PAM, Flake-Pilot, Thunderbird, and more updates for SUSE

SUSE 5495 Published 2025-08-23 08:06 by Philipp Esselbach

News

SUSE Linux has implemented a series of security updates, which include pam, flake-pilot, Thunderbird, aide, abseil-cpp-devel, ImageMagick, gdk-pixbuf, glibc, pdns-recursor, and ruby3.4-rubygem-activerecord:

openSUSE-SU-2025:15478-1: moderate: pam-1.7.1-3.1 on GA media
openSUSE-SU-2025:15476-1: moderate: flake-pilot-3.1.21-1.1 on GA media
openSUSE-SU-2025:15473-1: moderate: MozillaThunderbird-140.2.0-1.1 on GA media
openSUSE-SU-2025:15475-1: moderate: aide-0.19.2-1.1 on GA media
openSUSE-SU-2025:15474-1: moderate: abseil-cpp-devel-20250814.0-2.1 on GA media
openSUSE-SU-2025:15472-1: moderate: ImageMagick-7.1.2.1-1.1 on GA media
SUSE-SU-2025:02963-1: important: Security update for gdk-pixbuf
SUSE-SU-2025:02964-1: moderate: Security update for glibc
openSUSE-SU-2025:15479-1: moderate: pdns-recursor-5.2.5-1.1 on GA media
openSUSE-SU-2025:15480-1: moderate: ruby3.4-rubygem-activerecord-8.0-8.0.1-2.1 on GA media

openSUSE-SU-2025:15478-1: moderate: pam-1.7.1-3.1 on GA media

# pam-1.7.1-3.1 on GA media

Announcement ID: openSUSE-SU-2025:15478-1
Rating: moderate

Cross-References:

* CVE-2024-10041

CVSS scores:

* CVE-2024-10041 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2024-10041 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the pam-1.7.1-3.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* pam 1.7.1-3.1
* pam-32bit 1.7.1-3.1
* pam-devel 1.7.1-3.1
* pam-devel-32bit 1.7.1-3.1

## References:

* https://www.suse.com/security/cve/CVE-2024-10041.html

openSUSE-SU-2025:15476-1: moderate: flake-pilot-3.1.21-1.1 on GA media

# flake-pilot-3.1.21-1.1 on GA media

Announcement ID: openSUSE-SU-2025:15476-1
Rating: moderate

Cross-References:

* CVE-2025-55159

CVSS scores:

* CVE-2025-55159 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H
* CVE-2025-55159 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the flake-pilot-3.1.21-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* flake-pilot 3.1.21-1.1
* flake-pilot-firecracker 3.1.21-1.1
* flake-pilot-firecracker-dracut-netstart 3.1.21-1.1
* flake-pilot-firecracker-guestvm-tools 3.1.21-1.1
* flake-pilot-podman 3.1.21-1.1

## References:

* https://www.suse.com/security/cve/CVE-2025-55159.html

openSUSE-SU-2025:15473-1: moderate: MozillaThunderbird-140.2.0-1.1 on GA media

# MozillaThunderbird-140.2.0-1.1 on GA media

Announcement ID: openSUSE-SU-2025:15473-1
Rating: moderate

Cross-References:

* CVE-2025-9179
* CVE-2025-9180
* CVE-2025-9181
* CVE-2025-9182
* CVE-2025-9184
* CVE-2025-9185

CVSS scores:

* CVE-2025-9179 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-9180 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
* CVE-2025-9181 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
* CVE-2025-9182 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2025-9184 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-9185 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products:

* openSUSE Tumbleweed

An update that solves 6 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the MozillaThunderbird-140.2.0-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* MozillaThunderbird 140.2.0-1.1
* MozillaThunderbird-openpgp-librnp 140.2.0-1.1
* MozillaThunderbird-translations-common 140.2.0-1.1
* MozillaThunderbird-translations-other 140.2.0-1.1

## References:

* https://www.suse.com/security/cve/CVE-2025-9179.html
* https://www.suse.com/security/cve/CVE-2025-9180.html
* https://www.suse.com/security/cve/CVE-2025-9181.html
* https://www.suse.com/security/cve/CVE-2025-9182.html
* https://www.suse.com/security/cve/CVE-2025-9184.html
* https://www.suse.com/security/cve/CVE-2025-9185.html

openSUSE-SU-2025:15475-1: moderate: aide-0.19.2-1.1 on GA media

# aide-0.19.2-1.1 on GA media

Announcement ID: openSUSE-SU-2025:15475-1
Rating: moderate

Cross-References:

* CVE-2025-54389
* CVE-2025-54409

Affected Products:

* openSUSE Tumbleweed

An update that solves 2 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the aide-0.19.2-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* aide 0.19.2-1.1
* aide-test 0.19.2-1.1

## References:

* https://www.suse.com/security/cve/CVE-2025-54389.html
* https://www.suse.com/security/cve/CVE-2025-54409.html

openSUSE-SU-2025:15474-1: moderate: abseil-cpp-devel-20250814.0-2.1 on GA media

# abseil-cpp-devel-20250814.0-2.1 on GA media

Announcement ID: openSUSE-SU-2025:15474-1
Rating: moderate

Cross-References:

* CVE-2025-0838

CVSS scores:

* CVE-2025-0838 ( SUSE ): 5.6 CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:L/I:H/A:L
* CVE-2025-0838 ( SUSE ): 5.9 CVSS:4.0/AV:A/AC:H/AT:P/PR:L/UI:A/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the abseil-cpp-devel-20250814.0-2.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* abseil-cpp-devel 20250814.0-2.1
* libabsl_base2508_0_0 20250814.0-2.1
* libabsl_base2508_0_0-32bit 20250814.0-2.1
* libabsl_city2508_0_0 20250814.0-2.1
* libabsl_city2508_0_0-32bit 20250814.0-2.1
* libabsl_civil_time2508_0_0 20250814.0-2.1
* libabsl_civil_time2508_0_0-32bit 20250814.0-2.1
* libabsl_cord2508_0_0 20250814.0-2.1
* libabsl_cord2508_0_0-32bit 20250814.0-2.1
* libabsl_cord_internal2508_0_0 20250814.0-2.1
* libabsl_cord_internal2508_0_0-32bit 20250814.0-2.1
* libabsl_cordz_functions2508_0_0 20250814.0-2.1
* libabsl_cordz_functions2508_0_0-32bit 20250814.0-2.1
* libabsl_cordz_handle2508_0_0 20250814.0-2.1
* libabsl_cordz_handle2508_0_0-32bit 20250814.0-2.1
* libabsl_cordz_info2508_0_0 20250814.0-2.1
* libabsl_cordz_info2508_0_0-32bit 20250814.0-2.1
* libabsl_cordz_sample_token2508_0_0 20250814.0-2.1
* libabsl_cordz_sample_token2508_0_0-32bit 20250814.0-2.1
* libabsl_crc32c2508_0_0 20250814.0-2.1
* libabsl_crc32c2508_0_0-32bit 20250814.0-2.1
* libabsl_crc_cord_state2508_0_0 20250814.0-2.1
* libabsl_crc_cord_state2508_0_0-32bit 20250814.0-2.1
* libabsl_crc_cpu_detect2508_0_0 20250814.0-2.1
* libabsl_crc_cpu_detect2508_0_0-32bit 20250814.0-2.1
* libabsl_crc_internal2508_0_0 20250814.0-2.1
* libabsl_crc_internal2508_0_0-32bit 20250814.0-2.1
* libabsl_debugging_internal2508_0_0 20250814.0-2.1
* libabsl_debugging_internal2508_0_0-32bit 20250814.0-2.1
* libabsl_decode_rust_punycode2508_0_0 20250814.0-2.1
* libabsl_decode_rust_punycode2508_0_0-32bit 20250814.0-2.1
* libabsl_demangle_internal2508_0_0 20250814.0-2.1
* libabsl_demangle_internal2508_0_0-32bit 20250814.0-2.1
* libabsl_demangle_rust2508_0_0 20250814.0-2.1
* libabsl_demangle_rust2508_0_0-32bit 20250814.0-2.1
* libabsl_die_if_null2508_0_0 20250814.0-2.1
* libabsl_die_if_null2508_0_0-32bit 20250814.0-2.1
* libabsl_examine_stack2508_0_0 20250814.0-2.1
* libabsl_examine_stack2508_0_0-32bit 20250814.0-2.1
* libabsl_exponential_biased2508_0_0 20250814.0-2.1
* libabsl_exponential_biased2508_0_0-32bit 20250814.0-2.1
* libabsl_failure_signal_handler2508_0_0 20250814.0-2.1
* libabsl_failure_signal_handler2508_0_0-32bit 20250814.0-2.1
* libabsl_flags_commandlineflag2508_0_0 20250814.0-2.1
* libabsl_flags_commandlineflag2508_0_0-32bit 20250814.0-2.1
* libabsl_flags_commandlineflag_internal2508_0_0 20250814.0-2.1
* libabsl_flags_commandlineflag_internal2508_0_0-32bit 20250814.0-2.1
* libabsl_flags_config2508_0_0 20250814.0-2.1
* libabsl_flags_config2508_0_0-32bit 20250814.0-2.1
* libabsl_flags_internal2508_0_0 20250814.0-2.1
* libabsl_flags_internal2508_0_0-32bit 20250814.0-2.1
* libabsl_flags_marshalling2508_0_0 20250814.0-2.1
* libabsl_flags_marshalling2508_0_0-32bit 20250814.0-2.1
* libabsl_flags_parse2508_0_0 20250814.0-2.1
* libabsl_flags_parse2508_0_0-32bit 20250814.0-2.1
* libabsl_flags_private_handle_accessor2508_0_0 20250814.0-2.1
* libabsl_flags_private_handle_accessor2508_0_0-32bit 20250814.0-2.1
* libabsl_flags_program_name2508_0_0 20250814.0-2.1
* libabsl_flags_program_name2508_0_0-32bit 20250814.0-2.1
* libabsl_flags_reflection2508_0_0 20250814.0-2.1
* libabsl_flags_reflection2508_0_0-32bit 20250814.0-2.1
* libabsl_flags_usage2508_0_0 20250814.0-2.1
* libabsl_flags_usage2508_0_0-32bit 20250814.0-2.1
* libabsl_flags_usage_internal2508_0_0 20250814.0-2.1
* libabsl_flags_usage_internal2508_0_0-32bit 20250814.0-2.1
* libabsl_graphcycles_internal2508_0_0 20250814.0-2.1
* libabsl_graphcycles_internal2508_0_0-32bit 20250814.0-2.1
* libabsl_hash2508_0_0 20250814.0-2.1
* libabsl_hash2508_0_0-32bit 20250814.0-2.1
* libabsl_hashtable_profiler2508_0_0 20250814.0-2.1
* libabsl_hashtable_profiler2508_0_0-32bit 20250814.0-2.1
* libabsl_hashtablez_sampler2508_0_0 20250814.0-2.1
* libabsl_hashtablez_sampler2508_0_0-32bit 20250814.0-2.1
* libabsl_int128-2508_0_0 20250814.0-2.1
* libabsl_int128-2508_0_0-32bit 20250814.0-2.1
* libabsl_kernel_timeout_internal2508_0_0 20250814.0-2.1
* libabsl_kernel_timeout_internal2508_0_0-32bit 20250814.0-2.1
* libabsl_leak_check2508_0_0 20250814.0-2.1
* libabsl_leak_check2508_0_0-32bit 20250814.0-2.1
* libabsl_log_entry2508_0_0 20250814.0-2.1
* libabsl_log_entry2508_0_0-32bit 20250814.0-2.1
* libabsl_log_flags2508_0_0 20250814.0-2.1
* libabsl_log_flags2508_0_0-32bit 20250814.0-2.1
* libabsl_log_globals2508_0_0 20250814.0-2.1
* libabsl_log_globals2508_0_0-32bit 20250814.0-2.1
* libabsl_log_initialize2508_0_0 20250814.0-2.1
* libabsl_log_initialize2508_0_0-32bit 20250814.0-2.1
* libabsl_log_internal_check_op2508_0_0 20250814.0-2.1
* libabsl_log_internal_check_op2508_0_0-32bit 20250814.0-2.1
* libabsl_log_internal_conditions2508_0_0 20250814.0-2.1
* libabsl_log_internal_conditions2508_0_0-32bit 20250814.0-2.1
* libabsl_log_internal_fnmatch2508_0_0 20250814.0-2.1
* libabsl_log_internal_fnmatch2508_0_0-32bit 20250814.0-2.1
* libabsl_log_internal_format2508_0_0 20250814.0-2.1
* libabsl_log_internal_format2508_0_0-32bit 20250814.0-2.1
* libabsl_log_internal_globals2508_0_0 20250814.0-2.1
* libabsl_log_internal_globals2508_0_0-32bit 20250814.0-2.1
* libabsl_log_internal_log_sink_set2508_0_0 20250814.0-2.1
* libabsl_log_internal_log_sink_set2508_0_0-32bit 20250814.0-2.1
* libabsl_log_internal_message2508_0_0 20250814.0-2.1
* libabsl_log_internal_message2508_0_0-32bit 20250814.0-2.1
* libabsl_log_internal_nullguard2508_0_0 20250814.0-2.1
* libabsl_log_internal_nullguard2508_0_0-32bit 20250814.0-2.1
* libabsl_log_internal_proto2508_0_0 20250814.0-2.1
* libabsl_log_internal_proto2508_0_0-32bit 20250814.0-2.1
* libabsl_log_internal_structured_proto2508_0_0 20250814.0-2.1
* libabsl_log_internal_structured_proto2508_0_0-32bit 20250814.0-2.1
* libabsl_log_severity2508_0_0 20250814.0-2.1
* libabsl_log_severity2508_0_0-32bit 20250814.0-2.1
* libabsl_log_sink2508_0_0 20250814.0-2.1
* libabsl_log_sink2508_0_0-32bit 20250814.0-2.1
* libabsl_malloc_internal2508_0_0 20250814.0-2.1
* libabsl_malloc_internal2508_0_0-32bit 20250814.0-2.1
* libabsl_periodic_sampler2508_0_0 20250814.0-2.1
* libabsl_periodic_sampler2508_0_0-32bit 20250814.0-2.1
* libabsl_poison2508_0_0 20250814.0-2.1
* libabsl_poison2508_0_0-32bit 20250814.0-2.1
* libabsl_profile_builder2508_0_0 20250814.0-2.1
* libabsl_profile_builder2508_0_0-32bit 20250814.0-2.1
* libabsl_random_distributions2508_0_0 20250814.0-2.1
* libabsl_random_distributions2508_0_0-32bit 20250814.0-2.1
* libabsl_random_internal_distribution_test_util2508_0_0 20250814.0-2.1
* libabsl_random_internal_distribution_test_util2508_0_0-32bit 20250814.0-2.1
* libabsl_random_internal_entropy_pool2508_0_0 20250814.0-2.1
* libabsl_random_internal_entropy_pool2508_0_0-32bit 20250814.0-2.1
* libabsl_random_internal_platform2508_0_0 20250814.0-2.1
* libabsl_random_internal_platform2508_0_0-32bit 20250814.0-2.1
* libabsl_random_internal_randen2508_0_0 20250814.0-2.1
* libabsl_random_internal_randen2508_0_0-32bit 20250814.0-2.1
* libabsl_random_internal_randen_hwaes2508_0_0 20250814.0-2.1
* libabsl_random_internal_randen_hwaes2508_0_0-32bit 20250814.0-2.1
* libabsl_random_internal_randen_hwaes_impl2508_0_0 20250814.0-2.1
* libabsl_random_internal_randen_hwaes_impl2508_0_0-32bit 20250814.0-2.1
* libabsl_random_internal_randen_slow2508_0_0 20250814.0-2.1
* libabsl_random_internal_randen_slow2508_0_0-32bit 20250814.0-2.1
* libabsl_random_internal_seed_material2508_0_0 20250814.0-2.1
* libabsl_random_internal_seed_material2508_0_0-32bit 20250814.0-2.1
* libabsl_random_seed_gen_exception2508_0_0 20250814.0-2.1
* libabsl_random_seed_gen_exception2508_0_0-32bit 20250814.0-2.1
* libabsl_random_seed_sequences2508_0_0 20250814.0-2.1
* libabsl_random_seed_sequences2508_0_0-32bit 20250814.0-2.1
* libabsl_raw_hash_set2508_0_0 20250814.0-2.1
* libabsl_raw_hash_set2508_0_0-32bit 20250814.0-2.1
* libabsl_raw_logging_internal2508_0_0 20250814.0-2.1
* libabsl_raw_logging_internal2508_0_0-32bit 20250814.0-2.1
* libabsl_scoped_set_env2508_0_0 20250814.0-2.1
* libabsl_scoped_set_env2508_0_0-32bit 20250814.0-2.1
* libabsl_spinlock_wait2508_0_0 20250814.0-2.1
* libabsl_spinlock_wait2508_0_0-32bit 20250814.0-2.1
* libabsl_stacktrace2508_0_0 20250814.0-2.1
* libabsl_stacktrace2508_0_0-32bit 20250814.0-2.1
* libabsl_status2508_0_0 20250814.0-2.1
* libabsl_status2508_0_0-32bit 20250814.0-2.1
* libabsl_statusor2508_0_0 20250814.0-2.1
* libabsl_statusor2508_0_0-32bit 20250814.0-2.1
* libabsl_str_format_internal2508_0_0 20250814.0-2.1
* libabsl_str_format_internal2508_0_0-32bit 20250814.0-2.1
* libabsl_strerror2508_0_0 20250814.0-2.1
* libabsl_strerror2508_0_0-32bit 20250814.0-2.1
* libabsl_string_view2508_0_0 20250814.0-2.1
* libabsl_string_view2508_0_0-32bit 20250814.0-2.1
* libabsl_strings2508_0_0 20250814.0-2.1
* libabsl_strings2508_0_0-32bit 20250814.0-2.1
* libabsl_strings_internal2508_0_0 20250814.0-2.1
* libabsl_strings_internal2508_0_0-32bit 20250814.0-2.1
* libabsl_symbolize2508_0_0 20250814.0-2.1
* libabsl_symbolize2508_0_0-32bit 20250814.0-2.1
* libabsl_synchronization2508_0_0 20250814.0-2.1
* libabsl_synchronization2508_0_0-32bit 20250814.0-2.1
* libabsl_throw_delegate2508_0_0 20250814.0-2.1
* libabsl_throw_delegate2508_0_0-32bit 20250814.0-2.1
* libabsl_time2508_0_0 20250814.0-2.1
* libabsl_time2508_0_0-32bit 20250814.0-2.1
* libabsl_time_zone2508_0_0 20250814.0-2.1
* libabsl_time_zone2508_0_0-32bit 20250814.0-2.1
* libabsl_tracing_internal2508_0_0 20250814.0-2.1
* libabsl_tracing_internal2508_0_0-32bit 20250814.0-2.1
* libabsl_utf8_for_code_point2508_0_0 20250814.0-2.1
* libabsl_utf8_for_code_point2508_0_0-32bit 20250814.0-2.1
* libabsl_vlog_config_internal2508_0_0 20250814.0-2.1
* libabsl_vlog_config_internal2508_0_0-32bit 20250814.0-2.1

## References:

* https://www.suse.com/security/cve/CVE-2025-0838.html

openSUSE-SU-2025:15472-1: moderate: ImageMagick-7.1.2.1-1.1 on GA media

# ImageMagick-7.1.2.1-1.1 on GA media

Announcement ID: openSUSE-SU-2025:15472-1
Rating: moderate

Cross-References:

* CVE-2025-55154
* CVE-2025-55160

CVSS scores:

* CVE-2025-55154 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-55154 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-55160 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H
* CVE-2025-55160 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves 2 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the ImageMagick-7.1.2.1-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* ImageMagick 7.1.2.1-1.1
* ImageMagick-config-7-SUSE 7.1.2.1-1.1
* ImageMagick-devel 7.1.2.1-1.1
* ImageMagick-devel-32bit 7.1.2.1-1.1
* ImageMagick-doc 7.1.2.1-1.1
* ImageMagick-extra 7.1.2.1-1.1
* libMagick++-7_Q16HDRI5 7.1.2.1-1.1
* libMagick++-7_Q16HDRI5-32bit 7.1.2.1-1.1
* libMagick++-devel 7.1.2.1-1.1
* libMagick++-devel-32bit 7.1.2.1-1.1
* libMagickCore-7_Q16HDRI10 7.1.2.1-1.1
* libMagickCore-7_Q16HDRI10-32bit 7.1.2.1-1.1
* libMagickWand-7_Q16HDRI10 7.1.2.1-1.1
* libMagickWand-7_Q16HDRI10-32bit 7.1.2.1-1.1
* perl-PerlMagick 7.1.2.1-1.1

## References:

* https://www.suse.com/security/cve/CVE-2025-55154.html
* https://www.suse.com/security/cve/CVE-2025-55160.html

SUSE-SU-2025:02963-1: important: Security update for gdk-pixbuf

# Security update for gdk-pixbuf

Announcement ID: SUSE-SU-2025:02963-1
Release Date: 2025-08-22T12:52:14Z
Rating: important
References:

* bsc#1245227
* bsc#1246114

Cross-References:

* CVE-2025-6199
* CVE-2025-7345

CVSS scores:

* CVE-2025-6199 ( SUSE ): 4.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2025-6199 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
* CVE-2025-6199 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
* CVE-2025-6199 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
* CVE-2025-7345 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-7345 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-7345 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Manager Proxy 4.3
* SUSE Manager Proxy 4.3 LTS
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Retail Branch Server 4.3 LTS
* SUSE Manager Server 4.3
* SUSE Manager Server 4.3 LTS

An update that solves two vulnerabilities can now be installed.

## Description:

This update for gdk-pixbuf fixes the following issues:

* CVE-2025-6199: Fixed uninitialized memory leading to arbitrary memory
contents leak (bsc#1245227)
* CVE-2025-7345: Fixed heap buffer overflow within the
gdk_pixbuf__jpeg_image_load_increment function (bsc#1246114)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2025-2963=1

* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2025-2963=1

* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2025-2963=1

* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2025-2963=1

* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2025-2963=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2025-2963=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2963=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2963=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2963=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2963=1

* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2963=1

* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2963=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2963=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2963=1

* SUSE Manager Proxy 4.3 LTS
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-LTS-2025-2963=1

* SUSE Manager Retail Branch Server 4.3 LTS
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-LTS-2025-2963=1

* SUSE Manager Server 4.3 LTS
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-LTS-2025-2963=1

## Package List:

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* gdk-pixbuf-devel-debuginfo-2.42.12-150400.5.14.1
* gdk-pixbuf-thumbnailer-debuginfo-2.42.12-150400.5.14.1
* libgdk_pixbuf-2_0-0-2.42.12-150400.5.14.1
* gdk-pixbuf-debugsource-2.42.12-150400.5.14.1
* gdk-pixbuf-thumbnailer-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-debuginfo-2.42.12-150400.5.14.1
* typelib-1_0-GdkPixbuf-2_0-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-2.42.12-150400.5.14.1
* gdk-pixbuf-devel-2.42.12-150400.5.14.1
* typelib-1_0-GdkPixdata-2_0-2.42.12-150400.5.14.1
* libgdk_pixbuf-2_0-0-debuginfo-2.42.12-150400.5.14.1
* openSUSE Leap 15.4 (x86_64)
* libgdk_pixbuf-2_0-0-32bit-debuginfo-2.42.12-150400.5.14.1
* libgdk_pixbuf-2_0-0-32bit-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-32bit-debuginfo-2.42.12-150400.5.14.1
* gdk-pixbuf-devel-32bit-2.42.12-150400.5.14.1
* gdk-pixbuf-devel-32bit-debuginfo-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-32bit-2.42.12-150400.5.14.1
* openSUSE Leap 15.4 (noarch)
* gdk-pixbuf-lang-2.42.12-150400.5.14.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* gdk-pixbuf-query-loaders-64bit-debuginfo-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-64bit-2.42.12-150400.5.14.1
* gdk-pixbuf-devel-64bit-debuginfo-2.42.12-150400.5.14.1
* gdk-pixbuf-devel-64bit-2.42.12-150400.5.14.1
* libgdk_pixbuf-2_0-0-64bit-2.42.12-150400.5.14.1
* libgdk_pixbuf-2_0-0-64bit-debuginfo-2.42.12-150400.5.14.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* libgdk_pixbuf-2_0-0-2.42.12-150400.5.14.1
* gdk-pixbuf-debugsource-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-debuginfo-2.42.12-150400.5.14.1
* typelib-1_0-GdkPixbuf-2_0-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-2.42.12-150400.5.14.1
* libgdk_pixbuf-2_0-0-debuginfo-2.42.12-150400.5.14.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* libgdk_pixbuf-2_0-0-2.42.12-150400.5.14.1
* gdk-pixbuf-debugsource-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-debuginfo-2.42.12-150400.5.14.1
* typelib-1_0-GdkPixbuf-2_0-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-2.42.12-150400.5.14.1
* libgdk_pixbuf-2_0-0-debuginfo-2.42.12-150400.5.14.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* libgdk_pixbuf-2_0-0-2.42.12-150400.5.14.1
* gdk-pixbuf-debugsource-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-debuginfo-2.42.12-150400.5.14.1
* typelib-1_0-GdkPixbuf-2_0-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-2.42.12-150400.5.14.1
* libgdk_pixbuf-2_0-0-debuginfo-2.42.12-150400.5.14.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* libgdk_pixbuf-2_0-0-2.42.12-150400.5.14.1
* gdk-pixbuf-debugsource-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-debuginfo-2.42.12-150400.5.14.1
* typelib-1_0-GdkPixbuf-2_0-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-2.42.12-150400.5.14.1
* libgdk_pixbuf-2_0-0-debuginfo-2.42.12-150400.5.14.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
* libgdk_pixbuf-2_0-0-2.42.12-150400.5.14.1
* gdk-pixbuf-debugsource-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-debuginfo-2.42.12-150400.5.14.1
* typelib-1_0-GdkPixbuf-2_0-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-2.42.12-150400.5.14.1
* libgdk_pixbuf-2_0-0-debuginfo-2.42.12-150400.5.14.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* gdk-pixbuf-devel-debuginfo-2.42.12-150400.5.14.1
* gdk-pixbuf-thumbnailer-debuginfo-2.42.12-150400.5.14.1
* libgdk_pixbuf-2_0-0-2.42.12-150400.5.14.1
* gdk-pixbuf-debugsource-2.42.12-150400.5.14.1
* gdk-pixbuf-thumbnailer-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-debuginfo-2.42.12-150400.5.14.1
* typelib-1_0-GdkPixbuf-2_0-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-2.42.12-150400.5.14.1
* gdk-pixbuf-devel-2.42.12-150400.5.14.1
* typelib-1_0-GdkPixdata-2_0-2.42.12-150400.5.14.1
* libgdk_pixbuf-2_0-0-debuginfo-2.42.12-150400.5.14.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
* gdk-pixbuf-lang-2.42.12-150400.5.14.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64)
* libgdk_pixbuf-2_0-0-32bit-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-32bit-debuginfo-2.42.12-150400.5.14.1
* libgdk_pixbuf-2_0-0-32bit-debuginfo-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-32bit-2.42.12-150400.5.14.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* gdk-pixbuf-devel-debuginfo-2.42.12-150400.5.14.1
* gdk-pixbuf-thumbnailer-debuginfo-2.42.12-150400.5.14.1
* libgdk_pixbuf-2_0-0-2.42.12-150400.5.14.1
* gdk-pixbuf-debugsource-2.42.12-150400.5.14.1
* gdk-pixbuf-thumbnailer-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-debuginfo-2.42.12-150400.5.14.1
* typelib-1_0-GdkPixbuf-2_0-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-2.42.12-150400.5.14.1
* gdk-pixbuf-devel-2.42.12-150400.5.14.1
* typelib-1_0-GdkPixdata-2_0-2.42.12-150400.5.14.1
* libgdk_pixbuf-2_0-0-debuginfo-2.42.12-150400.5.14.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
* gdk-pixbuf-lang-2.42.12-150400.5.14.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64)
* libgdk_pixbuf-2_0-0-32bit-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-32bit-debuginfo-2.42.12-150400.5.14.1
* libgdk_pixbuf-2_0-0-32bit-debuginfo-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-32bit-2.42.12-150400.5.14.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
x86_64)
* gdk-pixbuf-devel-debuginfo-2.42.12-150400.5.14.1
* gdk-pixbuf-thumbnailer-debuginfo-2.42.12-150400.5.14.1
* libgdk_pixbuf-2_0-0-2.42.12-150400.5.14.1
* gdk-pixbuf-debugsource-2.42.12-150400.5.14.1
* gdk-pixbuf-thumbnailer-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-debuginfo-2.42.12-150400.5.14.1
* typelib-1_0-GdkPixbuf-2_0-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-2.42.12-150400.5.14.1
* gdk-pixbuf-devel-2.42.12-150400.5.14.1
* typelib-1_0-GdkPixdata-2_0-2.42.12-150400.5.14.1
* libgdk_pixbuf-2_0-0-debuginfo-2.42.12-150400.5.14.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
* gdk-pixbuf-lang-2.42.12-150400.5.14.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64)
* libgdk_pixbuf-2_0-0-32bit-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-32bit-debuginfo-2.42.12-150400.5.14.1
* libgdk_pixbuf-2_0-0-32bit-debuginfo-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-32bit-2.42.12-150400.5.14.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
x86_64)
* gdk-pixbuf-devel-debuginfo-2.42.12-150400.5.14.1
* gdk-pixbuf-thumbnailer-debuginfo-2.42.12-150400.5.14.1
* libgdk_pixbuf-2_0-0-2.42.12-150400.5.14.1
* gdk-pixbuf-debugsource-2.42.12-150400.5.14.1
* gdk-pixbuf-thumbnailer-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-debuginfo-2.42.12-150400.5.14.1
* typelib-1_0-GdkPixbuf-2_0-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-2.42.12-150400.5.14.1
* gdk-pixbuf-devel-2.42.12-150400.5.14.1
* typelib-1_0-GdkPixdata-2_0-2.42.12-150400.5.14.1
* libgdk_pixbuf-2_0-0-debuginfo-2.42.12-150400.5.14.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
* gdk-pixbuf-lang-2.42.12-150400.5.14.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64)
* libgdk_pixbuf-2_0-0-32bit-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-32bit-debuginfo-2.42.12-150400.5.14.1
* libgdk_pixbuf-2_0-0-32bit-debuginfo-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-32bit-2.42.12-150400.5.14.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* gdk-pixbuf-devel-debuginfo-2.42.12-150400.5.14.1
* gdk-pixbuf-thumbnailer-debuginfo-2.42.12-150400.5.14.1
* libgdk_pixbuf-2_0-0-2.42.12-150400.5.14.1
* gdk-pixbuf-debugsource-2.42.12-150400.5.14.1
* gdk-pixbuf-thumbnailer-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-debuginfo-2.42.12-150400.5.14.1
* typelib-1_0-GdkPixbuf-2_0-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-2.42.12-150400.5.14.1
* gdk-pixbuf-devel-2.42.12-150400.5.14.1
* typelib-1_0-GdkPixdata-2_0-2.42.12-150400.5.14.1
* libgdk_pixbuf-2_0-0-debuginfo-2.42.12-150400.5.14.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
* gdk-pixbuf-lang-2.42.12-150400.5.14.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64)
* libgdk_pixbuf-2_0-0-32bit-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-32bit-debuginfo-2.42.12-150400.5.14.1
* libgdk_pixbuf-2_0-0-32bit-debuginfo-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-32bit-2.42.12-150400.5.14.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* gdk-pixbuf-devel-debuginfo-2.42.12-150400.5.14.1
* gdk-pixbuf-thumbnailer-debuginfo-2.42.12-150400.5.14.1
* libgdk_pixbuf-2_0-0-2.42.12-150400.5.14.1
* gdk-pixbuf-debugsource-2.42.12-150400.5.14.1
* gdk-pixbuf-thumbnailer-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-debuginfo-2.42.12-150400.5.14.1
* typelib-1_0-GdkPixbuf-2_0-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-2.42.12-150400.5.14.1
* gdk-pixbuf-devel-2.42.12-150400.5.14.1
* typelib-1_0-GdkPixdata-2_0-2.42.12-150400.5.14.1
* libgdk_pixbuf-2_0-0-debuginfo-2.42.12-150400.5.14.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
* gdk-pixbuf-lang-2.42.12-150400.5.14.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64)
* libgdk_pixbuf-2_0-0-32bit-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-32bit-debuginfo-2.42.12-150400.5.14.1
* libgdk_pixbuf-2_0-0-32bit-debuginfo-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-32bit-2.42.12-150400.5.14.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* gdk-pixbuf-devel-debuginfo-2.42.12-150400.5.14.1
* gdk-pixbuf-thumbnailer-debuginfo-2.42.12-150400.5.14.1
* libgdk_pixbuf-2_0-0-2.42.12-150400.5.14.1
* gdk-pixbuf-debugsource-2.42.12-150400.5.14.1
* gdk-pixbuf-thumbnailer-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-debuginfo-2.42.12-150400.5.14.1
* typelib-1_0-GdkPixbuf-2_0-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-2.42.12-150400.5.14.1
* gdk-pixbuf-devel-2.42.12-150400.5.14.1
* typelib-1_0-GdkPixdata-2_0-2.42.12-150400.5.14.1
* libgdk_pixbuf-2_0-0-debuginfo-2.42.12-150400.5.14.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
* gdk-pixbuf-lang-2.42.12-150400.5.14.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
* libgdk_pixbuf-2_0-0-32bit-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-32bit-debuginfo-2.42.12-150400.5.14.1
* libgdk_pixbuf-2_0-0-32bit-debuginfo-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-32bit-2.42.12-150400.5.14.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* gdk-pixbuf-devel-debuginfo-2.42.12-150400.5.14.1
* gdk-pixbuf-thumbnailer-debuginfo-2.42.12-150400.5.14.1
* libgdk_pixbuf-2_0-0-2.42.12-150400.5.14.1
* gdk-pixbuf-debugsource-2.42.12-150400.5.14.1
* gdk-pixbuf-thumbnailer-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-debuginfo-2.42.12-150400.5.14.1
* typelib-1_0-GdkPixbuf-2_0-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-2.42.12-150400.5.14.1
* gdk-pixbuf-devel-2.42.12-150400.5.14.1
* typelib-1_0-GdkPixdata-2_0-2.42.12-150400.5.14.1
* libgdk_pixbuf-2_0-0-debuginfo-2.42.12-150400.5.14.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
* gdk-pixbuf-lang-2.42.12-150400.5.14.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64)
* libgdk_pixbuf-2_0-0-32bit-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-32bit-debuginfo-2.42.12-150400.5.14.1
* libgdk_pixbuf-2_0-0-32bit-debuginfo-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-32bit-2.42.12-150400.5.14.1
* SUSE Manager Proxy 4.3 LTS (x86_64)
* libgdk_pixbuf-2_0-0-32bit-debuginfo-2.42.12-150400.5.14.1
* gdk-pixbuf-devel-debuginfo-2.42.12-150400.5.14.1
* gdk-pixbuf-thumbnailer-debuginfo-2.42.12-150400.5.14.1
* libgdk_pixbuf-2_0-0-2.42.12-150400.5.14.1
* gdk-pixbuf-debugsource-2.42.12-150400.5.14.1
* gdk-pixbuf-thumbnailer-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-debuginfo-2.42.12-150400.5.14.1
* typelib-1_0-GdkPixbuf-2_0-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-2.42.12-150400.5.14.1
* libgdk_pixbuf-2_0-0-32bit-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-32bit-debuginfo-2.42.12-150400.5.14.1
* libgdk_pixbuf-2_0-0-debuginfo-2.42.12-150400.5.14.1
* gdk-pixbuf-devel-2.42.12-150400.5.14.1
* typelib-1_0-GdkPixdata-2_0-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-32bit-2.42.12-150400.5.14.1
* SUSE Manager Proxy 4.3 LTS (noarch)
* gdk-pixbuf-lang-2.42.12-150400.5.14.1
* SUSE Manager Retail Branch Server 4.3 LTS (x86_64)
* libgdk_pixbuf-2_0-0-32bit-debuginfo-2.42.12-150400.5.14.1
* gdk-pixbuf-devel-debuginfo-2.42.12-150400.5.14.1
* gdk-pixbuf-thumbnailer-debuginfo-2.42.12-150400.5.14.1
* libgdk_pixbuf-2_0-0-2.42.12-150400.5.14.1
* gdk-pixbuf-debugsource-2.42.12-150400.5.14.1
* gdk-pixbuf-thumbnailer-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-debuginfo-2.42.12-150400.5.14.1
* typelib-1_0-GdkPixbuf-2_0-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-2.42.12-150400.5.14.1
* libgdk_pixbuf-2_0-0-32bit-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-32bit-debuginfo-2.42.12-150400.5.14.1
* libgdk_pixbuf-2_0-0-debuginfo-2.42.12-150400.5.14.1
* gdk-pixbuf-devel-2.42.12-150400.5.14.1
* typelib-1_0-GdkPixdata-2_0-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-32bit-2.42.12-150400.5.14.1
* SUSE Manager Retail Branch Server 4.3 LTS (noarch)
* gdk-pixbuf-lang-2.42.12-150400.5.14.1
* SUSE Manager Server 4.3 LTS (ppc64le s390x x86_64)
* gdk-pixbuf-devel-debuginfo-2.42.12-150400.5.14.1
* gdk-pixbuf-thumbnailer-debuginfo-2.42.12-150400.5.14.1
* libgdk_pixbuf-2_0-0-2.42.12-150400.5.14.1
* gdk-pixbuf-debugsource-2.42.12-150400.5.14.1
* gdk-pixbuf-thumbnailer-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-debuginfo-2.42.12-150400.5.14.1
* typelib-1_0-GdkPixbuf-2_0-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-2.42.12-150400.5.14.1
* gdk-pixbuf-devel-2.42.12-150400.5.14.1
* typelib-1_0-GdkPixdata-2_0-2.42.12-150400.5.14.1
* libgdk_pixbuf-2_0-0-debuginfo-2.42.12-150400.5.14.1
* SUSE Manager Server 4.3 LTS (noarch)
* gdk-pixbuf-lang-2.42.12-150400.5.14.1
* SUSE Manager Server 4.3 LTS (x86_64)
* libgdk_pixbuf-2_0-0-32bit-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-32bit-debuginfo-2.42.12-150400.5.14.1
* libgdk_pixbuf-2_0-0-32bit-debuginfo-2.42.12-150400.5.14.1
* gdk-pixbuf-query-loaders-32bit-2.42.12-150400.5.14.1

## References:

* https://www.suse.com/security/cve/CVE-2025-6199.html
* https://www.suse.com/security/cve/CVE-2025-7345.html
* https://bugzilla.suse.com/show_bug.cgi?id=1245227
* https://bugzilla.suse.com/show_bug.cgi?id=1246114

SUSE-SU-2025:02964-1: moderate: Security update for glibc

# Security update for glibc

Announcement ID: SUSE-SU-2025:02964-1
Release Date: 2025-08-22T12:53:00Z
Rating: moderate
References:

* bsc#1240058
* bsc#1246965

Cross-References:

* CVE-2025-8058

CVSS scores:

* CVE-2025-8058 ( SUSE ): 5.9
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:P/VC:L/VI:L/VA:H/SC:L/SI:L/SA:H
* CVE-2025-8058 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:H
* CVE-2025-8058 ( NVD ): 5.9
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:P/VC:L/VI:L/VA:H/SC:L/SI:L/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Affected Products:

* Basesystem Module 15-SP6
* Basesystem Module 15-SP7
* Development Tools Module 15-SP6
* Development Tools Module 15-SP7
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7

An update that solves one vulnerability and has one security fix can now be
installed.

## Description:

This update for glibc fixes the following issues:

* CVE-2025-8058: Fixed double-free after allocation failure in regcomp.
(bsc#1246965)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2025-2964=1 openSUSE-SLE-15.6-2025-2964=1

* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-2964=1

* Basesystem Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-2964=1

* Development Tools Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-2964=1

* Development Tools Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP7-2025-2964=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586 i686)
* glibc-profile-2.38-150600.14.37.1
* glibc-locale-2.38-150600.14.37.1
* glibc-locale-base-2.38-150600.14.37.1
* glibc-debugsource-2.38-150600.14.37.1
* glibc-devel-static-2.38-150600.14.37.1
* glibc-devel-2.38-150600.14.37.1
* libnsl1-2.38-150600.14.37.1
* glibc-locale-base-debuginfo-2.38-150600.14.37.1
* glibc-debuginfo-2.38-150600.14.37.1
* libnsl1-debuginfo-2.38-150600.14.37.1
* glibc-2.38-150600.14.37.1
* glibc-devel-debuginfo-2.38-150600.14.37.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* nscd-debuginfo-2.38-150600.14.37.1
* glibc-utils-debuginfo-2.38-150600.14.37.1
* glibc-extra-2.38-150600.14.37.1
* glibc-utils-src-debugsource-2.38-150600.14.37.1
* glibc-extra-debuginfo-2.38-150600.14.37.1
* nscd-2.38-150600.14.37.1
* glibc-utils-2.38-150600.14.37.1
* openSUSE Leap 15.6 (noarch)
* glibc-html-2.38-150600.14.37.1
* glibc-lang-2.38-150600.14.37.1
* glibc-info-2.38-150600.14.37.1
* glibc-i18ndata-2.38-150600.14.37.1
* openSUSE Leap 15.6 (x86_64)
* glibc-locale-base-32bit-2.38-150600.14.37.1
* glibc-devel-32bit-debuginfo-2.38-150600.14.37.1
* glibc-profile-32bit-2.38-150600.14.37.1
* glibc-utils-32bit-2.38-150600.14.37.1
* glibc-utils-32bit-debuginfo-2.38-150600.14.37.1
* glibc-32bit-2.38-150600.14.37.1
* libnsl1-32bit-debuginfo-2.38-150600.14.37.1
* glibc-devel-32bit-2.38-150600.14.37.1
* glibc-locale-base-32bit-debuginfo-2.38-150600.14.37.1
* libnsl1-32bit-2.38-150600.14.37.1
* glibc-32bit-debuginfo-2.38-150600.14.37.1
* glibc-devel-static-32bit-2.38-150600.14.37.1
* openSUSE Leap 15.6 (aarch64_ilp32)
* glibc-locale-base-64bit-debuginfo-2.38-150600.14.37.1
* glibc-locale-base-64bit-2.38-150600.14.37.1
* glibc-utils-64bit-debuginfo-2.38-150600.14.37.1
* glibc-devel-static-64bit-2.38-150600.14.37.1
* glibc-devel-64bit-2.38-150600.14.37.1
* glibc-64bit-2.38-150600.14.37.1
* glibc-utils-64bit-2.38-150600.14.37.1
* libnsl1-64bit-2.38-150600.14.37.1
* glibc-devel-64bit-debuginfo-2.38-150600.14.37.1
* libnsl1-64bit-debuginfo-2.38-150600.14.37.1
* glibc-profile-64bit-2.38-150600.14.37.1
* glibc-64bit-debuginfo-2.38-150600.14.37.1
* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* glibc-profile-2.38-150600.14.37.1
* glibc-locale-2.38-150600.14.37.1
* nscd-debuginfo-2.38-150600.14.37.1
* glibc-extra-2.38-150600.14.37.1
* nscd-2.38-150600.14.37.1
* glibc-locale-base-2.38-150600.14.37.1
* glibc-debugsource-2.38-150600.14.37.1
* glibc-extra-debuginfo-2.38-150600.14.37.1
* glibc-devel-2.38-150600.14.37.1
* libnsl1-2.38-150600.14.37.1
* glibc-locale-base-debuginfo-2.38-150600.14.37.1
* glibc-debuginfo-2.38-150600.14.37.1
* libnsl1-debuginfo-2.38-150600.14.37.1
* glibc-2.38-150600.14.37.1
* glibc-devel-debuginfo-2.38-150600.14.37.1
* Basesystem Module 15-SP6 (noarch)
* glibc-lang-2.38-150600.14.37.1
* glibc-info-2.38-150600.14.37.1
* glibc-i18ndata-2.38-150600.14.37.1
* Basesystem Module 15-SP6 (x86_64)
* glibc-locale-base-32bit-2.38-150600.14.37.1
* glibc-32bit-2.38-150600.14.37.1
* libnsl1-32bit-debuginfo-2.38-150600.14.37.1
* glibc-locale-base-32bit-debuginfo-2.38-150600.14.37.1
* libnsl1-32bit-2.38-150600.14.37.1
* glibc-32bit-debuginfo-2.38-150600.14.37.1
* Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* glibc-profile-2.38-150600.14.37.1
* glibc-locale-2.38-150600.14.37.1
* nscd-debuginfo-2.38-150600.14.37.1
* glibc-extra-2.38-150600.14.37.1
* nscd-2.38-150600.14.37.1
* glibc-locale-base-2.38-150600.14.37.1
* glibc-debugsource-2.38-150600.14.37.1
* glibc-extra-debuginfo-2.38-150600.14.37.1
* glibc-devel-2.38-150600.14.37.1
* libnsl1-2.38-150600.14.37.1
* glibc-locale-base-debuginfo-2.38-150600.14.37.1
* glibc-debuginfo-2.38-150600.14.37.1
* libnsl1-debuginfo-2.38-150600.14.37.1
* glibc-2.38-150600.14.37.1
* glibc-devel-debuginfo-2.38-150600.14.37.1
* Basesystem Module 15-SP7 (noarch)
* glibc-lang-2.38-150600.14.37.1
* glibc-info-2.38-150600.14.37.1
* glibc-i18ndata-2.38-150600.14.37.1
* Basesystem Module 15-SP7 (x86_64)
* glibc-locale-base-32bit-2.38-150600.14.37.1
* glibc-32bit-2.38-150600.14.37.1
* libnsl1-32bit-debuginfo-2.38-150600.14.37.1
* glibc-locale-base-32bit-debuginfo-2.38-150600.14.37.1
* libnsl1-32bit-2.38-150600.14.37.1
* glibc-32bit-debuginfo-2.38-150600.14.37.1
* Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* glibc-utils-debuginfo-2.38-150600.14.37.1
* glibc-utils-src-debugsource-2.38-150600.14.37.1
* glibc-debugsource-2.38-150600.14.37.1
* glibc-devel-static-2.38-150600.14.37.1
* glibc-debuginfo-2.38-150600.14.37.1
* glibc-utils-2.38-150600.14.37.1
* Development Tools Module 15-SP6 (x86_64)
* glibc-32bit-debuginfo-2.38-150600.14.37.1
* glibc-devel-32bit-debuginfo-2.38-150600.14.37.1
* glibc-devel-32bit-2.38-150600.14.37.1
* Development Tools Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* glibc-utils-debuginfo-2.38-150600.14.37.1
* glibc-utils-src-debugsource-2.38-150600.14.37.1
* glibc-debugsource-2.38-150600.14.37.1
* glibc-devel-static-2.38-150600.14.37.1
* glibc-debuginfo-2.38-150600.14.37.1
* glibc-utils-2.38-150600.14.37.1
* Development Tools Module 15-SP7 (x86_64)
* glibc-32bit-debuginfo-2.38-150600.14.37.1
* glibc-devel-32bit-debuginfo-2.38-150600.14.37.1
* glibc-devel-32bit-2.38-150600.14.37.1

## References:

* https://www.suse.com/security/cve/CVE-2025-8058.html
* https://bugzilla.suse.com/show_bug.cgi?id=1240058
* https://bugzilla.suse.com/show_bug.cgi?id=1246965

openSUSE-SU-2025:15479-1: moderate: pdns-recursor-5.2.5-1.1 on GA media

# pdns-recursor-5.2.5-1.1 on GA media

Announcement ID: openSUSE-SU-2025:15479-1
Rating: moderate

Cross-References:

* CVE-2025-30192

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the pdns-recursor-5.2.5-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* pdns-recursor 5.2.5-1.1

## References:

* https://www.suse.com/security/cve/CVE-2025-30192.html

openSUSE-SU-2025:15480-1: moderate: ruby3.4-rubygem-activerecord-8.0-8.0.1-2.1 on GA media

# ruby3.4-rubygem-activerecord-8.0-8.0.1-2.1 on GA media

Announcement ID: openSUSE-SU-2025:15480-1
Rating: moderate

Cross-References:

* CVE-2025-55193

CVSS scores:

* CVE-2025-55193 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
* CVE-2025-55193 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the ruby3.4-rubygem-activerecord-8.0-8.0.1-2.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* ruby3.4-rubygem-activerecord-8.0 8.0.1-2.1

## References:

* https://www.suse.com/security/cve/CVE-2025-55193.html

Tomcat and Kernel updates for AlmaLinux

PHP and Kernel updates for Ubuntu

PAM, Flake-Pilot, Thunderbird, and more updates for SUSE

openSUSE-SU-2025:15478-1: moderate: pam-1.7.1-3.1 on GA media

openSUSE-SU-2025:15476-1: moderate: flake-pilot-3.1.21-1.1 on GA media

openSUSE-SU-2025:15473-1: moderate: MozillaThunderbird-140.2.0-1.1 on GA media

openSUSE-SU-2025:15475-1: moderate: aide-0.19.2-1.1 on GA media

openSUSE-SU-2025:15474-1: moderate: abseil-cpp-devel-20250814.0-2.1 on GA media

openSUSE-SU-2025:15472-1: moderate: ImageMagick-7.1.2.1-1.1 on GA media

SUSE-SU-2025:02963-1: important: Security update for gdk-pixbuf

SUSE-SU-2025:02964-1: moderate: Security update for glibc

openSUSE-SU-2025:15479-1: moderate: pdns-recursor-5.2.5-1.1 on GA media

openSUSE-SU-2025:15480-1: moderate: ruby3.4-rubygem-activerecord-8.0-8.0.1-2.1 on GA media

Windows

Linux

macOS

Community