SUSE-RU-2025:20961-1: moderate: Recommended update for afterburn

SLE-UPDATES null at suse.de
Tue Nov 11 12:31:58 UTC 2025 


# Recommended update for afterburn

Announcement ID: SUSE-RU-2025:20961-1  
Release Date: 2025-10-27T15:32:17Z  
Rating: moderate  
References:

  * bsc#1250471

  
Cross-References:

  * CVE-2025-5791

  
CVSS scores:

  * CVE-2025-5791 ( SUSE ):  8.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-5791 ( SUSE ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
  * CVE-2025-5791 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

  
Affected Products:

  * SUSE Linux Micro 6.1

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for afterburn fixes the following issues:

  * Update to version 5.9.0.git21.a73f509:
  * docs/release-notes: update for release 5.10.0
  * cargo: update dependencies
  * microsoft/azure: Add XML attribute alias for serde-xml-rs Fedora compat
  * docs/release-notes: Add entry for Azure SharedConfig XML parsing fix
  * microsoft/azure: Fix SharedConfig parsing of XML attributes
  * microsoft/azure: Mock goalstate.SharedConfig output in tests
  * providers/azure: switch SSH key retrieval from certs endpoint to IMDS as
    azure stopped providing keys in the old one (bsc#1250471)
  * build(deps): bump the build group with 8 updates
  * build(deps): bump slab from 0.4.10 to 0.4.11
  * build(deps): bump actions/checkout from 4 to 5
  * upcloud: implement UpCloud provider
  * build(deps): bump the build group with 4 updates
  * Sync repo templates ⚙

  * Update to version 5.9.0:

  * cargo: Afterburn release 5.9.0
  * docs/release-notes: update for release 5.9.0
  * cargo: update dependencies
  * Add TMT test structure and basic smoke test
  * build(deps): bump openssl from 0.10.72 to 0.10.73
  * build(deps): bump reqwest from 0.12.15 to 0.12.18
  * docs/release-notes: Update changelog entry
  * dracut: Return 255 in module-setup
  * oraclecloud: add release note and move base URL to constant
  * oraclecloud: implement oraclecloud provider
  * build(deps): bump nix from 0.29.0 to 0.30.1
  * build(deps): bump zbus from 5.7.0 to 5.7.1
  * build(deps): bump serde-xml-rs from 0.6.0 to 0.8.1
  * build(deps): bump ipnetwork from 0.20.0 to 0.21.1
  * build(deps): bump clap from 4.5.38 to 4.5.39

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Micro 6.1  
    zypper in -t patch SUSE-SLE-Micro-6.1-321=1

## Package List:

  * SUSE Linux Micro 6.1 (aarch64 x86_64)
    * afterburn-5.9.0.git21.a73f509-slfo.1.1_1.1
    * afterburn-debuginfo-5.9.0.git21.a73f509-slfo.1.1_1.1
    * afterburn-debugsource-5.9.0.git21.a73f509-slfo.1.1_1.1
  * SUSE Linux Micro 6.1 (noarch)
    * afterburn-dracut-5.9.0.git21.a73f509-slfo.1.1_1.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-5791.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1250471

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20251111/d017be39/attachment-0001.htm>

More information about the sle-updates mailing list