RabbitMQ-Server, Apparmor, Kernel-Devel, and more updates for SUSE

SUSE 5339 Published by

SUSE Linux has received several security updates, including moderate fixes for rabbitmq-server313, apparmor, kernel-devel, python311-Django, grub2-2.12-50.1, openssl-3, and go1.24:

SUSE-SU-2025:1548-1: moderate: Security update for rabbitmq-server313
SUSE-SU-2025:1549-1: moderate: Security update for apparmor
openSUSE-SU-2025:15086-1: moderate: kernel-devel-6.14.6-1.1 on GA media
openSUSE-SU-2025:15087-1: moderate: python311-Django-5.2.1-1.1 on GA media
openSUSE-SU-2025:15085-1: moderate: grub2-2.12-50.1 on GA media
SUSE-SU-2025:1550-1: important: Security update for openssl-3
SUSE-SU-2025:1551-1: moderate: Security update for go1.24




SUSE-SU-2025:1548-1: moderate: Security update for rabbitmq-server313


# Security update for rabbitmq-server313

Announcement ID: SUSE-SU-2025:1548-1
Release Date: 2025-05-14T08:25:21Z
Rating: moderate
References:

* bsc#1231656
* bsc#1234763
* bsc#1240071

Cross-References:

* CVE-2025-30219

CVSS scores:

* CVE-2025-30219 ( SUSE ): 5.7
CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2025-30219 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:L
* CVE-2025-30219 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:L

Affected Products:

* openSUSE Leap 15.6
* Server Applications Module 15-SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves one vulnerability and has two security fixes can now be
installed.

## Description:

This update for rabbitmq-server313 fixes the following issues:

* CVE-2025-30219: incorrectly escaped virtual hostname present in error
message could lead to XSS attack. (bsc#1240071)

Non-security fixes:

* Require rabbitmq-server313-plugins rather then rabbitmq-server-plugins.
(bsc#1231656, bsc#1234763)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2025-1548=1 openSUSE-SLE-15.6-2025-1548=1

* Server Applications Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-1548=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* erlang-rabbitmq-client313-3.13.1-150600.13.8.1
* rabbitmq-server313-plugins-3.13.1-150600.13.8.1
* rabbitmq-server313-3.13.1-150600.13.8.1
* openSUSE Leap 15.6 (noarch)
* rabbitmq-server313-bash-completion-3.13.1-150600.13.8.1
* rabbitmq-server313-zsh-completion-3.13.1-150600.13.8.1
* Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* erlang-rabbitmq-client313-3.13.1-150600.13.8.1
* rabbitmq-server313-plugins-3.13.1-150600.13.8.1
* rabbitmq-server313-3.13.1-150600.13.8.1

## References:

* https://www.suse.com/security/cve/CVE-2025-30219.html
* https://bugzilla.suse.com/show_bug.cgi?id=1231656
* https://bugzilla.suse.com/show_bug.cgi?id=1234763
* https://bugzilla.suse.com/show_bug.cgi?id=1240071



SUSE-SU-2025:1549-1: moderate: Security update for apparmor


# Security update for apparmor

Announcement ID: SUSE-SU-2025:1549-1
Release Date: 2025-05-14T09:06:46Z
Rating: moderate
References:

* bsc#1241678

Cross-References:

* CVE-2024-10041

CVSS scores:

* CVE-2024-10041 ( SUSE ): 5.7
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2024-10041 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2024-10041 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Affected Products:

* openSUSE Leap 15.4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3

An update that solves one vulnerability can now be installed.

## Description:

This update for apparmor fixes the following issues:

* Add dac_read_search capability for unix_chkpwd to allow it to read the
shadow file even if it has 000 permissions. This is needed after the
CVE-2024-10041 fix in PAM. (bsc#1241678)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2025-1549=1

* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2025-1549=1

* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2025-1549=1

* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2025-1549=1

* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2025-1549=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1549=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1549=1

* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1549=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1549=1

* SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-1549=1

* SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-1549=1

* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-1549=1

## Package List:

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* apparmor-debugsource-3.0.4-150400.5.18.1
* ruby-apparmor-3.0.4-150400.5.18.1
* pam_apparmor-3.0.4-150400.5.18.1
* perl-apparmor-debuginfo-3.0.4-150400.5.18.1
* perl-apparmor-3.0.4-150400.5.18.1
* python3-apparmor-debuginfo-3.0.4-150400.5.18.1
* libapparmor-debugsource-3.0.4-150400.5.18.1
* libapparmor-devel-3.0.4-150400.5.18.1
* ruby-apparmor-debuginfo-3.0.4-150400.5.18.1
* apparmor-parser-debuginfo-3.0.4-150400.5.18.1
* python3-apparmor-3.0.4-150400.5.18.1
* libapparmor1-debuginfo-3.0.4-150400.5.18.1
* libapparmor1-3.0.4-150400.5.18.1
* apache2-mod_apparmor-debuginfo-3.0.4-150400.5.18.1
* apache2-mod_apparmor-3.0.4-150400.5.18.1
* pam_apparmor-debuginfo-3.0.4-150400.5.18.1
* apparmor-parser-3.0.4-150400.5.18.1
* openSUSE Leap 15.4 (noarch)
* apparmor-profiles-3.0.4-150400.5.18.1
* apparmor-parser-lang-3.0.4-150400.5.18.1
* apparmor-abstractions-3.0.4-150400.5.18.1
* apparmor-docs-3.0.4-150400.5.18.1
* apparmor-utils-3.0.4-150400.5.18.1
* apparmor-utils-lang-3.0.4-150400.5.18.1
* openSUSE Leap 15.4 (x86_64)
* pam_apparmor-32bit-debuginfo-3.0.4-150400.5.18.1
* libapparmor1-32bit-3.0.4-150400.5.18.1
* libapparmor1-32bit-debuginfo-3.0.4-150400.5.18.1
* pam_apparmor-32bit-3.0.4-150400.5.18.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* pam_apparmor-64bit-3.0.4-150400.5.18.1
* libapparmor1-64bit-3.0.4-150400.5.18.1
* pam_apparmor-64bit-debuginfo-3.0.4-150400.5.18.1
* libapparmor1-64bit-debuginfo-3.0.4-150400.5.18.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* apparmor-debugsource-3.0.4-150400.5.18.1
* libapparmor-debugsource-3.0.4-150400.5.18.1
* pam_apparmor-3.0.4-150400.5.18.1
* apparmor-parser-debuginfo-3.0.4-150400.5.18.1
* libapparmor1-debuginfo-3.0.4-150400.5.18.1
* libapparmor1-3.0.4-150400.5.18.1
* pam_apparmor-debuginfo-3.0.4-150400.5.18.1
* apparmor-parser-3.0.4-150400.5.18.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* apparmor-debugsource-3.0.4-150400.5.18.1
* libapparmor-debugsource-3.0.4-150400.5.18.1
* pam_apparmor-3.0.4-150400.5.18.1
* apparmor-parser-debuginfo-3.0.4-150400.5.18.1
* libapparmor1-debuginfo-3.0.4-150400.5.18.1
* libapparmor1-3.0.4-150400.5.18.1
* pam_apparmor-debuginfo-3.0.4-150400.5.18.1
* apparmor-parser-3.0.4-150400.5.18.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* apparmor-debugsource-3.0.4-150400.5.18.1
* libapparmor-debugsource-3.0.4-150400.5.18.1
* pam_apparmor-3.0.4-150400.5.18.1
* apparmor-parser-debuginfo-3.0.4-150400.5.18.1
* libapparmor1-debuginfo-3.0.4-150400.5.18.1
* libapparmor1-3.0.4-150400.5.18.1
* pam_apparmor-debuginfo-3.0.4-150400.5.18.1
* apparmor-parser-3.0.4-150400.5.18.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* apparmor-debugsource-3.0.4-150400.5.18.1
* libapparmor-debugsource-3.0.4-150400.5.18.1
* pam_apparmor-3.0.4-150400.5.18.1
* apparmor-parser-debuginfo-3.0.4-150400.5.18.1
* libapparmor1-debuginfo-3.0.4-150400.5.18.1
* libapparmor1-3.0.4-150400.5.18.1
* pam_apparmor-debuginfo-3.0.4-150400.5.18.1
* apparmor-parser-3.0.4-150400.5.18.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* apparmor-debugsource-3.0.4-150400.5.18.1
* libapparmor-debugsource-3.0.4-150400.5.18.1
* libapparmor-devel-3.0.4-150400.5.18.1
* pam_apparmor-3.0.4-150400.5.18.1
* perl-apparmor-3.0.4-150400.5.18.1
* perl-apparmor-debuginfo-3.0.4-150400.5.18.1
* python3-apparmor-debuginfo-3.0.4-150400.5.18.1
* apparmor-parser-debuginfo-3.0.4-150400.5.18.1
* python3-apparmor-3.0.4-150400.5.18.1
* libapparmor1-debuginfo-3.0.4-150400.5.18.1
* libapparmor1-3.0.4-150400.5.18.1
* apache2-mod_apparmor-debuginfo-3.0.4-150400.5.18.1
* apache2-mod_apparmor-3.0.4-150400.5.18.1
* pam_apparmor-debuginfo-3.0.4-150400.5.18.1
* apparmor-parser-3.0.4-150400.5.18.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
* apparmor-profiles-3.0.4-150400.5.18.1
* apparmor-parser-lang-3.0.4-150400.5.18.1
* apparmor-abstractions-3.0.4-150400.5.18.1
* apparmor-docs-3.0.4-150400.5.18.1
* apparmor-utils-3.0.4-150400.5.18.1
* apparmor-utils-lang-3.0.4-150400.5.18.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64)
* pam_apparmor-32bit-debuginfo-3.0.4-150400.5.18.1
* libapparmor1-32bit-3.0.4-150400.5.18.1
* libapparmor1-32bit-debuginfo-3.0.4-150400.5.18.1
* pam_apparmor-32bit-3.0.4-150400.5.18.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* apparmor-debugsource-3.0.4-150400.5.18.1
* libapparmor-debugsource-3.0.4-150400.5.18.1
* libapparmor-devel-3.0.4-150400.5.18.1
* pam_apparmor-3.0.4-150400.5.18.1
* perl-apparmor-3.0.4-150400.5.18.1
* perl-apparmor-debuginfo-3.0.4-150400.5.18.1
* python3-apparmor-debuginfo-3.0.4-150400.5.18.1
* apparmor-parser-debuginfo-3.0.4-150400.5.18.1
* python3-apparmor-3.0.4-150400.5.18.1
* libapparmor1-debuginfo-3.0.4-150400.5.18.1
* libapparmor1-3.0.4-150400.5.18.1
* apache2-mod_apparmor-debuginfo-3.0.4-150400.5.18.1
* apache2-mod_apparmor-3.0.4-150400.5.18.1
* pam_apparmor-debuginfo-3.0.4-150400.5.18.1
* apparmor-parser-3.0.4-150400.5.18.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
* apparmor-profiles-3.0.4-150400.5.18.1
* apparmor-parser-lang-3.0.4-150400.5.18.1
* apparmor-abstractions-3.0.4-150400.5.18.1
* apparmor-docs-3.0.4-150400.5.18.1
* apparmor-utils-3.0.4-150400.5.18.1
* apparmor-utils-lang-3.0.4-150400.5.18.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64)
* pam_apparmor-32bit-debuginfo-3.0.4-150400.5.18.1
* libapparmor1-32bit-3.0.4-150400.5.18.1
* libapparmor1-32bit-debuginfo-3.0.4-150400.5.18.1
* pam_apparmor-32bit-3.0.4-150400.5.18.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* apparmor-debugsource-3.0.4-150400.5.18.1
* libapparmor-debugsource-3.0.4-150400.5.18.1
* libapparmor-devel-3.0.4-150400.5.18.1
* pam_apparmor-3.0.4-150400.5.18.1
* perl-apparmor-3.0.4-150400.5.18.1
* perl-apparmor-debuginfo-3.0.4-150400.5.18.1
* python3-apparmor-debuginfo-3.0.4-150400.5.18.1
* apparmor-parser-debuginfo-3.0.4-150400.5.18.1
* python3-apparmor-3.0.4-150400.5.18.1
* libapparmor1-debuginfo-3.0.4-150400.5.18.1
* libapparmor1-3.0.4-150400.5.18.1
* apache2-mod_apparmor-debuginfo-3.0.4-150400.5.18.1
* apache2-mod_apparmor-3.0.4-150400.5.18.1
* pam_apparmor-debuginfo-3.0.4-150400.5.18.1
* apparmor-parser-3.0.4-150400.5.18.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
* apparmor-profiles-3.0.4-150400.5.18.1
* apparmor-parser-lang-3.0.4-150400.5.18.1
* apparmor-abstractions-3.0.4-150400.5.18.1
* apparmor-docs-3.0.4-150400.5.18.1
* apparmor-utils-3.0.4-150400.5.18.1
* apparmor-utils-lang-3.0.4-150400.5.18.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64)
* pam_apparmor-32bit-debuginfo-3.0.4-150400.5.18.1
* libapparmor1-32bit-3.0.4-150400.5.18.1
* libapparmor1-32bit-debuginfo-3.0.4-150400.5.18.1
* pam_apparmor-32bit-3.0.4-150400.5.18.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* apparmor-debugsource-3.0.4-150400.5.18.1
* libapparmor-debugsource-3.0.4-150400.5.18.1
* libapparmor-devel-3.0.4-150400.5.18.1
* pam_apparmor-3.0.4-150400.5.18.1
* perl-apparmor-3.0.4-150400.5.18.1
* perl-apparmor-debuginfo-3.0.4-150400.5.18.1
* python3-apparmor-debuginfo-3.0.4-150400.5.18.1
* apparmor-parser-debuginfo-3.0.4-150400.5.18.1
* python3-apparmor-3.0.4-150400.5.18.1
* libapparmor1-debuginfo-3.0.4-150400.5.18.1
* libapparmor1-3.0.4-150400.5.18.1
* apache2-mod_apparmor-debuginfo-3.0.4-150400.5.18.1
* apache2-mod_apparmor-3.0.4-150400.5.18.1
* pam_apparmor-debuginfo-3.0.4-150400.5.18.1
* apparmor-parser-3.0.4-150400.5.18.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
* apparmor-profiles-3.0.4-150400.5.18.1
* apparmor-parser-lang-3.0.4-150400.5.18.1
* apparmor-abstractions-3.0.4-150400.5.18.1
* apparmor-docs-3.0.4-150400.5.18.1
* apparmor-utils-3.0.4-150400.5.18.1
* apparmor-utils-lang-3.0.4-150400.5.18.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
* pam_apparmor-32bit-debuginfo-3.0.4-150400.5.18.1
* libapparmor1-32bit-3.0.4-150400.5.18.1
* libapparmor1-32bit-debuginfo-3.0.4-150400.5.18.1
* pam_apparmor-32bit-3.0.4-150400.5.18.1
* SUSE Manager Proxy 4.3 (x86_64)
* apparmor-debugsource-3.0.4-150400.5.18.1
* libapparmor-debugsource-3.0.4-150400.5.18.1
* libapparmor-devel-3.0.4-150400.5.18.1
* pam_apparmor-3.0.4-150400.5.18.1
* python3-apparmor-debuginfo-3.0.4-150400.5.18.1
* libapparmor1-32bit-debuginfo-3.0.4-150400.5.18.1
* pam_apparmor-32bit-3.0.4-150400.5.18.1
* apparmor-parser-debuginfo-3.0.4-150400.5.18.1
* libapparmor1-32bit-3.0.4-150400.5.18.1
* python3-apparmor-3.0.4-150400.5.18.1
* libapparmor1-debuginfo-3.0.4-150400.5.18.1
* libapparmor1-3.0.4-150400.5.18.1
* apache2-mod_apparmor-debuginfo-3.0.4-150400.5.18.1
* pam_apparmor-32bit-debuginfo-3.0.4-150400.5.18.1
* apache2-mod_apparmor-3.0.4-150400.5.18.1
* pam_apparmor-debuginfo-3.0.4-150400.5.18.1
* apparmor-parser-3.0.4-150400.5.18.1
* SUSE Manager Proxy 4.3 (noarch)
* apparmor-profiles-3.0.4-150400.5.18.1
* apparmor-parser-lang-3.0.4-150400.5.18.1
* apparmor-abstractions-3.0.4-150400.5.18.1
* apparmor-docs-3.0.4-150400.5.18.1
* apparmor-utils-3.0.4-150400.5.18.1
* apparmor-utils-lang-3.0.4-150400.5.18.1
* SUSE Manager Retail Branch Server 4.3 (x86_64)
* apparmor-debugsource-3.0.4-150400.5.18.1
* libapparmor-debugsource-3.0.4-150400.5.18.1
* libapparmor-devel-3.0.4-150400.5.18.1
* pam_apparmor-3.0.4-150400.5.18.1
* python3-apparmor-debuginfo-3.0.4-150400.5.18.1
* libapparmor1-32bit-debuginfo-3.0.4-150400.5.18.1
* pam_apparmor-32bit-3.0.4-150400.5.18.1
* apparmor-parser-debuginfo-3.0.4-150400.5.18.1
* libapparmor1-32bit-3.0.4-150400.5.18.1
* python3-apparmor-3.0.4-150400.5.18.1
* libapparmor1-debuginfo-3.0.4-150400.5.18.1
* libapparmor1-3.0.4-150400.5.18.1
* apache2-mod_apparmor-debuginfo-3.0.4-150400.5.18.1
* pam_apparmor-32bit-debuginfo-3.0.4-150400.5.18.1
* apache2-mod_apparmor-3.0.4-150400.5.18.1
* pam_apparmor-debuginfo-3.0.4-150400.5.18.1
* apparmor-parser-3.0.4-150400.5.18.1
* SUSE Manager Retail Branch Server 4.3 (noarch)
* apparmor-profiles-3.0.4-150400.5.18.1
* apparmor-parser-lang-3.0.4-150400.5.18.1
* apparmor-abstractions-3.0.4-150400.5.18.1
* apparmor-docs-3.0.4-150400.5.18.1
* apparmor-utils-3.0.4-150400.5.18.1
* apparmor-utils-lang-3.0.4-150400.5.18.1
* SUSE Manager Server 4.3 (ppc64le s390x x86_64)
* apparmor-debugsource-3.0.4-150400.5.18.1
* libapparmor-debugsource-3.0.4-150400.5.18.1
* libapparmor-devel-3.0.4-150400.5.18.1
* pam_apparmor-3.0.4-150400.5.18.1
* python3-apparmor-debuginfo-3.0.4-150400.5.18.1
* apparmor-parser-debuginfo-3.0.4-150400.5.18.1
* python3-apparmor-3.0.4-150400.5.18.1
* libapparmor1-debuginfo-3.0.4-150400.5.18.1
* libapparmor1-3.0.4-150400.5.18.1
* apache2-mod_apparmor-debuginfo-3.0.4-150400.5.18.1
* apache2-mod_apparmor-3.0.4-150400.5.18.1
* pam_apparmor-debuginfo-3.0.4-150400.5.18.1
* apparmor-parser-3.0.4-150400.5.18.1
* SUSE Manager Server 4.3 (noarch)
* apparmor-profiles-3.0.4-150400.5.18.1
* apparmor-parser-lang-3.0.4-150400.5.18.1
* apparmor-abstractions-3.0.4-150400.5.18.1
* apparmor-docs-3.0.4-150400.5.18.1
* apparmor-utils-3.0.4-150400.5.18.1
* apparmor-utils-lang-3.0.4-150400.5.18.1
* SUSE Manager Server 4.3 (x86_64)
* pam_apparmor-32bit-debuginfo-3.0.4-150400.5.18.1
* libapparmor1-32bit-3.0.4-150400.5.18.1
* libapparmor1-32bit-debuginfo-3.0.4-150400.5.18.1
* pam_apparmor-32bit-3.0.4-150400.5.18.1

## References:

* https://www.suse.com/security/cve/CVE-2024-10041.html
* https://bugzilla.suse.com/show_bug.cgi?id=1241678



openSUSE-SU-2025:15086-1: moderate: kernel-devel-6.14.6-1.1 on GA media


# kernel-devel-6.14.6-1.1 on GA media

Announcement ID: openSUSE-SU-2025:15086-1
Rating: moderate

Cross-References:

* CVE-2024-28956

CVSS scores:

* CVE-2024-28956 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
* CVE-2024-28956 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the kernel-devel-6.14.6-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* kernel-devel 6.14.6-1.1
* kernel-macros 6.14.6-1.1
* kernel-source 6.14.6-1.1
* kernel-source-vanilla 6.14.6-1.1

## References:

* https://www.suse.com/security/cve/CVE-2024-28956.html



openSUSE-SU-2025:15087-1: moderate: python311-Django-5.2.1-1.1 on GA media


# python311-Django-5.2.1-1.1 on GA media

Announcement ID: openSUSE-SU-2025:15087-1
Rating: moderate

Cross-References:

* CVE-2025-32873

CVSS scores:

* CVE-2025-32873 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the python311-Django-5.2.1-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* python311-Django 5.2.1-1.1
* python312-Django 5.2.1-1.1
* python313-Django 5.2.1-1.1

## References:

* https://www.suse.com/security/cve/CVE-2025-32873.html



openSUSE-SU-2025:15085-1: moderate: grub2-2.12-50.1 on GA media


# grub2-2.12-50.1 on GA media

Announcement ID: openSUSE-SU-2025:15085-1
Rating: moderate

Cross-References:

* CVE-2025-4382

CVSS scores:

* CVE-2025-4382 ( SUSE ): 5.9 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
* CVE-2025-4382 ( SUSE ): 8.4 CVSS:4.0/AV:P/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the grub2-2.12-50.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* grub2 2.12-50.1
* grub2-branding-upstream 2.12-50.1
* grub2-common 2.12-50.1
* grub2-i386-efi 2.12-50.1
* grub2-i386-efi-bls 2.12-50.1
* grub2-i386-efi-debug 2.12-50.1
* grub2-i386-efi-extras 2.12-50.1
* grub2-i386-pc 2.12-50.1
* grub2-i386-pc-debug 2.12-50.1
* grub2-i386-pc-extras 2.12-50.1
* grub2-snapper-plugin 2.12-50.1
* grub2-systemd-sleep-plugin 2.12-50.1
* grub2-x86_64-efi 2.12-50.1
* grub2-x86_64-efi-bls 2.12-50.1
* grub2-x86_64-efi-debug 2.12-50.1
* grub2-x86_64-efi-extras 2.12-50.1
* grub2-x86_64-xen 2.12-50.1
* grub2-x86_64-xen-debug 2.12-50.1
* grub2-x86_64-xen-extras 2.12-50.1

## References:

* https://www.suse.com/security/cve/CVE-2025-4382.html



SUSE-SU-2025:1550-1: important: Security update for openssl-3


# Security update for openssl-3

Announcement ID: SUSE-SU-2025:1550-1
Release Date: 2025-05-14T17:05:27Z
Rating: important
References:

* bsc#1230959
* bsc#1231748
* bsc#1232326
* bsc#1240366
* bsc#1240607

Cross-References:

* CVE-2025-27587

CVSS scores:

* CVE-2025-27587 ( SUSE ): 6.0
CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2025-27587 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Affected Products:

* Basesystem Module 15-SP6
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves one vulnerability and has four security fixes can now be
installed.

## Description:

This update for openssl-3 fixes the following issues:

Security:

* CVE-2025-27587: Timing side channel vulnerability in the P-384
implementation when used with ECDSA in the PPC architecture (bsc#1240366).
* Missing null pointer check before accessing handshake_func in ssl_lib.c
(bsc#1240607).

FIPS:

* Disabling EMS in OpenSSL configuration prevents sshd from starting
(bsc#1230959, bsc#1232326, bsc#1231748).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2025-1550=1 openSUSE-SLE-15.6-2025-1550=1

* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1550=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* libopenssl3-3.1.4-150600.5.27.1
* libopenssl-3-fips-provider-debuginfo-3.1.4-150600.5.27.1
* openssl-3-3.1.4-150600.5.27.1
* openssl-3-debuginfo-3.1.4-150600.5.27.1
* libopenssl-3-devel-3.1.4-150600.5.27.1
* openssl-3-debugsource-3.1.4-150600.5.27.1
* libopenssl3-debuginfo-3.1.4-150600.5.27.1
* libopenssl-3-fips-provider-3.1.4-150600.5.27.1
* openSUSE Leap 15.6 (x86_64)
* libopenssl3-32bit-debuginfo-3.1.4-150600.5.27.1
* libopenssl-3-devel-32bit-3.1.4-150600.5.27.1
* libopenssl3-32bit-3.1.4-150600.5.27.1
* libopenssl-3-fips-provider-32bit-3.1.4-150600.5.27.1
* libopenssl-3-fips-provider-32bit-debuginfo-3.1.4-150600.5.27.1
* openSUSE Leap 15.6 (noarch)
* openssl-3-doc-3.1.4-150600.5.27.1
* openSUSE Leap 15.6 (aarch64_ilp32)
* libopenssl3-64bit-debuginfo-3.1.4-150600.5.27.1
* libopenssl-3-devel-64bit-3.1.4-150600.5.27.1
* libopenssl-3-fips-provider-64bit-debuginfo-3.1.4-150600.5.27.1
* libopenssl-3-fips-provider-64bit-3.1.4-150600.5.27.1
* libopenssl3-64bit-3.1.4-150600.5.27.1
* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* libopenssl3-3.1.4-150600.5.27.1
* libopenssl-3-fips-provider-debuginfo-3.1.4-150600.5.27.1
* openssl-3-3.1.4-150600.5.27.1
* openssl-3-debuginfo-3.1.4-150600.5.27.1
* libopenssl-3-devel-3.1.4-150600.5.27.1
* openssl-3-debugsource-3.1.4-150600.5.27.1
* libopenssl3-debuginfo-3.1.4-150600.5.27.1
* libopenssl-3-fips-provider-3.1.4-150600.5.27.1
* Basesystem Module 15-SP6 (x86_64)
* libopenssl-3-fips-provider-32bit-3.1.4-150600.5.27.1
* libopenssl3-32bit-debuginfo-3.1.4-150600.5.27.1
* libopenssl-3-fips-provider-32bit-debuginfo-3.1.4-150600.5.27.1
* libopenssl3-32bit-3.1.4-150600.5.27.1

## References:

* https://www.suse.com/security/cve/CVE-2025-27587.html
* https://bugzilla.suse.com/show_bug.cgi?id=1230959
* https://bugzilla.suse.com/show_bug.cgi?id=1231748
* https://bugzilla.suse.com/show_bug.cgi?id=1232326
* https://bugzilla.suse.com/show_bug.cgi?id=1240366
* https://bugzilla.suse.com/show_bug.cgi?id=1240607



SUSE-SU-2025:1551-1: moderate: Security update for go1.24


# Security update for go1.24

Announcement ID: SUSE-SU-2025:1551-1
Release Date: 2025-05-14T17:06:42Z
Rating: moderate
References:

* bsc#1236217
* bsc#1242715

Cross-References:

* CVE-2025-22873

CVSS scores:

* CVE-2025-22873 ( SUSE ): 2.0
CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2025-22873 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

Affected Products:

* Development Tools Module 15-SP6
* openSUSE Leap 15.6
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves one vulnerability and has one security fix can now be
installed.

## Description:

This update for go1.24 fixes the following issues:

Update to go1.24.3 (bsc#1236217):

Security fixes:

* CVE-2025-22873: Fixed os.Root permits access to parent directory
(bsc#1242715)

Changelog:

* go#73556 go#73555 security: fix CVE-2025-22873 os: Root permits access to
parent directory
* go#73082 os: Root.Open panics when opening a symlink referencing the root
* go#73092 cmd/link: linkname directive on userspace variable can override
runtime variable
* go#73118 crypto/tls: ECH decodeInnerClientHello incorrectly rejects
ClientHello with GREASE values in supportedVersions
* go#73144 runtime: segmentation fault from vgetrandomPutState and
runtime.growslice w/ runtime.OSLockThread
* go#73192 runtime: -race data race map traceback report incorrect functions
* go#73281 cmd/compile: program compiles to wasm but is invalid:
go:wasmexport: integer too large
* go#73379 runtime, x/sys/unix: Connectx is broken on darwin/amd64
* go#73440 cmd/compile: infinite loop in the inliner
* go#73500 cmd/go: +dirty in version stamping doesn't combine well with
+incompatible

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2025-1551=1

* Development Tools Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-1551=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1551=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1551=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1551=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1551=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1551=1

* SUSE Linux Enterprise Server 15 SP3 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1551=1

* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1551=1

* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1551=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1551=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1551=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1551=1

* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2025-1551=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* go1.24-race-1.24.3-150000.1.23.1
* go1.24-doc-1.24.3-150000.1.23.1
* go1.24-1.24.3-150000.1.23.1
* Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* go1.24-race-1.24.3-150000.1.23.1
* go1.24-doc-1.24.3-150000.1.23.1
* go1.24-1.24.3-150000.1.23.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
x86_64)
* go1.24-race-1.24.3-150000.1.23.1
* go1.24-doc-1.24.3-150000.1.23.1
* go1.24-1.24.3-150000.1.23.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* go1.24-race-1.24.3-150000.1.23.1
* go1.24-doc-1.24.3-150000.1.23.1
* go1.24-1.24.3-150000.1.23.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* go1.24-race-1.24.3-150000.1.23.1
* go1.24-doc-1.24.3-150000.1.23.1
* go1.24-1.24.3-150000.1.23.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
x86_64)
* go1.24-race-1.24.3-150000.1.23.1
* go1.24-doc-1.24.3-150000.1.23.1
* go1.24-1.24.3-150000.1.23.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
x86_64)
* go1.24-race-1.24.3-150000.1.23.1
* go1.24-doc-1.24.3-150000.1.23.1
* go1.24-1.24.3-150000.1.23.1
* SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
* go1.24-race-1.24.3-150000.1.23.1
* go1.24-doc-1.24.3-150000.1.23.1
* go1.24-1.24.3-150000.1.23.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* go1.24-race-1.24.3-150000.1.23.1
* go1.24-doc-1.24.3-150000.1.23.1
* go1.24-1.24.3-150000.1.23.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* go1.24-race-1.24.3-150000.1.23.1
* go1.24-doc-1.24.3-150000.1.23.1
* go1.24-1.24.3-150000.1.23.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
* go1.24-race-1.24.3-150000.1.23.1
* go1.24-doc-1.24.3-150000.1.23.1
* go1.24-1.24.3-150000.1.23.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* go1.24-race-1.24.3-150000.1.23.1
* go1.24-doc-1.24.3-150000.1.23.1
* go1.24-1.24.3-150000.1.23.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* go1.24-race-1.24.3-150000.1.23.1
* go1.24-doc-1.24.3-150000.1.23.1
* go1.24-1.24.3-150000.1.23.1
* SUSE Enterprise Storage 7.1 (aarch64 x86_64)
* go1.24-race-1.24.3-150000.1.23.1
* go1.24-doc-1.24.3-150000.1.23.1
* go1.24-1.24.3-150000.1.23.1

## References:

* https://www.suse.com/security/cve/CVE-2025-22873.html
* https://bugzilla.suse.com/show_bug.cgi?id=1236217
* https://bugzilla.suse.com/show_bug.cgi?id=1242715


Cloud-Init, Kernel, 389-DS-Base, and more updates for Oracle Linux

Spidermonkey, FreeType, Atop, Node.js, and Tracker Miners updates for Gentoo

Windows

Linux

macOS

Community

  • Artsyl
    May 28, 2025 – Ontario, Canada — Artsyl Technologies, a ...
  • Artsyl
    Artsyl Technologies has announced the latest version of ...
  • Artsyl
    ONTARIO, CANADA – May 13, 2025 — Artsyl Technologies, a ...