql14-devel-debuginfo-14.18-3.57.1 * postgresql14-contrib-debuginfo-14.18-3.57.1 * postgresql14-plpython-14.18-3.57.1 * postgresql14-debuginfo-14.18-3.57.1 * postgresql14-14.18-3.57.1 * postgresql14-pltcl-14.18-3.57.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * postgresql14-docs-14.18-3.57.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (ppc64le s390x x86_64) * postgresql14-server-devel-14.18-3.57.1 * postgresql14-server-devel-debuginfo-14.18-3.57.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * postgresql14-contrib-14.18-3.57.1 * postgresql14-pltcl-debuginfo-14.18-3.57.1 * postgresql14-debugsource-14.18-3.57.1 * postgresql14-devel-14.18-3.57.1 * postgresql14-plperl-14.18-3.57.1 * postgresql14-server-14.18-3.57.1 * postgresql14-plperl-debuginfo-14.18-3.57.1 * postgresql14-server-debuginfo-14.18-3.57.1 * postgresql14-plpython-debuginfo-14.18-3.57.1 * postgresql14-devel-debuginfo-14.18-3.57.1 * postgresql14-contrib-debuginfo-14.18-3.57.1 * postgresql14-plpython-14.18-3.57.1 * postgresql14-server-devel-14.18-3.57.1 * postgresql14-debuginfo-14.18-3.57.1 * postgresql14-server-devel-debuginfo-14.18-3.57.1 * postgresql14-14.18-3.57.1 * postgresql14-pltcl-14.18-3.57.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * postgresql14-docs-14.18-3.57.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4207.html * https://bugzilla.suse.com/show_bug.cgi?id=1242931 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 30 12:30:15 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 30 May 2025 12:30:15 -0000 Subject: SUSE-SU-2025:01771-1: moderate: Security update for iputils Message-ID: <174860821534.30194.2771502086186391599@smelt2.prg2.suse.org> # Security update for iputils Announcement ID: SUSE-SU-2025:01771-1 Release Date: 2025-05-30T10:41:25Z Rating: moderate References: * bsc#1242300 * bsc#1243284 Cross-References: * CVE-2025-47268 CVSS scores: * CVE-2025-47268 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-47268 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2025-47268 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L Affected Products: * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for iputils fixes the following issues: Security fixes: * CVE-2025-47268: Fixed integer overflow in RTT calculation can lead to undefined behavior (bsc#1242300). Other bug fixes: * Fixed incorrect IPV4 TTL value when using SOCK_DGRAM on big endian systems (bsc#1243284). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1771=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1771=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-1771=1 ## Package List: * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * iputils-debuginfo-s20161105-150000.8.11.1 * iputils-debugsource-s20161105-150000.8.11.1 * iputils-s20161105-150000.8.11.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * iputils-debuginfo-s20161105-150000.8.11.1 * iputils-debugsource-s20161105-150000.8.11.1 * iputils-s20161105-150000.8.11.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * iputils-debuginfo-s20161105-150000.8.11.1 * iputils-debugsource-s20161105-150000.8.11.1 * iputils-s20161105-150000.8.11.1 ## References: * https://www.suse.com/security/cve/CVE-2025-47268.html * https://bugzilla.suse.com/show_bug.cgi?id=1242300 * https://bugzilla.suse.com/show_bug.cgi?id=1243284 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 30 12:30:20 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 30 May 2025 12:30:20 -0000 Subject: SUSE-SU-2025:01770-1: important: Security update for java-1_8_0-ibm Message-ID: <174860822016.30194.6458441459830077202@smelt2.prg2.suse.org> # Security update for java-1_8_0-ibm Announcement ID: SUSE-SU-2025:01770-1 Release Date: 2025-05-30T10:09:33Z Rating: important References: * bsc#1241274 * bsc#1241275 * bsc#1241276 * bsc#1242208 * bsc#1243429 Cross-References: * CVE-2025-21587 * CVE-2025-30691 * CVE-2025-30698 * CVE-2025-4447 CVSS scores: * CVE-2025-21587 ( SUSE ): 9.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-21587 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2025-21587 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2025-30691 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-30691 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-30691 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-30698 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-30698 ( SUSE ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-30698 ( NVD ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-4447 ( SUSE ): 7.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:H/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-4447 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-4447 ( NVD ): 7.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:H/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves four vulnerabilities and has one security fix can now be installed. ## Description: This update for java-1_8_0-ibm fixes the following issues: Update to Java 8.0 Service Refresh 8 Fix Pack 45. Security issues fixed: * Oracle April 15 2025 CPU (bsc#1242208) * CVE-2025-21587: unauthorized access, deletion and modification of critical data via the JSSE component (bsc#1241274). * CVE-2025-30691: unauthorized access to data via the Compiler component (bsc#1241275). * CVE-2025-30698: unauthorized access to data and ability to cause a partial DoS via the 2D component (bsc#1241276). * IBM Security Update May 2025 * CVE-2025-4447: stack based buffer overflow in Eclipse OpenJ9 through modification of file that is read when the JVM starts (bsc#1243429). Other changes and issues fixed: * Security: * Avoid memory leak during aes cipher initialization operations for IBMJCEPlus and IBMJCEPlusProviders provider. * Changing the default of the com.ibm.security.spnego.msinterop property from true to false. * Deserializing a com.ibm.crypto.provider.rsaprivatecrtkey object causes a java.io.invalidobjectexception to be thrown. * Failed to read private key from a JKS keystore, specified as JCEKS keystore. * HTTPS channel binding support. * Keytool listing PKCS12 keystore issue. * On Linux systems, use gcc11.2 to compile IBM PKCS11 library. * Support has been added to the IBM Java XMLDSigRI security provider for the EdDSA (Edwards-curve Digital Signature Algorithm). * Updates to XDH Key Agreement, AESGCM Algorithms in IBMJCEPlus and IBMJCEPlusFIPS providers. * Class Libraries: * Update timezone information to the latest tzdata2025a. * Java Virtual Machine: * A SIGSEGV/GPF event received while processing verifyerror. * Crash while resolving MethodHandleNatives. * NoSuchMethodException or NoClassDefFoundError when loading classes. * JIT Compiler: * Assert in the JIT Compiler, badILOp. * Reduced MD5 performance. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1770=1 * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-1770=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (nosrc x86_64) * java-1_8_0-ibm-1.8.0_sr8.45-30.135.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * java-1_8_0-ibm-devel-1.8.0_sr8.45-30.135.1 * java-1_8_0-ibm-plugin-1.8.0_sr8.45-30.135.1 * java-1_8_0-ibm-alsa-1.8.0_sr8.45-30.135.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (nosrc ppc64le s390x x86_64) * java-1_8_0-ibm-1.8.0_sr8.45-30.135.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (ppc64le s390x x86_64) * java-1_8_0-ibm-devel-1.8.0_sr8.45-30.135.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (x86_64) * java-1_8_0-ibm-plugin-1.8.0_sr8.45-30.135.1 * java-1_8_0-ibm-alsa-1.8.0_sr8.45-30.135.1 ## References: * https://www.suse.com/security/cve/CVE-2025-21587.html * https://www.suse.com/security/cve/CVE-2025-30691.html * https://www.suse.com/security/cve/CVE-2025-30698.html * https://www.suse.com/security/cve/CVE-2025-4447.html * https://bugzilla.suse.com/show_bug.cgi?id=1241274 * https://bugzilla.suse.com/show_bug.cgi?id=1241275 * https://bugzilla.suse.com/show_bug.cgi?id=1241276 * https://bugzilla.suse.com/show_bug.cgi?id=1242208 * https://bugzilla.suse.com/show_bug.cgi?id=1243429 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 30 12:30:22 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 30 May 2025 12:30:22 -0000 Subject: SUSE-SU-2025:01769-1: important: Security update for MozillaFirefox Message-ID: <174860822256.30194.6629219356340957889@smelt2.prg2.suse.org> # Security update for MozillaFirefox Announcement ID: SUSE-SU-2025:01769-1 Release Date: 2025-05-30T09:30:34Z Rating: important References: * bsc#1243353 Cross-References: * CVE-2025-5263 * CVE-2025-5264 * CVE-2025-5265 * CVE-2025-5266 * CVE-2025-5267 * CVE-2025-5268 * CVE-2025-5269 CVSS scores: * CVE-2025-5263 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N * CVE-2025-5263 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N * CVE-2025-5264 ( SUSE ): 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L * CVE-2025-5264 ( NVD ): 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L * CVE-2025-5265 ( SUSE ): 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L * CVE-2025-5265 ( NVD ): 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L * CVE-2025-5266 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-5266 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-5267 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2025-5267 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2025-5268 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-5268 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-5269 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-5269 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves seven vulnerabilities can now be installed. ## Description: This update for MozillaFirefox fixes the following issues: Update to Mozilla Firefox ESR 128.11 (MFSA 2025-44, bsc#1243353): * MFSA-TMP-2025-0001: Double-free in libvpx encoder (bmo#1962421) * CVE-2025-5263: Error handling for script execution was incorrectly isolated from web content (bmo#1960745) * CVE-2025-5264: Potential local code execution in "Copy as cURL" command (bmo#1950001) * CVE-2025-5265: Potential local code execution in "Copy as cURL" command (bmo#1962301) * CVE-2025-5266: Script element events leaked cross-origin resource status (bmo#1965628) * CVE-2025-5267: Clickjacking vulnerability could have led to leaking saved payment card details (bmo#1954137) * CVE-2025-5268: Memory safety bugs fixed in Firefox 139, Thunderbird 139, Firefox ESR 128.11, and Thunderbird 128.11 (bmo#1950136, bmo#1958121, bmo#1960499, bmo#1962634) * CVE-2025-5269: Memory safety bug fixed in Firefox ESR 128.11 and Thunderbird 128.11 (bmo#1924108) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-1769=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1769=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * MozillaFirefox-translations-common-128.11.0-112.262.1 * MozillaFirefox-debuginfo-128.11.0-112.262.1 * MozillaFirefox-128.11.0-112.262.1 * MozillaFirefox-debugsource-128.11.0-112.262.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * MozillaFirefox-devel-128.11.0-112.262.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * MozillaFirefox-translations-common-128.11.0-112.262.1 * MozillaFirefox-debuginfo-128.11.0-112.262.1 * MozillaFirefox-128.11.0-112.262.1 * MozillaFirefox-debugsource-128.11.0-112.262.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * MozillaFirefox-devel-128.11.0-112.262.1 ## References: * https://www.suse.com/security/cve/CVE-2025-5263.html * https://www.suse.com/security/cve/CVE-2025-5264.html * https://www.suse.com/security/cve/CVE-2025-5265.html * https://www.suse.com/security/cve/CVE-2025-5266.html * https://www.suse.com/security/cve/CVE-2025-5267.html * https://www.suse.com/security/cve/CVE-2025-5268.html * https://www.suse.com/security/cve/CVE-2025-5269.html * https://bugzilla.suse.com/show_bug.cgi?id=1243353 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 30 12:30:26 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 30 May 2025 12:30:26 -0000 Subject: SUSE-OU-2025:01531-1: low: Optional update for google-guest-oslogin Message-ID: <174860822666.30194.15709751314609757419@smelt2.prg2.suse.org> # Optional update for google-guest-oslogin Announcement ID: SUSE-OU-2025:01531-1 Release Date: 2025-05-30T08:03:58Z Rating: low References: Affected Products: * Public Cloud Module 15-SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that can now be installed. ## Description: This update for google-guest-oslogin fixes the following issue: * Rebuild for consistency across products, no source changes. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Public Cloud Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP7-2025-1531=1 ## Package List: * Public Cloud Module 15-SP7 (aarch64 ppc64le s390x x86_64) * google-guest-oslogin-debuginfo-20240311.00-150000.1.50.1 * google-guest-oslogin-20240311.00-150000.1.50.1 * google-guest-oslogin-debugsource-20240311.00-150000.1.50.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 30 12:30:25 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 30 May 2025 12:30:25 -0000 Subject: SUSE-RU-2025:01768-1: important: Recommended update for libwnck Message-ID: <174860822502.30194.7958013471213056259@smelt2.prg2.suse.org> # Recommended update for libwnck Announcement ID: SUSE-RU-2025:01768-1 Release Date: 2025-05-30T08:07:35Z Rating: important References: * bsc#1241297 Affected Products: * Desktop Applications Module 15-SP6 * Desktop Applications Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that has one fix can now be installed. ## Description: This update for libwnck fixes the following issues: * Fix declaration after labelcerror reported by compiler. (glgo#GNOME/libwnck!67) * Update to version 43.2 (bsc#1241297): * Add WnckHandle to the docs. * Add missing build dependency. * Do not restore original event mask. * Switch to source service for tarball/source. * Update to version 43.1: * Return correct number of application windows. * Avoid showing pointless tooltips. * Do not remove underscores form window titles. * Do not crash if XRes 1.2 is not available. * Do not crash if display is not available. * Fixed upstream. * BuildRequire gettext-devel instead of gettext: allow OBS to shortcut through gettext-runtime-mini. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1768=1 SUSE-2025-1768=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-1768=1 * Desktop Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP7-2025-1768=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libwnck-3-0-debuginfo-43.2-150600.3.3.1 * libwnck-debuginfo-43.2-150600.3.3.1 * libwnck-debugsource-43.2-150600.3.3.1 * typelib-1_0-Wnck-3_0-43.2-150600.3.3.1 * libwnck-tools-debuginfo-43.2-150600.3.3.1 * libwnck-tools-43.2-150600.3.3.1 * libwnck-3-0-43.2-150600.3.3.1 * libwnck-devel-43.2-150600.3.3.1 * openSUSE Leap 15.6 (noarch) * libwnck-lang-43.2-150600.3.3.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libwnck-3-0-debuginfo-43.2-150600.3.3.1 * libwnck-debuginfo-43.2-150600.3.3.1 * libwnck-debugsource-43.2-150600.3.3.1 * typelib-1_0-Wnck-3_0-43.2-150600.3.3.1 * libwnck-3-0-43.2-150600.3.3.1 * libwnck-devel-43.2-150600.3.3.1 * Desktop Applications Module 15-SP6 (noarch) * libwnck-lang-43.2-150600.3.3.1 * Desktop Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libwnck-3-0-debuginfo-43.2-150600.3.3.1 * libwnck-debuginfo-43.2-150600.3.3.1 * libwnck-debugsource-43.2-150600.3.3.1 * typelib-1_0-Wnck-3_0-43.2-150600.3.3.1 * libwnck-3-0-43.2-150600.3.3.1 * libwnck-devel-43.2-150600.3.3.1 * Desktop Applications Module 15-SP7 (noarch) * libwnck-lang-43.2-150600.3.3.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1241297 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 30 16:30:03 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 30 May 2025 16:30:03 -0000 Subject: SUSE-SU-2025:01783-1: moderate: Security update for postgresql17 Message-ID: <174862260394.15837.5242545717114847531@smelt2.prg2.suse.org> # Security update for postgresql17 Announcement ID: SUSE-SU-2025:01783-1 Release Date: 2025-05-30T15:37:59Z Rating: moderate References: * bsc#1242931 Cross-References: * CVE-2025-4207 CVSS scores: * CVE-2025-4207 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-4207 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for postgresql17 fixes the following issues: Upgrade to 17.5: * CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation (bsc#1242931) Changelog: https://www.postgresql.org/docs/release/17.5/ ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1783=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1783=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1783=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1783=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1783=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1783=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1783=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1783=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1783=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1783=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1783=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-1783=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-1783=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-1783=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1783=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * libecpg6-debuginfo-17.5-150200.5.13.1 * postgresql17-debuginfo-17.5-150200.5.13.1 * libecpg6-17.5-150200.5.13.1 * libpq5-17.5-150200.5.13.1 * postgresql17-debugsource-17.5-150200.5.13.1 * libpq5-debuginfo-17.5-150200.5.13.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libecpg6-debuginfo-17.5-150200.5.13.1 * postgresql17-debuginfo-17.5-150200.5.13.1 * libecpg6-17.5-150200.5.13.1 * libpq5-17.5-150200.5.13.1 * postgresql17-debugsource-17.5-150200.5.13.1 * libpq5-debuginfo-17.5-150200.5.13.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * libpq5-32bit-debuginfo-17.5-150200.5.13.1 * libpq5-32bit-17.5-150200.5.13.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libecpg6-debuginfo-17.5-150200.5.13.1 * postgresql17-debuginfo-17.5-150200.5.13.1 * libecpg6-17.5-150200.5.13.1 * libpq5-17.5-150200.5.13.1 * postgresql17-debugsource-17.5-150200.5.13.1 * libpq5-debuginfo-17.5-150200.5.13.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * libpq5-32bit-debuginfo-17.5-150200.5.13.1 * libpq5-32bit-17.5-150200.5.13.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * postgresql17-pltcl-17.5-150200.5.13.1 * libecpg6-17.5-150200.5.13.1 * postgresql17-plperl-debuginfo-17.5-150200.5.13.1 * postgresql17-devel-debuginfo-17.5-150200.5.13.1 * postgresql17-server-debuginfo-17.5-150200.5.13.1 * libecpg6-debuginfo-17.5-150200.5.13.1 * postgresql17-debuginfo-17.5-150200.5.13.1 * postgresql17-server-17.5-150200.5.13.1 * postgresql17-pltcl-debuginfo-17.5-150200.5.13.1 * libpq5-17.5-150200.5.13.1 * postgresql17-server-devel-debuginfo-17.5-150200.5.13.1 * libpq5-debuginfo-17.5-150200.5.13.1 * postgresql17-contrib-17.5-150200.5.13.1 * postgresql17-plpython-debuginfo-17.5-150200.5.13.1 * postgresql17-plperl-17.5-150200.5.13.1 * postgresql17-devel-17.5-150200.5.13.1 * postgresql17-debugsource-17.5-150200.5.13.1 * postgresql17-17.5-150200.5.13.1 * postgresql17-contrib-debuginfo-17.5-150200.5.13.1 * postgresql17-plpython-17.5-150200.5.13.1 * postgresql17-server-devel-17.5-150200.5.13.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * postgresql17-docs-17.5-150200.5.13.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64) * libpq5-32bit-debuginfo-17.5-150200.5.13.1 * libpq5-32bit-17.5-150200.5.13.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * postgresql17-pltcl-17.5-150200.5.13.1 * libecpg6-17.5-150200.5.13.1 * postgresql17-plperl-debuginfo-17.5-150200.5.13.1 * postgresql17-devel-debuginfo-17.5-150200.5.13.1 * postgresql17-server-debuginfo-17.5-150200.5.13.1 * libecpg6-debuginfo-17.5-150200.5.13.1 * postgresql17-debuginfo-17.5-150200.5.13.1 * postgresql17-server-17.5-150200.5.13.1 * postgresql17-pltcl-debuginfo-17.5-150200.5.13.1 * libpq5-17.5-150200.5.13.1 * postgresql17-server-devel-debuginfo-17.5-150200.5.13.1 * libpq5-debuginfo-17.5-150200.5.13.1 * postgresql17-contrib-17.5-150200.5.13.1 * postgresql17-plpython-debuginfo-17.5-150200.5.13.1 * postgresql17-plperl-17.5-150200.5.13.1 * postgresql17-devel-17.5-150200.5.13.1 * postgresql17-debugsource-17.5-150200.5.13.1 * postgresql17-17.5-150200.5.13.1 * postgresql17-contrib-debuginfo-17.5-150200.5.13.1 * postgresql17-plpython-17.5-150200.5.13.1 * postgresql17-server-devel-17.5-150200.5.13.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * postgresql17-docs-17.5-150200.5.13.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64) * libpq5-32bit-debuginfo-17.5-150200.5.13.1 * libpq5-32bit-17.5-150200.5.13.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * libecpg6-debuginfo-17.5-150200.5.13.1 * postgresql17-debuginfo-17.5-150200.5.13.1 * libecpg6-17.5-150200.5.13.1 * libpq5-17.5-150200.5.13.1 * postgresql17-debugsource-17.5-150200.5.13.1 * libpq5-debuginfo-17.5-150200.5.13.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * libecpg6-debuginfo-17.5-150200.5.13.1 * postgresql17-debuginfo-17.5-150200.5.13.1 * libecpg6-17.5-150200.5.13.1 * libpq5-17.5-150200.5.13.1 * postgresql17-debugsource-17.5-150200.5.13.1 * libpq5-debuginfo-17.5-150200.5.13.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64) * libpq5-32bit-debuginfo-17.5-150200.5.13.1 * libpq5-32bit-17.5-150200.5.13.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * postgresql17-pltcl-17.5-150200.5.13.1 * libecpg6-17.5-150200.5.13.1 * postgresql17-plperl-debuginfo-17.5-150200.5.13.1 * postgresql17-devel-debuginfo-17.5-150200.5.13.1 * postgresql17-server-debuginfo-17.5-150200.5.13.1 * libecpg6-debuginfo-17.5-150200.5.13.1 * postgresql17-debuginfo-17.5-150200.5.13.1 * postgresql17-server-17.5-150200.5.13.1 * postgresql17-pltcl-debuginfo-17.5-150200.5.13.1 * libpq5-17.5-150200.5.13.1 * postgresql17-server-devel-debuginfo-17.5-150200.5.13.1 * libpq5-debuginfo-17.5-150200.5.13.1 * postgresql17-contrib-17.5-150200.5.13.1 * postgresql17-plpython-debuginfo-17.5-150200.5.13.1 * postgresql17-plperl-17.5-150200.5.13.1 * postgresql17-devel-17.5-150200.5.13.1 * postgresql17-debugsource-17.5-150200.5.13.1 * postgresql17-17.5-150200.5.13.1 * postgresql17-contrib-debuginfo-17.5-150200.5.13.1 * postgresql17-plpython-17.5-150200.5.13.1 * postgresql17-server-devel-17.5-150200.5.13.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * postgresql17-docs-17.5-150200.5.13.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64) * libpq5-32bit-debuginfo-17.5-150200.5.13.1 * libpq5-32bit-17.5-150200.5.13.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * libecpg6-debuginfo-17.5-150200.5.13.1 * postgresql17-debuginfo-17.5-150200.5.13.1 * libecpg6-17.5-150200.5.13.1 * libpq5-17.5-150200.5.13.1 * postgresql17-debugsource-17.5-150200.5.13.1 * libpq5-debuginfo-17.5-150200.5.13.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libecpg6-debuginfo-17.5-150200.5.13.1 * postgresql17-debuginfo-17.5-150200.5.13.1 * libecpg6-17.5-150200.5.13.1 * libpq5-17.5-150200.5.13.1 * postgresql17-debugsource-17.5-150200.5.13.1 * libpq5-debuginfo-17.5-150200.5.13.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * libpq5-32bit-debuginfo-17.5-150200.5.13.1 * libpq5-32bit-17.5-150200.5.13.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * postgresql17-pltcl-17.5-150200.5.13.1 * libecpg6-17.5-150200.5.13.1 * postgresql17-plperl-debuginfo-17.5-150200.5.13.1 * postgresql17-devel-debuginfo-17.5-150200.5.13.1 * postgresql17-server-debuginfo-17.5-150200.5.13.1 * libecpg6-debuginfo-17.5-150200.5.13.1 * postgresql17-debuginfo-17.5-150200.5.13.1 * postgresql17-server-17.5-150200.5.13.1 * postgresql17-pltcl-debuginfo-17.5-150200.5.13.1 * libpq5-17.5-150200.5.13.1 * postgresql17-server-devel-debuginfo-17.5-150200.5.13.1 * libpq5-debuginfo-17.5-150200.5.13.1 * postgresql17-contrib-17.5-150200.5.13.1 * postgresql17-plpython-debuginfo-17.5-150200.5.13.1 * postgresql17-plperl-17.5-150200.5.13.1 * postgresql17-devel-17.5-150200.5.13.1 * postgresql17-debugsource-17.5-150200.5.13.1 * postgresql17-17.5-150200.5.13.1 * postgresql17-contrib-debuginfo-17.5-150200.5.13.1 * postgresql17-plpython-17.5-150200.5.13.1 * postgresql17-server-devel-17.5-150200.5.13.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * postgresql17-docs-17.5-150200.5.13.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64) * libpq5-32bit-debuginfo-17.5-150200.5.13.1 * libpq5-32bit-17.5-150200.5.13.1 * SUSE Manager Proxy 4.3 (x86_64) * libpq5-32bit-debuginfo-17.5-150200.5.13.1 * libecpg6-debuginfo-17.5-150200.5.13.1 * libecpg6-17.5-150200.5.13.1 * libpq5-17.5-150200.5.13.1 * libpq5-32bit-17.5-150200.5.13.1 * libpq5-debuginfo-17.5-150200.5.13.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * libpq5-32bit-debuginfo-17.5-150200.5.13.1 * libecpg6-debuginfo-17.5-150200.5.13.1 * libecpg6-17.5-150200.5.13.1 * libpq5-17.5-150200.5.13.1 * libpq5-32bit-17.5-150200.5.13.1 * libpq5-debuginfo-17.5-150200.5.13.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * libpq5-17.5-150200.5.13.1 * libecpg6-debuginfo-17.5-150200.5.13.1 * libecpg6-17.5-150200.5.13.1 * libpq5-debuginfo-17.5-150200.5.13.1 * SUSE Manager Server 4.3 (s390x) * postgresql17-contrib-debuginfo-17.5-150200.5.13.1 * postgresql17-17.5-150200.5.13.1 * postgresql17-contrib-17.5-150200.5.13.1 * postgresql17-plpython-debuginfo-17.5-150200.5.13.1 * postgresql17-pltcl-17.5-150200.5.13.1 * postgresql17-debuginfo-17.5-150200.5.13.1 * postgresql17-server-debuginfo-17.5-150200.5.13.1 * postgresql17-plpython-17.5-150200.5.13.1 * postgresql17-server-17.5-150200.5.13.1 * postgresql17-plperl-17.5-150200.5.13.1 * postgresql17-pltcl-debuginfo-17.5-150200.5.13.1 * postgresql17-devel-17.5-150200.5.13.1 * postgresql17-server-devel-17.5-150200.5.13.1 * postgresql17-server-devel-debuginfo-17.5-150200.5.13.1 * postgresql17-plperl-debuginfo-17.5-150200.5.13.1 * postgresql17-debugsource-17.5-150200.5.13.1 * postgresql17-devel-debuginfo-17.5-150200.5.13.1 * SUSE Manager Server 4.3 (noarch) * postgresql17-docs-17.5-150200.5.13.1 * SUSE Manager Server 4.3 (x86_64) * libpq5-32bit-debuginfo-17.5-150200.5.13.1 * libpq5-32bit-17.5-150200.5.13.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * libecpg6-debuginfo-17.5-150200.5.13.1 * postgresql17-debuginfo-17.5-150200.5.13.1 * libecpg6-17.5-150200.5.13.1 * libpq5-17.5-150200.5.13.1 * postgresql17-debugsource-17.5-150200.5.13.1 * libpq5-debuginfo-17.5-150200.5.13.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4207.html * https://bugzilla.suse.com/show_bug.cgi?id=1242931 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 30 16:30:08 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 30 May 2025 16:30:08 -0000 Subject: SUSE-SU-2025:01782-1: moderate: Security update for postgresql16 Message-ID: <174862260893.15837.3162294820526024281@smelt2.prg2.suse.org> # Security update for postgresql16 Announcement ID: SUSE-SU-2025:01782-1 Release Date: 2025-05-30T15:33:46Z Rating: moderate References: * bsc#1242931 Cross-References: * CVE-2025-4207 CVSS scores: * CVE-2025-4207 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-4207 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for postgresql16 fixes the following issues: Upgrade to 16.9: * CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation (bsc#1242931) Changelog: https://www.postgresql.org/docs/release/16.9/ ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1782=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1782=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1782=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1782=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1782=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-1782=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-1782=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-1782=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1782=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1782=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1782=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1782=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1782=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1782=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1782=1 ## Package List: * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * postgresql16-pltcl-16.9-150200.5.29.1 * postgresql16-plpython-16.9-150200.5.29.1 * postgresql16-pltcl-debuginfo-16.9-150200.5.29.1 * postgresql16-16.9-150200.5.29.1 * postgresql16-server-devel-16.9-150200.5.29.1 * postgresql16-server-devel-debuginfo-16.9-150200.5.29.1 * postgresql16-plperl-16.9-150200.5.29.1 * postgresql16-debugsource-16.9-150200.5.29.1 * postgresql16-server-16.9-150200.5.29.1 * postgresql16-contrib-debuginfo-16.9-150200.5.29.1 * postgresql16-plperl-debuginfo-16.9-150200.5.29.1 * postgresql16-server-debuginfo-16.9-150200.5.29.1 * postgresql16-devel-debuginfo-16.9-150200.5.29.1 * postgresql16-devel-16.9-150200.5.29.1 * postgresql16-contrib-16.9-150200.5.29.1 * postgresql16-debuginfo-16.9-150200.5.29.1 * postgresql16-plpython-debuginfo-16.9-150200.5.29.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * postgresql16-docs-16.9-150200.5.29.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * postgresql16-pltcl-16.9-150200.5.29.1 * postgresql16-plpython-16.9-150200.5.29.1 * postgresql16-pltcl-debuginfo-16.9-150200.5.29.1 * postgresql16-16.9-150200.5.29.1 * postgresql16-server-devel-16.9-150200.5.29.1 * postgresql16-server-devel-debuginfo-16.9-150200.5.29.1 * postgresql16-plperl-16.9-150200.5.29.1 * postgresql16-debugsource-16.9-150200.5.29.1 * postgresql16-server-16.9-150200.5.29.1 * postgresql16-contrib-debuginfo-16.9-150200.5.29.1 * postgresql16-plperl-debuginfo-16.9-150200.5.29.1 * postgresql16-server-debuginfo-16.9-150200.5.29.1 * postgresql16-devel-debuginfo-16.9-150200.5.29.1 * postgresql16-devel-16.9-150200.5.29.1 * postgresql16-contrib-16.9-150200.5.29.1 * postgresql16-debuginfo-16.9-150200.5.29.1 * postgresql16-plpython-debuginfo-16.9-150200.5.29.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * postgresql16-docs-16.9-150200.5.29.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * postgresql16-debuginfo-16.9-150200.5.29.1 * postgresql16-debugsource-16.9-150200.5.29.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * postgresql16-pltcl-16.9-150200.5.29.1 * postgresql16-plpython-16.9-150200.5.29.1 * postgresql16-pltcl-debuginfo-16.9-150200.5.29.1 * postgresql16-16.9-150200.5.29.1 * postgresql16-server-devel-16.9-150200.5.29.1 * postgresql16-server-devel-debuginfo-16.9-150200.5.29.1 * postgresql16-plperl-16.9-150200.5.29.1 * postgresql16-debugsource-16.9-150200.5.29.1 * postgresql16-server-16.9-150200.5.29.1 * postgresql16-contrib-debuginfo-16.9-150200.5.29.1 * postgresql16-plperl-debuginfo-16.9-150200.5.29.1 * postgresql16-server-debuginfo-16.9-150200.5.29.1 * postgresql16-devel-debuginfo-16.9-150200.5.29.1 * postgresql16-devel-16.9-150200.5.29.1 * postgresql16-contrib-16.9-150200.5.29.1 * postgresql16-debuginfo-16.9-150200.5.29.1 * postgresql16-plpython-debuginfo-16.9-150200.5.29.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * postgresql16-docs-16.9-150200.5.29.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * postgresql16-pltcl-16.9-150200.5.29.1 * postgresql16-plpython-16.9-150200.5.29.1 * postgresql16-pltcl-debuginfo-16.9-150200.5.29.1 * postgresql16-16.9-150200.5.29.1 * postgresql16-server-devel-16.9-150200.5.29.1 * postgresql16-server-devel-debuginfo-16.9-150200.5.29.1 * postgresql16-plperl-16.9-150200.5.29.1 * postgresql16-debugsource-16.9-150200.5.29.1 * postgresql16-server-16.9-150200.5.29.1 * postgresql16-contrib-debuginfo-16.9-150200.5.29.1 * postgresql16-plperl-debuginfo-16.9-150200.5.29.1 * postgresql16-server-debuginfo-16.9-150200.5.29.1 * postgresql16-devel-debuginfo-16.9-150200.5.29.1 * postgresql16-devel-16.9-150200.5.29.1 * postgresql16-contrib-16.9-150200.5.29.1 * postgresql16-debuginfo-16.9-150200.5.29.1 * postgresql16-plpython-debuginfo-16.9-150200.5.29.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * postgresql16-docs-16.9-150200.5.29.1 * SUSE Manager Proxy 4.3 (x86_64) * postgresql16-pltcl-16.9-150200.5.29.1 * postgresql16-plpython-16.9-150200.5.29.1 * postgresql16-pltcl-debuginfo-16.9-150200.5.29.1 * postgresql16-16.9-150200.5.29.1 * postgresql16-server-devel-16.9-150200.5.29.1 * postgresql16-server-devel-debuginfo-16.9-150200.5.29.1 * postgresql16-plperl-16.9-150200.5.29.1 * postgresql16-debugsource-16.9-150200.5.29.1 * postgresql16-server-16.9-150200.5.29.1 * postgresql16-contrib-debuginfo-16.9-150200.5.29.1 * postgresql16-plperl-debuginfo-16.9-150200.5.29.1 * postgresql16-server-debuginfo-16.9-150200.5.29.1 * postgresql16-devel-debuginfo-16.9-150200.5.29.1 * postgresql16-devel-16.9-150200.5.29.1 * postgresql16-contrib-16.9-150200.5.29.1 * postgresql16-debuginfo-16.9-150200.5.29.1 * postgresql16-plpython-debuginfo-16.9-150200.5.29.1 * SUSE Manager Proxy 4.3 (noarch) * postgresql16-docs-16.9-150200.5.29.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * postgresql16-pltcl-16.9-150200.5.29.1 * postgresql16-plpython-16.9-150200.5.29.1 * postgresql16-pltcl-debuginfo-16.9-150200.5.29.1 * postgresql16-16.9-150200.5.29.1 * postgresql16-server-devel-16.9-150200.5.29.1 * postgresql16-server-devel-debuginfo-16.9-150200.5.29.1 * postgresql16-plperl-16.9-150200.5.29.1 * postgresql16-debugsource-16.9-150200.5.29.1 * postgresql16-server-16.9-150200.5.29.1 * postgresql16-contrib-debuginfo-16.9-150200.5.29.1 * postgresql16-plperl-debuginfo-16.9-150200.5.29.1 * postgresql16-server-debuginfo-16.9-150200.5.29.1 * postgresql16-devel-debuginfo-16.9-150200.5.29.1 * postgresql16-devel-16.9-150200.5.29.1 * postgresql16-contrib-16.9-150200.5.29.1 * postgresql16-debuginfo-16.9-150200.5.29.1 * postgresql16-plpython-debuginfo-16.9-150200.5.29.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * postgresql16-docs-16.9-150200.5.29.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * postgresql16-pltcl-16.9-150200.5.29.1 * postgresql16-plpython-16.9-150200.5.29.1 * postgresql16-pltcl-debuginfo-16.9-150200.5.29.1 * postgresql16-16.9-150200.5.29.1 * postgresql16-server-devel-16.9-150200.5.29.1 * postgresql16-server-devel-debuginfo-16.9-150200.5.29.1 * postgresql16-plperl-16.9-150200.5.29.1 * postgresql16-debugsource-16.9-150200.5.29.1 * postgresql16-server-16.9-150200.5.29.1 * postgresql16-contrib-debuginfo-16.9-150200.5.29.1 * postgresql16-plperl-debuginfo-16.9-150200.5.29.1 * postgresql16-server-debuginfo-16.9-150200.5.29.1 * postgresql16-devel-debuginfo-16.9-150200.5.29.1 * postgresql16-devel-16.9-150200.5.29.1 * postgresql16-contrib-16.9-150200.5.29.1 * postgresql16-debuginfo-16.9-150200.5.29.1 * postgresql16-plpython-debuginfo-16.9-150200.5.29.1 * SUSE Manager Server 4.3 (noarch) * postgresql16-docs-16.9-150200.5.29.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * postgresql16-debuginfo-16.9-150200.5.29.1 * postgresql16-debugsource-16.9-150200.5.29.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * postgresql16-debuginfo-16.9-150200.5.29.1 * postgresql16-debugsource-16.9-150200.5.29.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * postgresql16-pltcl-16.9-150200.5.29.1 * postgresql16-plpython-16.9-150200.5.29.1 * postgresql16-pltcl-debuginfo-16.9-150200.5.29.1 * postgresql16-16.9-150200.5.29.1 * postgresql16-server-devel-16.9-150200.5.29.1 * postgresql16-server-devel-debuginfo-16.9-150200.5.29.1 * postgresql16-plperl-16.9-150200.5.29.1 * postgresql16-debugsource-16.9-150200.5.29.1 * postgresql16-server-16.9-150200.5.29.1 * postgresql16-contrib-debuginfo-16.9-150200.5.29.1 * postgresql16-plperl-debuginfo-16.9-150200.5.29.1 * postgresql16-server-debuginfo-16.9-150200.5.29.1 * postgresql16-devel-debuginfo-16.9-150200.5.29.1 * postgresql16-devel-16.9-150200.5.29.1 * postgresql16-contrib-16.9-150200.5.29.1 * postgresql16-debuginfo-16.9-150200.5.29.1 * postgresql16-plpython-debuginfo-16.9-150200.5.29.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * postgresql16-docs-16.9-150200.5.29.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * postgresql16-pltcl-16.9-150200.5.29.1 * postgresql16-plpython-16.9-150200.5.29.1 * postgresql16-pltcl-debuginfo-16.9-150200.5.29.1 * postgresql16-16.9-150200.5.29.1 * postgresql16-server-devel-16.9-150200.5.29.1 * postgresql16-server-devel-debuginfo-16.9-150200.5.29.1 * postgresql16-plperl-16.9-150200.5.29.1 * postgresql16-debugsource-16.9-150200.5.29.1 * postgresql16-server-16.9-150200.5.29.1 * postgresql16-contrib-debuginfo-16.9-150200.5.29.1 * postgresql16-plperl-debuginfo-16.9-150200.5.29.1 * postgresql16-server-debuginfo-16.9-150200.5.29.1 * postgresql16-devel-debuginfo-16.9-150200.5.29.1 * postgresql16-devel-16.9-150200.5.29.1 * postgresql16-contrib-16.9-150200.5.29.1 * postgresql16-debuginfo-16.9-150200.5.29.1 * postgresql16-plpython-debuginfo-16.9-150200.5.29.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * postgresql16-docs-16.9-150200.5.29.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * postgresql16-pltcl-16.9-150200.5.29.1 * postgresql16-plpython-16.9-150200.5.29.1 * postgresql16-pltcl-debuginfo-16.9-150200.5.29.1 * postgresql16-16.9-150200.5.29.1 * postgresql16-server-devel-16.9-150200.5.29.1 * postgresql16-server-devel-debuginfo-16.9-150200.5.29.1 * postgresql16-plperl-16.9-150200.5.29.1 * postgresql16-debugsource-16.9-150200.5.29.1 * postgresql16-server-16.9-150200.5.29.1 * postgresql16-contrib-debuginfo-16.9-150200.5.29.1 * postgresql16-plperl-debuginfo-16.9-150200.5.29.1 * postgresql16-server-debuginfo-16.9-150200.5.29.1 * postgresql16-devel-debuginfo-16.9-150200.5.29.1 * postgresql16-devel-16.9-150200.5.29.1 * postgresql16-contrib-16.9-150200.5.29.1 * postgresql16-debuginfo-16.9-150200.5.29.1 * postgresql16-plpython-debuginfo-16.9-150200.5.29.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * postgresql16-docs-16.9-150200.5.29.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * postgresql16-pltcl-16.9-150200.5.29.1 * postgresql16-plpython-16.9-150200.5.29.1 * postgresql16-pltcl-debuginfo-16.9-150200.5.29.1 * postgresql16-16.9-150200.5.29.1 * postgresql16-server-devel-16.9-150200.5.29.1 * postgresql16-server-devel-debuginfo-16.9-150200.5.29.1 * postgresql16-plperl-16.9-150200.5.29.1 * postgresql16-debugsource-16.9-150200.5.29.1 * postgresql16-server-16.9-150200.5.29.1 * postgresql16-contrib-debuginfo-16.9-150200.5.29.1 * postgresql16-plperl-debuginfo-16.9-150200.5.29.1 * postgresql16-server-debuginfo-16.9-150200.5.29.1 * postgresql16-devel-debuginfo-16.9-150200.5.29.1 * postgresql16-devel-16.9-150200.5.29.1 * postgresql16-contrib-16.9-150200.5.29.1 * postgresql16-debuginfo-16.9-150200.5.29.1 * postgresql16-plpython-debuginfo-16.9-150200.5.29.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * postgresql16-docs-16.9-150200.5.29.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * postgresql16-debuginfo-16.9-150200.5.29.1 * postgresql16-debugsource-16.9-150200.5.29.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4207.html * https://bugzilla.suse.com/show_bug.cgi?id=1242931 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 30 16:30:13 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 30 May 2025 16:30:13 -0000 Subject: SUSE-RU-2025:01781-1: moderate: Recommended update for pipewire Message-ID: <174862261322.15837.17262571268758084775@smelt2.prg2.suse.org> # Recommended update for pipewire Announcement ID: SUSE-RU-2025:01781-1 Release Date: 2025-05-30T15:32:07Z Rating: moderate References: * bsc#1222762 Affected Products: * Basesystem Module 15-SP6 * Desktop Applications Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that has one fix can now be installed. ## Description: This update for pipewire fixes the following issue: * Add patch from upstream to make pipewire not run as root at all (bsc#1222762). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1781=1 openSUSE-SLE-15.6-2025-1781=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1781=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-1781=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-1781=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libpipewire-0_3-0-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-module-x11-0_3-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-libjack-0_3-devel-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-spa-tools-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-spa-tools-debuginfo-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-jack-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-pulseaudio-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-pulseaudio-debuginfo-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-spa-plugins-0_2-jack-debuginfo-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-spa-plugins-0_2-debuginfo-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-spa-plugins-0_2-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-modules-0_3-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-spa-plugins-0_2-jack-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-tools-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-libjack-0_3-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-tools-debuginfo-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-alsa-1.0.5+git36.60deeb2-150600.3.6.2 * gstreamer-plugin-pipewire-debuginfo-1.0.5+git36.60deeb2-150600.3.6.2 * libpipewire-0_3-0-debuginfo-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-debugsource-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-debuginfo-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-devel-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-libjack-0_3-debuginfo-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-alsa-debuginfo-1.0.5+git36.60deeb2-150600.3.6.2 * gstreamer-plugin-pipewire-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-modules-0_3-debuginfo-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-doc-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-module-x11-0_3-debuginfo-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-1.0.5+git36.60deeb2-150600.3.6.2 * openSUSE Leap 15.6 (x86_64) * pipewire-spa-plugins-0_2-32bit-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-alsa-32bit-debuginfo-1.0.5+git36.60deeb2-150600.3.6.2 * libpipewire-0_3-0-32bit-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-modules-0_3-32bit-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-spa-plugins-0_2-32bit-debuginfo-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-modules-0_3-32bit-debuginfo-1.0.5+git36.60deeb2-150600.3.6.2 * libpipewire-0_3-0-32bit-debuginfo-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-libjack-0_3-32bit-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-libjack-0_3-32bit-debuginfo-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-alsa-32bit-1.0.5+git36.60deeb2-150600.3.6.2 * openSUSE Leap 15.6 (noarch) * pipewire-lang-1.0.5+git36.60deeb2-150600.3.6.2 * openSUSE Leap 15.6 (aarch64_ilp32) * pipewire-spa-plugins-0_2-64bit-debuginfo-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-alsa-64bit-debuginfo-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-alsa-64bit-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-spa-plugins-0_2-64bit-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-modules-0_3-64bit-debuginfo-1.0.5+git36.60deeb2-150600.3.6.2 * libpipewire-0_3-0-64bit-debuginfo-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-libjack-0_3-64bit-debuginfo-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-modules-0_3-64bit-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-libjack-0_3-64bit-1.0.5+git36.60deeb2-150600.3.6.2 * libpipewire-0_3-0-64bit-1.0.5+git36.60deeb2-150600.3.6.2 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libpipewire-0_3-0-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-modules-0_3-debuginfo-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-spa-plugins-0_2-debuginfo-1.0.5+git36.60deeb2-150600.3.6.2 * libpipewire-0_3-0-debuginfo-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-spa-plugins-0_2-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-modules-0_3-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-debugsource-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-debuginfo-1.0.5+git36.60deeb2-150600.3.6.2 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * gstreamer-plugin-pipewire-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-spa-tools-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-spa-tools-debuginfo-1.0.5+git36.60deeb2-150600.3.6.2 * gstreamer-plugin-pipewire-debuginfo-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-tools-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-debugsource-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-debuginfo-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-tools-debuginfo-1.0.5+git36.60deeb2-150600.3.6.2 * Desktop Applications Module 15-SP6 (noarch) * pipewire-lang-1.0.5+git36.60deeb2-150600.3.6.2 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * pipewire-alsa-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-libjack-0_3-devel-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-alsa-debuginfo-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-pulseaudio-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-spa-plugins-0_2-jack-debuginfo-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-doc-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-spa-plugins-0_2-jack-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-libjack-0_3-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-pulseaudio-debuginfo-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-debugsource-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-debuginfo-1.0.5+git36.60deeb2-150600.3.6.2 * pipewire-libjack-0_3-debuginfo-1.0.5+git36.60deeb2-150600.3.6.2 * SUSE Package Hub 15 15-SP6 (noarch) * pipewire-lang-1.0.5+git36.60deeb2-150600.3.6.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1222762 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 30 16:30:17 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 30 May 2025 16:30:17 -0000 Subject: SUSE-SU-2025:01780-1: moderate: Security update for poppler Message-ID: <174862261714.15837.13405675131079998330@smelt2.prg2.suse.org> # Security update for poppler Announcement ID: SUSE-SU-2025:01780-1 Release Date: 2025-05-30T13:43:45Z Rating: moderate References: * bsc#1240880 * bsc#1240881 Cross-References: * CVE-2025-32364 * CVE-2025-32365 CVSS scores: * CVE-2025-32364 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-32364 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-32364 ( NVD ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-32365 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-32365 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-32365 ( NVD ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for poppler fixes the following issues: * CVE-2025-32364: integer overflow due to INT_MIN negation in the PSStack::roll function of Function.cc leads to floating point exception crash in pdftotext (bsc#1240880). * CVE-2025-32365: misplaced isOk check in the JBIG2Bitmap::combine function of JBIG2Stream.cc leads to out-of-bounds read (bsc#1240881). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1780=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * poppler-debugsource-0.43.0-16.55.1 * poppler-tools-0.43.0-16.55.1 * libpoppler60-0.43.0-16.55.1 * libpoppler-qt4-4-0.43.0-16.55.1 * poppler-tools-debuginfo-0.43.0-16.55.1 * libpoppler60-debuginfo-0.43.0-16.55.1 * libpoppler-qt4-4-debuginfo-0.43.0-16.55.1 * libpoppler-glib8-0.43.0-16.55.1 * libpoppler-glib-devel-0.43.0-16.55.1 * libpoppler-devel-0.43.0-16.55.1 * libpoppler-qt4-devel-0.43.0-16.55.1 * libpoppler-glib8-debuginfo-0.43.0-16.55.1 ## References: * https://www.suse.com/security/cve/CVE-2025-32364.html * https://www.suse.com/security/cve/CVE-2025-32365.html * https://bugzilla.suse.com/show_bug.cgi?id=1240880 * https://bugzilla.suse.com/show_bug.cgi?id=1240881 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 30 16:30:21 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 30 May 2025 16:30:21 -0000 Subject: SUSE-SU-2025:01779-1: moderate: Security update for iputils Message-ID: <174862262125.15837.16814884460209833021@smelt2.prg2.suse.org> # Security update for iputils Announcement ID: SUSE-SU-2025:01779-1 Release Date: 2025-05-30T13:39:04Z Rating: moderate References: * bsc#1242300 * bsc#1243284 Cross-References: * CVE-2025-47268 CVSS scores: * CVE-2025-47268 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-47268 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2025-47268 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L Affected Products: * openSUSE Leap 15.4 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for iputils fixes the following issues: Security fixes: * CVE-2025-47268: Fixed integer overflow in RTT calculation can lead to undefined behavior (bsc#1242300). Other bug fixes: * Fixed incorrect IPV4 TTL value when using SOCK_DGRAM on big endian systems (bsc#1243284). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1779=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1779=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1779=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1779=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1779=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-1779=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * rarpd-debuginfo-20211215-150400.3.19.1 * iputils-20211215-150400.3.19.1 * rarpd-20211215-150400.3.19.1 * iputils-debuginfo-20211215-150400.3.19.1 * iputils-debugsource-20211215-150400.3.19.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * iputils-debuginfo-20211215-150400.3.19.1 * iputils-20211215-150400.3.19.1 * iputils-debugsource-20211215-150400.3.19.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * iputils-debuginfo-20211215-150400.3.19.1 * iputils-20211215-150400.3.19.1 * iputils-debugsource-20211215-150400.3.19.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * iputils-debuginfo-20211215-150400.3.19.1 * iputils-20211215-150400.3.19.1 * iputils-debugsource-20211215-150400.3.19.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * iputils-debuginfo-20211215-150400.3.19.1 * iputils-20211215-150400.3.19.1 * iputils-debugsource-20211215-150400.3.19.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * iputils-debuginfo-20211215-150400.3.19.1 * rarpd-20211215-150400.3.19.1 * rarpd-debuginfo-20211215-150400.3.19.1 * iputils-debugsource-20211215-150400.3.19.1 ## References: * https://www.suse.com/security/cve/CVE-2025-47268.html * https://bugzilla.suse.com/show_bug.cgi?id=1242300 * https://bugzilla.suse.com/show_bug.cgi?id=1243284 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 30 16:30:22 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 30 May 2025 16:30:22 -0000 Subject: SUSE-RU-2025:00717-1: moderate: Recommended update for spack Message-ID: <174862262277.15837.12691943805055811780@smelt2.prg2.suse.org> # Recommended update for spack Announcement ID: SUSE-RU-2025:00717-1 Release Date: 2025-05-30T13:33:33Z Rating: moderate References: Affected Products: * HPC Module 15-SP7 * SUSE Linux Enterprise Server 15 SP7 An update that can now be installed. ## Description: This update for spack fixes the following issues: * spack was updated from version 0.23.0 to version 0.23.1: * Fixed a correctness issue of `ArchSpec.intersects`. * Make extra_attributes order independent in Spec hashing. * Fixed issue where system proxy settings were not respected in OCI build caches. * Fixed an issue where the `--test` concretizer flag was not forwarded correctly. * Ensure proper UTF-8 encoding/decoding in logging. * Fixed issues related `to filter_file`. * Fixed an issue related to creating bootstrap source mirrors. * Fixed an issue where command line config arguments were not always top level. * Fixed an incorrect typehint of `concretized()`. * Improved mention of next Spack version in warning. Tests: fixed forward compatibility with Python 3.13. * Docs: encourage use of `--oci-username-variable` and `--oci-password- variable`. * Docs: ensure Getting Started has bootstrap list output in correct place. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * HPC Module 15-SP7 zypper in -t patch SUSE-SLE-Module-HPC-15-SP7-2025-717=1 ## Package List: * HPC Module 15-SP7 (noarch) * spack-info-0.23.1-150400.24.1 * spack-0.23.1-150400.24.1 * spack-man-0.23.1-150400.24.1 * spack-recipes-0.23.1-150400.24.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 30 16:30:26 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 30 May 2025 16:30:26 -0000 Subject: SUSE-SU-2025:01778-1: moderate: Security update for open-vm-tools Message-ID: <174862262602.15837.12466638918067806921@smelt2.prg2.suse.org> # Security update for open-vm-tools Announcement ID: SUSE-SU-2025:01778-1 Release Date: 2025-05-30T13:05:19Z Rating: moderate References: * bsc#1237147 * bsc#1241938 * bsc#1243106 Cross-References: * CVE-2025-22247 CVSS scores: * CVE-2025-22247 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-22247 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N * CVE-2025-22247 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability and has two security fixes can now be installed. ## Description: This update for open-vm-tools fixes the following issues: Update to 12.5.2: Security fixes: * CVE-2025-22247: Fixed Insecure file handling (bsc#1243106) Other fixes: * Fixed GCC 15 compile time error (bsc#1241938) * Fixed building with containerd 1.7.25+ (bsc#1237147) Full changelog: https://github.com/vmware/open-vm-tools/blob/stable-12.5.2/ReleaseNotes.md https://github.com/vmware/open-vm-tools/blob/stable-12.5.2/open-vm- tools/ChangeLog ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1778=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * open-vm-tools-sdmp-12.5.2-4.83.1 * open-vm-tools-debugsource-12.5.2-4.83.1 * libvmtools0-debuginfo-12.5.2-4.83.1 * open-vm-tools-desktop-debuginfo-12.5.2-4.83.1 * open-vm-tools-salt-minion-12.5.2-4.83.1 * open-vm-tools-desktop-12.5.2-4.83.1 * open-vm-tools-debuginfo-12.5.2-4.83.1 * open-vm-tools-sdmp-debuginfo-12.5.2-4.83.1 * libvmtools0-12.5.2-4.83.1 * open-vm-tools-12.5.2-4.83.1 ## References: * https://www.suse.com/security/cve/CVE-2025-22247.html * https://bugzilla.suse.com/show_bug.cgi?id=1237147 * https://bugzilla.suse.com/show_bug.cgi?id=1241938 * https://bugzilla.suse.com/show_bug.cgi?id=1243106 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 30 16:30:28 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 30 May 2025 16:30:28 -0000 Subject: SUSE-SU-2025:01777-1: moderate: Security update for iputils Message-ID: <174862262869.15837.10994054895488660065@smelt2.prg2.suse.org> # Security update for iputils Announcement ID: SUSE-SU-2025:01777-1 Release Date: 2025-05-30T13:04:03Z Rating: moderate References: * bsc#1242300 Cross-References: * CVE-2025-47268 CVSS scores: * CVE-2025-47268 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-47268 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2025-47268 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for iputils fixes the following issues: * CVE-2025-47268: Fixed integer overflow in RTT calculation can lead to undefined behavior (bsc#1242300) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1777=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * iputils-debugsource-s20161105-11.9.1 * iputils-s20161105-11.9.1 * iputils-debuginfo-s20161105-11.9.1 ## References: * https://www.suse.com/security/cve/CVE-2025-47268.html * https://bugzilla.suse.com/show_bug.cgi?id=1242300 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 30 16:30:31 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 30 May 2025 16:30:31 -0000 Subject: SUSE-SU-2025:01776-1: moderate: Security update for iputils Message-ID: <174862263185.15837.693120176166686683@smelt2.prg2.suse.org> # Security update for iputils Announcement ID: SUSE-SU-2025:01776-1 Release Date: 2025-05-30T13:03:00Z Rating: moderate References: * bsc#1242300 Cross-References: * CVE-2025-47268 CVSS scores: * CVE-2025-47268 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-47268 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2025-47268 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for iputils fixes the following issues: * CVE-2025-47268: Fixed integer overflow in RTT calculation can lead to undefined behavior (bsc#1242300) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-1776=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1776=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-1776=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1776=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * iputils-debuginfo-20221126-150500.3.11.1 * iputils-20221126-150500.3.11.1 * iputils-debugsource-20221126-150500.3.11.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * iputils-debuginfo-20221126-150500.3.11.1 * iputils-20221126-150500.3.11.1 * iputils-debugsource-20221126-150500.3.11.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * iputils-debuginfo-20221126-150500.3.11.1 * iputils-20221126-150500.3.11.1 * iputils-debugsource-20221126-150500.3.11.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * iputils-debuginfo-20221126-150500.3.11.1 * iputils-20221126-150500.3.11.1 * iputils-debugsource-20221126-150500.3.11.1 ## References: * https://www.suse.com/security/cve/CVE-2025-47268.html * https://bugzilla.suse.com/show_bug.cgi?id=1242300 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 30 16:30:34 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 30 May 2025 16:30:34 -0000 Subject: SUSE-SU-2025:01774-1: important: Security update for python312-setuptools Message-ID: <174862263438.15837.11380422402582999529@smelt2.prg2.suse.org> # Security update for python312-setuptools Announcement ID: SUSE-SU-2025:01774-1 Release Date: 2025-05-30T12:10:45Z Rating: important References: * bsc#1243313 Cross-References: * CVE-2025-47273 CVSS scores: * CVE-2025-47273 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-47273 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2025-47273 ( NVD ): 7.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * openSUSE Leap 15.6 * Python 3 Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for python312-setuptools fixes the following issues: * CVE-2025-47273: path traversal in PackageIndex.download may lead to an arbitrary file write (bsc#1243313). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Python 3 Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2025-1774=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1774=1 openSUSE-SLE-15.6-2025-1774=1 ## Package List: * Python 3 Module 15-SP6 (noarch) * python312-setuptools-68.1.2-150600.3.6.1 * openSUSE Leap 15.6 (noarch) * python312-setuptools-68.1.2-150600.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2025-47273.html * https://bugzilla.suse.com/show_bug.cgi?id=1243313 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 30 16:30:38 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 30 May 2025 16:30:38 -0000 Subject: SUSE-RU-2025:01645-2: moderate: Recommended update for crmsh Message-ID: <174862263821.15837.11258130407333520464@smelt2.prg2.suse.org> # Recommended update for crmsh Announcement ID: SUSE-RU-2025:01645-2 Release Date: 2025-05-30T12:03:49Z Rating: moderate References: * bsc#1236442 * bsc#1241358 Affected Products: * SUSE Linux Enterprise High Availability Extension 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that has two fixes can now be installed. ## Description: This update for crmsh fixes the following issues: * Version update 4.6.1+20250506.8457349 * Fix: [ra] Prevent to add unknown operation (bsc#1236442). * Fix: [ui_cluster] Return when cluster service on all nodes are already startd (bsc#1241358). * Dev: [ui_cluster] Return False when run `crm cluster stop` raise NoSSHError. * Dev: [command] Sort the completion results for non-interactive mode. * Dev: [ra] Show parameters more clear. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Availability Extension 15 SP7 zypper in -t patch SUSE-SLE-Product-HA-15-SP7-2025-1645=1 ## Package List: * SUSE Linux Enterprise High Availability Extension 15 SP7 (noarch) * crmsh-scripts-4.6.1+20250506.8457349-150600.3.32.2 * crmsh-4.6.1+20250506.8457349-150600.3.32.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1236442 * https://bugzilla.suse.com/show_bug.cgi?id=1241358 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 30 20:30:07 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 30 May 2025 20:30:07 -0000 Subject: SUSE-SU-2025:01787-1: important: Security update for bind Message-ID: <174863700788.30190.13845554274910630043@smelt2.prg2.suse.org> # Security update for bind Announcement ID: SUSE-SU-2025:01787-1 Release Date: 2025-05-30T17:15:21Z Rating: important References: * bsc#1236596 * bsc#1236597 * bsc#1243361 Cross-References: * CVE-2024-11187 * CVE-2024-12705 * CVE-2025-40775 CVSS scores: * CVE-2024-11187 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-11187 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-11187 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-12705 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-12705 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-12705 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40775 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40775 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40775 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP7 * Server Applications Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves three vulnerabilities can now be installed. ## Description: This update for bind fixes the following issues: Update to version 9.20.9. * Security issues fixed: * CVE-2025-40775: denial-of-service due to assertion failure caused by the processing of a NS message with an invalid TSIG (bsc#1243361). * CVE-2024-12705: CPU and memory exhaustion due to DNS-over-HTTPS issues that arise under heavy query load (bsc#1236597). * CVE-2024-11187: CPU exhaustion when processing queries that lead to responses containing several records in the Additional data section (bsc#1236596). * Changelog: * Feature changes: * Performance optimization for NSEC3 lookups introduced in BIND 9.20.2 was reverted to avoid risks associated with a complex code change. * The configuration clauses parental-agents and primaries are renamed to remote-servers. * Add none parameter to query-source and query-source-v6 to disable IPv4 or IPv6 upstream queries but allow listening to queries from clients on IPv4 or IPv6. * dnssec-ksr now supports KSK rollovers. * Print RFC 7314: EXPIRE option in transfer summary. * Emit more helpful log messages for exceeding max-records-per-type. * Harden key management when key files have become unavailable. * New Features: * Add support for EDE 20 (Not Authoritative). * Add support for EDE 7 and EDE 8. * `dig` can now display the received BADVERS message during negotiation. * Add an `rndc` command to reset some statistics counters. * Implement the min-transfer-rate-in configuration option. * Add HTTPS record query to host command line tool. * Implement sig0key-checks-limit and sig0message-checks-limit. * Adds support for EDE code 1 and 2. * Add an rndc command to toggle jemalloc profiling. * Add support for multiple extended DNS errors. * Print the expiration time of stale records. * Add Extended DNS Error Code 22 - No Reachable Authority. * Add a new option to configure the maximum number of outgoing queries per client request. * Use the Server Name Indication (SNI) extension for all outgoing TLS connections. * Update built-in bind.keys file with the new 2025 IANA root key. * Add an initial-ds entry to bind.keys for the new root key, ID 38696, which is scheduled for publication in January 2025. * Bug Fixes: * Restore NSEC3 closest-encloser lookup improvements. * Stop caching lack of EDNS support. * Fix resolver statistics counters for timed-out responses. * Nested DNS validation could cause an assertion failure. * Wait for memory reclamation to finish in `named-checkconf`. * Ensure `max-clients-per-query` is at least `clients-per-query`. * Fix write after free in validator code. * Don't enforce NOAUTH/NOCONF flags in DNSKEYs. * Fix several small DNSSEC timing issues. * Fix inconsistency in CNAME/DNAME handling during resolution. * Fix dual-stack-servers configuration option. * Fix a data race causing a permanent active client increase. * Fix deferred validation of unsigned DS and DNSKEY records. * Fix RPZ race condition during a reconfiguration. * "CNAME and other data check" not applied to all types. * Relax private DNSKEY and RRSIG constraints. * Remove NSEC/DS/NSEC3 RRSIG check from dns_message_parse(). * Fix TTL issue with ANY queries processed through RPZ "passthru";. * dnssec-signzone needs to check for a NULL key when setting offline. * Fix a bug in the statistics channel when querying zone transfer information. * Fix assertion failure when dumping recursing clients. * Dump the active resolver fetches from dns_resolver_dumpfetches(). * Recently expired records could be returned with a timestamp in future. * YAML string not terminated in negative response in delv. * Fix a bug in dnssec-signzone related to keys being offline. * Apply the memory limit only to ADB database items. * Avoid unnecessary locking in the zone/cache database. * Fix reporting of Extended DNS Error 22 (No Reachable Authority). * Fix nsupdate hang when processing a large update. * Fix possible assertion failure when reloading server while processing update policy rules. * Preserve cache across reconfig when using attach-cache. * Resolve the spurious drops in performance due to glue cache. * Fix dnssec-signzone signing non-DNSKEY RRsets with revoked keys. * Fix improper handling of unknown directives in resolv.conf. * Fix response policy zones and catalog zones with an $INCLUDE statement defined. * Use TLS for notifies if configured to do so. * Notifies configured to use TLS will now be sent over TLS, instead of plain text UDP or TCP. Also, failing to load the TLS configuration for notify now results in an error.' * {&dns} is as valid as {?dns} in a SVCB's dohpath. * dig failed to parse a valid SVCB record with a dohpath URI template containing a {&dns}, like "dohpath=/some/path?key=value{&dns}";. * Fix NSEC3 closest encloser lookup for names with empty non-terminals. * A previous performance optimization for finding the NSEC3 closest encloser when generating authoritative responses could cause servers to return incorrect NSEC3 records in some cases. This has been fixed. * recursive-clients statement with value 0 triggered an assertion failure. * BIND 9.20.0 broke recursive-clients 0;. This has now been fixed. * Parsing of hostnames in rndc.conf was broken. * When DSCP support was removed, parsing of hostnames in rndc.conf was accidentally broken, resulting in an assertion failure. This has been fixed. * `dig` options of the form [+-]option= failed to display the value on the printed command line. This has been fixed. * Provide more visibility into TLS configuration errors by logging SSL_CTX_use_certificate_chain_file() and SSL_CTX_use_PrivateKey_file() errors individually. * Fix a race condition when canceling ADB find which could cause an assertion failure. * SERVFAIL cache memory cleaning is now more aggressive; it no longer consumes a lot of memory if the server encounters many SERVFAILs at once. * Fix trying the next primary XoT server when the previous one was marked as unreachable. * In some cases named failed to try the next primary server in the primaries list when the previous one was marked as unreachable. This has been fixed. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-1787=1 * Server Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2025-1787=1 ## Package List: * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * bind-utils-debuginfo-9.20.9-150700.3.3.1 * bind-debugsource-9.20.9-150700.3.3.1 * bind-utils-9.20.9-150700.3.3.1 * bind-debuginfo-9.20.9-150700.3.3.1 * Server Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * bind-9.20.9-150700.3.3.1 * bind-debugsource-9.20.9-150700.3.3.1 * bind-debuginfo-9.20.9-150700.3.3.1 * Server Applications Module 15-SP7 (noarch) * bind-doc-9.20.9-150700.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-11187.html * https://www.suse.com/security/cve/CVE-2024-12705.html * https://www.suse.com/security/cve/CVE-2025-40775.html * https://bugzilla.suse.com/show_bug.cgi?id=1236596 * https://bugzilla.suse.com/show_bug.cgi?id=1236597 * https://bugzilla.suse.com/show_bug.cgi?id=1243361 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 30 20:30:10 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 30 May 2025 20:30:10 -0000 Subject: SUSE-SU-2025:01786-1: moderate: Security update for postgresql14 Message-ID: <174863701063.30190.15579150732436901525@smelt2.prg2.suse.org> # Security update for postgresql14 Announcement ID: SUSE-SU-2025:01786-1 Release Date: 2025-05-30T16:12:31Z Rating: moderate References: * bsc#1242931 Cross-References: * CVE-2025-4207 CVSS scores: * CVE-2025-4207 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-4207 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for postgresql14 fixes the following issues: Upgrade to 14.18: * CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation (bsc#1242931) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1786=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1786=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1786=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1786=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1786=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-1786=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-1786=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-1786=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1786=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1786=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1786=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1786=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1786=1 ## Package List: * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * postgresql14-debuginfo-14.18-150200.5.58.1 * postgresql14-plpython-debuginfo-14.18-150200.5.58.1 * postgresql14-14.18-150200.5.58.1 * postgresql14-pltcl-14.18-150200.5.58.1 * postgresql14-contrib-debuginfo-14.18-150200.5.58.1 * postgresql14-plpython-14.18-150200.5.58.1 * postgresql14-server-devel-14.18-150200.5.58.1 * postgresql14-devel-14.18-150200.5.58.1 * postgresql14-devel-debuginfo-14.18-150200.5.58.1 * postgresql14-pltcl-debuginfo-14.18-150200.5.58.1 * postgresql14-plperl-debuginfo-14.18-150200.5.58.1 * postgresql14-server-14.18-150200.5.58.1 * postgresql14-server-debuginfo-14.18-150200.5.58.1 * postgresql14-server-devel-debuginfo-14.18-150200.5.58.1 * postgresql14-contrib-14.18-150200.5.58.1 * postgresql14-debugsource-14.18-150200.5.58.1 * postgresql14-plperl-14.18-150200.5.58.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * postgresql14-docs-14.18-150200.5.58.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * postgresql14-debuginfo-14.18-150200.5.58.1 * postgresql14-llvmjit-debuginfo-14.18-150200.5.58.1 * postgresql14-plpython-debuginfo-14.18-150200.5.58.1 * postgresql14-14.18-150200.5.58.1 * postgresql14-llvmjit-14.18-150200.5.58.1 * postgresql14-contrib-debuginfo-14.18-150200.5.58.1 * postgresql14-plpython-14.18-150200.5.58.1 * postgresql14-pltcl-14.18-150200.5.58.1 * postgresql14-server-devel-14.18-150200.5.58.1 * postgresql14-devel-14.18-150200.5.58.1 * postgresql14-devel-debuginfo-14.18-150200.5.58.1 * postgresql14-llvmjit-devel-14.18-150200.5.58.1 * postgresql14-plperl-debuginfo-14.18-150200.5.58.1 * postgresql14-pltcl-debuginfo-14.18-150200.5.58.1 * postgresql14-server-14.18-150200.5.58.1 * postgresql14-server-debuginfo-14.18-150200.5.58.1 * postgresql14-server-devel-debuginfo-14.18-150200.5.58.1 * postgresql14-contrib-14.18-150200.5.58.1 * postgresql14-debugsource-14.18-150200.5.58.1 * postgresql14-plperl-14.18-150200.5.58.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * postgresql14-docs-14.18-150200.5.58.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * postgresql14-debuginfo-14.18-150200.5.58.1 * postgresql14-plpython-debuginfo-14.18-150200.5.58.1 * postgresql14-14.18-150200.5.58.1 * postgresql14-pltcl-14.18-150200.5.58.1 * postgresql14-contrib-debuginfo-14.18-150200.5.58.1 * postgresql14-plpython-14.18-150200.5.58.1 * postgresql14-server-devel-14.18-150200.5.58.1 * postgresql14-devel-14.18-150200.5.58.1 * postgresql14-devel-debuginfo-14.18-150200.5.58.1 * postgresql14-pltcl-debuginfo-14.18-150200.5.58.1 * postgresql14-plperl-debuginfo-14.18-150200.5.58.1 * postgresql14-server-14.18-150200.5.58.1 * postgresql14-server-debuginfo-14.18-150200.5.58.1 * postgresql14-server-devel-debuginfo-14.18-150200.5.58.1 * postgresql14-contrib-14.18-150200.5.58.1 * postgresql14-debugsource-14.18-150200.5.58.1 * postgresql14-plperl-14.18-150200.5.58.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * postgresql14-docs-14.18-150200.5.58.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * postgresql14-debuginfo-14.18-150200.5.58.1 * postgresql14-plpython-debuginfo-14.18-150200.5.58.1 * postgresql14-14.18-150200.5.58.1 * postgresql14-pltcl-14.18-150200.5.58.1 * postgresql14-contrib-debuginfo-14.18-150200.5.58.1 * postgresql14-plpython-14.18-150200.5.58.1 * postgresql14-server-devel-14.18-150200.5.58.1 * postgresql14-devel-14.18-150200.5.58.1 * postgresql14-devel-debuginfo-14.18-150200.5.58.1 * postgresql14-pltcl-debuginfo-14.18-150200.5.58.1 * postgresql14-plperl-debuginfo-14.18-150200.5.58.1 * postgresql14-server-14.18-150200.5.58.1 * postgresql14-server-debuginfo-14.18-150200.5.58.1 * postgresql14-server-devel-debuginfo-14.18-150200.5.58.1 * postgresql14-contrib-14.18-150200.5.58.1 * postgresql14-debugsource-14.18-150200.5.58.1 * postgresql14-plperl-14.18-150200.5.58.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * postgresql14-docs-14.18-150200.5.58.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * postgresql14-debuginfo-14.18-150200.5.58.1 * postgresql14-llvmjit-debuginfo-14.18-150200.5.58.1 * postgresql14-plpython-debuginfo-14.18-150200.5.58.1 * postgresql14-14.18-150200.5.58.1 * postgresql14-llvmjit-14.18-150200.5.58.1 * postgresql14-contrib-debuginfo-14.18-150200.5.58.1 * postgresql14-plpython-14.18-150200.5.58.1 * postgresql14-pltcl-14.18-150200.5.58.1 * postgresql14-server-devel-14.18-150200.5.58.1 * postgresql14-devel-14.18-150200.5.58.1 * postgresql14-devel-debuginfo-14.18-150200.5.58.1 * postgresql14-llvmjit-devel-14.18-150200.5.58.1 * postgresql14-plperl-debuginfo-14.18-150200.5.58.1 * postgresql14-pltcl-debuginfo-14.18-150200.5.58.1 * postgresql14-server-14.18-150200.5.58.1 * postgresql14-server-debuginfo-14.18-150200.5.58.1 * postgresql14-server-devel-debuginfo-14.18-150200.5.58.1 * postgresql14-contrib-14.18-150200.5.58.1 * postgresql14-debugsource-14.18-150200.5.58.1 * postgresql14-plperl-14.18-150200.5.58.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * postgresql14-docs-14.18-150200.5.58.1 * SUSE Manager Proxy 4.3 (x86_64) * postgresql14-debuginfo-14.18-150200.5.58.1 * postgresql14-plpython-debuginfo-14.18-150200.5.58.1 * postgresql14-14.18-150200.5.58.1 * postgresql14-pltcl-14.18-150200.5.58.1 * postgresql14-contrib-debuginfo-14.18-150200.5.58.1 * postgresql14-plpython-14.18-150200.5.58.1 * postgresql14-server-devel-14.18-150200.5.58.1 * postgresql14-devel-14.18-150200.5.58.1 * postgresql14-devel-debuginfo-14.18-150200.5.58.1 * postgresql14-pltcl-debuginfo-14.18-150200.5.58.1 * postgresql14-plperl-debuginfo-14.18-150200.5.58.1 * postgresql14-server-14.18-150200.5.58.1 * postgresql14-server-debuginfo-14.18-150200.5.58.1 * postgresql14-server-devel-debuginfo-14.18-150200.5.58.1 * postgresql14-contrib-14.18-150200.5.58.1 * postgresql14-debugsource-14.18-150200.5.58.1 * postgresql14-plperl-14.18-150200.5.58.1 * SUSE Manager Proxy 4.3 (noarch) * postgresql14-docs-14.18-150200.5.58.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * postgresql14-debuginfo-14.18-150200.5.58.1 * postgresql14-plpython-debuginfo-14.18-150200.5.58.1 * postgresql14-14.18-150200.5.58.1 * postgresql14-pltcl-14.18-150200.5.58.1 * postgresql14-contrib-debuginfo-14.18-150200.5.58.1 * postgresql14-plpython-14.18-150200.5.58.1 * postgresql14-server-devel-14.18-150200.5.58.1 * postgresql14-devel-14.18-150200.5.58.1 * postgresql14-devel-debuginfo-14.18-150200.5.58.1 * postgresql14-pltcl-debuginfo-14.18-150200.5.58.1 * postgresql14-plperl-debuginfo-14.18-150200.5.58.1 * postgresql14-server-14.18-150200.5.58.1 * postgresql14-server-debuginfo-14.18-150200.5.58.1 * postgresql14-server-devel-debuginfo-14.18-150200.5.58.1 * postgresql14-contrib-14.18-150200.5.58.1 * postgresql14-debugsource-14.18-150200.5.58.1 * postgresql14-plperl-14.18-150200.5.58.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * postgresql14-docs-14.18-150200.5.58.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * postgresql14-debuginfo-14.18-150200.5.58.1 * postgresql14-plpython-debuginfo-14.18-150200.5.58.1 * postgresql14-14.18-150200.5.58.1 * postgresql14-pltcl-14.18-150200.5.58.1 * postgresql14-contrib-debuginfo-14.18-150200.5.58.1 * postgresql14-plpython-14.18-150200.5.58.1 * postgresql14-server-devel-14.18-150200.5.58.1 * postgresql14-devel-14.18-150200.5.58.1 * postgresql14-devel-debuginfo-14.18-150200.5.58.1 * postgresql14-pltcl-debuginfo-14.18-150200.5.58.1 * postgresql14-plperl-debuginfo-14.18-150200.5.58.1 * postgresql14-server-14.18-150200.5.58.1 * postgresql14-server-debuginfo-14.18-150200.5.58.1 * postgresql14-server-devel-debuginfo-14.18-150200.5.58.1 * postgresql14-contrib-14.18-150200.5.58.1 * postgresql14-debugsource-14.18-150200.5.58.1 * postgresql14-plperl-14.18-150200.5.58.1 * SUSE Manager Server 4.3 (noarch) * postgresql14-docs-14.18-150200.5.58.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * postgresql14-debuginfo-14.18-150200.5.58.1 * postgresql14-plpython-debuginfo-14.18-150200.5.58.1 * postgresql14-14.18-150200.5.58.1 * postgresql14-pltcl-14.18-150200.5.58.1 * postgresql14-contrib-debuginfo-14.18-150200.5.58.1 * postgresql14-plpython-14.18-150200.5.58.1 * postgresql14-server-devel-14.18-150200.5.58.1 * postgresql14-devel-14.18-150200.5.58.1 * postgresql14-devel-debuginfo-14.18-150200.5.58.1 * postgresql14-pltcl-debuginfo-14.18-150200.5.58.1 * postgresql14-plperl-debuginfo-14.18-150200.5.58.1 * postgresql14-server-14.18-150200.5.58.1 * postgresql14-server-debuginfo-14.18-150200.5.58.1 * postgresql14-server-devel-debuginfo-14.18-150200.5.58.1 * postgresql14-contrib-14.18-150200.5.58.1 * postgresql14-debugsource-14.18-150200.5.58.1 * postgresql14-plperl-14.18-150200.5.58.1 * SUSE Enterprise Storage 7.1 (noarch) * postgresql14-docs-14.18-150200.5.58.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * postgresql14-debuginfo-14.18-150200.5.58.1 * postgresql14-plpython-debuginfo-14.18-150200.5.58.1 * postgresql14-14.18-150200.5.58.1 * postgresql14-pltcl-14.18-150200.5.58.1 * postgresql14-contrib-debuginfo-14.18-150200.5.58.1 * postgresql14-plpython-14.18-150200.5.58.1 * postgresql14-server-devel-14.18-150200.5.58.1 * postgresql14-devel-14.18-150200.5.58.1 * postgresql14-devel-debuginfo-14.18-150200.5.58.1 * postgresql14-pltcl-debuginfo-14.18-150200.5.58.1 * postgresql14-plperl-debuginfo-14.18-150200.5.58.1 * postgresql14-server-14.18-150200.5.58.1 * postgresql14-server-debuginfo-14.18-150200.5.58.1 * postgresql14-server-devel-debuginfo-14.18-150200.5.58.1 * postgresql14-contrib-14.18-150200.5.58.1 * postgresql14-debugsource-14.18-150200.5.58.1 * postgresql14-plperl-14.18-150200.5.58.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * postgresql14-docs-14.18-150200.5.58.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * postgresql14-debuginfo-14.18-150200.5.58.1 * postgresql14-plpython-debuginfo-14.18-150200.5.58.1 * postgresql14-14.18-150200.5.58.1 * postgresql14-pltcl-14.18-150200.5.58.1 * postgresql14-contrib-debuginfo-14.18-150200.5.58.1 * postgresql14-plpython-14.18-150200.5.58.1 * postgresql14-server-devel-14.18-150200.5.58.1 * postgresql14-devel-14.18-150200.5.58.1 * postgresql14-devel-debuginfo-14.18-150200.5.58.1 * postgresql14-pltcl-debuginfo-14.18-150200.5.58.1 * postgresql14-plperl-debuginfo-14.18-150200.5.58.1 * postgresql14-server-14.18-150200.5.58.1 * postgresql14-server-debuginfo-14.18-150200.5.58.1 * postgresql14-server-devel-debuginfo-14.18-150200.5.58.1 * postgresql14-contrib-14.18-150200.5.58.1 * postgresql14-debugsource-14.18-150200.5.58.1 * postgresql14-plperl-14.18-150200.5.58.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * postgresql14-docs-14.18-150200.5.58.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * postgresql14-debuginfo-14.18-150200.5.58.1 * postgresql14-plpython-debuginfo-14.18-150200.5.58.1 * postgresql14-14.18-150200.5.58.1 * postgresql14-pltcl-14.18-150200.5.58.1 * postgresql14-contrib-debuginfo-14.18-150200.5.58.1 * postgresql14-plpython-14.18-150200.5.58.1 * postgresql14-server-devel-14.18-150200.5.58.1 * postgresql14-devel-14.18-150200.5.58.1 * postgresql14-devel-debuginfo-14.18-150200.5.58.1 * postgresql14-pltcl-debuginfo-14.18-150200.5.58.1 * postgresql14-plperl-debuginfo-14.18-150200.5.58.1 * postgresql14-server-14.18-150200.5.58.1 * postgresql14-server-debuginfo-14.18-150200.5.58.1 * postgresql14-server-devel-debuginfo-14.18-150200.5.58.1 * postgresql14-contrib-14.18-150200.5.58.1 * postgresql14-debugsource-14.18-150200.5.58.1 * postgresql14-plperl-14.18-150200.5.58.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * postgresql14-docs-14.18-150200.5.58.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * postgresql14-debuginfo-14.18-150200.5.58.1 * postgresql14-plpython-debuginfo-14.18-150200.5.58.1 * postgresql14-14.18-150200.5.58.1 * postgresql14-pltcl-14.18-150200.5.58.1 * postgresql14-contrib-debuginfo-14.18-150200.5.58.1 * postgresql14-plpython-14.18-150200.5.58.1 * postgresql14-server-devel-14.18-150200.5.58.1 * postgresql14-devel-14.18-150200.5.58.1 * postgresql14-devel-debuginfo-14.18-150200.5.58.1 * postgresql14-pltcl-debuginfo-14.18-150200.5.58.1 * postgresql14-plperl-debuginfo-14.18-150200.5.58.1 * postgresql14-server-14.18-150200.5.58.1 * postgresql14-server-debuginfo-14.18-150200.5.58.1 * postgresql14-server-devel-debuginfo-14.18-150200.5.58.1 * postgresql14-contrib-14.18-150200.5.58.1 * postgresql14-debugsource-14.18-150200.5.58.1 * postgresql14-plperl-14.18-150200.5.58.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * postgresql14-docs-14.18-150200.5.58.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4207.html * https://bugzilla.suse.com/show_bug.cgi?id=1242931 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 30 20:30:13 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 30 May 2025 20:30:13 -0000 Subject: SUSE-SU-2025:01785-1: moderate: Security update for postgresql15 Message-ID: <174863701331.30190.6934296802242154042@smelt2.prg2.suse.org> # Security update for postgresql15 Announcement ID: SUSE-SU-2025:01785-1 Release Date: 2025-05-30T16:11:28Z Rating: moderate References: * bsc#1242931 Cross-References: * CVE-2025-4207 CVSS scores: * CVE-2025-4207 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-4207 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for postgresql15 fixes the following issues: Upgrade to 15.13: * CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation (bsc#1242931) Changelog: https://www.postgresql.org/docs/release/15.13/ ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1785=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1785=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1785=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1785=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1785=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1785=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1785=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1785=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1785=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1785=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1785=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-1785=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-1785=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-1785=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1785=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * postgresql15-debuginfo-15.13-150200.5.41.1 * postgresql15-devel-15.13-150200.5.41.1 * postgresql15-plpython-debuginfo-15.13-150200.5.41.1 * postgresql15-server-15.13-150200.5.41.1 * postgresql15-server-debuginfo-15.13-150200.5.41.1 * postgresql15-contrib-debuginfo-15.13-150200.5.41.1 * postgresql15-plpython-15.13-150200.5.41.1 * postgresql15-devel-debuginfo-15.13-150200.5.41.1 * postgresql15-plperl-debuginfo-15.13-150200.5.41.1 * postgresql15-server-devel-15.13-150200.5.41.1 * postgresql15-contrib-15.13-150200.5.41.1 * postgresql15-pltcl-debuginfo-15.13-150200.5.41.1 * postgresql15-debugsource-15.13-150200.5.41.1 * postgresql15-plperl-15.13-150200.5.41.1 * postgresql15-15.13-150200.5.41.1 * postgresql15-pltcl-15.13-150200.5.41.1 * postgresql15-server-devel-debuginfo-15.13-150200.5.41.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * postgresql15-docs-15.13-150200.5.41.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * postgresql15-debuginfo-15.13-150200.5.41.1 * postgresql15-devel-15.13-150200.5.41.1 * postgresql15-plpython-debuginfo-15.13-150200.5.41.1 * postgresql15-server-15.13-150200.5.41.1 * postgresql15-server-debuginfo-15.13-150200.5.41.1 * postgresql15-contrib-debuginfo-15.13-150200.5.41.1 * postgresql15-plpython-15.13-150200.5.41.1 * postgresql15-devel-debuginfo-15.13-150200.5.41.1 * postgresql15-plperl-debuginfo-15.13-150200.5.41.1 * postgresql15-server-devel-15.13-150200.5.41.1 * postgresql15-contrib-15.13-150200.5.41.1 * postgresql15-pltcl-debuginfo-15.13-150200.5.41.1 * postgresql15-debugsource-15.13-150200.5.41.1 * postgresql15-plperl-15.13-150200.5.41.1 * postgresql15-15.13-150200.5.41.1 * postgresql15-pltcl-15.13-150200.5.41.1 * postgresql15-server-devel-debuginfo-15.13-150200.5.41.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * postgresql15-docs-15.13-150200.5.41.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * postgresql15-debuginfo-15.13-150200.5.41.1 * postgresql15-devel-15.13-150200.5.41.1 * postgresql15-plpython-debuginfo-15.13-150200.5.41.1 * postgresql15-server-15.13-150200.5.41.1 * postgresql15-server-debuginfo-15.13-150200.5.41.1 * postgresql15-contrib-debuginfo-15.13-150200.5.41.1 * postgresql15-plpython-15.13-150200.5.41.1 * postgresql15-devel-debuginfo-15.13-150200.5.41.1 * postgresql15-plperl-debuginfo-15.13-150200.5.41.1 * postgresql15-server-devel-15.13-150200.5.41.1 * postgresql15-contrib-15.13-150200.5.41.1 * postgresql15-pltcl-debuginfo-15.13-150200.5.41.1 * postgresql15-debugsource-15.13-150200.5.41.1 * postgresql15-plperl-15.13-150200.5.41.1 * postgresql15-15.13-150200.5.41.1 * postgresql15-pltcl-15.13-150200.5.41.1 * postgresql15-server-devel-debuginfo-15.13-150200.5.41.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * postgresql15-docs-15.13-150200.5.41.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * postgresql15-debuginfo-15.13-150200.5.41.1 * postgresql15-devel-15.13-150200.5.41.1 * postgresql15-plpython-debuginfo-15.13-150200.5.41.1 * postgresql15-server-15.13-150200.5.41.1 * postgresql15-server-debuginfo-15.13-150200.5.41.1 * postgresql15-contrib-debuginfo-15.13-150200.5.41.1 * postgresql15-plpython-15.13-150200.5.41.1 * postgresql15-devel-debuginfo-15.13-150200.5.41.1 * postgresql15-plperl-debuginfo-15.13-150200.5.41.1 * postgresql15-server-devel-15.13-150200.5.41.1 * postgresql15-contrib-15.13-150200.5.41.1 * postgresql15-pltcl-debuginfo-15.13-150200.5.41.1 * postgresql15-debugsource-15.13-150200.5.41.1 * postgresql15-plperl-15.13-150200.5.41.1 * postgresql15-15.13-150200.5.41.1 * postgresql15-pltcl-15.13-150200.5.41.1 * postgresql15-server-devel-debuginfo-15.13-150200.5.41.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * postgresql15-docs-15.13-150200.5.41.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * postgresql15-debuginfo-15.13-150200.5.41.1 * postgresql15-devel-15.13-150200.5.41.1 * postgresql15-plpython-debuginfo-15.13-150200.5.41.1 * postgresql15-server-15.13-150200.5.41.1 * postgresql15-server-debuginfo-15.13-150200.5.41.1 * postgresql15-contrib-debuginfo-15.13-150200.5.41.1 * postgresql15-plpython-15.13-150200.5.41.1 * postgresql15-devel-debuginfo-15.13-150200.5.41.1 * postgresql15-plperl-debuginfo-15.13-150200.5.41.1 * postgresql15-server-devel-15.13-150200.5.41.1 * postgresql15-contrib-15.13-150200.5.41.1 * postgresql15-pltcl-debuginfo-15.13-150200.5.41.1 * postgresql15-debugsource-15.13-150200.5.41.1 * postgresql15-plperl-15.13-150200.5.41.1 * postgresql15-15.13-150200.5.41.1 * postgresql15-pltcl-15.13-150200.5.41.1 * postgresql15-server-devel-debuginfo-15.13-150200.5.41.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * postgresql15-docs-15.13-150200.5.41.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * postgresql15-debuginfo-15.13-150200.5.41.1 * postgresql15-devel-15.13-150200.5.41.1 * postgresql15-plpython-debuginfo-15.13-150200.5.41.1 * postgresql15-server-15.13-150200.5.41.1 * postgresql15-server-debuginfo-15.13-150200.5.41.1 * postgresql15-contrib-debuginfo-15.13-150200.5.41.1 * postgresql15-plpython-15.13-150200.5.41.1 * postgresql15-devel-debuginfo-15.13-150200.5.41.1 * postgresql15-plperl-debuginfo-15.13-150200.5.41.1 * postgresql15-server-devel-15.13-150200.5.41.1 * postgresql15-contrib-15.13-150200.5.41.1 * postgresql15-pltcl-debuginfo-15.13-150200.5.41.1 * postgresql15-debugsource-15.13-150200.5.41.1 * postgresql15-plperl-15.13-150200.5.41.1 * postgresql15-15.13-150200.5.41.1 * postgresql15-pltcl-15.13-150200.5.41.1 * postgresql15-server-devel-debuginfo-15.13-150200.5.41.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * postgresql15-docs-15.13-150200.5.41.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * postgresql15-debuginfo-15.13-150200.5.41.1 * postgresql15-devel-15.13-150200.5.41.1 * postgresql15-plpython-debuginfo-15.13-150200.5.41.1 * postgresql15-server-15.13-150200.5.41.1 * postgresql15-server-debuginfo-15.13-150200.5.41.1 * postgresql15-contrib-debuginfo-15.13-150200.5.41.1 * postgresql15-plpython-15.13-150200.5.41.1 * postgresql15-devel-debuginfo-15.13-150200.5.41.1 * postgresql15-plperl-debuginfo-15.13-150200.5.41.1 * postgresql15-server-devel-15.13-150200.5.41.1 * postgresql15-contrib-15.13-150200.5.41.1 * postgresql15-pltcl-debuginfo-15.13-150200.5.41.1 * postgresql15-debugsource-15.13-150200.5.41.1 * postgresql15-plperl-15.13-150200.5.41.1 * postgresql15-15.13-150200.5.41.1 * postgresql15-pltcl-15.13-150200.5.41.1 * postgresql15-server-devel-debuginfo-15.13-150200.5.41.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * postgresql15-docs-15.13-150200.5.41.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * postgresql15-debuginfo-15.13-150200.5.41.1 * postgresql15-devel-15.13-150200.5.41.1 * postgresql15-plpython-debuginfo-15.13-150200.5.41.1 * postgresql15-server-15.13-150200.5.41.1 * postgresql15-server-debuginfo-15.13-150200.5.41.1 * postgresql15-contrib-debuginfo-15.13-150200.5.41.1 * postgresql15-plpython-15.13-150200.5.41.1 * postgresql15-devel-debuginfo-15.13-150200.5.41.1 * postgresql15-plperl-debuginfo-15.13-150200.5.41.1 * postgresql15-server-devel-15.13-150200.5.41.1 * postgresql15-contrib-15.13-150200.5.41.1 * postgresql15-pltcl-debuginfo-15.13-150200.5.41.1 * postgresql15-debugsource-15.13-150200.5.41.1 * postgresql15-plperl-15.13-150200.5.41.1 * postgresql15-15.13-150200.5.41.1 * postgresql15-pltcl-15.13-150200.5.41.1 * postgresql15-server-devel-debuginfo-15.13-150200.5.41.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * postgresql15-docs-15.13-150200.5.41.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * postgresql15-debuginfo-15.13-150200.5.41.1 * postgresql15-devel-15.13-150200.5.41.1 * postgresql15-plpython-debuginfo-15.13-150200.5.41.1 * postgresql15-server-15.13-150200.5.41.1 * postgresql15-server-debuginfo-15.13-150200.5.41.1 * postgresql15-contrib-debuginfo-15.13-150200.5.41.1 * postgresql15-plpython-15.13-150200.5.41.1 * postgresql15-devel-debuginfo-15.13-150200.5.41.1 * postgresql15-plperl-debuginfo-15.13-150200.5.41.1 * postgresql15-server-devel-15.13-150200.5.41.1 * postgresql15-contrib-15.13-150200.5.41.1 * postgresql15-pltcl-debuginfo-15.13-150200.5.41.1 * postgresql15-debugsource-15.13-150200.5.41.1 * postgresql15-plperl-15.13-150200.5.41.1 * postgresql15-15.13-150200.5.41.1 * postgresql15-pltcl-15.13-150200.5.41.1 * postgresql15-server-devel-debuginfo-15.13-150200.5.41.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * postgresql15-docs-15.13-150200.5.41.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * postgresql15-debuginfo-15.13-150200.5.41.1 * postgresql15-devel-15.13-150200.5.41.1 * postgresql15-plpython-debuginfo-15.13-150200.5.41.1 * postgresql15-server-15.13-150200.5.41.1 * postgresql15-server-debuginfo-15.13-150200.5.41.1 * postgresql15-contrib-debuginfo-15.13-150200.5.41.1 * postgresql15-plpython-15.13-150200.5.41.1 * postgresql15-devel-debuginfo-15.13-150200.5.41.1 * postgresql15-plperl-debuginfo-15.13-150200.5.41.1 * postgresql15-server-devel-15.13-150200.5.41.1 * postgresql15-contrib-15.13-150200.5.41.1 * postgresql15-pltcl-debuginfo-15.13-150200.5.41.1 * postgresql15-debugsource-15.13-150200.5.41.1 * postgresql15-plperl-15.13-150200.5.41.1 * postgresql15-15.13-150200.5.41.1 * postgresql15-pltcl-15.13-150200.5.41.1 * postgresql15-server-devel-debuginfo-15.13-150200.5.41.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * postgresql15-docs-15.13-150200.5.41.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * postgresql15-debuginfo-15.13-150200.5.41.1 * postgresql15-devel-15.13-150200.5.41.1 * postgresql15-plpython-debuginfo-15.13-150200.5.41.1 * postgresql15-server-15.13-150200.5.41.1 * postgresql15-server-debuginfo-15.13-150200.5.41.1 * postgresql15-contrib-debuginfo-15.13-150200.5.41.1 * postgresql15-plpython-15.13-150200.5.41.1 * postgresql15-devel-debuginfo-15.13-150200.5.41.1 * postgresql15-plperl-debuginfo-15.13-150200.5.41.1 * postgresql15-server-devel-15.13-150200.5.41.1 * postgresql15-contrib-15.13-150200.5.41.1 * postgresql15-pltcl-debuginfo-15.13-150200.5.41.1 * postgresql15-debugsource-15.13-150200.5.41.1 * postgresql15-plperl-15.13-150200.5.41.1 * postgresql15-15.13-150200.5.41.1 * postgresql15-pltcl-15.13-150200.5.41.1 * postgresql15-server-devel-debuginfo-15.13-150200.5.41.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * postgresql15-docs-15.13-150200.5.41.1 * SUSE Manager Proxy 4.3 (x86_64) * postgresql15-debuginfo-15.13-150200.5.41.1 * postgresql15-devel-15.13-150200.5.41.1 * postgresql15-plpython-debuginfo-15.13-150200.5.41.1 * postgresql15-server-15.13-150200.5.41.1 * postgresql15-server-debuginfo-15.13-150200.5.41.1 * postgresql15-contrib-debuginfo-15.13-150200.5.41.1 * postgresql15-plpython-15.13-150200.5.41.1 * postgresql15-devel-debuginfo-15.13-150200.5.41.1 * postgresql15-plperl-debuginfo-15.13-150200.5.41.1 * postgresql15-server-devel-15.13-150200.5.41.1 * postgresql15-contrib-15.13-150200.5.41.1 * postgresql15-pltcl-debuginfo-15.13-150200.5.41.1 * postgresql15-debugsource-15.13-150200.5.41.1 * postgresql15-plperl-15.13-150200.5.41.1 * postgresql15-15.13-150200.5.41.1 * postgresql15-pltcl-15.13-150200.5.41.1 * postgresql15-server-devel-debuginfo-15.13-150200.5.41.1 * SUSE Manager Proxy 4.3 (noarch) * postgresql15-docs-15.13-150200.5.41.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * postgresql15-debuginfo-15.13-150200.5.41.1 * postgresql15-devel-15.13-150200.5.41.1 * postgresql15-plpython-debuginfo-15.13-150200.5.41.1 * postgresql15-server-15.13-150200.5.41.1 * postgresql15-server-debuginfo-15.13-150200.5.41.1 * postgresql15-contrib-debuginfo-15.13-150200.5.41.1 * postgresql15-plpython-15.13-150200.5.41.1 * postgresql15-devel-debuginfo-15.13-150200.5.41.1 * postgresql15-plperl-debuginfo-15.13-150200.5.41.1 * postgresql15-server-devel-15.13-150200.5.41.1 * postgresql15-contrib-15.13-150200.5.41.1 * postgresql15-pltcl-debuginfo-15.13-150200.5.41.1 * postgresql15-debugsource-15.13-150200.5.41.1 * postgresql15-plperl-15.13-150200.5.41.1 * postgresql15-15.13-150200.5.41.1 * postgresql15-pltcl-15.13-150200.5.41.1 * postgresql15-server-devel-debuginfo-15.13-150200.5.41.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * postgresql15-docs-15.13-150200.5.41.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * postgresql15-debuginfo-15.13-150200.5.41.1 * postgresql15-devel-15.13-150200.5.41.1 * postgresql15-plpython-debuginfo-15.13-150200.5.41.1 * postgresql15-server-15.13-150200.5.41.1 * postgresql15-server-debuginfo-15.13-150200.5.41.1 * postgresql15-contrib-debuginfo-15.13-150200.5.41.1 * postgresql15-plpython-15.13-150200.5.41.1 * postgresql15-devel-debuginfo-15.13-150200.5.41.1 * postgresql15-plperl-debuginfo-15.13-150200.5.41.1 * postgresql15-server-devel-15.13-150200.5.41.1 * postgresql15-contrib-15.13-150200.5.41.1 * postgresql15-pltcl-debuginfo-15.13-150200.5.41.1 * postgresql15-debugsource-15.13-150200.5.41.1 * postgresql15-plperl-15.13-150200.5.41.1 * postgresql15-15.13-150200.5.41.1 * postgresql15-pltcl-15.13-150200.5.41.1 * postgresql15-server-devel-debuginfo-15.13-150200.5.41.1 * SUSE Manager Server 4.3 (noarch) * postgresql15-docs-15.13-150200.5.41.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * postgresql15-debuginfo-15.13-150200.5.41.1 * postgresql15-devel-15.13-150200.5.41.1 * postgresql15-plpython-debuginfo-15.13-150200.5.41.1 * postgresql15-server-15.13-150200.5.41.1 * postgresql15-server-debuginfo-15.13-150200.5.41.1 * postgresql15-contrib-debuginfo-15.13-150200.5.41.1 * postgresql15-plpython-15.13-150200.5.41.1 * postgresql15-devel-debuginfo-15.13-150200.5.41.1 * postgresql15-plperl-debuginfo-15.13-150200.5.41.1 * postgresql15-server-devel-15.13-150200.5.41.1 * postgresql15-contrib-15.13-150200.5.41.1 * postgresql15-pltcl-debuginfo-15.13-150200.5.41.1 * postgresql15-debugsource-15.13-150200.5.41.1 * postgresql15-plperl-15.13-150200.5.41.1 * postgresql15-15.13-150200.5.41.1 * postgresql15-pltcl-15.13-150200.5.41.1 * postgresql15-server-devel-debuginfo-15.13-150200.5.41.1 * SUSE Enterprise Storage 7.1 (noarch) * postgresql15-docs-15.13-150200.5.41.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4207.html * https://bugzilla.suse.com/show_bug.cgi?id=1242931 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 30 20:30:17 2025 From: null at suse.de (SLE-UPDATES) Date: Fri, 30 May 2025 20:30:17 -0000 Subject: SUSE-SU-2025:01784-1: important: Security update for glibc Message-ID: <174863701703.30190.11762119725311737343@smelt2.prg2.suse.org> # Security update for glibc Announcement ID: SUSE-SU-2025:01784-1 Release Date: 2025-05-30T16:10:21Z Rating: important References: * bsc#1234128 * bsc#1243317 Cross-References: * CVE-2025-4802 CVSS scores: * CVE-2025-4802 ( SUSE ): 9.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2025-4802 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-4802 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for glibc fixes the following issues: Security issues fixed: * CVE-2025-4802: possible execution of attacker controlled code when statically linked setuid binaries using dlopen search for libraries to load in LD_LIBRARY_PATH (bsc#1243317). Other issues fixed: * Multi-threaded application hang due to deadlock when `pthread_cond_signal` fails to wake up `pthread_cond_wait` as a consequence of a bug related to stealing of signals (bsc#1234128). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-1784=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1784=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1784=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1784=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1784=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-1784=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1784=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1784=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1784=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1784=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1784=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1784=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1784=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1784=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1784=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1784=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1784=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-1784=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-1784=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-1784=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1784=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-1784=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1784=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1784=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586 i686) * glibc-devel-debuginfo-2.31-150300.95.1 * glibc-devel-static-2.31-150300.95.1 * glibc-locale-2.31-150300.95.1 * glibc-devel-2.31-150300.95.1 * glibc-debuginfo-2.31-150300.95.1 * glibc-locale-base-2.31-150300.95.1 * glibc-locale-base-debuginfo-2.31-150300.95.1 * glibc-2.31-150300.95.1 * glibc-debugsource-2.31-150300.95.1 * glibc-profile-2.31-150300.95.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * glibc-extra-2.31-150300.95.1 * glibc-utils-src-debugsource-2.31-150300.95.1 * nscd-2.31-150300.95.1 * glibc-utils-debuginfo-2.31-150300.95.1 * nscd-debuginfo-2.31-150300.95.1 * glibc-extra-debuginfo-2.31-150300.95.1 * glibc-utils-2.31-150300.95.1 * openSUSE Leap 15.3 (noarch) * glibc-i18ndata-2.31-150300.95.1 * glibc-html-2.31-150300.95.1 * glibc-lang-2.31-150300.95.1 * glibc-info-2.31-150300.95.1 * openSUSE Leap 15.3 (x86_64) * glibc-utils-32bit-debuginfo-2.31-150300.95.1 * glibc-profile-32bit-2.31-150300.95.1 * glibc-devel-32bit-debuginfo-2.31-150300.95.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.95.1 * glibc-utils-32bit-2.31-150300.95.1 * glibc-devel-32bit-2.31-150300.95.1 * glibc-32bit-2.31-150300.95.1 * glibc-devel-static-32bit-2.31-150300.95.1 * glibc-32bit-debuginfo-2.31-150300.95.1 * glibc-locale-base-32bit-2.31-150300.95.1 * openSUSE Leap 15.3 (aarch64_ilp32) * glibc-64bit-2.31-150300.95.1 * glibc-devel-64bit-debuginfo-2.31-150300.95.1 * glibc-utils-64bit-debuginfo-2.31-150300.95.1 * glibc-64bit-debuginfo-2.31-150300.95.1 * glibc-profile-64bit-2.31-150300.95.1 * glibc-locale-base-64bit-debuginfo-2.31-150300.95.1 * glibc-devel-static-64bit-2.31-150300.95.1 * glibc-locale-base-64bit-2.31-150300.95.1 * glibc-utils-64bit-2.31-150300.95.1 * glibc-devel-64bit-2.31-150300.95.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * glibc-devel-debuginfo-2.31-150300.95.1 * glibc-locale-2.31-150300.95.1 * glibc-devel-2.31-150300.95.1 * glibc-debuginfo-2.31-150300.95.1 * glibc-locale-base-2.31-150300.95.1 * glibc-locale-base-debuginfo-2.31-150300.95.1 * glibc-2.31-150300.95.1 * glibc-debugsource-2.31-150300.95.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * glibc-devel-debuginfo-2.31-150300.95.1 * glibc-locale-2.31-150300.95.1 * glibc-devel-2.31-150300.95.1 * glibc-debuginfo-2.31-150300.95.1 * glibc-locale-base-2.31-150300.95.1 * glibc-locale-base-debuginfo-2.31-150300.95.1 * glibc-2.31-150300.95.1 * glibc-debugsource-2.31-150300.95.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * glibc-devel-debuginfo-2.31-150300.95.1 * glibc-locale-2.31-150300.95.1 * glibc-devel-2.31-150300.95.1 * glibc-debuginfo-2.31-150300.95.1 * glibc-locale-base-2.31-150300.95.1 * glibc-locale-base-debuginfo-2.31-150300.95.1 * glibc-2.31-150300.95.1 * glibc-debugsource-2.31-150300.95.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * glibc-devel-debuginfo-2.31-150300.95.1 * glibc-locale-2.31-150300.95.1 * glibc-devel-2.31-150300.95.1 * glibc-debuginfo-2.31-150300.95.1 * glibc-locale-base-2.31-150300.95.1 * glibc-locale-base-debuginfo-2.31-150300.95.1 * glibc-2.31-150300.95.1 * glibc-debugsource-2.31-150300.95.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * glibc-devel-debuginfo-2.31-150300.95.1 * glibc-locale-2.31-150300.95.1 * glibc-devel-2.31-150300.95.1 * glibc-debuginfo-2.31-150300.95.1 * glibc-locale-base-2.31-150300.95.1 * glibc-locale-base-debuginfo-2.31-150300.95.1 * glibc-2.31-150300.95.1 * glibc-debugsource-2.31-150300.95.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * glibc-devel-debuginfo-2.31-150300.95.1 * glibc-extra-2.31-150300.95.1 * glibc-utils-src-debugsource-2.31-150300.95.1 * glibc-utils-2.31-150300.95.1 * glibc-devel-static-2.31-150300.95.1 * nscd-2.31-150300.95.1 * glibc-locale-2.31-150300.95.1 * glibc-devel-2.31-150300.95.1 * glibc-debuginfo-2.31-150300.95.1 * glibc-locale-base-2.31-150300.95.1 * glibc-locale-base-debuginfo-2.31-150300.95.1 * glibc-extra-debuginfo-2.31-150300.95.1 * glibc-utils-debuginfo-2.31-150300.95.1 * glibc-2.31-150300.95.1 * nscd-debuginfo-2.31-150300.95.1 * glibc-debugsource-2.31-150300.95.1 * glibc-profile-2.31-150300.95.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * glibc-i18ndata-2.31-150300.95.1 * glibc-lang-2.31-150300.95.1 * glibc-info-2.31-150300.95.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64) * glibc-devel-32bit-debuginfo-2.31-150300.95.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.95.1 * glibc-devel-32bit-2.31-150300.95.1 * glibc-32bit-2.31-150300.95.1 * glibc-32bit-debuginfo-2.31-150300.95.1 * glibc-locale-base-32bit-2.31-150300.95.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * glibc-devel-debuginfo-2.31-150300.95.1 * glibc-extra-2.31-150300.95.1 * glibc-utils-src-debugsource-2.31-150300.95.1 * glibc-utils-2.31-150300.95.1 * glibc-devel-static-2.31-150300.95.1 * nscd-2.31-150300.95.1 * glibc-locale-2.31-150300.95.1 * glibc-devel-2.31-150300.95.1 * glibc-debuginfo-2.31-150300.95.1 * glibc-locale-base-2.31-150300.95.1 * glibc-locale-base-debuginfo-2.31-150300.95.1 * glibc-extra-debuginfo-2.31-150300.95.1 * glibc-utils-debuginfo-2.31-150300.95.1 * glibc-2.31-150300.95.1 * nscd-debuginfo-2.31-150300.95.1 * glibc-debugsource-2.31-150300.95.1 * glibc-profile-2.31-150300.95.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * glibc-i18ndata-2.31-150300.95.1 * glibc-lang-2.31-150300.95.1 * glibc-info-2.31-150300.95.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * glibc-devel-32bit-debuginfo-2.31-150300.95.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.95.1 * glibc-devel-32bit-2.31-150300.95.1 * glibc-32bit-2.31-150300.95.1 * glibc-32bit-debuginfo-2.31-150300.95.1 * glibc-locale-base-32bit-2.31-150300.95.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * glibc-devel-debuginfo-2.31-150300.95.1 * glibc-extra-2.31-150300.95.1 * glibc-utils-src-debugsource-2.31-150300.95.1 * glibc-utils-2.31-150300.95.1 * glibc-devel-static-2.31-150300.95.1 * nscd-2.31-150300.95.1 * glibc-locale-2.31-150300.95.1 * glibc-devel-2.31-150300.95.1 * glibc-debuginfo-2.31-150300.95.1 * glibc-locale-base-2.31-150300.95.1 * glibc-locale-base-debuginfo-2.31-150300.95.1 * glibc-extra-debuginfo-2.31-150300.95.1 * glibc-utils-debuginfo-2.31-150300.95.1 * glibc-2.31-150300.95.1 * nscd-debuginfo-2.31-150300.95.1 * glibc-debugsource-2.31-150300.95.1 * glibc-profile-2.31-150300.95.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * glibc-i18ndata-2.31-150300.95.1 * glibc-lang-2.31-150300.95.1 * glibc-info-2.31-150300.95.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * glibc-devel-32bit-debuginfo-2.31-150300.95.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.95.1 * glibc-devel-32bit-2.31-150300.95.1 * glibc-32bit-2.31-150300.95.1 * glibc-32bit-debuginfo-2.31-150300.95.1 * glibc-locale-base-32bit-2.31-150300.95.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * glibc-devel-debuginfo-2.31-150300.95.1 * glibc-extra-2.31-150300.95.1 * glibc-utils-src-debugsource-2.31-150300.95.1 * glibc-utils-2.31-150300.95.1 * glibc-devel-static-2.31-150300.95.1 * nscd-2.31-150300.95.1 * glibc-locale-2.31-150300.95.1 * glibc-devel-2.31-150300.95.1 * glibc-debuginfo-2.31-150300.95.1 * glibc-locale-base-2.31-150300.95.1 * glibc-locale-base-debuginfo-2.31-150300.95.1 * glibc-extra-debuginfo-2.31-150300.95.1 * glibc-utils-debuginfo-2.31-150300.95.1 * glibc-2.31-150300.95.1 * nscd-debuginfo-2.31-150300.95.1 * glibc-debugsource-2.31-150300.95.1 * glibc-profile-2.31-150300.95.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * glibc-i18ndata-2.31-150300.95.1 * glibc-lang-2.31-150300.95.1 * glibc-info-2.31-150300.95.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64) * glibc-devel-32bit-debuginfo-2.31-150300.95.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.95.1 * glibc-devel-32bit-2.31-150300.95.1 * glibc-32bit-2.31-150300.95.1 * glibc-32bit-debuginfo-2.31-150300.95.1 * glibc-locale-base-32bit-2.31-150300.95.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * glibc-devel-debuginfo-2.31-150300.95.1 * glibc-extra-2.31-150300.95.1 * glibc-utils-src-debugsource-2.31-150300.95.1 * glibc-utils-2.31-150300.95.1 * glibc-devel-static-2.31-150300.95.1 * nscd-2.31-150300.95.1 * glibc-locale-2.31-150300.95.1 * glibc-devel-2.31-150300.95.1 * glibc-debuginfo-2.31-150300.95.1 * glibc-locale-base-2.31-150300.95.1 * glibc-locale-base-debuginfo-2.31-150300.95.1 * glibc-extra-debuginfo-2.31-150300.95.1 * glibc-utils-debuginfo-2.31-150300.95.1 * glibc-2.31-150300.95.1 * nscd-debuginfo-2.31-150300.95.1 * glibc-debugsource-2.31-150300.95.1 * glibc-profile-2.31-150300.95.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * glibc-i18ndata-2.31-150300.95.1 * glibc-lang-2.31-150300.95.1 * glibc-info-2.31-150300.95.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64) * glibc-devel-32bit-debuginfo-2.31-150300.95.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.95.1 * glibc-devel-32bit-2.31-150300.95.1 * glibc-32bit-2.31-150300.95.1 * glibc-32bit-debuginfo-2.31-150300.95.1 * glibc-locale-base-32bit-2.31-150300.95.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * glibc-devel-debuginfo-2.31-150300.95.1 * glibc-extra-2.31-150300.95.1 * glibc-utils-src-debugsource-2.31-150300.95.1 * glibc-utils-2.31-150300.95.1 * glibc-devel-static-2.31-150300.95.1 * nscd-2.31-150300.95.1 * glibc-locale-2.31-150300.95.1 * glibc-devel-2.31-150300.95.1 * glibc-debuginfo-2.31-150300.95.1 * glibc-locale-base-2.31-150300.95.1 * glibc-locale-base-debuginfo-2.31-150300.95.1 * glibc-extra-debuginfo-2.31-150300.95.1 * glibc-utils-debuginfo-2.31-150300.95.1 * glibc-2.31-150300.95.1 * nscd-debuginfo-2.31-150300.95.1 * glibc-debugsource-2.31-150300.95.1 * glibc-profile-2.31-150300.95.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * glibc-i18ndata-2.31-150300.95.1 * glibc-lang-2.31-150300.95.1 * glibc-info-2.31-150300.95.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (x86_64) * glibc-devel-32bit-debuginfo-2.31-150300.95.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.95.1 * glibc-devel-32bit-2.31-150300.95.1 * glibc-32bit-2.31-150300.95.1 * glibc-32bit-debuginfo-2.31-150300.95.1 * glibc-locale-base-32bit-2.31-150300.95.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * glibc-devel-debuginfo-2.31-150300.95.1 * glibc-extra-2.31-150300.95.1 * glibc-utils-src-debugsource-2.31-150300.95.1 * glibc-utils-2.31-150300.95.1 * glibc-devel-static-2.31-150300.95.1 * nscd-2.31-150300.95.1 * glibc-locale-2.31-150300.95.1 * glibc-devel-2.31-150300.95.1 * glibc-debuginfo-2.31-150300.95.1 * glibc-locale-base-2.31-150300.95.1 * glibc-locale-base-debuginfo-2.31-150300.95.1 * glibc-extra-debuginfo-2.31-150300.95.1 * glibc-utils-debuginfo-2.31-150300.95.1 * glibc-2.31-150300.95.1 * nscd-debuginfo-2.31-150300.95.1 * glibc-debugsource-2.31-150300.95.1 * glibc-profile-2.31-150300.95.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * glibc-i18ndata-2.31-150300.95.1 * glibc-lang-2.31-150300.95.1 * glibc-info-2.31-150300.95.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64) * glibc-devel-32bit-debuginfo-2.31-150300.95.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.95.1 * glibc-devel-32bit-2.31-150300.95.1 * glibc-32bit-2.31-150300.95.1 * glibc-32bit-debuginfo-2.31-150300.95.1 * glibc-locale-base-32bit-2.31-150300.95.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * glibc-devel-debuginfo-2.31-150300.95.1 * glibc-extra-2.31-150300.95.1 * glibc-utils-src-debugsource-2.31-150300.95.1 * glibc-utils-2.31-150300.95.1 * glibc-devel-static-2.31-150300.95.1 * nscd-2.31-150300.95.1 * glibc-locale-2.31-150300.95.1 * glibc-devel-2.31-150300.95.1 * glibc-debuginfo-2.31-150300.95.1 * glibc-locale-base-2.31-150300.95.1 * glibc-locale-base-debuginfo-2.31-150300.95.1 * glibc-extra-debuginfo-2.31-150300.95.1 * glibc-utils-debuginfo-2.31-150300.95.1 * glibc-2.31-150300.95.1 * nscd-debuginfo-2.31-150300.95.1 * glibc-debugsource-2.31-150300.95.1 * glibc-profile-2.31-150300.95.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * glibc-i18ndata-2.31-150300.95.1 * glibc-lang-2.31-150300.95.1 * glibc-info-2.31-150300.95.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64) * glibc-devel-32bit-debuginfo-2.31-150300.95.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.95.1 * glibc-devel-32bit-2.31-150300.95.1 * glibc-32bit-2.31-150300.95.1 * glibc-32bit-debuginfo-2.31-150300.95.1 * glibc-locale-base-32bit-2.31-150300.95.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * glibc-devel-debuginfo-2.31-150300.95.1 * glibc-extra-2.31-150300.95.1 * glibc-utils-src-debugsource-2.31-150300.95.1 * glibc-utils-2.31-150300.95.1 * glibc-devel-static-2.31-150300.95.1 * nscd-2.31-150300.95.1 * glibc-locale-2.31-150300.95.1 * glibc-devel-2.31-150300.95.1 * glibc-debuginfo-2.31-150300.95.1 * glibc-locale-base-2.31-150300.95.1 * glibc-locale-base-debuginfo-2.31-150300.95.1 * glibc-extra-debuginfo-2.31-150300.95.1 * glibc-utils-debuginfo-2.31-150300.95.1 * glibc-2.31-150300.95.1 * nscd-debuginfo-2.31-150300.95.1 * glibc-debugsource-2.31-150300.95.1 * glibc-profile-2.31-150300.95.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * glibc-i18ndata-2.31-150300.95.1 * glibc-lang-2.31-150300.95.1 * glibc-info-2.31-150300.95.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * glibc-devel-32bit-debuginfo-2.31-150300.95.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.95.1 * glibc-devel-32bit-2.31-150300.95.1 * glibc-32bit-2.31-150300.95.1 * glibc-32bit-debuginfo-2.31-150300.95.1 * glibc-locale-base-32bit-2.31-150300.95.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * glibc-devel-debuginfo-2.31-150300.95.1 * glibc-extra-2.31-150300.95.1 * glibc-utils-src-debugsource-2.31-150300.95.1 * glibc-utils-2.31-150300.95.1 * glibc-devel-static-2.31-150300.95.1 * nscd-2.31-150300.95.1 * glibc-locale-2.31-150300.95.1 * glibc-devel-2.31-150300.95.1 * glibc-debuginfo-2.31-150300.95.1 * glibc-locale-base-2.31-150300.95.1 * glibc-locale-base-debuginfo-2.31-150300.95.1 * glibc-extra-debuginfo-2.31-150300.95.1 * glibc-utils-debuginfo-2.31-150300.95.1 * glibc-2.31-150300.95.1 * nscd-debuginfo-2.31-150300.95.1 * glibc-debugsource-2.31-150300.95.1 * glibc-profile-2.31-150300.95.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * glibc-i18ndata-2.31-150300.95.1 * glibc-lang-2.31-150300.95.1 * glibc-info-2.31-150300.95.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * glibc-devel-32bit-debuginfo-2.31-150300.95.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.95.1 * glibc-devel-32bit-2.31-150300.95.1 * glibc-32bit-2.31-150300.95.1 * glibc-32bit-debuginfo-2.31-150300.95.1 * glibc-locale-base-32bit-2.31-150300.95.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * glibc-devel-debuginfo-2.31-150300.95.1 * glibc-extra-2.31-150300.95.1 * glibc-utils-src-debugsource-2.31-150300.95.1 * glibc-utils-2.31-150300.95.1 * glibc-devel-static-2.31-150300.95.1 * nscd-2.31-150300.95.1 * glibc-locale-2.31-150300.95.1 * glibc-devel-2.31-150300.95.1 * glibc-debuginfo-2.31-150300.95.1 * glibc-locale-base-2.31-150300.95.1 * glibc-locale-base-debuginfo-2.31-150300.95.1 * glibc-extra-debuginfo-2.31-150300.95.1 * glibc-utils-debuginfo-2.31-150300.95.1 * glibc-2.31-150300.95.1 * nscd-debuginfo-2.31-150300.95.1 * glibc-debugsource-2.31-150300.95.1 * glibc-profile-2.31-150300.95.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * glibc-i18ndata-2.31-150300.95.1 * glibc-lang-2.31-150300.95.1 * glibc-info-2.31-150300.95.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64) * glibc-devel-32bit-debuginfo-2.31-150300.95.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.95.1 * glibc-devel-32bit-2.31-150300.95.1 * glibc-32bit-2.31-150300.95.1 * glibc-32bit-debuginfo-2.31-150300.95.1 * glibc-locale-base-32bit-2.31-150300.95.1 * SUSE Manager Proxy 4.3 (x86_64) * glibc-devel-debuginfo-2.31-150300.95.1 * glibc-extra-2.31-150300.95.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.95.1 * nscd-2.31-150300.95.1 * glibc-locale-2.31-150300.95.1 * glibc-devel-2.31-150300.95.1 * glibc-debuginfo-2.31-150300.95.1 * glibc-locale-base-2.31-150300.95.1 * glibc-locale-base-debuginfo-2.31-150300.95.1 * glibc-extra-debuginfo-2.31-150300.95.1 * nscd-debuginfo-2.31-150300.95.1 * glibc-2.31-150300.95.1 * glibc-32bit-2.31-150300.95.1 * glibc-32bit-debuginfo-2.31-150300.95.1 * glibc-debugsource-2.31-150300.95.1 * glibc-locale-base-32bit-2.31-150300.95.1 * glibc-profile-2.31-150300.95.1 * SUSE Manager Proxy 4.3 (noarch) * glibc-i18ndata-2.31-150300.95.1 * glibc-lang-2.31-150300.95.1 * glibc-info-2.31-150300.95.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * glibc-devel-debuginfo-2.31-150300.95.1 * glibc-extra-2.31-150300.95.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.95.1 * nscd-2.31-150300.95.1 * glibc-locale-2.31-150300.95.1 * glibc-devel-2.31-150300.95.1 * glibc-debuginfo-2.31-150300.95.1 * glibc-locale-base-2.31-150300.95.1 * glibc-locale-base-debuginfo-2.31-150300.95.1 * glibc-extra-debuginfo-2.31-150300.95.1 * nscd-debuginfo-2.31-150300.95.1 * glibc-2.31-150300.95.1 * glibc-32bit-2.31-150300.95.1 * glibc-32bit-debuginfo-2.31-150300.95.1 * glibc-debugsource-2.31-150300.95.1 * glibc-locale-base-32bit-2.31-150300.95.1 * glibc-profile-2.31-150300.95.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * glibc-i18ndata-2.31-150300.95.1 * glibc-lang-2.31-150300.95.1 * glibc-info-2.31-150300.95.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * glibc-devel-debuginfo-2.31-150300.95.1 * glibc-extra-2.31-150300.95.1 * nscd-2.31-150300.95.1 * glibc-locale-2.31-150300.95.1 * glibc-devel-2.31-150300.95.1 * glibc-debuginfo-2.31-150300.95.1 * glibc-locale-base-2.31-150300.95.1 * glibc-locale-base-debuginfo-2.31-150300.95.1 * glibc-extra-debuginfo-2.31-150300.95.1 * nscd-debuginfo-2.31-150300.95.1 * glibc-2.31-150300.95.1 * glibc-debugsource-2.31-150300.95.1 * glibc-profile-2.31-150300.95.1 * SUSE Manager Server 4.3 (noarch) * glibc-i18ndata-2.31-150300.95.1 * glibc-lang-2.31-150300.95.1 * glibc-info-2.31-150300.95.1 * SUSE Manager Server 4.3 (x86_64) * glibc-32bit-debuginfo-2.31-150300.95.1 * glibc-32bit-2.31-150300.95.1 * glibc-locale-base-32bit-2.31-150300.95.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.95.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * glibc-devel-debuginfo-2.31-150300.95.1 * glibc-extra-2.31-150300.95.1 * glibc-utils-src-debugsource-2.31-150300.95.1 * glibc-utils-2.31-150300.95.1 * glibc-devel-static-2.31-150300.95.1 * nscd-2.31-150300.95.1 * glibc-locale-2.31-150300.95.1 * glibc-devel-2.31-150300.95.1 * glibc-debuginfo-2.31-150300.95.1 * glibc-locale-base-2.31-150300.95.1 * glibc-locale-base-debuginfo-2.31-150300.95.1 * glibc-extra-debuginfo-2.31-150300.95.1 * glibc-utils-debuginfo-2.31-150300.95.1 * glibc-2.31-150300.95.1 * nscd-debuginfo-2.31-150300.95.1 * glibc-debugsource-2.31-150300.95.1 * glibc-profile-2.31-150300.95.1 * SUSE Enterprise Storage 7.1 (noarch) * glibc-i18ndata-2.31-150300.95.1 * glibc-lang-2.31-150300.95.1 * glibc-info-2.31-150300.95.1 * SUSE Enterprise Storage 7.1 (x86_64) * glibc-devel-32bit-debuginfo-2.31-150300.95.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.95.1 * glibc-devel-32bit-2.31-150300.95.1 * glibc-32bit-2.31-150300.95.1 * glibc-32bit-debuginfo-2.31-150300.95.1 * glibc-locale-base-32bit-2.31-150300.95.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * glibc-locale-2.31-150300.95.1 * glibc-devel-2.31-150300.95.1 * glibc-debuginfo-2.31-150300.95.1 * glibc-locale-base-2.31-150300.95.1 * glibc-locale-base-debuginfo-2.31-150300.95.1 * glibc-2.31-150300.95.1 * glibc-debugsource-2.31-150300.95.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * glibc-locale-2.31-150300.95.1 * glibc-devel-2.31-150300.95.1 * glibc-debuginfo-2.31-150300.95.1 * glibc-locale-base-2.31-150300.95.1 * glibc-locale-base-debuginfo-2.31-150300.95.1 * glibc-2.31-150300.95.1 * glibc-debugsource-2.31-150300.95.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * glibc-locale-2.31-150300.95.1 * glibc-devel-2.31-150300.95.1 * glibc-debuginfo-2.31-150300.95.1 * glibc-locale-base-2.31-150300.95.1 * glibc-locale-base-debuginfo-2.31-150300.95.1 * glibc-2.31-150300.95.1 * glibc-debugsource-2.31-150300.95.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4802.html * https://bugzilla.suse.com/show_bug.cgi?id=1234128 * https://bugzilla.suse.com/show_bug.cgi?id=1243317 -------------- next part -------------- An HTML attachment was scrubbed... URL: