SUSE-SU-2025:03285-1: important: Security update for mybatis, ognl
SUSE-SU-2025:03289-1: moderate: Security update for govulncheck-vulndb
SUSE-SU-2025:03294-1: moderate: Security update for wireshark
SUSE-SU-2025:03291-1: important: Security update for MozillaFirefox
SUSE-SU-2025:03285-1: important: Security update for mybatis, ognl
# Security update for mybatis, ognl
Announcement ID: SUSE-SU-2025:03285-1
Release Date: 2025-09-21T09:18:15Z
Rating: important
References:
* bsc#1248252
Cross-References:
* CVE-2025-53192
CVSS scores:
* CVE-2025-53192 ( SUSE ): 8.6
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-53192 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L
* CVE-2025-53192 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products:
* openSUSE Leap 15.6
An update that solves one vulnerability can now be installed.
## Description:
This update for mybatis, ognl fixes the following issues:
Version update to 3.5.7:
* Bug fixes:
* Improved performance under JDK 8. #2223
Version update to 3.5.8:
* List of changes:
* Avoid NullPointerException when mapping an empty string to java.lang.Character. #2368
* Fixed an incorrect argument when initializing static object. This resolves a compatibility issue with quarkus-mybatis. #2284
* Performance improvements. #2297 #2335 #2340
Version update to 3.5.9:
* List of changes:
* Add nullable to . If enabled, it skips the iteration when the collection is null instead of throwing an exception. To enable this feature globally, set nullableOnForEach=true in the config. #1883
Version update to 3.5.10:
* Bug fixes:
* Unexpected illegal reflective access warning (or InaccessibleObjectException on Java 16+) when calling method in OGNL expression. #2392
* IllegalAccessException when auto-mapping Records (JEP-359) #2195
* 'interrupted' status is not set when PooledConnection#getConnection() is interrupted. #2503
* Enhancements:
* A new option argNameBasedConstructorAutoMapping is added. If enabled, constructor argument names are used to look up columns when auto-mapping. #2192
* Added a new property skipSetAutoCommitOnClose to JdbcTransactionFactory. Skipping setAutoCommit() call could improve performance with some drivers. #2426
* can now be listed after in . #2541
Version update to 3.5.11:
* Bug fixes:
* OGNL could throw IllegalArgumentException when invoking inherited method. #2609
* returnInstanceForEmptyRow is not applied to constructor auto-mapping. #2665
Version update to 3.5.12
* User impactful changes
* # 2703 Referencing collection parameter by name fails fixing
#2693
* # 2709 Fix a race condition caused by other threads calling
mapper methods while mapped tables are being constructed
* # 2727 Enable ability to provide custom configuration to
XMLConfigBuilder
* # 2731 Adding mapper could fail under JPMS
* # 2741 Add 'affectedData' attribute to @select,
@SelectProvider, and
* # 2767 Resolve resultType by namespace and id when not
provided resultType and resultMap
* # 2804 Search readable property when resolving constructor arg
type by name
* Minor correction: 'boolean' can never be null (primative)
* General library updates
* Uses parameters option for compiler now (needed by spring boot 3) (for reflection needs)
* Code cleanup
* # 2816 Use open rewrite to partially cleanup java code
* # 2817 Add private constructors per open rewrite
* # 2819 Add final where appropriate per open rewrite
* # 2825 Cleanup if statement breaks / return logic
* # 2826 Eclipse based cleanup
* Build
* # 2820 Remove test ci group profile in favor of more direct
usage on GH-Actions and update deprecated surefire along in overview in
README.md
* Adjustments to build so shaded ognl and javassist no longer throw warnings
* Build with jdk 21-ea as well now
* Various test cleanup, updates, and additions
* Turn on auto formatting of all java code including note to contributors on readme to skip formatting when necessary in code blocks
* Tests may use jdk 11 now while retaining jdk 8 runtime
* Pom cleanup / better clarification on parameters
* Documentation
* Various documentation updates
Version update to 3.5.13:
* Bug fix:
* Unable to resolve result type when the target property has a getter with different return type #2834
Version update to 3.5.14:
* Bug fixes:
* Registered type handler is not used for anonymous enums #2956
* Discriminator does not work in constructor mapping #2913
Version update to 3.5.15:
* Changes
* XNode#toString() should output all child nodes. See #3001 and associated tickets on this issue
* Fix performance of mappedColumnNames.contains by using 'set' rather than 'list'. See #3023
* Fix osgi issue with javassist. See #3031
* Updated shaded OGNL to 3.4.2. See #3035
* Add support method for generating dynamic sql on SQL class. See #2887
* General library updates
* General document updates
* Build
* We now show builds from java 11, 17, 21, and 22 on Github Actions. Code is still java 8 compatible at this time.
* Update vulnerable hsqldb to 2.7.2 fixing our tests that now work due to newer support. Note, users were never affected by this but at least one user pull request was attempted opened in addition to both renovate and dependabot and various reporting on it.
* Now using more properties to define versions in pom to lower the frequency of pull requests from renovate
Version update to 3.5.16:
* Security:
* Prevent Invocation from being used by vulnerable applications. #3115
* Bugs:
* When database ID resolution is failed, invalid bound statement is used. #3040
* Enhancements:
* It is now possible to write a custom map wrapper to customize how to map column name with dots or brackets. #13 #3062
* Performance:
* Improved compatibility with Virtual Threads introduced by Loom.
* Reduced memory footprint when performing the default (i.e. order based) constructor auto-mapping. #3113
* Build:
* Include the shaded libraries (OGNL and Javassist) in the sources.jar.
Version update to 3.5.17:
* Bugs:
* VendorDatabaseIdProvider#getDatabaseId() should return product name when properties is empty #3297
* Update NClobTypeHandler to use methods for national character set #3298
* Enhancements:
* Allow DefaultSqlSessionFactory to provide a custom SqlSession #3128
Version update to 3.5.18:
* Regressions
* Fixed issue in 3.5.17 #3334
* New
* Ignore empty xnode per #3349
* Share expression validator #3339
* Throw helpful error instead of IndexOutOfBoundsException (automapping) #3327
* Optimize mapper builder #3252
* Tests
* Add TransactionFactory, Transaction test cases #3277
* Build
* Reworked pom to match current java 17 build usage
* Moved all tests to newer java standards
* Cleaned up github actions
* Run 'site' branch only on release commits
Version update to 3.5.19:
* Revert Regression introduced by #3349.
* Initial packaging with version 3.4.7
ognl replaces the EOLed apache-commons-ognl that has an unpatched security bug
(bsc#1248252, CVE-2025-53192)
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2025-3285=1
## Package List:
* openSUSE Leap 15.6 (noarch)
* ognl-javadoc-3.4.7-150200.5.3.1
* mybatis-3.5.19-150200.5.9.1
* ognl-3.4.7-150200.5.3.1
* mybatis-javadoc-3.5.19-150200.5.9.1
## References:
* https://www.suse.com/security/cve/CVE-2025-53192.html
* https://bugzilla.suse.com/show_bug.cgi?id=1248252
SUSE-SU-2025:03289-1: moderate: Security update for govulncheck-vulndb
# Security update for govulncheck-vulndb
Announcement ID: SUSE-SU-2025:03289-1
Release Date: 2025-09-22T10:16:18Z
Rating: moderate
References:
* jsc#PED-11136
Affected Products:
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Package Hub 15 15-SP6
An update that contains one feature can now be installed.
## Description:
This update for govulncheck-vulndb fixes the following issues:
* Update to version 0.0.20250918T182144 2025-09-18T18:21:44Z (jsc#PED-11136).
Go CVE Numbering Authority IDs added or updated with aliases: * GO-2025-3915
CVE-2025-5187 GHSA-4x4m-3c2p-qppc * GO-2025-3956 CVE-2025-47906 CVE-2025-47906
* Update to version 0.0.20250917T170349 2025-09-17T17:03:49Z (jsc#PED-11136).
Go CVE Numbering Authority IDs added or updated with aliases: * GO-2025-3922
CVE-2025-58058 GHSA-jc7w-c686-c4v9 * GO-2025-3926 CVE-2025-58158
GHSA-w469-hj2f-jpr5 * GO-2025-3929 CVE-2025-58157 GHSA-9fvj-xqr2-xwg8 *
GO-2025-3938 CVE-2025-58437 GHSA-j6xf-jwrj-v5qp * GO-2025-3939 CVE-2025-7445
GHSA-rcw7-pqfp-735x * GO-2025-3940 CVE-2025-58445 GHSA-xh7v-965r-23f7 *
GO-2025-3941 CVE-2025-58450 GHSA-p46v-f2x8-qp98 * GO-2025-3942 CVE-2025-58063
GHSA-93mf-426m-g6x9 * GO-2025-3943 CVE-2025-58430 GHSA-rf24-wg77-gq7w *
GO-2025-3944 CVE-2025-54123 GHSA-r4h8-hfp2-ggmf * GO-2025-3945 CVE-2025-54376
GHSA-jxmr-2h4q-rhxp * GO-2025-3949 CVE-2025-59361 GHSA-2gcv-3qpf-c5qr *
GO-2025-3950 CVE-2025-9076 GHSA-3vcm-c42p-3hhf * GO-2025-3951 CVE-2025-59358
GHSA-2gg8-85m5-8r2p * GO-2025-3952 CVE-2025-59359 GHSA-369h-6j28-wwcg *
GO-2025-3953 CVE-2025-8396 GHSA-p768-c3pr-6459 * GO-2025-3954 CVE-2025-59360
GHSA-xv9f-728h-9jgv * GO-2025-3958 CVE-2025-9072 GHSA-69j8-prx2-vx98 *
GO-2025-3959 CVE-2025-9078 GHSA-9p92-x77w-9fw2 * GO-2025-3960 CVE-2025-9084
GHSA-hm95-jx66-g2gh * GO-2025-3961 CVE-2025-4953 GHSA-m68q-4hqr-mc6f
* Update to version 0.0.20250908T141310 2025-09-08T14:13:10Z (jsc#PED-11136).
Go CVE Numbering Authority IDs added or updated with aliases: * GO-2025-3916
CVE-2025-51667 GHSA-f2m2-4q6r-cwc4 * GO-2025-3917 CVE-2025-53884
GHSA-8ff6-pc43-jwv3 * GO-2025-3918 CVE-2025-8077 GHSA-8pxw-9c75-6w56 *
GO-2025-3919 CVE-2025-54467 GHSA-w54x-xfxg-4gxq * GO-2025-3920 GHSA-vxg3-w9rv-
rhr2 * GO-2025-3921 GHSA-3rw9-wmc8-8948 * GO-2025-3923 CVE-2024-58259
GHSA-4h45-jpvh-6p5j * GO-2025-3924 CVE-2025-6203 GHSA-8f82-53h8-2p34 *
GO-2025-3925 GHSA-v2ch-c8v8-fgr7 * GO-2025-3927 CVE-2024-52284
GHSA-6h9x-9j5v-7w9h * GO-2025-3930 CVE-2025-58355 GHSA-33pr-m977-5w97 *
GO-2025-3934 CVE-2025-55190 GHSA-786q-9hcg-v9ff * GO-2025-3935 CVE-2025-9566
GHSA-wp3j-xq48-xpjw * GO-2025-3936 CVE-2025-56760 GHSA-78j5-8vq7-jxv5 *
GO-2025-3937 CVE-2025-56761 GHSA-cgrg-86m5-xm4w
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2025-3289=1
* SUSE Package Hub 15 15-SP6
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-3289=1
## Package List:
* openSUSE Leap 15.6 (noarch)
* govulncheck-vulndb-0.0.20250918T182144-150000.1.107.1
* SUSE Package Hub 15 15-SP6 (noarch)
* govulncheck-vulndb-0.0.20250918T182144-150000.1.107.1
## References:
* https://jira.suse.com/browse/PED-11136
SUSE-SU-2025:03294-1: moderate: Security update for wireshark
# Security update for wireshark
Announcement ID: SUSE-SU-2025:03294-1
Release Date: 2025-09-22T14:11:03Z
Rating: moderate
References:
* bsc#1249090
Cross-References:
* CVE-2025-9817
CVSS scores:
* CVE-2025-9817 ( SUSE ): 6.7
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-9817 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2025-9817 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products:
* Basesystem Module 15-SP6
* Basesystem Module 15-SP7
* Desktop Applications Module 15-SP6
* Desktop Applications Module 15-SP7
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7
An update that solves one vulnerability can now be installed.
## Description:
This update for wireshark fixes the following issues:
Update to version 4.2.13.
Security issues fixed:
* CVE-2025-9817: SSH dissector crash due to NULL pointer dereference when
processing malformed packet traces (bsc#1249090).
Other issues fixed:
* Bug in UDS dissector with Service ReadDataByPeriodicIdentifier Response.
* Incorrectly parsed `application/x-www-form-urlencoded` key following a name-
value byte sequence with no `=`.
* DNP3 time stamp not working after epoch time (year 2038).
* Bug in LZ77 decoder; reads a 16-bit length when it should read a 32-bit
length.
* Further features, bug fixes and updated protocol support as listed in:
* https://www.wireshark.org/docs/relnotes/wireshark-4.2.13.html
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.6
zypper in -t patch SUSE-2025-3294=1 openSUSE-SLE-15.6-2025-3294=1
* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-3294=1
* Basesystem Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-3294=1
* Desktop Applications Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-3294=1
* Desktop Applications Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP7-2025-3294=1
## Package List:
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* wireshark-4.2.13-150600.18.26.1
* libwireshark17-debuginfo-4.2.13-150600.18.26.1
* wireshark-ui-qt-4.2.13-150600.18.26.1
* wireshark-devel-4.2.13-150600.18.26.1
* wireshark-debugsource-4.2.13-150600.18.26.1
* libwireshark17-4.2.13-150600.18.26.1
* libwiretap14-4.2.13-150600.18.26.1
* wireshark-ui-qt-debuginfo-4.2.13-150600.18.26.1
* libwiretap14-debuginfo-4.2.13-150600.18.26.1
* libwsutil15-4.2.13-150600.18.26.1
* libwsutil15-debuginfo-4.2.13-150600.18.26.1
* wireshark-debuginfo-4.2.13-150600.18.26.1
* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* wireshark-4.2.13-150600.18.26.1
* libwireshark17-debuginfo-4.2.13-150600.18.26.1
* wireshark-debugsource-4.2.13-150600.18.26.1
* libwireshark17-4.2.13-150600.18.26.1
* libwiretap14-4.2.13-150600.18.26.1
* libwiretap14-debuginfo-4.2.13-150600.18.26.1
* libwsutil15-4.2.13-150600.18.26.1
* libwsutil15-debuginfo-4.2.13-150600.18.26.1
* wireshark-debuginfo-4.2.13-150600.18.26.1
* Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* wireshark-4.2.13-150600.18.26.1
* libwireshark17-debuginfo-4.2.13-150600.18.26.1
* wireshark-debugsource-4.2.13-150600.18.26.1
* libwireshark17-4.2.13-150600.18.26.1
* libwiretap14-4.2.13-150600.18.26.1
* libwiretap14-debuginfo-4.2.13-150600.18.26.1
* libwsutil15-4.2.13-150600.18.26.1
* libwsutil15-debuginfo-4.2.13-150600.18.26.1
* wireshark-debuginfo-4.2.13-150600.18.26.1
* Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* wireshark-ui-qt-4.2.13-150600.18.26.1
* wireshark-devel-4.2.13-150600.18.26.1
* wireshark-debugsource-4.2.13-150600.18.26.1
* wireshark-ui-qt-debuginfo-4.2.13-150600.18.26.1
* wireshark-debuginfo-4.2.13-150600.18.26.1
* Desktop Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* wireshark-ui-qt-4.2.13-150600.18.26.1
* wireshark-devel-4.2.13-150600.18.26.1
* wireshark-debugsource-4.2.13-150600.18.26.1
* wireshark-ui-qt-debuginfo-4.2.13-150600.18.26.1
* wireshark-debuginfo-4.2.13-150600.18.26.1
## References:
* https://www.suse.com/security/cve/CVE-2025-9817.html
* https://bugzilla.suse.com/show_bug.cgi?id=1249090
SUSE-SU-2025:03291-1: important: Security update for MozillaFirefox
# Security update for MozillaFirefox
Announcement ID: SUSE-SU-2025:03291-1
Release Date: 2025-09-22T13:49:47Z
Rating: important
References:
* bsc#1249391
Cross-References:
* CVE-2025-10527
* CVE-2025-10528
* CVE-2025-10529
* CVE-2025-10532
* CVE-2025-10533
* CVE-2025-10536
* CVE-2025-10537
CVSS scores:
* CVE-2025-10527 ( NVD ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
* CVE-2025-10528 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
* CVE-2025-10529 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2025-10532 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2025-10533 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-10536 ( NVD ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-10537 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products:
* Desktop Applications Module 15-SP6
* Desktop Applications Module 15-SP7
* openSUSE Leap 15.6
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7
An update that solves seven vulnerabilities can now be installed.
## Description:
This update for MozillaFirefox fixes the following issues:
Firefox Extended Support Release 140.3.0 ESR (bsc#1249391).
MFSA 2025-75:
* CVE-2025-10527 (bmo#1984825) Sandbox escape due to use-after-free in the
Graphics: Canvas2D component
* CVE-2025-10528 (bmo#1986185) Sandbox escape due to undefined behavior,
invalid pointer in the Graphics: Canvas2D component
* CVE-2025-10529 (bmo#1970490) Same-origin policy bypass in the Layout
component
* CVE-2025-10532 (bmo#1979502) Incorrect boundary conditions in the
JavaScript: GC component
* CVE-2025-10533 (bmo#1980788) Integer overflow in the SVG component
* CVE-2025-10536 (bmo#1981502) Information disclosure in the Networking: Cache
component
* CVE-2025-10537 (bmo#1938220, bmo#1980730, bmo#1981280, bmo#1981283,
bmo#1984505, bmo#1985067) Memory safety bugs fixed in Firefox ESR 140.3,
Thunderbird ESR 140.3, Firefox 143 and Thunderbird 143
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2025-3291=1
* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2025-3291=1
* Desktop Applications Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-3291=1
* Desktop Applications Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP7-2025-3291=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-3291=1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-3291=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-3291=1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-3291=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-3291=1
* SUSE Linux Enterprise Server 15 SP3 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-3291=1
* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-3291=1
* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-3291=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-3291=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-3291=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-3291=1
## Package List:
* SUSE Enterprise Storage 7.1 (aarch64 x86_64)
* MozillaFirefox-translations-other-140.3.0-150200.152.201.1
* MozillaFirefox-translations-common-140.3.0-150200.152.201.1
* MozillaFirefox-debuginfo-140.3.0-150200.152.201.1
* MozillaFirefox-140.3.0-150200.152.201.1
* MozillaFirefox-debugsource-140.3.0-150200.152.201.1
* SUSE Enterprise Storage 7.1 (noarch)
* MozillaFirefox-devel-140.3.0-150200.152.201.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* MozillaFirefox-translations-other-140.3.0-150200.152.201.1
* MozillaFirefox-translations-common-140.3.0-150200.152.201.1
* MozillaFirefox-debuginfo-140.3.0-150200.152.201.1
* MozillaFirefox-140.3.0-150200.152.201.1
* MozillaFirefox-branding-upstream-140.3.0-150200.152.201.1
* MozillaFirefox-debugsource-140.3.0-150200.152.201.1
* openSUSE Leap 15.6 (noarch)
* MozillaFirefox-devel-140.3.0-150200.152.201.1
* Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* MozillaFirefox-translations-other-140.3.0-150200.152.201.1
* MozillaFirefox-translations-common-140.3.0-150200.152.201.1
* MozillaFirefox-debuginfo-140.3.0-150200.152.201.1
* MozillaFirefox-140.3.0-150200.152.201.1
* MozillaFirefox-debugsource-140.3.0-150200.152.201.1
* Desktop Applications Module 15-SP6 (noarch)
* MozillaFirefox-devel-140.3.0-150200.152.201.1
* Desktop Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* MozillaFirefox-translations-other-140.3.0-150200.152.201.1
* MozillaFirefox-translations-common-140.3.0-150200.152.201.1
* MozillaFirefox-debuginfo-140.3.0-150200.152.201.1
* MozillaFirefox-140.3.0-150200.152.201.1
* MozillaFirefox-debugsource-140.3.0-150200.152.201.1
* Desktop Applications Module 15-SP7 (noarch)
* MozillaFirefox-devel-140.3.0-150200.152.201.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
x86_64)
* MozillaFirefox-translations-other-140.3.0-150200.152.201.1
* MozillaFirefox-translations-common-140.3.0-150200.152.201.1
* MozillaFirefox-debuginfo-140.3.0-150200.152.201.1
* MozillaFirefox-140.3.0-150200.152.201.1
* MozillaFirefox-debugsource-140.3.0-150200.152.201.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
* MozillaFirefox-devel-140.3.0-150200.152.201.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* MozillaFirefox-translations-other-140.3.0-150200.152.201.1
* MozillaFirefox-translations-common-140.3.0-150200.152.201.1
* MozillaFirefox-debuginfo-140.3.0-150200.152.201.1
* MozillaFirefox-140.3.0-150200.152.201.1
* MozillaFirefox-debugsource-140.3.0-150200.152.201.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
* MozillaFirefox-devel-140.3.0-150200.152.201.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* MozillaFirefox-translations-other-140.3.0-150200.152.201.1
* MozillaFirefox-translations-common-140.3.0-150200.152.201.1
* MozillaFirefox-debuginfo-140.3.0-150200.152.201.1
* MozillaFirefox-140.3.0-150200.152.201.1
* MozillaFirefox-debugsource-140.3.0-150200.152.201.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
* MozillaFirefox-devel-140.3.0-150200.152.201.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
x86_64)
* MozillaFirefox-translations-other-140.3.0-150200.152.201.1
* MozillaFirefox-translations-common-140.3.0-150200.152.201.1
* MozillaFirefox-debuginfo-140.3.0-150200.152.201.1
* MozillaFirefox-140.3.0-150200.152.201.1
* MozillaFirefox-debugsource-140.3.0-150200.152.201.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
* MozillaFirefox-devel-140.3.0-150200.152.201.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
x86_64)
* MozillaFirefox-translations-other-140.3.0-150200.152.201.1
* MozillaFirefox-translations-common-140.3.0-150200.152.201.1
* MozillaFirefox-debuginfo-140.3.0-150200.152.201.1
* MozillaFirefox-140.3.0-150200.152.201.1
* MozillaFirefox-debugsource-140.3.0-150200.152.201.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
* MozillaFirefox-devel-140.3.0-150200.152.201.1
* SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
* MozillaFirefox-translations-other-140.3.0-150200.152.201.1
* MozillaFirefox-translations-common-140.3.0-150200.152.201.1
* MozillaFirefox-debuginfo-140.3.0-150200.152.201.1
* MozillaFirefox-140.3.0-150200.152.201.1
* MozillaFirefox-debugsource-140.3.0-150200.152.201.1
* SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
* MozillaFirefox-devel-140.3.0-150200.152.201.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* MozillaFirefox-translations-other-140.3.0-150200.152.201.1
* MozillaFirefox-translations-common-140.3.0-150200.152.201.1
* MozillaFirefox-debuginfo-140.3.0-150200.152.201.1
* MozillaFirefox-140.3.0-150200.152.201.1
* MozillaFirefox-debugsource-140.3.0-150200.152.201.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
* MozillaFirefox-devel-140.3.0-150200.152.201.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* MozillaFirefox-translations-other-140.3.0-150200.152.201.1
* MozillaFirefox-translations-common-140.3.0-150200.152.201.1
* MozillaFirefox-debuginfo-140.3.0-150200.152.201.1
* MozillaFirefox-140.3.0-150200.152.201.1
* MozillaFirefox-debugsource-140.3.0-150200.152.201.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
* MozillaFirefox-devel-140.3.0-150200.152.201.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
* MozillaFirefox-translations-other-140.3.0-150200.152.201.1
* MozillaFirefox-translations-common-140.3.0-150200.152.201.1
* MozillaFirefox-debuginfo-140.3.0-150200.152.201.1
* MozillaFirefox-140.3.0-150200.152.201.1
* MozillaFirefox-debugsource-140.3.0-150200.152.201.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
* MozillaFirefox-devel-140.3.0-150200.152.201.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* MozillaFirefox-translations-other-140.3.0-150200.152.201.1
* MozillaFirefox-translations-common-140.3.0-150200.152.201.1
* MozillaFirefox-debuginfo-140.3.0-150200.152.201.1
* MozillaFirefox-140.3.0-150200.152.201.1
* MozillaFirefox-debugsource-140.3.0-150200.152.201.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
* MozillaFirefox-devel-140.3.0-150200.152.201.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* MozillaFirefox-translations-other-140.3.0-150200.152.201.1
* MozillaFirefox-translations-common-140.3.0-150200.152.201.1
* MozillaFirefox-debuginfo-140.3.0-150200.152.201.1
* MozillaFirefox-140.3.0-150200.152.201.1
* MozillaFirefox-debugsource-140.3.0-150200.152.201.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
* MozillaFirefox-devel-140.3.0-150200.152.201.1
## References:
* https://www.suse.com/security/cve/CVE-2025-10527.html
* https://www.suse.com/security/cve/CVE-2025-10528.html
* https://www.suse.com/security/cve/CVE-2025-10529.html
* https://www.suse.com/security/cve/CVE-2025-10532.html
* https://www.suse.com/security/cve/CVE-2025-10533.html
* https://www.suse.com/security/cve/CVE-2025-10536.html
* https://www.suse.com/security/cve/CVE-2025-10537.html
* https://bugzilla.suse.com/show_bug.cgi?id=1249391
