Gstreamer-Plugins-Good, Kubernetes, LibXML2, FFmpeg, Coreutils, Poppler, Python updates for SUSE

SUSE 5495 Published by

SUSE Linux has received several security updates, including Gstreamer-Plugins-Good, Kubernetes, LibXML2, FFmpeg, Coreutils, Poppler, and Python:

SUSE-SU-2025:02347-1: important: Security update for gstreamer-plugins-good
SUSE-SU-2025:02351-1: moderate: Security update for kubernetes1.25
SUSE-SU-2025:02355-1: important: Security update for libxml2
SUSE-SU-2025:02352-1: moderate: Security update for ffmpeg
SUSE-SU-2025:02350-1: moderate: Security update for kubernetes1.28
SUSE-SU-2025:02354-1: moderate: Security update for coreutils
SUSE-SU-2025:02357-1: important: Security update for poppler
SUSE-SU-2025:02358-1: moderate: Security update for python311
openSUSE-SU-2025:15347-1: moderate: apache-commons-lang3-3.18.0-1.1 on GA media




SUSE-SU-2025:02347-1: important: Security update for gstreamer-plugins-good


# Security update for gstreamer-plugins-good

Announcement ID: SUSE-SU-2025:02347-1
Release Date: 2025-07-17T11:37:58Z
Rating: important
References:

* bsc#1234421
* bsc#1244405
* bsc#1244406

Cross-References:

* CVE-2024-47540
* CVE-2025-47183
* CVE-2025-47219

CVSS scores:

* CVE-2024-47540 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-47540 ( NVD ): 8.6
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2024-47540 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-47183 ( SUSE ): 5.2
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-47183 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H
* CVE-2025-47219 ( SUSE ): 5.2
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-47219 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H

Affected Products:

* openSUSE Leap 15.4

An update that solves three vulnerabilities can now be installed.

## Description:

This update for gstreamer-plugins-good fixes the following issues:

* CVE-2025-47183: Fixed out-of-bounds read in MOV/MP4 demuxer (bsc#1244406).
* CVE-2025-47219: Fixed out-of-bounds read in MOV/MP4 demuxer (bsc#1244405).
* CVE-2024-47540: Fixed uninitialized stack memory in Matroska/WebM demuxer
(bsc#1234421).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2025-2347=1

## Package List:

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* gstreamer-plugins-good-qtqml-1.20.1-150400.3.14.1
* gstreamer-plugins-good-jack-debuginfo-1.20.1-150400.3.14.1
* gstreamer-plugins-good-gtk-1.20.1-150400.3.14.1
* gstreamer-plugins-good-gtk-debuginfo-1.20.1-150400.3.14.1
* gstreamer-plugins-good-extra-1.20.1-150400.3.14.1
* gstreamer-plugins-good-qtqml-debuginfo-1.20.1-150400.3.14.1
* gstreamer-plugins-good-1.20.1-150400.3.14.1
* gstreamer-plugins-good-jack-1.20.1-150400.3.14.1
* gstreamer-plugins-good-debuginfo-1.20.1-150400.3.14.1
* gstreamer-plugins-good-extra-debuginfo-1.20.1-150400.3.14.1
* gstreamer-plugins-good-debugsource-1.20.1-150400.3.14.1
* openSUSE Leap 15.4 (x86_64)
* gstreamer-plugins-good-32bit-debuginfo-1.20.1-150400.3.14.1
* gstreamer-plugins-good-extra-32bit-1.20.1-150400.3.14.1
* gstreamer-plugins-good-jack-32bit-1.20.1-150400.3.14.1
* gstreamer-plugins-good-32bit-1.20.1-150400.3.14.1
* gstreamer-plugins-good-extra-32bit-debuginfo-1.20.1-150400.3.14.1
* gstreamer-plugins-good-jack-32bit-debuginfo-1.20.1-150400.3.14.1
* openSUSE Leap 15.4 (noarch)
* gstreamer-plugins-good-lang-1.20.1-150400.3.14.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* gstreamer-plugins-good-extra-64bit-debuginfo-1.20.1-150400.3.14.1
* gstreamer-plugins-good-64bit-1.20.1-150400.3.14.1
* gstreamer-plugins-good-jack-64bit-debuginfo-1.20.1-150400.3.14.1
* gstreamer-plugins-good-64bit-debuginfo-1.20.1-150400.3.14.1
* gstreamer-plugins-good-extra-64bit-1.20.1-150400.3.14.1
* gstreamer-plugins-good-jack-64bit-1.20.1-150400.3.14.1

## References:

* https://www.suse.com/security/cve/CVE-2024-47540.html
* https://www.suse.com/security/cve/CVE-2025-47183.html
* https://www.suse.com/security/cve/CVE-2025-47219.html
* https://bugzilla.suse.com/show_bug.cgi?id=1234421
* https://bugzilla.suse.com/show_bug.cgi?id=1244405
* https://bugzilla.suse.com/show_bug.cgi?id=1244406



SUSE-SU-2025:02351-1: moderate: Security update for kubernetes1.25


# Security update for kubernetes1.25

Announcement ID: SUSE-SU-2025:02351-1
Release Date: 2025-07-17T12:32:56Z
Rating: moderate
References:

* bsc#1241865

Cross-References:

* CVE-2025-22872

CVSS scores:

* CVE-2025-22872 ( SUSE ): 6.3
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L
* CVE-2025-22872 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L
* CVE-2025-22872 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L

Affected Products:

* Containers Module 15-SP6
* openSUSE Leap 15.4
* openSUSE Leap 15.6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves one vulnerability can now be installed.

## Description:

This update for kubernetes1.25 fixes the following issues:

* CVE-2025-22872: Properly handle trailing solidus in unquoted attribute value
in foreign content (bsc#1241865).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2025-2351=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2025-2351=1

* Containers Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2025-2351=1

## Package List:

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64)
* kubernetes1.25-proxy-1.25.16-150400.9.22.1
* kubernetes1.25-kubelet-1.25.16-150400.9.22.1
* kubernetes1.25-controller-manager-1.25.16-150400.9.22.1
* kubernetes1.25-kubelet-common-1.25.16-150400.9.22.1
* kubernetes1.25-apiserver-1.25.16-150400.9.22.1
* kubernetes1.25-kubeadm-1.25.16-150400.9.22.1
* kubernetes1.25-client-1.25.16-150400.9.22.1
* kubernetes1.25-client-common-1.25.16-150400.9.22.1
* kubernetes1.25-scheduler-1.25.16-150400.9.22.1
* openSUSE Leap 15.4 (noarch)
* kubernetes1.25-client-fish-completion-1.25.16-150400.9.22.1
* kubernetes1.25-client-bash-completion-1.25.16-150400.9.22.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* kubernetes1.25-proxy-1.25.16-150400.9.22.1
* kubernetes1.25-kubelet-1.25.16-150400.9.22.1
* kubernetes1.25-controller-manager-1.25.16-150400.9.22.1
* kubernetes1.25-kubelet-common-1.25.16-150400.9.22.1
* kubernetes1.25-apiserver-1.25.16-150400.9.22.1
* kubernetes1.25-kubeadm-1.25.16-150400.9.22.1
* kubernetes1.25-client-1.25.16-150400.9.22.1
* kubernetes1.25-client-common-1.25.16-150400.9.22.1
* kubernetes1.25-scheduler-1.25.16-150400.9.22.1
* openSUSE Leap 15.6 (noarch)
* kubernetes1.25-client-fish-completion-1.25.16-150400.9.22.1
* kubernetes1.25-client-bash-completion-1.25.16-150400.9.22.1
* Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* kubernetes1.25-client-1.25.16-150400.9.22.1
* kubernetes1.25-client-common-1.25.16-150400.9.22.1

## References:

* https://www.suse.com/security/cve/CVE-2025-22872.html
* https://bugzilla.suse.com/show_bug.cgi?id=1241865



SUSE-SU-2025:02355-1: important: Security update for libxml2


# Security update for libxml2

Announcement ID: SUSE-SU-2025:02355-1
Release Date: 2025-07-17T13:02:50Z
Rating: important
References:

* bsc#1244554
* bsc#1244557
* bsc#1244590
* bsc#1244700

Cross-References:

* CVE-2025-49794
* CVE-2025-49796
* CVE-2025-6021
* CVE-2025-6170

CVSS scores:

* CVE-2025-49794 ( SUSE ): 8.8
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2025-49794 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
* CVE-2025-49794 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
* CVE-2025-49796 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
* CVE-2025-49796 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
* CVE-2025-6021 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-6021 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-6021 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-6170 ( SUSE ): 2.0
CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2025-6170 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
* CVE-2025-6170 ( NVD ): 2.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L

Affected Products:

* openSUSE Leap 15.4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3

An update that solves four vulnerabilities can now be installed.

## Description:

This update for libxml2 fixes the following issues:

* CVE-2025-49794: Fixed a heap use after free which could lead to denial of
service. (bsc#1244554)
* CVE-2025-49796: Fixed type confusion which could lead to denial of service.
(bsc#1244557)
* CVE-2025-6170: Fixed a stack buffer overflow which could lead to a crash.
(bsc#1244700)
* CVE-2025-6021: Fixed an integer overflow in xmlBuildQName() which could lead
to stack buffer overflow. (bsc#1244590)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2025-2355=1

* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2025-2355=1

* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2025-2355=1

* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2025-2355=1

* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2025-2355=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2355=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2355=1

* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2355=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2355=1

* SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-2355=1

* SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-2355=1

* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-2355=1

## Package List:

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* python3-libxml2-debuginfo-2.9.14-150400.5.44.1
* libxml2-python-debugsource-2.9.14-150400.5.44.1
* python311-libxml2-debuginfo-2.9.14-150400.5.44.1
* libxml2-devel-2.9.14-150400.5.44.1
* libxml2-tools-2.9.14-150400.5.44.1
* python311-libxml2-2.9.14-150400.5.44.1
* libxml2-debugsource-2.9.14-150400.5.44.1
* python3-libxml2-2.9.14-150400.5.44.1
* libxml2-tools-debuginfo-2.9.14-150400.5.44.1
* libxml2-2-2.9.14-150400.5.44.1
* libxml2-2-debuginfo-2.9.14-150400.5.44.1
* openSUSE Leap 15.4 (x86_64)
* libxml2-2-32bit-2.9.14-150400.5.44.1
* libxml2-2-32bit-debuginfo-2.9.14-150400.5.44.1
* libxml2-devel-32bit-2.9.14-150400.5.44.1
* openSUSE Leap 15.4 (noarch)
* libxml2-doc-2.9.14-150400.5.44.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* libxml2-devel-64bit-2.9.14-150400.5.44.1
* libxml2-2-64bit-debuginfo-2.9.14-150400.5.44.1
* libxml2-2-64bit-2.9.14-150400.5.44.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* python3-libxml2-debuginfo-2.9.14-150400.5.44.1
* libxml2-python-debugsource-2.9.14-150400.5.44.1
* libxml2-tools-2.9.14-150400.5.44.1
* libxml2-debugsource-2.9.14-150400.5.44.1
* python3-libxml2-2.9.14-150400.5.44.1
* libxml2-tools-debuginfo-2.9.14-150400.5.44.1
* libxml2-2-2.9.14-150400.5.44.1
* libxml2-2-debuginfo-2.9.14-150400.5.44.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* python3-libxml2-debuginfo-2.9.14-150400.5.44.1
* libxml2-python-debugsource-2.9.14-150400.5.44.1
* libxml2-tools-2.9.14-150400.5.44.1
* libxml2-debugsource-2.9.14-150400.5.44.1
* python3-libxml2-2.9.14-150400.5.44.1
* libxml2-tools-debuginfo-2.9.14-150400.5.44.1
* libxml2-2-2.9.14-150400.5.44.1
* libxml2-2-debuginfo-2.9.14-150400.5.44.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* python3-libxml2-debuginfo-2.9.14-150400.5.44.1
* libxml2-python-debugsource-2.9.14-150400.5.44.1
* libxml2-tools-2.9.14-150400.5.44.1
* libxml2-debugsource-2.9.14-150400.5.44.1
* python3-libxml2-2.9.14-150400.5.44.1
* libxml2-tools-debuginfo-2.9.14-150400.5.44.1
* libxml2-2-2.9.14-150400.5.44.1
* libxml2-2-debuginfo-2.9.14-150400.5.44.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* python3-libxml2-debuginfo-2.9.14-150400.5.44.1
* libxml2-python-debugsource-2.9.14-150400.5.44.1
* libxml2-tools-2.9.14-150400.5.44.1
* libxml2-debugsource-2.9.14-150400.5.44.1
* python3-libxml2-2.9.14-150400.5.44.1
* libxml2-tools-debuginfo-2.9.14-150400.5.44.1
* libxml2-2-2.9.14-150400.5.44.1
* libxml2-2-debuginfo-2.9.14-150400.5.44.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* python3-libxml2-debuginfo-2.9.14-150400.5.44.1
* python311-libxml2-debuginfo-2.9.14-150400.5.44.1
* libxml2-devel-2.9.14-150400.5.44.1
* libxml2-tools-2.9.14-150400.5.44.1
* python311-libxml2-2.9.14-150400.5.44.1
* libxml2-debugsource-2.9.14-150400.5.44.1
* python3-libxml2-2.9.14-150400.5.44.1
* libxml2-tools-debuginfo-2.9.14-150400.5.44.1
* libxml2-2-2.9.14-150400.5.44.1
* libxml2-2-debuginfo-2.9.14-150400.5.44.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64)
* libxml2-2-32bit-2.9.14-150400.5.44.1
* libxml2-2-32bit-debuginfo-2.9.14-150400.5.44.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* python3-libxml2-debuginfo-2.9.14-150400.5.44.1
* python311-libxml2-debuginfo-2.9.14-150400.5.44.1
* libxml2-devel-2.9.14-150400.5.44.1
* libxml2-tools-2.9.14-150400.5.44.1
* python311-libxml2-2.9.14-150400.5.44.1
* libxml2-debugsource-2.9.14-150400.5.44.1
* python3-libxml2-2.9.14-150400.5.44.1
* libxml2-tools-debuginfo-2.9.14-150400.5.44.1
* libxml2-2-2.9.14-150400.5.44.1
* libxml2-2-debuginfo-2.9.14-150400.5.44.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64)
* libxml2-2-32bit-2.9.14-150400.5.44.1
* libxml2-2-32bit-debuginfo-2.9.14-150400.5.44.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* python3-libxml2-debuginfo-2.9.14-150400.5.44.1
* python311-libxml2-debuginfo-2.9.14-150400.5.44.1
* libxml2-devel-2.9.14-150400.5.44.1
* libxml2-tools-2.9.14-150400.5.44.1
* python311-libxml2-2.9.14-150400.5.44.1
* libxml2-debugsource-2.9.14-150400.5.44.1
* python3-libxml2-2.9.14-150400.5.44.1
* libxml2-tools-debuginfo-2.9.14-150400.5.44.1
* libxml2-2-2.9.14-150400.5.44.1
* libxml2-2-debuginfo-2.9.14-150400.5.44.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64)
* libxml2-2-32bit-2.9.14-150400.5.44.1
* libxml2-2-32bit-debuginfo-2.9.14-150400.5.44.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* python3-libxml2-debuginfo-2.9.14-150400.5.44.1
* python311-libxml2-debuginfo-2.9.14-150400.5.44.1
* libxml2-devel-2.9.14-150400.5.44.1
* libxml2-tools-2.9.14-150400.5.44.1
* python311-libxml2-2.9.14-150400.5.44.1
* libxml2-debugsource-2.9.14-150400.5.44.1
* python3-libxml2-2.9.14-150400.5.44.1
* libxml2-tools-debuginfo-2.9.14-150400.5.44.1
* libxml2-2-2.9.14-150400.5.44.1
* libxml2-2-debuginfo-2.9.14-150400.5.44.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
* libxml2-2-32bit-2.9.14-150400.5.44.1
* libxml2-2-32bit-debuginfo-2.9.14-150400.5.44.1
* SUSE Manager Proxy 4.3 (x86_64)
* python3-libxml2-debuginfo-2.9.14-150400.5.44.1
* libxml2-2-32bit-debuginfo-2.9.14-150400.5.44.1
* libxml2-devel-2.9.14-150400.5.44.1
* libxml2-tools-2.9.14-150400.5.44.1
* libxml2-debugsource-2.9.14-150400.5.44.1
* python3-libxml2-2.9.14-150400.5.44.1
* libxml2-tools-debuginfo-2.9.14-150400.5.44.1
* libxml2-2-2.9.14-150400.5.44.1
* libxml2-2-32bit-2.9.14-150400.5.44.1
* libxml2-2-debuginfo-2.9.14-150400.5.44.1
* SUSE Manager Retail Branch Server 4.3 (x86_64)
* python3-libxml2-debuginfo-2.9.14-150400.5.44.1
* libxml2-2-32bit-debuginfo-2.9.14-150400.5.44.1
* libxml2-devel-2.9.14-150400.5.44.1
* libxml2-tools-2.9.14-150400.5.44.1
* libxml2-debugsource-2.9.14-150400.5.44.1
* python3-libxml2-2.9.14-150400.5.44.1
* libxml2-tools-debuginfo-2.9.14-150400.5.44.1
* libxml2-2-2.9.14-150400.5.44.1
* libxml2-2-32bit-2.9.14-150400.5.44.1
* libxml2-2-debuginfo-2.9.14-150400.5.44.1
* SUSE Manager Server 4.3 (ppc64le s390x x86_64)
* python3-libxml2-debuginfo-2.9.14-150400.5.44.1
* libxml2-devel-2.9.14-150400.5.44.1
* libxml2-tools-2.9.14-150400.5.44.1
* libxml2-debugsource-2.9.14-150400.5.44.1
* python3-libxml2-2.9.14-150400.5.44.1
* libxml2-tools-debuginfo-2.9.14-150400.5.44.1
* libxml2-2-2.9.14-150400.5.44.1
* libxml2-2-debuginfo-2.9.14-150400.5.44.1
* SUSE Manager Server 4.3 (x86_64)
* libxml2-2-32bit-2.9.14-150400.5.44.1
* libxml2-2-32bit-debuginfo-2.9.14-150400.5.44.1

## References:

* https://www.suse.com/security/cve/CVE-2025-49794.html
* https://www.suse.com/security/cve/CVE-2025-49796.html
* https://www.suse.com/security/cve/CVE-2025-6021.html
* https://www.suse.com/security/cve/CVE-2025-6170.html
* https://bugzilla.suse.com/show_bug.cgi?id=1244554
* https://bugzilla.suse.com/show_bug.cgi?id=1244557
* https://bugzilla.suse.com/show_bug.cgi?id=1244590
* https://bugzilla.suse.com/show_bug.cgi?id=1244700



SUSE-SU-2025:02352-1: moderate: Security update for ffmpeg


# Security update for ffmpeg

Announcement ID: SUSE-SU-2025:02352-1
Release Date: 2025-07-17T12:33:44Z
Rating: moderate
References:

* bsc#1198898
* bsc#1234018
* bsc#1234019
* bsc#1234020

Cross-References:

* CVE-2022-1475
* CVE-2024-36616
* CVE-2024-36617
* CVE-2024-36618

CVSS scores:

* CVE-2022-1475 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2022-1475 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2024-36616 ( SUSE ): 6.9
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2024-36616 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
* CVE-2024-36616 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2024-36617 ( SUSE ): 6.9
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2024-36617 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
* CVE-2024-36617 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-36618 ( SUSE ): 6.9
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2024-36618 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
* CVE-2024-36618 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* Desktop Applications Module 15-SP6
* Desktop Applications Module 15-SP7
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7
* SUSE Linux Enterprise Workstation Extension 15 SP6
* SUSE Linux Enterprise Workstation Extension 15 SP7
* SUSE Package Hub 15 15-SP6
* SUSE Package Hub 15 15-SP7

An update that solves four vulnerabilities can now be installed.

## Description:

This update for ffmpeg fixes the following issues:

* CVE-2022-1475: Fixed integer overflow in g729_parse() in
llibavcodec/g729_parser.c (bsc#1198898).
* CVE-2024-36616: Fixed integer overflow in the component
libavformat/westwood_vqa.c (bsc#1234018).
* CVE-2024-36617: Fixed integer overflow vulnerability in the FFmpeg CAF
decoder (bsc#1234019).
* CVE-2024-36618: Fixed vulnerability in the AVI demuxer of the libavformat
library (bsc#1234020).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Package Hub 15 15-SP7
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-2352=1

* SUSE Linux Enterprise Workstation Extension 15 SP6
zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2025-2352=1

* SUSE Linux Enterprise Workstation Extension 15 SP7
zypper in -t patch SUSE-SLE-Product-WE-15-SP7-2025-2352=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2025-2352=1

* Desktop Applications Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-2352=1

* Desktop Applications Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP7-2025-2352=1

* SUSE Package Hub 15 15-SP6
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-2352=1

## Package List:

* SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64)
* ffmpeg-debugsource-3.4.2-150200.11.64.1
* ffmpeg-3.4.2-150200.11.64.1
* libavfilter6-3.4.2-150200.11.64.1
* libavformat57-debuginfo-3.4.2-150200.11.64.1
* libavfilter6-debuginfo-3.4.2-150200.11.64.1
* libavresample3-debuginfo-3.4.2-150200.11.64.1
* libavdevice57-3.4.2-150200.11.64.1
* libavformat57-3.4.2-150200.11.64.1
* libavdevice57-debuginfo-3.4.2-150200.11.64.1
* libavresample3-3.4.2-150200.11.64.1
* ffmpeg-debuginfo-3.4.2-150200.11.64.1
* SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64)
* ffmpeg-debugsource-3.4.2-150200.11.64.1
* libavformat-devel-3.4.2-150200.11.64.1
* libavresample-devel-3.4.2-150200.11.64.1
* libavresample3-debuginfo-3.4.2-150200.11.64.1
* libavformat57-debuginfo-3.4.2-150200.11.64.1
* libavformat57-3.4.2-150200.11.64.1
* libavresample3-3.4.2-150200.11.64.1
* libavcodec-devel-3.4.2-150200.11.64.1
* ffmpeg-debuginfo-3.4.2-150200.11.64.1
* SUSE Linux Enterprise Workstation Extension 15 SP7 (x86_64)
* ffmpeg-debugsource-3.4.2-150200.11.64.1
* libavformat-devel-3.4.2-150200.11.64.1
* libavresample-devel-3.4.2-150200.11.64.1
* libavresample3-debuginfo-3.4.2-150200.11.64.1
* libavformat57-debuginfo-3.4.2-150200.11.64.1
* libavformat57-3.4.2-150200.11.64.1
* libavresample3-3.4.2-150200.11.64.1
* libavcodec-devel-3.4.2-150200.11.64.1
* ffmpeg-debuginfo-3.4.2-150200.11.64.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* ffmpeg-debugsource-3.4.2-150200.11.64.1
* libavutil55-debuginfo-3.4.2-150200.11.64.1
* libpostproc54-3.4.2-150200.11.64.1
* libavformat-devel-3.4.2-150200.11.64.1
* ffmpeg-3.4.2-150200.11.64.1
* libavutil55-3.4.2-150200.11.64.1
* libswresample2-3.4.2-150200.11.64.1
* libavcodec57-debuginfo-3.4.2-150200.11.64.1
* ffmpeg-debuginfo-3.4.2-150200.11.64.1
* libavdevice-devel-3.4.2-150200.11.64.1
* libavformat57-debuginfo-3.4.2-150200.11.64.1
* libavutil-devel-3.4.2-150200.11.64.1
* libpostproc-devel-3.4.2-150200.11.64.1
* libavdevice57-3.4.2-150200.11.64.1
* libavdevice57-debuginfo-3.4.2-150200.11.64.1
* libavcodec-devel-3.4.2-150200.11.64.1
* libswscale4-3.4.2-150200.11.64.1
* libavresample-devel-3.4.2-150200.11.64.1
* libavfilter6-3.4.2-150200.11.64.1
* libavfilter6-debuginfo-3.4.2-150200.11.64.1
* libavformat57-3.4.2-150200.11.64.1
* libswscale-devel-3.4.2-150200.11.64.1
* libswscale4-debuginfo-3.4.2-150200.11.64.1
* libavcodec57-3.4.2-150200.11.64.1
* ffmpeg-private-devel-3.4.2-150200.11.64.1
* libswresample-devel-3.4.2-150200.11.64.1
* libavresample3-debuginfo-3.4.2-150200.11.64.1
* libavresample3-3.4.2-150200.11.64.1
* libavfilter-devel-3.4.2-150200.11.64.1
* libswresample2-debuginfo-3.4.2-150200.11.64.1
* libpostproc54-debuginfo-3.4.2-150200.11.64.1
* openSUSE Leap 15.6 (x86_64)
* libpostproc54-32bit-3.4.2-150200.11.64.1
* libavutil55-32bit-3.4.2-150200.11.64.1
* libswresample2-32bit-debuginfo-3.4.2-150200.11.64.1
* libavformat57-32bit-3.4.2-150200.11.64.1
* libavformat57-32bit-debuginfo-3.4.2-150200.11.64.1
* libavresample3-32bit-3.4.2-150200.11.64.1
* libavutil55-32bit-debuginfo-3.4.2-150200.11.64.1
* libswresample2-32bit-3.4.2-150200.11.64.1
* libavdevice57-32bit-debuginfo-3.4.2-150200.11.64.1
* libavfilter6-32bit-3.4.2-150200.11.64.1
* libavfilter6-32bit-debuginfo-3.4.2-150200.11.64.1
* libpostproc54-32bit-debuginfo-3.4.2-150200.11.64.1
* libswscale4-32bit-3.4.2-150200.11.64.1
* libavresample3-32bit-debuginfo-3.4.2-150200.11.64.1
* libswscale4-32bit-debuginfo-3.4.2-150200.11.64.1
* libavcodec57-32bit-debuginfo-3.4.2-150200.11.64.1
* libavdevice57-32bit-3.4.2-150200.11.64.1
* libavcodec57-32bit-3.4.2-150200.11.64.1
* Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* ffmpeg-debugsource-3.4.2-150200.11.64.1
* libavcodec57-3.4.2-150200.11.64.1
* libavutil55-debuginfo-3.4.2-150200.11.64.1
* libpostproc54-3.4.2-150200.11.64.1
* libswresample-devel-3.4.2-150200.11.64.1
* libavutil55-3.4.2-150200.11.64.1
* libavutil-devel-3.4.2-150200.11.64.1
* libpostproc-devel-3.4.2-150200.11.64.1
* libswresample2-3.4.2-150200.11.64.1
* libswresample2-debuginfo-3.4.2-150200.11.64.1
* libavcodec57-debuginfo-3.4.2-150200.11.64.1
* libswscale4-3.4.2-150200.11.64.1
* libswscale-devel-3.4.2-150200.11.64.1
* ffmpeg-debuginfo-3.4.2-150200.11.64.1
* libpostproc54-debuginfo-3.4.2-150200.11.64.1
* libswscale4-debuginfo-3.4.2-150200.11.64.1
* Desktop Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* ffmpeg-debugsource-3.4.2-150200.11.64.1
* libavcodec57-3.4.2-150200.11.64.1
* libavutil55-debuginfo-3.4.2-150200.11.64.1
* libpostproc54-3.4.2-150200.11.64.1
* libswresample-devel-3.4.2-150200.11.64.1
* libavutil55-3.4.2-150200.11.64.1
* libavutil-devel-3.4.2-150200.11.64.1
* libpostproc-devel-3.4.2-150200.11.64.1
* libswresample2-3.4.2-150200.11.64.1
* libswresample2-debuginfo-3.4.2-150200.11.64.1
* libavcodec57-debuginfo-3.4.2-150200.11.64.1
* libswscale4-3.4.2-150200.11.64.1
* libswscale-devel-3.4.2-150200.11.64.1
* ffmpeg-debuginfo-3.4.2-150200.11.64.1
* libpostproc54-debuginfo-3.4.2-150200.11.64.1
* libswscale4-debuginfo-3.4.2-150200.11.64.1
* SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64)
* ffmpeg-debugsource-3.4.2-150200.11.64.1
* ffmpeg-3.4.2-150200.11.64.1
* libavfilter6-3.4.2-150200.11.64.1
* libavformat57-debuginfo-3.4.2-150200.11.64.1
* libavfilter6-debuginfo-3.4.2-150200.11.64.1
* libavresample3-debuginfo-3.4.2-150200.11.64.1
* libavdevice57-3.4.2-150200.11.64.1
* libavformat57-3.4.2-150200.11.64.1
* libavdevice57-debuginfo-3.4.2-150200.11.64.1
* libavresample3-3.4.2-150200.11.64.1
* ffmpeg-debuginfo-3.4.2-150200.11.64.1

## References:

* https://www.suse.com/security/cve/CVE-2022-1475.html
* https://www.suse.com/security/cve/CVE-2024-36616.html
* https://www.suse.com/security/cve/CVE-2024-36617.html
* https://www.suse.com/security/cve/CVE-2024-36618.html
* https://bugzilla.suse.com/show_bug.cgi?id=1198898
* https://bugzilla.suse.com/show_bug.cgi?id=1234018
* https://bugzilla.suse.com/show_bug.cgi?id=1234019
* https://bugzilla.suse.com/show_bug.cgi?id=1234020



SUSE-SU-2025:02350-1: moderate: Security update for kubernetes1.28


# Security update for kubernetes1.28

Announcement ID: SUSE-SU-2025:02350-1
Release Date: 2025-07-17T12:32:34Z
Rating: moderate
References:

* bsc#1241865

Cross-References:

* CVE-2025-22872

CVSS scores:

* CVE-2025-22872 ( SUSE ): 6.3
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L
* CVE-2025-22872 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L
* CVE-2025-22872 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L

Affected Products:

* Containers Module 15-SP6
* openSUSE Leap 15.4
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves one vulnerability can now be installed.

## Description:

This update for kubernetes1.28 fixes the following issues:

* CVE-2025-22872: Properly handle trailing solidus in unquoted attribute value
in foreign content (bsc#1241865).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* Containers Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2025-2350=1

* openSUSE Leap 15.4
zypper in -t patch SUSE-2025-2350=1

## Package List:

* Containers Module 15-SP6 (s390x)
* kubernetes1.28-client-common-1.28.13-150400.9.14.1
* kubernetes1.28-client-1.28.13-150400.9.14.1
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64)
* kubernetes1.28-client-common-1.28.13-150400.9.14.1
* kubernetes1.28-kubeadm-1.28.13-150400.9.14.1
* kubernetes1.28-kubelet-1.28.13-150400.9.14.1
* kubernetes1.28-controller-manager-1.28.13-150400.9.14.1
* kubernetes1.28-proxy-1.28.13-150400.9.14.1
* kubernetes1.28-apiserver-1.28.13-150400.9.14.1
* kubernetes1.28-client-1.28.13-150400.9.14.1
* kubernetes1.28-kubelet-common-1.28.13-150400.9.14.1
* kubernetes1.28-scheduler-1.28.13-150400.9.14.1
* openSUSE Leap 15.4 (noarch)
* kubernetes1.28-client-fish-completion-1.28.13-150400.9.14.1
* kubernetes1.28-client-bash-completion-1.28.13-150400.9.14.1

## References:

* https://www.suse.com/security/cve/CVE-2025-22872.html
* https://bugzilla.suse.com/show_bug.cgi?id=1241865



SUSE-SU-2025:02354-1: moderate: Security update for coreutils


# Security update for coreutils

Announcement ID: SUSE-SU-2025:02354-1
Release Date: 2025-07-17T12:36:17Z
Rating: moderate
References:

* bsc#1219321
* bsc#1221632
* bsc#1243767

Cross-References:

* CVE-2025-5278

CVSS scores:

* CVE-2025-5278 ( SUSE ): 2.4
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-5278 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
* CVE-2025-5278 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

Affected Products:

* openSUSE Leap 15.3
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise Micro 5.1
* SUSE Linux Enterprise Micro 5.2
* SUSE Linux Enterprise Micro for Rancher 5.2
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP3

An update that solves one vulnerability and has two security fixes can now be
installed.

## Description:

This update for coreutils fixes the following issues:

Security fixes:

* CVE-2025-5278: Fixed heap buffer under-read may lead to a crash or leak
sensitive data (bsc#1243767)

Other fixes:

* ls: avoid triggering automounts (bsc#1221632)
* tail: fix tailing sysfs files where PAGE_SIZE > BUFSIZ (bsc#1219321)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.3
zypper in -t patch SUSE-2025-2354=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-2354=1

* SUSE Linux Enterprise Server 15 SP3 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-2354=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-2354=1

* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2025-2354=1

* SUSE Linux Enterprise Micro 5.1
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-2354=1

* SUSE Linux Enterprise Micro 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-2354=1

* SUSE Linux Enterprise Micro for Rancher 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-2354=1

## Package List:

* openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586)
* coreutils-single-debugsource-8.32-150300.3.11.1
* coreutils-debuginfo-8.32-150300.3.11.1
* coreutils-8.32-150300.3.11.1
* coreutils-debugsource-8.32-150300.3.11.1
* coreutils-single-debuginfo-8.32-150300.3.11.1
* coreutils-single-8.32-150300.3.11.1
* coreutils-testsuite-8.32-150300.3.11.1
* openSUSE Leap 15.3 (noarch)
* coreutils-lang-8.32-150300.3.11.1
* coreutils-doc-8.32-150300.3.11.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
x86_64)
* coreutils-8.32-150300.3.11.1
* coreutils-debugsource-8.32-150300.3.11.1
* coreutils-debuginfo-8.32-150300.3.11.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
* coreutils-lang-8.32-150300.3.11.1
* coreutils-doc-8.32-150300.3.11.1
* SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
* coreutils-8.32-150300.3.11.1
* coreutils-debugsource-8.32-150300.3.11.1
* coreutils-debuginfo-8.32-150300.3.11.1
* SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
* coreutils-lang-8.32-150300.3.11.1
* coreutils-doc-8.32-150300.3.11.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
* coreutils-8.32-150300.3.11.1
* coreutils-debugsource-8.32-150300.3.11.1
* coreutils-debuginfo-8.32-150300.3.11.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
* coreutils-lang-8.32-150300.3.11.1
* coreutils-doc-8.32-150300.3.11.1
* SUSE Enterprise Storage 7.1 (aarch64 x86_64)
* coreutils-8.32-150300.3.11.1
* coreutils-debugsource-8.32-150300.3.11.1
* coreutils-debuginfo-8.32-150300.3.11.1
* SUSE Enterprise Storage 7.1 (noarch)
* coreutils-lang-8.32-150300.3.11.1
* coreutils-doc-8.32-150300.3.11.1
* SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
* coreutils-8.32-150300.3.11.1
* coreutils-debugsource-8.32-150300.3.11.1
* coreutils-debuginfo-8.32-150300.3.11.1
* SUSE Linux Enterprise Micro 5.1 (noarch)
* coreutils-doc-8.32-150300.3.11.1
* SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
* coreutils-8.32-150300.3.11.1
* coreutils-debugsource-8.32-150300.3.11.1
* coreutils-debuginfo-8.32-150300.3.11.1
* SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
* coreutils-8.32-150300.3.11.1
* coreutils-debugsource-8.32-150300.3.11.1
* coreutils-debuginfo-8.32-150300.3.11.1

## References:

* https://www.suse.com/security/cve/CVE-2025-5278.html
* https://bugzilla.suse.com/show_bug.cgi?id=1219321
* https://bugzilla.suse.com/show_bug.cgi?id=1221632
* https://bugzilla.suse.com/show_bug.cgi?id=1243767



SUSE-SU-2025:02357-1: important: Security update for poppler


# Security update for poppler

Announcement ID: SUSE-SU-2025:02357-1
Release Date: 2025-07-17T14:15:53Z
Rating: important
References:

* bsc#1245625

Cross-References:

* CVE-2025-52886

CVSS scores:

* CVE-2025-52886 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-52886 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-52886 ( NVD ): 5.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Affected Products:

* openSUSE Leap 15.4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3

An update that solves one vulnerability can now be installed.

## Description:

This update for poppler fixes the following issues:

* CVE-2025-52886: Fixed an integer overflow that can lead to a use-after-free.
(bsc#1245625)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2025-2357=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2357=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2357=1

* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2357=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2357=1

* SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-2357=1

* SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-2357=1

* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-2357=1

## Package List:

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* libpoppler117-debuginfo-22.01.0-150400.3.31.1
* typelib-1_0-Poppler-0_18-22.01.0-150400.3.31.1
* poppler-qt5-debugsource-22.01.0-150400.3.31.1
* libpoppler-glib8-22.01.0-150400.3.31.1
* poppler-tools-debuginfo-22.01.0-150400.3.31.1
* poppler-debugsource-22.01.0-150400.3.31.1
* libpoppler117-22.01.0-150400.3.31.1
* libpoppler-qt5-1-22.01.0-150400.3.31.1
* libpoppler-glib8-debuginfo-22.01.0-150400.3.31.1
* libpoppler-devel-22.01.0-150400.3.31.1
* poppler-tools-22.01.0-150400.3.31.1
* libpoppler-qt5-devel-22.01.0-150400.3.31.1
* libpoppler-qt6-3-debuginfo-22.01.0-150400.3.31.1
* libpoppler-qt6-devel-22.01.0-150400.3.31.1
* libpoppler-glib-devel-22.01.0-150400.3.31.1
* poppler-qt6-debugsource-22.01.0-150400.3.31.1
* libpoppler-cpp0-22.01.0-150400.3.31.1
* libpoppler-cpp0-debuginfo-22.01.0-150400.3.31.1
* libpoppler-qt6-3-22.01.0-150400.3.31.1
* libpoppler-qt5-1-debuginfo-22.01.0-150400.3.31.1
* openSUSE Leap 15.4 (x86_64)
* libpoppler-glib8-32bit-debuginfo-22.01.0-150400.3.31.1
* libpoppler117-32bit-debuginfo-22.01.0-150400.3.31.1
* libpoppler117-32bit-22.01.0-150400.3.31.1
* libpoppler-cpp0-32bit-debuginfo-22.01.0-150400.3.31.1
* libpoppler-qt5-1-32bit-debuginfo-22.01.0-150400.3.31.1
* libpoppler-qt5-1-32bit-22.01.0-150400.3.31.1
* libpoppler-cpp0-32bit-22.01.0-150400.3.31.1
* libpoppler-glib8-32bit-22.01.0-150400.3.31.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* libpoppler-glib8-64bit-22.01.0-150400.3.31.1
* libpoppler-glib8-64bit-debuginfo-22.01.0-150400.3.31.1
* libpoppler-qt5-1-64bit-debuginfo-22.01.0-150400.3.31.1
* libpoppler-cpp0-64bit-debuginfo-22.01.0-150400.3.31.1
* libpoppler117-64bit-debuginfo-22.01.0-150400.3.31.1
* libpoppler-qt5-1-64bit-22.01.0-150400.3.31.1
* libpoppler117-64bit-22.01.0-150400.3.31.1
* libpoppler-cpp0-64bit-22.01.0-150400.3.31.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* libpoppler117-debuginfo-22.01.0-150400.3.31.1
* typelib-1_0-Poppler-0_18-22.01.0-150400.3.31.1
* libpoppler-glib8-22.01.0-150400.3.31.1
* poppler-tools-debuginfo-22.01.0-150400.3.31.1
* poppler-debugsource-22.01.0-150400.3.31.1
* libpoppler117-22.01.0-150400.3.31.1
* libpoppler-glib8-debuginfo-22.01.0-150400.3.31.1
* libpoppler-devel-22.01.0-150400.3.31.1
* poppler-tools-22.01.0-150400.3.31.1
* libpoppler-glib-devel-22.01.0-150400.3.31.1
* libpoppler-cpp0-22.01.0-150400.3.31.1
* libpoppler-cpp0-debuginfo-22.01.0-150400.3.31.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* libpoppler117-debuginfo-22.01.0-150400.3.31.1
* typelib-1_0-Poppler-0_18-22.01.0-150400.3.31.1
* libpoppler-glib8-22.01.0-150400.3.31.1
* poppler-tools-debuginfo-22.01.0-150400.3.31.1
* poppler-debugsource-22.01.0-150400.3.31.1
* libpoppler117-22.01.0-150400.3.31.1
* libpoppler-glib8-debuginfo-22.01.0-150400.3.31.1
* libpoppler-devel-22.01.0-150400.3.31.1
* poppler-tools-22.01.0-150400.3.31.1
* libpoppler-glib-devel-22.01.0-150400.3.31.1
* libpoppler-cpp0-22.01.0-150400.3.31.1
* libpoppler-cpp0-debuginfo-22.01.0-150400.3.31.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* libpoppler117-debuginfo-22.01.0-150400.3.31.1
* typelib-1_0-Poppler-0_18-22.01.0-150400.3.31.1
* libpoppler-glib8-22.01.0-150400.3.31.1
* poppler-tools-debuginfo-22.01.0-150400.3.31.1
* poppler-debugsource-22.01.0-150400.3.31.1
* libpoppler117-22.01.0-150400.3.31.1
* libpoppler-glib8-debuginfo-22.01.0-150400.3.31.1
* libpoppler-devel-22.01.0-150400.3.31.1
* poppler-tools-22.01.0-150400.3.31.1
* libpoppler-glib-devel-22.01.0-150400.3.31.1
* libpoppler-cpp0-22.01.0-150400.3.31.1
* libpoppler-cpp0-debuginfo-22.01.0-150400.3.31.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* libpoppler117-debuginfo-22.01.0-150400.3.31.1
* typelib-1_0-Poppler-0_18-22.01.0-150400.3.31.1
* libpoppler-glib8-22.01.0-150400.3.31.1
* poppler-tools-debuginfo-22.01.0-150400.3.31.1
* poppler-debugsource-22.01.0-150400.3.31.1
* libpoppler117-22.01.0-150400.3.31.1
* libpoppler-glib8-debuginfo-22.01.0-150400.3.31.1
* libpoppler-devel-22.01.0-150400.3.31.1
* poppler-tools-22.01.0-150400.3.31.1
* libpoppler-glib-devel-22.01.0-150400.3.31.1
* libpoppler-cpp0-22.01.0-150400.3.31.1
* libpoppler-cpp0-debuginfo-22.01.0-150400.3.31.1
* SUSE Manager Proxy 4.3 (x86_64)
* libpoppler117-debuginfo-22.01.0-150400.3.31.1
* typelib-1_0-Poppler-0_18-22.01.0-150400.3.31.1
* libpoppler-glib8-22.01.0-150400.3.31.1
* poppler-tools-debuginfo-22.01.0-150400.3.31.1
* poppler-debugsource-22.01.0-150400.3.31.1
* libpoppler117-22.01.0-150400.3.31.1
* libpoppler-glib8-debuginfo-22.01.0-150400.3.31.1
* libpoppler-devel-22.01.0-150400.3.31.1
* poppler-tools-22.01.0-150400.3.31.1
* libpoppler-glib-devel-22.01.0-150400.3.31.1
* libpoppler-cpp0-22.01.0-150400.3.31.1
* libpoppler-cpp0-debuginfo-22.01.0-150400.3.31.1
* SUSE Manager Retail Branch Server 4.3 (x86_64)
* libpoppler117-debuginfo-22.01.0-150400.3.31.1
* typelib-1_0-Poppler-0_18-22.01.0-150400.3.31.1
* libpoppler-glib8-22.01.0-150400.3.31.1
* poppler-tools-debuginfo-22.01.0-150400.3.31.1
* poppler-debugsource-22.01.0-150400.3.31.1
* libpoppler117-22.01.0-150400.3.31.1
* libpoppler-glib8-debuginfo-22.01.0-150400.3.31.1
* libpoppler-devel-22.01.0-150400.3.31.1
* poppler-tools-22.01.0-150400.3.31.1
* libpoppler-glib-devel-22.01.0-150400.3.31.1
* libpoppler-cpp0-22.01.0-150400.3.31.1
* libpoppler-cpp0-debuginfo-22.01.0-150400.3.31.1
* SUSE Manager Server 4.3 (ppc64le s390x x86_64)
* libpoppler117-debuginfo-22.01.0-150400.3.31.1
* typelib-1_0-Poppler-0_18-22.01.0-150400.3.31.1
* libpoppler-glib8-22.01.0-150400.3.31.1
* poppler-tools-debuginfo-22.01.0-150400.3.31.1
* poppler-debugsource-22.01.0-150400.3.31.1
* libpoppler117-22.01.0-150400.3.31.1
* libpoppler-glib8-debuginfo-22.01.0-150400.3.31.1
* libpoppler-devel-22.01.0-150400.3.31.1
* poppler-tools-22.01.0-150400.3.31.1
* libpoppler-glib-devel-22.01.0-150400.3.31.1
* libpoppler-cpp0-22.01.0-150400.3.31.1
* libpoppler-cpp0-debuginfo-22.01.0-150400.3.31.1

## References:

* https://www.suse.com/security/cve/CVE-2025-52886.html
* https://bugzilla.suse.com/show_bug.cgi?id=1245625



SUSE-SU-2025:02358-1: moderate: Security update for python311


# Security update for python311

Announcement ID: SUSE-SU-2025:02358-1
Release Date: 2025-07-17T14:16:04Z
Rating: moderate
References:

* bsc#1244705

Cross-References:

* CVE-2025-6069

CVSS scores:

* CVE-2025-6069 ( SUSE ): 6.9
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:H
* CVE-2025-6069 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
* CVE-2025-6069 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Affected Products:

* openSUSE Leap 15.4
* Public Cloud Module 15-SP4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3

An update that solves one vulnerability can now be installed.

## Description:

This update for python311 fixes the following issues:

* CVE-2025-6069: Avoid worst case quadratic complexity when processing certain
crafted malformed inputs with HTMLParser (bsc#1244705).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* Public Cloud Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2025-2358=1

* openSUSE Leap 15.4
zypper in -t patch SUSE-2025-2358=1

## Package List:

* Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64)
* python311-base-3.11.13-150400.9.63.1
* python311-3.11.13-150400.9.63.1
* libpython3_11-1_0-3.11.13-150400.9.63.1
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* python311-debuginfo-3.11.13-150400.9.63.1
* python311-idle-3.11.13-150400.9.63.1
* libpython3_11-1_0-debuginfo-3.11.13-150400.9.63.1
* python311-devel-3.11.13-150400.9.63.1
* python311-curses-3.11.13-150400.9.63.1
* python311-curses-debuginfo-3.11.13-150400.9.63.1
* python311-dbm-3.11.13-150400.9.63.1
* python311-testsuite-3.11.13-150400.9.63.1
* python311-doc-3.11.13-150400.9.63.1
* python311-tk-3.11.13-150400.9.63.1
* python311-3.11.13-150400.9.63.1
* python311-dbm-debuginfo-3.11.13-150400.9.63.1
* python311-testsuite-debuginfo-3.11.13-150400.9.63.1
* python311-tk-debuginfo-3.11.13-150400.9.63.1
* python311-tools-3.11.13-150400.9.63.1
* python311-debugsource-3.11.13-150400.9.63.1
* python311-doc-devhelp-3.11.13-150400.9.63.1
* python311-base-3.11.13-150400.9.63.1
* python311-base-debuginfo-3.11.13-150400.9.63.1
* libpython3_11-1_0-3.11.13-150400.9.63.1
* python311-core-debugsource-3.11.13-150400.9.63.1
* openSUSE Leap 15.4 (x86_64)
* libpython3_11-1_0-32bit-debuginfo-3.11.13-150400.9.63.1
* libpython3_11-1_0-32bit-3.11.13-150400.9.63.1
* python311-base-32bit-debuginfo-3.11.13-150400.9.63.1
* python311-32bit-debuginfo-3.11.13-150400.9.63.1
* python311-base-32bit-3.11.13-150400.9.63.1
* python311-32bit-3.11.13-150400.9.63.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* python311-base-64bit-3.11.13-150400.9.63.1
* python311-64bit-3.11.13-150400.9.63.1
* libpython3_11-1_0-64bit-debuginfo-3.11.13-150400.9.63.1
* python311-64bit-debuginfo-3.11.13-150400.9.63.1
* python311-base-64bit-debuginfo-3.11.13-150400.9.63.1
* libpython3_11-1_0-64bit-3.11.13-150400.9.63.1

## References:

* https://www.suse.com/security/cve/CVE-2025-6069.html
* https://bugzilla.suse.com/show_bug.cgi?id=1244705



openSUSE-SU-2025:15347-1: moderate: apache-commons-lang3-3.18.0-1.1 on GA media


# apache-commons-lang3-3.18.0-1.1 on GA media

Announcement ID: openSUSE-SU-2025:15347-1
Rating: moderate

Cross-References:

* CVE-2025-48924

CVSS scores:

* CVE-2025-48924 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2025-48924 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the apache-commons-lang3-3.18.0-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* apache-commons-lang3 3.18.0-1.1
* apache-commons-lang3-javadoc 3.18.0-1.1

## References:

* https://www.suse.com/security/cve/CVE-2025-48924.html


Kernel, Tomcat, glib2, java-17-OpenJDK, OLAM 2.2, Cloud-Init, Scap-Security-Guide updates for Oracle Linux

Erlang, Kernel, Libsoup, AIOHTTP, Libmobi, LedgerSMB, PHP updates for Ubuntu

Windows

Linux

macOS

Community

  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...
  • Philipp
    I would try the XanMod kernel: https://xanmod.orgĀ  I ...