Chromium, GN, Nginx, and more updates for SUSE

SUSE 5495 Published by

Several security updates have been released for SUSE Linux, including important updates for Chromium and GN. Other significant updates include a moderate security update for nginx and perl-Authen-SASL/perl-Crypt-URandom. Additionally, several other moderate security updates were issued for netty and libwireshark18 on openSUSE media. Low-priority security updates were also released for python-maturin and libsoup2.

openSUSE-SU-2025:0337-1: important: Security update for chromium, gn
openSUSE-SU-2025:0335-1: important: Security update for python-Django
openSUSE-SU-2025:0336-1: important: Security update for chromium, gn
SUSE-SU-2025:03087-1: moderate: Security update for perl-Authen-SASL, perl-Crypt-URandom
SUSE-SU-2025:03082-1: low: Security update for python-maturin
SUSE-SU-2025:03089-1: moderate: Security update for nginx
openSUSE-SU-2025:15520-1: moderate: netty-4.1.126-1.1 on GA media
openSUSE-SU-2025:15522-1: moderate: libwireshark18-4.4.9-2.1 on GA media
SUSE-SU-2025:03091-1: low: Security update for libsoup2
SUSE-SU-2025:03092-1: moderate: Security update for rav1e



openSUSE-SU-2025:0337-1: important: Security update for chromium, gn


openSUSE Security Update: Security update for chromium, gn
_______________________________

Announcement ID: openSUSE-SU-2025:0337-1
Rating: important
References: #1249093
Cross-References: CVE-2025-9864 CVE-2025-9865 CVE-2025-9866
CVE-2025-9867
Affected Products:
openSUSE Backports SLE-15-SP7
_______________________________

An update that fixes four vulnerabilities is now available.

Description:

This update for chromium, gn fixes the following issues:

- Chromium 140.0.7339.80 (boo#1249093):
* new permission prompt for local network access
* CVE-2025-9864: Use after free in V8
* CVE-2025-9865: Inappropriate implementation in Toolbar
* CVE-2025-9866: Inappropriate implementation in Extensions
* CVE-2025-9867: Inappropriate implementation in Downloads
* Various fixes from internal audits, fuzzing and other initiatives

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP7:

zypper in -t patch openSUSE-2025-337=1

Package List:

- openSUSE Backports SLE-15-SP7 (aarch64 i586 ppc64le s390x x86_64):

gn-0.20250619-bp157.2.6.1
gn-debuginfo-0.20250619-bp157.2.6.1
gn-debugsource-0.20250619-bp157.2.6.1

- openSUSE Backports SLE-15-SP7 (aarch64 x86_64):

chromedriver-140.0.7339.80-bp157.2.46.1
chromium-140.0.7339.80-bp157.2.46.1

References:

https://www.suse.com/security/cve/CVE-2025-9864.html
https://www.suse.com/security/cve/CVE-2025-9865.html
https://www.suse.com/security/cve/CVE-2025-9866.html
https://www.suse.com/security/cve/CVE-2025-9867.html
https://bugzilla.suse.com/1249093



openSUSE-SU-2025:0335-1: important: Security update for python-Django


openSUSE Security Update: Security update for python-Django
_______________________________

Announcement ID: openSUSE-SU-2025:0335-1
Rating: important
References: #1248810
Cross-References: CVE-2025-57833
CVSS scores:
CVE-2025-57833 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products:
openSUSE Backports SLE-15-SP6
_______________________________

An update that fixes one vulnerability is now available.

Description:

This update for python-Django fixes the following issues:

- CVE-2025-57833: Fixed potential SQL injection in FilteredRelation column
aliases (boo#1248810).

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP6:

zypper in -t patch openSUSE-2025-335=1

Package List:

- openSUSE Backports SLE-15-SP6 (noarch):

python3-Django-2.2.28-bp156.18.1

References:

https://www.suse.com/security/cve/CVE-2025-57833.html
https://bugzilla.suse.com/1248810



openSUSE-SU-2025:0336-1: important: Security update for chromium, gn


openSUSE Security Update: Security update for chromium, gn
_______________________________

Announcement ID: openSUSE-SU-2025:0336-1
Rating: important
References: #1249093
Cross-References: CVE-2025-9864 CVE-2025-9865 CVE-2025-9866
CVE-2025-9867
Affected Products:
openSUSE Backports SLE-15-SP6
_______________________________

An update that fixes four vulnerabilities is now available.

Description:

This update for chromium, gn fixes the following issues:

- Chromium 140.0.7339.80 (boo#1249093):
* new permission prompt for local network access
* CVE-2025-9864: Use after free in V8
* CVE-2025-9865: Inappropriate implementation in Toolbar
* CVE-2025-9866: Inappropriate implementation in Extensions
* CVE-2025-9867: Inappropriate implementation in Downloads
* Various fixes from internal audits, fuzzing and other initiatives

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP6:

zypper in -t patch openSUSE-2025-336=1

Package List:

- openSUSE Backports SLE-15-SP6 (aarch64 i586 ppc64le s390x x86_64):

gn-0.20250619-bp156.2.12.1
gn-debuginfo-0.20250619-bp156.2.12.1
gn-debugsource-0.20250619-bp156.2.12.1

- openSUSE Backports SLE-15-SP6 (aarch64 x86_64):

chromedriver-140.0.7339.80-bp156.2.164.1
chromium-140.0.7339.80-bp156.2.164.1

References:

https://www.suse.com/security/cve/CVE-2025-9864.html
https://www.suse.com/security/cve/CVE-2025-9865.html
https://www.suse.com/security/cve/CVE-2025-9866.html
https://www.suse.com/security/cve/CVE-2025-9867.html
https://bugzilla.suse.com/1249093



SUSE-SU-2025:03087-1: moderate: Security update for perl-Authen-SASL, perl-Crypt-URandom


# Security update for perl-Authen-SASL, perl-Crypt-URandom

Announcement ID: SUSE-SU-2025:03087-1
Release Date: 2025-09-05T10:34:04Z
Rating: moderate
References:

* bsc#1246623
* jsc#PED-13306

Cross-References:

* CVE-2025-40918

CVSS scores:

* CVE-2025-40918 ( SUSE ): 8.2
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2025-40918 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
* CVE-2025-40918 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Affected Products:

* Development Tools Module 15-SP6
* Development Tools Module 15-SP7
* openSUSE Leap 15.6
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7

An update that solves one vulnerability and contains one feature can now be
installed.

## Description:

This update for perl-Authen-SASL, perl-Crypt-URandom fixes the following issues:

Changes in perl-Authen-SASL:

* CVE-2025-40918: Fixed insecurely generated client nonce (bsc#1246623)

Changes in perl-Crypt-URandom:

* Included 0.540.0 for use by perl-Authen-SASL in SLE-15 (jsc#PED-13306 /
bsc#1246623).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2025-3087=1

* Development Tools Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-3087=1

* Development Tools Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP7-2025-3087=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-3087=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-3087=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-3087=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-3087=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-3087=1

* SUSE Linux Enterprise Server 15 SP3 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-3087=1

* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-3087=1

* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-3087=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-3087=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-3087=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-3087=1

* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2025-3087=1

## Package List:

* openSUSE Leap 15.6 (noarch)
* perl-Authen-SASL-2.16-150000.1.6.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* perl-Crypt-URandom-debuginfo-0.540.0-150000.1.3.1
* perl-Crypt-URandom-0.540.0-150000.1.3.1
* perl-Crypt-URandom-debugsource-0.540.0-150000.1.3.1
* Development Tools Module 15-SP6 (noarch)
* perl-Authen-SASL-2.16-150000.1.6.1
* Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* perl-Crypt-URandom-debuginfo-0.540.0-150000.1.3.1
* perl-Crypt-URandom-0.540.0-150000.1.3.1
* perl-Crypt-URandom-debugsource-0.540.0-150000.1.3.1
* Development Tools Module 15-SP7 (noarch)
* perl-Authen-SASL-2.16-150000.1.6.1
* Development Tools Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* perl-Crypt-URandom-debuginfo-0.540.0-150000.1.3.1
* perl-Crypt-URandom-0.540.0-150000.1.3.1
* perl-Crypt-URandom-debugsource-0.540.0-150000.1.3.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
* perl-Authen-SASL-2.16-150000.1.6.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
x86_64)
* perl-Crypt-URandom-debuginfo-0.540.0-150000.1.3.1
* perl-Crypt-URandom-0.540.0-150000.1.3.1
* perl-Crypt-URandom-debugsource-0.540.0-150000.1.3.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
* perl-Authen-SASL-2.16-150000.1.6.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* perl-Crypt-URandom-debuginfo-0.540.0-150000.1.3.1
* perl-Crypt-URandom-0.540.0-150000.1.3.1
* perl-Crypt-URandom-debugsource-0.540.0-150000.1.3.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
* perl-Authen-SASL-2.16-150000.1.6.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* perl-Crypt-URandom-debuginfo-0.540.0-150000.1.3.1
* perl-Crypt-URandom-0.540.0-150000.1.3.1
* perl-Crypt-URandom-debugsource-0.540.0-150000.1.3.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
* perl-Authen-SASL-2.16-150000.1.6.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
x86_64)
* perl-Crypt-URandom-debuginfo-0.540.0-150000.1.3.1
* perl-Crypt-URandom-0.540.0-150000.1.3.1
* perl-Crypt-URandom-debugsource-0.540.0-150000.1.3.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
* perl-Authen-SASL-2.16-150000.1.6.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
x86_64)
* perl-Crypt-URandom-debuginfo-0.540.0-150000.1.3.1
* perl-Crypt-URandom-0.540.0-150000.1.3.1
* perl-Crypt-URandom-debugsource-0.540.0-150000.1.3.1
* SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
* perl-Authen-SASL-2.16-150000.1.6.1
* SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
* perl-Crypt-URandom-debuginfo-0.540.0-150000.1.3.1
* perl-Crypt-URandom-0.540.0-150000.1.3.1
* perl-Crypt-URandom-debugsource-0.540.0-150000.1.3.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
* perl-Authen-SASL-2.16-150000.1.6.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* perl-Crypt-URandom-debuginfo-0.540.0-150000.1.3.1
* perl-Crypt-URandom-0.540.0-150000.1.3.1
* perl-Crypt-URandom-debugsource-0.540.0-150000.1.3.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
* perl-Authen-SASL-2.16-150000.1.6.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* perl-Crypt-URandom-debuginfo-0.540.0-150000.1.3.1
* perl-Crypt-URandom-0.540.0-150000.1.3.1
* perl-Crypt-URandom-debugsource-0.540.0-150000.1.3.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
* perl-Authen-SASL-2.16-150000.1.6.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
* perl-Crypt-URandom-debuginfo-0.540.0-150000.1.3.1
* perl-Crypt-URandom-0.540.0-150000.1.3.1
* perl-Crypt-URandom-debugsource-0.540.0-150000.1.3.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
* perl-Authen-SASL-2.16-150000.1.6.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* perl-Crypt-URandom-debuginfo-0.540.0-150000.1.3.1
* perl-Crypt-URandom-0.540.0-150000.1.3.1
* perl-Crypt-URandom-debugsource-0.540.0-150000.1.3.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
* perl-Authen-SASL-2.16-150000.1.6.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* perl-Crypt-URandom-debuginfo-0.540.0-150000.1.3.1
* perl-Crypt-URandom-0.540.0-150000.1.3.1
* perl-Crypt-URandom-debugsource-0.540.0-150000.1.3.1
* SUSE Enterprise Storage 7.1 (noarch)
* perl-Authen-SASL-2.16-150000.1.6.1
* SUSE Enterprise Storage 7.1 (aarch64 x86_64)
* perl-Crypt-URandom-debuginfo-0.540.0-150000.1.3.1
* perl-Crypt-URandom-0.540.0-150000.1.3.1
* perl-Crypt-URandom-debugsource-0.540.0-150000.1.3.1

## References:

* https://www.suse.com/security/cve/CVE-2025-40918.html
* https://bugzilla.suse.com/show_bug.cgi?id=1246623
* https://jira.suse.com/browse/PED-13306



SUSE-SU-2025:03082-1: low: Security update for python-maturin


# Security update for python-maturin

Announcement ID: SUSE-SU-2025:03082-1
Release Date: 2025-09-05T08:27:45Z
Rating: low
References:

* bsc#1249011

Cross-References:

* CVE-2025-58160

CVSS scores:

* CVE-2025-58160 ( SUSE ): 2.3
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2025-58160 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N
* CVE-2025-58160 ( NVD ): 2.3
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Affected Products:

* openSUSE Leap 15.6

An update that solves one vulnerability can now be installed.

## Description:

This update for python-maturin fixes the following issues:

* CVE-2025-58160: terminal escape injection via ANSI sequences from untrusted
input (bsc#1249011).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2025-3082=1 openSUSE-SLE-15.6-2025-3082=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* python311-maturin-1.4.0-150600.3.9.1

## References:

* https://www.suse.com/security/cve/CVE-2025-58160.html
* https://bugzilla.suse.com/show_bug.cgi?id=1249011



SUSE-SU-2025:03089-1: moderate: Security update for nginx


# Security update for nginx

Announcement ID: SUSE-SU-2025:03089-1
Release Date: 2025-09-05T10:39:06Z
Rating: moderate
References:

* bsc#1236851
* bsc#1248070

Cross-References:

* CVE-2025-23419
* CVE-2025-53859

CVSS scores:

* CVE-2025-23419 ( SUSE ): 5.3
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2025-23419 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2025-23419 ( NVD ): 5.3
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2025-23419 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2025-53859 ( SUSE ): 6.3
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2025-53859 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2025-53859 ( NVD ): 6.3
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2025-53859 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Affected Products:

* openSUSE Leap 15.3

An update that solves two vulnerabilities can now be installed.

## Description:

This update for nginx fixes the following issues:

* CVE-2025-53859: the server side may leak arbitrary bytes during the NGINX
SMTP authentication process (bsc#1248070).
* CVE-2025-23419: session resumption can bypass client certificate
authentication requirements using TLSv1.3 (bsc#1236851).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.3
zypper in -t patch SUSE-2025-3089=1

## Package List:

* openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586)
* nginx-1.19.8-150300.3.18.1
* nginx-debuginfo-1.19.8-150300.3.18.1
* nginx-debugsource-1.19.8-150300.3.18.1
* openSUSE Leap 15.3 (noarch)
* vim-plugin-nginx-1.19.8-150300.3.18.1
* nginx-source-1.19.8-150300.3.18.1

## References:

* https://www.suse.com/security/cve/CVE-2025-23419.html
* https://www.suse.com/security/cve/CVE-2025-53859.html
* https://bugzilla.suse.com/show_bug.cgi?id=1236851
* https://bugzilla.suse.com/show_bug.cgi?id=1248070



openSUSE-SU-2025:15520-1: moderate: netty-4.1.126-1.1 on GA media


# netty-4.1.126-1.1 on GA media

Announcement ID: openSUSE-SU-2025:15520-1
Rating: moderate

Cross-References:

* CVE-2025-58056
* CVE-2025-58057

CVSS scores:

* CVE-2025-58057 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-58057 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves 2 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the netty-4.1.126-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* netty 4.1.126-1.1
* netty-bom 4.1.126-1.1
* netty-javadoc 4.1.126-1.1
* netty-parent 4.1.126-1.1

## References:

* https://www.suse.com/security/cve/CVE-2025-58056.html
* https://www.suse.com/security/cve/CVE-2025-58057.html



openSUSE-SU-2025:15522-1: moderate: libwireshark18-4.4.9-2.1 on GA media


# libwireshark18-4.4.9-2.1 on GA media

Announcement ID: openSUSE-SU-2025:15522-1
Rating: moderate

Cross-References:

* CVE-2025-9817

CVSS scores:

* CVE-2025-9817 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2025-9817 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the libwireshark18-4.4.9-2.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* libwireshark18 4.4.9-2.1
* libwiretap15 4.4.9-2.1
* libwsutil16 4.4.9-2.1
* wireshark 4.4.9-2.1
* wireshark-devel 4.4.9-2.1
* wireshark-ui-qt 4.4.9-2.1

## References:

* https://www.suse.com/security/cve/CVE-2025-9817.html



SUSE-SU-2025:03091-1: low: Security update for libsoup2


# Security update for libsoup2

Announcement ID: SUSE-SU-2025:03091-1
Release Date: 2025-09-05T13:29:47Z
Rating: low
References:

* bsc#1243314

Cross-References:

* CVE-2025-4945

CVSS scores:

* CVE-2025-4945 ( SUSE ): 2.3
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2025-4945 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
* CVE-2025-4945 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Affected Products:

* openSUSE Leap 15.4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4

An update that solves one vulnerability can now be installed.

## Description:

This update for libsoup2 fixes the following issues:

* CVE-2025-4945: Fixed Integer Overflow in Cookie Expiration Date Handling in
libsoup (bsc#1243314).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2025-3091=1

* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2025-3091=1

* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2025-3091=1

* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2025-3091=1

* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2025-3091=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2025-3091=1

## Package List:

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* libsoup-2_4-1-debuginfo-2.74.2-150400.3.12.1
* libsoup2-debugsource-2.74.2-150400.3.12.1
* typelib-1_0-Soup-2_4-2.74.2-150400.3.12.1
* libsoup-2_4-1-2.74.2-150400.3.12.1
* libsoup2-devel-2.74.2-150400.3.12.1
* openSUSE Leap 15.4 (x86_64)
* libsoup2-devel-32bit-2.74.2-150400.3.12.1
* libsoup-2_4-1-32bit-2.74.2-150400.3.12.1
* libsoup-2_4-1-32bit-debuginfo-2.74.2-150400.3.12.1
* openSUSE Leap 15.4 (noarch)
* libsoup2-lang-2.74.2-150400.3.12.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* libsoup-2_4-1-64bit-2.74.2-150400.3.12.1
* libsoup-2_4-1-64bit-debuginfo-2.74.2-150400.3.12.1
* libsoup2-devel-64bit-2.74.2-150400.3.12.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* libsoup-2_4-1-2.74.2-150400.3.12.1
* libsoup2-debugsource-2.74.2-150400.3.12.1
* libsoup-2_4-1-debuginfo-2.74.2-150400.3.12.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* libsoup-2_4-1-2.74.2-150400.3.12.1
* libsoup2-debugsource-2.74.2-150400.3.12.1
* libsoup-2_4-1-debuginfo-2.74.2-150400.3.12.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* libsoup-2_4-1-2.74.2-150400.3.12.1
* libsoup2-debugsource-2.74.2-150400.3.12.1
* libsoup-2_4-1-debuginfo-2.74.2-150400.3.12.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* libsoup-2_4-1-2.74.2-150400.3.12.1
* libsoup2-debugsource-2.74.2-150400.3.12.1
* libsoup-2_4-1-debuginfo-2.74.2-150400.3.12.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
* libsoup-2_4-1-2.74.2-150400.3.12.1
* libsoup2-debugsource-2.74.2-150400.3.12.1
* libsoup-2_4-1-debuginfo-2.74.2-150400.3.12.1

## References:

* https://www.suse.com/security/cve/CVE-2025-4945.html
* https://bugzilla.suse.com/show_bug.cgi?id=1243314



SUSE-SU-2025:03092-1: moderate: Security update for rav1e


# Security update for rav1e

Announcement ID: SUSE-SU-2025:03092-1
Release Date: 2025-09-05T17:20:55Z
Rating: moderate
References:

* bsc#1230028
* bsc#1247207

Cross-References:

* CVE-2024-58266

CVSS scores:

* CVE-2024-58266 ( SUSE ): 2.0
CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2024-58266 ( SUSE ): 3.6 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N
* CVE-2024-58266 ( NVD ): 3.2 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
* CVE-2024-58266 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* openSUSE Leap 15.4

An update that solves one vulnerability and has one security fix can now be
installed.

## Description:

This update for rav1e fixes the following issues:

* Update crate shlex to 1.3.0:
* CVE-2024-58266: Fixed command injection (bsc#1247207)
* RUSTSEC-2024-0006: Fixed multiple issues involving quote API (bsc#1230028)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2025-3092=1

## Package List:

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* librav1e0-debuginfo-0.5.1+0-150400.3.3.1
* rav1e-debuginfo-0.5.1+0-150400.3.3.1
* rav1e-0.5.1+0-150400.3.3.1
* rav1e-debugsource-0.5.1+0-150400.3.3.1
* librav1e0-0.5.1+0-150400.3.3.1
* rav1e-devel-0.5.1+0-150400.3.3.1
* openSUSE Leap 15.4 (x86_64)
* librav1e0-32bit-debuginfo-0.5.1+0-150400.3.3.1
* librav1e0-32bit-0.5.1+0-150400.3.3.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* librav1e0-64bit-0.5.1+0-150400.3.3.1
* librav1e0-64bit-debuginfo-0.5.1+0-150400.3.3.1

## References:

* https://www.suse.com/security/cve/CVE-2024-58266.html
* https://bugzilla.suse.com/show_bug.cgi?id=1230028
* https://bugzilla.suse.com/show_bug.cgi?id=1247207


Liquorix Linux Kernel 6.16-4 released

Chromium security update for Debian 12 and 13

Windows

Linux

macOS

Community

  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...
  • Philipp
    I would try the XanMod kernel: https://xanmod.orgĀ  I ...