openSUSE-SU-2025:0041-1: moderate: Security update for libjxl
openSUSE-SU-2025:0039-1: important: Security update for stb
openSUSE-SU-2025:14716-1: moderate: libQt5Bluetooth5-32bit-5.15.16+kde2-1.1 on GA media
openSUSE-SU-2025:14718-1: moderate: python311-ipython-8.31.0-1.1 on GA media
openSUSE-SU-2025:14717-1: moderate: owasp-modsecurity-crs-4.10.0-1.1 on GA media
openSUSE-SU-2025:14715-1: moderate: dovecot24-2.4.0-1.1 on GA media
openSUSE-SU-2025:14714-1: moderate: apptainer-1.3.6-4.1 on GA media
SUSE-SU-2025:0313-1: moderate: Security update for apptainer
SUSE-SU-2025:0310-1: moderate: Security update for python-pydantic
openSUSE-SU-2025:0041-1: moderate: Security update for libjxl
openSUSE Security Update: Security update for libjxl
_______________________________
Announcement ID: openSUSE-SU-2025:0041-1
Rating: moderate
References: #1233785
Cross-References: CVE-2024-11498
CVSS scores:
CVE-2024-11498 (SUSE): 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
Affected Products:
openSUSE Backports SLE-15-SP5
_______________________________
An update that fixes one vulnerability is now available.
Description:
This update for libjxl fixes the following issues:
- CVE-2024-11498: Fixed denial of service by checking height limit in
modular trees (boo#1233785).
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP5:
zypper in -t patch openSUSE-2025-41=1
Package List:
- openSUSE Backports SLE-15-SP5 (aarch64 s390x x86_64):
libjxl-devel-0.8.2-bp155.2.6.1
libjxl-tools-0.8.2-bp155.2.6.1
libjxl0_8-0.8.2-bp155.2.6.1
- openSUSE Backports SLE-15-SP5 (aarch64_ilp32):
libjxl0_8-64bit-0.8.2-bp155.2.6.1
References:
https://www.suse.com/security/cve/CVE-2024-11498.html
https://bugzilla.suse.com/1233785
openSUSE-SU-2025:0039-1: important: Security update for stb
openSUSE Security Update: Security update for stb
_______________________________
Announcement ID: openSUSE-SU-2025:0039-1
Rating: important
References: #1216478
Cross-References: CVE-2019-13217 CVE-2019-13218 CVE-2019-13219
CVE-2019-13220 CVE-2019-13221 CVE-2019-13222
CVE-2019-13223
Affected Products:
openSUSE Backports SLE-15-SP6
_______________________________
An update that fixes 7 vulnerabilities is now available.
Description:
This update for stb fixes the following issues:
Addressing the follow security issues (boo#1216478):
* CVE-2019-13217: heap buffer overflow in start_decoder()
* CVE-2019-13218: stack buffer overflow in compute_codewords()
* CVE-2019-13219: uninitialized memory in vorbis_decode_packet_rest()
* CVE-2019-13220: out-of-range read in draw_line()
* CVE-2019-13221: issue with large 1D codebooks in lookup1_values()
* CVE-2019-13222: unchecked NULL returned by get_window()
* CVE-2019-13223: division by zero in predict_point()
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP6:
zypper in -t patch openSUSE-2025-39=1
Package List:
- openSUSE Backports SLE-15-SP6 (noarch):
stb-devel-20240910-bp156.2.3.1
References:
https://www.suse.com/security/cve/CVE-2019-13217.html
https://www.suse.com/security/cve/CVE-2019-13218.html
https://www.suse.com/security/cve/CVE-2019-13219.html
https://www.suse.com/security/cve/CVE-2019-13220.html
https://www.suse.com/security/cve/CVE-2019-13221.html
https://www.suse.com/security/cve/CVE-2019-13222.html
https://www.suse.com/security/cve/CVE-2019-13223.html
https://bugzilla.suse.com/1216478
openSUSE-SU-2025:14716-1: moderate: libQt5Bluetooth5-32bit-5.15.16+kde2-1.1 on GA media
# libQt5Bluetooth5-32bit-5.15.16+kde2-1.1 on GA media
Announcement ID: openSUSE-SU-2025:14716-1
Rating: moderate
Cross-References:
* CVE-2025-23050
CVSS scores:
* CVE-2025-23050 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H
* CVE-2025-23050 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
Affected Products:
* openSUSE Tumbleweed
An update that solves one vulnerability can now be installed.
## Description:
These are all security issues fixed in the libQt5Bluetooth5-32bit-5.15.16+kde2-1.1 package on the GA media of openSUSE Tumbleweed.
## Package List:
* openSUSE Tumbleweed:
* libQt5Bluetooth5 5.15.16+kde2-1.1
* libQt5Bluetooth5-32bit 5.15.16+kde2-1.1
* libQt5Bluetooth5-imports 5.15.16+kde2-1.1
* libQt5Nfc5 5.15.16+kde2-1.1
* libQt5Nfc5-32bit 5.15.16+kde2-1.1
* libQt5Nfc5-imports 5.15.16+kde2-1.1
* libqt5-qtconnectivity-devel 5.15.16+kde2-1.1
* libqt5-qtconnectivity-devel-32bit 5.15.16+kde2-1.1
* libqt5-qtconnectivity-examples 5.15.16+kde2-1.1
* libqt5-qtconnectivity-private-headers-devel 5.15.16+kde2-1.1
* libqt5-qtconnectivity-tools 5.15.16+kde2-1.1
## References:
* https://www.suse.com/security/cve/CVE-2025-23050.html
openSUSE-SU-2025:14718-1: moderate: python311-ipython-8.31.0-1.1 on GA media
# python311-ipython-8.31.0-1.1 on GA media
Announcement ID: openSUSE-SU-2025:14718-1
Rating: moderate
Cross-References:
* CVE-2022-21699
CVSS scores:
* CVE-2022-21699 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Affected Products:
* openSUSE Tumbleweed
An update that solves one vulnerability can now be installed.
## Description:
These are all security issues fixed in the python311-ipython-8.31.0-1.1 package on the GA media of openSUSE Tumbleweed.
## Package List:
* openSUSE Tumbleweed:
* python311-ipython 8.31.0-1.1
* python312-ipython 8.31.0-1.1
* python313-ipython 8.31.0-1.1
## References:
* https://www.suse.com/security/cve/CVE-2022-21699.html
openSUSE-SU-2025:14717-1: moderate: owasp-modsecurity-crs-4.10.0-1.1 on GA media
# owasp-modsecurity-crs-4.10.0-1.1 on GA media
Announcement ID: openSUSE-SU-2025:14717-1
Rating: moderate
Cross-References:
* CVE-2023-5003
Affected Products:
* openSUSE Tumbleweed
An update that solves one vulnerability can now be installed.
## Description:
These are all security issues fixed in the owasp-modsecurity-crs-4.10.0-1.1 package on the GA media of openSUSE Tumbleweed.
## Package List:
* openSUSE Tumbleweed:
* owasp-modsecurity-crs 4.10.0-1.1
* owasp-modsecurity-crs-apache2 4.10.0-1.1
## References:
* https://www.suse.com/security/cve/CVE-2023-5003.html
openSUSE-SU-2025:14715-1: moderate: dovecot24-2.4.0-1.1 on GA media
# dovecot24-2.4.0-1.1 on GA media
Announcement ID: openSUSE-SU-2025:14715-1
Rating: moderate
Cross-References:
* CVE-2017-14461
* CVE-2017-15130
* CVE-2017-15132
* CVE-2019-10691
* CVE-2019-11494
* CVE-2019-11499
* CVE-2019-11500
* CVE-2019-19722
* CVE-2019-3814
* CVE-2019-7524
* CVE-2020-10957
* CVE-2020-10958
* CVE-2020-10967
* CVE-2020-12100
* CVE-2020-12673
* CVE-2020-12674
* CVE-2020-24386
* CVE-2020-28200
* CVE-2020-7046
* CVE-2020-7957
* CVE-2021-29157
* CVE-2021-33515
* CVE-2024-23184
* CVE-2024-23185
CVSS scores:
* CVE-2017-14461 ( SUSE ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2017-15130 ( SUSE ): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2017-15132 ( SUSE ): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2019-10691 ( SUSE ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2019-11500 ( SUSE ): 8.1 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2019-3814 ( SUSE ): 8.2 CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N
* CVE-2019-7524 ( SUSE ): 6.7 CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2020-10957 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2020-10958 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2020-10967 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2020-12100 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2020-12673 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2020-12674 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2020-24386 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N
* CVE-2020-28200 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2021-29157 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
* CVE-2021-33515 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
* CVE-2024-23184 ( SUSE ): 5.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
* CVE-2024-23184 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L
* CVE-2024-23185 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
* CVE-2024-23185 ( SUSE ): 8.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
Affected Products:
* openSUSE Tumbleweed
An update that solves 24 vulnerabilities can now be installed.
## Description:
These are all security issues fixed in the dovecot24-2.4.0-1.1 package on the GA media of openSUSE Tumbleweed.
## Package List:
* openSUSE Tumbleweed:
* dovecot24 2.4.0-1.1
* dovecot24-backend-mysql 2.4.0-1.1
* dovecot24-backend-pgsql 2.4.0-1.1
* dovecot24-backend-sqlite 2.4.0-1.1
* dovecot24-devel 2.4.0-1.1
* dovecot24-fts 2.4.0-1.1
* dovecot24-fts-flatcurve 2.4.0-1.1
* dovecot24-fts-solr 2.4.0-1.1
## References:
* https://www.suse.com/security/cve/CVE-2017-14461.html
* https://www.suse.com/security/cve/CVE-2017-15130.html
* https://www.suse.com/security/cve/CVE-2017-15132.html
* https://www.suse.com/security/cve/CVE-2019-10691.html
* https://www.suse.com/security/cve/CVE-2019-11494.html
* https://www.suse.com/security/cve/CVE-2019-11499.html
* https://www.suse.com/security/cve/CVE-2019-11500.html
* https://www.suse.com/security/cve/CVE-2019-19722.html
* https://www.suse.com/security/cve/CVE-2019-3814.html
* https://www.suse.com/security/cve/CVE-2019-7524.html
* https://www.suse.com/security/cve/CVE-2020-10957.html
* https://www.suse.com/security/cve/CVE-2020-10958.html
* https://www.suse.com/security/cve/CVE-2020-10967.html
* https://www.suse.com/security/cve/CVE-2020-12100.html
* https://www.suse.com/security/cve/CVE-2020-12673.html
* https://www.suse.com/security/cve/CVE-2020-12674.html
* https://www.suse.com/security/cve/CVE-2020-24386.html
* https://www.suse.com/security/cve/CVE-2020-28200.html
* https://www.suse.com/security/cve/CVE-2020-7046.html
* https://www.suse.com/security/cve/CVE-2020-7957.html
* https://www.suse.com/security/cve/CVE-2021-29157.html
* https://www.suse.com/security/cve/CVE-2021-33515.html
* https://www.suse.com/security/cve/CVE-2024-23184.html
* https://www.suse.com/security/cve/CVE-2024-23185.html
openSUSE-SU-2025:14714-1: moderate: apptainer-1.3.6-4.1 on GA media
# apptainer-1.3.6-4.1 on GA media
Announcement ID: openSUSE-SU-2025:14714-1
Rating: moderate
Cross-References:
* CVE-2023-45288
CVSS scores:
* CVE-2023-45288 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2023-45288 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
Affected Products:
* openSUSE Tumbleweed
An update that solves one vulnerability can now be installed.
## Description:
These are all security issues fixed in the apptainer-1.3.6-4.1 package on the GA media of openSUSE Tumbleweed.
## Package List:
* openSUSE Tumbleweed:
* apptainer 1.3.6-4.1
* apptainer-leap 1.3.6-4.1
* apptainer-sle15_5 1.3.6-4.1
* apptainer-sle15_6 1.3.6-4.1
* apptainer-sle15_7 1.3.6-4.1
## References:
* https://www.suse.com/security/cve/CVE-2023-45288.html
SUSE-SU-2025:0313-1: moderate: Security update for apptainer
# Security update for apptainer
Announcement ID: SUSE-SU-2025:0313-1
Release Date: 2025-01-31T15:03:56Z
Rating: moderate
References:
* bsc#1236528
Cross-References:
* CVE-2023-45288
* CVE-2024-3727
CVSS scores:
* CVE-2023-45288 ( SUSE ): 6.9
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2023-45288 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-3727 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
* CVE-2024-3727 ( NVD ): 8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
Affected Products:
* HPC Module 15-SP6
* openSUSE Leap 15.6
* SUSE Linux Enterprise Server 15 SP6
An update that solves two vulnerabilities can now be installed.
## Description:
This update for apptainer fixes the following issues:
* CVE-2023-45288: Fixed unclosed connections when receiving too many headers
in golang.org/x/net/http2 (bsc#1236528)
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.6
zypper in -t patch SUSE-2025-313=1 openSUSE-SLE-15.6-2025-313=1
* HPC Module 15-SP6
zypper in -t patch SUSE-SLE-Module-HPC-15-SP6-2025-313=1
## Package List:
* openSUSE Leap 15.6 (noarch)
* apptainer-sle15_7-1.3.6-150600.4.6.1
* apptainer-sle15_5-1.3.6-150600.4.6.1
* apptainer-leap-1.3.6-150600.4.6.1
* apptainer-sle15_6-1.3.6-150600.4.6.1
* openSUSE Leap 15.6 (aarch64 x86_64)
* apptainer-1.3.6-150600.4.6.1
* apptainer-debuginfo-1.3.6-150600.4.6.1
* HPC Module 15-SP6 (aarch64 x86_64)
* apptainer-1.3.6-150600.4.6.1
* apptainer-debuginfo-1.3.6-150600.4.6.1
* HPC Module 15-SP6 (noarch)
* apptainer-sle15_6-1.3.6-150600.4.6.1
## References:
* https://www.suse.com/security/cve/CVE-2023-45288.html
* https://www.suse.com/security/cve/CVE-2024-3727.html
* https://bugzilla.suse.com/show_bug.cgi?id=1236528
SUSE-SU-2025:0310-1: moderate: Security update for python-pydantic
# Security update for python-pydantic
Announcement ID: SUSE-SU-2025:0310-1
Release Date: 2025-01-31T12:42:14Z
Rating: moderate
References:
* bsc#1222806
Cross-References:
* CVE-2024-3772
CVSS scores:
* CVE-2024-3772 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
* openSUSE Leap 15.4
* openSUSE Leap 15.6
* Public Cloud Module 15-SP4
* Python 3 Module 15-SP6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3
An update that solves one vulnerability can now be installed.
## Description:
This update for python-pydantic fixes the following issues:
* CVE-2024-3772: Fixed Regular expression DoS (bsc#1222806)
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.4
zypper in -t patch SUSE-2025-310=1
* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2025-310=1
* Public Cloud Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2025-310=1
* Python 3 Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2025-310=1
## Package List:
* openSUSE Leap 15.4 (noarch)
* python311-pydantic-1.10.8-150400.9.10.1
* openSUSE Leap 15.6 (noarch)
* python311-pydantic-1.10.8-150400.9.10.1
* Public Cloud Module 15-SP4 (noarch)
* python311-pydantic-1.10.8-150400.9.10.1
* Python 3 Module 15-SP6 (noarch)
* python311-pydantic-1.10.8-150400.9.10.1
## References:
* https://www.suse.com/security/cve/CVE-2024-3772.html
* https://bugzilla.suse.com/show_bug.cgi?id=1222806