Several security updates have been released by SUSE Linux, including an important update for Xen and a maintenance update for Multi-Linux Manager 4.3 LTS. Also, multiple moderate-level security updates for various packages are available, including Xen, kernel-devel, libluajit-5_1-2, Grafana, python-authlib, ImageMagick, and fetchmail.

SUSE-SU-2025:3827-1: important: Maintenance update for Multi-Linux Manager 4.3 LTS Release Notes Release Notes
openSUSE-SU-2025:15673-1: moderate: xen-4.20.1_06-1.1 on GA media
openSUSE-SU-2025:15671-1: moderate: kernel-devel-6.17.5-1.1 on GA media
openSUSE-SU-2025:15672-1: moderate: libluajit-5_1-2-2.1.20250826-1.1 on GA media
openSUSE-SU-2025:15669-1: moderate: grafana-11.6.7-1.1 on GA media
SUSE-SU-2025:3842-1: moderate: Security update for python-Authlib
SUSE-SU-2025:3843-1: important: Security update for xen
SUSE-SU-2025:3844-1: moderate: Security update for ImageMagick
SUSE-SU-2025:3845-1: moderate: Security update for fetchmail

SUSE-SU-2025:3827-1: important: Maintenance update for Multi-Linux Manager 4.3 LTS Release Notes Release Notes

# Maintenance update for Multi-Linux Manager 4.3 LTS Release Notes Release Notes

Announcement ID: SUSE-SU-2025:3827-1
Release Date: 2025-10-28T07:26:58Z
Rating: important
References:

* bsc#1227577
* bsc#1246277
* bsc#1246439
* bsc#1248252
* jsc#MSQA-1026

Cross-References:

* CVE-2025-53192
* CVE-2025-53880
* CVE-2025-53883

CVSS scores:

* CVE-2025-53192 ( SUSE ): 8.6
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-53192 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L
* CVE-2025-53192 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-53880 ( SUSE ): 8.7
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-53880 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* openSUSE Leap 15.4
* SUSE Manager Proxy 4.3
* SUSE Manager Proxy 4.3 LTS
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Retail Branch Server 4.3 LTS
* SUSE Manager Server 4.3
* SUSE Manager Server 4.3 LTS

An update that solves three vulnerabilities, contains one feature and has one
security fix can now be installed.

## Security update 4.3.16.1 for SUSE Manager Proxy and Retail Branch Release
Notes

### Description:

This update fixes the following issues:

release-notes-susemanager-proxy:

* Update to SUSE Manager 4.3.16.1
* CVEs Fixed: CVE-2025-53883
* Bugs mentioned: bsc#1246277, bsc#1227577

## Security update 4.3.16.1 for SUSE Manager Server Release Notes

### Description:

This update fixes the following issues:

release-notes-susemanager:

* Update to SUSE Manager 4.3.16.1
* CVEs Fixed: CVE-2025-53883, CVE-2025-53880, CVE-2025-53192
* Bugs mentioned: bsc#1246439, bsc#1246277, bsc#1248252

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2025-3827=1

* SUSE Manager Proxy 4.3 LTS
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-LTS-2025-3827=1

* SUSE Manager Retail Branch Server 4.3 LTS
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-LTS-2025-3827=1

* SUSE Manager Server 4.3 LTS
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-LTS-2025-3827=1

## Package List:

* openSUSE Leap 15.4 (noarch)
* release-notes-susemanager-proxy-4.3.16.1-150400.3.101.2
* release-notes-susemanager-4.3.16.1-150400.3.143.2
* SUSE Manager Proxy 4.3 LTS (noarch)
* release-notes-susemanager-proxy-4.3.16.1-150400.3.101.2
* SUSE Manager Retail Branch Server 4.3 LTS (noarch)
* release-notes-susemanager-proxy-4.3.16.1-150400.3.101.2
* SUSE Manager Server 4.3 LTS (noarch)
* release-notes-susemanager-4.3.16.1-150400.3.143.2

## References:

* https://www.suse.com/security/cve/CVE-2025-53192.html
* https://www.suse.com/security/cve/CVE-2025-53880.html
* https://www.suse.com/security/cve/CVE-2025-53883.html
* https://bugzilla.suse.com/show_bug.cgi?id=1227577
* https://bugzilla.suse.com/show_bug.cgi?id=1246277
* https://bugzilla.suse.com/show_bug.cgi?id=1246439
* https://bugzilla.suse.com/show_bug.cgi?id=1248252
* https://jira.suse.com/browse/MSQA-1026

openSUSE-SU-2025:15673-1: moderate: xen-4.20.1_06-1.1 on GA media

# xen-4.20.1_06-1.1 on GA media

Announcement ID: openSUSE-SU-2025:15673-1
Rating: moderate

Cross-References:

* CVE-2025-58147

CVSS scores:

* CVE-2025-58147 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the xen-4.20.1_06-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* xen 4.20.1_06-1.1
* xen-devel 4.20.1_06-1.1
* xen-doc-html 4.20.1_06-1.1
* xen-libs 4.20.1_06-1.1
* xen-tools 4.20.1_06-1.1
* xen-tools-domU 4.20.1_06-1.1
* xen-tools-xendomains-wait-disk 4.20.1_06-1.1

## References:

* https://www.suse.com/security/cve/CVE-2025-58147.html

openSUSE-SU-2025:15671-1: moderate: kernel-devel-6.17.5-1.1 on GA media

# kernel-devel-6.17.5-1.1 on GA media

Announcement ID: openSUSE-SU-2025:15671-1
Rating: moderate

Cross-References:

* CVE-2025-39991
* CVE-2025-39992
* CVE-2025-39993
* CVE-2025-39994
* CVE-2025-39995
* CVE-2025-39996
* CVE-2025-39997
* CVE-2025-39998
* CVE-2025-39999
* CVE-2025-40000
* CVE-2025-40001
* CVE-2025-40002
* CVE-2025-40003
* CVE-2025-40004
* CVE-2025-40013
* CVE-2025-40015
* CVE-2025-40016
* CVE-2025-40017

CVSS scores:

* CVE-2025-39991 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-39992 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-39993 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-39994 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-39995 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-39996 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-39997 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-39998 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
* CVE-2025-39998 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2025-39999 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-40000 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-40001 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H
* CVE-2025-40001 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2025-40002 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H
* CVE-2025-40002 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2025-40003 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H
* CVE-2025-40003 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2025-40004 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
* CVE-2025-40004 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2025-40013 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-40013 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-40015 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-40015 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-40016 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-40016 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-40017 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-40017 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves 18 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the kernel-devel-6.17.5-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* kernel-devel 6.17.5-1.1
* kernel-macros 6.17.5-1.1
* kernel-source 6.17.5-1.1
* kernel-source-vanilla 6.17.5-1.1

## References:

* https://www.suse.com/security/cve/CVE-2025-39991.html
* https://www.suse.com/security/cve/CVE-2025-39992.html
* https://www.suse.com/security/cve/CVE-2025-39993.html
* https://www.suse.com/security/cve/CVE-2025-39994.html
* https://www.suse.com/security/cve/CVE-2025-39995.html
* https://www.suse.com/security/cve/CVE-2025-39996.html
* https://www.suse.com/security/cve/CVE-2025-39997.html
* https://www.suse.com/security/cve/CVE-2025-39998.html
* https://www.suse.com/security/cve/CVE-2025-39999.html
* https://www.suse.com/security/cve/CVE-2025-40000.html
* https://www.suse.com/security/cve/CVE-2025-40001.html
* https://www.suse.com/security/cve/CVE-2025-40002.html
* https://www.suse.com/security/cve/CVE-2025-40003.html
* https://www.suse.com/security/cve/CVE-2025-40004.html
* https://www.suse.com/security/cve/CVE-2025-40013.html
* https://www.suse.com/security/cve/CVE-2025-40015.html
* https://www.suse.com/security/cve/CVE-2025-40016.html
* https://www.suse.com/security/cve/CVE-2025-40017.html

openSUSE-SU-2025:15672-1: moderate: libluajit-5_1-2-2.1.20250826-1.1 on GA media

# libluajit-5_1-2-2.1.20250826-1.1 on GA media

Announcement ID: openSUSE-SU-2025:15672-1
Rating: moderate

Cross-References:

* CVE-2019-19391

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the libluajit-5_1-2-2.1.20250826-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* libluajit-5_1-2 2.1.20250826-1.1
* libluajit-5_1-2-32bit 2.1.20250826-1.1
* luajit 2.1.20250826-1.1
* luajit-devel 2.1.20250826-1.1

## References:

* https://www.suse.com/security/cve/CVE-2019-19391.html

openSUSE-SU-2025:15669-1: moderate: grafana-11.6.7-1.1 on GA media

# grafana-11.6.7-1.1 on GA media

Announcement ID: openSUSE-SU-2025:15669-1
Rating: moderate

Cross-References:

* CVE-2025-47911
* CVE-2025-58190

CVSS scores:

* CVE-2025-47911 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-47911 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-58190 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-58190 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves 2 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the grafana-11.6.7-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* grafana 11.6.7-1.1

## References:

* https://www.suse.com/security/cve/CVE-2025-47911.html
* https://www.suse.com/security/cve/CVE-2025-58190.html

SUSE-SU-2025:3842-1: moderate: Security update for python-Authlib

# Security update for python-Authlib

Announcement ID: SUSE-SU-2025:3842-1
Release Date: 2025-10-28T16:39:46Z
Rating: moderate
References:

* bsc#1252504

Cross-References:

* CVE-2025-62706

CVSS scores:

* CVE-2025-62706 ( SUSE ): 6.0
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-62706 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-62706 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.6
* Python 3 Module 15-SP6
* Python 3 Module 15-SP7
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7

An update that solves one vulnerability can now be installed.

## Description:

This update for python-Authlib fixes the following issues:

* CVE-2025-62706: fixed a denial of service condition (bsc#1252504,
gh#authlib/authlib@e0863d512931)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2025-3842=1 openSUSE-SLE-15.6-2025-3842=1

* Python 3 Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2025-3842=1

* Python 3 Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Python3-15-SP7-2025-3842=1

## Package List:

* openSUSE Leap 15.6 (noarch)
* python311-Authlib-1.3.1-150600.3.9.1
* Python 3 Module 15-SP6 (noarch)
* python311-Authlib-1.3.1-150600.3.9.1
* Python 3 Module 15-SP7 (noarch)
* python311-Authlib-1.3.1-150600.3.9.1

## References:

* https://www.suse.com/security/cve/CVE-2025-62706.html
* https://bugzilla.suse.com/show_bug.cgi?id=1252504

SUSE-SU-2025:3843-1: important: Security update for xen

# Security update for xen

Announcement ID: SUSE-SU-2025:3843-1
Release Date: 2025-10-28T16:40:50Z
Rating: important
References:

* bsc#1248807
* bsc#1251271

Cross-References:

* CVE-2025-27466
* CVE-2025-58142
* CVE-2025-58143
* CVE-2025-58147
* CVE-2025-58148

CVSS scores:

* CVE-2025-27466 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
* CVE-2025-27466 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-58142 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
* CVE-2025-58142 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-58143 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-58143 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-58147 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H
* CVE-2025-58148 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H

Affected Products:

* openSUSE Leap 15.4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Manager Proxy 4.3
* SUSE Manager Proxy 4.3 LTS
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Retail Branch Server 4.3 LTS
* SUSE Manager Server 4.3
* SUSE Manager Server 4.3 LTS

An update that solves five vulnerabilities can now be installed.

## Description:

This update for xen fixes the following issues:

* CVE-2025-58147, CVE-2025-58148: Fixed incorrect input sanitisation in
Viridian hypercalls (bsc#1251271, XSA-475)
* CVE-2025-27466, CVE-2025-58142, CVE-2025-58143: Fixed mutiple
vulnerabilities in the Viridian interface (bsc#1248807, XSA-472)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2025-3843=1

* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2025-3843=1

* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2025-3843=1

* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2025-3843=1

* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2025-3843=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-3843=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-3843=1

* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-3843=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-3843=1

* SUSE Manager Proxy 4.3 LTS
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-LTS-2025-3843=1

* SUSE Manager Retail Branch Server 4.3 LTS
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-LTS-2025-3843=1

* SUSE Manager Server 4.3 LTS
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-LTS-2025-3843=1

## Package List:

* openSUSE Leap 15.4 (aarch64 x86_64 i586)
* xen-libs-4.16.7_04-150400.4.75.1
* xen-devel-4.16.7_04-150400.4.75.1
* xen-tools-domU-4.16.7_04-150400.4.75.1
* xen-tools-domU-debuginfo-4.16.7_04-150400.4.75.1
* xen-libs-debuginfo-4.16.7_04-150400.4.75.1
* xen-debugsource-4.16.7_04-150400.4.75.1
* openSUSE Leap 15.4 (x86_64)
* xen-libs-32bit-4.16.7_04-150400.4.75.1
* xen-libs-32bit-debuginfo-4.16.7_04-150400.4.75.1
* openSUSE Leap 15.4 (aarch64 x86_64)
* xen-doc-html-4.16.7_04-150400.4.75.1
* xen-4.16.7_04-150400.4.75.1
* xen-tools-debuginfo-4.16.7_04-150400.4.75.1
* xen-tools-4.16.7_04-150400.4.75.1
* openSUSE Leap 15.4 (noarch)
* xen-tools-xendomains-wait-disk-4.16.7_04-150400.4.75.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* xen-libs-64bit-debuginfo-4.16.7_04-150400.4.75.1
* xen-libs-64bit-4.16.7_04-150400.4.75.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64)
* xen-debugsource-4.16.7_04-150400.4.75.1
* xen-libs-debuginfo-4.16.7_04-150400.4.75.1
* xen-libs-4.16.7_04-150400.4.75.1
* SUSE Linux Enterprise Micro 5.3 (x86_64)
* xen-debugsource-4.16.7_04-150400.4.75.1
* xen-libs-debuginfo-4.16.7_04-150400.4.75.1
* xen-libs-4.16.7_04-150400.4.75.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64)
* xen-debugsource-4.16.7_04-150400.4.75.1
* xen-libs-debuginfo-4.16.7_04-150400.4.75.1
* xen-libs-4.16.7_04-150400.4.75.1
* SUSE Linux Enterprise Micro 5.4 (x86_64)
* xen-debugsource-4.16.7_04-150400.4.75.1
* xen-libs-debuginfo-4.16.7_04-150400.4.75.1
* xen-libs-4.16.7_04-150400.4.75.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64)
* xen-4.16.7_04-150400.4.75.1
* xen-libs-4.16.7_04-150400.4.75.1
* xen-devel-4.16.7_04-150400.4.75.1
* xen-tools-domU-4.16.7_04-150400.4.75.1
* xen-tools-domU-debuginfo-4.16.7_04-150400.4.75.1
* xen-libs-debuginfo-4.16.7_04-150400.4.75.1
* xen-tools-debuginfo-4.16.7_04-150400.4.75.1
* xen-debugsource-4.16.7_04-150400.4.75.1
* xen-tools-4.16.7_04-150400.4.75.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
* xen-tools-xendomains-wait-disk-4.16.7_04-150400.4.75.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64)
* xen-4.16.7_04-150400.4.75.1
* xen-libs-4.16.7_04-150400.4.75.1
* xen-devel-4.16.7_04-150400.4.75.1
* xen-tools-domU-4.16.7_04-150400.4.75.1
* xen-tools-domU-debuginfo-4.16.7_04-150400.4.75.1
* xen-libs-debuginfo-4.16.7_04-150400.4.75.1
* xen-tools-debuginfo-4.16.7_04-150400.4.75.1
* xen-debugsource-4.16.7_04-150400.4.75.1
* xen-tools-4.16.7_04-150400.4.75.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
* xen-tools-xendomains-wait-disk-4.16.7_04-150400.4.75.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64)
* xen-4.16.7_04-150400.4.75.1
* xen-libs-4.16.7_04-150400.4.75.1
* xen-devel-4.16.7_04-150400.4.75.1
* xen-tools-domU-4.16.7_04-150400.4.75.1
* xen-tools-domU-debuginfo-4.16.7_04-150400.4.75.1
* xen-libs-debuginfo-4.16.7_04-150400.4.75.1
* xen-tools-debuginfo-4.16.7_04-150400.4.75.1
* xen-debugsource-4.16.7_04-150400.4.75.1
* xen-tools-4.16.7_04-150400.4.75.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
* xen-tools-xendomains-wait-disk-4.16.7_04-150400.4.75.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
* xen-4.16.7_04-150400.4.75.1
* xen-libs-4.16.7_04-150400.4.75.1
* xen-devel-4.16.7_04-150400.4.75.1
* xen-tools-domU-4.16.7_04-150400.4.75.1
* xen-tools-domU-debuginfo-4.16.7_04-150400.4.75.1
* xen-libs-debuginfo-4.16.7_04-150400.4.75.1
* xen-tools-debuginfo-4.16.7_04-150400.4.75.1
* xen-debugsource-4.16.7_04-150400.4.75.1
* xen-tools-4.16.7_04-150400.4.75.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
* xen-tools-xendomains-wait-disk-4.16.7_04-150400.4.75.1
* SUSE Manager Proxy 4.3 LTS (x86_64)
* xen-4.16.7_04-150400.4.75.1
* xen-libs-4.16.7_04-150400.4.75.1
* xen-devel-4.16.7_04-150400.4.75.1
* xen-tools-domU-4.16.7_04-150400.4.75.1
* xen-tools-domU-debuginfo-4.16.7_04-150400.4.75.1
* xen-libs-debuginfo-4.16.7_04-150400.4.75.1
* xen-tools-debuginfo-4.16.7_04-150400.4.75.1
* xen-debugsource-4.16.7_04-150400.4.75.1
* xen-tools-4.16.7_04-150400.4.75.1
* SUSE Manager Proxy 4.3 LTS (noarch)
* xen-tools-xendomains-wait-disk-4.16.7_04-150400.4.75.1
* SUSE Manager Retail Branch Server 4.3 LTS (x86_64)
* xen-4.16.7_04-150400.4.75.1
* xen-libs-4.16.7_04-150400.4.75.1
* xen-devel-4.16.7_04-150400.4.75.1
* xen-tools-domU-4.16.7_04-150400.4.75.1
* xen-tools-domU-debuginfo-4.16.7_04-150400.4.75.1
* xen-libs-debuginfo-4.16.7_04-150400.4.75.1
* xen-tools-debuginfo-4.16.7_04-150400.4.75.1
* xen-debugsource-4.16.7_04-150400.4.75.1
* xen-tools-4.16.7_04-150400.4.75.1
* SUSE Manager Retail Branch Server 4.3 LTS (noarch)
* xen-tools-xendomains-wait-disk-4.16.7_04-150400.4.75.1
* SUSE Manager Server 4.3 LTS (x86_64)
* xen-4.16.7_04-150400.4.75.1
* xen-libs-4.16.7_04-150400.4.75.1
* xen-devel-4.16.7_04-150400.4.75.1
* xen-tools-domU-4.16.7_04-150400.4.75.1
* xen-tools-domU-debuginfo-4.16.7_04-150400.4.75.1
* xen-libs-debuginfo-4.16.7_04-150400.4.75.1
* xen-tools-debuginfo-4.16.7_04-150400.4.75.1
* xen-debugsource-4.16.7_04-150400.4.75.1
* xen-tools-4.16.7_04-150400.4.75.1
* SUSE Manager Server 4.3 LTS (noarch)
* xen-tools-xendomains-wait-disk-4.16.7_04-150400.4.75.1

## References:

* https://www.suse.com/security/cve/CVE-2025-27466.html
* https://www.suse.com/security/cve/CVE-2025-58142.html
* https://www.suse.com/security/cve/CVE-2025-58143.html
* https://www.suse.com/security/cve/CVE-2025-58147.html
* https://www.suse.com/security/cve/CVE-2025-58148.html
* https://bugzilla.suse.com/show_bug.cgi?id=1248807
* https://bugzilla.suse.com/show_bug.cgi?id=1251271

SUSE-SU-2025:3844-1: moderate: Security update for ImageMagick

# Security update for ImageMagick

Announcement ID: SUSE-SU-2025:3844-1
Release Date: 2025-10-28T16:42:05Z
Rating: moderate
References:

* bsc#1252282

Cross-References:

* CVE-2025-62171

CVSS scores:

* CVE-2025-62171 ( SUSE ): 5.7
CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-62171 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2025-62171 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-62171 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* Desktop Applications Module 15-SP6
* Development Tools Module 15-SP6
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves one vulnerability can now be installed.

## Description:

This update for ImageMagick fixes the following issues:

* CVE-2025-62171: Fixed incomplete fix for integer overflow in BMP Decoder
(bsc#1252282).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2025-3844=1 openSUSE-SLE-15.6-2025-3844=1

* Desktop Applications Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-3844=1

* Development Tools Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-3844=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* libMagickCore-7_Q16HDRI10-debuginfo-7.1.1.21-150600.3.26.1
* libMagickWand-7_Q16HDRI10-debuginfo-7.1.1.21-150600.3.26.1
* libMagickCore-7_Q16HDRI10-7.1.1.21-150600.3.26.1
* ImageMagick-config-7-upstream-limited-7.1.1.21-150600.3.26.1
* ImageMagick-devel-7.1.1.21-150600.3.26.1
* perl-PerlMagick-debuginfo-7.1.1.21-150600.3.26.1
* ImageMagick-config-7-upstream-secure-7.1.1.21-150600.3.26.1
* ImageMagick-extra-7.1.1.21-150600.3.26.1
* ImageMagick-7.1.1.21-150600.3.26.1
* libMagick++-7_Q16HDRI5-7.1.1.21-150600.3.26.1
* libMagick++-7_Q16HDRI5-debuginfo-7.1.1.21-150600.3.26.1
* libMagick++-devel-7.1.1.21-150600.3.26.1
* ImageMagick-debugsource-7.1.1.21-150600.3.26.1
* ImageMagick-config-7-upstream-websafe-7.1.1.21-150600.3.26.1
* ImageMagick-extra-debuginfo-7.1.1.21-150600.3.26.1
* perl-PerlMagick-7.1.1.21-150600.3.26.1
* libMagickWand-7_Q16HDRI10-7.1.1.21-150600.3.26.1
* ImageMagick-config-7-upstream-open-7.1.1.21-150600.3.26.1
* ImageMagick-config-7-SUSE-7.1.1.21-150600.3.26.1
* ImageMagick-debuginfo-7.1.1.21-150600.3.26.1
* openSUSE Leap 15.6 (x86_64)
* ImageMagick-devel-32bit-7.1.1.21-150600.3.26.1
* libMagick++-7_Q16HDRI5-32bit-debuginfo-7.1.1.21-150600.3.26.1
* libMagickWand-7_Q16HDRI10-32bit-7.1.1.21-150600.3.26.1
* libMagickWand-7_Q16HDRI10-32bit-debuginfo-7.1.1.21-150600.3.26.1
* libMagickCore-7_Q16HDRI10-32bit-7.1.1.21-150600.3.26.1
* libMagick++-7_Q16HDRI5-32bit-7.1.1.21-150600.3.26.1
* libMagickCore-7_Q16HDRI10-32bit-debuginfo-7.1.1.21-150600.3.26.1
* libMagick++-devel-32bit-7.1.1.21-150600.3.26.1
* openSUSE Leap 15.6 (noarch)
* ImageMagick-doc-7.1.1.21-150600.3.26.1
* openSUSE Leap 15.6 (aarch64_ilp32)
* libMagickCore-7_Q16HDRI10-64bit-7.1.1.21-150600.3.26.1
* libMagickWand-7_Q16HDRI10-64bit-debuginfo-7.1.1.21-150600.3.26.1
* libMagick++-7_Q16HDRI5-64bit-debuginfo-7.1.1.21-150600.3.26.1
* libMagickCore-7_Q16HDRI10-64bit-debuginfo-7.1.1.21-150600.3.26.1
* libMagickWand-7_Q16HDRI10-64bit-7.1.1.21-150600.3.26.1
* libMagick++-7_Q16HDRI5-64bit-7.1.1.21-150600.3.26.1
* libMagick++-devel-64bit-7.1.1.21-150600.3.26.1
* ImageMagick-devel-64bit-7.1.1.21-150600.3.26.1
* Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* libMagickCore-7_Q16HDRI10-debuginfo-7.1.1.21-150600.3.26.1
* libMagickWand-7_Q16HDRI10-debuginfo-7.1.1.21-150600.3.26.1
* libMagickCore-7_Q16HDRI10-7.1.1.21-150600.3.26.1
* ImageMagick-config-7-upstream-limited-7.1.1.21-150600.3.26.1
* ImageMagick-devel-7.1.1.21-150600.3.26.1
* ImageMagick-config-7-upstream-secure-7.1.1.21-150600.3.26.1
* ImageMagick-7.1.1.21-150600.3.26.1
* libMagick++-7_Q16HDRI5-7.1.1.21-150600.3.26.1
* libMagick++-7_Q16HDRI5-debuginfo-7.1.1.21-150600.3.26.1
* libMagick++-devel-7.1.1.21-150600.3.26.1
* ImageMagick-debugsource-7.1.1.21-150600.3.26.1
* ImageMagick-config-7-upstream-websafe-7.1.1.21-150600.3.26.1
* libMagickWand-7_Q16HDRI10-7.1.1.21-150600.3.26.1
* ImageMagick-config-7-upstream-open-7.1.1.21-150600.3.26.1
* ImageMagick-config-7-SUSE-7.1.1.21-150600.3.26.1
* ImageMagick-debuginfo-7.1.1.21-150600.3.26.1
* Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* perl-PerlMagick-7.1.1.21-150600.3.26.1
* ImageMagick-debugsource-7.1.1.21-150600.3.26.1
* ImageMagick-debuginfo-7.1.1.21-150600.3.26.1
* perl-PerlMagick-debuginfo-7.1.1.21-150600.3.26.1

## References:

* https://www.suse.com/security/cve/CVE-2025-62171.html
* https://bugzilla.suse.com/show_bug.cgi?id=1252282

SUSE-SU-2025:3845-1: moderate: Security update for fetchmail

# Security update for fetchmail

Announcement ID: SUSE-SU-2025:3845-1
Release Date: 2025-10-28T16:43:04Z
Rating: moderate
References:

* bsc#1251194

Cross-References:

* CVE-2025-61962

CVSS scores:

* CVE-2025-61962 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-61962 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* Basesystem Module 15-SP6
* Basesystem Module 15-SP7
* Desktop Applications Module 15-SP6
* Desktop Applications Module 15-SP7
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7

An update that solves one vulnerability can now be installed.

## Description:

This update for fetchmail fixes the following issues:

* CVE-2025-61962: fixed a denial of service condition (bsc#1251194)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2025-3845=1 openSUSE-SLE-15.6-2025-3845=1

* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-3845=1

* Basesystem Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-3845=1

* Desktop Applications Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-3845=1

* Desktop Applications Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP7-2025-3845=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* fetchmail-debugsource-6.4.22-150600.35.3.1
* fetchmail-debuginfo-6.4.22-150600.35.3.1
* fetchmailconf-6.4.22-150600.35.3.1
* fetchmail-6.4.22-150600.35.3.1
* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* fetchmail-debugsource-6.4.22-150600.35.3.1
* fetchmail-debuginfo-6.4.22-150600.35.3.1
* fetchmail-6.4.22-150600.35.3.1
* Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* fetchmail-debugsource-6.4.22-150600.35.3.1
* fetchmail-debuginfo-6.4.22-150600.35.3.1
* fetchmail-6.4.22-150600.35.3.1
* Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* fetchmail-debugsource-6.4.22-150600.35.3.1
* fetchmail-debuginfo-6.4.22-150600.35.3.1
* fetchmailconf-6.4.22-150600.35.3.1
* Desktop Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* fetchmail-debugsource-6.4.22-150600.35.3.1
* fetchmail-debuginfo-6.4.22-150600.35.3.1
* fetchmailconf-6.4.22-150600.35.3.1

## References:

* https://www.suse.com/security/cve/CVE-2025-61962.html
* https://bugzilla.suse.com/show_bug.cgi?id=1251194