SUSE-SU-2025:02473-1: important: Security update for php7
SUSE-SU-2025:02474-1: important: Security update for php8
SUSE-SU-2025:02476-1: critical: Maintenance update for Multi-Linux Manager 4.3 Release Notes Release Notes
SUSE-SU-2025:02501-1: important: Security update for salt
SUSE-SU-2025:02500-1: important: Security update for salt
SUSE-SU-2025:02472-1: moderate: Security update for gstreamer-plugins-base
SUSE-SU-2025:02470-1: important: Security update for the Linux Kernel (Live Patch 40 for SLE 15 SP4)
SUSE-SU-2025:02473-1: important: Security update for php7
# Security update for php7
Announcement ID: SUSE-SU-2025:02473-1
Release Date: 2025-07-23T12:03:39Z
Rating: important
References:
* bsc#1246146
* bsc#1246148
* bsc#1246167
Cross-References:
* CVE-2025-1220
* CVE-2025-1735
* CVE-2025-6491
CVSS scores:
* CVE-2025-1220 ( SUSE ): 9.1
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2025-1220 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
* CVE-2025-1220 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2025-1220 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2025-1735 ( SUSE ): 8.2
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-1735 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-1735 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-1735 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-6491 ( SUSE ): 5.9
CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-6491 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-6491 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
* Legacy Module 15-SP6
* Legacy Module 15-SP7
* openSUSE Leap 15.4
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7
* SUSE Package Hub 15 15-SP6
* SUSE Package Hub 15 15-SP7
An update that solves three vulnerabilities can now be installed.
## Description:
This update for php7 fixes the following issues:
* CVE-2025-1220: Fixed null byte termination in hostnames (bsc#1246167)
* CVE-2025-1735: Fixed pgsql extension does not check for errors during
escaping (bsc#1246146)
* CVE-2025-6491: Fixed NULL Pointer Dereference in PHP SOAP Extension via
Large XML Namespace Prefix (bsc#1246148)
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.4
zypper in -t patch SUSE-2025-2473=1
* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2025-2473=1
* Legacy Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2025-2473=1
* Legacy Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Legacy-15-SP7-2025-2473=1
* SUSE Package Hub 15 15-SP6
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-2473=1
* SUSE Package Hub 15 15-SP7
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-2473=1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2473=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2473=1
* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2473=1
* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2473=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2473=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2473=1
## Package List:
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* php7-gd-debuginfo-7.4.33-150400.4.51.1
* php7-7.4.33-150400.4.51.1
* php7-opcache-7.4.33-150400.4.51.1
* php7-sodium-7.4.33-150400.4.51.1
* php7-sysvsem-7.4.33-150400.4.51.1
* php7-curl-7.4.33-150400.4.51.1
* php7-pgsql-debuginfo-7.4.33-150400.4.51.1
* php7-zlib-debuginfo-7.4.33-150400.4.51.1
* php7-sqlite-7.4.33-150400.4.51.1
* php7-fpm-debugsource-7.4.33-150400.4.51.1
* php7-test-7.4.33-150400.4.51.1
* php7-fastcgi-debugsource-7.4.33-150400.4.51.1
* php7-mysql-7.4.33-150400.4.51.1
* php7-sysvmsg-7.4.33-150400.4.51.1
* php7-readline-debuginfo-7.4.33-150400.4.51.1
* php7-fpm-debuginfo-7.4.33-150400.4.51.1
* php7-fileinfo-debuginfo-7.4.33-150400.4.51.1
* php7-zlib-7.4.33-150400.4.51.1
* php7-ctype-7.4.33-150400.4.51.1
* php7-gd-7.4.33-150400.4.51.1
* php7-iconv-debuginfo-7.4.33-150400.4.51.1
* php7-zip-debuginfo-7.4.33-150400.4.51.1
* php7-mbstring-7.4.33-150400.4.51.1
* php7-calendar-7.4.33-150400.4.51.1
* php7-tokenizer-debuginfo-7.4.33-150400.4.51.1
* php7-embed-7.4.33-150400.4.51.1
* php7-iconv-7.4.33-150400.4.51.1
* php7-ftp-debuginfo-7.4.33-150400.4.51.1
* php7-gmp-debuginfo-7.4.33-150400.4.51.1
* php7-cli-7.4.33-150400.4.51.1
* php7-intl-7.4.33-150400.4.51.1
* php7-phar-debuginfo-7.4.33-150400.4.51.1
* php7-pdo-7.4.33-150400.4.51.1
* php7-debugsource-7.4.33-150400.4.51.1
* php7-exif-7.4.33-150400.4.51.1
* php7-soap-debuginfo-7.4.33-150400.4.51.1
* php7-xmlreader-7.4.33-150400.4.51.1
* php7-tidy-7.4.33-150400.4.51.1
* php7-xmlwriter-debuginfo-7.4.33-150400.4.51.1
* php7-zip-7.4.33-150400.4.51.1
* php7-ctype-debuginfo-7.4.33-150400.4.51.1
* apache2-mod_php7-7.4.33-150400.4.51.1
* php7-opcache-debuginfo-7.4.33-150400.4.51.1
* php7-xmlwriter-7.4.33-150400.4.51.1
* php7-sqlite-debuginfo-7.4.33-150400.4.51.1
* php7-posix-debuginfo-7.4.33-150400.4.51.1
* apache2-mod_php7-debugsource-7.4.33-150400.4.51.1
* php7-gettext-7.4.33-150400.4.51.1
* php7-sysvshm-debuginfo-7.4.33-150400.4.51.1
* php7-xsl-debuginfo-7.4.33-150400.4.51.1
* php7-json-debuginfo-7.4.33-150400.4.51.1
* php7-openssl-debuginfo-7.4.33-150400.4.51.1
* php7-embed-debuginfo-7.4.33-150400.4.51.1
* php7-xmlreader-debuginfo-7.4.33-150400.4.51.1
* php7-json-7.4.33-150400.4.51.1
* php7-dom-debuginfo-7.4.33-150400.4.51.1
* php7-ldap-debuginfo-7.4.33-150400.4.51.1
* php7-fpm-7.4.33-150400.4.51.1
* php7-gettext-debuginfo-7.4.33-150400.4.51.1
* php7-mysql-debuginfo-7.4.33-150400.4.51.1
* php7-enchant-7.4.33-150400.4.51.1
* php7-bcmath-debuginfo-7.4.33-150400.4.51.1
* php7-bcmath-7.4.33-150400.4.51.1
* php7-embed-debugsource-7.4.33-150400.4.51.1
* php7-odbc-debuginfo-7.4.33-150400.4.51.1
* php7-sodium-debuginfo-7.4.33-150400.4.51.1
* php7-pcntl-7.4.33-150400.4.51.1
* php7-pdo-debuginfo-7.4.33-150400.4.51.1
* php7-tidy-debuginfo-7.4.33-150400.4.51.1
* php7-openssl-7.4.33-150400.4.51.1
* php7-sockets-debuginfo-7.4.33-150400.4.51.1
* php7-fastcgi-debuginfo-7.4.33-150400.4.51.1
* php7-dba-7.4.33-150400.4.51.1
* php7-cli-debuginfo-7.4.33-150400.4.51.1
* php7-curl-debuginfo-7.4.33-150400.4.51.1
* php7-posix-7.4.33-150400.4.51.1
* php7-dba-debuginfo-7.4.33-150400.4.51.1
* php7-xsl-7.4.33-150400.4.51.1
* php7-exif-debuginfo-7.4.33-150400.4.51.1
* php7-fileinfo-7.4.33-150400.4.51.1
* php7-intl-debuginfo-7.4.33-150400.4.51.1
* php7-soap-7.4.33-150400.4.51.1
* php7-phar-7.4.33-150400.4.51.1
* php7-fastcgi-7.4.33-150400.4.51.1
* php7-snmp-7.4.33-150400.4.51.1
* php7-pcntl-debuginfo-7.4.33-150400.4.51.1
* php7-readline-7.4.33-150400.4.51.1
* php7-xmlrpc-debuginfo-7.4.33-150400.4.51.1
* php7-gmp-7.4.33-150400.4.51.1
* php7-ftp-7.4.33-150400.4.51.1
* php7-shmop-7.4.33-150400.4.51.1
* php7-tokenizer-7.4.33-150400.4.51.1
* php7-bz2-7.4.33-150400.4.51.1
* php7-sysvmsg-debuginfo-7.4.33-150400.4.51.1
* php7-mbstring-debuginfo-7.4.33-150400.4.51.1
* php7-bz2-debuginfo-7.4.33-150400.4.51.1
* php7-debuginfo-7.4.33-150400.4.51.1
* php7-sysvshm-7.4.33-150400.4.51.1
* php7-dom-7.4.33-150400.4.51.1
* php7-devel-7.4.33-150400.4.51.1
* php7-shmop-debuginfo-7.4.33-150400.4.51.1
* php7-enchant-debuginfo-7.4.33-150400.4.51.1
* php7-calendar-debuginfo-7.4.33-150400.4.51.1
* php7-sockets-7.4.33-150400.4.51.1
* php7-sysvsem-debuginfo-7.4.33-150400.4.51.1
* php7-odbc-7.4.33-150400.4.51.1
* apache2-mod_php7-debuginfo-7.4.33-150400.4.51.1
* php7-xmlrpc-7.4.33-150400.4.51.1
* php7-ldap-7.4.33-150400.4.51.1
* php7-snmp-debuginfo-7.4.33-150400.4.51.1
* php7-pgsql-7.4.33-150400.4.51.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* php7-gd-debuginfo-7.4.33-150400.4.51.1
* php7-7.4.33-150400.4.51.1
* php7-opcache-7.4.33-150400.4.51.1
* php7-sodium-7.4.33-150400.4.51.1
* php7-sysvsem-7.4.33-150400.4.51.1
* php7-curl-7.4.33-150400.4.51.1
* php7-fpm-debugsource-7.4.33-150400.4.51.1
* php7-pgsql-debuginfo-7.4.33-150400.4.51.1
* php7-sqlite-7.4.33-150400.4.51.1
* php7-test-7.4.33-150400.4.51.1
* php7-zlib-debuginfo-7.4.33-150400.4.51.1
* php7-fastcgi-debugsource-7.4.33-150400.4.51.1
* php7-mysql-7.4.33-150400.4.51.1
* php7-sysvmsg-7.4.33-150400.4.51.1
* php7-readline-debuginfo-7.4.33-150400.4.51.1
* php7-fpm-debuginfo-7.4.33-150400.4.51.1
* php7-fileinfo-debuginfo-7.4.33-150400.4.51.1
* php7-zlib-7.4.33-150400.4.51.1
* php7-ctype-7.4.33-150400.4.51.1
* php7-gd-7.4.33-150400.4.51.1
* php7-iconv-debuginfo-7.4.33-150400.4.51.1
* php7-zip-debuginfo-7.4.33-150400.4.51.1
* php7-mbstring-7.4.33-150400.4.51.1
* php7-calendar-7.4.33-150400.4.51.1
* php7-embed-7.4.33-150400.4.51.1
* php7-tokenizer-debuginfo-7.4.33-150400.4.51.1
* php7-iconv-7.4.33-150400.4.51.1
* php7-ftp-debuginfo-7.4.33-150400.4.51.1
* php7-gmp-debuginfo-7.4.33-150400.4.51.1
* php7-cli-7.4.33-150400.4.51.1
* php7-intl-7.4.33-150400.4.51.1
* php7-phar-debuginfo-7.4.33-150400.4.51.1
* php7-pdo-7.4.33-150400.4.51.1
* php7-debugsource-7.4.33-150400.4.51.1
* php7-exif-7.4.33-150400.4.51.1
* php7-soap-debuginfo-7.4.33-150400.4.51.1
* php7-xmlreader-7.4.33-150400.4.51.1
* php7-tidy-7.4.33-150400.4.51.1
* php7-xmlwriter-debuginfo-7.4.33-150400.4.51.1
* php7-zip-7.4.33-150400.4.51.1
* php7-ctype-debuginfo-7.4.33-150400.4.51.1
* apache2-mod_php7-7.4.33-150400.4.51.1
* php7-opcache-debuginfo-7.4.33-150400.4.51.1
* php7-xmlwriter-7.4.33-150400.4.51.1
* php7-sqlite-debuginfo-7.4.33-150400.4.51.1
* php7-posix-debuginfo-7.4.33-150400.4.51.1
* apache2-mod_php7-debugsource-7.4.33-150400.4.51.1
* php7-gettext-7.4.33-150400.4.51.1
* php7-sysvshm-debuginfo-7.4.33-150400.4.51.1
* php7-xsl-debuginfo-7.4.33-150400.4.51.1
* php7-json-debuginfo-7.4.33-150400.4.51.1
* php7-openssl-debuginfo-7.4.33-150400.4.51.1
* php7-embed-debuginfo-7.4.33-150400.4.51.1
* php7-xmlreader-debuginfo-7.4.33-150400.4.51.1
* php7-json-7.4.33-150400.4.51.1
* php7-dom-debuginfo-7.4.33-150400.4.51.1
* php7-fpm-7.4.33-150400.4.51.1
* php7-ldap-debuginfo-7.4.33-150400.4.51.1
* php7-gettext-debuginfo-7.4.33-150400.4.51.1
* php7-mysql-debuginfo-7.4.33-150400.4.51.1
* php7-enchant-7.4.33-150400.4.51.1
* php7-bcmath-debuginfo-7.4.33-150400.4.51.1
* php7-bcmath-7.4.33-150400.4.51.1
* php7-embed-debugsource-7.4.33-150400.4.51.1
* php7-odbc-debuginfo-7.4.33-150400.4.51.1
* php7-sodium-debuginfo-7.4.33-150400.4.51.1
* php7-pcntl-7.4.33-150400.4.51.1
* php7-pdo-debuginfo-7.4.33-150400.4.51.1
* php7-fastcgi-debuginfo-7.4.33-150400.4.51.1
* php7-openssl-7.4.33-150400.4.51.1
* php7-sockets-debuginfo-7.4.33-150400.4.51.1
* php7-tidy-debuginfo-7.4.33-150400.4.51.1
* php7-dba-7.4.33-150400.4.51.1
* php7-cli-debuginfo-7.4.33-150400.4.51.1
* php7-curl-debuginfo-7.4.33-150400.4.51.1
* php7-posix-7.4.33-150400.4.51.1
* php7-dba-debuginfo-7.4.33-150400.4.51.1
* php7-xsl-7.4.33-150400.4.51.1
* php7-exif-debuginfo-7.4.33-150400.4.51.1
* php7-fileinfo-7.4.33-150400.4.51.1
* php7-intl-debuginfo-7.4.33-150400.4.51.1
* php7-soap-7.4.33-150400.4.51.1
* php7-phar-7.4.33-150400.4.51.1
* php7-fastcgi-7.4.33-150400.4.51.1
* php7-snmp-7.4.33-150400.4.51.1
* php7-pcntl-debuginfo-7.4.33-150400.4.51.1
* php7-readline-7.4.33-150400.4.51.1
* php7-xmlrpc-debuginfo-7.4.33-150400.4.51.1
* php7-gmp-7.4.33-150400.4.51.1
* php7-ftp-7.4.33-150400.4.51.1
* php7-shmop-7.4.33-150400.4.51.1
* php7-tokenizer-7.4.33-150400.4.51.1
* php7-bz2-7.4.33-150400.4.51.1
* php7-sysvmsg-debuginfo-7.4.33-150400.4.51.1
* php7-mbstring-debuginfo-7.4.33-150400.4.51.1
* php7-bz2-debuginfo-7.4.33-150400.4.51.1
* php7-debuginfo-7.4.33-150400.4.51.1
* php7-sysvshm-7.4.33-150400.4.51.1
* php7-dom-7.4.33-150400.4.51.1
* php7-devel-7.4.33-150400.4.51.1
* php7-shmop-debuginfo-7.4.33-150400.4.51.1
* php7-enchant-debuginfo-7.4.33-150400.4.51.1
* php7-calendar-debuginfo-7.4.33-150400.4.51.1
* php7-sockets-7.4.33-150400.4.51.1
* php7-sysvsem-debuginfo-7.4.33-150400.4.51.1
* php7-odbc-7.4.33-150400.4.51.1
* apache2-mod_php7-debuginfo-7.4.33-150400.4.51.1
* php7-xmlrpc-7.4.33-150400.4.51.1
* php7-ldap-7.4.33-150400.4.51.1
* php7-snmp-debuginfo-7.4.33-150400.4.51.1
* php7-pgsql-7.4.33-150400.4.51.1
* Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* php7-gd-debuginfo-7.4.33-150400.4.51.1
* php7-7.4.33-150400.4.51.1
* php7-opcache-7.4.33-150400.4.51.1
* php7-sodium-7.4.33-150400.4.51.1
* php7-sysvsem-7.4.33-150400.4.51.1
* php7-curl-7.4.33-150400.4.51.1
* php7-fpm-debugsource-7.4.33-150400.4.51.1
* php7-pgsql-debuginfo-7.4.33-150400.4.51.1
* php7-sqlite-7.4.33-150400.4.51.1
* php7-zlib-debuginfo-7.4.33-150400.4.51.1
* php7-fastcgi-debugsource-7.4.33-150400.4.51.1
* php7-mysql-7.4.33-150400.4.51.1
* php7-sysvmsg-7.4.33-150400.4.51.1
* php7-readline-debuginfo-7.4.33-150400.4.51.1
* php7-fpm-debuginfo-7.4.33-150400.4.51.1
* php7-fileinfo-debuginfo-7.4.33-150400.4.51.1
* php7-zlib-7.4.33-150400.4.51.1
* php7-ctype-7.4.33-150400.4.51.1
* php7-gd-7.4.33-150400.4.51.1
* php7-iconv-debuginfo-7.4.33-150400.4.51.1
* php7-zip-debuginfo-7.4.33-150400.4.51.1
* php7-mbstring-7.4.33-150400.4.51.1
* php7-calendar-7.4.33-150400.4.51.1
* php7-tokenizer-debuginfo-7.4.33-150400.4.51.1
* php7-iconv-7.4.33-150400.4.51.1
* php7-ftp-debuginfo-7.4.33-150400.4.51.1
* php7-gmp-debuginfo-7.4.33-150400.4.51.1
* php7-cli-7.4.33-150400.4.51.1
* php7-intl-7.4.33-150400.4.51.1
* php7-phar-debuginfo-7.4.33-150400.4.51.1
* php7-pdo-7.4.33-150400.4.51.1
* php7-debugsource-7.4.33-150400.4.51.1
* php7-exif-7.4.33-150400.4.51.1
* php7-soap-debuginfo-7.4.33-150400.4.51.1
* php7-xmlreader-7.4.33-150400.4.51.1
* php7-tidy-7.4.33-150400.4.51.1
* php7-xmlwriter-debuginfo-7.4.33-150400.4.51.1
* php7-zip-7.4.33-150400.4.51.1
* php7-ctype-debuginfo-7.4.33-150400.4.51.1
* apache2-mod_php7-7.4.33-150400.4.51.1
* php7-opcache-debuginfo-7.4.33-150400.4.51.1
* php7-xmlwriter-7.4.33-150400.4.51.1
* php7-sqlite-debuginfo-7.4.33-150400.4.51.1
* php7-posix-debuginfo-7.4.33-150400.4.51.1
* apache2-mod_php7-debugsource-7.4.33-150400.4.51.1
* php7-gettext-7.4.33-150400.4.51.1
* php7-sysvshm-debuginfo-7.4.33-150400.4.51.1
* php7-xsl-debuginfo-7.4.33-150400.4.51.1
* php7-json-debuginfo-7.4.33-150400.4.51.1
* php7-openssl-debuginfo-7.4.33-150400.4.51.1
* php7-xmlreader-debuginfo-7.4.33-150400.4.51.1
* php7-json-7.4.33-150400.4.51.1
* php7-dom-debuginfo-7.4.33-150400.4.51.1
* php7-fpm-7.4.33-150400.4.51.1
* php7-ldap-debuginfo-7.4.33-150400.4.51.1
* php7-gettext-debuginfo-7.4.33-150400.4.51.1
* php7-mysql-debuginfo-7.4.33-150400.4.51.1
* php7-enchant-7.4.33-150400.4.51.1
* php7-bcmath-debuginfo-7.4.33-150400.4.51.1
* php7-bcmath-7.4.33-150400.4.51.1
* php7-odbc-debuginfo-7.4.33-150400.4.51.1
* php7-sodium-debuginfo-7.4.33-150400.4.51.1
* php7-pcntl-7.4.33-150400.4.51.1
* php7-pdo-debuginfo-7.4.33-150400.4.51.1
* php7-fastcgi-debuginfo-7.4.33-150400.4.51.1
* php7-openssl-7.4.33-150400.4.51.1
* php7-sockets-debuginfo-7.4.33-150400.4.51.1
* php7-tidy-debuginfo-7.4.33-150400.4.51.1
* php7-dba-7.4.33-150400.4.51.1
* php7-cli-debuginfo-7.4.33-150400.4.51.1
* php7-curl-debuginfo-7.4.33-150400.4.51.1
* php7-posix-7.4.33-150400.4.51.1
* php7-dba-debuginfo-7.4.33-150400.4.51.1
* php7-xsl-7.4.33-150400.4.51.1
* php7-exif-debuginfo-7.4.33-150400.4.51.1
* php7-fileinfo-7.4.33-150400.4.51.1
* php7-intl-debuginfo-7.4.33-150400.4.51.1
* php7-soap-7.4.33-150400.4.51.1
* php7-phar-7.4.33-150400.4.51.1
* php7-fastcgi-7.4.33-150400.4.51.1
* php7-snmp-7.4.33-150400.4.51.1
* php7-pcntl-debuginfo-7.4.33-150400.4.51.1
* php7-readline-7.4.33-150400.4.51.1
* php7-xmlrpc-debuginfo-7.4.33-150400.4.51.1
* php7-gmp-7.4.33-150400.4.51.1
* php7-ftp-7.4.33-150400.4.51.1
* php7-shmop-7.4.33-150400.4.51.1
* php7-tokenizer-7.4.33-150400.4.51.1
* php7-bz2-7.4.33-150400.4.51.1
* php7-sysvmsg-debuginfo-7.4.33-150400.4.51.1
* php7-mbstring-debuginfo-7.4.33-150400.4.51.1
* php7-bz2-debuginfo-7.4.33-150400.4.51.1
* php7-debuginfo-7.4.33-150400.4.51.1
* php7-sysvshm-7.4.33-150400.4.51.1
* php7-dom-7.4.33-150400.4.51.1
* php7-devel-7.4.33-150400.4.51.1
* php7-shmop-debuginfo-7.4.33-150400.4.51.1
* php7-enchant-debuginfo-7.4.33-150400.4.51.1
* php7-calendar-debuginfo-7.4.33-150400.4.51.1
* php7-sockets-7.4.33-150400.4.51.1
* php7-sysvsem-debuginfo-7.4.33-150400.4.51.1
* php7-odbc-7.4.33-150400.4.51.1
* apache2-mod_php7-debuginfo-7.4.33-150400.4.51.1
* php7-xmlrpc-7.4.33-150400.4.51.1
* php7-ldap-7.4.33-150400.4.51.1
* php7-snmp-debuginfo-7.4.33-150400.4.51.1
* php7-pgsql-7.4.33-150400.4.51.1
* Legacy Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* apache2-mod_php7-7.4.33-150400.4.51.1
* php7-7.4.33-150400.4.51.1
* apache2-mod_php7-debuginfo-7.4.33-150400.4.51.1
* php7-debugsource-7.4.33-150400.4.51.1
* php7-debuginfo-7.4.33-150400.4.51.1
* apache2-mod_php7-debugsource-7.4.33-150400.4.51.1
* SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64)
* php7-embed-7.4.33-150400.4.51.1
* php7-embed-debuginfo-7.4.33-150400.4.51.1
* php7-embed-debugsource-7.4.33-150400.4.51.1
* SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64)
* php7-embed-7.4.33-150400.4.51.1
* php7-embed-debuginfo-7.4.33-150400.4.51.1
* php7-embed-debugsource-7.4.33-150400.4.51.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* php7-gd-debuginfo-7.4.33-150400.4.51.1
* php7-7.4.33-150400.4.51.1
* php7-opcache-7.4.33-150400.4.51.1
* php7-sodium-7.4.33-150400.4.51.1
* php7-sysvsem-7.4.33-150400.4.51.1
* php7-curl-7.4.33-150400.4.51.1
* php7-fpm-debugsource-7.4.33-150400.4.51.1
* php7-pgsql-debuginfo-7.4.33-150400.4.51.1
* php7-sqlite-7.4.33-150400.4.51.1
* php7-zlib-debuginfo-7.4.33-150400.4.51.1
* php7-fastcgi-debugsource-7.4.33-150400.4.51.1
* php7-mysql-7.4.33-150400.4.51.1
* php7-sysvmsg-7.4.33-150400.4.51.1
* php7-readline-debuginfo-7.4.33-150400.4.51.1
* php7-fpm-debuginfo-7.4.33-150400.4.51.1
* php7-fileinfo-debuginfo-7.4.33-150400.4.51.1
* php7-zlib-7.4.33-150400.4.51.1
* php7-ctype-7.4.33-150400.4.51.1
* php7-gd-7.4.33-150400.4.51.1
* php7-iconv-debuginfo-7.4.33-150400.4.51.1
* php7-zip-debuginfo-7.4.33-150400.4.51.1
* php7-mbstring-7.4.33-150400.4.51.1
* php7-calendar-7.4.33-150400.4.51.1
* php7-tokenizer-debuginfo-7.4.33-150400.4.51.1
* php7-iconv-7.4.33-150400.4.51.1
* php7-ftp-debuginfo-7.4.33-150400.4.51.1
* php7-gmp-debuginfo-7.4.33-150400.4.51.1
* php7-cli-7.4.33-150400.4.51.1
* php7-intl-7.4.33-150400.4.51.1
* php7-phar-debuginfo-7.4.33-150400.4.51.1
* php7-pdo-7.4.33-150400.4.51.1
* php7-debugsource-7.4.33-150400.4.51.1
* php7-exif-7.4.33-150400.4.51.1
* php7-soap-debuginfo-7.4.33-150400.4.51.1
* php7-xmlreader-7.4.33-150400.4.51.1
* php7-tidy-7.4.33-150400.4.51.1
* php7-xmlwriter-debuginfo-7.4.33-150400.4.51.1
* php7-zip-7.4.33-150400.4.51.1
* php7-ctype-debuginfo-7.4.33-150400.4.51.1
* apache2-mod_php7-7.4.33-150400.4.51.1
* php7-opcache-debuginfo-7.4.33-150400.4.51.1
* php7-xmlwriter-7.4.33-150400.4.51.1
* php7-sqlite-debuginfo-7.4.33-150400.4.51.1
* php7-posix-debuginfo-7.4.33-150400.4.51.1
* apache2-mod_php7-debugsource-7.4.33-150400.4.51.1
* php7-gettext-7.4.33-150400.4.51.1
* php7-sysvshm-debuginfo-7.4.33-150400.4.51.1
* php7-xsl-debuginfo-7.4.33-150400.4.51.1
* php7-json-debuginfo-7.4.33-150400.4.51.1
* php7-openssl-debuginfo-7.4.33-150400.4.51.1
* php7-xmlreader-debuginfo-7.4.33-150400.4.51.1
* php7-json-7.4.33-150400.4.51.1
* php7-dom-debuginfo-7.4.33-150400.4.51.1
* php7-fpm-7.4.33-150400.4.51.1
* php7-ldap-debuginfo-7.4.33-150400.4.51.1
* php7-gettext-debuginfo-7.4.33-150400.4.51.1
* php7-mysql-debuginfo-7.4.33-150400.4.51.1
* php7-enchant-7.4.33-150400.4.51.1
* php7-bcmath-debuginfo-7.4.33-150400.4.51.1
* php7-bcmath-7.4.33-150400.4.51.1
* php7-odbc-debuginfo-7.4.33-150400.4.51.1
* php7-sodium-debuginfo-7.4.33-150400.4.51.1
* php7-pcntl-7.4.33-150400.4.51.1
* php7-pdo-debuginfo-7.4.33-150400.4.51.1
* php7-fastcgi-debuginfo-7.4.33-150400.4.51.1
* php7-openssl-7.4.33-150400.4.51.1
* php7-sockets-debuginfo-7.4.33-150400.4.51.1
* php7-tidy-debuginfo-7.4.33-150400.4.51.1
* php7-dba-7.4.33-150400.4.51.1
* php7-cli-debuginfo-7.4.33-150400.4.51.1
* php7-curl-debuginfo-7.4.33-150400.4.51.1
* php7-posix-7.4.33-150400.4.51.1
* php7-dba-debuginfo-7.4.33-150400.4.51.1
* php7-xsl-7.4.33-150400.4.51.1
* php7-exif-debuginfo-7.4.33-150400.4.51.1
* php7-fileinfo-7.4.33-150400.4.51.1
* php7-intl-debuginfo-7.4.33-150400.4.51.1
* php7-soap-7.4.33-150400.4.51.1
* php7-phar-7.4.33-150400.4.51.1
* php7-fastcgi-7.4.33-150400.4.51.1
* php7-snmp-7.4.33-150400.4.51.1
* php7-pcntl-debuginfo-7.4.33-150400.4.51.1
* php7-readline-7.4.33-150400.4.51.1
* php7-xmlrpc-debuginfo-7.4.33-150400.4.51.1
* php7-gmp-7.4.33-150400.4.51.1
* php7-ftp-7.4.33-150400.4.51.1
* php7-shmop-7.4.33-150400.4.51.1
* php7-tokenizer-7.4.33-150400.4.51.1
* php7-bz2-7.4.33-150400.4.51.1
* php7-sysvmsg-debuginfo-7.4.33-150400.4.51.1
* php7-mbstring-debuginfo-7.4.33-150400.4.51.1
* php7-bz2-debuginfo-7.4.33-150400.4.51.1
* php7-debuginfo-7.4.33-150400.4.51.1
* php7-sysvshm-7.4.33-150400.4.51.1
* php7-dom-7.4.33-150400.4.51.1
* php7-devel-7.4.33-150400.4.51.1
* php7-shmop-debuginfo-7.4.33-150400.4.51.1
* php7-enchant-debuginfo-7.4.33-150400.4.51.1
* php7-calendar-debuginfo-7.4.33-150400.4.51.1
* php7-sockets-7.4.33-150400.4.51.1
* php7-sysvsem-debuginfo-7.4.33-150400.4.51.1
* php7-odbc-7.4.33-150400.4.51.1
* apache2-mod_php7-debuginfo-7.4.33-150400.4.51.1
* php7-xmlrpc-7.4.33-150400.4.51.1
* php7-ldap-7.4.33-150400.4.51.1
* php7-snmp-debuginfo-7.4.33-150400.4.51.1
* php7-pgsql-7.4.33-150400.4.51.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* php7-gd-debuginfo-7.4.33-150400.4.51.1
* php7-7.4.33-150400.4.51.1
* php7-opcache-7.4.33-150400.4.51.1
* php7-sodium-7.4.33-150400.4.51.1
* php7-sysvsem-7.4.33-150400.4.51.1
* php7-curl-7.4.33-150400.4.51.1
* php7-fpm-debugsource-7.4.33-150400.4.51.1
* php7-pgsql-debuginfo-7.4.33-150400.4.51.1
* php7-sqlite-7.4.33-150400.4.51.1
* php7-zlib-debuginfo-7.4.33-150400.4.51.1
* php7-fastcgi-debugsource-7.4.33-150400.4.51.1
* php7-mysql-7.4.33-150400.4.51.1
* php7-sysvmsg-7.4.33-150400.4.51.1
* php7-readline-debuginfo-7.4.33-150400.4.51.1
* php7-fpm-debuginfo-7.4.33-150400.4.51.1
* php7-fileinfo-debuginfo-7.4.33-150400.4.51.1
* php7-zlib-7.4.33-150400.4.51.1
* php7-ctype-7.4.33-150400.4.51.1
* php7-gd-7.4.33-150400.4.51.1
* php7-iconv-debuginfo-7.4.33-150400.4.51.1
* php7-zip-debuginfo-7.4.33-150400.4.51.1
* php7-mbstring-7.4.33-150400.4.51.1
* php7-calendar-7.4.33-150400.4.51.1
* php7-tokenizer-debuginfo-7.4.33-150400.4.51.1
* php7-iconv-7.4.33-150400.4.51.1
* php7-ftp-debuginfo-7.4.33-150400.4.51.1
* php7-gmp-debuginfo-7.4.33-150400.4.51.1
* php7-cli-7.4.33-150400.4.51.1
* php7-intl-7.4.33-150400.4.51.1
* php7-phar-debuginfo-7.4.33-150400.4.51.1
* php7-pdo-7.4.33-150400.4.51.1
* php7-debugsource-7.4.33-150400.4.51.1
* php7-exif-7.4.33-150400.4.51.1
* php7-soap-debuginfo-7.4.33-150400.4.51.1
* php7-xmlreader-7.4.33-150400.4.51.1
* php7-tidy-7.4.33-150400.4.51.1
* php7-xmlwriter-debuginfo-7.4.33-150400.4.51.1
* php7-zip-7.4.33-150400.4.51.1
* php7-ctype-debuginfo-7.4.33-150400.4.51.1
* apache2-mod_php7-7.4.33-150400.4.51.1
* php7-opcache-debuginfo-7.4.33-150400.4.51.1
* php7-xmlwriter-7.4.33-150400.4.51.1
* php7-sqlite-debuginfo-7.4.33-150400.4.51.1
* php7-posix-debuginfo-7.4.33-150400.4.51.1
* apache2-mod_php7-debugsource-7.4.33-150400.4.51.1
* php7-gettext-7.4.33-150400.4.51.1
* php7-sysvshm-debuginfo-7.4.33-150400.4.51.1
* php7-xsl-debuginfo-7.4.33-150400.4.51.1
* php7-json-debuginfo-7.4.33-150400.4.51.1
* php7-openssl-debuginfo-7.4.33-150400.4.51.1
* php7-xmlreader-debuginfo-7.4.33-150400.4.51.1
* php7-json-7.4.33-150400.4.51.1
* php7-dom-debuginfo-7.4.33-150400.4.51.1
* php7-fpm-7.4.33-150400.4.51.1
* php7-ldap-debuginfo-7.4.33-150400.4.51.1
* php7-gettext-debuginfo-7.4.33-150400.4.51.1
* php7-mysql-debuginfo-7.4.33-150400.4.51.1
* php7-enchant-7.4.33-150400.4.51.1
* php7-bcmath-debuginfo-7.4.33-150400.4.51.1
* php7-bcmath-7.4.33-150400.4.51.1
* php7-odbc-debuginfo-7.4.33-150400.4.51.1
* php7-sodium-debuginfo-7.4.33-150400.4.51.1
* php7-pcntl-7.4.33-150400.4.51.1
* php7-pdo-debuginfo-7.4.33-150400.4.51.1
* php7-fastcgi-debuginfo-7.4.33-150400.4.51.1
* php7-openssl-7.4.33-150400.4.51.1
* php7-sockets-debuginfo-7.4.33-150400.4.51.1
* php7-tidy-debuginfo-7.4.33-150400.4.51.1
* php7-dba-7.4.33-150400.4.51.1
* php7-cli-debuginfo-7.4.33-150400.4.51.1
* php7-curl-debuginfo-7.4.33-150400.4.51.1
* php7-posix-7.4.33-150400.4.51.1
* php7-dba-debuginfo-7.4.33-150400.4.51.1
* php7-xsl-7.4.33-150400.4.51.1
* php7-exif-debuginfo-7.4.33-150400.4.51.1
* php7-fileinfo-7.4.33-150400.4.51.1
* php7-intl-debuginfo-7.4.33-150400.4.51.1
* php7-soap-7.4.33-150400.4.51.1
* php7-phar-7.4.33-150400.4.51.1
* php7-fastcgi-7.4.33-150400.4.51.1
* php7-snmp-7.4.33-150400.4.51.1
* php7-pcntl-debuginfo-7.4.33-150400.4.51.1
* php7-readline-7.4.33-150400.4.51.1
* php7-xmlrpc-debuginfo-7.4.33-150400.4.51.1
* php7-gmp-7.4.33-150400.4.51.1
* php7-ftp-7.4.33-150400.4.51.1
* php7-shmop-7.4.33-150400.4.51.1
* php7-tokenizer-7.4.33-150400.4.51.1
* php7-bz2-7.4.33-150400.4.51.1
* php7-sysvmsg-debuginfo-7.4.33-150400.4.51.1
* php7-mbstring-debuginfo-7.4.33-150400.4.51.1
* php7-bz2-debuginfo-7.4.33-150400.4.51.1
* php7-debuginfo-7.4.33-150400.4.51.1
* php7-sysvshm-7.4.33-150400.4.51.1
* php7-dom-7.4.33-150400.4.51.1
* php7-devel-7.4.33-150400.4.51.1
* php7-shmop-debuginfo-7.4.33-150400.4.51.1
* php7-enchant-debuginfo-7.4.33-150400.4.51.1
* php7-calendar-debuginfo-7.4.33-150400.4.51.1
* php7-sockets-7.4.33-150400.4.51.1
* php7-sysvsem-debuginfo-7.4.33-150400.4.51.1
* php7-odbc-7.4.33-150400.4.51.1
* apache2-mod_php7-debuginfo-7.4.33-150400.4.51.1
* php7-xmlrpc-7.4.33-150400.4.51.1
* php7-ldap-7.4.33-150400.4.51.1
* php7-snmp-debuginfo-7.4.33-150400.4.51.1
* php7-pgsql-7.4.33-150400.4.51.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* php7-gd-debuginfo-7.4.33-150400.4.51.1
* php7-7.4.33-150400.4.51.1
* php7-opcache-7.4.33-150400.4.51.1
* php7-sodium-7.4.33-150400.4.51.1
* php7-sysvsem-7.4.33-150400.4.51.1
* php7-curl-7.4.33-150400.4.51.1
* php7-fpm-debugsource-7.4.33-150400.4.51.1
* php7-pgsql-debuginfo-7.4.33-150400.4.51.1
* php7-sqlite-7.4.33-150400.4.51.1
* php7-zlib-debuginfo-7.4.33-150400.4.51.1
* php7-fastcgi-debugsource-7.4.33-150400.4.51.1
* php7-mysql-7.4.33-150400.4.51.1
* php7-sysvmsg-7.4.33-150400.4.51.1
* php7-readline-debuginfo-7.4.33-150400.4.51.1
* php7-fpm-debuginfo-7.4.33-150400.4.51.1
* php7-fileinfo-debuginfo-7.4.33-150400.4.51.1
* php7-zlib-7.4.33-150400.4.51.1
* php7-ctype-7.4.33-150400.4.51.1
* php7-gd-7.4.33-150400.4.51.1
* php7-iconv-debuginfo-7.4.33-150400.4.51.1
* php7-zip-debuginfo-7.4.33-150400.4.51.1
* php7-mbstring-7.4.33-150400.4.51.1
* php7-calendar-7.4.33-150400.4.51.1
* php7-tokenizer-debuginfo-7.4.33-150400.4.51.1
* php7-iconv-7.4.33-150400.4.51.1
* php7-ftp-debuginfo-7.4.33-150400.4.51.1
* php7-gmp-debuginfo-7.4.33-150400.4.51.1
* php7-cli-7.4.33-150400.4.51.1
* php7-intl-7.4.33-150400.4.51.1
* php7-phar-debuginfo-7.4.33-150400.4.51.1
* php7-pdo-7.4.33-150400.4.51.1
* php7-debugsource-7.4.33-150400.4.51.1
* php7-exif-7.4.33-150400.4.51.1
* php7-soap-debuginfo-7.4.33-150400.4.51.1
* php7-xmlreader-7.4.33-150400.4.51.1
* php7-tidy-7.4.33-150400.4.51.1
* php7-xmlwriter-debuginfo-7.4.33-150400.4.51.1
* php7-zip-7.4.33-150400.4.51.1
* php7-ctype-debuginfo-7.4.33-150400.4.51.1
* apache2-mod_php7-7.4.33-150400.4.51.1
* php7-opcache-debuginfo-7.4.33-150400.4.51.1
* php7-xmlwriter-7.4.33-150400.4.51.1
* php7-sqlite-debuginfo-7.4.33-150400.4.51.1
* php7-posix-debuginfo-7.4.33-150400.4.51.1
* apache2-mod_php7-debugsource-7.4.33-150400.4.51.1
* php7-gettext-7.4.33-150400.4.51.1
* php7-sysvshm-debuginfo-7.4.33-150400.4.51.1
* php7-xsl-debuginfo-7.4.33-150400.4.51.1
* php7-json-debuginfo-7.4.33-150400.4.51.1
* php7-openssl-debuginfo-7.4.33-150400.4.51.1
* php7-xmlreader-debuginfo-7.4.33-150400.4.51.1
* php7-json-7.4.33-150400.4.51.1
* php7-dom-debuginfo-7.4.33-150400.4.51.1
* php7-fpm-7.4.33-150400.4.51.1
* php7-ldap-debuginfo-7.4.33-150400.4.51.1
* php7-gettext-debuginfo-7.4.33-150400.4.51.1
* php7-mysql-debuginfo-7.4.33-150400.4.51.1
* php7-enchant-7.4.33-150400.4.51.1
* php7-bcmath-debuginfo-7.4.33-150400.4.51.1
* php7-bcmath-7.4.33-150400.4.51.1
* php7-odbc-debuginfo-7.4.33-150400.4.51.1
* php7-sodium-debuginfo-7.4.33-150400.4.51.1
* php7-pcntl-7.4.33-150400.4.51.1
* php7-pdo-debuginfo-7.4.33-150400.4.51.1
* php7-fastcgi-debuginfo-7.4.33-150400.4.51.1
* php7-openssl-7.4.33-150400.4.51.1
* php7-sockets-debuginfo-7.4.33-150400.4.51.1
* php7-tidy-debuginfo-7.4.33-150400.4.51.1
* php7-dba-7.4.33-150400.4.51.1
* php7-cli-debuginfo-7.4.33-150400.4.51.1
* php7-curl-debuginfo-7.4.33-150400.4.51.1
* php7-posix-7.4.33-150400.4.51.1
* php7-dba-debuginfo-7.4.33-150400.4.51.1
* php7-xsl-7.4.33-150400.4.51.1
* php7-exif-debuginfo-7.4.33-150400.4.51.1
* php7-fileinfo-7.4.33-150400.4.51.1
* php7-intl-debuginfo-7.4.33-150400.4.51.1
* php7-soap-7.4.33-150400.4.51.1
* php7-phar-7.4.33-150400.4.51.1
* php7-fastcgi-7.4.33-150400.4.51.1
* php7-snmp-7.4.33-150400.4.51.1
* php7-pcntl-debuginfo-7.4.33-150400.4.51.1
* php7-readline-7.4.33-150400.4.51.1
* php7-xmlrpc-debuginfo-7.4.33-150400.4.51.1
* php7-gmp-7.4.33-150400.4.51.1
* php7-ftp-7.4.33-150400.4.51.1
* php7-shmop-7.4.33-150400.4.51.1
* php7-tokenizer-7.4.33-150400.4.51.1
* php7-bz2-7.4.33-150400.4.51.1
* php7-sysvmsg-debuginfo-7.4.33-150400.4.51.1
* php7-mbstring-debuginfo-7.4.33-150400.4.51.1
* php7-bz2-debuginfo-7.4.33-150400.4.51.1
* php7-debuginfo-7.4.33-150400.4.51.1
* php7-sysvshm-7.4.33-150400.4.51.1
* php7-dom-7.4.33-150400.4.51.1
* php7-devel-7.4.33-150400.4.51.1
* php7-shmop-debuginfo-7.4.33-150400.4.51.1
* php7-enchant-debuginfo-7.4.33-150400.4.51.1
* php7-calendar-debuginfo-7.4.33-150400.4.51.1
* php7-sockets-7.4.33-150400.4.51.1
* php7-sysvsem-debuginfo-7.4.33-150400.4.51.1
* php7-odbc-7.4.33-150400.4.51.1
* apache2-mod_php7-debuginfo-7.4.33-150400.4.51.1
* php7-xmlrpc-7.4.33-150400.4.51.1
* php7-ldap-7.4.33-150400.4.51.1
* php7-snmp-debuginfo-7.4.33-150400.4.51.1
* php7-pgsql-7.4.33-150400.4.51.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* php7-gd-debuginfo-7.4.33-150400.4.51.1
* php7-7.4.33-150400.4.51.1
* php7-opcache-7.4.33-150400.4.51.1
* php7-sodium-7.4.33-150400.4.51.1
* php7-sysvsem-7.4.33-150400.4.51.1
* php7-curl-7.4.33-150400.4.51.1
* php7-fpm-debugsource-7.4.33-150400.4.51.1
* php7-pgsql-debuginfo-7.4.33-150400.4.51.1
* php7-sqlite-7.4.33-150400.4.51.1
* php7-zlib-debuginfo-7.4.33-150400.4.51.1
* php7-fastcgi-debugsource-7.4.33-150400.4.51.1
* php7-mysql-7.4.33-150400.4.51.1
* php7-sysvmsg-7.4.33-150400.4.51.1
* php7-readline-debuginfo-7.4.33-150400.4.51.1
* php7-fpm-debuginfo-7.4.33-150400.4.51.1
* php7-fileinfo-debuginfo-7.4.33-150400.4.51.1
* php7-zlib-7.4.33-150400.4.51.1
* php7-ctype-7.4.33-150400.4.51.1
* php7-gd-7.4.33-150400.4.51.1
* php7-iconv-debuginfo-7.4.33-150400.4.51.1
* php7-zip-debuginfo-7.4.33-150400.4.51.1
* php7-mbstring-7.4.33-150400.4.51.1
* php7-calendar-7.4.33-150400.4.51.1
* php7-tokenizer-debuginfo-7.4.33-150400.4.51.1
* php7-iconv-7.4.33-150400.4.51.1
* php7-ftp-debuginfo-7.4.33-150400.4.51.1
* php7-gmp-debuginfo-7.4.33-150400.4.51.1
* php7-cli-7.4.33-150400.4.51.1
* php7-intl-7.4.33-150400.4.51.1
* php7-phar-debuginfo-7.4.33-150400.4.51.1
* php7-pdo-7.4.33-150400.4.51.1
* php7-debugsource-7.4.33-150400.4.51.1
* php7-exif-7.4.33-150400.4.51.1
* php7-soap-debuginfo-7.4.33-150400.4.51.1
* php7-xmlreader-7.4.33-150400.4.51.1
* php7-tidy-7.4.33-150400.4.51.1
* php7-xmlwriter-debuginfo-7.4.33-150400.4.51.1
* php7-zip-7.4.33-150400.4.51.1
* php7-ctype-debuginfo-7.4.33-150400.4.51.1
* apache2-mod_php7-7.4.33-150400.4.51.1
* php7-opcache-debuginfo-7.4.33-150400.4.51.1
* php7-xmlwriter-7.4.33-150400.4.51.1
* php7-sqlite-debuginfo-7.4.33-150400.4.51.1
* php7-posix-debuginfo-7.4.33-150400.4.51.1
* apache2-mod_php7-debugsource-7.4.33-150400.4.51.1
* php7-gettext-7.4.33-150400.4.51.1
* php7-sysvshm-debuginfo-7.4.33-150400.4.51.1
* php7-xsl-debuginfo-7.4.33-150400.4.51.1
* php7-json-debuginfo-7.4.33-150400.4.51.1
* php7-openssl-debuginfo-7.4.33-150400.4.51.1
* php7-xmlreader-debuginfo-7.4.33-150400.4.51.1
* php7-json-7.4.33-150400.4.51.1
* php7-dom-debuginfo-7.4.33-150400.4.51.1
* php7-fpm-7.4.33-150400.4.51.1
* php7-ldap-debuginfo-7.4.33-150400.4.51.1
* php7-gettext-debuginfo-7.4.33-150400.4.51.1
* php7-mysql-debuginfo-7.4.33-150400.4.51.1
* php7-enchant-7.4.33-150400.4.51.1
* php7-bcmath-debuginfo-7.4.33-150400.4.51.1
* php7-bcmath-7.4.33-150400.4.51.1
* php7-odbc-debuginfo-7.4.33-150400.4.51.1
* php7-sodium-debuginfo-7.4.33-150400.4.51.1
* php7-pcntl-7.4.33-150400.4.51.1
* php7-pdo-debuginfo-7.4.33-150400.4.51.1
* php7-fastcgi-debuginfo-7.4.33-150400.4.51.1
* php7-openssl-7.4.33-150400.4.51.1
* php7-sockets-debuginfo-7.4.33-150400.4.51.1
* php7-tidy-debuginfo-7.4.33-150400.4.51.1
* php7-dba-7.4.33-150400.4.51.1
* php7-cli-debuginfo-7.4.33-150400.4.51.1
* php7-curl-debuginfo-7.4.33-150400.4.51.1
* php7-posix-7.4.33-150400.4.51.1
* php7-dba-debuginfo-7.4.33-150400.4.51.1
* php7-xsl-7.4.33-150400.4.51.1
* php7-exif-debuginfo-7.4.33-150400.4.51.1
* php7-fileinfo-7.4.33-150400.4.51.1
* php7-intl-debuginfo-7.4.33-150400.4.51.1
* php7-soap-7.4.33-150400.4.51.1
* php7-phar-7.4.33-150400.4.51.1
* php7-fastcgi-7.4.33-150400.4.51.1
* php7-snmp-7.4.33-150400.4.51.1
* php7-pcntl-debuginfo-7.4.33-150400.4.51.1
* php7-readline-7.4.33-150400.4.51.1
* php7-xmlrpc-debuginfo-7.4.33-150400.4.51.1
* php7-gmp-7.4.33-150400.4.51.1
* php7-ftp-7.4.33-150400.4.51.1
* php7-shmop-7.4.33-150400.4.51.1
* php7-tokenizer-7.4.33-150400.4.51.1
* php7-bz2-7.4.33-150400.4.51.1
* php7-sysvmsg-debuginfo-7.4.33-150400.4.51.1
* php7-mbstring-debuginfo-7.4.33-150400.4.51.1
* php7-bz2-debuginfo-7.4.33-150400.4.51.1
* php7-debuginfo-7.4.33-150400.4.51.1
* php7-sysvshm-7.4.33-150400.4.51.1
* php7-dom-7.4.33-150400.4.51.1
* php7-devel-7.4.33-150400.4.51.1
* php7-shmop-debuginfo-7.4.33-150400.4.51.1
* php7-enchant-debuginfo-7.4.33-150400.4.51.1
* php7-calendar-debuginfo-7.4.33-150400.4.51.1
* php7-sockets-7.4.33-150400.4.51.1
* php7-sysvsem-debuginfo-7.4.33-150400.4.51.1
* php7-odbc-7.4.33-150400.4.51.1
* apache2-mod_php7-debuginfo-7.4.33-150400.4.51.1
* php7-xmlrpc-7.4.33-150400.4.51.1
* php7-ldap-7.4.33-150400.4.51.1
* php7-snmp-debuginfo-7.4.33-150400.4.51.1
* php7-pgsql-7.4.33-150400.4.51.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* php7-gd-debuginfo-7.4.33-150400.4.51.1
* php7-7.4.33-150400.4.51.1
* php7-opcache-7.4.33-150400.4.51.1
* php7-sodium-7.4.33-150400.4.51.1
* php7-sysvsem-7.4.33-150400.4.51.1
* php7-curl-7.4.33-150400.4.51.1
* php7-fpm-debugsource-7.4.33-150400.4.51.1
* php7-pgsql-debuginfo-7.4.33-150400.4.51.1
* php7-sqlite-7.4.33-150400.4.51.1
* php7-zlib-debuginfo-7.4.33-150400.4.51.1
* php7-fastcgi-debugsource-7.4.33-150400.4.51.1
* php7-mysql-7.4.33-150400.4.51.1
* php7-sysvmsg-7.4.33-150400.4.51.1
* php7-readline-debuginfo-7.4.33-150400.4.51.1
* php7-fpm-debuginfo-7.4.33-150400.4.51.1
* php7-fileinfo-debuginfo-7.4.33-150400.4.51.1
* php7-zlib-7.4.33-150400.4.51.1
* php7-ctype-7.4.33-150400.4.51.1
* php7-gd-7.4.33-150400.4.51.1
* php7-iconv-debuginfo-7.4.33-150400.4.51.1
* php7-zip-debuginfo-7.4.33-150400.4.51.1
* php7-mbstring-7.4.33-150400.4.51.1
* php7-calendar-7.4.33-150400.4.51.1
* php7-tokenizer-debuginfo-7.4.33-150400.4.51.1
* php7-iconv-7.4.33-150400.4.51.1
* php7-ftp-debuginfo-7.4.33-150400.4.51.1
* php7-gmp-debuginfo-7.4.33-150400.4.51.1
* php7-cli-7.4.33-150400.4.51.1
* php7-intl-7.4.33-150400.4.51.1
* php7-phar-debuginfo-7.4.33-150400.4.51.1
* php7-pdo-7.4.33-150400.4.51.1
* php7-debugsource-7.4.33-150400.4.51.1
* php7-exif-7.4.33-150400.4.51.1
* php7-soap-debuginfo-7.4.33-150400.4.51.1
* php7-xmlreader-7.4.33-150400.4.51.1
* php7-tidy-7.4.33-150400.4.51.1
* php7-xmlwriter-debuginfo-7.4.33-150400.4.51.1
* php7-zip-7.4.33-150400.4.51.1
* php7-ctype-debuginfo-7.4.33-150400.4.51.1
* apache2-mod_php7-7.4.33-150400.4.51.1
* php7-opcache-debuginfo-7.4.33-150400.4.51.1
* php7-xmlwriter-7.4.33-150400.4.51.1
* php7-sqlite-debuginfo-7.4.33-150400.4.51.1
* php7-posix-debuginfo-7.4.33-150400.4.51.1
* apache2-mod_php7-debugsource-7.4.33-150400.4.51.1
* php7-gettext-7.4.33-150400.4.51.1
* php7-sysvshm-debuginfo-7.4.33-150400.4.51.1
* php7-xsl-debuginfo-7.4.33-150400.4.51.1
* php7-json-debuginfo-7.4.33-150400.4.51.1
* php7-openssl-debuginfo-7.4.33-150400.4.51.1
* php7-xmlreader-debuginfo-7.4.33-150400.4.51.1
* php7-json-7.4.33-150400.4.51.1
* php7-dom-debuginfo-7.4.33-150400.4.51.1
* php7-fpm-7.4.33-150400.4.51.1
* php7-ldap-debuginfo-7.4.33-150400.4.51.1
* php7-gettext-debuginfo-7.4.33-150400.4.51.1
* php7-mysql-debuginfo-7.4.33-150400.4.51.1
* php7-enchant-7.4.33-150400.4.51.1
* php7-bcmath-debuginfo-7.4.33-150400.4.51.1
* php7-bcmath-7.4.33-150400.4.51.1
* php7-odbc-debuginfo-7.4.33-150400.4.51.1
* php7-sodium-debuginfo-7.4.33-150400.4.51.1
* php7-pcntl-7.4.33-150400.4.51.1
* php7-pdo-debuginfo-7.4.33-150400.4.51.1
* php7-fastcgi-debuginfo-7.4.33-150400.4.51.1
* php7-openssl-7.4.33-150400.4.51.1
* php7-sockets-debuginfo-7.4.33-150400.4.51.1
* php7-tidy-debuginfo-7.4.33-150400.4.51.1
* php7-dba-7.4.33-150400.4.51.1
* php7-cli-debuginfo-7.4.33-150400.4.51.1
* php7-curl-debuginfo-7.4.33-150400.4.51.1
* php7-posix-7.4.33-150400.4.51.1
* php7-dba-debuginfo-7.4.33-150400.4.51.1
* php7-xsl-7.4.33-150400.4.51.1
* php7-exif-debuginfo-7.4.33-150400.4.51.1
* php7-fileinfo-7.4.33-150400.4.51.1
* php7-intl-debuginfo-7.4.33-150400.4.51.1
* php7-soap-7.4.33-150400.4.51.1
* php7-phar-7.4.33-150400.4.51.1
* php7-fastcgi-7.4.33-150400.4.51.1
* php7-snmp-7.4.33-150400.4.51.1
* php7-pcntl-debuginfo-7.4.33-150400.4.51.1
* php7-readline-7.4.33-150400.4.51.1
* php7-xmlrpc-debuginfo-7.4.33-150400.4.51.1
* php7-gmp-7.4.33-150400.4.51.1
* php7-ftp-7.4.33-150400.4.51.1
* php7-shmop-7.4.33-150400.4.51.1
* php7-tokenizer-7.4.33-150400.4.51.1
* php7-bz2-7.4.33-150400.4.51.1
* php7-sysvmsg-debuginfo-7.4.33-150400.4.51.1
* php7-mbstring-debuginfo-7.4.33-150400.4.51.1
* php7-bz2-debuginfo-7.4.33-150400.4.51.1
* php7-debuginfo-7.4.33-150400.4.51.1
* php7-sysvshm-7.4.33-150400.4.51.1
* php7-dom-7.4.33-150400.4.51.1
* php7-devel-7.4.33-150400.4.51.1
* php7-shmop-debuginfo-7.4.33-150400.4.51.1
* php7-enchant-debuginfo-7.4.33-150400.4.51.1
* php7-calendar-debuginfo-7.4.33-150400.4.51.1
* php7-sockets-7.4.33-150400.4.51.1
* php7-sysvsem-debuginfo-7.4.33-150400.4.51.1
* php7-odbc-7.4.33-150400.4.51.1
* apache2-mod_php7-debuginfo-7.4.33-150400.4.51.1
* php7-xmlrpc-7.4.33-150400.4.51.1
* php7-ldap-7.4.33-150400.4.51.1
* php7-snmp-debuginfo-7.4.33-150400.4.51.1
* php7-pgsql-7.4.33-150400.4.51.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* php7-gd-debuginfo-7.4.33-150400.4.51.1
* php7-7.4.33-150400.4.51.1
* php7-opcache-7.4.33-150400.4.51.1
* php7-sodium-7.4.33-150400.4.51.1
* php7-sysvsem-7.4.33-150400.4.51.1
* php7-curl-7.4.33-150400.4.51.1
* php7-fpm-debugsource-7.4.33-150400.4.51.1
* php7-pgsql-debuginfo-7.4.33-150400.4.51.1
* php7-sqlite-7.4.33-150400.4.51.1
* php7-zlib-debuginfo-7.4.33-150400.4.51.1
* php7-fastcgi-debugsource-7.4.33-150400.4.51.1
* php7-mysql-7.4.33-150400.4.51.1
* php7-sysvmsg-7.4.33-150400.4.51.1
* php7-readline-debuginfo-7.4.33-150400.4.51.1
* php7-fpm-debuginfo-7.4.33-150400.4.51.1
* php7-fileinfo-debuginfo-7.4.33-150400.4.51.1
* php7-zlib-7.4.33-150400.4.51.1
* php7-ctype-7.4.33-150400.4.51.1
* php7-gd-7.4.33-150400.4.51.1
* php7-iconv-debuginfo-7.4.33-150400.4.51.1
* php7-zip-debuginfo-7.4.33-150400.4.51.1
* php7-mbstring-7.4.33-150400.4.51.1
* php7-calendar-7.4.33-150400.4.51.1
* php7-tokenizer-debuginfo-7.4.33-150400.4.51.1
* php7-iconv-7.4.33-150400.4.51.1
* php7-ftp-debuginfo-7.4.33-150400.4.51.1
* php7-gmp-debuginfo-7.4.33-150400.4.51.1
* php7-cli-7.4.33-150400.4.51.1
* php7-intl-7.4.33-150400.4.51.1
* php7-phar-debuginfo-7.4.33-150400.4.51.1
* php7-pdo-7.4.33-150400.4.51.1
* php7-debugsource-7.4.33-150400.4.51.1
* php7-exif-7.4.33-150400.4.51.1
* php7-soap-debuginfo-7.4.33-150400.4.51.1
* php7-xmlreader-7.4.33-150400.4.51.1
* php7-tidy-7.4.33-150400.4.51.1
* php7-xmlwriter-debuginfo-7.4.33-150400.4.51.1
* php7-zip-7.4.33-150400.4.51.1
* php7-ctype-debuginfo-7.4.33-150400.4.51.1
* apache2-mod_php7-7.4.33-150400.4.51.1
* php7-opcache-debuginfo-7.4.33-150400.4.51.1
* php7-xmlwriter-7.4.33-150400.4.51.1
* php7-sqlite-debuginfo-7.4.33-150400.4.51.1
* php7-posix-debuginfo-7.4.33-150400.4.51.1
* apache2-mod_php7-debugsource-7.4.33-150400.4.51.1
* php7-gettext-7.4.33-150400.4.51.1
* php7-sysvshm-debuginfo-7.4.33-150400.4.51.1
* php7-xsl-debuginfo-7.4.33-150400.4.51.1
* php7-json-debuginfo-7.4.33-150400.4.51.1
* php7-openssl-debuginfo-7.4.33-150400.4.51.1
* php7-xmlreader-debuginfo-7.4.33-150400.4.51.1
* php7-json-7.4.33-150400.4.51.1
* php7-dom-debuginfo-7.4.33-150400.4.51.1
* php7-fpm-7.4.33-150400.4.51.1
* php7-ldap-debuginfo-7.4.33-150400.4.51.1
* php7-gettext-debuginfo-7.4.33-150400.4.51.1
* php7-mysql-debuginfo-7.4.33-150400.4.51.1
* php7-enchant-7.4.33-150400.4.51.1
* php7-bcmath-debuginfo-7.4.33-150400.4.51.1
* php7-bcmath-7.4.33-150400.4.51.1
* php7-odbc-debuginfo-7.4.33-150400.4.51.1
* php7-sodium-debuginfo-7.4.33-150400.4.51.1
* php7-pcntl-7.4.33-150400.4.51.1
* php7-pdo-debuginfo-7.4.33-150400.4.51.1
* php7-fastcgi-debuginfo-7.4.33-150400.4.51.1
* php7-openssl-7.4.33-150400.4.51.1
* php7-sockets-debuginfo-7.4.33-150400.4.51.1
* php7-tidy-debuginfo-7.4.33-150400.4.51.1
* php7-dba-7.4.33-150400.4.51.1
* php7-cli-debuginfo-7.4.33-150400.4.51.1
* php7-curl-debuginfo-7.4.33-150400.4.51.1
* php7-posix-7.4.33-150400.4.51.1
* php7-dba-debuginfo-7.4.33-150400.4.51.1
* php7-xsl-7.4.33-150400.4.51.1
* php7-exif-debuginfo-7.4.33-150400.4.51.1
* php7-fileinfo-7.4.33-150400.4.51.1
* php7-intl-debuginfo-7.4.33-150400.4.51.1
* php7-soap-7.4.33-150400.4.51.1
* php7-phar-7.4.33-150400.4.51.1
* php7-fastcgi-7.4.33-150400.4.51.1
* php7-snmp-7.4.33-150400.4.51.1
* php7-pcntl-debuginfo-7.4.33-150400.4.51.1
* php7-readline-7.4.33-150400.4.51.1
* php7-xmlrpc-debuginfo-7.4.33-150400.4.51.1
* php7-gmp-7.4.33-150400.4.51.1
* php7-ftp-7.4.33-150400.4.51.1
* php7-shmop-7.4.33-150400.4.51.1
* php7-tokenizer-7.4.33-150400.4.51.1
* php7-bz2-7.4.33-150400.4.51.1
* php7-sysvmsg-debuginfo-7.4.33-150400.4.51.1
* php7-mbstring-debuginfo-7.4.33-150400.4.51.1
* php7-bz2-debuginfo-7.4.33-150400.4.51.1
* php7-debuginfo-7.4.33-150400.4.51.1
* php7-sysvshm-7.4.33-150400.4.51.1
* php7-dom-7.4.33-150400.4.51.1
* php7-devel-7.4.33-150400.4.51.1
* php7-shmop-debuginfo-7.4.33-150400.4.51.1
* php7-enchant-debuginfo-7.4.33-150400.4.51.1
* php7-calendar-debuginfo-7.4.33-150400.4.51.1
* php7-sockets-7.4.33-150400.4.51.1
* php7-sysvsem-debuginfo-7.4.33-150400.4.51.1
* php7-odbc-7.4.33-150400.4.51.1
* apache2-mod_php7-debuginfo-7.4.33-150400.4.51.1
* php7-xmlrpc-7.4.33-150400.4.51.1
* php7-ldap-7.4.33-150400.4.51.1
* php7-snmp-debuginfo-7.4.33-150400.4.51.1
* php7-pgsql-7.4.33-150400.4.51.1
## References:
* https://www.suse.com/security/cve/CVE-2025-1220.html
* https://www.suse.com/security/cve/CVE-2025-1735.html
* https://www.suse.com/security/cve/CVE-2025-6491.html
* https://bugzilla.suse.com/show_bug.cgi?id=1246146
* https://bugzilla.suse.com/show_bug.cgi?id=1246148
* https://bugzilla.suse.com/show_bug.cgi?id=1246167
SUSE-SU-2025:02474-1: important: Security update for php8
# Security update for php8
Announcement ID: SUSE-SU-2025:02474-1
Release Date: 2025-07-23T12:04:02Z
Rating: important
References:
* bsc#1246146
* bsc#1246148
* bsc#1246167
Cross-References:
* CVE-2025-1220
* CVE-2025-1735
* CVE-2025-6491
CVSS scores:
* CVE-2025-1220 ( SUSE ): 9.1
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2025-1220 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
* CVE-2025-1220 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2025-1220 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2025-1735 ( SUSE ): 8.2
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-1735 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-1735 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-1735 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-6491 ( SUSE ): 5.9
CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-6491 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-6491 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
* openSUSE Leap 15.6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* Web and Scripting Module 15-SP6
An update that solves three vulnerabilities can now be installed.
## Description:
This update for php8 fixes the following issues:
Version update to 8.2.29:
* CVE-2025-1220: Fixed null byte termination in hostnames (bsc#1246167)
* CVE-2025-1735: Fixed pgsql extension does not check for errors during
escaping (bsc#1246146)
* CVE-2025-6491: Fixed NULL Pointer Dereference in PHP SOAP Extension via
Large XML Namespace Prefix (bsc#1246148)
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2025-2474=1 SUSE-2025-2474=1
* Web and Scripting Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP6-2025-2474=1
## Package List:
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* php8-mysql-8.2.29-150600.3.19.1
* php8-posix-debuginfo-8.2.29-150600.3.19.1
* php8-sysvshm-8.2.29-150600.3.19.1
* php8-sockets-8.2.29-150600.3.19.1
* php8-fastcgi-8.2.29-150600.3.19.1
* php8-bz2-8.2.29-150600.3.19.1
* apache2-mod_php8-8.2.29-150600.3.19.1
* php8-fpm-debuginfo-8.2.29-150600.3.19.1
* php8-mbstring-8.2.29-150600.3.19.1
* php8-xmlreader-8.2.29-150600.3.19.1
* php8-iconv-8.2.29-150600.3.19.1
* php8-pcntl-8.2.29-150600.3.19.1
* php8-zip-debuginfo-8.2.29-150600.3.19.1
* php8-dom-debuginfo-8.2.29-150600.3.19.1
* php8-cli-8.2.29-150600.3.19.1
* php8-openssl-8.2.29-150600.3.19.1
* php8-ffi-8.2.29-150600.3.19.1
* php8-odbc-debuginfo-8.2.29-150600.3.19.1
* php8-sysvsem-debuginfo-8.2.29-150600.3.19.1
* php8-zlib-8.2.29-150600.3.19.1
* php8-pdo-debuginfo-8.2.29-150600.3.19.1
* php8-bcmath-8.2.29-150600.3.19.1
* php8-zip-8.2.29-150600.3.19.1
* php8-enchant-debuginfo-8.2.29-150600.3.19.1
* php8-gd-8.2.29-150600.3.19.1
* php8-sysvshm-debuginfo-8.2.29-150600.3.19.1
* php8-bz2-debuginfo-8.2.29-150600.3.19.1
* php8-calendar-debuginfo-8.2.29-150600.3.19.1
* php8-dba-8.2.29-150600.3.19.1
* php8-sysvmsg-debuginfo-8.2.29-150600.3.19.1
* php8-phar-debuginfo-8.2.29-150600.3.19.1
* php8-curl-8.2.29-150600.3.19.1
* php8-test-8.2.29-150600.3.19.2
* php8-sodium-debuginfo-8.2.29-150600.3.19.1
* php8-enchant-8.2.29-150600.3.19.1
* php8-calendar-8.2.29-150600.3.19.1
* php8-debuginfo-8.2.29-150600.3.19.1
* php8-gmp-8.2.29-150600.3.19.1
* php8-pdo-8.2.29-150600.3.19.1
* php8-opcache-debuginfo-8.2.29-150600.3.19.1
* php8-gd-debuginfo-8.2.29-150600.3.19.1
* php8-mbstring-debuginfo-8.2.29-150600.3.19.1
* php8-fileinfo-debuginfo-8.2.29-150600.3.19.1
* php8-shmop-debuginfo-8.2.29-150600.3.19.1
* php8-tokenizer-debuginfo-8.2.29-150600.3.19.1
* php8-pcntl-debuginfo-8.2.29-150600.3.19.1
* php8-xsl-8.2.29-150600.3.19.1
* php8-xmlwriter-debuginfo-8.2.29-150600.3.19.1
* php8-zlib-debuginfo-8.2.29-150600.3.19.1
* php8-tidy-8.2.29-150600.3.19.1
* php8-ffi-debuginfo-8.2.29-150600.3.19.1
* php8-sysvsem-8.2.29-150600.3.19.1
* php8-ldap-8.2.29-150600.3.19.1
* php8-bcmath-debuginfo-8.2.29-150600.3.19.1
* apache2-mod_php8-debugsource-8.2.29-150600.3.19.1
* php8-phar-8.2.29-150600.3.19.1
* php8-devel-8.2.29-150600.3.19.1
* php8-openssl-debuginfo-8.2.29-150600.3.19.1
* php8-readline-8.2.29-150600.3.19.1
* php8-xsl-debuginfo-8.2.29-150600.3.19.1
* php8-embed-debugsource-8.2.29-150600.3.19.1
* php8-sysvmsg-8.2.29-150600.3.19.1
* php8-intl-8.2.29-150600.3.19.1
* php8-sqlite-8.2.29-150600.3.19.1
* php8-shmop-8.2.29-150600.3.19.1
* php8-fastcgi-debugsource-8.2.29-150600.3.19.1
* php8-ctype-8.2.29-150600.3.19.1
* php8-8.2.29-150600.3.19.1
* php8-sqlite-debuginfo-8.2.29-150600.3.19.1
* php8-ftp-debuginfo-8.2.29-150600.3.19.1
* php8-sodium-8.2.29-150600.3.19.1
* php8-xmlwriter-8.2.29-150600.3.19.1
* php8-opcache-8.2.29-150600.3.19.1
* php8-soap-8.2.29-150600.3.19.1
* php8-iconv-debuginfo-8.2.29-150600.3.19.1
* php8-tidy-debuginfo-8.2.29-150600.3.19.1
* php8-dba-debuginfo-8.2.29-150600.3.19.1
* php8-ctype-debuginfo-8.2.29-150600.3.19.1
* php8-xmlreader-debuginfo-8.2.29-150600.3.19.1
* php8-exif-8.2.29-150600.3.19.1
* php8-soap-debuginfo-8.2.29-150600.3.19.1
* php8-odbc-8.2.29-150600.3.19.1
* php8-ldap-debuginfo-8.2.29-150600.3.19.1
* php8-gettext-8.2.29-150600.3.19.1
* php8-posix-8.2.29-150600.3.19.1
* php8-cli-debuginfo-8.2.29-150600.3.19.1
* php8-fileinfo-8.2.29-150600.3.19.1
* php8-tokenizer-8.2.29-150600.3.19.1
* php8-sockets-debuginfo-8.2.29-150600.3.19.1
* php8-debugsource-8.2.29-150600.3.19.1
* php8-snmp-debuginfo-8.2.29-150600.3.19.1
* php8-fpm-8.2.29-150600.3.19.1
* php8-fastcgi-debuginfo-8.2.29-150600.3.19.1
* php8-snmp-8.2.29-150600.3.19.1
* php8-pgsql-debuginfo-8.2.29-150600.3.19.1
* php8-dom-8.2.29-150600.3.19.1
* php8-pgsql-8.2.29-150600.3.19.1
* php8-gmp-debuginfo-8.2.29-150600.3.19.1
* php8-gettext-debuginfo-8.2.29-150600.3.19.1
* php8-embed-debuginfo-8.2.29-150600.3.19.1
* php8-ftp-8.2.29-150600.3.19.1
* php8-curl-debuginfo-8.2.29-150600.3.19.1
* php8-exif-debuginfo-8.2.29-150600.3.19.1
* php8-fpm-debugsource-8.2.29-150600.3.19.1
* apache2-mod_php8-debuginfo-8.2.29-150600.3.19.1
* php8-embed-8.2.29-150600.3.19.1
* php8-mysql-debuginfo-8.2.29-150600.3.19.1
* php8-readline-debuginfo-8.2.29-150600.3.19.1
* php8-intl-debuginfo-8.2.29-150600.3.19.1
* openSUSE Leap 15.6 (noarch)
* php8-fpm-apache-8.2.29-150600.3.19.1
* Web and Scripting Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* php8-mysql-8.2.29-150600.3.19.1
* php8-posix-debuginfo-8.2.29-150600.3.19.1
* php8-sysvshm-8.2.29-150600.3.19.1
* php8-sockets-8.2.29-150600.3.19.1
* php8-fastcgi-8.2.29-150600.3.19.1
* php8-bz2-8.2.29-150600.3.19.1
* apache2-mod_php8-8.2.29-150600.3.19.1
* php8-fpm-debuginfo-8.2.29-150600.3.19.1
* php8-mbstring-8.2.29-150600.3.19.1
* php8-xmlreader-8.2.29-150600.3.19.1
* php8-iconv-8.2.29-150600.3.19.1
* php8-pcntl-8.2.29-150600.3.19.1
* php8-zip-debuginfo-8.2.29-150600.3.19.1
* php8-dom-debuginfo-8.2.29-150600.3.19.1
* php8-cli-8.2.29-150600.3.19.1
* php8-openssl-8.2.29-150600.3.19.1
* php8-odbc-debuginfo-8.2.29-150600.3.19.1
* php8-sysvsem-debuginfo-8.2.29-150600.3.19.1
* php8-zlib-8.2.29-150600.3.19.1
* php8-pdo-debuginfo-8.2.29-150600.3.19.1
* php8-bcmath-8.2.29-150600.3.19.1
* php8-zip-8.2.29-150600.3.19.1
* php8-enchant-debuginfo-8.2.29-150600.3.19.1
* php8-gd-8.2.29-150600.3.19.1
* php8-sysvshm-debuginfo-8.2.29-150600.3.19.1
* php8-bz2-debuginfo-8.2.29-150600.3.19.1
* php8-calendar-debuginfo-8.2.29-150600.3.19.1
* php8-dba-8.2.29-150600.3.19.1
* php8-sysvmsg-debuginfo-8.2.29-150600.3.19.1
* php8-phar-debuginfo-8.2.29-150600.3.19.1
* php8-curl-8.2.29-150600.3.19.1
* php8-test-8.2.29-150600.3.19.2
* php8-sodium-debuginfo-8.2.29-150600.3.19.1
* php8-enchant-8.2.29-150600.3.19.1
* php8-calendar-8.2.29-150600.3.19.1
* php8-debuginfo-8.2.29-150600.3.19.1
* php8-gmp-8.2.29-150600.3.19.1
* php8-pdo-8.2.29-150600.3.19.1
* php8-opcache-debuginfo-8.2.29-150600.3.19.1
* php8-gd-debuginfo-8.2.29-150600.3.19.1
* php8-mbstring-debuginfo-8.2.29-150600.3.19.1
* php8-fileinfo-debuginfo-8.2.29-150600.3.19.1
* php8-shmop-debuginfo-8.2.29-150600.3.19.1
* php8-tokenizer-debuginfo-8.2.29-150600.3.19.1
* php8-pcntl-debuginfo-8.2.29-150600.3.19.1
* php8-xsl-8.2.29-150600.3.19.1
* php8-xmlwriter-debuginfo-8.2.29-150600.3.19.1
* php8-zlib-debuginfo-8.2.29-150600.3.19.1
* php8-tidy-8.2.29-150600.3.19.1
* php8-sysvsem-8.2.29-150600.3.19.1
* php8-ldap-8.2.29-150600.3.19.1
* php8-bcmath-debuginfo-8.2.29-150600.3.19.1
* apache2-mod_php8-debugsource-8.2.29-150600.3.19.1
* php8-phar-8.2.29-150600.3.19.1
* php8-devel-8.2.29-150600.3.19.1
* php8-openssl-debuginfo-8.2.29-150600.3.19.1
* php8-readline-8.2.29-150600.3.19.1
* php8-xsl-debuginfo-8.2.29-150600.3.19.1
* php8-embed-debugsource-8.2.29-150600.3.19.1
* php8-sysvmsg-8.2.29-150600.3.19.1
* php8-intl-8.2.29-150600.3.19.1
* php8-sqlite-8.2.29-150600.3.19.1
* php8-shmop-8.2.29-150600.3.19.1
* php8-fastcgi-debugsource-8.2.29-150600.3.19.1
* php8-ctype-8.2.29-150600.3.19.1
* php8-8.2.29-150600.3.19.1
* php8-sqlite-debuginfo-8.2.29-150600.3.19.1
* php8-ftp-debuginfo-8.2.29-150600.3.19.1
* php8-sodium-8.2.29-150600.3.19.1
* php8-xmlwriter-8.2.29-150600.3.19.1
* php8-opcache-8.2.29-150600.3.19.1
* php8-soap-8.2.29-150600.3.19.1
* php8-iconv-debuginfo-8.2.29-150600.3.19.1
* php8-tidy-debuginfo-8.2.29-150600.3.19.1
* php8-dba-debuginfo-8.2.29-150600.3.19.1
* php8-ctype-debuginfo-8.2.29-150600.3.19.1
* php8-xmlreader-debuginfo-8.2.29-150600.3.19.1
* php8-exif-8.2.29-150600.3.19.1
* php8-soap-debuginfo-8.2.29-150600.3.19.1
* php8-odbc-8.2.29-150600.3.19.1
* php8-ldap-debuginfo-8.2.29-150600.3.19.1
* php8-gettext-8.2.29-150600.3.19.1
* php8-posix-8.2.29-150600.3.19.1
* php8-cli-debuginfo-8.2.29-150600.3.19.1
* php8-fileinfo-8.2.29-150600.3.19.1
* php8-tokenizer-8.2.29-150600.3.19.1
* php8-sockets-debuginfo-8.2.29-150600.3.19.1
* php8-debugsource-8.2.29-150600.3.19.1
* php8-snmp-debuginfo-8.2.29-150600.3.19.1
* php8-fpm-8.2.29-150600.3.19.1
* php8-fastcgi-debuginfo-8.2.29-150600.3.19.1
* php8-snmp-8.2.29-150600.3.19.1
* php8-pgsql-debuginfo-8.2.29-150600.3.19.1
* php8-dom-8.2.29-150600.3.19.1
* php8-pgsql-8.2.29-150600.3.19.1
* php8-gmp-debuginfo-8.2.29-150600.3.19.1
* php8-gettext-debuginfo-8.2.29-150600.3.19.1
* php8-embed-debuginfo-8.2.29-150600.3.19.1
* php8-ftp-8.2.29-150600.3.19.1
* php8-curl-debuginfo-8.2.29-150600.3.19.1
* php8-exif-debuginfo-8.2.29-150600.3.19.1
* php8-fpm-debugsource-8.2.29-150600.3.19.1
* apache2-mod_php8-debuginfo-8.2.29-150600.3.19.1
* php8-embed-8.2.29-150600.3.19.1
* php8-mysql-debuginfo-8.2.29-150600.3.19.1
* php8-readline-debuginfo-8.2.29-150600.3.19.1
* php8-intl-debuginfo-8.2.29-150600.3.19.1
## References:
* https://www.suse.com/security/cve/CVE-2025-1220.html
* https://www.suse.com/security/cve/CVE-2025-1735.html
* https://www.suse.com/security/cve/CVE-2025-6491.html
* https://bugzilla.suse.com/show_bug.cgi?id=1246146
* https://bugzilla.suse.com/show_bug.cgi?id=1246148
* https://bugzilla.suse.com/show_bug.cgi?id=1246167
SUSE-SU-2025:02476-1: critical: Maintenance update for Multi-Linux Manager 4.3 Release Notes Release Notes
# Maintenance update for Multi-Linux Manager 4.3 Release Notes Release Notes
Announcement ID: SUSE-SU-2025:02476-1
Release Date: 2025-07-23T12:37:13Z
Rating: critical
References:
* bsc#1157520
* bsc#1191142
* bsc#1209060
* bsc#1211373
* bsc#1213952
* bsc#1216187
* bsc#1221031
* bsc#1225740
* bsc#1230403
* bsc#1230908
* bsc#1233371
* bsc#1234608
* bsc#1236601
* bsc#1236635
* bsc#1236779
* bsc#1236810
* bsc#1236877
* bsc#1236910
* bsc#1237060
* bsc#1237082
* bsc#1237294
* bsc#1237403
* bsc#1237581
* bsc#1237694
* bsc#1237770
* bsc#1238922
* bsc#1238924
* bsc#1239102
* bsc#1239154
* bsc#1239604
* bsc#1239743
* bsc#1239826
* bsc#1239868
* bsc#1239907
* bsc#1240038
* bsc#1240386
* bsc#1240666
* bsc#1240842
* bsc#1241239
* bsc#1241286
* bsc#1241455
* bsc#1241490
* bsc#1242004
* bsc#1242030
* bsc#1242148
* bsc#1242554
* bsc#1242911
* bsc#1243239
* bsc#1243460
* bsc#1243724
* bsc#1243825
* bsc#1244065
* bsc#1244290
* bsc#1245005
* bsc#1245027
* bsc#1245222
* bsc#1245368
* bsc#1246119
* jsc#MSQA-993
Cross-References:
* CVE-2024-38822
* CVE-2024-38823
* CVE-2024-38824
* CVE-2024-38825
* CVE-2025-22236
* CVE-2025-22237
* CVE-2025-22238
* CVE-2025-22239
* CVE-2025-22240
* CVE-2025-22241
* CVE-2025-22242
* CVE-2025-23392
* CVE-2025-23393
* CVE-2025-46809
* CVE-2025-46811
CVSS scores:
* CVE-2024-38822 ( SUSE ): 5.1
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2024-38822 ( SUSE ): 2.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
* CVE-2024-38822 ( NVD ): 2.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
* CVE-2024-38823 ( SUSE ): 8.2
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2024-38823 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
* CVE-2024-38823 ( NVD ): 2.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
* CVE-2024-38824 ( SUSE ): 9.3
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N
* CVE-2024-38824 ( SUSE ): 9.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N
* CVE-2024-38824 ( NVD ): 9.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N
* CVE-2024-38824 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
* CVE-2024-38825 ( SUSE ): 5.3
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
* CVE-2024-38825 ( SUSE ): 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
* CVE-2024-38825 ( NVD ): 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
* CVE-2025-22236 ( SUSE ): 6.1
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:L
* CVE-2025-22236 ( SUSE ): 8.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L
* CVE-2025-22236 ( NVD ): 8.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L
* CVE-2025-22237 ( SUSE ): 8.4
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-22237 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-22237 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-22238 ( SUSE ): 6.7
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2025-22238 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
* CVE-2025-22238 ( NVD ): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N
* CVE-2025-22239 ( SUSE ): 6.1
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:L
* CVE-2025-22239 ( SUSE ): 8.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L
* CVE-2025-22239 ( NVD ): 8.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L
* CVE-2025-22240 ( SUSE ): 5.4
CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-22240 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-22240 ( NVD ): 6.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-22241 ( SUSE ): 5.3
CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2025-22241 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N
* CVE-2025-22241 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N
* CVE-2025-22242 ( SUSE ): 6.7
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-22242 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-22242 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:H
* CVE-2025-23392 ( SUSE ): 5.7
CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2025-23392 ( SUSE ): 5.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:N
* CVE-2025-23392 ( NVD ): 5.7
CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2025-23392 ( NVD ): 5.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:N
* CVE-2025-23393 ( SUSE ): 5.8
CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H
* CVE-2025-23393 ( SUSE ): 6.0 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
* CVE-2025-23393 ( NVD ): 5.7
CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2025-23393 ( NVD ): 5.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:N
* CVE-2025-46809 ( SUSE ): 6.9
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N
* CVE-2025-46809 ( SUSE ): 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
* CVE-2025-46811 ( SUSE ): 9.3
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-46811 ( SUSE ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:
* openSUSE Leap 15.4
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3
An update that solves 15 vulnerabilities, contains one feature and has 43
security fixes can now be installed.
## Security update 4.3.16 for Multi-Linux Manager Proxy and Retail Branch Server
### Description:
This update fixes the following issues:
release-notes-susemanager-proxy:
* Update to SUSE Manager 4.3.16
* CVE Fixed CVE-2025-23392, CVE-2025-23393, CVE-2025-46809
* Bugs mentioned: bsc#1236601, bsc#1236635, bsc#1236779, bsc#1237294,
bsc#1238922 bsc#1239826, bsc#1240386, bsc#1242004, bsc#1243460, bsc#1245222
bsc#1245005
## Security update 4.3.16 for Multi-Linux Manager Server
### Description:
This update fixes the following issues:
release-notes-susemanager:
* Update to SUSE Manager 4.3.16
* Important Salt Security Update
* Added support for SUSE Linux Enterprise 15 SP7 as a client using the Salt
Bundle
* CVE Fixed CVE-2025-23392, CVE-2025-23393, CVE-2024-38824, CVE-2025-22239
CVE-2025-22236, CVE-2025-22237, CVE-2024-38825, CVE-2025-22240
CVE-2024-38823, CVE-2025-22241, CVE-2025-22238, CVE-2025-22242
CVE-2024-38822, CVE-2025-46811, CVE-2025-46809
* Bugs mentioned: bsc#1157520, bsc#1191142, bsc#1209060, bsc#1211373,
bsc#1213952 bsc#1216187, bsc#1221031, bsc#1225740, bsc#1230403, bsc#1230908
bsc#1233371, bsc#1234608, bsc#1236635, bsc#1236779, bsc#1236810 bsc#1236877,
bsc#1236910, bsc#1237060, bsc#1237082, bsc#1237294 bsc#1237403, bsc#1237581,
bsc#1237694, bsc#1237770, bsc#1238922 bsc#1238924, bsc#1239102, bsc#1239154,
bsc#1239604, bsc#1239743 bsc#1239826, bsc#1239868, bsc#1239907, bsc#1240038,
bsc#1240386 bsc#1240666, bsc#1240842, bsc#1241239, bsc#1241286, bsc#1241455
bsc#1241490, bsc#1242004, bsc#1242030, bsc#1242148, bsc#1242554 bsc#1242911,
bsc#1243239, bsc#1243460, bsc#1243724, bsc#1243825 bsc#1244065, bsc#1244290,
bsc#1245027, bsc#1245222, bsc#1245368 bsc#1245005, bsc#1246119
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-2476=1
* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-2476=1
* openSUSE Leap 15.4
zypper in -t patch SUSE-2025-2476=1
* SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-2476=1
## Package List:
* SUSE Manager Retail Branch Server 4.3 (noarch)
* release-notes-susemanager-proxy-4.3.16-150400.3.98.1
* SUSE Manager Server 4.3 (noarch)
* release-notes-susemanager-4.3.16-150400.3.140.1
* openSUSE Leap 15.4 (noarch)
* release-notes-susemanager-proxy-4.3.16-150400.3.98.1
* release-notes-susemanager-4.3.16-150400.3.140.1
* SUSE Manager Proxy 4.3 (noarch)
* release-notes-susemanager-proxy-4.3.16-150400.3.98.1
## References:
* https://www.suse.com/security/cve/CVE-2024-38822.html
* https://www.suse.com/security/cve/CVE-2024-38823.html
* https://www.suse.com/security/cve/CVE-2024-38824.html
* https://www.suse.com/security/cve/CVE-2024-38825.html
* https://www.suse.com/security/cve/CVE-2025-22236.html
* https://www.suse.com/security/cve/CVE-2025-22237.html
* https://www.suse.com/security/cve/CVE-2025-22238.html
* https://www.suse.com/security/cve/CVE-2025-22239.html
* https://www.suse.com/security/cve/CVE-2025-22240.html
* https://www.suse.com/security/cve/CVE-2025-22241.html
* https://www.suse.com/security/cve/CVE-2025-22242.html
* https://www.suse.com/security/cve/CVE-2025-23392.html
* https://www.suse.com/security/cve/CVE-2025-23393.html
* https://www.suse.com/security/cve/CVE-2025-46809.html
* https://www.suse.com/security/cve/CVE-2025-46811.html
* https://bugzilla.suse.com/show_bug.cgi?id=1157520
* https://bugzilla.suse.com/show_bug.cgi?id=1191142
* https://bugzilla.suse.com/show_bug.cgi?id=1209060
* https://bugzilla.suse.com/show_bug.cgi?id=1211373
* https://bugzilla.suse.com/show_bug.cgi?id=1213952
* https://bugzilla.suse.com/show_bug.cgi?id=1216187
* https://bugzilla.suse.com/show_bug.cgi?id=1221031
* https://bugzilla.suse.com/show_bug.cgi?id=1225740
* https://bugzilla.suse.com/show_bug.cgi?id=1230403
* https://bugzilla.suse.com/show_bug.cgi?id=1230908
* https://bugzilla.suse.com/show_bug.cgi?id=1233371
* https://bugzilla.suse.com/show_bug.cgi?id=1234608
* https://bugzilla.suse.com/show_bug.cgi?id=1236601
* https://bugzilla.suse.com/show_bug.cgi?id=1236635
* https://bugzilla.suse.com/show_bug.cgi?id=1236779
* https://bugzilla.suse.com/show_bug.cgi?id=1236810
* https://bugzilla.suse.com/show_bug.cgi?id=1236877
* https://bugzilla.suse.com/show_bug.cgi?id=1236910
* https://bugzilla.suse.com/show_bug.cgi?id=1237060
* https://bugzilla.suse.com/show_bug.cgi?id=1237082
* https://bugzilla.suse.com/show_bug.cgi?id=1237294
* https://bugzilla.suse.com/show_bug.cgi?id=1237403
* https://bugzilla.suse.com/show_bug.cgi?id=1237581
* https://bugzilla.suse.com/show_bug.cgi?id=1237694
* https://bugzilla.suse.com/show_bug.cgi?id=1237770
* https://bugzilla.suse.com/show_bug.cgi?id=1238922
* https://bugzilla.suse.com/show_bug.cgi?id=1238924
* https://bugzilla.suse.com/show_bug.cgi?id=1239102
* https://bugzilla.suse.com/show_bug.cgi?id=1239154
* https://bugzilla.suse.com/show_bug.cgi?id=1239604
* https://bugzilla.suse.com/show_bug.cgi?id=1239743
* https://bugzilla.suse.com/show_bug.cgi?id=1239826
* https://bugzilla.suse.com/show_bug.cgi?id=1239868
* https://bugzilla.suse.com/show_bug.cgi?id=1239907
* https://bugzilla.suse.com/show_bug.cgi?id=1240038
* https://bugzilla.suse.com/show_bug.cgi?id=1240386
* https://bugzilla.suse.com/show_bug.cgi?id=1240666
* https://bugzilla.suse.com/show_bug.cgi?id=1240842
* https://bugzilla.suse.com/show_bug.cgi?id=1241239
* https://bugzilla.suse.com/show_bug.cgi?id=1241286
* https://bugzilla.suse.com/show_bug.cgi?id=1241455
* https://bugzilla.suse.com/show_bug.cgi?id=1241490
* https://bugzilla.suse.com/show_bug.cgi?id=1242004
* https://bugzilla.suse.com/show_bug.cgi?id=1242030
* https://bugzilla.suse.com/show_bug.cgi?id=1242148
* https://bugzilla.suse.com/show_bug.cgi?id=1242554
* https://bugzilla.suse.com/show_bug.cgi?id=1242911
* https://bugzilla.suse.com/show_bug.cgi?id=1243239
* https://bugzilla.suse.com/show_bug.cgi?id=1243460
* https://bugzilla.suse.com/show_bug.cgi?id=1243724
* https://bugzilla.suse.com/show_bug.cgi?id=1243825
* https://bugzilla.suse.com/show_bug.cgi?id=1244065
* https://bugzilla.suse.com/show_bug.cgi?id=1244290
* https://bugzilla.suse.com/show_bug.cgi?id=1245005
* https://bugzilla.suse.com/show_bug.cgi?id=1245027
* https://bugzilla.suse.com/show_bug.cgi?id=1245222
* https://bugzilla.suse.com/show_bug.cgi?id=1245368
* https://bugzilla.suse.com/show_bug.cgi?id=1246119
* https://jira.suse.com/browse/MSQA-993
SUSE-SU-2025:02501-1: important: Security update for salt
# Security update for salt
Announcement ID: SUSE-SU-2025:02501-1
Release Date: 2025-07-23T12:47:48Z
Rating: important
References:
* bsc#1236621
* bsc#1243268
* bsc#1244561
* bsc#1244564
* bsc#1244565
* bsc#1244566
* bsc#1244567
* bsc#1244568
* bsc#1244570
* bsc#1244571
* bsc#1244572
* bsc#1244574
* bsc#1244575
* jsc#MSQA-993
Cross-References:
* CVE-2024-38822
* CVE-2024-38823
* CVE-2024-38824
* CVE-2024-38825
* CVE-2025-22236
* CVE-2025-22237
* CVE-2025-22238
* CVE-2025-22239
* CVE-2025-22240
* CVE-2025-22241
* CVE-2025-22242
* CVE-2025-47287
CVSS scores:
* CVE-2024-38822 ( SUSE ): 5.1
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2024-38822 ( SUSE ): 2.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
* CVE-2024-38822 ( NVD ): 2.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
* CVE-2024-38823 ( SUSE ): 8.2
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2024-38823 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
* CVE-2024-38823 ( NVD ): 2.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
* CVE-2024-38824 ( SUSE ): 9.3
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N
* CVE-2024-38824 ( SUSE ): 9.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N
* CVE-2024-38824 ( NVD ): 9.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N
* CVE-2024-38824 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
* CVE-2024-38825 ( SUSE ): 5.3
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
* CVE-2024-38825 ( SUSE ): 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
* CVE-2024-38825 ( NVD ): 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
* CVE-2025-22236 ( SUSE ): 6.1
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:L
* CVE-2025-22236 ( SUSE ): 8.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L
* CVE-2025-22236 ( NVD ): 8.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L
* CVE-2025-22237 ( SUSE ): 8.4
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-22237 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-22237 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-22238 ( SUSE ): 6.7
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2025-22238 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
* CVE-2025-22238 ( NVD ): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N
* CVE-2025-22239 ( SUSE ): 6.1
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:L
* CVE-2025-22239 ( SUSE ): 8.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L
* CVE-2025-22239 ( NVD ): 8.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L
* CVE-2025-22240 ( SUSE ): 5.4
CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-22240 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-22240 ( NVD ): 6.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-22241 ( SUSE ): 5.3
CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2025-22241 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N
* CVE-2025-22241 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N
* CVE-2025-22242 ( SUSE ): 6.7
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-22242 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-22242 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:H
* CVE-2025-47287 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-47287 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-47287 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
* Basesystem Module 15-SP6
* openSUSE Leap 15.5
* openSUSE Leap 15.6
* Server Applications Module 15-SP6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* Transactional Server Module 15-SP6
An update that solves 12 vulnerabilities, contains one feature and has one
security fix can now be installed.
## Description:
This update for salt fixes the following issues:
* Security issues fixed:
* CVE-2024-38822: Fixed Minion token validation (bsc#1244561)
* CVE-2024-38823: Fixed server vulnerability to replay attacks when not using
a TLS encrypted transport (bsc#1244564)
* CVE-2024-38824: Fixed directory traversal vulnerability in recv_file method
(bsc#1244565)
* CVE-2024-38825: Fixed salt.auth.pki module authentication issue
(bsc#1244566)
* CVE-2025-22240: Fixed arbitrary directory creation or file deletion with
GitFS (bsc#1244567)
* CVE-2025-22236: Fixed Minion event bus authorization bypass (bsc#1244568)
* CVE-2025-22241: Fixed the use of un-validated input in the VirtKey class
(bsc#1244570)
* CVE-2025-22237: Fixed exploitation of the 'on demand' pillar functionality
(bsc#1244571)
* CVE-2025-22238: Fixed the master's default cache vulnerability to a
directory traversal attack (bsc#1244572)
* CVE-2025-22239: Fixed the arbitrary event injection on the Salt Master
(bsc#1244574)
* CVE-2025-22242: Fixed a Denial of Service vulnerability through file read
operation (bsc#1244575)
* CVE-2025-47287: Fixed a Denial of Service vulnerability in Tornado logging
behavior (bsc#1243268)
* Other bugs fixed:
* Added subsystem filter to udev.exportdb (bsc#1236621)
* Fixed Ubuntu 24.04 test failures
* Fixed refresh of osrelease and related grains on Python 3.10+
* Fixed issue requiring proper Python flavor for dependencies
## Special Instructions and Notes:
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2025-2501=1
* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2025-2501=1
* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-2501=1
* Server Applications Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-2501=1
* Transactional Server Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Transactional-Server-15-SP6-2025-2501=1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2501=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2501=1
* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2501=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2501=1
* openSUSE Leap 15.5
zypper in -t patch SUSE-2025-2501=1
## Package List:
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* salt-ssh-3006.0-150500.4.55.1
* salt-proxy-3006.0-150500.4.55.1
* salt-doc-3006.0-150500.4.55.1
* salt-minion-3006.0-150500.4.55.1
* salt-syndic-3006.0-150500.4.55.1
* salt-transactional-update-3006.0-150500.4.55.1
* python3-salt-testsuite-3006.0-150500.4.55.1
* salt-master-3006.0-150500.4.55.1
* salt-3006.0-150500.4.55.1
* salt-standalone-formulas-configuration-3006.0-150500.4.55.1
* python3-salt-3006.0-150500.4.55.1
* salt-api-3006.0-150500.4.55.1
* salt-cloud-3006.0-150500.4.55.1
* openSUSE Leap 15.6 (noarch)
* salt-zsh-completion-3006.0-150500.4.55.1
* salt-bash-completion-3006.0-150500.4.55.1
* salt-fish-completion-3006.0-150500.4.55.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
* salt-minion-3006.0-150500.4.55.1
* salt-transactional-update-3006.0-150500.4.55.1
* salt-3006.0-150500.4.55.1
* python3-salt-3006.0-150500.4.55.1
* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* salt-minion-3006.0-150500.4.55.1
* salt-3006.0-150500.4.55.1
* salt-doc-3006.0-150500.4.55.1
* python3-salt-3006.0-150500.4.55.1
* Basesystem Module 15-SP6 (noarch)
* salt-zsh-completion-3006.0-150500.4.55.1
* salt-bash-completion-3006.0-150500.4.55.1
* Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* salt-proxy-3006.0-150500.4.55.1
* salt-syndic-3006.0-150500.4.55.1
* salt-master-3006.0-150500.4.55.1
* salt-standalone-formulas-configuration-3006.0-150500.4.55.1
* salt-ssh-3006.0-150500.4.55.1
* salt-api-3006.0-150500.4.55.1
* salt-cloud-3006.0-150500.4.55.1
* Server Applications Module 15-SP6 (noarch)
* salt-fish-completion-3006.0-150500.4.55.1
* Transactional Server Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* salt-transactional-update-3006.0-150500.4.55.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
x86_64)
* salt-ssh-3006.0-150500.4.55.1
* salt-proxy-3006.0-150500.4.55.1
* salt-doc-3006.0-150500.4.55.1
* salt-minion-3006.0-150500.4.55.1
* salt-syndic-3006.0-150500.4.55.1
* salt-master-3006.0-150500.4.55.1
* salt-3006.0-150500.4.55.1
* salt-standalone-formulas-configuration-3006.0-150500.4.55.1
* python3-salt-3006.0-150500.4.55.1
* salt-api-3006.0-150500.4.55.1
* salt-cloud-3006.0-150500.4.55.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
* salt-zsh-completion-3006.0-150500.4.55.1
* salt-bash-completion-3006.0-150500.4.55.1
* salt-fish-completion-3006.0-150500.4.55.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
x86_64)
* salt-ssh-3006.0-150500.4.55.1
* salt-proxy-3006.0-150500.4.55.1
* salt-doc-3006.0-150500.4.55.1
* salt-minion-3006.0-150500.4.55.1
* salt-syndic-3006.0-150500.4.55.1
* salt-master-3006.0-150500.4.55.1
* salt-3006.0-150500.4.55.1
* salt-standalone-formulas-configuration-3006.0-150500.4.55.1
* python3-salt-3006.0-150500.4.55.1
* salt-api-3006.0-150500.4.55.1
* salt-cloud-3006.0-150500.4.55.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
* salt-zsh-completion-3006.0-150500.4.55.1
* salt-bash-completion-3006.0-150500.4.55.1
* salt-fish-completion-3006.0-150500.4.55.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* salt-ssh-3006.0-150500.4.55.1
* salt-proxy-3006.0-150500.4.55.1
* salt-doc-3006.0-150500.4.55.1
* salt-minion-3006.0-150500.4.55.1
* salt-syndic-3006.0-150500.4.55.1
* salt-master-3006.0-150500.4.55.1
* salt-3006.0-150500.4.55.1
* salt-standalone-formulas-configuration-3006.0-150500.4.55.1
* python3-salt-3006.0-150500.4.55.1
* salt-api-3006.0-150500.4.55.1
* salt-cloud-3006.0-150500.4.55.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
* salt-zsh-completion-3006.0-150500.4.55.1
* salt-bash-completion-3006.0-150500.4.55.1
* salt-fish-completion-3006.0-150500.4.55.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* salt-ssh-3006.0-150500.4.55.1
* salt-proxy-3006.0-150500.4.55.1
* salt-doc-3006.0-150500.4.55.1
* salt-minion-3006.0-150500.4.55.1
* salt-syndic-3006.0-150500.4.55.1
* salt-master-3006.0-150500.4.55.1
* salt-3006.0-150500.4.55.1
* salt-standalone-formulas-configuration-3006.0-150500.4.55.1
* python3-salt-3006.0-150500.4.55.1
* salt-api-3006.0-150500.4.55.1
* salt-cloud-3006.0-150500.4.55.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
* salt-zsh-completion-3006.0-150500.4.55.1
* salt-bash-completion-3006.0-150500.4.55.1
* salt-fish-completion-3006.0-150500.4.55.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
* salt-ssh-3006.0-150500.4.55.1
* salt-proxy-3006.0-150500.4.55.1
* salt-doc-3006.0-150500.4.55.1
* salt-minion-3006.0-150500.4.55.1
* salt-syndic-3006.0-150500.4.55.1
* salt-transactional-update-3006.0-150500.4.55.1
* salt-master-3006.0-150500.4.55.1
* python3-salt-testsuite-3006.0-150500.4.55.1
* salt-3006.0-150500.4.55.1
* python311-salt-testsuite-3006.0-150500.4.55.1
* salt-standalone-formulas-configuration-3006.0-150500.4.55.1
* python3-salt-3006.0-150500.4.55.1
* salt-api-3006.0-150500.4.55.1
* python311-salt-3006.0-150500.4.55.1
* salt-cloud-3006.0-150500.4.55.1
* openSUSE Leap 15.5 (noarch)
* salt-zsh-completion-3006.0-150500.4.55.1
* salt-bash-completion-3006.0-150500.4.55.1
* salt-fish-completion-3006.0-150500.4.55.1
## References:
* https://www.suse.com/security/cve/CVE-2024-38822.html
* https://www.suse.com/security/cve/CVE-2024-38823.html
* https://www.suse.com/security/cve/CVE-2024-38824.html
* https://www.suse.com/security/cve/CVE-2024-38825.html
* https://www.suse.com/security/cve/CVE-2025-22236.html
* https://www.suse.com/security/cve/CVE-2025-22237.html
* https://www.suse.com/security/cve/CVE-2025-22238.html
* https://www.suse.com/security/cve/CVE-2025-22239.html
* https://www.suse.com/security/cve/CVE-2025-22240.html
* https://www.suse.com/security/cve/CVE-2025-22241.html
* https://www.suse.com/security/cve/CVE-2025-22242.html
* https://www.suse.com/security/cve/CVE-2025-47287.html
* https://bugzilla.suse.com/show_bug.cgi?id=1236621
* https://bugzilla.suse.com/show_bug.cgi?id=1243268
* https://bugzilla.suse.com/show_bug.cgi?id=1244561
* https://bugzilla.suse.com/show_bug.cgi?id=1244564
* https://bugzilla.suse.com/show_bug.cgi?id=1244565
* https://bugzilla.suse.com/show_bug.cgi?id=1244566
* https://bugzilla.suse.com/show_bug.cgi?id=1244567
* https://bugzilla.suse.com/show_bug.cgi?id=1244568
* https://bugzilla.suse.com/show_bug.cgi?id=1244570
* https://bugzilla.suse.com/show_bug.cgi?id=1244571
* https://bugzilla.suse.com/show_bug.cgi?id=1244572
* https://bugzilla.suse.com/show_bug.cgi?id=1244574
* https://bugzilla.suse.com/show_bug.cgi?id=1244575
* https://jira.suse.com/browse/MSQA-993
SUSE-SU-2025:02500-1: important: Security update for salt
# Security update for salt
Announcement ID: SUSE-SU-2025:02500-1
Release Date: 2025-07-23T12:46:44Z
Rating: important
References:
* bsc#1236621
* bsc#1243268
* bsc#1244561
* bsc#1244564
* bsc#1244565
* bsc#1244566
* bsc#1244567
* bsc#1244568
* bsc#1244570
* bsc#1244571
* bsc#1244572
* bsc#1244574
* bsc#1244575
* jsc#MSQA-993
Cross-References:
* CVE-2024-38822
* CVE-2024-38823
* CVE-2024-38824
* CVE-2024-38825
* CVE-2025-22236
* CVE-2025-22237
* CVE-2025-22238
* CVE-2025-22239
* CVE-2025-22240
* CVE-2025-22241
* CVE-2025-22242
* CVE-2025-47287
CVSS scores:
* CVE-2024-38822 ( SUSE ): 5.1
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2024-38822 ( SUSE ): 2.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
* CVE-2024-38822 ( NVD ): 2.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
* CVE-2024-38823 ( SUSE ): 8.2
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2024-38823 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
* CVE-2024-38823 ( NVD ): 2.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
* CVE-2024-38824 ( SUSE ): 9.3
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N
* CVE-2024-38824 ( SUSE ): 9.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N
* CVE-2024-38824 ( NVD ): 9.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N
* CVE-2024-38824 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
* CVE-2024-38825 ( SUSE ): 5.3
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
* CVE-2024-38825 ( SUSE ): 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
* CVE-2024-38825 ( NVD ): 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
* CVE-2025-22236 ( SUSE ): 6.1
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:L
* CVE-2025-22236 ( SUSE ): 8.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L
* CVE-2025-22236 ( NVD ): 8.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L
* CVE-2025-22237 ( SUSE ): 8.4
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-22237 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-22237 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-22238 ( SUSE ): 6.7
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2025-22238 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
* CVE-2025-22238 ( NVD ): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N
* CVE-2025-22239 ( SUSE ): 6.1
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:L
* CVE-2025-22239 ( SUSE ): 8.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L
* CVE-2025-22239 ( NVD ): 8.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L
* CVE-2025-22240 ( SUSE ): 5.4
CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-22240 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-22240 ( NVD ): 6.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-22241 ( SUSE ): 5.3
CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2025-22241 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N
* CVE-2025-22241 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N
* CVE-2025-22242 ( SUSE ): 6.7
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-22242 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-22242 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:H
* CVE-2025-47287 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-47287 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-47287 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
* openSUSE Leap 15.4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3
An update that solves 12 vulnerabilities, contains one feature and has one
security fix can now be installed.
## Description:
This update for salt fixes the following issues:
* Security issues fixed:
* CVE-2024-38822: Fixed Minion token validation (bsc#1244561)
* CVE-2024-38823: Fixed server vulnerability to replay attacks when not using
a TLS encrypted transport (bsc#1244564)
* CVE-2024-38824: Fixed directory traversal vulnerability in recv_file method
(bsc#1244565)
* CVE-2024-38825: Fixed salt.auth.pki module authentication issue
(bsc#1244566)
* CVE-2025-22240: Fixed arbitrary directory creation or file deletion with
GitFS (bsc#1244567)
* CVE-2025-22236: Fixed Minion event bus authorization bypass (bsc#1244568)
* CVE-2025-22241: Fixed the use of un-validated input in the VirtKey class
(bsc#1244570)
* CVE-2025-22237: Fixed exploitation of the 'on demand' pillar functionality
(bsc#1244571)
* CVE-2025-22238: Fixed the master's default cache vulnerability to a
directory traversal attack (bsc#1244572)
* CVE-2025-22239: Fixed the arbitrary event injection on the Salt Master
(bsc#1244574)
* CVE-2025-22242: Fixed a Denial of Service vulnerability through file read
operation (bsc#1244575)
* CVE-2025-47287: Fixed a Denial of Service vulnerability in Tornado logging
behavior (bsc#1243268)
* Other bugs fixed:
* Added subsystem filter to udev.exportdb (bsc#1236621)
* Fixed Ubuntu 24.04 test failures
* Fixed refresh of osrelease and related grains on Python 3.10+
* Fixed issue requiring proper Python flavor for dependencies
## Special Instructions and Notes:
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.4
zypper in -t patch SUSE-2025-2500=1
* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2025-2500=1
* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2025-2500=1
* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2025-2500=1
* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2025-2500=1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2500=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2500=1
* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2500=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2500=1
* SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-2500=1
* SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-2500=1
* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-2500=1
## Package List:
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* salt-syndic-3006.0-150400.8.80.1
* salt-doc-3006.0-150400.8.80.1
* python311-salt-testsuite-3006.0-150400.8.80.1
* salt-ssh-3006.0-150400.8.80.1
* salt-standalone-formulas-configuration-3006.0-150400.8.80.1
* salt-transactional-update-3006.0-150400.8.80.1
* salt-3006.0-150400.8.80.1
* salt-api-3006.0-150400.8.80.1
* python3-salt-3006.0-150400.8.80.1
* salt-master-3006.0-150400.8.80.1
* salt-proxy-3006.0-150400.8.80.1
* python3-salt-testsuite-3006.0-150400.8.80.1
* salt-cloud-3006.0-150400.8.80.1
* salt-minion-3006.0-150400.8.80.1
* python311-salt-3006.0-150400.8.80.1
* openSUSE Leap 15.4 (noarch)
* salt-zsh-completion-3006.0-150400.8.80.1
* salt-fish-completion-3006.0-150400.8.80.1
* salt-bash-completion-3006.0-150400.8.80.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* salt-transactional-update-3006.0-150400.8.80.1
* salt-minion-3006.0-150400.8.80.1
* salt-3006.0-150400.8.80.1
* python3-salt-3006.0-150400.8.80.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* salt-transactional-update-3006.0-150400.8.80.1
* salt-minion-3006.0-150400.8.80.1
* salt-3006.0-150400.8.80.1
* python3-salt-3006.0-150400.8.80.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* salt-transactional-update-3006.0-150400.8.80.1
* salt-minion-3006.0-150400.8.80.1
* salt-3006.0-150400.8.80.1
* python3-salt-3006.0-150400.8.80.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* salt-transactional-update-3006.0-150400.8.80.1
* salt-minion-3006.0-150400.8.80.1
* salt-3006.0-150400.8.80.1
* python3-salt-3006.0-150400.8.80.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* salt-syndic-3006.0-150400.8.80.1
* salt-doc-3006.0-150400.8.80.1
* salt-ssh-3006.0-150400.8.80.1
* salt-standalone-formulas-configuration-3006.0-150400.8.80.1
* salt-3006.0-150400.8.80.1
* salt-api-3006.0-150400.8.80.1
* python3-salt-3006.0-150400.8.80.1
* salt-master-3006.0-150400.8.80.1
* salt-proxy-3006.0-150400.8.80.1
* salt-cloud-3006.0-150400.8.80.1
* salt-minion-3006.0-150400.8.80.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
* salt-zsh-completion-3006.0-150400.8.80.1
* salt-fish-completion-3006.0-150400.8.80.1
* salt-bash-completion-3006.0-150400.8.80.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* salt-syndic-3006.0-150400.8.80.1
* salt-doc-3006.0-150400.8.80.1
* salt-ssh-3006.0-150400.8.80.1
* salt-standalone-formulas-configuration-3006.0-150400.8.80.1
* salt-3006.0-150400.8.80.1
* salt-api-3006.0-150400.8.80.1
* python3-salt-3006.0-150400.8.80.1
* salt-master-3006.0-150400.8.80.1
* salt-proxy-3006.0-150400.8.80.1
* salt-cloud-3006.0-150400.8.80.1
* salt-minion-3006.0-150400.8.80.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
* salt-zsh-completion-3006.0-150400.8.80.1
* salt-fish-completion-3006.0-150400.8.80.1
* salt-bash-completion-3006.0-150400.8.80.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* salt-syndic-3006.0-150400.8.80.1
* salt-doc-3006.0-150400.8.80.1
* salt-ssh-3006.0-150400.8.80.1
* salt-standalone-formulas-configuration-3006.0-150400.8.80.1
* salt-transactional-update-3006.0-150400.8.80.1
* salt-3006.0-150400.8.80.1
* salt-api-3006.0-150400.8.80.1
* python3-salt-3006.0-150400.8.80.1
* salt-master-3006.0-150400.8.80.1
* salt-proxy-3006.0-150400.8.80.1
* salt-cloud-3006.0-150400.8.80.1
* salt-minion-3006.0-150400.8.80.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
* salt-zsh-completion-3006.0-150400.8.80.1
* salt-fish-completion-3006.0-150400.8.80.1
* salt-bash-completion-3006.0-150400.8.80.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* salt-syndic-3006.0-150400.8.80.1
* salt-doc-3006.0-150400.8.80.1
* salt-ssh-3006.0-150400.8.80.1
* salt-standalone-formulas-configuration-3006.0-150400.8.80.1
* salt-3006.0-150400.8.80.1
* salt-api-3006.0-150400.8.80.1
* python3-salt-3006.0-150400.8.80.1
* salt-master-3006.0-150400.8.80.1
* salt-proxy-3006.0-150400.8.80.1
* salt-cloud-3006.0-150400.8.80.1
* salt-minion-3006.0-150400.8.80.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
* salt-zsh-completion-3006.0-150400.8.80.1
* salt-fish-completion-3006.0-150400.8.80.1
* salt-bash-completion-3006.0-150400.8.80.1
* SUSE Manager Proxy 4.3 (x86_64)
* salt-syndic-3006.0-150400.8.80.1
* salt-doc-3006.0-150400.8.80.1
* salt-ssh-3006.0-150400.8.80.1
* salt-standalone-formulas-configuration-3006.0-150400.8.80.1
* salt-3006.0-150400.8.80.1
* salt-api-3006.0-150400.8.80.1
* python3-salt-3006.0-150400.8.80.1
* salt-master-3006.0-150400.8.80.1
* salt-proxy-3006.0-150400.8.80.1
* salt-cloud-3006.0-150400.8.80.1
* salt-minion-3006.0-150400.8.80.1
* SUSE Manager Proxy 4.3 (noarch)
* salt-zsh-completion-3006.0-150400.8.80.1
* salt-fish-completion-3006.0-150400.8.80.1
* salt-bash-completion-3006.0-150400.8.80.1
* SUSE Manager Retail Branch Server 4.3 (x86_64)
* salt-syndic-3006.0-150400.8.80.1
* salt-doc-3006.0-150400.8.80.1
* salt-ssh-3006.0-150400.8.80.1
* salt-standalone-formulas-configuration-3006.0-150400.8.80.1
* salt-3006.0-150400.8.80.1
* salt-api-3006.0-150400.8.80.1
* python3-salt-3006.0-150400.8.80.1
* salt-master-3006.0-150400.8.80.1
* salt-proxy-3006.0-150400.8.80.1
* salt-cloud-3006.0-150400.8.80.1
* salt-minion-3006.0-150400.8.80.1
* SUSE Manager Retail Branch Server 4.3 (noarch)
* salt-zsh-completion-3006.0-150400.8.80.1
* salt-fish-completion-3006.0-150400.8.80.1
* salt-bash-completion-3006.0-150400.8.80.1
* SUSE Manager Server 4.3 (ppc64le s390x x86_64)
* salt-syndic-3006.0-150400.8.80.1
* salt-doc-3006.0-150400.8.80.1
* salt-ssh-3006.0-150400.8.80.1
* salt-standalone-formulas-configuration-3006.0-150400.8.80.1
* salt-3006.0-150400.8.80.1
* salt-api-3006.0-150400.8.80.1
* python3-salt-3006.0-150400.8.80.1
* salt-master-3006.0-150400.8.80.1
* salt-proxy-3006.0-150400.8.80.1
* salt-cloud-3006.0-150400.8.80.1
* salt-minion-3006.0-150400.8.80.1
* SUSE Manager Server 4.3 (noarch)
* salt-zsh-completion-3006.0-150400.8.80.1
* salt-fish-completion-3006.0-150400.8.80.1
* salt-bash-completion-3006.0-150400.8.80.1
## References:
* https://www.suse.com/security/cve/CVE-2024-38822.html
* https://www.suse.com/security/cve/CVE-2024-38823.html
* https://www.suse.com/security/cve/CVE-2024-38824.html
* https://www.suse.com/security/cve/CVE-2024-38825.html
* https://www.suse.com/security/cve/CVE-2025-22236.html
* https://www.suse.com/security/cve/CVE-2025-22237.html
* https://www.suse.com/security/cve/CVE-2025-22238.html
* https://www.suse.com/security/cve/CVE-2025-22239.html
* https://www.suse.com/security/cve/CVE-2025-22240.html
* https://www.suse.com/security/cve/CVE-2025-22241.html
* https://www.suse.com/security/cve/CVE-2025-22242.html
* https://www.suse.com/security/cve/CVE-2025-47287.html
* https://bugzilla.suse.com/show_bug.cgi?id=1236621
* https://bugzilla.suse.com/show_bug.cgi?id=1243268
* https://bugzilla.suse.com/show_bug.cgi?id=1244561
* https://bugzilla.suse.com/show_bug.cgi?id=1244564
* https://bugzilla.suse.com/show_bug.cgi?id=1244565
* https://bugzilla.suse.com/show_bug.cgi?id=1244566
* https://bugzilla.suse.com/show_bug.cgi?id=1244567
* https://bugzilla.suse.com/show_bug.cgi?id=1244568
* https://bugzilla.suse.com/show_bug.cgi?id=1244570
* https://bugzilla.suse.com/show_bug.cgi?id=1244571
* https://bugzilla.suse.com/show_bug.cgi?id=1244572
* https://bugzilla.suse.com/show_bug.cgi?id=1244574
* https://bugzilla.suse.com/show_bug.cgi?id=1244575
* https://jira.suse.com/browse/MSQA-993
SUSE-SU-2025:02472-1: moderate: Security update for gstreamer-plugins-base
# Security update for gstreamer-plugins-base
Announcement ID: SUSE-SU-2025:02472-1
Release Date: 2025-07-23T11:18:56Z
Rating: moderate
References:
* bsc#1244403
* bsc#1244404
* bsc#1244407
Cross-References:
* CVE-2025-47806
* CVE-2025-47807
* CVE-2025-47808
CVSS scores:
* CVE-2025-47806 ( SUSE ): 5.1
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-47806 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2025-47807 ( SUSE ): 5.1
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-47807 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2025-47808 ( SUSE ): 5.1
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-47808 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products:
* openSUSE Leap 15.4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
An update that solves three vulnerabilities can now be installed.
## Description:
This update for gstreamer-plugins-base fixes the following issues:
* CVE-2025-47808: Fixed NULL-pointer dereference in TMPlayer subtitle parser
(bsc#1244404).
* CVE-2025-47807: Fixed NULL-pointer dereference in SubRip subtitle parser
(bsc#1244403).
* CVE-2025-47806: Fixed stack buffer overflow in SubRip subtitle parser
(bsc#1244407).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.4
zypper in -t patch SUSE-2025-2472=1
* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2025-2472=1
* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2025-2472=1
* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2025-2472=1
* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2025-2472=1
## Package List:
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* libgstpbutils-1_0-0-1.20.1-150400.3.14.1
* libgstsdp-1_0-0-debuginfo-1.20.1-150400.3.14.1
* typelib-1_0-GstRtsp-1_0-1.20.1-150400.3.14.1
* gstreamer-plugins-base-debugsource-1.20.1-150400.3.14.1
* libgstriff-1_0-0-debuginfo-1.20.1-150400.3.14.1
* libgstaudio-1_0-0-1.20.1-150400.3.14.1
* libgstallocators-1_0-0-1.20.1-150400.3.14.1
* typelib-1_0-GstApp-1_0-1.20.1-150400.3.14.1
* typelib-1_0-GstGLX11-1_0-1.20.1-150400.3.14.1
* libgstvideo-1_0-0-1.20.1-150400.3.14.1
* libgstsdp-1_0-0-1.20.1-150400.3.14.1
* libgstfft-1_0-0-debuginfo-1.20.1-150400.3.14.1
* libgstrtp-1_0-0-debuginfo-1.20.1-150400.3.14.1
* typelib-1_0-GstAllocators-1_0-1.20.1-150400.3.14.1
* libgstfft-1_0-0-1.20.1-150400.3.14.1
* libgstapp-1_0-0-1.20.1-150400.3.14.1
* libgstpbutils-1_0-0-debuginfo-1.20.1-150400.3.14.1
* libgsttag-1_0-0-debuginfo-1.20.1-150400.3.14.1
* libgsttag-1_0-0-1.20.1-150400.3.14.1
* gstreamer-plugins-base-1.20.1-150400.3.14.1
* typelib-1_0-GstAudio-1_0-1.20.1-150400.3.14.1
* typelib-1_0-GstRtp-1_0-1.20.1-150400.3.14.1
* libgstriff-1_0-0-1.20.1-150400.3.14.1
* libgstgl-1_0-0-1.20.1-150400.3.14.1
* libgstallocators-1_0-0-debuginfo-1.20.1-150400.3.14.1
* libgstrtp-1_0-0-1.20.1-150400.3.14.1
* libgstrtsp-1_0-0-debuginfo-1.20.1-150400.3.14.1
* typelib-1_0-GstSdp-1_0-1.20.1-150400.3.14.1
* gstreamer-plugins-base-devel-1.20.1-150400.3.14.1
* libgstvideo-1_0-0-debuginfo-1.20.1-150400.3.14.1
* libgstrtsp-1_0-0-1.20.1-150400.3.14.1
* libgstapp-1_0-0-debuginfo-1.20.1-150400.3.14.1
* typelib-1_0-GstVideo-1_0-1.20.1-150400.3.14.1
* typelib-1_0-GstGLWayland-1_0-1.20.1-150400.3.14.1
* libgstaudio-1_0-0-debuginfo-1.20.1-150400.3.14.1
* typelib-1_0-GstPbutils-1_0-1.20.1-150400.3.14.1
* libgstgl-1_0-0-debuginfo-1.20.1-150400.3.14.1
* gstreamer-plugins-base-debuginfo-1.20.1-150400.3.14.1
* typelib-1_0-GstGL-1_0-1.20.1-150400.3.14.1
* typelib-1_0-GstTag-1_0-1.20.1-150400.3.14.1
* typelib-1_0-GstGLEGL-1_0-1.20.1-150400.3.14.1
* openSUSE Leap 15.4 (x86_64)
* libgstfft-1_0-0-32bit-debuginfo-1.20.1-150400.3.14.1
* libgstapp-1_0-0-32bit-debuginfo-1.20.1-150400.3.14.1
* libgstpbutils-1_0-0-32bit-debuginfo-1.20.1-150400.3.14.1
* libgstapp-1_0-0-32bit-1.20.1-150400.3.14.1
* libgstriff-1_0-0-32bit-debuginfo-1.20.1-150400.3.14.1
* libgstrtsp-1_0-0-32bit-1.20.1-150400.3.14.1
* libgstriff-1_0-0-32bit-1.20.1-150400.3.14.1
* libgstallocators-1_0-0-32bit-debuginfo-1.20.1-150400.3.14.1
* libgstaudio-1_0-0-32bit-1.20.1-150400.3.14.1
* libgstrtp-1_0-0-32bit-debuginfo-1.20.1-150400.3.14.1
* gstreamer-plugins-base-devel-32bit-1.20.1-150400.3.14.1
* gstreamer-plugins-base-32bit-1.20.1-150400.3.14.1
* libgstallocators-1_0-0-32bit-1.20.1-150400.3.14.1
* libgstgl-1_0-0-32bit-debuginfo-1.20.1-150400.3.14.1
* libgstrtsp-1_0-0-32bit-debuginfo-1.20.1-150400.3.14.1
* libgstaudio-1_0-0-32bit-debuginfo-1.20.1-150400.3.14.1
* libgstrtp-1_0-0-32bit-1.20.1-150400.3.14.1
* libgstvideo-1_0-0-32bit-1.20.1-150400.3.14.1
* gstreamer-plugins-base-32bit-debuginfo-1.20.1-150400.3.14.1
* libgstsdp-1_0-0-32bit-debuginfo-1.20.1-150400.3.14.1
* libgstvideo-1_0-0-32bit-debuginfo-1.20.1-150400.3.14.1
* libgsttag-1_0-0-32bit-1.20.1-150400.3.14.1
* libgstpbutils-1_0-0-32bit-1.20.1-150400.3.14.1
* libgstgl-1_0-0-32bit-1.20.1-150400.3.14.1
* libgstsdp-1_0-0-32bit-1.20.1-150400.3.14.1
* libgsttag-1_0-0-32bit-debuginfo-1.20.1-150400.3.14.1
* libgstfft-1_0-0-32bit-1.20.1-150400.3.14.1
* openSUSE Leap 15.4 (noarch)
* gstreamer-plugins-base-lang-1.20.1-150400.3.14.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* libgstsdp-1_0-0-64bit-debuginfo-1.20.1-150400.3.14.1
* gstreamer-plugins-base-64bit-debuginfo-1.20.1-150400.3.14.1
* libgstrtp-1_0-0-64bit-debuginfo-1.20.1-150400.3.14.1
* libgstapp-1_0-0-64bit-debuginfo-1.20.1-150400.3.14.1
* libgstpbutils-1_0-0-64bit-debuginfo-1.20.1-150400.3.14.1
* libgstfft-1_0-0-64bit-debuginfo-1.20.1-150400.3.14.1
* libgstfft-1_0-0-64bit-1.20.1-150400.3.14.1
* libgstaudio-1_0-0-64bit-debuginfo-1.20.1-150400.3.14.1
* libgstvideo-1_0-0-64bit-1.20.1-150400.3.14.1
* libgstgl-1_0-0-64bit-debuginfo-1.20.1-150400.3.14.1
* libgstaudio-1_0-0-64bit-1.20.1-150400.3.14.1
* libgsttag-1_0-0-64bit-debuginfo-1.20.1-150400.3.14.1
* libgstriff-1_0-0-64bit-1.20.1-150400.3.14.1
* libgstallocators-1_0-0-64bit-1.20.1-150400.3.14.1
* libgstrtsp-1_0-0-64bit-debuginfo-1.20.1-150400.3.14.1
* libgsttag-1_0-0-64bit-1.20.1-150400.3.14.1
* libgstgl-1_0-0-64bit-1.20.1-150400.3.14.1
* libgstrtsp-1_0-0-64bit-1.20.1-150400.3.14.1
* gstreamer-plugins-base-devel-64bit-1.20.1-150400.3.14.1
* libgstapp-1_0-0-64bit-1.20.1-150400.3.14.1
* libgstsdp-1_0-0-64bit-1.20.1-150400.3.14.1
* libgstpbutils-1_0-0-64bit-1.20.1-150400.3.14.1
* libgstvideo-1_0-0-64bit-debuginfo-1.20.1-150400.3.14.1
* libgstriff-1_0-0-64bit-debuginfo-1.20.1-150400.3.14.1
* libgstallocators-1_0-0-64bit-debuginfo-1.20.1-150400.3.14.1
* gstreamer-plugins-base-64bit-1.20.1-150400.3.14.1
* libgstrtp-1_0-0-64bit-1.20.1-150400.3.14.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* libgstapp-1_0-0-debuginfo-1.20.1-150400.3.14.1
* libgstpbutils-1_0-0-1.20.1-150400.3.14.1
* libgsttag-1_0-0-debuginfo-1.20.1-150400.3.14.1
* libgsttag-1_0-0-1.20.1-150400.3.14.1
* gstreamer-plugins-base-1.20.1-150400.3.14.1
* gstreamer-plugins-base-debugsource-1.20.1-150400.3.14.1
* libgstriff-1_0-0-1.20.1-150400.3.14.1
* libgstaudio-1_0-0-debuginfo-1.20.1-150400.3.14.1
* libgstallocators-1_0-0-debuginfo-1.20.1-150400.3.14.1
* libgstgl-1_0-0-1.20.1-150400.3.14.1
* libgstaudio-1_0-0-1.20.1-150400.3.14.1
* gstreamer-plugins-base-debuginfo-1.20.1-150400.3.14.1
* libgstallocators-1_0-0-1.20.1-150400.3.14.1
* libgstgl-1_0-0-debuginfo-1.20.1-150400.3.14.1
* libgstriff-1_0-0-debuginfo-1.20.1-150400.3.14.1
* libgstvideo-1_0-0-1.20.1-150400.3.14.1
* libgstapp-1_0-0-1.20.1-150400.3.14.1
* libgstpbutils-1_0-0-debuginfo-1.20.1-150400.3.14.1
* libgstvideo-1_0-0-debuginfo-1.20.1-150400.3.14.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* libgstapp-1_0-0-debuginfo-1.20.1-150400.3.14.1
* libgstpbutils-1_0-0-1.20.1-150400.3.14.1
* libgsttag-1_0-0-debuginfo-1.20.1-150400.3.14.1
* libgsttag-1_0-0-1.20.1-150400.3.14.1
* gstreamer-plugins-base-1.20.1-150400.3.14.1
* gstreamer-plugins-base-debugsource-1.20.1-150400.3.14.1
* libgstriff-1_0-0-1.20.1-150400.3.14.1
* libgstaudio-1_0-0-debuginfo-1.20.1-150400.3.14.1
* libgstallocators-1_0-0-debuginfo-1.20.1-150400.3.14.1
* libgstgl-1_0-0-1.20.1-150400.3.14.1
* libgstaudio-1_0-0-1.20.1-150400.3.14.1
* gstreamer-plugins-base-debuginfo-1.20.1-150400.3.14.1
* libgstallocators-1_0-0-1.20.1-150400.3.14.1
* libgstgl-1_0-0-debuginfo-1.20.1-150400.3.14.1
* libgstriff-1_0-0-debuginfo-1.20.1-150400.3.14.1
* libgstvideo-1_0-0-1.20.1-150400.3.14.1
* libgstapp-1_0-0-1.20.1-150400.3.14.1
* libgstpbutils-1_0-0-debuginfo-1.20.1-150400.3.14.1
* libgstvideo-1_0-0-debuginfo-1.20.1-150400.3.14.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* libgstapp-1_0-0-debuginfo-1.20.1-150400.3.14.1
* libgstpbutils-1_0-0-1.20.1-150400.3.14.1
* libgsttag-1_0-0-debuginfo-1.20.1-150400.3.14.1
* libgsttag-1_0-0-1.20.1-150400.3.14.1
* gstreamer-plugins-base-1.20.1-150400.3.14.1
* gstreamer-plugins-base-debugsource-1.20.1-150400.3.14.1
* libgstriff-1_0-0-1.20.1-150400.3.14.1
* libgstaudio-1_0-0-debuginfo-1.20.1-150400.3.14.1
* libgstallocators-1_0-0-debuginfo-1.20.1-150400.3.14.1
* libgstgl-1_0-0-1.20.1-150400.3.14.1
* libgstaudio-1_0-0-1.20.1-150400.3.14.1
* gstreamer-plugins-base-debuginfo-1.20.1-150400.3.14.1
* libgstallocators-1_0-0-1.20.1-150400.3.14.1
* libgstgl-1_0-0-debuginfo-1.20.1-150400.3.14.1
* libgstriff-1_0-0-debuginfo-1.20.1-150400.3.14.1
* libgstvideo-1_0-0-1.20.1-150400.3.14.1
* libgstapp-1_0-0-1.20.1-150400.3.14.1
* libgstpbutils-1_0-0-debuginfo-1.20.1-150400.3.14.1
* libgstvideo-1_0-0-debuginfo-1.20.1-150400.3.14.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* libgstapp-1_0-0-debuginfo-1.20.1-150400.3.14.1
* libgstpbutils-1_0-0-1.20.1-150400.3.14.1
* libgsttag-1_0-0-debuginfo-1.20.1-150400.3.14.1
* libgsttag-1_0-0-1.20.1-150400.3.14.1
* gstreamer-plugins-base-1.20.1-150400.3.14.1
* gstreamer-plugins-base-debugsource-1.20.1-150400.3.14.1
* libgstriff-1_0-0-1.20.1-150400.3.14.1
* libgstaudio-1_0-0-debuginfo-1.20.1-150400.3.14.1
* libgstallocators-1_0-0-debuginfo-1.20.1-150400.3.14.1
* libgstgl-1_0-0-1.20.1-150400.3.14.1
* libgstaudio-1_0-0-1.20.1-150400.3.14.1
* gstreamer-plugins-base-debuginfo-1.20.1-150400.3.14.1
* libgstallocators-1_0-0-1.20.1-150400.3.14.1
* libgstgl-1_0-0-debuginfo-1.20.1-150400.3.14.1
* libgstriff-1_0-0-debuginfo-1.20.1-150400.3.14.1
* libgstvideo-1_0-0-1.20.1-150400.3.14.1
* libgstapp-1_0-0-1.20.1-150400.3.14.1
* libgstpbutils-1_0-0-debuginfo-1.20.1-150400.3.14.1
* libgstvideo-1_0-0-debuginfo-1.20.1-150400.3.14.1
## References:
* https://www.suse.com/security/cve/CVE-2025-47806.html
* https://www.suse.com/security/cve/CVE-2025-47807.html
* https://www.suse.com/security/cve/CVE-2025-47808.html
* https://bugzilla.suse.com/show_bug.cgi?id=1244403
* https://bugzilla.suse.com/show_bug.cgi?id=1244404
* https://bugzilla.suse.com/show_bug.cgi?id=1244407
SUSE-SU-2025:02470-1: important: Security update for the Linux Kernel (Live Patch 40 for SLE 15 SP4)
# Security update for the Linux Kernel (Live Patch 40 for SLE 15 SP4)
Announcement ID: SUSE-SU-2025:02470-1
Release Date: 2025-07-22T20:04:04Z
Rating: important
References:
* bsc#1243648
Cross-References:
* CVE-2024-56558
CVSS scores:
* CVE-2024-56558 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-56558 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-56558 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
* openSUSE Leap 15.4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise Live Patching 15-SP4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Real Time 15 SP4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
An update that solves one vulnerability can now be installed.
## Description:
This update for the Linux Kernel 5.14.21-150400_24_164 fixes one issue.
The following security issue was fixed:
* CVE-2024-56558: nfsd: make sure exp active before svc_export_show
(bsc#1243648).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.4
zypper in -t patch SUSE-2025-2470=1
* SUSE Linux Enterprise Live Patching 15-SP4
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-2470=1
## Package List:
* openSUSE Leap 15.4 (ppc64le s390x x86_64)
* kernel-livepatch-5_14_21-150400_24_164-default-2-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_40-debugsource-2-150400.2.1
* kernel-livepatch-5_14_21-150400_24_164-default-debuginfo-2-150400.2.1
* SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64)
* kernel-livepatch-5_14_21-150400_24_164-default-2-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_40-debugsource-2-150400.2.1
* kernel-livepatch-5_14_21-150400_24_164-default-debuginfo-2-150400.2.1
## References:
* https://www.suse.com/security/cve/CVE-2024-56558.html
* https://bugzilla.suse.com/show_bug.cgi?id=1243648
