Xen. NSS, Erlang, and more updates for SUSE

SUSE 5476 Published by

SUSE Linux has released several security updates to address vulnerabilities. The updates include important fixes for Xen, Mozilla NSS, and Erlang, as well as moderate patches for ImageMagick, govulncheck-vulndb, exim, wireshark, and rabbitmq-server.

SUSE-SU-2025:3798-1: important: Security update for xen
SUSE-SU-2025:3796-1: moderate: Security update for ImageMagick
SUSE-SU-2025:3797-1: important: Security update for xen
SUSE-SU-2025:3799-1: moderate: Security update for govulncheck-vulndb
SUSE-SU-2025:3804-1: important: Security update for mozilla-nss
openSUSE-SU-2025:0409-1: moderate: Security update for exim
openSUSE-SU-2025:0408-1: moderate: Security update for exim
SUSE-SU-2025:3810-1: important: Security update for ffmpeg-4
SUSE-SU-2025:3812-1: low: Security update for cmake
SUSE-SU-2025:3811-1: moderate: Security update for wireshark
SUSE-SU-2025:3807-1: important: Security update for erlang
SUSE-SU-2025:3809-1: moderate: Security update for rabbitmq-server




SUSE-SU-2025:3798-1: important: Security update for xen


# Security update for xen

Announcement ID: SUSE-SU-2025:3798-1
Release Date: 2025-10-27T07:58:18Z
Rating: important
References:

* bsc#1027519
* bsc#1248807
* bsc#1251271

Cross-References:

* CVE-2025-27466
* CVE-2025-58142
* CVE-2025-58143
* CVE-2025-58147
* CVE-2025-58148

CVSS scores:

* CVE-2025-27466 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
* CVE-2025-27466 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-58142 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
* CVE-2025-58142 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-58143 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-58143 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-58147 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H
* CVE-2025-58148 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H

Affected Products:

* Basesystem Module 15-SP6
* openSUSE Leap 15.6
* Server Applications Module 15-SP6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves five vulnerabilities can now be installed.

## Description:

This update for xen fixes the following issues:

* CVE-2025-58147, CVE-2025-58148: Fixed incorrect input sanitisation in
Viridian hypercalls (bsc#1251271, XSA-475)
* CVE-2025-27466, CVE-2025-58142, CVE-2025-58143: Fixed mutiple
vulnerabilities in the Viridian interface (bsc#1248807, XSA-472)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2025-3798=1 openSUSE-SLE-15.6-2025-3798=1

* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-3798=1

* Server Applications Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-3798=1

## Package List:

* openSUSE Leap 15.6 (aarch64 x86_64 i586)
* xen-devel-4.18.5_06-150600.3.31.2
* xen-libs-debuginfo-4.18.5_06-150600.3.31.2
* xen-tools-domU-4.18.5_06-150600.3.31.2
* xen-debugsource-4.18.5_06-150600.3.31.2
* xen-tools-domU-debuginfo-4.18.5_06-150600.3.31.2
* xen-libs-4.18.5_06-150600.3.31.2
* openSUSE Leap 15.6 (x86_64)
* xen-libs-32bit-debuginfo-4.18.5_06-150600.3.31.2
* xen-libs-32bit-4.18.5_06-150600.3.31.2
* openSUSE Leap 15.6 (aarch64 x86_64)
* xen-tools-debuginfo-4.18.5_06-150600.3.31.2
* xen-tools-4.18.5_06-150600.3.31.2
* xen-4.18.5_06-150600.3.31.2
* xen-doc-html-4.18.5_06-150600.3.31.2
* openSUSE Leap 15.6 (noarch)
* xen-tools-xendomains-wait-disk-4.18.5_06-150600.3.31.2
* openSUSE Leap 15.6 (aarch64_ilp32)
* xen-libs-64bit-debuginfo-4.18.5_06-150600.3.31.2
* xen-libs-64bit-4.18.5_06-150600.3.31.2
* Basesystem Module 15-SP6 (x86_64)
* xen-libs-debuginfo-4.18.5_06-150600.3.31.2
* xen-tools-domU-4.18.5_06-150600.3.31.2
* xen-debugsource-4.18.5_06-150600.3.31.2
* xen-tools-domU-debuginfo-4.18.5_06-150600.3.31.2
* xen-libs-4.18.5_06-150600.3.31.2
* Server Applications Module 15-SP6 (x86_64)
* xen-tools-debuginfo-4.18.5_06-150600.3.31.2
* xen-devel-4.18.5_06-150600.3.31.2
* xen-tools-4.18.5_06-150600.3.31.2
* xen-debugsource-4.18.5_06-150600.3.31.2
* xen-4.18.5_06-150600.3.31.2
* Server Applications Module 15-SP6 (noarch)
* xen-tools-xendomains-wait-disk-4.18.5_06-150600.3.31.2

## References:

* https://www.suse.com/security/cve/CVE-2025-27466.html
* https://www.suse.com/security/cve/CVE-2025-58142.html
* https://www.suse.com/security/cve/CVE-2025-58143.html
* https://www.suse.com/security/cve/CVE-2025-58147.html
* https://www.suse.com/security/cve/CVE-2025-58148.html
* https://bugzilla.suse.com/show_bug.cgi?id=1027519
* https://bugzilla.suse.com/show_bug.cgi?id=1248807
* https://bugzilla.suse.com/show_bug.cgi?id=1251271



SUSE-SU-2025:3796-1: moderate: Security update for ImageMagick


# Security update for ImageMagick

Announcement ID: SUSE-SU-2025:3796-1
Release Date: 2025-10-27T07:58:00Z
Rating: moderate
References:

* bsc#1252282

Cross-References:

* CVE-2025-62171

CVSS scores:

* CVE-2025-62171 ( SUSE ): 5.7
CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-62171 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2025-62171 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-62171 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* Desktop Applications Module 15-SP6
* Desktop Applications Module 15-SP7
* openSUSE Leap 15.4
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7

An update that solves one vulnerability can now be installed.

## Description:

This update for ImageMagick fixes the following issues:

* CVE-2025-62171: Fixed incomplete fix for integer overflow in BMP Decoder
(bsc#1252282).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2025-3796=1

* Desktop Applications Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-3796=1

* Desktop Applications Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP7-2025-3796=1

## Package List:

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* perl-PerlMagick-7.1.0.9-150400.6.46.1
* libMagick++-devel-7.1.0.9-150400.6.46.1
* ImageMagick-extra-7.1.0.9-150400.6.46.1
* ImageMagick-config-7-upstream-7.1.0.9-150400.6.46.1
* ImageMagick-debugsource-7.1.0.9-150400.6.46.1
* ImageMagick-config-7-SUSE-7.1.0.9-150400.6.46.1
* ImageMagick-debuginfo-7.1.0.9-150400.6.46.1
* ImageMagick-extra-debuginfo-7.1.0.9-150400.6.46.1
* libMagickCore-7_Q16HDRI10-7.1.0.9-150400.6.46.1
* libMagickCore-7_Q16HDRI10-debuginfo-7.1.0.9-150400.6.46.1
* libMagickWand-7_Q16HDRI10-7.1.0.9-150400.6.46.1
* perl-PerlMagick-debuginfo-7.1.0.9-150400.6.46.1
* ImageMagick-devel-7.1.0.9-150400.6.46.1
* ImageMagick-7.1.0.9-150400.6.46.1
* libMagickWand-7_Q16HDRI10-debuginfo-7.1.0.9-150400.6.46.1
* libMagick++-7_Q16HDRI5-7.1.0.9-150400.6.46.1
* libMagick++-7_Q16HDRI5-debuginfo-7.1.0.9-150400.6.46.1
* openSUSE Leap 15.4 (x86_64)
* libMagick++-7_Q16HDRI5-32bit-debuginfo-7.1.0.9-150400.6.46.1
* libMagick++-devel-32bit-7.1.0.9-150400.6.46.1
* libMagickCore-7_Q16HDRI10-32bit-debuginfo-7.1.0.9-150400.6.46.1
* ImageMagick-devel-32bit-7.1.0.9-150400.6.46.1
* libMagickCore-7_Q16HDRI10-32bit-7.1.0.9-150400.6.46.1
* libMagickWand-7_Q16HDRI10-32bit-debuginfo-7.1.0.9-150400.6.46.1
* libMagick++-7_Q16HDRI5-32bit-7.1.0.9-150400.6.46.1
* libMagickWand-7_Q16HDRI10-32bit-7.1.0.9-150400.6.46.1
* openSUSE Leap 15.4 (noarch)
* ImageMagick-doc-7.1.0.9-150400.6.46.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* libMagickWand-7_Q16HDRI10-64bit-7.1.0.9-150400.6.46.1
* libMagickCore-7_Q16HDRI10-64bit-debuginfo-7.1.0.9-150400.6.46.1
* libMagickCore-7_Q16HDRI10-64bit-7.1.0.9-150400.6.46.1
* ImageMagick-devel-64bit-7.1.0.9-150400.6.46.1
* libMagickWand-7_Q16HDRI10-64bit-debuginfo-7.1.0.9-150400.6.46.1
* libMagick++-7_Q16HDRI5-64bit-debuginfo-7.1.0.9-150400.6.46.1
* libMagick++-devel-64bit-7.1.0.9-150400.6.46.1
* libMagick++-7_Q16HDRI5-64bit-7.1.0.9-150400.6.46.1
* Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* ImageMagick-config-7-upstream-7.1.0.9-150400.6.46.1
* ImageMagick-debugsource-7.1.0.9-150400.6.46.1
* ImageMagick-debuginfo-7.1.0.9-150400.6.46.1
* Desktop Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* ImageMagick-config-7-upstream-7.1.0.9-150400.6.46.1
* ImageMagick-debugsource-7.1.0.9-150400.6.46.1
* ImageMagick-debuginfo-7.1.0.9-150400.6.46.1

## References:

* https://www.suse.com/security/cve/CVE-2025-62171.html
* https://bugzilla.suse.com/show_bug.cgi?id=1252282



SUSE-SU-2025:3797-1: important: Security update for xen


# Security update for xen

Announcement ID: SUSE-SU-2025:3797-1
Release Date: 2025-10-27T07:58:10Z
Rating: important
References:

* bsc#1248807
* bsc#1251271

Cross-References:

* CVE-2025-27466
* CVE-2025-58142
* CVE-2025-58143
* CVE-2025-58147
* CVE-2025-58148

CVSS scores:

* CVE-2025-27466 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
* CVE-2025-27466 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-58142 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
* CVE-2025-58142 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-58143 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-58143 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-58147 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H
* CVE-2025-58148 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H

Affected Products:

* openSUSE Leap 15.5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves five vulnerabilities can now be installed.

## Description:

This update for xen fixes the following issues:

* CVE-2025-58147, CVE-2025-58148: Fixed incorrect input sanitisation in
Viridian hypercalls (bsc#1251271, XSA-475)
* CVE-2025-27466, CVE-2025-58142, CVE-2025-58143: Fixed mutiple
vulnerabilities in the Viridian interface (bsc#1248807, XSA-472)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-3797=1

* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-3797=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-3797=1

* openSUSE Leap 15.5
zypper in -t patch SUSE-2025-3797=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2025-3797=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-3797=1

## Package List:

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64)
* xen-libs-debuginfo-4.17.5_12-150500.3.53.1
* xen-tools-4.17.5_12-150500.3.53.1
* xen-tools-domU-debuginfo-4.17.5_12-150500.3.53.1
* xen-libs-4.17.5_12-150500.3.53.1
* xen-tools-debuginfo-4.17.5_12-150500.3.53.1
* xen-devel-4.17.5_12-150500.3.53.1
* xen-tools-domU-4.17.5_12-150500.3.53.1
* xen-debugsource-4.17.5_12-150500.3.53.1
* xen-4.17.5_12-150500.3.53.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
* xen-tools-xendomains-wait-disk-4.17.5_12-150500.3.53.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64)
* xen-libs-debuginfo-4.17.5_12-150500.3.53.1
* xen-tools-4.17.5_12-150500.3.53.1
* xen-tools-domU-debuginfo-4.17.5_12-150500.3.53.1
* xen-libs-4.17.5_12-150500.3.53.1
* xen-tools-debuginfo-4.17.5_12-150500.3.53.1
* xen-devel-4.17.5_12-150500.3.53.1
* xen-tools-domU-4.17.5_12-150500.3.53.1
* xen-debugsource-4.17.5_12-150500.3.53.1
* xen-4.17.5_12-150500.3.53.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
* xen-tools-xendomains-wait-disk-4.17.5_12-150500.3.53.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64)
* xen-libs-debuginfo-4.17.5_12-150500.3.53.1
* xen-tools-4.17.5_12-150500.3.53.1
* xen-tools-domU-debuginfo-4.17.5_12-150500.3.53.1
* xen-libs-4.17.5_12-150500.3.53.1
* xen-tools-debuginfo-4.17.5_12-150500.3.53.1
* xen-devel-4.17.5_12-150500.3.53.1
* xen-tools-domU-4.17.5_12-150500.3.53.1
* xen-debugsource-4.17.5_12-150500.3.53.1
* xen-4.17.5_12-150500.3.53.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
* xen-tools-xendomains-wait-disk-4.17.5_12-150500.3.53.1
* openSUSE Leap 15.5 (aarch64 x86_64 i586)
* xen-libs-debuginfo-4.17.5_12-150500.3.53.1
* xen-tools-domU-debuginfo-4.17.5_12-150500.3.53.1
* xen-libs-4.17.5_12-150500.3.53.1
* xen-devel-4.17.5_12-150500.3.53.1
* xen-tools-domU-4.17.5_12-150500.3.53.1
* xen-debugsource-4.17.5_12-150500.3.53.1
* openSUSE Leap 15.5 (x86_64)
* xen-libs-32bit-4.17.5_12-150500.3.53.1
* xen-libs-32bit-debuginfo-4.17.5_12-150500.3.53.1
* openSUSE Leap 15.5 (aarch64 x86_64)
* xen-tools-4.17.5_12-150500.3.53.1
* xen-doc-html-4.17.5_12-150500.3.53.1
* xen-tools-debuginfo-4.17.5_12-150500.3.53.1
* xen-4.17.5_12-150500.3.53.1
* openSUSE Leap 15.5 (noarch)
* xen-tools-xendomains-wait-disk-4.17.5_12-150500.3.53.1
* openSUSE Leap 15.5 (aarch64_ilp32)
* xen-libs-64bit-debuginfo-4.17.5_12-150500.3.53.1
* xen-libs-64bit-4.17.5_12-150500.3.53.1
* SUSE Linux Enterprise Micro 5.5 (x86_64)
* xen-libs-debuginfo-4.17.5_12-150500.3.53.1
* xen-debugsource-4.17.5_12-150500.3.53.1
* xen-libs-4.17.5_12-150500.3.53.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64)
* xen-libs-debuginfo-4.17.5_12-150500.3.53.1
* xen-tools-4.17.5_12-150500.3.53.1
* xen-tools-domU-debuginfo-4.17.5_12-150500.3.53.1
* xen-libs-4.17.5_12-150500.3.53.1
* xen-tools-debuginfo-4.17.5_12-150500.3.53.1
* xen-devel-4.17.5_12-150500.3.53.1
* xen-tools-domU-4.17.5_12-150500.3.53.1
* xen-debugsource-4.17.5_12-150500.3.53.1
* xen-4.17.5_12-150500.3.53.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
* xen-tools-xendomains-wait-disk-4.17.5_12-150500.3.53.1

## References:

* https://www.suse.com/security/cve/CVE-2025-27466.html
* https://www.suse.com/security/cve/CVE-2025-58142.html
* https://www.suse.com/security/cve/CVE-2025-58143.html
* https://www.suse.com/security/cve/CVE-2025-58147.html
* https://www.suse.com/security/cve/CVE-2025-58148.html
* https://bugzilla.suse.com/show_bug.cgi?id=1248807
* https://bugzilla.suse.com/show_bug.cgi?id=1251271



SUSE-SU-2025:3799-1: moderate: Security update for govulncheck-vulndb


# Security update for govulncheck-vulndb

Announcement ID: SUSE-SU-2025:3799-1
Release Date: 2025-10-27T07:58:32Z
Rating: moderate
References:

* jsc#PED-11136

Affected Products:

* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Package Hub 15 15-SP6

An update that contains one feature can now be installed.

## Description:

This update for govulncheck-vulndb fixes the following issues:

* Update to version 0.0.20251023T162509 2025-10-23T16:25:09Z (jsc#PED-11136).

Go CVE Numbering Authority IDs added or updated with aliases: * GO-2025-3979
CVE-2025-59824 GHSA-hqrf-67pm-wgfq * GO-2025-3981 CVE-2025-59823
GHSA-227x-7mh8-3cf6 * GO-2025-3982 CVE-2025-54468 GHSA-mjcp-rj3c-36fr *
GO-2025-3983 CVE-2024-58260 GHSA-q82v-h4rq-5c86 * GO-2025-3984 CVE-2024-58267
GHSA-v3vj-5868-2ch2 * GO-2025-3985 GHSA-q6hv-wcjr-wp8h * GO-2025-3986
CVE-2025-59163 GHSA-6q9c-m9fr-865m * GO-2025-3989 CVE-2025-59941
GHSA-7pq9-rf9p-wcrf * GO-2025-3990 CVE-2025-59942 GHSA-g99p-47x7-mq88 *
GO-2025-3991 CVE-2025-59956 GHSA-w64r-2g3w-w8w4 * GO-2025-3992 CVE-2025-23266
GHSA-vmg3-7v43-9g23 * GO-2025-3993 CVE-2025-59531 GHSA-f9gq-prrc-hrhc *
GO-2025-3994 CVE-2025-55191 GHSA-g88p-r42r-ppp9 * GO-2025-3995 CVE-2025-59538
GHSA-gpx4-37g2-c8pv * GO-2025-3996 CVE-2025-59537 GHSA-wp4p-9pxh-cgx2 *
GO-2025-3997 CVE-2025-61595 GHSA-qwvm-wqq8-8j69 * GO-2025-3998 CVE-2025-23267
GHSA-67jc-hmvg-q4c7 * GO-2025-4018 CVE-2025-61926 GHSA-33f4-mjch-7fpr *
GO-2025-4019 GHSA-xc79-566c-j4qx

* Update to version 0.0.20250924T192141 2025-09-24T19:21:41Z (jsc#PED-11136).

Go CVE Numbering Authority IDs added or updated with aliases: * GO-2025-3962
CVE-2025-59341 GHSA-49pv-gwxp-532r * GO-2025-3963 CVE-2025-59348 GHSA-2qgr-gfvj-
qpcr * GO-2025-3964 CVE-2025-59349 GHSA-8425-8r2f-mrv6 * GO-2025-3965
CVE-2025-59345 GHSA-89vc-vf32-ch59 * GO-2025-3966 CVE-2025-59347
GHSA-98x5-jw98-6c97 * GO-2025-3967 CVE-2025-59342 GHSA-g2h5-cvvr-7gmw *
GO-2025-3968 CVE-2025-59346 GHSA-g2rq-jv54-wcpr * GO-2025-3969 CVE-2025-59353
GHSA-255v-qv84-29p5 * GO-2025-3970 CVE-2025-59351 GHSA-4mhv-8rh3-4ghw *
GO-2025-3971 CVE-2025-59352 GHSA-79hx-3fp8-hj66 * GO-2025-3972 CVE-2025-59350
GHSA-c2fc-9q9c-5486 * GO-2025-3973 CVE-2025-59354 GHSA-hx2h-vjw2-8r54 *
GO-2025-3974 CVE-2025-59410 GHSA-mcvp-rpgg-9273 * GO-2025-3976 CVE-2025-10630
GHSA-g4rr-88fc-26fj * GO-2025-3977 CVE-2025-9079 GHSA-qx3f-6vq3-8j8m *
GO-2025-3978 CVE-2025-9081 GHSA-f72g-52v7-mg3p

* Update to version 0.0.20250922T204835 2025-09-22T20:48:35Z (jsc#PED-11136).

Go CVE Numbering Authority IDs added or updated with aliases: * GO-2025-3955
CVE-2025-47910 CVE-2025-47910

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Package Hub 15 15-SP6
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-3799=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2025-3799=1

## Package List:

* SUSE Package Hub 15 15-SP6 (noarch)
* govulncheck-vulndb-0.0.20251023T162509-150000.1.110.1
* openSUSE Leap 15.6 (noarch)
* govulncheck-vulndb-0.0.20251023T162509-150000.1.110.1

## References:

* https://jira.suse.com/browse/PED-11136



SUSE-SU-2025:3804-1: important: Security update for mozilla-nss


# Security update for mozilla-nss

Announcement ID: SUSE-SU-2025:3804-1
Release Date: 2025-10-27T11:36:07Z
Rating: important
References:

* bsc#1251263

Cross-References:

* CVE-2025-9187

CVSS scores:

* CVE-2025-9187 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-9187 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-9187 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* Basesystem Module 15-SP6
* Basesystem Module 15-SP7
* openSUSE Leap 15.4
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7
* SUSE Manager Proxy 4.3
* SUSE Manager Proxy 4.3 LTS
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Retail Branch Server 4.3 LTS
* SUSE Manager Server 4.3
* SUSE Manager Server 4.3 LTS

An update that solves one vulnerability can now be installed.

## Description:

This update for mozilla-nss fixes the following issues:

* Move NSS DB password hash away from SHA-1

Update to NSS 3.112.2:

* Prevent leaks during pkcs12 decoding.
* SEC_ASN1Decode* should ensure it has read as many bytes as each length field
indicates

Update to NSS 3.112.1:

* restore support for finding certificates by decoded serial number.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-3804=1

* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-3804=1

* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-3804=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-3804=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-3804=1

* SUSE Manager Proxy 4.3 LTS
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-LTS-2025-3804=1

* SUSE Manager Retail Branch Server 4.3 LTS
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-LTS-2025-3804=1

* SUSE Manager Server 4.3 LTS
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-LTS-2025-3804=1

* openSUSE Leap 15.4
zypper in -t patch SUSE-2025-3804=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2025-3804=1

* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2025-3804=1

* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2025-3804=1

* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2025-3804=1

* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2025-3804=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2025-3804=1

* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-3804=1

* Basesystem Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-3804=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-3804=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-3804=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-3804=1

## Package List:

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
x86_64)
* libfreebl3-3.112.2-150400.3.60.1
* libfreebl3-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-3.112.2-150400.3.60.1
* libsoftokn3-3.112.2-150400.3.60.1
* mozilla-nss-sysinit-3.112.2-150400.3.60.1
* mozilla-nss-tools-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-devel-3.112.2-150400.3.60.1
* libsoftokn3-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-debugsource-3.112.2-150400.3.60.1
* mozilla-nss-sysinit-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-certs-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-tools-3.112.2-150400.3.60.1
* mozilla-nss-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-certs-3.112.2-150400.3.60.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64)
* libsoftokn3-32bit-3.112.2-150400.3.60.1
* mozilla-nss-32bit-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-certs-32bit-3.112.2-150400.3.60.1
* mozilla-nss-certs-32bit-debuginfo-3.112.2-150400.3.60.1
* libfreebl3-32bit-3.112.2-150400.3.60.1
* mozilla-nss-32bit-3.112.2-150400.3.60.1
* libsoftokn3-32bit-debuginfo-3.112.2-150400.3.60.1
* libfreebl3-32bit-debuginfo-3.112.2-150400.3.60.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* libfreebl3-3.112.2-150400.3.60.1
* libfreebl3-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-3.112.2-150400.3.60.1
* libsoftokn3-3.112.2-150400.3.60.1
* mozilla-nss-sysinit-3.112.2-150400.3.60.1
* mozilla-nss-tools-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-devel-3.112.2-150400.3.60.1
* libsoftokn3-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-debugsource-3.112.2-150400.3.60.1
* mozilla-nss-sysinit-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-certs-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-tools-3.112.2-150400.3.60.1
* mozilla-nss-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-certs-3.112.2-150400.3.60.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64)
* libsoftokn3-32bit-3.112.2-150400.3.60.1
* mozilla-nss-32bit-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-certs-32bit-3.112.2-150400.3.60.1
* mozilla-nss-certs-32bit-debuginfo-3.112.2-150400.3.60.1
* libfreebl3-32bit-3.112.2-150400.3.60.1
* mozilla-nss-32bit-3.112.2-150400.3.60.1
* libsoftokn3-32bit-debuginfo-3.112.2-150400.3.60.1
* libfreebl3-32bit-debuginfo-3.112.2-150400.3.60.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* libfreebl3-3.112.2-150400.3.60.1
* libfreebl3-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-3.112.2-150400.3.60.1
* libsoftokn3-3.112.2-150400.3.60.1
* mozilla-nss-sysinit-3.112.2-150400.3.60.1
* mozilla-nss-tools-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-devel-3.112.2-150400.3.60.1
* libsoftokn3-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-debugsource-3.112.2-150400.3.60.1
* mozilla-nss-sysinit-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-certs-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-tools-3.112.2-150400.3.60.1
* mozilla-nss-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-certs-3.112.2-150400.3.60.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64)
* libsoftokn3-32bit-3.112.2-150400.3.60.1
* mozilla-nss-32bit-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-certs-32bit-3.112.2-150400.3.60.1
* mozilla-nss-certs-32bit-debuginfo-3.112.2-150400.3.60.1
* libfreebl3-32bit-3.112.2-150400.3.60.1
* mozilla-nss-32bit-3.112.2-150400.3.60.1
* libsoftokn3-32bit-debuginfo-3.112.2-150400.3.60.1
* libfreebl3-32bit-debuginfo-3.112.2-150400.3.60.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* libfreebl3-3.112.2-150400.3.60.1
* libfreebl3-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-3.112.2-150400.3.60.1
* libsoftokn3-3.112.2-150400.3.60.1
* mozilla-nss-sysinit-3.112.2-150400.3.60.1
* mozilla-nss-tools-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-devel-3.112.2-150400.3.60.1
* libsoftokn3-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-debugsource-3.112.2-150400.3.60.1
* mozilla-nss-sysinit-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-certs-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-tools-3.112.2-150400.3.60.1
* mozilla-nss-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-certs-3.112.2-150400.3.60.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
* libsoftokn3-32bit-3.112.2-150400.3.60.1
* mozilla-nss-32bit-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-certs-32bit-3.112.2-150400.3.60.1
* mozilla-nss-certs-32bit-debuginfo-3.112.2-150400.3.60.1
* libfreebl3-32bit-3.112.2-150400.3.60.1
* mozilla-nss-32bit-3.112.2-150400.3.60.1
* libsoftokn3-32bit-debuginfo-3.112.2-150400.3.60.1
* libfreebl3-32bit-debuginfo-3.112.2-150400.3.60.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* libfreebl3-3.112.2-150400.3.60.1
* libfreebl3-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-3.112.2-150400.3.60.1
* libsoftokn3-3.112.2-150400.3.60.1
* mozilla-nss-sysinit-3.112.2-150400.3.60.1
* mozilla-nss-tools-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-devel-3.112.2-150400.3.60.1
* libsoftokn3-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-debugsource-3.112.2-150400.3.60.1
* mozilla-nss-sysinit-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-certs-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-tools-3.112.2-150400.3.60.1
* mozilla-nss-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-certs-3.112.2-150400.3.60.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64)
* libsoftokn3-32bit-3.112.2-150400.3.60.1
* mozilla-nss-32bit-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-certs-32bit-3.112.2-150400.3.60.1
* mozilla-nss-certs-32bit-debuginfo-3.112.2-150400.3.60.1
* libfreebl3-32bit-3.112.2-150400.3.60.1
* mozilla-nss-32bit-3.112.2-150400.3.60.1
* libsoftokn3-32bit-debuginfo-3.112.2-150400.3.60.1
* libfreebl3-32bit-debuginfo-3.112.2-150400.3.60.1
* SUSE Manager Proxy 4.3 LTS (x86_64)
* libfreebl3-debuginfo-3.112.2-150400.3.60.1
* libsoftokn3-3.112.2-150400.3.60.1
* mozilla-nss-sysinit-3.112.2-150400.3.60.1
* libsoftokn3-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-sysinit-debuginfo-3.112.2-150400.3.60.1
* libfreebl3-32bit-3.112.2-150400.3.60.1
* mozilla-nss-32bit-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-tools-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-debugsource-3.112.2-150400.3.60.1
* mozilla-nss-tools-3.112.2-150400.3.60.1
* mozilla-nss-certs-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-certs-32bit-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-certs-3.112.2-150400.3.60.1
* libfreebl3-32bit-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-certs-32bit-3.112.2-150400.3.60.1
* libsoftokn3-32bit-debuginfo-3.112.2-150400.3.60.1
* libfreebl3-3.112.2-150400.3.60.1
* libsoftokn3-32bit-3.112.2-150400.3.60.1
* mozilla-nss-3.112.2-150400.3.60.1
* mozilla-nss-devel-3.112.2-150400.3.60.1
* mozilla-nss-32bit-3.112.2-150400.3.60.1
* SUSE Manager Retail Branch Server 4.3 LTS (x86_64)
* libfreebl3-debuginfo-3.112.2-150400.3.60.1
* libsoftokn3-3.112.2-150400.3.60.1
* mozilla-nss-sysinit-3.112.2-150400.3.60.1
* libsoftokn3-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-sysinit-debuginfo-3.112.2-150400.3.60.1
* libfreebl3-32bit-3.112.2-150400.3.60.1
* mozilla-nss-32bit-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-tools-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-debugsource-3.112.2-150400.3.60.1
* mozilla-nss-tools-3.112.2-150400.3.60.1
* mozilla-nss-certs-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-certs-32bit-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-certs-3.112.2-150400.3.60.1
* libfreebl3-32bit-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-certs-32bit-3.112.2-150400.3.60.1
* libsoftokn3-32bit-debuginfo-3.112.2-150400.3.60.1
* libfreebl3-3.112.2-150400.3.60.1
* libsoftokn3-32bit-3.112.2-150400.3.60.1
* mozilla-nss-3.112.2-150400.3.60.1
* mozilla-nss-devel-3.112.2-150400.3.60.1
* mozilla-nss-32bit-3.112.2-150400.3.60.1
* SUSE Manager Server 4.3 LTS (ppc64le s390x x86_64)
* libfreebl3-3.112.2-150400.3.60.1
* libfreebl3-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-3.112.2-150400.3.60.1
* libsoftokn3-3.112.2-150400.3.60.1
* mozilla-nss-sysinit-3.112.2-150400.3.60.1
* mozilla-nss-tools-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-devel-3.112.2-150400.3.60.1
* libsoftokn3-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-debugsource-3.112.2-150400.3.60.1
* mozilla-nss-sysinit-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-certs-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-tools-3.112.2-150400.3.60.1
* mozilla-nss-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-certs-3.112.2-150400.3.60.1
* SUSE Manager Server 4.3 LTS (x86_64)
* libsoftokn3-32bit-3.112.2-150400.3.60.1
* mozilla-nss-32bit-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-certs-32bit-3.112.2-150400.3.60.1
* mozilla-nss-certs-32bit-debuginfo-3.112.2-150400.3.60.1
* libfreebl3-32bit-3.112.2-150400.3.60.1
* mozilla-nss-32bit-3.112.2-150400.3.60.1
* libsoftokn3-32bit-debuginfo-3.112.2-150400.3.60.1
* libfreebl3-32bit-debuginfo-3.112.2-150400.3.60.1
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* libfreebl3-3.112.2-150400.3.60.1
* libfreebl3-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-3.112.2-150400.3.60.1
* libsoftokn3-3.112.2-150400.3.60.1
* mozilla-nss-sysinit-3.112.2-150400.3.60.1
* mozilla-nss-tools-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-devel-3.112.2-150400.3.60.1
* libsoftokn3-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-debugsource-3.112.2-150400.3.60.1
* mozilla-nss-sysinit-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-certs-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-tools-3.112.2-150400.3.60.1
* mozilla-nss-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-certs-3.112.2-150400.3.60.1
* openSUSE Leap 15.4 (x86_64)
* libsoftokn3-32bit-3.112.2-150400.3.60.1
* mozilla-nss-32bit-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-certs-32bit-3.112.2-150400.3.60.1
* mozilla-nss-sysinit-32bit-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-certs-32bit-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-sysinit-32bit-3.112.2-150400.3.60.1
* libfreebl3-32bit-3.112.2-150400.3.60.1
* mozilla-nss-32bit-3.112.2-150400.3.60.1
* libsoftokn3-32bit-debuginfo-3.112.2-150400.3.60.1
* libfreebl3-32bit-debuginfo-3.112.2-150400.3.60.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* libfreebl3-64bit-3.112.2-150400.3.60.1
* mozilla-nss-certs-64bit-3.112.2-150400.3.60.1
* mozilla-nss-64bit-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-sysinit-64bit-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-sysinit-64bit-3.112.2-150400.3.60.1
* libsoftokn3-64bit-3.112.2-150400.3.60.1
* mozilla-nss-64bit-3.112.2-150400.3.60.1
* mozilla-nss-certs-64bit-debuginfo-3.112.2-150400.3.60.1
* libfreebl3-64bit-debuginfo-3.112.2-150400.3.60.1
* libsoftokn3-64bit-debuginfo-3.112.2-150400.3.60.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* libfreebl3-3.112.2-150400.3.60.1
* libfreebl3-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-3.112.2-150400.3.60.1
* libsoftokn3-3.112.2-150400.3.60.1
* mozilla-nss-sysinit-3.112.2-150400.3.60.1
* mozilla-nss-tools-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-devel-3.112.2-150400.3.60.1
* libsoftokn3-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-debugsource-3.112.2-150400.3.60.1
* mozilla-nss-sysinit-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-certs-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-tools-3.112.2-150400.3.60.1
* mozilla-nss-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-certs-3.112.2-150400.3.60.1
* openSUSE Leap 15.6 (x86_64)
* libsoftokn3-32bit-3.112.2-150400.3.60.1
* mozilla-nss-32bit-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-certs-32bit-3.112.2-150400.3.60.1
* mozilla-nss-sysinit-32bit-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-certs-32bit-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-sysinit-32bit-3.112.2-150400.3.60.1
* libfreebl3-32bit-3.112.2-150400.3.60.1
* mozilla-nss-32bit-3.112.2-150400.3.60.1
* libsoftokn3-32bit-debuginfo-3.112.2-150400.3.60.1
* libfreebl3-32bit-debuginfo-3.112.2-150400.3.60.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* libfreebl3-3.112.2-150400.3.60.1
* libfreebl3-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-3.112.2-150400.3.60.1
* libsoftokn3-3.112.2-150400.3.60.1
* mozilla-nss-tools-debuginfo-3.112.2-150400.3.60.1
* libsoftokn3-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-debugsource-3.112.2-150400.3.60.1
* mozilla-nss-tools-3.112.2-150400.3.60.1
* mozilla-nss-certs-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-certs-3.112.2-150400.3.60.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* libfreebl3-3.112.2-150400.3.60.1
* libfreebl3-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-3.112.2-150400.3.60.1
* libsoftokn3-3.112.2-150400.3.60.1
* mozilla-nss-tools-debuginfo-3.112.2-150400.3.60.1
* libsoftokn3-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-debugsource-3.112.2-150400.3.60.1
* mozilla-nss-tools-3.112.2-150400.3.60.1
* mozilla-nss-certs-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-certs-3.112.2-150400.3.60.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* libfreebl3-3.112.2-150400.3.60.1
* libfreebl3-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-3.112.2-150400.3.60.1
* libsoftokn3-3.112.2-150400.3.60.1
* mozilla-nss-tools-debuginfo-3.112.2-150400.3.60.1
* libsoftokn3-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-debugsource-3.112.2-150400.3.60.1
* mozilla-nss-tools-3.112.2-150400.3.60.1
* mozilla-nss-certs-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-certs-3.112.2-150400.3.60.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* libfreebl3-3.112.2-150400.3.60.1
* libfreebl3-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-3.112.2-150400.3.60.1
* libsoftokn3-3.112.2-150400.3.60.1
* mozilla-nss-tools-debuginfo-3.112.2-150400.3.60.1
* libsoftokn3-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-debugsource-3.112.2-150400.3.60.1
* mozilla-nss-tools-3.112.2-150400.3.60.1
* mozilla-nss-certs-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-certs-3.112.2-150400.3.60.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
* libfreebl3-3.112.2-150400.3.60.1
* libfreebl3-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-3.112.2-150400.3.60.1
* libsoftokn3-3.112.2-150400.3.60.1
* mozilla-nss-tools-debuginfo-3.112.2-150400.3.60.1
* libsoftokn3-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-debugsource-3.112.2-150400.3.60.1
* mozilla-nss-tools-3.112.2-150400.3.60.1
* mozilla-nss-certs-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-certs-3.112.2-150400.3.60.1
* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* libfreebl3-3.112.2-150400.3.60.1
* libfreebl3-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-3.112.2-150400.3.60.1
* libsoftokn3-3.112.2-150400.3.60.1
* mozilla-nss-sysinit-3.112.2-150400.3.60.1
* mozilla-nss-tools-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-devel-3.112.2-150400.3.60.1
* libsoftokn3-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-debugsource-3.112.2-150400.3.60.1
* mozilla-nss-sysinit-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-certs-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-tools-3.112.2-150400.3.60.1
* mozilla-nss-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-certs-3.112.2-150400.3.60.1
* Basesystem Module 15-SP6 (x86_64)
* libsoftokn3-32bit-3.112.2-150400.3.60.1
* mozilla-nss-32bit-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-certs-32bit-3.112.2-150400.3.60.1
* mozilla-nss-certs-32bit-debuginfo-3.112.2-150400.3.60.1
* libfreebl3-32bit-3.112.2-150400.3.60.1
* mozilla-nss-32bit-3.112.2-150400.3.60.1
* libsoftokn3-32bit-debuginfo-3.112.2-150400.3.60.1
* libfreebl3-32bit-debuginfo-3.112.2-150400.3.60.1
* Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* libfreebl3-3.112.2-150400.3.60.1
* libfreebl3-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-3.112.2-150400.3.60.1
* libsoftokn3-3.112.2-150400.3.60.1
* mozilla-nss-sysinit-3.112.2-150400.3.60.1
* mozilla-nss-tools-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-devel-3.112.2-150400.3.60.1
* libsoftokn3-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-debugsource-3.112.2-150400.3.60.1
* mozilla-nss-sysinit-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-certs-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-tools-3.112.2-150400.3.60.1
* mozilla-nss-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-certs-3.112.2-150400.3.60.1
* Basesystem Module 15-SP7 (x86_64)
* libsoftokn3-32bit-3.112.2-150400.3.60.1
* mozilla-nss-32bit-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-certs-32bit-3.112.2-150400.3.60.1
* mozilla-nss-certs-32bit-debuginfo-3.112.2-150400.3.60.1
* libfreebl3-32bit-3.112.2-150400.3.60.1
* mozilla-nss-32bit-3.112.2-150400.3.60.1
* libsoftokn3-32bit-debuginfo-3.112.2-150400.3.60.1
* libfreebl3-32bit-debuginfo-3.112.2-150400.3.60.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* libfreebl3-3.112.2-150400.3.60.1
* libfreebl3-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-3.112.2-150400.3.60.1
* libsoftokn3-3.112.2-150400.3.60.1
* mozilla-nss-sysinit-3.112.2-150400.3.60.1
* mozilla-nss-tools-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-devel-3.112.2-150400.3.60.1
* libsoftokn3-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-debugsource-3.112.2-150400.3.60.1
* mozilla-nss-sysinit-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-certs-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-tools-3.112.2-150400.3.60.1
* mozilla-nss-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-certs-3.112.2-150400.3.60.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64)
* libsoftokn3-32bit-3.112.2-150400.3.60.1
* mozilla-nss-32bit-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-certs-32bit-3.112.2-150400.3.60.1
* mozilla-nss-certs-32bit-debuginfo-3.112.2-150400.3.60.1
* libfreebl3-32bit-3.112.2-150400.3.60.1
* mozilla-nss-32bit-3.112.2-150400.3.60.1
* libsoftokn3-32bit-debuginfo-3.112.2-150400.3.60.1
* libfreebl3-32bit-debuginfo-3.112.2-150400.3.60.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* libfreebl3-3.112.2-150400.3.60.1
* libfreebl3-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-3.112.2-150400.3.60.1
* libsoftokn3-3.112.2-150400.3.60.1
* mozilla-nss-sysinit-3.112.2-150400.3.60.1
* mozilla-nss-tools-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-devel-3.112.2-150400.3.60.1
* libsoftokn3-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-debugsource-3.112.2-150400.3.60.1
* mozilla-nss-sysinit-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-certs-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-tools-3.112.2-150400.3.60.1
* mozilla-nss-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-certs-3.112.2-150400.3.60.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64)
* libsoftokn3-32bit-3.112.2-150400.3.60.1
* mozilla-nss-32bit-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-certs-32bit-3.112.2-150400.3.60.1
* mozilla-nss-certs-32bit-debuginfo-3.112.2-150400.3.60.1
* libfreebl3-32bit-3.112.2-150400.3.60.1
* mozilla-nss-32bit-3.112.2-150400.3.60.1
* libsoftokn3-32bit-debuginfo-3.112.2-150400.3.60.1
* libfreebl3-32bit-debuginfo-3.112.2-150400.3.60.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
x86_64)
* libfreebl3-3.112.2-150400.3.60.1
* libfreebl3-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-3.112.2-150400.3.60.1
* libsoftokn3-3.112.2-150400.3.60.1
* mozilla-nss-sysinit-3.112.2-150400.3.60.1
* mozilla-nss-tools-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-devel-3.112.2-150400.3.60.1
* libsoftokn3-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-debugsource-3.112.2-150400.3.60.1
* mozilla-nss-sysinit-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-certs-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-tools-3.112.2-150400.3.60.1
* mozilla-nss-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-certs-3.112.2-150400.3.60.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64)
* libsoftokn3-32bit-3.112.2-150400.3.60.1
* mozilla-nss-32bit-debuginfo-3.112.2-150400.3.60.1
* mozilla-nss-certs-32bit-3.112.2-150400.3.60.1
* mozilla-nss-certs-32bit-debuginfo-3.112.2-150400.3.60.1
* libfreebl3-32bit-3.112.2-150400.3.60.1
* mozilla-nss-32bit-3.112.2-150400.3.60.1
* libsoftokn3-32bit-debuginfo-3.112.2-150400.3.60.1
* libfreebl3-32bit-debuginfo-3.112.2-150400.3.60.1

## References:

* https://www.suse.com/security/cve/CVE-2025-9187.html
* https://bugzilla.suse.com/show_bug.cgi?id=1251263



openSUSE-SU-2025:0409-1: moderate: Security update for exim


openSUSE Security Update: Security update for exim
_______________________________

Announcement ID: openSUSE-SU-2025:0409-1
Rating: moderate
References: #1246457
Cross-References: CVE-2025-53881
Affected Products:
openSUSE Backports SLE-15-SP7
_______________________________

An update that fixes one vulnerability is now available.

Description:

This update for exim fixes the following issues:

- CVE-2025-53881: Fixed potential security issue with logfile rotation
(boo#1246457).

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP7:

zypper in -t patch openSUSE-2025-409=1

Package List:

- openSUSE Backports SLE-15-SP7 (aarch64 ppc64le s390x x86_64):

exim-4.98.2-bp157.5.1
eximon-4.98.2-bp157.5.1
eximstats-html-4.98.2-bp157.5.1

References:

https://www.suse.com/security/cve/CVE-2025-53881.html
https://bugzilla.suse.com/1246457



openSUSE-SU-2025:0408-1: moderate: Security update for exim


openSUSE Security Update: Security update for exim
_______________________________

Announcement ID: openSUSE-SU-2025:0408-1
Rating: moderate
References: #1246457
Cross-References: CVE-2025-53881
Affected Products:
openSUSE Backports SLE-15-SP6
_______________________________

An update that fixes one vulnerability is now available.

Description:

This update for exim fixes the following issues:

- CVE-2025-53881: Fixed potential security issue with logfile rotation
(boo#1246457).

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP6:

zypper in -t patch openSUSE-2025-408=1

Package List:

- openSUSE Backports SLE-15-SP6 (aarch64 ppc64le s390x x86_64):

exim-4.98.2-bp156.5.1
eximon-4.98.2-bp156.5.1
eximstats-html-4.98.2-bp156.5.1

References:

https://www.suse.com/security/cve/CVE-2025-53881.html
https://bugzilla.suse.com/1246457



SUSE-SU-2025:3810-1: important: Security update for ffmpeg-4


# Security update for ffmpeg-4

Announcement ID: SUSE-SU-2025:3810-1
Release Date: 2025-10-27T16:11:38Z
Rating: important
References:

* bsc#1226308
* bsc#1251137

Cross-References:

* CVE-2025-59728

CVSS scores:

* CVE-2025-59728 ( SUSE ): 7.4
CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2025-59728 ( SUSE ): 7.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
* CVE-2025-59728 ( NVD ): 8.7
CVSS:4.0/AV:A/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Affected Products:

* openSUSE Leap 15.4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP4

An update that solves one vulnerability and has one security fix can now be
installed.

## Description:

This update for ffmpeg-4 fixes the following issues:

* CVE-2025-59728: allocated space for the appended "/" (bsc#1251137)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2025-3810=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-3810=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-3810=1

* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-3810=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-3810=1

## Package List:

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* ffmpeg-4-libavdevice-devel-4.4.6-150400.3.55.1
* libavutil56_70-4.4.6-150400.3.55.1
* libavcodec58_134-debuginfo-4.4.6-150400.3.55.1
* libavformat58_76-4.4.6-150400.3.55.1
* ffmpeg-4-libavutil-devel-4.4.6-150400.3.55.1
* ffmpeg-4-libswresample-devel-4.4.6-150400.3.55.1
* ffmpeg-4-libavformat-devel-4.4.6-150400.3.55.1
* ffmpeg-4-libswscale-devel-4.4.6-150400.3.55.1
* ffmpeg-4-debugsource-4.4.6-150400.3.55.1
* libavdevice58_13-4.4.6-150400.3.55.1
* libpostproc55_9-debuginfo-4.4.6-150400.3.55.1
* libpostproc55_9-4.4.6-150400.3.55.1
* libswscale5_9-debuginfo-4.4.6-150400.3.55.1
* libswresample3_9-debuginfo-4.4.6-150400.3.55.1
* libswresample3_9-4.4.6-150400.3.55.1
* libavresample4_0-debuginfo-4.4.6-150400.3.55.1
* libavcodec58_134-4.4.6-150400.3.55.1
* libavfilter7_110-debuginfo-4.4.6-150400.3.55.1
* libavdevice58_13-debuginfo-4.4.6-150400.3.55.1
* libavfilter7_110-4.4.6-150400.3.55.1
* ffmpeg-4-libpostproc-devel-4.4.6-150400.3.55.1
* ffmpeg-4-4.4.6-150400.3.55.1
* libavresample4_0-4.4.6-150400.3.55.1
* libavutil56_70-debuginfo-4.4.6-150400.3.55.1
* ffmpeg-4-debuginfo-4.4.6-150400.3.55.1
* ffmpeg-4-libavresample-devel-4.4.6-150400.3.55.1
* libswscale5_9-4.4.6-150400.3.55.1
* ffmpeg-4-libavfilter-devel-4.4.6-150400.3.55.1
* ffmpeg-4-private-devel-4.4.6-150400.3.55.1
* ffmpeg-4-libavcodec-devel-4.4.6-150400.3.55.1
* libavformat58_76-debuginfo-4.4.6-150400.3.55.1
* openSUSE Leap 15.4 (x86_64)
* libavformat58_76-32bit-debuginfo-4.4.6-150400.3.55.1
* libavutil56_70-32bit-4.4.6-150400.3.55.1
* libswresample3_9-32bit-4.4.6-150400.3.55.1
* libavcodec58_134-32bit-debuginfo-4.4.6-150400.3.55.1
* libavutil56_70-32bit-debuginfo-4.4.6-150400.3.55.1
* libavformat58_76-32bit-4.4.6-150400.3.55.1
* libswscale5_9-32bit-4.4.6-150400.3.55.1
* libavresample4_0-32bit-4.4.6-150400.3.55.1
* libavdevice58_13-32bit-4.4.6-150400.3.55.1
* libavresample4_0-32bit-debuginfo-4.4.6-150400.3.55.1
* libpostproc55_9-32bit-4.4.6-150400.3.55.1
* libpostproc55_9-32bit-debuginfo-4.4.6-150400.3.55.1
* libswscale5_9-32bit-debuginfo-4.4.6-150400.3.55.1
* libavfilter7_110-32bit-4.4.6-150400.3.55.1
* libavdevice58_13-32bit-debuginfo-4.4.6-150400.3.55.1
* libavfilter7_110-32bit-debuginfo-4.4.6-150400.3.55.1
* libswresample3_9-32bit-debuginfo-4.4.6-150400.3.55.1
* libavcodec58_134-32bit-4.4.6-150400.3.55.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* libavfilter7_110-64bit-4.4.6-150400.3.55.1
* libswresample3_9-64bit-4.4.6-150400.3.55.1
* libavformat58_76-64bit-debuginfo-4.4.6-150400.3.55.1
* libavfilter7_110-64bit-debuginfo-4.4.6-150400.3.55.1
* libavdevice58_13-64bit-debuginfo-4.4.6-150400.3.55.1
* libavformat58_76-64bit-4.4.6-150400.3.55.1
* libavcodec58_134-64bit-4.4.6-150400.3.55.1
* libavresample4_0-64bit-4.4.6-150400.3.55.1
* libavdevice58_13-64bit-4.4.6-150400.3.55.1
* libavutil56_70-64bit-4.4.6-150400.3.55.1
* libavresample4_0-64bit-debuginfo-4.4.6-150400.3.55.1
* libavutil56_70-64bit-debuginfo-4.4.6-150400.3.55.1
* libpostproc55_9-64bit-4.4.6-150400.3.55.1
* libswresample3_9-64bit-debuginfo-4.4.6-150400.3.55.1
* libswscale5_9-64bit-debuginfo-4.4.6-150400.3.55.1
* libavcodec58_134-64bit-debuginfo-4.4.6-150400.3.55.1
* libpostproc55_9-64bit-debuginfo-4.4.6-150400.3.55.1
* libswscale5_9-64bit-4.4.6-150400.3.55.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* libavutil56_70-4.4.6-150400.3.55.1
* libswscale5_9-4.4.6-150400.3.55.1
* libpostproc55_9-debuginfo-4.4.6-150400.3.55.1
* libavcodec58_134-debuginfo-4.4.6-150400.3.55.1
* libpostproc55_9-4.4.6-150400.3.55.1
* libavformat58_76-4.4.6-150400.3.55.1
* libswresample3_9-debuginfo-4.4.6-150400.3.55.1
* libavutil56_70-debuginfo-4.4.6-150400.3.55.1
* libswresample3_9-4.4.6-150400.3.55.1
* ffmpeg-4-debuginfo-4.4.6-150400.3.55.1
* libavcodec58_134-4.4.6-150400.3.55.1
* libavformat58_76-debuginfo-4.4.6-150400.3.55.1
* ffmpeg-4-debugsource-4.4.6-150400.3.55.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* libavutil56_70-4.4.6-150400.3.55.1
* libswscale5_9-4.4.6-150400.3.55.1
* libpostproc55_9-debuginfo-4.4.6-150400.3.55.1
* libavcodec58_134-debuginfo-4.4.6-150400.3.55.1
* libpostproc55_9-4.4.6-150400.3.55.1
* libavformat58_76-4.4.6-150400.3.55.1
* libswresample3_9-debuginfo-4.4.6-150400.3.55.1
* libavutil56_70-debuginfo-4.4.6-150400.3.55.1
* libswresample3_9-4.4.6-150400.3.55.1
* ffmpeg-4-debuginfo-4.4.6-150400.3.55.1
* libavcodec58_134-4.4.6-150400.3.55.1
* libavformat58_76-debuginfo-4.4.6-150400.3.55.1
* ffmpeg-4-debugsource-4.4.6-150400.3.55.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* libavutil56_70-4.4.6-150400.3.55.1
* libswscale5_9-4.4.6-150400.3.55.1
* libpostproc55_9-debuginfo-4.4.6-150400.3.55.1
* libavcodec58_134-debuginfo-4.4.6-150400.3.55.1
* libpostproc55_9-4.4.6-150400.3.55.1
* libavformat58_76-4.4.6-150400.3.55.1
* libswresample3_9-debuginfo-4.4.6-150400.3.55.1
* libavutil56_70-debuginfo-4.4.6-150400.3.55.1
* libswresample3_9-4.4.6-150400.3.55.1
* ffmpeg-4-debuginfo-4.4.6-150400.3.55.1
* libavcodec58_134-4.4.6-150400.3.55.1
* libavformat58_76-debuginfo-4.4.6-150400.3.55.1
* ffmpeg-4-debugsource-4.4.6-150400.3.55.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* libavutil56_70-4.4.6-150400.3.55.1
* libswscale5_9-4.4.6-150400.3.55.1
* libpostproc55_9-debuginfo-4.4.6-150400.3.55.1
* libavcodec58_134-debuginfo-4.4.6-150400.3.55.1
* libpostproc55_9-4.4.6-150400.3.55.1
* libavformat58_76-4.4.6-150400.3.55.1
* libswresample3_9-debuginfo-4.4.6-150400.3.55.1
* libavutil56_70-debuginfo-4.4.6-150400.3.55.1
* libswresample3_9-4.4.6-150400.3.55.1
* ffmpeg-4-debuginfo-4.4.6-150400.3.55.1
* libavcodec58_134-4.4.6-150400.3.55.1
* libavformat58_76-debuginfo-4.4.6-150400.3.55.1
* ffmpeg-4-debugsource-4.4.6-150400.3.55.1

## References:

* https://www.suse.com/security/cve/CVE-2025-59728.html
* https://bugzilla.suse.com/show_bug.cgi?id=1226308
* https://bugzilla.suse.com/show_bug.cgi?id=1251137



SUSE-SU-2025:3812-1: low: Security update for cmake


# Security update for cmake

Announcement ID: SUSE-SU-2025:3812-1
Release Date: 2025-10-27T16:13:37Z
Rating: low
References:

* bsc#1248461

Cross-References:

* CVE-2025-9301

CVSS scores:

* CVE-2025-9301 ( SUSE ): 4.6
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-9301 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2025-9301 ( NVD ): 1.9
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2025-9301 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Affected Products:

* Basesystem Module 15-SP6
* Basesystem Module 15-SP7
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7

An update that solves one vulnerability can now be installed.

## Description:

This update for cmake fixes the following issues:

* CVE-2025-9301: Fixed assertion failure due to improper validation
(bsc#1248461)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2025-3812=1 openSUSE-SLE-15.6-2025-3812=1

* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-3812=1

* Basesystem Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-3812=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* cmake-gui-debuginfo-3.28.3-150600.3.3.1
* cmake-full-debugsource-3.28.3-150600.3.3.1
* cmake-full-debuginfo-3.28.3-150600.3.3.1
* cmake-ui-debugsource-3.28.3-150600.3.3.1
* cmake-mini-debuginfo-3.28.3-150600.3.3.1
* cmake-mini-3.28.3-150600.3.3.1
* cmake-gui-3.28.3-150600.3.3.1
* cmake-3.28.3-150600.3.3.1
* cmake-mini-debugsource-3.28.3-150600.3.3.1
* cmake-full-3.28.3-150600.3.3.1
* cmake-man-3.28.3-150600.3.3.1
* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* cmake-full-debugsource-3.28.3-150600.3.3.1
* cmake-full-3.28.3-150600.3.3.1
* cmake-3.28.3-150600.3.3.1
* cmake-full-debuginfo-3.28.3-150600.3.3.1
* Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* cmake-full-debugsource-3.28.3-150600.3.3.1
* cmake-full-3.28.3-150600.3.3.1
* cmake-3.28.3-150600.3.3.1
* cmake-full-debuginfo-3.28.3-150600.3.3.1

## References:

* https://www.suse.com/security/cve/CVE-2025-9301.html
* https://bugzilla.suse.com/show_bug.cgi?id=1248461



SUSE-SU-2025:3811-1: moderate: Security update for wireshark


# Security update for wireshark

Announcement ID: SUSE-SU-2025:3811-1
Release Date: 2025-10-27T16:12:36Z
Rating: moderate
References:

* bsc#1251933

Cross-References:

* CVE-2025-11626

CVSS scores:

* CVE-2025-11626 ( SUSE ): 6.7
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-11626 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2025-11626 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Affected Products:

* Basesystem Module 15-SP6
* Basesystem Module 15-SP7
* Desktop Applications Module 15-SP6
* Desktop Applications Module 15-SP7
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7

An update that solves one vulnerability can now be installed.

## Description:

This update for wireshark fixes the following issues:

* CVE-2025-11626: fixed MONGO dissector infinite loop (bsc#1251933).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2025-3811=1 openSUSE-SLE-15.6-2025-3811=1

* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-3811=1

* Basesystem Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-3811=1

* Desktop Applications Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-3811=1

* Desktop Applications Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP7-2025-3811=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* wireshark-devel-4.2.14-150600.18.29.1
* wireshark-ui-qt-4.2.14-150600.18.29.1
* wireshark-4.2.14-150600.18.29.1
* libwireshark17-4.2.14-150600.18.29.1
* libwsutil15-debuginfo-4.2.14-150600.18.29.1
* libwiretap14-debuginfo-4.2.14-150600.18.29.1
* wireshark-debugsource-4.2.14-150600.18.29.1
* wireshark-ui-qt-debuginfo-4.2.14-150600.18.29.1
* wireshark-debuginfo-4.2.14-150600.18.29.1
* libwsutil15-4.2.14-150600.18.29.1
* libwiretap14-4.2.14-150600.18.29.1
* libwireshark17-debuginfo-4.2.14-150600.18.29.1
* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* wireshark-4.2.14-150600.18.29.1
* libwireshark17-4.2.14-150600.18.29.1
* libwsutil15-debuginfo-4.2.14-150600.18.29.1
* libwiretap14-debuginfo-4.2.14-150600.18.29.1
* wireshark-debugsource-4.2.14-150600.18.29.1
* wireshark-debuginfo-4.2.14-150600.18.29.1
* libwsutil15-4.2.14-150600.18.29.1
* libwiretap14-4.2.14-150600.18.29.1
* libwireshark17-debuginfo-4.2.14-150600.18.29.1
* Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* wireshark-4.2.14-150600.18.29.1
* libwireshark17-4.2.14-150600.18.29.1
* libwsutil15-debuginfo-4.2.14-150600.18.29.1
* libwiretap14-debuginfo-4.2.14-150600.18.29.1
* wireshark-debugsource-4.2.14-150600.18.29.1
* wireshark-debuginfo-4.2.14-150600.18.29.1
* libwsutil15-4.2.14-150600.18.29.1
* libwiretap14-4.2.14-150600.18.29.1
* libwireshark17-debuginfo-4.2.14-150600.18.29.1
* Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* wireshark-devel-4.2.14-150600.18.29.1
* wireshark-ui-qt-4.2.14-150600.18.29.1
* wireshark-ui-qt-debuginfo-4.2.14-150600.18.29.1
* wireshark-debuginfo-4.2.14-150600.18.29.1
* wireshark-debugsource-4.2.14-150600.18.29.1
* Desktop Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* wireshark-devel-4.2.14-150600.18.29.1
* wireshark-ui-qt-4.2.14-150600.18.29.1
* wireshark-ui-qt-debuginfo-4.2.14-150600.18.29.1
* wireshark-debuginfo-4.2.14-150600.18.29.1
* wireshark-debugsource-4.2.14-150600.18.29.1

## References:

* https://www.suse.com/security/cve/CVE-2025-11626.html
* https://bugzilla.suse.com/show_bug.cgi?id=1251933



SUSE-SU-2025:3807-1: important: Security update for erlang


# Security update for erlang

Announcement ID: SUSE-SU-2025:3807-1
Release Date: 2025-10-27T12:59:30Z
Rating: important
References:

* bsc#1249473

Cross-References:

* CVE-2025-48041

CVSS scores:

* CVE-2025-48041 ( SUSE ): 7.1
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2025-48041 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-48041 ( NVD ): 7.1
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Affected Products:

* openSUSE Leap 15.3
* openSUSE Leap 15.6
* Server Applications Module 15-SP6
* Server Applications Module 15-SP7
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7
* SUSE Manager Proxy 4.3
* SUSE Manager Proxy 4.3 LTS
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Retail Branch Server 4.3 LTS
* SUSE Manager Server 4.3
* SUSE Manager Server 4.3 LTS

An update that solves one vulnerability can now be installed.

## Description:

This update for erlang fixes the following issues:

* CVE-2025-48041: fixed erlang exhaustion of file handles in SSH (bsc#1249473)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Manager Retail Branch Server 4.3 LTS
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-LTS-2025-3807=1

* SUSE Manager Server 4.3 LTS
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-LTS-2025-3807=1

* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2025-3807=1

* openSUSE Leap 15.3
zypper in -t patch SUSE-2025-3807=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2025-3807=1

* Server Applications Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-3807=1

* Server Applications Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2025-3807=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-3807=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-3807=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-3807=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-3807=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-3807=1

* SUSE Linux Enterprise Server 15 SP3 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-3807=1

* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-3807=1

* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-3807=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-3807=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-3807=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-3807=1

* SUSE Manager Proxy 4.3 LTS
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-LTS-2025-3807=1

## Package List:

* SUSE Manager Retail Branch Server 4.3 LTS (x86_64)
* erlang-epmd-debuginfo-23.3.4.19-150300.3.26.1
* erlang-debugsource-23.3.4.19-150300.3.26.1
* erlang-epmd-23.3.4.19-150300.3.26.1
* erlang-23.3.4.19-150300.3.26.1
* erlang-debuginfo-23.3.4.19-150300.3.26.1
* SUSE Manager Server 4.3 LTS (ppc64le s390x x86_64)
* erlang-epmd-debuginfo-23.3.4.19-150300.3.26.1
* erlang-debugsource-23.3.4.19-150300.3.26.1
* erlang-epmd-23.3.4.19-150300.3.26.1
* erlang-23.3.4.19-150300.3.26.1
* erlang-debuginfo-23.3.4.19-150300.3.26.1
* SUSE Enterprise Storage 7.1 (aarch64 x86_64)
* erlang-epmd-debuginfo-23.3.4.19-150300.3.26.1
* erlang-debugsource-23.3.4.19-150300.3.26.1
* erlang-epmd-23.3.4.19-150300.3.26.1
* erlang-23.3.4.19-150300.3.26.1
* erlang-debuginfo-23.3.4.19-150300.3.26.1
* openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586)
* erlang-epmd-debuginfo-23.3.4.19-150300.3.26.1
* erlang-jinterface-src-23.3.4.19-150300.3.26.1
* erlang-wx-23.3.4.19-150300.3.26.1
* erlang-dialyzer-23.3.4.19-150300.3.26.1
* erlang-reltool-src-23.3.4.19-150300.3.26.1
* erlang-reltool-23.3.4.19-150300.3.26.1
* erlang-et-src-23.3.4.19-150300.3.26.1
* erlang-debugger-23.3.4.19-150300.3.26.1
* erlang-wx-debuginfo-23.3.4.19-150300.3.26.1
* erlang-et-23.3.4.19-150300.3.26.1
* erlang-src-23.3.4.19-150300.3.26.1
* erlang-epmd-23.3.4.19-150300.3.26.1
* erlang-wx-src-23.3.4.19-150300.3.26.1
* erlang-debugger-src-23.3.4.19-150300.3.26.1
* erlang-diameter-23.3.4.19-150300.3.26.1
* erlang-dialyzer-src-23.3.4.19-150300.3.26.1
* erlang-diameter-src-23.3.4.19-150300.3.26.1
* erlang-debugsource-23.3.4.19-150300.3.26.1
* erlang-jinterface-23.3.4.19-150300.3.26.1
* erlang-dialyzer-debuginfo-23.3.4.19-150300.3.26.1
* erlang-observer-src-23.3.4.19-150300.3.26.1
* erlang-doc-23.3.4.19-150300.3.26.1
* erlang-23.3.4.19-150300.3.26.1
* erlang-debuginfo-23.3.4.19-150300.3.26.1
* erlang-observer-23.3.4.19-150300.3.26.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* erlang-epmd-debuginfo-23.3.4.19-150300.3.26.1
* erlang-jinterface-src-23.3.4.19-150300.3.26.1
* erlang-wx-23.3.4.19-150300.3.26.1
* erlang-dialyzer-23.3.4.19-150300.3.26.1
* erlang-reltool-src-23.3.4.19-150300.3.26.1
* erlang-reltool-23.3.4.19-150300.3.26.1
* erlang-et-src-23.3.4.19-150300.3.26.1
* erlang-debugger-23.3.4.19-150300.3.26.1
* erlang-wx-debuginfo-23.3.4.19-150300.3.26.1
* erlang-et-23.3.4.19-150300.3.26.1
* erlang-src-23.3.4.19-150300.3.26.1
* erlang-epmd-23.3.4.19-150300.3.26.1
* erlang-wx-src-23.3.4.19-150300.3.26.1
* erlang-debugger-src-23.3.4.19-150300.3.26.1
* erlang-diameter-23.3.4.19-150300.3.26.1
* erlang-dialyzer-src-23.3.4.19-150300.3.26.1
* erlang-diameter-src-23.3.4.19-150300.3.26.1
* erlang-debugsource-23.3.4.19-150300.3.26.1
* erlang-jinterface-23.3.4.19-150300.3.26.1
* erlang-dialyzer-debuginfo-23.3.4.19-150300.3.26.1
* erlang-observer-src-23.3.4.19-150300.3.26.1
* erlang-doc-23.3.4.19-150300.3.26.1
* erlang-23.3.4.19-150300.3.26.1
* erlang-debuginfo-23.3.4.19-150300.3.26.1
* erlang-observer-23.3.4.19-150300.3.26.1
* Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* erlang-epmd-debuginfo-23.3.4.19-150300.3.26.1
* erlang-debugsource-23.3.4.19-150300.3.26.1
* erlang-epmd-23.3.4.19-150300.3.26.1
* erlang-23.3.4.19-150300.3.26.1
* erlang-debuginfo-23.3.4.19-150300.3.26.1
* Server Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* erlang-epmd-debuginfo-23.3.4.19-150300.3.26.1
* erlang-debugsource-23.3.4.19-150300.3.26.1
* erlang-epmd-23.3.4.19-150300.3.26.1
* erlang-23.3.4.19-150300.3.26.1
* erlang-debuginfo-23.3.4.19-150300.3.26.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
x86_64)
* erlang-epmd-debuginfo-23.3.4.19-150300.3.26.1
* erlang-debugsource-23.3.4.19-150300.3.26.1
* erlang-epmd-23.3.4.19-150300.3.26.1
* erlang-23.3.4.19-150300.3.26.1
* erlang-debuginfo-23.3.4.19-150300.3.26.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* erlang-epmd-debuginfo-23.3.4.19-150300.3.26.1
* erlang-debugsource-23.3.4.19-150300.3.26.1
* erlang-epmd-23.3.4.19-150300.3.26.1
* erlang-23.3.4.19-150300.3.26.1
* erlang-debuginfo-23.3.4.19-150300.3.26.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* erlang-epmd-debuginfo-23.3.4.19-150300.3.26.1
* erlang-debugsource-23.3.4.19-150300.3.26.1
* erlang-epmd-23.3.4.19-150300.3.26.1
* erlang-23.3.4.19-150300.3.26.1
* erlang-debuginfo-23.3.4.19-150300.3.26.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
x86_64)
* erlang-epmd-debuginfo-23.3.4.19-150300.3.26.1
* erlang-debugsource-23.3.4.19-150300.3.26.1
* erlang-epmd-23.3.4.19-150300.3.26.1
* erlang-23.3.4.19-150300.3.26.1
* erlang-debuginfo-23.3.4.19-150300.3.26.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
x86_64)
* erlang-epmd-debuginfo-23.3.4.19-150300.3.26.1
* erlang-debugsource-23.3.4.19-150300.3.26.1
* erlang-epmd-23.3.4.19-150300.3.26.1
* erlang-23.3.4.19-150300.3.26.1
* erlang-debuginfo-23.3.4.19-150300.3.26.1
* SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
* erlang-epmd-debuginfo-23.3.4.19-150300.3.26.1
* erlang-debugsource-23.3.4.19-150300.3.26.1
* erlang-epmd-23.3.4.19-150300.3.26.1
* erlang-23.3.4.19-150300.3.26.1
* erlang-debuginfo-23.3.4.19-150300.3.26.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* erlang-epmd-debuginfo-23.3.4.19-150300.3.26.1
* erlang-debugsource-23.3.4.19-150300.3.26.1
* erlang-epmd-23.3.4.19-150300.3.26.1
* erlang-23.3.4.19-150300.3.26.1
* erlang-debuginfo-23.3.4.19-150300.3.26.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* erlang-epmd-debuginfo-23.3.4.19-150300.3.26.1
* erlang-debugsource-23.3.4.19-150300.3.26.1
* erlang-epmd-23.3.4.19-150300.3.26.1
* erlang-23.3.4.19-150300.3.26.1
* erlang-debuginfo-23.3.4.19-150300.3.26.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
* erlang-epmd-debuginfo-23.3.4.19-150300.3.26.1
* erlang-debugsource-23.3.4.19-150300.3.26.1
* erlang-epmd-23.3.4.19-150300.3.26.1
* erlang-23.3.4.19-150300.3.26.1
* erlang-debuginfo-23.3.4.19-150300.3.26.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* erlang-epmd-debuginfo-23.3.4.19-150300.3.26.1
* erlang-debugsource-23.3.4.19-150300.3.26.1
* erlang-epmd-23.3.4.19-150300.3.26.1
* erlang-23.3.4.19-150300.3.26.1
* erlang-debuginfo-23.3.4.19-150300.3.26.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* erlang-epmd-debuginfo-23.3.4.19-150300.3.26.1
* erlang-debugsource-23.3.4.19-150300.3.26.1
* erlang-epmd-23.3.4.19-150300.3.26.1
* erlang-23.3.4.19-150300.3.26.1
* erlang-debuginfo-23.3.4.19-150300.3.26.1
* SUSE Manager Proxy 4.3 LTS (x86_64)
* erlang-epmd-debuginfo-23.3.4.19-150300.3.26.1
* erlang-debugsource-23.3.4.19-150300.3.26.1
* erlang-epmd-23.3.4.19-150300.3.26.1
* erlang-23.3.4.19-150300.3.26.1
* erlang-debuginfo-23.3.4.19-150300.3.26.1

## References:

* https://www.suse.com/security/cve/CVE-2025-48041.html
* https://bugzilla.suse.com/show_bug.cgi?id=1249473



SUSE-SU-2025:3809-1: moderate: Security update for rabbitmq-server


# Security update for rabbitmq-server

Announcement ID: SUSE-SU-2025:3809-1
Release Date: 2025-10-27T13:11:35Z
Rating: moderate
References:

* bsc#1245105
* bsc#1246091

Cross-References:

* CVE-2025-50200

CVSS scores:

* CVE-2025-50200 ( SUSE ): 6.7
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2025-50200 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2025-50200 ( NVD ): 6.7
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2025-50200 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Affected Products:

* openSUSE Leap 15.3
* openSUSE Leap 15.6
* Server Applications Module 15-SP6
* Server Applications Module 15-SP7
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7

An update that solves one vulnerability and has one security fix can now be
installed.

## Description:

This update for rabbitmq-server fixes the following issues:

* CVE-2025-50200: prevented logging of Basic Auth header from HTTP requests
(bsc#1245105)
* fixed a bad logrotate configuration that allowed escalation from rabbitmq to
root, /var/log/rabbitmq ownership is now 750 (bsc#1246091)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* Server Applications Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2025-3809=1

* openSUSE Leap 15.3
zypper in -t patch SUSE-2025-3809=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2025-3809=1

* Server Applications Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-3809=1

## Package List:

* Server Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* rabbitmq-server-plugins-3.8.11-150300.3.22.2
* erlang-rabbitmq-client-3.8.11-150300.3.22.2
* rabbitmq-server-3.8.11-150300.3.22.2
* openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586)
* rabbitmq-server-plugins-3.8.11-150300.3.22.2
* erlang-rabbitmq-client-3.8.11-150300.3.22.2
* rabbitmq-server-3.8.11-150300.3.22.2
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* rabbitmq-server-plugins-3.8.11-150300.3.22.2
* erlang-rabbitmq-client-3.8.11-150300.3.22.2
* rabbitmq-server-3.8.11-150300.3.22.2
* Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* rabbitmq-server-plugins-3.8.11-150300.3.22.2
* erlang-rabbitmq-client-3.8.11-150300.3.22.2
* rabbitmq-server-3.8.11-150300.3.22.2

## References:

* https://www.suse.com/security/cve/CVE-2025-50200.html
* https://bugzilla.suse.com/show_bug.cgi?id=1245105
* https://bugzilla.suse.com/show_bug.cgi?id=1246091


Squid, Thunderbird, OpenJDK, and more updates for Oracle Linux

GStreamer Good Plugins, strongSwan, Ruby, Kernel updates for Ubuntu

Windows

Linux

macOS

Community

  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...
  • Philipp
    I would try the XanMod kernel: https://xanmod.orgĀ  I ...