JQ, Kubernetes, Python, and more updates for SUSE Linux

SUSE 5495 Published by

SUSE Linux has received several security updates, including jq, kubernetes1.26, python312, coreutils, gimp, Thunderbird, FastCGI, glib2, ffmpeg-4, kubelogin, chromedriver, ImageMagick, rustup, and fractal:

SUSE-SU-2025:02384-1: moderate: Security update for jq
SUSE-SU-2025:02383-1: moderate: Security update for kubernetes1.26
SUSE-SU-2025:02359-1: moderate: Security update for python312
SUSE-SU-2025:02362-1: moderate: Security update for coreutils
SUSE-SU-2025:02367-1: important: Security update for gimp
SUSE-SU-2025:02368-1: important: Security update for MozillaThunderbird
SUSE-SU-2025:02372-1: important: Security update for FastCGI
SUSE-SU-2025:02375-1: moderate: Security update for glib2
SUSE-SU-2025:02381-1: moderate: Security update for ffmpeg-4
openSUSE-SU-2025:15348-1: moderate: FastCGI-2.4.6-1.1 on GA media
openSUSE-SU-2025:15352-1: moderate: kubelogin-0.2.10-1.1 on GA media
openSUSE-SU-2025:15350-1: moderate: chromedriver-138.0.7204.157-1.1 on GA media
openSUSE-SU-2025:15349-1: moderate: ImageMagick-7.1.2.0-1.1 on GA media
openSUSE-SU-2025:15353-1: moderate: rustup-1.28.2~0-1.1 on GA media
openSUSE-SU-2025:15351-1: moderate: fractal-12.beta+14-1.1 on GA media




SUSE-SU-2025:02384-1: moderate: Security update for jq


# Security update for jq

Announcement ID: SUSE-SU-2025:02384-1
Release Date: 2025-07-18T16:46:14Z
Rating: moderate
References:

* bsc#1243450

Cross-References:

* CVE-2024-23337

CVSS scores:

* CVE-2024-23337 ( SUSE ): 6.7
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-23337 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2024-23337 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2024-23337 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Affected Products:

* Basesystem Module 15-SP6
* Basesystem Module 15-SP7
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise Micro 5.1
* SUSE Linux Enterprise Micro 5.2
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Micro for Rancher 5.2
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7

An update that solves one vulnerability can now be installed.

## Description:

This update for jq fixes the following issues:

* CVE-2024-23337: Fixed signed integer overflow in jv.c:jvp_array_write
(bsc#1243450).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2025-2384=1

* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2025-2384=1

* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2025-2384=1

* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2025-2384=1

* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2025-2384=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2025-2384=1

* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-2384=1

* Basesystem Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-2384=1

* SUSE Linux Enterprise Micro 5.1
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-2384=1

* SUSE Linux Enterprise Micro 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-2384=1

* SUSE Linux Enterprise Micro for Rancher 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-2384=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* libjq-devel-1.6-150000.3.6.1
* libjq1-1.6-150000.3.6.1
* jq-debugsource-1.6-150000.3.6.1
* jq-debuginfo-1.6-150000.3.6.1
* libjq1-debuginfo-1.6-150000.3.6.1
* jq-1.6-150000.3.6.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* libjq1-1.6-150000.3.6.1
* jq-debugsource-1.6-150000.3.6.1
* jq-debuginfo-1.6-150000.3.6.1
* libjq1-debuginfo-1.6-150000.3.6.1
* jq-1.6-150000.3.6.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* libjq1-1.6-150000.3.6.1
* jq-debugsource-1.6-150000.3.6.1
* jq-debuginfo-1.6-150000.3.6.1
* libjq1-debuginfo-1.6-150000.3.6.1
* jq-1.6-150000.3.6.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* libjq1-1.6-150000.3.6.1
* jq-debugsource-1.6-150000.3.6.1
* jq-debuginfo-1.6-150000.3.6.1
* libjq1-debuginfo-1.6-150000.3.6.1
* jq-1.6-150000.3.6.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* libjq1-1.6-150000.3.6.1
* jq-debugsource-1.6-150000.3.6.1
* jq-debuginfo-1.6-150000.3.6.1
* libjq1-debuginfo-1.6-150000.3.6.1
* jq-1.6-150000.3.6.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
* libjq1-1.6-150000.3.6.1
* jq-debugsource-1.6-150000.3.6.1
* jq-debuginfo-1.6-150000.3.6.1
* libjq1-debuginfo-1.6-150000.3.6.1
* jq-1.6-150000.3.6.1
* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* libjq-devel-1.6-150000.3.6.1
* libjq1-1.6-150000.3.6.1
* jq-debugsource-1.6-150000.3.6.1
* jq-debuginfo-1.6-150000.3.6.1
* libjq1-debuginfo-1.6-150000.3.6.1
* jq-1.6-150000.3.6.1
* Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* libjq-devel-1.6-150000.3.6.1
* libjq1-1.6-150000.3.6.1
* jq-debugsource-1.6-150000.3.6.1
* jq-debuginfo-1.6-150000.3.6.1
* libjq1-debuginfo-1.6-150000.3.6.1
* jq-1.6-150000.3.6.1
* SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
* libjq1-1.6-150000.3.6.1
* jq-debugsource-1.6-150000.3.6.1
* jq-debuginfo-1.6-150000.3.6.1
* libjq1-debuginfo-1.6-150000.3.6.1
* jq-1.6-150000.3.6.1
* SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
* libjq1-1.6-150000.3.6.1
* jq-debugsource-1.6-150000.3.6.1
* jq-debuginfo-1.6-150000.3.6.1
* libjq1-debuginfo-1.6-150000.3.6.1
* jq-1.6-150000.3.6.1
* SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
* libjq1-1.6-150000.3.6.1
* jq-debugsource-1.6-150000.3.6.1
* jq-debuginfo-1.6-150000.3.6.1
* libjq1-debuginfo-1.6-150000.3.6.1
* jq-1.6-150000.3.6.1

## References:

* https://www.suse.com/security/cve/CVE-2024-23337.html
* https://bugzilla.suse.com/show_bug.cgi?id=1243450



SUSE-SU-2025:02383-1: moderate: Security update for kubernetes1.26


# Security update for kubernetes1.26

Announcement ID: SUSE-SU-2025:02383-1
Release Date: 2025-07-18T16:44:52Z
Rating: moderate
References:

* bsc#1229008
* bsc#1241865
* bsc#1245087

Cross-References:

* CVE-2025-22872

CVSS scores:

* CVE-2025-22872 ( SUSE ): 6.3
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L
* CVE-2025-22872 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L
* CVE-2025-22872 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L

Affected Products:

* Containers Module 15-SP6
* openSUSE Leap 15.4
* openSUSE Leap 15.6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves one vulnerability and has two security fixes can now be
installed.

## Description:

This update for kubernetes1.26 fixes the following issues:

* CVE-2025-22872: Properly handle trailing solidus in unquoted attribute value
in foreign content (bsc#1241865).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2025-2383=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2025-2383=1

* Containers Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2025-2383=1

## Package List:

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64)
* kubernetes1.26-client-1.26.15-150400.9.22.1
* kubernetes1.26-kubelet-common-1.26.15-150400.9.22.1
* kubernetes1.26-kubelet-1.26.15-150400.9.22.1
* kubernetes1.26-proxy-1.26.15-150400.9.22.1
* kubernetes1.26-apiserver-1.26.15-150400.9.22.1
* kubernetes1.26-scheduler-1.26.15-150400.9.22.1
* kubernetes1.26-client-common-1.26.15-150400.9.22.1
* kubernetes1.26-controller-manager-1.26.15-150400.9.22.1
* kubernetes1.26-kubeadm-1.26.15-150400.9.22.1
* openSUSE Leap 15.4 (noarch)
* kubernetes1.26-client-fish-completion-1.26.15-150400.9.22.1
* kubernetes1.26-client-bash-completion-1.26.15-150400.9.22.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* kubernetes1.26-client-1.26.15-150400.9.22.1
* kubernetes1.26-kubelet-common-1.26.15-150400.9.22.1
* kubernetes1.26-kubelet-1.26.15-150400.9.22.1
* kubernetes1.26-proxy-1.26.15-150400.9.22.1
* kubernetes1.26-apiserver-1.26.15-150400.9.22.1
* kubernetes1.26-scheduler-1.26.15-150400.9.22.1
* kubernetes1.26-client-common-1.26.15-150400.9.22.1
* kubernetes1.26-controller-manager-1.26.15-150400.9.22.1
* kubernetes1.26-kubeadm-1.26.15-150400.9.22.1
* openSUSE Leap 15.6 (noarch)
* kubernetes1.26-client-fish-completion-1.26.15-150400.9.22.1
* kubernetes1.26-client-bash-completion-1.26.15-150400.9.22.1
* Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* kubernetes1.26-client-1.26.15-150400.9.22.1
* kubernetes1.26-client-common-1.26.15-150400.9.22.1

## References:

* https://www.suse.com/security/cve/CVE-2025-22872.html
* https://bugzilla.suse.com/show_bug.cgi?id=1229008
* https://bugzilla.suse.com/show_bug.cgi?id=1241865
* https://bugzilla.suse.com/show_bug.cgi?id=1245087



SUSE-SU-2025:02359-1: moderate: Security update for python312


# Security update for python312

Announcement ID: SUSE-SU-2025:02359-1
Release Date: 2025-07-18T07:15:58Z
Rating: moderate
References:

* bsc#1244705

Cross-References:

* CVE-2025-6069

CVSS scores:

* CVE-2025-6069 ( SUSE ): 6.9
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:H
* CVE-2025-6069 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
* CVE-2025-6069 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Affected Products:

* openSUSE Leap 15.6
* Python 3 Module 15-SP6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves one vulnerability can now be installed.

## Description:

This update for python312 fixes the following issues:

* CVE-2025-6069: Avoid worst case quadratic complexity when processing certain
crafted malformed inputs with HTMLParser (bsc#1244705).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2025-2359=1 openSUSE-SLE-15.6-2025-2359=1

* Python 3 Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2025-2359=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* python312-curses-3.12.11-150600.3.33.1
* python312-debuginfo-3.12.11-150600.3.33.1
* libpython3_12-1_0-debuginfo-3.12.11-150600.3.33.1
* python312-dbm-3.12.11-150600.3.33.1
* libpython3_12-1_0-3.12.11-150600.3.33.1
* python312-doc-3.12.11-150600.3.33.1
* python312-debugsource-3.12.11-150600.3.33.1
* python312-testsuite-debuginfo-3.12.11-150600.3.33.1
* python312-base-3.12.11-150600.3.33.1
* python312-idle-3.12.11-150600.3.33.1
* python312-testsuite-3.12.11-150600.3.33.1
* python312-devel-3.12.11-150600.3.33.1
* python312-core-debugsource-3.12.11-150600.3.33.1
* python312-tk-debuginfo-3.12.11-150600.3.33.1
* python312-doc-devhelp-3.12.11-150600.3.33.1
* python312-base-debuginfo-3.12.11-150600.3.33.1
* python312-tools-3.12.11-150600.3.33.1
* python312-curses-debuginfo-3.12.11-150600.3.33.1
* python312-tk-3.12.11-150600.3.33.1
* python312-dbm-debuginfo-3.12.11-150600.3.33.1
* python312-3.12.11-150600.3.33.1
* openSUSE Leap 15.6 (x86_64)
* libpython3_12-1_0-32bit-3.12.11-150600.3.33.1
* python312-32bit-3.12.11-150600.3.33.1
* libpython3_12-1_0-32bit-debuginfo-3.12.11-150600.3.33.1
* python312-base-32bit-debuginfo-3.12.11-150600.3.33.1
* python312-32bit-debuginfo-3.12.11-150600.3.33.1
* python312-base-32bit-3.12.11-150600.3.33.1
* openSUSE Leap 15.6 (aarch64_ilp32)
* python312-base-64bit-3.12.11-150600.3.33.1
* libpython3_12-1_0-64bit-3.12.11-150600.3.33.1
* python312-64bit-3.12.11-150600.3.33.1
* python312-64bit-debuginfo-3.12.11-150600.3.33.1
* python312-base-64bit-debuginfo-3.12.11-150600.3.33.1
* libpython3_12-1_0-64bit-debuginfo-3.12.11-150600.3.33.1
* Python 3 Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* python312-3.12.11-150600.3.33.1
* python312-curses-3.12.11-150600.3.33.1
* python312-debugsource-3.12.11-150600.3.33.1
* python312-base-debuginfo-3.12.11-150600.3.33.1
* python312-debuginfo-3.12.11-150600.3.33.1
* libpython3_12-1_0-debuginfo-3.12.11-150600.3.33.1
* python312-dbm-3.12.11-150600.3.33.1
* python312-tools-3.12.11-150600.3.33.1
* python312-base-3.12.11-150600.3.33.1
* python312-idle-3.12.11-150600.3.33.1
* libpython3_12-1_0-3.12.11-150600.3.33.1
* python312-curses-debuginfo-3.12.11-150600.3.33.1
* python312-devel-3.12.11-150600.3.33.1
* python312-tk-3.12.11-150600.3.33.1
* python312-core-debugsource-3.12.11-150600.3.33.1
* python312-tk-debuginfo-3.12.11-150600.3.33.1
* python312-dbm-debuginfo-3.12.11-150600.3.33.1

## References:

* https://www.suse.com/security/cve/CVE-2025-6069.html
* https://bugzilla.suse.com/show_bug.cgi?id=1244705



SUSE-SU-2025:02362-1: moderate: Security update for coreutils


# Security update for coreutils

Announcement ID: SUSE-SU-2025:02362-1
Release Date: 2025-07-18T09:08:22Z
Rating: moderate
References:

* bsc#1243767

Cross-References:

* CVE-2025-5278

CVSS scores:

* CVE-2025-5278 ( SUSE ): 2.4
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-5278 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
* CVE-2025-5278 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

Affected Products:

* Basesystem Module 15-SP6
* Basesystem Module 15-SP7
* openSUSE Leap 15.4
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3

An update that solves one vulnerability can now be installed.

## Description:

This update for coreutils fixes the following issues:

* CVE-2025-5278: Fixed heap buffer under-read may lead to a crash or leak
sensitive data (bsc#1243767)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2025-2362=1

* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-2362=1

* Basesystem Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-2362=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2362=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2362=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2362=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2362=1

* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2362=1

* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2362=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2362=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2362=1

* SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-2362=1

* SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-2362=1

* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-2362=1

* openSUSE Leap 15.4
zypper in -t patch SUSE-2025-2362=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2025-2362=1

* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2025-2362=1

* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2025-2362=1

* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2025-2362=1

* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2025-2362=1

## Package List:

* SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
* coreutils-debuginfo-8.32-150400.9.9.1
* coreutils-debugsource-8.32-150400.9.9.1
* coreutils-8.32-150400.9.9.1
* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* coreutils-debuginfo-8.32-150400.9.9.1
* coreutils-debugsource-8.32-150400.9.9.1
* coreutils-8.32-150400.9.9.1
* Basesystem Module 15-SP6 (noarch)
* coreutils-doc-8.32-150400.9.9.1
* coreutils-lang-8.32-150400.9.9.1
* Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* coreutils-debuginfo-8.32-150400.9.9.1
* coreutils-debugsource-8.32-150400.9.9.1
* coreutils-8.32-150400.9.9.1
* Basesystem Module 15-SP7 (noarch)
* coreutils-doc-8.32-150400.9.9.1
* coreutils-lang-8.32-150400.9.9.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* coreutils-debuginfo-8.32-150400.9.9.1
* coreutils-debugsource-8.32-150400.9.9.1
* coreutils-8.32-150400.9.9.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
* coreutils-doc-8.32-150400.9.9.1
* coreutils-lang-8.32-150400.9.9.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* coreutils-debuginfo-8.32-150400.9.9.1
* coreutils-debugsource-8.32-150400.9.9.1
* coreutils-8.32-150400.9.9.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
* coreutils-doc-8.32-150400.9.9.1
* coreutils-lang-8.32-150400.9.9.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
x86_64)
* coreutils-debuginfo-8.32-150400.9.9.1
* coreutils-debugsource-8.32-150400.9.9.1
* coreutils-8.32-150400.9.9.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
* coreutils-doc-8.32-150400.9.9.1
* coreutils-lang-8.32-150400.9.9.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
x86_64)
* coreutils-debuginfo-8.32-150400.9.9.1
* coreutils-debugsource-8.32-150400.9.9.1
* coreutils-8.32-150400.9.9.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
* coreutils-doc-8.32-150400.9.9.1
* coreutils-lang-8.32-150400.9.9.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* coreutils-debuginfo-8.32-150400.9.9.1
* coreutils-debugsource-8.32-150400.9.9.1
* coreutils-8.32-150400.9.9.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
* coreutils-doc-8.32-150400.9.9.1
* coreutils-lang-8.32-150400.9.9.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* coreutils-debuginfo-8.32-150400.9.9.1
* coreutils-debugsource-8.32-150400.9.9.1
* coreutils-8.32-150400.9.9.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
* coreutils-doc-8.32-150400.9.9.1
* coreutils-lang-8.32-150400.9.9.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* coreutils-debuginfo-8.32-150400.9.9.1
* coreutils-debugsource-8.32-150400.9.9.1
* coreutils-8.32-150400.9.9.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
* coreutils-doc-8.32-150400.9.9.1
* coreutils-lang-8.32-150400.9.9.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* coreutils-debuginfo-8.32-150400.9.9.1
* coreutils-debugsource-8.32-150400.9.9.1
* coreutils-8.32-150400.9.9.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
* coreutils-doc-8.32-150400.9.9.1
* coreutils-lang-8.32-150400.9.9.1
* SUSE Manager Proxy 4.3 (x86_64)
* coreutils-debuginfo-8.32-150400.9.9.1
* coreutils-debugsource-8.32-150400.9.9.1
* coreutils-8.32-150400.9.9.1
* SUSE Manager Proxy 4.3 (noarch)
* coreutils-doc-8.32-150400.9.9.1
* coreutils-lang-8.32-150400.9.9.1
* SUSE Manager Retail Branch Server 4.3 (x86_64)
* coreutils-debuginfo-8.32-150400.9.9.1
* coreutils-debugsource-8.32-150400.9.9.1
* coreutils-8.32-150400.9.9.1
* SUSE Manager Retail Branch Server 4.3 (noarch)
* coreutils-doc-8.32-150400.9.9.1
* coreutils-lang-8.32-150400.9.9.1
* SUSE Manager Server 4.3 (ppc64le s390x x86_64)
* coreutils-debuginfo-8.32-150400.9.9.1
* coreutils-debugsource-8.32-150400.9.9.1
* coreutils-8.32-150400.9.9.1
* SUSE Manager Server 4.3 (noarch)
* coreutils-doc-8.32-150400.9.9.1
* coreutils-lang-8.32-150400.9.9.1
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* coreutils-debugsource-8.32-150400.9.9.1
* coreutils-single-8.32-150400.9.9.1
* coreutils-debuginfo-8.32-150400.9.9.1
* coreutils-8.32-150400.9.9.1
* coreutils-single-debuginfo-8.32-150400.9.9.1
* coreutils-testsuite-8.32-150400.9.9.1
* coreutils-single-debugsource-8.32-150400.9.9.1
* openSUSE Leap 15.4 (noarch)
* coreutils-doc-8.32-150400.9.9.1
* coreutils-lang-8.32-150400.9.9.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* coreutils-debugsource-8.32-150400.9.9.1
* coreutils-single-8.32-150400.9.9.1
* coreutils-debuginfo-8.32-150400.9.9.1
* coreutils-8.32-150400.9.9.1
* coreutils-single-debuginfo-8.32-150400.9.9.1
* coreutils-testsuite-8.32-150400.9.9.1
* coreutils-single-debugsource-8.32-150400.9.9.1
* openSUSE Leap 15.6 (noarch)
* coreutils-doc-8.32-150400.9.9.1
* coreutils-lang-8.32-150400.9.9.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* coreutils-debuginfo-8.32-150400.9.9.1
* coreutils-debugsource-8.32-150400.9.9.1
* coreutils-8.32-150400.9.9.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* coreutils-debuginfo-8.32-150400.9.9.1
* coreutils-debugsource-8.32-150400.9.9.1
* coreutils-8.32-150400.9.9.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* coreutils-debuginfo-8.32-150400.9.9.1
* coreutils-debugsource-8.32-150400.9.9.1
* coreutils-8.32-150400.9.9.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* coreutils-debuginfo-8.32-150400.9.9.1
* coreutils-debugsource-8.32-150400.9.9.1
* coreutils-8.32-150400.9.9.1

## References:

* https://www.suse.com/security/cve/CVE-2025-5278.html
* https://bugzilla.suse.com/show_bug.cgi?id=1243767



SUSE-SU-2025:02367-1: important: Security update for gimp


# Security update for gimp

Announcement ID: SUSE-SU-2025:02367-1
Release Date: 2025-07-18T12:37:17Z
Rating: important
References:

* bsc#1244536

Cross-References:

* CVE-2025-6035

CVSS scores:

* CVE-2025-6035 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-6035 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-6035 ( NVD ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

Affected Products:

* openSUSE Leap 15.4
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7
* SUSE Linux Enterprise Workstation Extension 15 SP6
* SUSE Linux Enterprise Workstation Extension 15 SP7
* SUSE Package Hub 15 15-SP6
* SUSE Package Hub 15 15-SP7

An update that solves one vulnerability can now be installed.

## Description:

This update for gimp fixes the following issues:

* CVE-2025-6035: Fixed Integer Overflow or Wraparound in GIMP Despeckle Filter
(bsc#1244536).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2025-2367=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2025-2367=1

* SUSE Package Hub 15 15-SP6
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-2367=1

* SUSE Package Hub 15 15-SP7
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-2367=1

* SUSE Linux Enterprise Workstation Extension 15 SP6
zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2025-2367=1

* SUSE Linux Enterprise Workstation Extension 15 SP7
zypper in -t patch SUSE-SLE-Product-WE-15-SP7-2025-2367=1

## Package List:

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* gimp-debuginfo-2.10.30-150400.3.23.1
* gimp-devel-2.10.30-150400.3.23.1
* libgimpui-2_0-0-2.10.30-150400.3.23.1
* libgimpui-2_0-0-debuginfo-2.10.30-150400.3.23.1
* gimp-plugin-aa-2.10.30-150400.3.23.1
* libgimp-2_0-0-2.10.30-150400.3.23.1
* gimp-debugsource-2.10.30-150400.3.23.1
* libgimp-2_0-0-debuginfo-2.10.30-150400.3.23.1
* gimp-plugin-aa-debuginfo-2.10.30-150400.3.23.1
* gimp-devel-debuginfo-2.10.30-150400.3.23.1
* gimp-2.10.30-150400.3.23.1
* openSUSE Leap 15.4 (noarch)
* gimp-lang-2.10.30-150400.3.23.1
* openSUSE Leap 15.4 (x86_64)
* libgimp-2_0-0-32bit-debuginfo-2.10.30-150400.3.23.1
* libgimp-2_0-0-32bit-2.10.30-150400.3.23.1
* libgimpui-2_0-0-32bit-debuginfo-2.10.30-150400.3.23.1
* libgimpui-2_0-0-32bit-2.10.30-150400.3.23.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* libgimpui-2_0-0-64bit-debuginfo-2.10.30-150400.3.23.1
* libgimp-2_0-0-64bit-debuginfo-2.10.30-150400.3.23.1
* libgimp-2_0-0-64bit-2.10.30-150400.3.23.1
* libgimpui-2_0-0-64bit-2.10.30-150400.3.23.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* gimp-debuginfo-2.10.30-150400.3.23.1
* gimp-devel-2.10.30-150400.3.23.1
* libgimpui-2_0-0-2.10.30-150400.3.23.1
* libgimpui-2_0-0-debuginfo-2.10.30-150400.3.23.1
* gimp-plugin-aa-2.10.30-150400.3.23.1
* libgimp-2_0-0-2.10.30-150400.3.23.1
* gimp-debugsource-2.10.30-150400.3.23.1
* libgimp-2_0-0-debuginfo-2.10.30-150400.3.23.1
* gimp-plugin-aa-debuginfo-2.10.30-150400.3.23.1
* gimp-devel-debuginfo-2.10.30-150400.3.23.1
* gimp-2.10.30-150400.3.23.1
* openSUSE Leap 15.6 (noarch)
* gimp-lang-2.10.30-150400.3.23.1
* openSUSE Leap 15.6 (x86_64)
* libgimp-2_0-0-32bit-debuginfo-2.10.30-150400.3.23.1
* libgimp-2_0-0-32bit-2.10.30-150400.3.23.1
* libgimpui-2_0-0-32bit-debuginfo-2.10.30-150400.3.23.1
* libgimpui-2_0-0-32bit-2.10.30-150400.3.23.1
* SUSE Package Hub 15 15-SP6 (aarch64)
* gimp-devel-2.10.30-150400.3.23.1
* gimp-plugin-aa-2.10.30-150400.3.23.1
* gimp-plugin-aa-debuginfo-2.10.30-150400.3.23.1
* gimp-devel-debuginfo-2.10.30-150400.3.23.1
* gimp-2.10.30-150400.3.23.1
* SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x)
* gimp-debuginfo-2.10.30-150400.3.23.1
* libgimpui-2_0-0-2.10.30-150400.3.23.1
* libgimpui-2_0-0-debuginfo-2.10.30-150400.3.23.1
* libgimp-2_0-0-2.10.30-150400.3.23.1
* libgimp-2_0-0-debuginfo-2.10.30-150400.3.23.1
* gimp-debugsource-2.10.30-150400.3.23.1
* SUSE Package Hub 15 15-SP6 (noarch)
* gimp-lang-2.10.30-150400.3.23.1
* SUSE Package Hub 15 15-SP7 (aarch64)
* gimp-devel-2.10.30-150400.3.23.1
* gimp-plugin-aa-2.10.30-150400.3.23.1
* gimp-plugin-aa-debuginfo-2.10.30-150400.3.23.1
* gimp-devel-debuginfo-2.10.30-150400.3.23.1
* gimp-2.10.30-150400.3.23.1
* SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x)
* gimp-debuginfo-2.10.30-150400.3.23.1
* libgimpui-2_0-0-2.10.30-150400.3.23.1
* libgimpui-2_0-0-debuginfo-2.10.30-150400.3.23.1
* libgimp-2_0-0-2.10.30-150400.3.23.1
* libgimp-2_0-0-debuginfo-2.10.30-150400.3.23.1
* gimp-debugsource-2.10.30-150400.3.23.1
* SUSE Package Hub 15 15-SP7 (noarch)
* gimp-lang-2.10.30-150400.3.23.1
* SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64)
* gimp-debuginfo-2.10.30-150400.3.23.1
* gimp-devel-2.10.30-150400.3.23.1
* libgimpui-2_0-0-2.10.30-150400.3.23.1
* libgimpui-2_0-0-debuginfo-2.10.30-150400.3.23.1
* libgimp-2_0-0-2.10.30-150400.3.23.1
* libgimp-2_0-0-debuginfo-2.10.30-150400.3.23.1
* gimp-debugsource-2.10.30-150400.3.23.1
* gimp-devel-debuginfo-2.10.30-150400.3.23.1
* gimp-2.10.30-150400.3.23.1
* SUSE Linux Enterprise Workstation Extension 15 SP6 (noarch)
* gimp-lang-2.10.30-150400.3.23.1
* SUSE Linux Enterprise Workstation Extension 15 SP7 (x86_64)
* gimp-debuginfo-2.10.30-150400.3.23.1
* gimp-devel-2.10.30-150400.3.23.1
* libgimpui-2_0-0-2.10.30-150400.3.23.1
* libgimpui-2_0-0-debuginfo-2.10.30-150400.3.23.1
* libgimp-2_0-0-2.10.30-150400.3.23.1
* libgimp-2_0-0-debuginfo-2.10.30-150400.3.23.1
* gimp-debugsource-2.10.30-150400.3.23.1
* gimp-devel-debuginfo-2.10.30-150400.3.23.1
* gimp-2.10.30-150400.3.23.1
* SUSE Linux Enterprise Workstation Extension 15 SP7 (noarch)
* gimp-lang-2.10.30-150400.3.23.1

## References:

* https://www.suse.com/security/cve/CVE-2025-6035.html
* https://bugzilla.suse.com/show_bug.cgi?id=1244536



SUSE-SU-2025:02368-1: important: Security update for MozillaThunderbird


# Security update for MozillaThunderbird

Announcement ID: SUSE-SU-2025:02368-1
Release Date: 2025-07-18T12:38:04Z
Rating: important
References:

* bsc#1244670

Cross-References:

* CVE-2025-6424
* CVE-2025-6425
* CVE-2025-6426
* CVE-2025-6429
* CVE-2025-6430

CVSS scores:

* CVE-2025-6424 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-6424 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-6424 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-6425 ( SUSE ): 5.3
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2025-6425 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
* CVE-2025-6425 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
* CVE-2025-6426 ( SUSE ): 5.3
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:N/VI:N/VA:N/SC:H/SI:H/SA:L
* CVE-2025-6426 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:L
* CVE-2025-6426 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-6429 ( SUSE ): 5.3
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2025-6429 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
* CVE-2025-6429 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
* CVE-2025-6430 ( SUSE ): 5.3
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2025-6430 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
* CVE-2025-6430 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Affected Products:

* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7
* SUSE Linux Enterprise Workstation Extension 15 SP6
* SUSE Linux Enterprise Workstation Extension 15 SP7
* SUSE Package Hub 15 15-SP6
* SUSE Package Hub 15 15-SP7

An update that solves five vulnerabilities can now be installed.

## Description:

This update for MozillaThunderbird fixes the following issues:

Update to Mozilla Thunderbird 128.12 (MFSA 2025-55, bsc#1244670):

* CVE-2025-6424: Use-after-free in FontFaceSet (bmo#1966423)
* CVE-2025-6425: The WebCompat WebExtension shipped exposed a persistent UUID
(bmo#1717672)
* CVE-2025-6426: No warning when opening executable terminal files on macOS
(bmo#1964385)
* CVE-2025-6429: Incorrect parsing of URLs could have allowed embedding of
youtube.com (bmo#1970658)
* CVE-2025-6430: Content-Disposition header ignored when a file is included in
an embed or object tag (bmo#1971140)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Package Hub 15 15-SP6
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-2368=1

* SUSE Package Hub 15 15-SP7
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-2368=1

* SUSE Linux Enterprise Workstation Extension 15 SP6
zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2025-2368=1

* SUSE Linux Enterprise Workstation Extension 15 SP7
zypper in -t patch SUSE-SLE-Product-WE-15-SP7-2025-2368=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2025-2368=1

## Package List:

* SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x)
* MozillaThunderbird-translations-other-128.12.0-150200.8.227.2
* MozillaThunderbird-debuginfo-128.12.0-150200.8.227.2
* MozillaThunderbird-128.12.0-150200.8.227.2
* MozillaThunderbird-debugsource-128.12.0-150200.8.227.2
* MozillaThunderbird-translations-common-128.12.0-150200.8.227.2
* SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x)
* MozillaThunderbird-translations-other-128.12.0-150200.8.227.2
* MozillaThunderbird-debuginfo-128.12.0-150200.8.227.2
* MozillaThunderbird-128.12.0-150200.8.227.2
* MozillaThunderbird-debugsource-128.12.0-150200.8.227.2
* MozillaThunderbird-translations-common-128.12.0-150200.8.227.2
* SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64)
* MozillaThunderbird-translations-other-128.12.0-150200.8.227.2
* MozillaThunderbird-debuginfo-128.12.0-150200.8.227.2
* MozillaThunderbird-128.12.0-150200.8.227.2
* MozillaThunderbird-debugsource-128.12.0-150200.8.227.2
* MozillaThunderbird-translations-common-128.12.0-150200.8.227.2
* SUSE Linux Enterprise Workstation Extension 15 SP7 (x86_64)
* MozillaThunderbird-translations-other-128.12.0-150200.8.227.2
* MozillaThunderbird-debuginfo-128.12.0-150200.8.227.2
* MozillaThunderbird-128.12.0-150200.8.227.2
* MozillaThunderbird-debugsource-128.12.0-150200.8.227.2
* MozillaThunderbird-translations-common-128.12.0-150200.8.227.2
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* MozillaThunderbird-translations-other-128.12.0-150200.8.227.2
* MozillaThunderbird-debuginfo-128.12.0-150200.8.227.2
* MozillaThunderbird-128.12.0-150200.8.227.2
* MozillaThunderbird-debugsource-128.12.0-150200.8.227.2
* MozillaThunderbird-translations-common-128.12.0-150200.8.227.2

## References:

* https://www.suse.com/security/cve/CVE-2025-6424.html
* https://www.suse.com/security/cve/CVE-2025-6425.html
* https://www.suse.com/security/cve/CVE-2025-6426.html
* https://www.suse.com/security/cve/CVE-2025-6429.html
* https://www.suse.com/security/cve/CVE-2025-6430.html
* https://bugzilla.suse.com/show_bug.cgi?id=1244670



SUSE-SU-2025:02372-1: important: Security update for FastCGI


# Security update for FastCGI

Announcement ID: SUSE-SU-2025:02372-1
Release Date: 2025-07-18T12:47:51Z
Rating: important
References:

* bsc#1243325

Cross-References:

* CVE-2025-23016

CVSS scores:

* CVE-2025-23016 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-23016 ( NVD ): 9.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Affected Products:

* Development Tools Module 15-SP6
* Development Tools Module 15-SP7
* openSUSE Leap 15.6
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7

An update that solves one vulnerability can now be installed.

## Description:

This update for FastCGI fixes the following issues:

* CVE-2025-23016: Fixed integer overflow in FastCGI fcgi2 library
(bsc#1243325)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2025-2372=1

* Development Tools Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-2372=1

* Development Tools Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP7-2025-2372=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-2372=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2372=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2372=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2372=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2372=1

* SUSE Linux Enterprise Server 15 SP3 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-2372=1

* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2372=1

* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2372=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-2372=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2372=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2372=1

* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2025-2372=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* FastCGI-debuginfo-2.4.0-150000.4.3.1
* FastCGI-devel-2.4.0-150000.4.3.1
* perl-FastCGI-2.4.0-150000.4.3.1
* FastCGI-debugsource-2.4.0-150000.4.3.1
* libfcgi0-2.4.0-150000.4.3.1
* libfcgi0-debuginfo-2.4.0-150000.4.3.1
* perl-FastCGI-debuginfo-2.4.0-150000.4.3.1
* FastCGI-2.4.0-150000.4.3.1
* Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* FastCGI-debuginfo-2.4.0-150000.4.3.1
* FastCGI-devel-2.4.0-150000.4.3.1
* perl-FastCGI-2.4.0-150000.4.3.1
* FastCGI-debugsource-2.4.0-150000.4.3.1
* libfcgi0-2.4.0-150000.4.3.1
* libfcgi0-debuginfo-2.4.0-150000.4.3.1
* perl-FastCGI-debuginfo-2.4.0-150000.4.3.1
* FastCGI-2.4.0-150000.4.3.1
* Development Tools Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* FastCGI-debuginfo-2.4.0-150000.4.3.1
* FastCGI-devel-2.4.0-150000.4.3.1
* perl-FastCGI-2.4.0-150000.4.3.1
* FastCGI-debugsource-2.4.0-150000.4.3.1
* libfcgi0-2.4.0-150000.4.3.1
* libfcgi0-debuginfo-2.4.0-150000.4.3.1
* perl-FastCGI-debuginfo-2.4.0-150000.4.3.1
* FastCGI-2.4.0-150000.4.3.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
x86_64)
* FastCGI-debuginfo-2.4.0-150000.4.3.1
* FastCGI-devel-2.4.0-150000.4.3.1
* perl-FastCGI-2.4.0-150000.4.3.1
* FastCGI-debugsource-2.4.0-150000.4.3.1
* libfcgi0-2.4.0-150000.4.3.1
* libfcgi0-debuginfo-2.4.0-150000.4.3.1
* perl-FastCGI-debuginfo-2.4.0-150000.4.3.1
* FastCGI-2.4.0-150000.4.3.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* FastCGI-debuginfo-2.4.0-150000.4.3.1
* FastCGI-devel-2.4.0-150000.4.3.1
* perl-FastCGI-2.4.0-150000.4.3.1
* FastCGI-debugsource-2.4.0-150000.4.3.1
* libfcgi0-2.4.0-150000.4.3.1
* libfcgi0-debuginfo-2.4.0-150000.4.3.1
* perl-FastCGI-debuginfo-2.4.0-150000.4.3.1
* FastCGI-2.4.0-150000.4.3.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* FastCGI-debuginfo-2.4.0-150000.4.3.1
* FastCGI-devel-2.4.0-150000.4.3.1
* perl-FastCGI-2.4.0-150000.4.3.1
* FastCGI-debugsource-2.4.0-150000.4.3.1
* libfcgi0-2.4.0-150000.4.3.1
* libfcgi0-debuginfo-2.4.0-150000.4.3.1
* perl-FastCGI-debuginfo-2.4.0-150000.4.3.1
* FastCGI-2.4.0-150000.4.3.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
x86_64)
* FastCGI-debuginfo-2.4.0-150000.4.3.1
* FastCGI-devel-2.4.0-150000.4.3.1
* perl-FastCGI-2.4.0-150000.4.3.1
* FastCGI-debugsource-2.4.0-150000.4.3.1
* libfcgi0-2.4.0-150000.4.3.1
* libfcgi0-debuginfo-2.4.0-150000.4.3.1
* perl-FastCGI-debuginfo-2.4.0-150000.4.3.1
* FastCGI-2.4.0-150000.4.3.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
x86_64)
* FastCGI-debuginfo-2.4.0-150000.4.3.1
* FastCGI-devel-2.4.0-150000.4.3.1
* perl-FastCGI-2.4.0-150000.4.3.1
* FastCGI-debugsource-2.4.0-150000.4.3.1
* libfcgi0-2.4.0-150000.4.3.1
* libfcgi0-debuginfo-2.4.0-150000.4.3.1
* perl-FastCGI-debuginfo-2.4.0-150000.4.3.1
* FastCGI-2.4.0-150000.4.3.1
* SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
* FastCGI-debuginfo-2.4.0-150000.4.3.1
* FastCGI-devel-2.4.0-150000.4.3.1
* perl-FastCGI-2.4.0-150000.4.3.1
* FastCGI-debugsource-2.4.0-150000.4.3.1
* libfcgi0-2.4.0-150000.4.3.1
* libfcgi0-debuginfo-2.4.0-150000.4.3.1
* perl-FastCGI-debuginfo-2.4.0-150000.4.3.1
* FastCGI-2.4.0-150000.4.3.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* FastCGI-debuginfo-2.4.0-150000.4.3.1
* FastCGI-devel-2.4.0-150000.4.3.1
* perl-FastCGI-2.4.0-150000.4.3.1
* FastCGI-debugsource-2.4.0-150000.4.3.1
* libfcgi0-2.4.0-150000.4.3.1
* libfcgi0-debuginfo-2.4.0-150000.4.3.1
* perl-FastCGI-debuginfo-2.4.0-150000.4.3.1
* FastCGI-2.4.0-150000.4.3.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* FastCGI-debuginfo-2.4.0-150000.4.3.1
* FastCGI-devel-2.4.0-150000.4.3.1
* perl-FastCGI-2.4.0-150000.4.3.1
* FastCGI-debugsource-2.4.0-150000.4.3.1
* libfcgi0-2.4.0-150000.4.3.1
* libfcgi0-debuginfo-2.4.0-150000.4.3.1
* perl-FastCGI-debuginfo-2.4.0-150000.4.3.1
* FastCGI-2.4.0-150000.4.3.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
* FastCGI-debuginfo-2.4.0-150000.4.3.1
* FastCGI-devel-2.4.0-150000.4.3.1
* perl-FastCGI-2.4.0-150000.4.3.1
* FastCGI-debugsource-2.4.0-150000.4.3.1
* libfcgi0-2.4.0-150000.4.3.1
* libfcgi0-debuginfo-2.4.0-150000.4.3.1
* perl-FastCGI-debuginfo-2.4.0-150000.4.3.1
* FastCGI-2.4.0-150000.4.3.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* FastCGI-debuginfo-2.4.0-150000.4.3.1
* FastCGI-devel-2.4.0-150000.4.3.1
* perl-FastCGI-2.4.0-150000.4.3.1
* FastCGI-debugsource-2.4.0-150000.4.3.1
* libfcgi0-2.4.0-150000.4.3.1
* libfcgi0-debuginfo-2.4.0-150000.4.3.1
* perl-FastCGI-debuginfo-2.4.0-150000.4.3.1
* FastCGI-2.4.0-150000.4.3.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* FastCGI-debuginfo-2.4.0-150000.4.3.1
* FastCGI-devel-2.4.0-150000.4.3.1
* perl-FastCGI-2.4.0-150000.4.3.1
* FastCGI-debugsource-2.4.0-150000.4.3.1
* libfcgi0-2.4.0-150000.4.3.1
* libfcgi0-debuginfo-2.4.0-150000.4.3.1
* perl-FastCGI-debuginfo-2.4.0-150000.4.3.1
* FastCGI-2.4.0-150000.4.3.1
* SUSE Enterprise Storage 7.1 (aarch64 x86_64)
* FastCGI-debuginfo-2.4.0-150000.4.3.1
* FastCGI-devel-2.4.0-150000.4.3.1
* perl-FastCGI-2.4.0-150000.4.3.1
* FastCGI-debugsource-2.4.0-150000.4.3.1
* libfcgi0-2.4.0-150000.4.3.1
* libfcgi0-debuginfo-2.4.0-150000.4.3.1
* perl-FastCGI-debuginfo-2.4.0-150000.4.3.1
* FastCGI-2.4.0-150000.4.3.1

## References:

* https://www.suse.com/security/cve/CVE-2025-23016.html
* https://bugzilla.suse.com/show_bug.cgi?id=1243325



SUSE-SU-2025:02375-1: moderate: Security update for glib2


# Security update for glib2

Announcement ID: SUSE-SU-2025:02375-1
Release Date: 2025-07-18T13:16:28Z
Rating: moderate
References:

* bsc#1242844

Cross-References:

* CVE-2025-4373

CVSS scores:

* CVE-2025-4373 ( SUSE ): 6.3
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2025-4373 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
* CVE-2025-4373 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L

Affected Products:

* openSUSE Leap 15.4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4

An update that solves one vulnerability can now be installed.

## Description:

This update for glib2 fixes the following issues:

* CVE-2025-4373: integer overflow in the `g_string_insert_unichar()` function
can lead to buffer underwrite and memory corruption (bsc#1242844).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2025-2375=1

* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2025-2375=1

* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2025-2375=1

* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2025-2375=1

* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2025-2375=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2025-2375=1

## Package List:

* openSUSE Leap 15.4 (noarch)
* gio-branding-upstream-2.70.5-150400.3.23.1
* glib2-lang-2.70.5-150400.3.23.1
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* libgio-2_0-0-debuginfo-2.70.5-150400.3.23.1
* glib2-tools-2.70.5-150400.3.23.1
* glib2-tests-devel-debuginfo-2.70.5-150400.3.23.1
* glib2-tools-debuginfo-2.70.5-150400.3.23.1
* libglib-2_0-0-2.70.5-150400.3.23.1
* libgio-2_0-0-2.70.5-150400.3.23.1
* libgmodule-2_0-0-debuginfo-2.70.5-150400.3.23.1
* libgobject-2_0-0-debuginfo-2.70.5-150400.3.23.1
* glib2-tests-devel-2.70.5-150400.3.23.1
* glib2-doc-2.70.5-150400.3.23.1
* libgmodule-2_0-0-2.70.5-150400.3.23.1
* libglib-2_0-0-debuginfo-2.70.5-150400.3.23.1
* libgobject-2_0-0-2.70.5-150400.3.23.1
* libgthread-2_0-0-debuginfo-2.70.5-150400.3.23.1
* glib2-devel-debuginfo-2.70.5-150400.3.23.1
* libgthread-2_0-0-2.70.5-150400.3.23.1
* glib2-devel-2.70.5-150400.3.23.1
* glib2-devel-static-2.70.5-150400.3.23.1
* glib2-debugsource-2.70.5-150400.3.23.1
* openSUSE Leap 15.4 (x86_64)
* glib2-tools-32bit-2.70.5-150400.3.23.1
* libgobject-2_0-0-32bit-2.70.5-150400.3.23.1
* libgio-2_0-0-32bit-debuginfo-2.70.5-150400.3.23.1
* libgthread-2_0-0-32bit-debuginfo-2.70.5-150400.3.23.1
* glib2-devel-32bit-2.70.5-150400.3.23.1
* glib2-devel-32bit-debuginfo-2.70.5-150400.3.23.1
* libglib-2_0-0-32bit-2.70.5-150400.3.23.1
* libgthread-2_0-0-32bit-2.70.5-150400.3.23.1
* libgmodule-2_0-0-32bit-debuginfo-2.70.5-150400.3.23.1
* libgio-2_0-0-32bit-2.70.5-150400.3.23.1
* libgobject-2_0-0-32bit-debuginfo-2.70.5-150400.3.23.1
* glib2-tools-32bit-debuginfo-2.70.5-150400.3.23.1
* libglib-2_0-0-32bit-debuginfo-2.70.5-150400.3.23.1
* libgmodule-2_0-0-32bit-2.70.5-150400.3.23.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* glib2-tools-64bit-debuginfo-2.70.5-150400.3.23.1
* libgio-2_0-0-64bit-debuginfo-2.70.5-150400.3.23.1
* libgio-2_0-0-64bit-2.70.5-150400.3.23.1
* libgobject-2_0-0-64bit-debuginfo-2.70.5-150400.3.23.1
* libglib-2_0-0-64bit-2.70.5-150400.3.23.1
* libgobject-2_0-0-64bit-2.70.5-150400.3.23.1
* glib2-devel-64bit-debuginfo-2.70.5-150400.3.23.1
* glib2-devel-64bit-2.70.5-150400.3.23.1
* libgmodule-2_0-0-64bit-2.70.5-150400.3.23.1
* libgmodule-2_0-0-64bit-debuginfo-2.70.5-150400.3.23.1
* libgthread-2_0-0-64bit-2.70.5-150400.3.23.1
* glib2-tools-64bit-2.70.5-150400.3.23.1
* libglib-2_0-0-64bit-debuginfo-2.70.5-150400.3.23.1
* libgthread-2_0-0-64bit-debuginfo-2.70.5-150400.3.23.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* libgio-2_0-0-debuginfo-2.70.5-150400.3.23.1
* glib2-tools-2.70.5-150400.3.23.1
* glib2-tools-debuginfo-2.70.5-150400.3.23.1
* libglib-2_0-0-2.70.5-150400.3.23.1
* libgmodule-2_0-0-debuginfo-2.70.5-150400.3.23.1
* libgobject-2_0-0-debuginfo-2.70.5-150400.3.23.1
* libgmodule-2_0-0-2.70.5-150400.3.23.1
* libglib-2_0-0-debuginfo-2.70.5-150400.3.23.1
* libgobject-2_0-0-2.70.5-150400.3.23.1
* glib2-debugsource-2.70.5-150400.3.23.1
* libgio-2_0-0-2.70.5-150400.3.23.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* libgio-2_0-0-debuginfo-2.70.5-150400.3.23.1
* glib2-tools-2.70.5-150400.3.23.1
* glib2-tools-debuginfo-2.70.5-150400.3.23.1
* libglib-2_0-0-2.70.5-150400.3.23.1
* libgmodule-2_0-0-debuginfo-2.70.5-150400.3.23.1
* libgobject-2_0-0-debuginfo-2.70.5-150400.3.23.1
* libgmodule-2_0-0-2.70.5-150400.3.23.1
* libglib-2_0-0-debuginfo-2.70.5-150400.3.23.1
* libgobject-2_0-0-2.70.5-150400.3.23.1
* glib2-debugsource-2.70.5-150400.3.23.1
* libgio-2_0-0-2.70.5-150400.3.23.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* libgio-2_0-0-debuginfo-2.70.5-150400.3.23.1
* glib2-tools-2.70.5-150400.3.23.1
* glib2-tools-debuginfo-2.70.5-150400.3.23.1
* libglib-2_0-0-2.70.5-150400.3.23.1
* libgmodule-2_0-0-debuginfo-2.70.5-150400.3.23.1
* libgobject-2_0-0-debuginfo-2.70.5-150400.3.23.1
* libgmodule-2_0-0-2.70.5-150400.3.23.1
* libglib-2_0-0-debuginfo-2.70.5-150400.3.23.1
* libgobject-2_0-0-2.70.5-150400.3.23.1
* glib2-debugsource-2.70.5-150400.3.23.1
* libgio-2_0-0-2.70.5-150400.3.23.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* libgio-2_0-0-debuginfo-2.70.5-150400.3.23.1
* glib2-tools-2.70.5-150400.3.23.1
* glib2-tools-debuginfo-2.70.5-150400.3.23.1
* libglib-2_0-0-2.70.5-150400.3.23.1
* libgmodule-2_0-0-debuginfo-2.70.5-150400.3.23.1
* libgobject-2_0-0-debuginfo-2.70.5-150400.3.23.1
* libgmodule-2_0-0-2.70.5-150400.3.23.1
* libglib-2_0-0-debuginfo-2.70.5-150400.3.23.1
* libgobject-2_0-0-2.70.5-150400.3.23.1
* glib2-debugsource-2.70.5-150400.3.23.1
* libgio-2_0-0-2.70.5-150400.3.23.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
* libgio-2_0-0-debuginfo-2.70.5-150400.3.23.1
* glib2-tools-2.70.5-150400.3.23.1
* glib2-tools-debuginfo-2.70.5-150400.3.23.1
* libglib-2_0-0-2.70.5-150400.3.23.1
* libgmodule-2_0-0-debuginfo-2.70.5-150400.3.23.1
* libgobject-2_0-0-debuginfo-2.70.5-150400.3.23.1
* libgmodule-2_0-0-2.70.5-150400.3.23.1
* libglib-2_0-0-debuginfo-2.70.5-150400.3.23.1
* libgobject-2_0-0-2.70.5-150400.3.23.1
* glib2-debugsource-2.70.5-150400.3.23.1
* libgio-2_0-0-2.70.5-150400.3.23.1

## References:

* https://www.suse.com/security/cve/CVE-2025-4373.html
* https://bugzilla.suse.com/show_bug.cgi?id=1242844



SUSE-SU-2025:02381-1: moderate: Security update for ffmpeg-4


# Security update for ffmpeg-4

Announcement ID: SUSE-SU-2025:02381-1
Release Date: 2025-07-18T14:58:59Z
Rating: moderate
References:

* bsc#1234018
* bsc#1234019
* bsc#1234020

Cross-References:

* CVE-2024-36616
* CVE-2024-36617
* CVE-2024-36618

CVSS scores:

* CVE-2024-36616 ( SUSE ): 6.9
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2024-36616 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
* CVE-2024-36616 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2024-36617 ( SUSE ): 6.9
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2024-36617 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
* CVE-2024-36617 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-36618 ( SUSE ): 6.9
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2024-36618 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
* CVE-2024-36618 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7
* SUSE Linux Enterprise Workstation Extension 15 SP6
* SUSE Linux Enterprise Workstation Extension 15 SP7
* SUSE Package Hub 15 15-SP6
* SUSE Package Hub 15 15-SP7

An update that solves three vulnerabilities can now be installed.

## Description:

This update for ffmpeg-4 fixes the following issues:

* CVE-2024-36618: Fixed integer overflow iff ULONG_MAX < INT64_MAX
(bsc#1234020).

New CVE references, fixed in previous release:

* CVE-2024-36617: avformat/cafdec: dont seek beyond 64bit (bsc#1234019).
* CVE-2024-36616: avformat/westwood_vqa: Fix 2g packets (bsc#1234018).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2025-2381=1 openSUSE-SLE-15.6-2025-2381=1

* SUSE Package Hub 15 15-SP6
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-2381=1

* SUSE Package Hub 15 15-SP7
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-2381=1

* SUSE Linux Enterprise Workstation Extension 15 SP6
zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2025-2381=1

* SUSE Linux Enterprise Workstation Extension 15 SP7
zypper in -t patch SUSE-SLE-Product-WE-15-SP7-2025-2381=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* ffmpeg-4-libswscale-devel-4.4.6-150600.13.27.1
* libavcodec58_134-debuginfo-4.4.6-150600.13.27.1
* libpostproc55_9-4.4.6-150600.13.27.1
* libswscale5_9-debuginfo-4.4.6-150600.13.27.1
* ffmpeg-4-4.4.6-150600.13.27.1
* ffmpeg-4-libavfilter-devel-4.4.6-150600.13.27.1
* libavdevice58_13-debuginfo-4.4.6-150600.13.27.1
* libswresample3_9-debuginfo-4.4.6-150600.13.27.1
* libavdevice58_13-4.4.6-150600.13.27.1
* libswresample3_9-4.4.6-150600.13.27.1
* ffmpeg-4-libavdevice-devel-4.4.6-150600.13.27.1
* ffmpeg-4-private-devel-4.4.6-150600.13.27.1
* ffmpeg-4-libavutil-devel-4.4.6-150600.13.27.1
* ffmpeg-4-libswresample-devel-4.4.6-150600.13.27.1
* libpostproc55_9-debuginfo-4.4.6-150600.13.27.1
* libavformat58_76-4.4.6-150600.13.27.1
* libavcodec58_134-4.4.6-150600.13.27.1
* libavformat58_76-debuginfo-4.4.6-150600.13.27.1
* ffmpeg-4-libpostproc-devel-4.4.6-150600.13.27.1
* libavutil56_70-4.4.6-150600.13.27.1
* ffmpeg-4-libavresample-devel-4.4.6-150600.13.27.1
* ffmpeg-4-debugsource-4.4.6-150600.13.27.1
* ffmpeg-4-libavcodec-devel-4.4.6-150600.13.27.1
* ffmpeg-4-libavformat-devel-4.4.6-150600.13.27.1
* libavfilter7_110-4.4.6-150600.13.27.1
* ffmpeg-4-debuginfo-4.4.6-150600.13.27.1
* libavresample4_0-debuginfo-4.4.6-150600.13.27.1
* libavresample4_0-4.4.6-150600.13.27.1
* libavutil56_70-debuginfo-4.4.6-150600.13.27.1
* libavfilter7_110-debuginfo-4.4.6-150600.13.27.1
* libswscale5_9-4.4.6-150600.13.27.1
* openSUSE Leap 15.6 (x86_64)
* libavutil56_70-32bit-4.4.6-150600.13.27.1
* libavutil56_70-32bit-debuginfo-4.4.6-150600.13.27.1
* libavformat58_76-32bit-4.4.6-150600.13.27.1
* libavcodec58_134-32bit-4.4.6-150600.13.27.1
* libswresample3_9-32bit-4.4.6-150600.13.27.1
* libswscale5_9-32bit-4.4.6-150600.13.27.1
* libpostproc55_9-32bit-debuginfo-4.4.6-150600.13.27.1
* libavformat58_76-32bit-debuginfo-4.4.6-150600.13.27.1
* libavdevice58_13-32bit-debuginfo-4.4.6-150600.13.27.1
* libavdevice58_13-32bit-4.4.6-150600.13.27.1
* libavresample4_0-32bit-4.4.6-150600.13.27.1
* libswscale5_9-32bit-debuginfo-4.4.6-150600.13.27.1
* libswresample3_9-32bit-debuginfo-4.4.6-150600.13.27.1
* libpostproc55_9-32bit-4.4.6-150600.13.27.1
* libavcodec58_134-32bit-debuginfo-4.4.6-150600.13.27.1
* libavfilter7_110-32bit-4.4.6-150600.13.27.1
* libavresample4_0-32bit-debuginfo-4.4.6-150600.13.27.1
* libavfilter7_110-32bit-debuginfo-4.4.6-150600.13.27.1
* openSUSE Leap 15.6 (aarch64_ilp32)
* libavresample4_0-64bit-debuginfo-4.4.6-150600.13.27.1
* libavformat58_76-64bit-debuginfo-4.4.6-150600.13.27.1
* libavcodec58_134-64bit-debuginfo-4.4.6-150600.13.27.1
* libavfilter7_110-64bit-debuginfo-4.4.6-150600.13.27.1
* libavutil56_70-64bit-4.4.6-150600.13.27.1
* libavutil56_70-64bit-debuginfo-4.4.6-150600.13.27.1
* libpostproc55_9-64bit-4.4.6-150600.13.27.1
* libavdevice58_13-64bit-4.4.6-150600.13.27.1
* libswresample3_9-64bit-4.4.6-150600.13.27.1
* libswscale5_9-64bit-4.4.6-150600.13.27.1
* libpostproc55_9-64bit-debuginfo-4.4.6-150600.13.27.1
* libswscale5_9-64bit-debuginfo-4.4.6-150600.13.27.1
* libavformat58_76-64bit-4.4.6-150600.13.27.1
* libswresample3_9-64bit-debuginfo-4.4.6-150600.13.27.1
* libavresample4_0-64bit-4.4.6-150600.13.27.1
* libavfilter7_110-64bit-4.4.6-150600.13.27.1
* libavcodec58_134-64bit-4.4.6-150600.13.27.1
* libavdevice58_13-64bit-debuginfo-4.4.6-150600.13.27.1
* SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64)
* ffmpeg-4-libswscale-devel-4.4.6-150600.13.27.1
* libavcodec58_134-debuginfo-4.4.6-150600.13.27.1
* libpostproc55_9-4.4.6-150600.13.27.1
* libswscale5_9-debuginfo-4.4.6-150600.13.27.1
* ffmpeg-4-4.4.6-150600.13.27.1
* ffmpeg-4-libavfilter-devel-4.4.6-150600.13.27.1
* libavdevice58_13-debuginfo-4.4.6-150600.13.27.1
* libswresample3_9-debuginfo-4.4.6-150600.13.27.1
* libavdevice58_13-4.4.6-150600.13.27.1
* libswresample3_9-4.4.6-150600.13.27.1
* ffmpeg-4-libavdevice-devel-4.4.6-150600.13.27.1
* ffmpeg-4-private-devel-4.4.6-150600.13.27.1
* ffmpeg-4-libavutil-devel-4.4.6-150600.13.27.1
* ffmpeg-4-libswresample-devel-4.4.6-150600.13.27.1
* libpostproc55_9-debuginfo-4.4.6-150600.13.27.1
* libavformat58_76-4.4.6-150600.13.27.1
* libavcodec58_134-4.4.6-150600.13.27.1
* libavformat58_76-debuginfo-4.4.6-150600.13.27.1
* ffmpeg-4-libpostproc-devel-4.4.6-150600.13.27.1
* libavutil56_70-4.4.6-150600.13.27.1
* ffmpeg-4-libavresample-devel-4.4.6-150600.13.27.1
* ffmpeg-4-debugsource-4.4.6-150600.13.27.1
* ffmpeg-4-libavcodec-devel-4.4.6-150600.13.27.1
* ffmpeg-4-libavformat-devel-4.4.6-150600.13.27.1
* libavfilter7_110-4.4.6-150600.13.27.1
* ffmpeg-4-debuginfo-4.4.6-150600.13.27.1
* libavresample4_0-debuginfo-4.4.6-150600.13.27.1
* libavresample4_0-4.4.6-150600.13.27.1
* libavutil56_70-debuginfo-4.4.6-150600.13.27.1
* libavfilter7_110-debuginfo-4.4.6-150600.13.27.1
* libswscale5_9-4.4.6-150600.13.27.1
* SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64)
* ffmpeg-4-libswscale-devel-4.4.6-150600.13.27.1
* libavcodec58_134-debuginfo-4.4.6-150600.13.27.1
* libpostproc55_9-4.4.6-150600.13.27.1
* libswscale5_9-debuginfo-4.4.6-150600.13.27.1
* ffmpeg-4-4.4.6-150600.13.27.1
* ffmpeg-4-libavfilter-devel-4.4.6-150600.13.27.1
* libavdevice58_13-debuginfo-4.4.6-150600.13.27.1
* libswresample3_9-debuginfo-4.4.6-150600.13.27.1
* libavdevice58_13-4.4.6-150600.13.27.1
* libswresample3_9-4.4.6-150600.13.27.1
* ffmpeg-4-libavdevice-devel-4.4.6-150600.13.27.1
* ffmpeg-4-private-devel-4.4.6-150600.13.27.1
* ffmpeg-4-libavutil-devel-4.4.6-150600.13.27.1
* ffmpeg-4-libswresample-devel-4.4.6-150600.13.27.1
* libpostproc55_9-debuginfo-4.4.6-150600.13.27.1
* libavformat58_76-4.4.6-150600.13.27.1
* libavcodec58_134-4.4.6-150600.13.27.1
* libavformat58_76-debuginfo-4.4.6-150600.13.27.1
* ffmpeg-4-libpostproc-devel-4.4.6-150600.13.27.1
* libavutil56_70-4.4.6-150600.13.27.1
* ffmpeg-4-libavresample-devel-4.4.6-150600.13.27.1
* ffmpeg-4-debugsource-4.4.6-150600.13.27.1
* ffmpeg-4-libavcodec-devel-4.4.6-150600.13.27.1
* ffmpeg-4-libavformat-devel-4.4.6-150600.13.27.1
* libavfilter7_110-4.4.6-150600.13.27.1
* ffmpeg-4-debuginfo-4.4.6-150600.13.27.1
* libavresample4_0-debuginfo-4.4.6-150600.13.27.1
* libavresample4_0-4.4.6-150600.13.27.1
* libavutil56_70-debuginfo-4.4.6-150600.13.27.1
* libavfilter7_110-debuginfo-4.4.6-150600.13.27.1
* libswscale5_9-4.4.6-150600.13.27.1
* SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64)
* libavcodec58_134-4.4.6-150600.13.27.1
* libavformat58_76-debuginfo-4.4.6-150600.13.27.1
* ffmpeg-4-debuginfo-4.4.6-150600.13.27.1
* libswscale5_9-4.4.6-150600.13.27.1
* libavcodec58_134-debuginfo-4.4.6-150600.13.27.1
* libavutil56_70-4.4.6-150600.13.27.1
* libswscale5_9-debuginfo-4.4.6-150600.13.27.1
* libavutil56_70-debuginfo-4.4.6-150600.13.27.1
* libswresample3_9-debuginfo-4.4.6-150600.13.27.1
* ffmpeg-4-debugsource-4.4.6-150600.13.27.1
* libswresample3_9-4.4.6-150600.13.27.1
* libavformat58_76-4.4.6-150600.13.27.1
* SUSE Linux Enterprise Workstation Extension 15 SP7 (x86_64)
* libavcodec58_134-4.4.6-150600.13.27.1
* libavformat58_76-debuginfo-4.4.6-150600.13.27.1
* ffmpeg-4-debuginfo-4.4.6-150600.13.27.1
* libswscale5_9-4.4.6-150600.13.27.1
* libavcodec58_134-debuginfo-4.4.6-150600.13.27.1
* libavutil56_70-4.4.6-150600.13.27.1
* libswscale5_9-debuginfo-4.4.6-150600.13.27.1
* libavutil56_70-debuginfo-4.4.6-150600.13.27.1
* libswresample3_9-debuginfo-4.4.6-150600.13.27.1
* ffmpeg-4-debugsource-4.4.6-150600.13.27.1
* libswresample3_9-4.4.6-150600.13.27.1
* libavformat58_76-4.4.6-150600.13.27.1

## References:

* https://www.suse.com/security/cve/CVE-2024-36616.html
* https://www.suse.com/security/cve/CVE-2024-36617.html
* https://www.suse.com/security/cve/CVE-2024-36618.html
* https://bugzilla.suse.com/show_bug.cgi?id=1234018
* https://bugzilla.suse.com/show_bug.cgi?id=1234019
* https://bugzilla.suse.com/show_bug.cgi?id=1234020



openSUSE-SU-2025:15348-1: moderate: FastCGI-2.4.6-1.1 on GA media


# FastCGI-2.4.6-1.1 on GA media

Announcement ID: openSUSE-SU-2025:15348-1
Rating: moderate

Cross-References:

* CVE-2025-23016

CVSS scores:

* CVE-2025-23016 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the FastCGI-2.4.6-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* FastCGI 2.4.6-1.1
* FastCGI-devel 2.4.6-1.1
* libfcgi0 2.4.6-1.1
* perl-FCGI 2.4.6-1.1

## References:

* https://www.suse.com/security/cve/CVE-2025-23016.html



openSUSE-SU-2025:15352-1: moderate: kubelogin-0.2.10-1.1 on GA media


# kubelogin-0.2.10-1.1 on GA media

Announcement ID: openSUSE-SU-2025:15352-1
Rating: moderate

Cross-References:

* CVE-2025-22871

CVSS scores:

* CVE-2025-22871 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2025-22871 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the kubelogin-0.2.10-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* kubelogin 0.2.10-1.1

## References:

* https://www.suse.com/security/cve/CVE-2025-22871.html



openSUSE-SU-2025:15350-1: moderate: chromedriver-138.0.7204.157-1.1 on GA media


# chromedriver-138.0.7204.157-1.1 on GA media

Announcement ID: openSUSE-SU-2025:15350-1
Rating: moderate

Cross-References:

* CVE-2025-6558
* CVE-2025-7656
* CVE-2025-7657

Affected Products:

* openSUSE Tumbleweed

An update that solves 3 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the chromedriver-138.0.7204.157-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* chromedriver 138.0.7204.157-1.1
* chromium 138.0.7204.157-1.1

## References:

* https://www.suse.com/security/cve/CVE-2025-6558.html
* https://www.suse.com/security/cve/CVE-2025-7656.html
* https://www.suse.com/security/cve/CVE-2025-7657.html



openSUSE-SU-2025:15349-1: moderate: ImageMagick-7.1.2.0-1.1 on GA media


# ImageMagick-7.1.2.0-1.1 on GA media

Announcement ID: openSUSE-SU-2025:15349-1
Rating: moderate

Cross-References:

* CVE-2025-53014
* CVE-2025-53015
* CVE-2025-53019
* CVE-2025-53101

CVSS scores:

* CVE-2025-53014 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L
* CVE-2025-53014 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-53015 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-53015 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-53019 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-53019 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-53101 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
* CVE-2025-53101 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves 4 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the ImageMagick-7.1.2.0-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* ImageMagick 7.1.2.0-1.1
* ImageMagick-config-7-SUSE 7.1.2.0-1.1
* ImageMagick-devel 7.1.2.0-1.1
* ImageMagick-devel-32bit 7.1.2.0-1.1
* ImageMagick-doc 7.1.2.0-1.1
* ImageMagick-extra 7.1.2.0-1.1
* libMagick++-7_Q16HDRI5 7.1.2.0-1.1
* libMagick++-7_Q16HDRI5-32bit 7.1.2.0-1.1
* libMagick++-devel 7.1.2.0-1.1
* libMagick++-devel-32bit 7.1.2.0-1.1
* libMagickCore-7_Q16HDRI10 7.1.2.0-1.1
* libMagickCore-7_Q16HDRI10-32bit 7.1.2.0-1.1
* libMagickWand-7_Q16HDRI10 7.1.2.0-1.1
* libMagickWand-7_Q16HDRI10-32bit 7.1.2.0-1.1
* perl-PerlMagick 7.1.2.0-1.1

## References:

* https://www.suse.com/security/cve/CVE-2025-53014.html
* https://www.suse.com/security/cve/CVE-2025-53015.html
* https://www.suse.com/security/cve/CVE-2025-53019.html
* https://www.suse.com/security/cve/CVE-2025-53101.html



openSUSE-SU-2025:15353-1: moderate: rustup-1.28.2~0-1.1 on GA media


# rustup-1.28.2~0-1.1 on GA media

Announcement ID: openSUSE-SU-2025:15353-1
Rating: moderate

Cross-References:

* CVE-2024-12224

CVSS scores:

* CVE-2024-12224 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N
* CVE-2024-12224 ( SUSE ): 2.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the rustup-1.28.2~0-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* rustup 1.28.2~0-1.1

## References:

* https://www.suse.com/security/cve/CVE-2024-12224.html



openSUSE-SU-2025:15351-1: moderate: fractal-12.beta+14-1.1 on GA media


# fractal-12.beta+14-1.1 on GA media

Announcement ID: openSUSE-SU-2025:15351-1
Rating: moderate

Cross-References:

* CVE-2025-53549

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the fractal-12.beta+14-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* fractal 12.beta+14-1.1
* fractal-lang 12.beta+14-1.1

## References:

* https://www.suse.com/security/cve/CVE-2025-53549.html


Linux Firmware updates for Oracle Linux

PHP and Linux Kernel updates for Ubuntu

Windows

Linux

macOS

Community

  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...
  • Philipp
    I would try the XanMod kernel: https://xanmod.orgĀ  I ...