Gstreamer, Framework Tool, Nginx, PostgreSQL, LightTPD, Jasper, Chromedriver updates for SUSE

SUSE 5495 Published 2025-08-17 07:34 by Philipp Esselbach

News

openSUSE-SU-2025:15447-1: moderate: gstreamer-plugins-rs-1.26.5+git11.949807a4-1.1 on GA media

# gstreamer-plugins-rs-1.26.5+git11.949807a4-1.1 on GA media

Announcement ID: openSUSE-SU-2025:15447-1
Rating: moderate

Cross-References:

* CVE-2025-55159

CVSS scores:

* CVE-2025-55159 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H
* CVE-2025-55159 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the gstreamer-plugins-rs-1.26.5+git11.949807a4-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* gstreamer-plugins-rs 1.26.5+git11.949807a4-1.1
* gstreamer-plugins-rs-devel 1.26.5+git11.949807a4-1.1

## References:

* https://www.suse.com/security/cve/CVE-2025-55159.html

openSUSE-SU-2025:15446-1: moderate: gstreamer-devtools-1.26.5-1.1 on GA media

# gstreamer-devtools-1.26.5-1.1 on GA media

Announcement ID: openSUSE-SU-2025:15446-1
Rating: moderate

Cross-References:

* CVE-2025-55159

CVSS scores:

* CVE-2025-55159 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H
* CVE-2025-55159 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the gstreamer-devtools-1.26.5-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* gstreamer-devtools 1.26.5-1.1
* gstreamer-devtools-devel 1.26.5-1.1
* libgstvalidate-1_0-0 1.26.5-1.1
* typelib-1_0-GstValidate-1_0 1.26.5-1.1

## References:

* https://www.suse.com/security/cve/CVE-2025-55159.html

openSUSE-SU-2025:15445-1: moderate: framework_tool-0.4.5-2.1 on GA media

# framework_tool-0.4.5-2.1 on GA media

Announcement ID: openSUSE-SU-2025:15445-1
Rating: moderate

Cross-References:

* CVE-2025-55159

CVSS scores:

* CVE-2025-55159 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H
* CVE-2025-55159 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the framework_tool-0.4.5-2.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* framework_tool 0.4.5-2.1

## References:

* https://www.suse.com/security/cve/CVE-2025-55159.html

openSUSE-SU-2025:15450-1: moderate: nginx-1.29.1-1.1 on GA media

# nginx-1.29.1-1.1 on GA media

Announcement ID: openSUSE-SU-2025:15450-1
Rating: moderate

Cross-References:

* CVE-2025-53859

CVSS scores:

* CVE-2025-53859 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2025-53859 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the nginx-1.29.1-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* nginx 1.29.1-1.1
* nginx-source 1.29.1-1.1

## References:

* https://www.suse.com/security/cve/CVE-2025-53859.html

openSUSE-SU-2025:15453-1: moderate: postgresql15-15.14-1.1 on GA media

# postgresql15-15.14-1.1 on GA media

Announcement ID: openSUSE-SU-2025:15453-1
Rating: moderate

Cross-References:

* CVE-2025-8713
* CVE-2025-8714
* CVE-2025-8715

CVSS scores:

* CVE-2025-8713 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2025-8713 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2025-8714 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-8714 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-8715 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-8715 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves 3 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the postgresql15-15.14-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* postgresql15 15.14-1.1
* postgresql15-contrib 15.14-1.1
* postgresql15-devel 15.14-1.1
* postgresql15-docs 15.14-1.1
* postgresql15-llvmjit 15.14-1.1
* postgresql15-llvmjit-devel 15.14-1.1
* postgresql15-plperl 15.14-1.1
* postgresql15-plpython 15.14-1.1
* postgresql15-pltcl 15.14-1.1
* postgresql15-server 15.14-1.1
* postgresql15-server-devel 15.14-1.1
* postgresql15-test 15.14-1.1

## References:

* https://www.suse.com/security/cve/CVE-2025-8713.html
* https://www.suse.com/security/cve/CVE-2025-8714.html
* https://www.suse.com/security/cve/CVE-2025-8715.html

openSUSE-SU-2025:15449-1: moderate: lighttpd-1.4.80-1.1 on GA media

# lighttpd-1.4.80-1.1 on GA media

Announcement ID: openSUSE-SU-2025:15449-1
Rating: moderate

Cross-References:

* CVE-2025-8671

CVSS scores:

* CVE-2025-8671 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-8671 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the lighttpd-1.4.80-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* lighttpd 1.4.80-1.1
* lighttpd-mod_authn_dbi 1.4.80-1.1
* lighttpd-mod_authn_gssapi 1.4.80-1.1
* lighttpd-mod_authn_ldap 1.4.80-1.1
* lighttpd-mod_authn_pam 1.4.80-1.1
* lighttpd-mod_authn_sasl 1.4.80-1.1
* lighttpd-mod_deflate 1.4.80-1.1
* lighttpd-mod_gnutls 1.4.80-1.1
* lighttpd-mod_magnet 1.4.80-1.1
* lighttpd-mod_maxminddb 1.4.80-1.1
* lighttpd-mod_mbedtls 1.4.80-1.1
* lighttpd-mod_nss 1.4.80-1.1
* lighttpd-mod_openssl 1.4.80-1.1
* lighttpd-mod_rrdtool 1.4.80-1.1
* lighttpd-mod_vhostdb_dbi 1.4.80-1.1
* lighttpd-mod_vhostdb_ldap 1.4.80-1.1
* lighttpd-mod_vhostdb_mysql 1.4.80-1.1
* lighttpd-mod_vhostdb_pgsql 1.4.80-1.1
* lighttpd-mod_webdav 1.4.80-1.1

## References:

* https://www.suse.com/security/cve/CVE-2025-8671.html

openSUSE-SU-2025:15448-1: moderate: jasper-4.2.8-2.1 on GA media

# jasper-4.2.8-2.1 on GA media

Announcement ID: openSUSE-SU-2025:15448-1
Rating: moderate

Cross-References:

* CVE-2025-8835
* CVE-2025-8836
* CVE-2025-8837

CVSS scores:

* CVE-2025-8835 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2025-8835 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-8836 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2025-8836 ( SUSE ): 2 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-8837 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H
* CVE-2025-8837 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves 3 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the jasper-4.2.8-2.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* jasper 4.2.8-2.1
* libjasper-devel 4.2.8-2.1
* libjasper7 4.2.8-2.1
* libjasper7-32bit 4.2.8-2.1

## References:

* https://www.suse.com/security/cve/CVE-2025-8835.html
* https://www.suse.com/security/cve/CVE-2025-8836.html
* https://www.suse.com/security/cve/CVE-2025-8837.html

openSUSE-SU-2025:15452-1: moderate: postgresql14-14.19-1.1 on GA media

# postgresql14-14.19-1.1 on GA media

Announcement ID: openSUSE-SU-2025:15452-1
Rating: moderate

Cross-References:

* CVE-2025-8713
* CVE-2025-8714
* CVE-2025-8715

CVSS scores:

* CVE-2025-8713 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2025-8713 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2025-8714 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-8714 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-8715 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-8715 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves 3 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the postgresql14-14.19-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* postgresql14 14.19-1.1
* postgresql14-contrib 14.19-1.1
* postgresql14-devel 14.19-1.1
* postgresql14-docs 14.19-1.1
* postgresql14-llvmjit 14.19-1.1
* postgresql14-llvmjit-devel 14.19-1.1
* postgresql14-plperl 14.19-1.1
* postgresql14-plpython 14.19-1.1
* postgresql14-pltcl 14.19-1.1
* postgresql14-server 14.19-1.1
* postgresql14-server-devel 14.19-1.1
* postgresql14-test 14.19-1.1

## References:

* https://www.suse.com/security/cve/CVE-2025-8713.html
* https://www.suse.com/security/cve/CVE-2025-8714.html
* https://www.suse.com/security/cve/CVE-2025-8715.html

openSUSE-SU-2025:15451-1: moderate: postgresql13-13.22-1.1 on GA media

# postgresql13-13.22-1.1 on GA media

Announcement ID: openSUSE-SU-2025:15451-1
Rating: moderate

Cross-References:

* CVE-2025-8713
* CVE-2025-8714
* CVE-2025-8715

CVSS scores:

* CVE-2025-8713 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2025-8713 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2025-8714 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-8714 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-8715 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-8715 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves 3 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the postgresql13-13.22-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* postgresql13 13.22-1.1
* postgresql13-contrib 13.22-1.1
* postgresql13-devel 13.22-1.1
* postgresql13-docs 13.22-1.1
* postgresql13-llvmjit 13.22-1.1
* postgresql13-llvmjit-devel 13.22-1.1
* postgresql13-plperl 13.22-1.1
* postgresql13-plpython 13.22-1.1
* postgresql13-pltcl 13.22-1.1
* postgresql13-server 13.22-1.1
* postgresql13-server-devel 13.22-1.1
* postgresql13-test 13.22-1.1

## References:

* https://www.suse.com/security/cve/CVE-2025-8713.html
* https://www.suse.com/security/cve/CVE-2025-8714.html
* https://www.suse.com/security/cve/CVE-2025-8715.html

openSUSE-SU-2025:15444-1: moderate: chromedriver-139.0.7258.127-1.1 on GA media

# chromedriver-139.0.7258.127-1.1 on GA media

Announcement ID: openSUSE-SU-2025:15444-1
Rating: moderate

Cross-References:

* CVE-2025-8879
* CVE-2025-8880
* CVE-2025-8881
* CVE-2025-8882
* CVE-2025-8901

Affected Products:

* openSUSE Tumbleweed

An update that solves 5 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the chromedriver-139.0.7258.127-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* chromedriver 139.0.7258.127-1.1
* chromium 139.0.7258.127-1.1

## References:

* https://www.suse.com/security/cve/CVE-2025-8879.html
* https://www.suse.com/security/cve/CVE-2025-8880.html
* https://www.suse.com/security/cve/CVE-2025-8881.html
* https://www.suse.com/security/cve/CVE-2025-8882.html
* https://www.suse.com/security/cve/CVE-2025-8901.html

Apptainer update for Fedora 41

MariaDB update for Debian 10 ELTS

Gstreamer, Framework Tool, Nginx, PostgreSQL, LightTPD, Jasper, Chromedriver updates for SUSE

openSUSE-SU-2025:15447-1: moderate: gstreamer-plugins-rs-1.26.5+git11.949807a4-1.1 on GA media

openSUSE-SU-2025:15446-1: moderate: gstreamer-devtools-1.26.5-1.1 on GA media

openSUSE-SU-2025:15445-1: moderate: framework_tool-0.4.5-2.1 on GA media

openSUSE-SU-2025:15450-1: moderate: nginx-1.29.1-1.1 on GA media

openSUSE-SU-2025:15453-1: moderate: postgresql15-15.14-1.1 on GA media

openSUSE-SU-2025:15449-1: moderate: lighttpd-1.4.80-1.1 on GA media

openSUSE-SU-2025:15448-1: moderate: jasper-4.2.8-2.1 on GA media

openSUSE-SU-2025:15452-1: moderate: postgresql14-14.19-1.1 on GA media

openSUSE-SU-2025:15451-1: moderate: postgresql13-13.22-1.1 on GA media

openSUSE-SU-2025:15444-1: moderate: chromedriver-139.0.7258.127-1.1 on GA media

Windows

Linux

macOS

Community