openSUSE-SU-2025:15177-1: moderate: ffmpeg-7-7.1.1-4.1 on GA media
openSUSE-SU-2025:15180-1: moderate: icinga2-2.14.6-1.1 on GA media
openSUSE-SU-2025:15182-1: moderate: nodejs-electron-35.5.0-1.1 on GA media
openSUSE-SU-2025:15181-1: moderate: kea-2.6.3-1.1 on GA media
openSUSE-SU-2025:15183-1: moderate: libopenssl-3-devel-3.5.0-3.1 on GA media
openSUSE-SU-2025:15184-1: moderate: pluto-5.21.7-1.1 on GA media
openSUSE-SU-2025:15179-1: moderate: govulncheck-vulndb-0.0.20250527T204717-1.1 on GA media
openSUSE-SU-2025:15174-1: moderate: MozillaThunderbird-128.11.0-1.1 on GA media
openSUSE-SU-2025:15176-1: moderate: curl-8.14.0-1.1 on GA media
openSUSE-SU-2025:15178-1: moderate: golang-github-prometheus-alertmanager-0.28.1-2.1 on GA media
openSUSE-SU-2025:15177-1: moderate: ffmpeg-7-7.1.1-4.1 on GA media
# ffmpeg-7-7.1.1-4.1 on GA media
Announcement ID: openSUSE-SU-2025:15177-1
Rating: moderate
Cross-References:
* CVE-2024-36615
* CVE-2024-36616
* CVE-2024-36617
* CVE-2024-36618
* CVE-2024-36619
CVSS scores:
* CVE-2024-36615 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
* CVE-2024-36615 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2024-36616 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
* CVE-2024-36616 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2024-36617 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
* CVE-2024-36617 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2024-36618 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
* CVE-2024-36618 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2024-36619 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-36619 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
Affected Products:
* openSUSE Tumbleweed
An update that solves 5 vulnerabilities can now be installed.
## Description:
These are all security issues fixed in the ffmpeg-7-7.1.1-4.1 package on the GA media of openSUSE Tumbleweed.
## Package List:
* openSUSE Tumbleweed:
* ffmpeg-7 7.1.1-4.1
* ffmpeg-7-libavcodec-devel 7.1.1-4.1
* ffmpeg-7-libavdevice-devel 7.1.1-4.1
* ffmpeg-7-libavfilter-devel 7.1.1-4.1
* ffmpeg-7-libavformat-devel 7.1.1-4.1
* ffmpeg-7-libavutil-devel 7.1.1-4.1
* ffmpeg-7-libpostproc-devel 7.1.1-4.1
* ffmpeg-7-libswresample-devel 7.1.1-4.1
* ffmpeg-7-libswscale-devel 7.1.1-4.1
* libavcodec61 7.1.1-4.1
* libavcodec61-32bit 7.1.1-4.1
* libavdevice61 7.1.1-4.1
* libavdevice61-32bit 7.1.1-4.1
* libavfilter10 7.1.1-4.1
* libavfilter10-32bit 7.1.1-4.1
* libavformat61 7.1.1-4.1
* libavformat61-32bit 7.1.1-4.1
* libavutil59 7.1.1-4.1
* libavutil59-32bit 7.1.1-4.1
* libpostproc58 7.1.1-4.1
* libpostproc58-32bit 7.1.1-4.1
* libswresample5 7.1.1-4.1
* libswresample5-32bit 7.1.1-4.1
* libswscale8 7.1.1-4.1
* libswscale8-32bit 7.1.1-4.1
## References:
* https://www.suse.com/security/cve/CVE-2024-36615.html
* https://www.suse.com/security/cve/CVE-2024-36616.html
* https://www.suse.com/security/cve/CVE-2024-36617.html
* https://www.suse.com/security/cve/CVE-2024-36618.html
* https://www.suse.com/security/cve/CVE-2024-36619.html
openSUSE-SU-2025:15180-1: moderate: icinga2-2.14.6-1.1 on GA media
# icinga2-2.14.6-1.1 on GA media
Announcement ID: openSUSE-SU-2025:15180-1
Rating: moderate
Cross-References:
* CVE-2025-48057
CVSS scores:
* CVE-2025-48057 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-48057 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L
Affected Products:
* openSUSE Tumbleweed
An update that solves one vulnerability can now be installed.
## Description:
These are all security issues fixed in the icinga2-2.14.6-1.1 package on the GA media of openSUSE Tumbleweed.
## Package List:
* openSUSE Tumbleweed:
* icinga2 2.14.6-1.1
* icinga2-bin 2.14.6-1.1
* icinga2-common 2.14.6-1.1
* icinga2-doc 2.14.6-1.1
* icinga2-ido-mysql 2.14.6-1.1
* icinga2-ido-pgsql 2.14.6-1.1
* nano-icinga2 2.14.6-1.1
* vim-icinga2 2.14.6-1.1
## References:
* https://www.suse.com/security/cve/CVE-2025-48057.html
openSUSE-SU-2025:15182-1: moderate: nodejs-electron-35.5.0-1.1 on GA media
# nodejs-electron-35.5.0-1.1 on GA media
Announcement ID: openSUSE-SU-2025:15182-1
Rating: moderate
Cross-References:
* CVE-2025-4609
Affected Products:
* openSUSE Tumbleweed
An update that solves one vulnerability can now be installed.
## Description:
These are all security issues fixed in the nodejs-electron-35.5.0-1.1 package on the GA media of openSUSE Tumbleweed.
## Package List:
* openSUSE Tumbleweed:
* nodejs-electron 35.5.0-1.1
* nodejs-electron-devel 35.5.0-1.1
* nodejs-electron-doc 35.5.0-1.1
## References:
* https://www.suse.com/security/cve/CVE-2025-4609.html
openSUSE-SU-2025:15181-1: moderate: kea-2.6.3-1.1 on GA media
# kea-2.6.3-1.1 on GA media
Announcement ID: openSUSE-SU-2025:15181-1
Rating: moderate
Cross-References:
* CVE-2025-32801
* CVE-2025-32802
* CVE-2025-32803
CVSS scores:
* CVE-2025-32801 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-32801 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-32802 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
* CVE-2025-32802 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2025-32803 ( SUSE ): 4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2025-32803 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
Affected Products:
* openSUSE Tumbleweed
An update that solves 3 vulnerabilities can now be installed.
## Description:
These are all security issues fixed in the kea-2.6.3-1.1 package on the GA media of openSUSE Tumbleweed.
## Package List:
* openSUSE Tumbleweed:
* kea 2.6.3-1.1
* kea-devel 2.6.3-1.1
* kea-doc 2.6.3-1.1
* kea-hooks 2.6.3-1.1
* libkea-asiodns49 2.6.3-1.1
* libkea-asiolink72 2.6.3-1.1
* libkea-cc68 2.6.3-1.1
* libkea-cfgclient66 2.6.3-1.1
* libkea-cryptolink50 2.6.3-1.1
* libkea-d2srv47 2.6.3-1.1
* libkea-database62 2.6.3-1.1
* libkea-dhcp++92 2.6.3-1.1
* libkea-dhcp_ddns57 2.6.3-1.1
* libkea-dhcpsrv111 2.6.3-1.1
* libkea-dns++57 2.6.3-1.1
* libkea-eval69 2.6.3-1.1
* libkea-exceptions33 2.6.3-1.1
* libkea-hooks100 2.6.3-1.1
* libkea-http72 2.6.3-1.1
* libkea-log61 2.6.3-1.1
* libkea-mysql71 2.6.3-1.1
* libkea-pgsql71 2.6.3-1.1
* libkea-process74 2.6.3-1.1
* libkea-stats41 2.6.3-1.1
* libkea-tcp19 2.6.3-1.1
* libkea-util-io0 2.6.3-1.1
* libkea-util86 2.6.3-1.1
* python3-kea 2.6.3-1.1
## References:
* https://www.suse.com/security/cve/CVE-2025-32801.html
* https://www.suse.com/security/cve/CVE-2025-32802.html
* https://www.suse.com/security/cve/CVE-2025-32803.html
openSUSE-SU-2025:15183-1: moderate: libopenssl-3-devel-3.5.0-3.1 on GA media
# libopenssl-3-devel-3.5.0-3.1 on GA media
Announcement ID: openSUSE-SU-2025:15183-1
Rating: moderate
Cross-References:
* CVE-2025-27587
* CVE-2025-4575
CVSS scores:
* CVE-2025-27587 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2025-27587 ( SUSE ): 6 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2025-4575 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
* CVE-2025-4575 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N
Affected Products:
* openSUSE Tumbleweed
An update that solves 2 vulnerabilities can now be installed.
## Description:
These are all security issues fixed in the libopenssl-3-devel-3.5.0-3.1 package on the GA media of openSUSE Tumbleweed.
## Package List:
* openSUSE Tumbleweed:
* libopenssl-3-devel 3.5.0-3.1
* libopenssl-3-devel-32bit 3.5.0-3.1
* libopenssl-3-fips-provider 3.5.0-3.1
* libopenssl-3-fips-provider-32bit 3.5.0-3.1
* libopenssl-3-fips-provider-x86-64-v3 3.5.0-3.1
* libopenssl3 3.5.0-3.1
* libopenssl3-32bit 3.5.0-3.1
* libopenssl3-x86-64-v3 3.5.0-3.1
* openssl-3 3.5.0-3.1
* openssl-3-doc 3.5.0-3.1
## References:
* https://www.suse.com/security/cve/CVE-2025-27587.html
* https://www.suse.com/security/cve/CVE-2025-4575.html
openSUSE-SU-2025:15184-1: moderate: pluto-5.21.7-1.1 on GA media
# pluto-5.21.7-1.1 on GA media
Announcement ID: openSUSE-SU-2025:15184-1
Rating: moderate
Cross-References:
* CVE-2025-22868
CVSS scores:
* CVE-2025-22868 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-22868 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Affected Products:
* openSUSE Tumbleweed
An update that solves one vulnerability can now be installed.
## Description:
These are all security issues fixed in the pluto-5.21.7-1.1 package on the GA media of openSUSE Tumbleweed.
## Package List:
* openSUSE Tumbleweed:
* pluto 5.21.7-1.1
* pluto-bash-completion 5.21.7-1.1
* pluto-fish-completion 5.21.7-1.1
* pluto-zsh-completion 5.21.7-1.1
## References:
* https://www.suse.com/security/cve/CVE-2025-22868.html
openSUSE-SU-2025:15179-1: moderate: govulncheck-vulndb-0.0.20250527T204717-1.1 on GA media
# govulncheck-vulndb-0.0.20250527T204717-1.1 on GA media
Announcement ID: openSUSE-SU-2025:15179-1
Rating: moderate
Cross-References:
* CVE-2025-4123
* CVE-2025-48075
* CVE-2025-48371
* CVE-2025-48374
CVSS scores:
* CVE-2025-4123 ( SUSE ): 7.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L
Affected Products:
* openSUSE Tumbleweed
An update that solves 4 vulnerabilities can now be installed.
## Description:
These are all security issues fixed in the govulncheck-vulndb-0.0.20250527T204717-1.1 package on the GA media of openSUSE Tumbleweed.
## Package List:
* openSUSE Tumbleweed:
* govulncheck-vulndb 0.0.20250527T204717-1.1
## References:
* https://www.suse.com/security/cve/CVE-2025-4123.html
* https://www.suse.com/security/cve/CVE-2025-48075.html
* https://www.suse.com/security/cve/CVE-2025-48371.html
* https://www.suse.com/security/cve/CVE-2025-48374.html
openSUSE-SU-2025:15174-1: moderate: MozillaThunderbird-128.11.0-1.1 on GA media
# MozillaThunderbird-128.11.0-1.1 on GA media
Announcement ID: openSUSE-SU-2025:15174-1
Rating: moderate
Cross-References:
* CVE-2025-5262
* CVE-2025-5263
* CVE-2025-5264
* CVE-2025-5265
* CVE-2025-5266
* CVE-2025-5267
* CVE-2025-5268
* CVE-2025-5269
CVSS scores:
* CVE-2025-5263 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
* CVE-2025-5264 ( SUSE ): 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
* CVE-2025-5265 ( SUSE ): 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
* CVE-2025-5266 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2025-5267 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
* CVE-2025-5268 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2025-5269 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Affected Products:
* openSUSE Tumbleweed
An update that solves 8 vulnerabilities can now be installed.
## Description:
These are all security issues fixed in the MozillaThunderbird-128.11.0-1.1 package on the GA media of openSUSE Tumbleweed.
## Package List:
* openSUSE Tumbleweed:
* MozillaThunderbird 128.11.0-1.1
* MozillaThunderbird-openpgp-librnp 128.11.0-1.1
* MozillaThunderbird-translations-common 128.11.0-1.1
* MozillaThunderbird-translations-other 128.11.0-1.1
## References:
* https://www.suse.com/security/cve/CVE-2025-5262.html
* https://www.suse.com/security/cve/CVE-2025-5263.html
* https://www.suse.com/security/cve/CVE-2025-5264.html
* https://www.suse.com/security/cve/CVE-2025-5265.html
* https://www.suse.com/security/cve/CVE-2025-5266.html
* https://www.suse.com/security/cve/CVE-2025-5267.html
* https://www.suse.com/security/cve/CVE-2025-5268.html
* https://www.suse.com/security/cve/CVE-2025-5269.html
openSUSE-SU-2025:15176-1: moderate: curl-8.14.0-1.1 on GA media
# curl-8.14.0-1.1 on GA media
Announcement ID: openSUSE-SU-2025:15176-1
Rating: moderate
Cross-References:
* CVE-2025-4947
* CVE-2025-5025
CVSS scores:
* CVE-2025-4947 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
* CVE-2025-4947 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2025-5025 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
* CVE-2025-5025 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N
Affected Products:
* openSUSE Tumbleweed
An update that solves 2 vulnerabilities can now be installed.
## Description:
These are all security issues fixed in the curl-8.14.0-1.1 package on the GA media of openSUSE Tumbleweed.
## Package List:
* openSUSE Tumbleweed:
* curl 8.14.0-1.1
* curl-fish-completion 8.14.0-1.1
* curl-zsh-completion 8.14.0-1.1
* libcurl-devel 8.14.0-1.1
* libcurl-devel-32bit 8.14.0-1.1
* libcurl-devel-doc 8.14.0-1.1
* libcurl4 8.14.0-1.1
* libcurl4-32bit 8.14.0-1.1
## References:
* https://www.suse.com/security/cve/CVE-2025-4947.html
* https://www.suse.com/security/cve/CVE-2025-5025.html
openSUSE-SU-2025:15178-1: moderate: golang-github-prometheus-alertmanager-0.28.1-2.1 on GA media
# golang-github-prometheus-alertmanager-0.28.1-2.1 on GA media
Announcement ID: openSUSE-SU-2025:15178-1
Rating: moderate
Cross-References:
* CVE-2025-22870
CVSS scores:
* CVE-2025-22870 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
* CVE-2025-22870 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N
Affected Products:
* openSUSE Tumbleweed
An update that solves one vulnerability can now be installed.
## Description:
These are all security issues fixed in the golang-github-prometheus-alertmanager-0.28.1-2.1 package on the GA media of openSUSE Tumbleweed.
## Package List:
* openSUSE Tumbleweed:
* golang-github-prometheus-alertmanager 0.28.1-2.1
## References:
* https://www.suse.com/security/cve/CVE-2025-22870.html
