Buildah, U-Boot, KRB5, INIParse updates for SUSE

SUSE 5266 Published by

SUSE Linux has been updated with several security enhancements, including updates for buildah, u-boot, krb5, and iniparser:

SUSE-SU-2025:0812-1: important: Security update for buildah
SUSE-SU-2025:0813-1: important: Security update for buildah
SUSE-SU-2025:0811-1: important: Security update for buildah
SUSE-SU-2025:0817-1: moderate: Security update for u-boot
SUSE-SU-2025:0822-1: moderate: Security update for krb5
SUSE-SU-2025:0821-1: moderate: Security update for iniparser




SUSE-SU-2025:0812-1: important: Security update for buildah


# Security update for buildah

Announcement ID: SUSE-SU-2025:0812-1
Release Date: 2025-03-10T08:34:53Z
Rating: important
References:

* bsc#1237681

Cross-References:

* CVE-2025-27144

CVSS scores:

* CVE-2025-27144 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-27144 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-27144 ( NVD ): 6.6
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Affected Products:

* openSUSE Leap 15.4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP4

An update that solves one vulnerability can now be installed.

## Description:

This update for buildah fixes the following issues:

* CVE-2025-27144: Fixed denial of service in parsing function of embedded
library Go JOSE (bsc#1237681)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2025-812=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-812=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-812=1

* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-812=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-812=1

## Package List:

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* buildah-1.35.5-150400.3.42.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* buildah-1.35.5-150400.3.42.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* buildah-1.35.5-150400.3.42.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* buildah-1.35.5-150400.3.42.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* buildah-1.35.5-150400.3.42.1

## References:

* https://www.suse.com/security/cve/CVE-2025-27144.html
* https://bugzilla.suse.com/show_bug.cgi?id=1237681



SUSE-SU-2025:0813-1: important: Security update for buildah


# Security update for buildah

Announcement ID: SUSE-SU-2025:0813-1
Release Date: 2025-03-10T08:35:15Z
Rating: important
References:

* bsc#1236531
* bsc#1237681

Cross-References:

* CVE-2023-45288
* CVE-2025-27144

CVSS scores:

* CVE-2023-45288 ( SUSE ): 6.9
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2023-45288 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-27144 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-27144 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-27144 ( NVD ): 6.6
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Affected Products:

* openSUSE Leap 15.3
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP3

An update that solves two vulnerabilities can now be installed.

## Description:

This update for buildah fixes the following issues:

* CVE-2023-45288: possible excessive CPU consumption due to no limit being set
on the number of CONTINUATION frames read for an HTTP/2 request in
golang.org/x/net/http2. (bsc#1236531)
* CVE-2025-27144: Fixed denial of service in parsing function of embedded
library Go JOSE (bsc#1237681)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-813=1

* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2025-813=1

* openSUSE Leap 15.3
zypper in -t patch SUSE-2025-813=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-813=1

* SUSE Linux Enterprise Server 15 SP3 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-813=1

## Package List:

* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
* buildah-1.35.5-150300.8.36.1
* SUSE Enterprise Storage 7.1 (aarch64 x86_64)
* buildah-1.35.5-150300.8.36.1
* openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586)
* buildah-1.35.5-150300.8.36.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
x86_64)
* buildah-1.35.5-150300.8.36.1
* SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
* buildah-1.35.5-150300.8.36.1

## References:

* https://www.suse.com/security/cve/CVE-2023-45288.html
* https://www.suse.com/security/cve/CVE-2025-27144.html
* https://bugzilla.suse.com/show_bug.cgi?id=1236531
* https://bugzilla.suse.com/show_bug.cgi?id=1237681



SUSE-SU-2025:0811-1: important: Security update for buildah


# Security update for buildah

Announcement ID: SUSE-SU-2025:0811-1
Release Date: 2025-03-10T08:34:33Z
Rating: important
References:

* bsc#1237681

Cross-References:

* CVE-2025-27144

CVSS scores:

* CVE-2025-27144 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-27144 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-27144 ( NVD ): 6.6
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Affected Products:

* Containers Module 15-SP6
* openSUSE Leap 15.5
* openSUSE Leap 15.6
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves one vulnerability can now be installed.

## Description:

This update for buildah fixes the following issues:

* CVE-2025-27144: Fixed denial of service in parsing function of embedded
library Go JOSE (bsc#1237681)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch SUSE-2025-811=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2025-811=1

* Containers Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2025-811=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-811=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-811=1

* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-811=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-811=1

## Package List:

* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
* buildah-1.35.5-150500.3.31.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* buildah-1.35.5-150500.3.31.1
* Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* buildah-1.35.5-150500.3.31.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
x86_64)
* buildah-1.35.5-150500.3.31.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
x86_64)
* buildah-1.35.5-150500.3.31.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* buildah-1.35.5-150500.3.31.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* buildah-1.35.5-150500.3.31.1

## References:

* https://www.suse.com/security/cve/CVE-2025-27144.html
* https://bugzilla.suse.com/show_bug.cgi?id=1237681



SUSE-SU-2025:0817-1: moderate: Security update for u-boot


# Security update for u-boot

Announcement ID: SUSE-SU-2025:0817-1
Release Date: 2025-03-10T13:59:32Z
Rating: moderate
References:

* bsc#1237284
* bsc#1237287

Cross-References:

* CVE-2024-57256
* CVE-2024-57258

CVSS scores:

* CVE-2024-57256 ( SUSE ): 6.7
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2024-57256 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
* CVE-2024-57256 ( NVD ): 7.1 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
* CVE-2024-57258 ( SUSE ): 6.7
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2024-57258 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
* CVE-2024-57258 ( NVD ): 7.1 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

Affected Products:

* openSUSE Leap 15.3
* SUSE Linux Enterprise Micro 5.2
* SUSE Linux Enterprise Micro for Rancher 5.2

An update that solves two vulnerabilities can now be installed.

## Description:

This update for u-boot fixes the following issues:

* CVE-2024-57256: integer overflow in U-Boot's ext4 symlink resolution
function (bsc#1237284).
* CVE-2024-57258: multiple integer overflows in U-Boot's memory allocator
(bsc#1237287).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.3
zypper in -t patch SUSE-2025-817=1

* SUSE Linux Enterprise Micro 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-817=1

* SUSE Linux Enterprise Micro for Rancher 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-817=1

## Package List:

* openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586)
* u-boot-tools-2021.01-150300.7.24.1
* u-boot-tools-debuginfo-2021.01-150300.7.24.1
* openSUSE Leap 15.3 (aarch64)
* u-boot-odroid-c2-2021.01-150300.7.24.1
* u-boot-mvebudbarmada8k-2021.01-150300.7.24.1
* u-boot-poplar-doc-2021.01-150300.7.24.1
* u-boot-rock960-rk3399-doc-2021.01-150300.7.24.1
* u-boot-rpiarm64-2021.01-150300.7.24.1
* u-boot-firefly-rk3399-2021.01-150300.7.24.1
* u-boot-rpi4-2021.01-150300.7.24.1
* u-boot-orangepipc2-2021.01-150300.7.24.1
* u-boot-pineh64-doc-2021.01-150300.7.24.1
* u-boot-rock64-rk3328-doc-2021.01-150300.7.24.1
* u-boot-p3450-0000-2021.01-150300.7.24.1
* u-boot-avnetultra96rev1-doc-2021.01-150300.7.24.1
* u-boot-rockpro64-rk3399-2021.01-150300.7.24.1
* u-boot-khadas-vim-doc-2021.01-150300.7.24.1
* u-boot-khadas-vim2-2021.01-150300.7.24.1
* u-boot-rpi3-doc-2021.01-150300.7.24.1
* u-boot-rpiarm64-doc-2021.01-150300.7.24.1
* u-boot-p2371-2180-2021.01-150300.7.24.1
* u-boot-hikey-doc-2021.01-150300.7.24.1
* u-boot-rock64-rk3328-2021.01-150300.7.24.1
* u-boot-rpi4-doc-2021.01-150300.7.24.1
* u-boot-nanopia64-2021.01-150300.7.24.1
* u-boot-libretech-ac-doc-2021.01-150300.7.24.1
* u-boot-xilinxzynqmpvirt-doc-2021.01-150300.7.24.1
* u-boot-geekbox-2021.01-150300.7.24.1
* u-boot-libretech-cc-2021.01-150300.7.24.1
* u-boot-khadas-vim2-doc-2021.01-150300.7.24.1
* u-boot-mvebudb-88f3720-doc-2021.01-150300.7.24.1
* u-boot-xilinxzynqmpvirt-2021.01-150300.7.24.1
* u-boot-poplar-2021.01-150300.7.24.1
* u-boot-ls1012afrdmqspi-doc-2021.01-150300.7.24.1
* u-boot-orangepipc2-doc-2021.01-150300.7.24.1
* u-boot-nanopia64-doc-2021.01-150300.7.24.1
* u-boot-firefly-rk3399-doc-2021.01-150300.7.24.1
* u-boot-pine64plus-doc-2021.01-150300.7.24.1
* u-boot-rock-pi-4-rk3399-2021.01-150300.7.24.1
* u-boot-rock-pi-4-rk3399-doc-2021.01-150300.7.24.1
* u-boot-hikey-2021.01-150300.7.24.1
* u-boot-rock960-rk3399-2021.01-150300.7.24.1
* u-boot-mvebumcbin-88f8040-doc-2021.01-150300.7.24.1
* u-boot-evb-rk3399-2021.01-150300.7.24.1
* u-boot-p2371-2180-doc-2021.01-150300.7.24.1
* u-boot-pinebook-pro-rk3399-2021.01-150300.7.24.1
* u-boot-pinephone-2021.01-150300.7.24.1
* u-boot-rpi3-2021.01-150300.7.24.1
* u-boot-pinebook-doc-2021.01-150300.7.24.1
* u-boot-xilinxzynqmpzcu102rev10-2021.01-150300.7.24.1
* u-boot-rockpro64-rk3399-doc-2021.01-150300.7.24.1
* u-boot-p2771-0000-500-doc-2021.01-150300.7.24.1
* u-boot-libretech-cc-doc-2021.01-150300.7.24.1
* u-boot-mvebumcbin-88f8040-2021.01-150300.7.24.1
* u-boot-mvebudbarmada8k-doc-2021.01-150300.7.24.1
* u-boot-pinephone-doc-2021.01-150300.7.24.1
* u-boot-bananapim64-2021.01-150300.7.24.1
* u-boot-odroid-c4-doc-2021.01-150300.7.24.1
* u-boot-mvebudb-88f3720-2021.01-150300.7.24.1
* u-boot-avnetultra96rev1-2021.01-150300.7.24.1
* u-boot-pine64plus-2021.01-150300.7.24.1
* u-boot-geekbox-doc-2021.01-150300.7.24.1
* u-boot-odroid-c2-doc-2021.01-150300.7.24.1
* u-boot-pineh64-2021.01-150300.7.24.1
* u-boot-odroid-n2-doc-2021.01-150300.7.24.1
* u-boot-ls1012afrdmqspi-2021.01-150300.7.24.1
* u-boot-dragonboard820c-2021.01-150300.7.24.1
* u-boot-evb-rk3399-doc-2021.01-150300.7.24.1
* u-boot-p3450-0000-doc-2021.01-150300.7.24.1
* u-boot-pinebook-2021.01-150300.7.24.1
* u-boot-odroid-c4-2021.01-150300.7.24.1
* u-boot-dragonboard410c-doc-2021.01-150300.7.24.1
* u-boot-dragonboard820c-doc-2021.01-150300.7.24.1
* u-boot-mvebuespressobin-88f3720-doc-2021.01-150300.7.24.1
* u-boot-p2771-0000-500-2021.01-150300.7.24.1
* u-boot-dragonboard410c-2021.01-150300.7.24.1
* u-boot-khadas-vim-2021.01-150300.7.24.1
* u-boot-odroid-n2-2021.01-150300.7.24.1
* u-boot-pinebook-pro-rk3399-doc-2021.01-150300.7.24.1
* u-boot-xilinxzynqmpzcu102rev10-doc-2021.01-150300.7.24.1
* u-boot-mvebuespressobin-88f3720-2021.01-150300.7.24.1
* u-boot-bananapim64-doc-2021.01-150300.7.24.1
* u-boot-libretech-ac-2021.01-150300.7.24.1
* SUSE Linux Enterprise Micro 5.2 (aarch64)
* u-boot-rpiarm64-2021.01-150300.7.24.1
* SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64)
* u-boot-rpiarm64-2021.01-150300.7.24.1

## References:

* https://www.suse.com/security/cve/CVE-2024-57256.html
* https://www.suse.com/security/cve/CVE-2024-57258.html
* https://bugzilla.suse.com/show_bug.cgi?id=1237284
* https://bugzilla.suse.com/show_bug.cgi?id=1237287



SUSE-SU-2025:0822-1: moderate: Security update for krb5


# Security update for krb5

Announcement ID: SUSE-SU-2025:0822-1
Release Date: 2025-03-10T15:33:41Z
Rating: moderate
References:

* bsc#1236619

Cross-References:

* CVE-2025-24528

CVSS scores:

* CVE-2025-24528 ( SUSE ): 6.0
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-24528 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.3
* SUSE Linux Enterprise Micro 5.1
* SUSE Linux Enterprise Micro 5.2
* SUSE Linux Enterprise Micro for Rancher 5.2

An update that solves one vulnerability can now be installed.

## Description:

This update for krb5 fixes the following issues:

* CVE-2025-24528: Fixed out-of-bounds write caused by overflow when
calculating ulog block size can lead to process crash (bsc#1236619).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.3
zypper in -t patch SUSE-2025-822=1

* SUSE Linux Enterprise Micro 5.1
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-822=1

* SUSE Linux Enterprise Micro 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-822=1

* SUSE Linux Enterprise Micro for Rancher 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-822=1

## Package List:

* openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586)
* krb5-mini-debugsource-1.19.2-150300.22.1
* krb5-plugin-preauth-pkinit-1.19.2-150300.22.1
* krb5-debuginfo-1.19.2-150300.22.1
* krb5-client-debuginfo-1.19.2-150300.22.1
* krb5-devel-1.19.2-150300.22.1
* krb5-mini-1.19.2-150300.22.1
* krb5-plugin-kdb-ldap-debuginfo-1.19.2-150300.22.1
* krb5-plugin-preauth-spake-debuginfo-1.19.2-150300.22.1
* krb5-server-debuginfo-1.19.2-150300.22.1
* krb5-plugin-preauth-otp-debuginfo-1.19.2-150300.22.1
* krb5-mini-debuginfo-1.19.2-150300.22.1
* krb5-plugin-kdb-ldap-1.19.2-150300.22.1
* krb5-plugin-preauth-spake-1.19.2-150300.22.1
* krb5-plugin-preauth-otp-1.19.2-150300.22.1
* krb5-mini-devel-1.19.2-150300.22.1
* krb5-debugsource-1.19.2-150300.22.1
* krb5-1.19.2-150300.22.1
* krb5-client-1.19.2-150300.22.1
* krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150300.22.1
* krb5-server-1.19.2-150300.22.1
* openSUSE Leap 15.3 (x86_64)
* krb5-32bit-debuginfo-1.19.2-150300.22.1
* krb5-devel-32bit-1.19.2-150300.22.1
* krb5-32bit-1.19.2-150300.22.1
* openSUSE Leap 15.3 (aarch64_ilp32)
* krb5-devel-64bit-1.19.2-150300.22.1
* krb5-64bit-debuginfo-1.19.2-150300.22.1
* krb5-64bit-1.19.2-150300.22.1
* SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
* krb5-1.19.2-150300.22.1
* krb5-debugsource-1.19.2-150300.22.1
* krb5-debuginfo-1.19.2-150300.22.1
* SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
* krb5-1.19.2-150300.22.1
* krb5-debugsource-1.19.2-150300.22.1
* krb5-debuginfo-1.19.2-150300.22.1
* SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
* krb5-1.19.2-150300.22.1
* krb5-debugsource-1.19.2-150300.22.1
* krb5-debuginfo-1.19.2-150300.22.1

## References:

* https://www.suse.com/security/cve/CVE-2025-24528.html
* https://bugzilla.suse.com/show_bug.cgi?id=1236619



SUSE-SU-2025:0821-1: moderate: Security update for iniparser


# Security update for iniparser

Announcement ID: SUSE-SU-2025:0821-1
Release Date: 2025-03-10T15:03:27Z
Rating: moderate
References:

* bsc#1237377

Cross-References:

* CVE-2025-0633

CVSS scores:

* CVE-2025-0633 ( SUSE ): 5.1
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-0633 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
* CVE-2025-0633 ( NVD ): 5.1
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Affected Products:

* Basesystem Module 15-SP6
* openSUSE Leap 15.5
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves one vulnerability can now be installed.

## Description:

This update for iniparser fixes the following issues:

* CVE-2025-0633: string copy into buffer without previous size validation
leads to heap buffer overflow in iniparser_dumpsection_ini() of iniparser
(bsc#1237377).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch SUSE-2025-821=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2025-821=1

* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-821=1

## Package List:

* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
* libiniparser-devel-4.1-150500.4.8.1
* iniparser-debugsource-4.1-150500.4.8.1
* libiniparser1-debuginfo-4.1-150500.4.8.1
* libiniparser1-4.1-150500.4.8.1
* openSUSE Leap 15.5 (x86_64)
* libiniparser1-32bit-4.1-150500.4.8.1
* libiniparser1-32bit-debuginfo-4.1-150500.4.8.1
* openSUSE Leap 15.5 (aarch64_ilp32)
* libiniparser1-64bit-4.1-150500.4.8.1
* libiniparser1-64bit-debuginfo-4.1-150500.4.8.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* libiniparser-devel-4.1-150500.4.8.1
* iniparser-debugsource-4.1-150500.4.8.1
* libiniparser1-debuginfo-4.1-150500.4.8.1
* libiniparser1-4.1-150500.4.8.1
* openSUSE Leap 15.6 (x86_64)
* libiniparser1-32bit-4.1-150500.4.8.1
* libiniparser1-32bit-debuginfo-4.1-150500.4.8.1
* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* libiniparser1-debuginfo-4.1-150500.4.8.1
* iniparser-debugsource-4.1-150500.4.8.1
* libiniparser1-4.1-150500.4.8.1

## References:

* https://www.suse.com/security/cve/CVE-2025-0633.html
* https://bugzilla.suse.com/show_bug.cgi?id=1237377


Oracle-Common-Release Bug Fix Update for Oracle Linux

X.Org X Server, GNU Chess, CRaC JDK, OpenVPN updates for Ubuntu

Windows

Linux

macOS

Community

  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...
  • Philipp
    I would try the XanMod kernel: https://xanmod.orgĀ  I ...