Kubernetes-Client, Thunderbird, PostgreSQL, and more updates for SUSE

SUSE 5500 Published by

Several security updates have been released for SUSE Linux, addressing vulnerabilities in various packages. These updates include fixes for the kubernetes-client, Mozilla Thunderbird, xkbcomp, and PostgreSQL 16, among others. Additionally, patches have been made available for Python-Django, Python, and Rhino to address potential security risks.

SUSE-SU-2025:4380-1: important: Security update for kubernetes-client
SUSE-SU-2025:4381-1: important: Security update for kubernetes-client
openSUSE-SU-2025:15814-1: moderate: MozillaThunderbird-140.6.0-1.1 on GA media
openSUSE-SU-2025:15815-1: moderate: xkbcomp-1.5.0-1.1 on GA media
openSUSE-SU-2025:15813-1: moderate: MozillaFirefox-146.0-1.1 on GA media
SUSE-SU-2025:4388-1: important: Security update for postgresql16
SUSE-SU-2025:4384-1: important: Security update for python-Django
SUSE-SU-2025:4389-1: low: Security update for python
SUSE-SU-2025:4390-1: moderate: Security update for rhino
openSUSE-SU-2025-20153-1: important: Security update for python-Django
openSUSE-SU-2025-20150-1: important: Security update for binutils




SUSE-SU-2025:4380-1: important: Security update for kubernetes-client


# Security update for kubernetes-client

Announcement ID: SUSE-SU-2025:4380-1
Release Date: 2025-12-12T10:19:01Z
Rating: important
References:

Affected Products:

* Containers Module 15-SP6
* Containers Module 15-SP7
* openSUSE Leap 15.6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7

An update that can now be installed.

## Description:

This update for kubernetes client rebuilds it against current the go release to
fix bugs and security issues in the go stdlib.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2025-4380=1 openSUSE-SLE-15.6-2025-4380=1

* Containers Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2025-4380=1

* Containers Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Containers-15-SP7-2025-4380=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* kubernetes1.31-client-common-1.31.9-150600.13.15.2
* kubernetes1.31-proxy-1.31.9-150600.13.15.2
* kubernetes1.31-apiserver-1.31.9-150600.13.15.2
* kubernetes1.31-kubelet-1.31.9-150600.13.15.2
* kubernetes1.31-client-1.31.9-150600.13.15.2
* kubernetes1.31-kubelet-common-1.31.9-150600.13.15.2
* kubernetes1.31-scheduler-1.31.9-150600.13.15.2
* kubernetes1.31-controller-manager-1.31.9-150600.13.15.2
* kubernetes1.31-kubeadm-1.31.9-150600.13.15.2
* openSUSE Leap 15.6 (noarch)
* kubernetes1.31-client-bash-completion-1.31.9-150600.13.15.2
* kubernetes1.31-client-fish-completion-1.31.9-150600.13.15.2
* Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* kubernetes1.31-client-1.31.9-150600.13.15.2
* kubernetes1.31-client-common-1.31.9-150600.13.15.2
* Containers Module 15-SP6 (noarch)
* kubernetes1.31-client-bash-completion-1.31.9-150600.13.15.2
* Containers Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* kubernetes1.31-client-1.31.9-150600.13.15.2
* kubernetes1.31-client-common-1.31.9-150600.13.15.2
* Containers Module 15-SP7 (noarch)
* kubernetes1.31-client-bash-completion-1.31.9-150600.13.15.2



SUSE-SU-2025:4381-1: important: Security update for kubernetes-client


# Security update for kubernetes-client

Announcement ID: SUSE-SU-2025:4381-1
Release Date: 2025-12-12T10:19:22Z
Rating: important
References:

Affected Products:

* Containers Module 15-SP6
* Containers Module 15-SP7
* openSUSE Leap 15.6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7

An update that can now be installed.

## Description:

This update for kubernetes client rebuilds it against current the go release to
fix bugs and security issues in the go stdlib.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* Containers Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2025-4381=1

* Containers Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Containers-15-SP7-2025-4381=1

* openSUSE Leap 15.6
zypper in -t patch SUSE-2025-4381=1 openSUSE-SLE-15.6-2025-4381=1

## Package List:

* Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* kubernetes1.33-client-common-1.33.1-150600.13.15.2
* kubernetes1.33-client-1.33.1-150600.13.15.2
* Containers Module 15-SP6 (noarch)
* kubernetes1.33-client-bash-completion-1.33.1-150600.13.15.2
* Containers Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* kubernetes1.33-client-common-1.33.1-150600.13.15.2
* kubernetes1.33-client-1.33.1-150600.13.15.2
* Containers Module 15-SP7 (noarch)
* kubernetes1.33-client-bash-completion-1.33.1-150600.13.15.2
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* kubernetes1.33-controller-manager-1.33.1-150600.13.15.2
* kubernetes1.33-client-1.33.1-150600.13.15.2
* kubernetes1.33-proxy-1.33.1-150600.13.15.2
* kubernetes1.33-client-common-1.33.1-150600.13.15.2
* kubernetes1.33-scheduler-1.33.1-150600.13.15.2
* kubernetes1.33-kubelet-1.33.1-150600.13.15.2
* kubernetes1.33-apiserver-1.33.1-150600.13.15.2
* kubernetes1.33-kubeadm-1.33.1-150600.13.15.2
* kubernetes1.33-kubelet-common-1.33.1-150600.13.15.2
* openSUSE Leap 15.6 (noarch)
* kubernetes1.33-client-fish-completion-1.33.1-150600.13.15.2
* kubernetes1.33-client-bash-completion-1.33.1-150600.13.15.2



openSUSE-SU-2025:15814-1: moderate: MozillaThunderbird-140.6.0-1.1 on GA media


# MozillaThunderbird-140.6.0-1.1 on GA media

Announcement ID: openSUSE-SU-2025:15814-1
Rating: moderate

Cross-References:

* CVE-2025-14321
* CVE-2025-14322
* CVE-2025-14323
* CVE-2025-14324
* CVE-2025-14325
* CVE-2025-14328
* CVE-2025-14329
* CVE-2025-14330
* CVE-2025-14331
* CVE-2025-14333

CVSS scores:

* CVE-2025-14321 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-14321 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-14322 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-14322 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-14323 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-14323 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-14324 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-14324 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-14325 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-14325 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-14328 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
* CVE-2025-14328 ( SUSE ): 5.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2025-14329 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
* CVE-2025-14329 ( SUSE ): 5.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2025-14330 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2025-14330 ( SUSE ): 5.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2025-14331 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
* CVE-2025-14331 ( SUSE ): 5.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2025-14333 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-14333 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves 10 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the MozillaThunderbird-140.6.0-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* MozillaThunderbird 140.6.0-1.1
* MozillaThunderbird-openpgp-librnp 140.6.0-1.1
* MozillaThunderbird-translations-common 140.6.0-1.1
* MozillaThunderbird-translations-other 140.6.0-1.1

## References:

* https://www.suse.com/security/cve/CVE-2025-14321.html
* https://www.suse.com/security/cve/CVE-2025-14322.html
* https://www.suse.com/security/cve/CVE-2025-14323.html
* https://www.suse.com/security/cve/CVE-2025-14324.html
* https://www.suse.com/security/cve/CVE-2025-14325.html
* https://www.suse.com/security/cve/CVE-2025-14328.html
* https://www.suse.com/security/cve/CVE-2025-14329.html
* https://www.suse.com/security/cve/CVE-2025-14330.html
* https://www.suse.com/security/cve/CVE-2025-14331.html
* https://www.suse.com/security/cve/CVE-2025-14333.html



openSUSE-SU-2025:15815-1: moderate: xkbcomp-1.5.0-1.1 on GA media


# xkbcomp-1.5.0-1.1 on GA media

Announcement ID: openSUSE-SU-2025:15815-1
Rating: moderate

Cross-References:

* CVE-2018-15853
* CVE-2018-15859
* CVE-2018-15861
* CVE-2018-15863

CVSS scores:

* CVE-2018-15853 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2018-15859 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2018-15861 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2018-15863 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Affected Products:

* openSUSE Tumbleweed

An update that solves 4 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the xkbcomp-1.5.0-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* xkbcomp 1.5.0-1.1
* xkbcomp-devel 1.5.0-1.1

## References:

* https://www.suse.com/security/cve/CVE-2018-15853.html
* https://www.suse.com/security/cve/CVE-2018-15859.html
* https://www.suse.com/security/cve/CVE-2018-15861.html
* https://www.suse.com/security/cve/CVE-2018-15863.html



openSUSE-SU-2025:15813-1: moderate: MozillaFirefox-146.0-1.1 on GA media


# MozillaFirefox-146.0-1.1 on GA media

Announcement ID: openSUSE-SU-2025:15813-1
Rating: moderate

Cross-References:

* CVE-2025-14321
* CVE-2025-14322
* CVE-2025-14323
* CVE-2025-14324
* CVE-2025-14325
* CVE-2025-14326
* CVE-2025-14327
* CVE-2025-14328
* CVE-2025-14329
* CVE-2025-14330
* CVE-2025-14331
* CVE-2025-14332
* CVE-2025-14333

CVSS scores:

* CVE-2025-14321 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-14321 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-14322 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-14322 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-14323 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-14323 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-14324 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-14324 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-14325 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-14325 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-14326 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2025-14326 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-14327 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2025-14327 ( SUSE ): 5.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2025-14328 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
* CVE-2025-14328 ( SUSE ): 5.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2025-14329 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
* CVE-2025-14329 ( SUSE ): 5.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2025-14330 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2025-14330 ( SUSE ): 5.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2025-14331 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
* CVE-2025-14331 ( SUSE ): 5.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2025-14332 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-14332 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-14333 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-14333 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves 13 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the MozillaFirefox-146.0-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* MozillaFirefox 146.0-1.1
* MozillaFirefox-branding-upstream 146.0-1.1
* MozillaFirefox-devel 146.0-1.1
* MozillaFirefox-translations-common 146.0-1.1
* MozillaFirefox-translations-other 146.0-1.1

## References:

* https://www.suse.com/security/cve/CVE-2025-14321.html
* https://www.suse.com/security/cve/CVE-2025-14322.html
* https://www.suse.com/security/cve/CVE-2025-14323.html
* https://www.suse.com/security/cve/CVE-2025-14324.html
* https://www.suse.com/security/cve/CVE-2025-14325.html
* https://www.suse.com/security/cve/CVE-2025-14326.html
* https://www.suse.com/security/cve/CVE-2025-14327.html
* https://www.suse.com/security/cve/CVE-2025-14328.html
* https://www.suse.com/security/cve/CVE-2025-14329.html
* https://www.suse.com/security/cve/CVE-2025-14330.html
* https://www.suse.com/security/cve/CVE-2025-14331.html
* https://www.suse.com/security/cve/CVE-2025-14332.html
* https://www.suse.com/security/cve/CVE-2025-14333.html



SUSE-SU-2025:4388-1: important: Security update for postgresql16


# Security update for postgresql16

Announcement ID: SUSE-SU-2025:4388-1
Release Date: 2025-12-12T13:36:55Z
Rating: important
References:

* bsc#1253332
* bsc#1253333

Cross-References:

* CVE-2025-12817
* CVE-2025-12818

CVSS scores:

* CVE-2025-12817 ( SUSE ): 5.3
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2025-12817 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
* CVE-2025-12817 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-12818 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-12818 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-12818 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* Basesystem Module 15-SP6
* Legacy Module 15-SP7
* openSUSE Leap 15.6
* Server Applications Module 15-SP6
* Server Applications Module 15-SP7
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7
* SUSE Package Hub 15 15-SP6
* SUSE Package Hub 15 15-SP7

An update that solves two vulnerabilities can now be installed.

## Description:

This update for postgresql16 fixes the following issues:

Upgraded to 16.11:

* CVE-2025-12817: Fixed missing check for CREATE privileges on the schema in
CREATE STATISTICS (bsc#1253332)
* CVE-2025-12818: Fixed integer overflow in allocation-size calculations
within libpq (bsc#1253333)

Other fixes:

* Use %product_libs_llvm_ver to determine the LLVM version.
* Remove conditionals for obsolete PostgreSQL releases.
* Sync spec file from version 18.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2025-4388=1 openSUSE-SLE-15.6-2025-4388=1

* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-4388=1

* Legacy Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Legacy-15-SP7-2025-4388=1

* SUSE Package Hub 15 15-SP6
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-4388=1

* SUSE Package Hub 15 15-SP7
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-4388=1

* Server Applications Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-4388=1

* Server Applications Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2025-4388=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* postgresql16-llvmjit-debuginfo-16.11-150600.16.25.1
* postgresql16-plperl-16.11-150600.16.25.1
* postgresql16-plperl-debuginfo-16.11-150600.16.25.1
* postgresql16-test-16.11-150600.16.25.1
* postgresql16-devel-debuginfo-16.11-150600.16.25.1
* postgresql16-pltcl-16.11-150600.16.25.1
* postgresql16-16.11-150600.16.25.1
* postgresql16-server-devel-16.11-150600.16.25.1
* postgresql16-server-16.11-150600.16.25.1
* postgresql16-debuginfo-16.11-150600.16.25.1
* postgresql16-llvmjit-devel-16.11-150600.16.25.1
* postgresql16-debugsource-16.11-150600.16.25.1
* postgresql16-server-debuginfo-16.11-150600.16.25.1
* postgresql16-plpython-16.11-150600.16.25.1
* postgresql16-plpython-debuginfo-16.11-150600.16.25.1
* postgresql16-contrib-16.11-150600.16.25.1
* postgresql16-contrib-debuginfo-16.11-150600.16.25.1
* postgresql16-pltcl-debuginfo-16.11-150600.16.25.1
* postgresql16-devel-16.11-150600.16.25.1
* postgresql16-server-devel-debuginfo-16.11-150600.16.25.1
* postgresql16-llvmjit-16.11-150600.16.25.1
* openSUSE Leap 15.6 (noarch)
* postgresql16-docs-16.11-150600.16.25.1
* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* postgresql16-debugsource-16.11-150600.16.25.1
* postgresql16-debuginfo-16.11-150600.16.25.1
* postgresql16-16.11-150600.16.25.1
* Legacy Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* postgresql16-debugsource-16.11-150600.16.25.1
* postgresql16-contrib-debuginfo-16.11-150600.16.25.1
* postgresql16-devel-debuginfo-16.11-150600.16.25.1
* postgresql16-contrib-16.11-150600.16.25.1
* postgresql16-devel-16.11-150600.16.25.1
* postgresql16-debuginfo-16.11-150600.16.25.1
* SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64)
* postgresql16-llvmjit-debuginfo-16.11-150600.16.25.1
* postgresql16-debugsource-16.11-150600.16.25.1
* postgresql16-test-16.11-150600.16.25.1
* postgresql16-debuginfo-16.11-150600.16.25.1
* postgresql16-llvmjit-16.11-150600.16.25.1
* SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64)
* postgresql16-llvmjit-devel-16.11-150600.16.25.1
* postgresql16-llvmjit-debuginfo-16.11-150600.16.25.1
* postgresql16-debugsource-16.11-150600.16.25.1
* postgresql16-test-16.11-150600.16.25.1
* postgresql16-debuginfo-16.11-150600.16.25.1
* postgresql16-llvmjit-16.11-150600.16.25.1
* Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* postgresql16-plperl-16.11-150600.16.25.1
* postgresql16-plperl-debuginfo-16.11-150600.16.25.1
* postgresql16-debugsource-16.11-150600.16.25.1
* postgresql16-server-debuginfo-16.11-150600.16.25.1
* postgresql16-plpython-16.11-150600.16.25.1
* postgresql16-server-devel-16.11-150600.16.25.1
* postgresql16-contrib-debuginfo-16.11-150600.16.25.1
* postgresql16-pltcl-debuginfo-16.11-150600.16.25.1
* postgresql16-devel-debuginfo-16.11-150600.16.25.1
* postgresql16-pltcl-16.11-150600.16.25.1
* postgresql16-plpython-debuginfo-16.11-150600.16.25.1
* postgresql16-contrib-16.11-150600.16.25.1
* postgresql16-devel-16.11-150600.16.25.1
* postgresql16-server-16.11-150600.16.25.1
* postgresql16-debuginfo-16.11-150600.16.25.1
* postgresql16-server-devel-debuginfo-16.11-150600.16.25.1
* Server Applications Module 15-SP6 (noarch)
* postgresql16-docs-16.11-150600.16.25.1
* Server Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* postgresql16-debugsource-16.11-150600.16.25.1
* postgresql16-server-debuginfo-16.11-150600.16.25.1
* postgresql16-16.11-150600.16.25.1
* postgresql16-server-devel-16.11-150600.16.25.1
* postgresql16-server-16.11-150600.16.25.1
* postgresql16-debuginfo-16.11-150600.16.25.1

## References:

* https://www.suse.com/security/cve/CVE-2025-12817.html
* https://www.suse.com/security/cve/CVE-2025-12818.html
* https://bugzilla.suse.com/show_bug.cgi?id=1253332
* https://bugzilla.suse.com/show_bug.cgi?id=1253333



SUSE-SU-2025:4384-1: important: Security update for python-Django


# Security update for python-Django

Announcement ID: SUSE-SU-2025:4384-1
Release Date: 2025-12-12T13:28:37Z
Rating: important
References:

* bsc#1254437

Cross-References:

* CVE-2025-13372
* CVE-2025-64460

CVSS scores:

* CVE-2025-13372 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
* CVE-2025-13372 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
* CVE-2025-64460 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-64460 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7
* SUSE Package Hub 15 15-SP6
* SUSE Package Hub 15 15-SP7

An update that solves two vulnerabilities can now be installed.

## Description:

This update for python-Django fixes the following issues:

* CVE-2025-13372: Fixed SQL Injection in FilteredRelation (bsc#1254437)
* CVE-2025-64460: Fixed denial of service via specially crafted XML input in
django.core.serializers.xml_serializer.getInnerText() (bsc#1254437)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Package Hub 15 15-SP7
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-4384=1

* openSUSE Leap 15.6
zypper in -t patch SUSE-2025-4384=1 openSUSE-SLE-15.6-2025-4384=1

* SUSE Package Hub 15 15-SP6
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-4384=1

## Package List:

* SUSE Package Hub 15 15-SP7 (noarch)
* python311-Django-4.2.11-150600.3.44.1
* openSUSE Leap 15.6 (noarch)
* python311-Django-4.2.11-150600.3.44.1
* SUSE Package Hub 15 15-SP6 (noarch)
* python311-Django-4.2.11-150600.3.44.1

## References:

* https://www.suse.com/security/cve/CVE-2025-13372.html
* https://www.suse.com/security/cve/CVE-2025-64460.html
* https://bugzilla.suse.com/show_bug.cgi?id=1254437



SUSE-SU-2025:4389-1: low: Security update for python


# Security update for python

Announcement ID: SUSE-SU-2025:4389-1
Release Date: 2025-12-12T13:49:32Z
Rating: low
References:

* bsc#1251305
* bsc#1252974

Cross-References:

* CVE-2025-6075
* CVE-2025-8291

CVSS scores:

* CVE-2025-6075 ( SUSE ): 1.8
CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2025-6075 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-6075 ( NVD ): 1.8
CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2025-8291 ( SUSE ): 4.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2025-8291 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
* CVE-2025-8291 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Affected Products:

* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7
* SUSE Package Hub 15 15-SP6
* SUSE Package Hub 15 15-SP7

An update that solves two vulnerabilities can now be installed.

## Description:

This update for python fixes the following issues:

* CVE-2025-6075: quadratic complexity in `os.path.expandvars()` can lead to
performance degradation when values passed to it are user-controlled
(bsc#1252974).
* CVE-2025-8291: lack of validity checks on the ZIP64 End of Central Directory
(EOCD) record allows for the creation of ZIP archives that are processed
inconsistently by the `zipfile` module (bsc#1251305).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2025-4389=1

* SUSE Package Hub 15 15-SP6
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-4389=1

* SUSE Package Hub 15 15-SP7
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-4389=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* python-gdbm-2.7.18-150000.89.1
* python-base-2.7.18-150000.89.2
* python-xml-debuginfo-2.7.18-150000.89.2
* libpython2_7-1_0-2.7.18-150000.89.2
* python-tk-2.7.18-150000.89.1
* python-base-debugsource-2.7.18-150000.89.2
* libpython2_7-1_0-debuginfo-2.7.18-150000.89.2
* python-2.7.18-150000.89.1
* python-tk-debuginfo-2.7.18-150000.89.1
* python-xml-2.7.18-150000.89.2
* python-curses-2.7.18-150000.89.1
* python-curses-debuginfo-2.7.18-150000.89.1
* python-demo-2.7.18-150000.89.1
* python-devel-2.7.18-150000.89.2
* python-idle-2.7.18-150000.89.1
* python-debugsource-2.7.18-150000.89.1
* python-base-debuginfo-2.7.18-150000.89.2
* python-debuginfo-2.7.18-150000.89.1
* python-gdbm-debuginfo-2.7.18-150000.89.1
* openSUSE Leap 15.6 (x86_64)
* python-32bit-2.7.18-150000.89.1
* python-base-32bit-debuginfo-2.7.18-150000.89.2
* libpython2_7-1_0-32bit-debuginfo-2.7.18-150000.89.2
* python-32bit-debuginfo-2.7.18-150000.89.1
* python-base-32bit-2.7.18-150000.89.2
* libpython2_7-1_0-32bit-2.7.18-150000.89.2
* openSUSE Leap 15.6 (noarch)
* python-doc-pdf-2.7.18-150000.89.1
* python-doc-2.7.18-150000.89.1
* SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64)
* python-gdbm-2.7.18-150000.89.1
* python-base-2.7.18-150000.89.2
* python-xml-debuginfo-2.7.18-150000.89.2
* libpython2_7-1_0-2.7.18-150000.89.2
* python-base-debugsource-2.7.18-150000.89.2
* libpython2_7-1_0-debuginfo-2.7.18-150000.89.2
* python-2.7.18-150000.89.1
* python-xml-2.7.18-150000.89.2
* python-curses-2.7.18-150000.89.1
* python-curses-debuginfo-2.7.18-150000.89.1
* python-debugsource-2.7.18-150000.89.1
* python-base-debuginfo-2.7.18-150000.89.2
* python-debuginfo-2.7.18-150000.89.1
* python-gdbm-debuginfo-2.7.18-150000.89.1
* SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64)
* python-gdbm-2.7.18-150000.89.1
* python-base-2.7.18-150000.89.2
* python-xml-debuginfo-2.7.18-150000.89.2
* libpython2_7-1_0-2.7.18-150000.89.2
* python-base-debugsource-2.7.18-150000.89.2
* libpython2_7-1_0-debuginfo-2.7.18-150000.89.2
* python-2.7.18-150000.89.1
* python-xml-2.7.18-150000.89.2
* python-curses-2.7.18-150000.89.1
* python-curses-debuginfo-2.7.18-150000.89.1
* python-debugsource-2.7.18-150000.89.1
* python-base-debuginfo-2.7.18-150000.89.2
* python-debuginfo-2.7.18-150000.89.1
* python-gdbm-debuginfo-2.7.18-150000.89.1

## References:

* https://www.suse.com/security/cve/CVE-2025-6075.html
* https://www.suse.com/security/cve/CVE-2025-8291.html
* https://bugzilla.suse.com/show_bug.cgi?id=1251305
* https://bugzilla.suse.com/show_bug.cgi?id=1252974



SUSE-SU-2025:4390-1: moderate: Security update for rhino


# Security update for rhino

Announcement ID: SUSE-SU-2025:4390-1
Release Date: 2025-12-12T16:18:19Z
Rating: moderate
References:

* bsc#1254481

Cross-References:

* CVE-2025-66453

CVSS scores:

* CVE-2025-66453 ( SUSE ): 5.5
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2025-66453 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-66453 ( NVD ): 5.5
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Affected Products:

* Basesystem Module 15-SP6
* Basesystem Module 15-SP7
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7

An update that solves one vulnerability can now be installed.

## Description:

This update for rhino fixes the following issues:

Update to version 1.7.15.1.

Security issues fixed:

* CVE-2025-66453: high CPU consumption when processing specific numbers via
the `toFixed()` function (bsc#1254481).

Other changes and issues fixed:

* Version 1.7.15:
* Basic support for "rest parameters".
* Improvements in Unicode support.
* "Symbol.species" implemented in many places.
* More correct property ordering in many places.
* Miscellaneous improvements and bug fixes.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* Basesystem Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-4390=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2025-4390=1

* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-4390=1

## Package List:

* Basesystem Module 15-SP7 (noarch)
* rhino-1.7.15.1-150200.12.7.1
* openSUSE Leap 15.6 (noarch)
* rhino-runtime-1.7.15.1-150200.12.7.1
* rhino-demo-1.7.15.1-150200.12.7.1
* rhino-1.7.15.1-150200.12.7.1
* rhino-javadoc-1.7.15.1-150200.12.7.1
* rhino-engine-1.7.15.1-150200.12.7.1
* Basesystem Module 15-SP6 (noarch)
* rhino-1.7.15.1-150200.12.7.1

## References:

* https://www.suse.com/security/cve/CVE-2025-66453.html
* https://bugzilla.suse.com/show_bug.cgi?id=1254481



openSUSE-SU-2025-20153-1: important: Security update for python-Django


openSUSE security update: security update for python-django
-------------------------------------------------------------

Announcement ID: openSUSE-SU-2025-20153-1
Rating: important
References:

* bsc#1252926
* bsc#1254437

Cross-References:

* CVE-2025-13372
* CVE-2025-64459
* CVE-2025-64460

CVSS scores:

* CVE-2025-13372 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
* CVE-2025-64460 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

openSUSE Leap 16.0

-------------------------------------------------------------

An update that solves 3 vulnerabilities and has 2 bug fixes can now be installed.

Description:

This update for python-Django fixes the following issues:

- CVE-2025-64459: Fixed a potential SQL injection via `_connector` keyword argument in `QuerySet` and `Q` objects (bsc#1252926)
- CVE-2025-13372,CVE-2025-64460: Fixed Denial of Service in 'django.core.serializers.xml_serializer.getInnerText()' (bsc#1254437)

Patch instructions:

To install this openSUSE security update use the suse recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

- openSUSE Leap 16.0

zypper in -t patch openSUSE-Leap-16.0-packagehub-50=1

Package List:

- openSUSE Leap 16.0:

python313-Django-5.2.4-bp160.4.1

References:

* https://www.suse.com/security/cve/CVE-2025-13372.html
* https://www.suse.com/security/cve/CVE-2025-64459.html
* https://www.suse.com/security/cve/CVE-2025-64460.html



openSUSE-SU-2025-20150-1: important: Security update for binutils


openSUSE security update: security update for binutils
-------------------------------------------------------------

Announcement ID: openSUSE-SU-2025-20150-1
Rating: important
References:

* bsc#1236632
* bsc#1236976
* bsc#1236977
* bsc#1236978
* bsc#1236999
* bsc#1237000
* bsc#1237001
* bsc#1237003
* bsc#1237005
* bsc#1237018
* bsc#1237019
* bsc#1237020
* bsc#1237021
* bsc#1237042
* bsc#1240870
* bsc#1243756
* bsc#1243760
* bsc#1246481
* bsc#1246486
* bsc#1247105
* bsc#1247114
* bsc#1247117
* bsc#1250632
* bsc#1251275
* bsc#1251276
* bsc#1251277
* bsc#1251794
* bsc#1251795

Cross-References:

* CVE-2025-0840
* CVE-2025-11083
* CVE-2025-11412
* CVE-2025-11413
* CVE-2025-11414
* CVE-2025-1147
* CVE-2025-1148
* CVE-2025-1149
* CVE-2025-11494
* CVE-2025-11495
* CVE-2025-1150
* CVE-2025-1151
* CVE-2025-1152
* CVE-2025-1153
* CVE-2025-1176
* CVE-2025-1178
* CVE-2025-1179
* CVE-2025-1180
* CVE-2025-1181
* CVE-2025-1182
* CVE-2025-3198
* CVE-2025-5244
* CVE-2025-5245
* CVE-2025-7545
* CVE-2025-7546
* CVE-2025-8224
* CVE-2025-8225

CVSS scores:

* CVE-2025-0840 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
* CVE-2025-0840 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2025-11083 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2025-11083 ( SUSE ): 1.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2025-11412 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
* CVE-2025-11412 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-11413 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
* CVE-2025-11413 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-11414 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
* CVE-2025-11414 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-1147 ( SUSE ): 3.6 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L
* CVE-2025-1147 ( SUSE ): 1.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:A/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2025-1148 ( SUSE ): 0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N
* CVE-2025-1148 ( SUSE ): 0 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2025-1149 ( SUSE ): 0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N
* CVE-2025-1149 ( SUSE ): 0 CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:A/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2025-11494 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-11494 ( SUSE ): 1.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2025-11495 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-11495 ( SUSE ): 1.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2025-1150 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2025-1150 ( SUSE ): 1.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-1151 ( SUSE ): 0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N
* CVE-2025-1151 ( SUSE ): 0 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2025-1152 ( SUSE ): 0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N
* CVE-2025-1152 ( SUSE ): 0 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2025-1153 ( SUSE ): 0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N
* CVE-2025-1153 ( SUSE ): 0 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2025-1176 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
* CVE-2025-1176 ( SUSE ): 1.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2025-1178 ( SUSE ): 0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N
* CVE-2025-1178 ( SUSE ): 0 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2025-1179 ( SUSE ): 0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N
* CVE-2025-1179 ( SUSE ): 0 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2025-1180 ( SUSE ): 0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N
* CVE-2025-1180 ( SUSE ): 0 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2025-1181 ( SUSE ): 0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N
* CVE-2025-1181 ( SUSE ): 0 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2025-1182 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
* CVE-2025-1182 ( SUSE ): 2 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2025-3198 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-3198 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-5244 ( SUSE ): 4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-5245 ( SUSE ): 4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-5245 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-7545 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
* CVE-2025-7545 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-7546 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
* CVE-2025-7546 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2025-8224 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2025-8224 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-8225 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2025-8225 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Affected Products:

openSUSE Leap 16.0

-------------------------------------------------------------

An update that solves 27 vulnerabilities and has 28 bug fixes can now be installed.

Description:

This update for binutils fixes the following issues:

Changes in binutils:

- Update to current 2.45 branch at 94cb1c075 to include fix
for PR33584 (a problem related to LTO vs fortran COMMON
blocks).

- Do not enable '-z gcs=implicit' on aarch64 for old codestreams.

Update to version 2.45:

* New versioned release of libsframe.so.2
* s390: tools now support SFrame format 2; recognize "z17" as CPU
name [bsc#1247105, jsc#IBM-1485]
* sframe sections are now of ELF section type SHT_GNU_SFRAME.
* sframe secions generated by the assembler have
SFRAME_F_FDE_FUNC_START_PCREL set.
* riscv: Support more extensions: standard: Zicfiss v1.0, Zicfilp v1.0,
Zcmp v1.0, Zcmt v1.0, Smrnmi v1.0, S[sm]dbltrp v1.0, S[sm]ctr v1.0,
ssqosid v1.0, ssnpm v1.0, smnpm v1.0, smmpm v1.0, sspm v1.0, supm v1.0,
sha v1.0, zce v1.0, smcdeleg v1.0, ssccfg v1.0, svvptc v1.0, zilsd v1.0,
zclsd v1.0, smrnmi v1.0;
vendor: CORE-V, xcvbitmanip v1.0 and xcvsimd v1.0;
SiFive, xsfvqmaccdod v1.0, xsfvqmaccqoqv1.0 and xsfvfnrclipxfqf v1.0;
T-Head: xtheadvdot v1.0;
MIPS: xmipscbop v1.0, xmipscmov v1.0, xmipsexectl v1.0, xmipslsp v1.0.
* Support RISC-V privileged version 1.13, profiles 20/22/23, and
.bfloat16 directive.
* x86: Add support for these ISAs: Intel Diamond Rapids AMX, MOVRS,
AVX10.2 (including SM4), MSR_IMM; Zhaoxin PadLock PHE2, RNG2, GMI, XMODX.
Drop support for AVX10.2 256 bit rounding.
* arm: Add support for most of Armv9.6, enabled by -march=armv9.6-a and
extensions '+cmpbr', '+f8f16mm', '+f8f32mm', '+fprcvt', '+lsfe', '+lsui',
'+occmo', '+pops', '+sme2p2', '+ssve-aes', '+sve-aes', '+sve-aes2',
'+sve-bfscale', '+sve-f16f32mm' and '+sve2p2'.
* Predefined symbols "GAS(version)" and, on non-release builds, "GAS(date)"
are now being made available.
* Add .errif and .warnif directives.
* linker:
- Add --image-base= option to the ELF linker to behave the same
as -Ttext-segment for compatibility with LLD.
- Add support for mixed LTO and non-LTO codes in relocatable output.
- s390: linker generates .eh_frame and/or .sframe for linker
generated .plt sections by default (can be disabled
by --no-ld-generated-unwind-info).
- riscv: add new PLT formats, and GNU property merge rules for zicfiss
and zicfilp extensions.
- gold is no longer included

- Contains fixes for these non-CVEs (not security bugs per upstreams
SECURITY.md):

* bsc#1236632 aka CVE-2025-0840 aka PR32560
* bsc#1236977 aka CVE-2025-1149 aka PR32576
* bsc#1236978 aka CVE-2025-1148 aka PR32576
* bsc#1236999 aka CVE-2025-1176 aka PR32636
* bsc#1237000 aka CVE-2025-1153 aka PR32603
* bsc#1237001 aka CVE-2025-1152 aka PR32576
* bsc#1237003 aka CVE-2025-1151 aka PR32576
* bsc#1237005 aka CVE-2025-1150 aka PR32576
* bsc#1237018 aka CVE-2025-1178 aka PR32638
* bsc#1237019 aka CVE-2025-1181 aka PR32643
* bsc#1237020 aka CVE-2025-1180 aka PR32642
* bsc#1237021 aka CVE-2025-1179 aka PR32640
* bsc#1237042 aka CVE-2025-1182 aka PR32644
* bsc#1240870 aka CVE-2025-3198 aka PR32716
* bsc#1243756 aka CVE-2025-5244 aka PR32858
* bsc#1243760 aka CVE-2025-5245 aka PR32829
* bsc#1246481 aka CVE-2025-7545 aka PR33049
* bsc#1246486 aka CVE-2025-7546 aka PR33050
* bsc#1247114 aka CVE-2025-8224 aka PR32109
* bsc#1247117 aka CVE-2025-8225 no PR
* bsc#1236976 aka CVE-2025-1147 aka PR32556
* bsc#1250632 aka CVE-2025-11083 aka PR33457
* bsc#1251275 aka CVE-2025-11412 aka PR33452
* bsc#1251276 aka CVE-2025-11413 aka PR33456
* bsc#1251277 aka CVE-2025-11414 aka PR33450
* bsc#1251794 aka CVE-2025-11494 aka PR33499
* bsc#1251795 aka CVE-2025-11495 aka PR33502
binutils-2.43-branch.diff.gz

Patch instructions:

To install this openSUSE security update use the suse recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

- openSUSE Leap 16.0

zypper in -t patch openSUSE-Leap-16.0-98=1

Package List:

- openSUSE Leap 16.0:

binutils-2.45-160000.1.1
binutils-devel-2.45-160000.1.1
bpftool-7.5.0-160000.2.2
bpftool-bash-completion-7.5.0-160000.2.2
cross-aarch64-binutils-2.45-160000.1.1
cross-arm-binutils-2.45-160000.1.1
cross-avr-binutils-2.45-160000.1.1
cross-bpf-binutils-2.45-160000.1.1
cross-epiphany-binutils-2.45-160000.1.1
cross-hppa-binutils-2.45-160000.1.1
cross-hppa64-binutils-2.45-160000.1.1
cross-i386-binutils-2.45-160000.1.1
cross-ia64-binutils-2.45-160000.1.1
cross-loongarch64-binutils-2.45-160000.1.1
cross-m68k-binutils-2.45-160000.1.1
cross-mips-binutils-2.45-160000.1.1
cross-ppc-binutils-2.45-160000.1.1
cross-ppc64-binutils-2.45-160000.1.1
cross-ppc64le-binutils-2.45-160000.1.1
cross-pru-binutils-2.45-160000.1.1
cross-riscv64-binutils-2.45-160000.1.1
cross-rx-binutils-2.45-160000.1.1
cross-s390-binutils-2.45-160000.1.1
cross-s390x-binutils-2.45-160000.1.1
cross-sparc-binutils-2.45-160000.1.1
cross-sparc64-binutils-2.45-160000.1.1
cross-spu-binutils-2.45-160000.1.1
cross-x86_64-binutils-2.45-160000.1.1
cross-xtensa-binutils-2.45-160000.1.1
gprofng-2.45-160000.1.1
libctf-nobfd0-2.45-160000.1.1
libctf0-2.45-160000.1.1

References:

* https://www.suse.com/security/cve/CVE-2025-0840.html
* https://www.suse.com/security/cve/CVE-2025-11083.html
* https://www.suse.com/security/cve/CVE-2025-11412.html
* https://www.suse.com/security/cve/CVE-2025-11413.html
* https://www.suse.com/security/cve/CVE-2025-11414.html
* https://www.suse.com/security/cve/CVE-2025-1147.html
* https://www.suse.com/security/cve/CVE-2025-1148.html
* https://www.suse.com/security/cve/CVE-2025-1149.html
* https://www.suse.com/security/cve/CVE-2025-11494.html
* https://www.suse.com/security/cve/CVE-2025-11495.html
* https://www.suse.com/security/cve/CVE-2025-1150.html
* https://www.suse.com/security/cve/CVE-2025-1151.html
* https://www.suse.com/security/cve/CVE-2025-1152.html
* https://www.suse.com/security/cve/CVE-2025-1153.html
* https://www.suse.com/security/cve/CVE-2025-1176.html
* https://www.suse.com/security/cve/CVE-2025-1178.html
* https://www.suse.com/security/cve/CVE-2025-1179.html
* https://www.suse.com/security/cve/CVE-2025-1180.html
* https://www.suse.com/security/cve/CVE-2025-1181.html
* https://www.suse.com/security/cve/CVE-2025-1182.html
* https://www.suse.com/security/cve/CVE-2025-3198.html
* https://www.suse.com/security/cve/CVE-2025-5244.html
* https://www.suse.com/security/cve/CVE-2025-5245.html
* https://www.suse.com/security/cve/CVE-2025-7545.html
* https://www.suse.com/security/cve/CVE-2025-7546.html
* https://www.suse.com/security/cve/CVE-2025-8224.html
* https://www.suse.com/security/cve/CVE-2025-8225.html


Wireshark, Firefox, MySQL, and more updates for AlmaLinux

Linux Kernel update for Ubuntu LTS

Windows

Linux

macOS

Community

  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...