GoVulncheck-Vulndb, Google-Cloud-Sap-Agent, Nethack, WPA Supplicant, Python updates for SUSE

SUSE 5257 Published by

SUSE Linux has been updated with security enhancements for govulncheck-vulndb, google-cloud-sap-agent, nethack-3.4.3-6.1, wpa_supplicant-2.11-4.1, and python312:

SUSE-SU-2025:0876-1: moderate: Security update for govulncheck-vulndb
SUSE-SU-2025:0882-1: important: Security update for google-cloud-sap-agent
openSUSE-SU-2025:14898-1: moderate: nethack-3.4.3-6.1 on GA media
openSUSE-SU-2025:14899-1: moderate: wpa_supplicant-2.11-4.1 on GA media
SUSE-SU-2025:0883-1: low: Security update for python312




SUSE-SU-2025:0876-1: moderate: Security update for govulncheck-vulndb


# Security update for govulncheck-vulndb

Announcement ID: SUSE-SU-2025:0876-1
Release Date: 2025-03-17T07:26:27Z
Rating: moderate
References:

* jsc#PED-11136

Affected Products:

* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Package Hub 15 15-SP6

An update that contains one feature can now be installed.

## Description:

This update for govulncheck-vulndb fixes the following issues:

* Update to version 0.0.20250313T170021 2025-03-13T17:00:21Z (jsc#PED-11136)
* GO-2025-3427
* GO-2025-3442
* GO-2025-3443
* GO-2025-3508
* GO-2025-3509
* GO-2025-3510
* GO-2025-3511
* GO-2025-3512
* GO-2025-3514
* GO-2025-3515

* Update to version 0.0.20250312T181707 2025-03-12T18:17:07Z (jsc#PED-11136):

* GO-2025-3459
* GO-2025-3460
* GO-2025-3461
* GO-2025-3462
* GO-2025-3463
* GO-2025-3465
* GO-2025-3466
* GO-2025-3467
* GO-2025-3468
* GO-2025-3470
* GO-2025-3472
* GO-2025-3474
* GO-2025-3475
* GO-2025-3476
* GO-2025-3477
* GO-2025-3479
* GO-2025-3480
* GO-2025-3481
* GO-2025-3482
* GO-2025-3483
* GO-2025-3484
* GO-2025-3485
* GO-2025-3489
* GO-2025-3490
* GO-2025-3491
* GO-2025-3492
* GO-2025-3494
* GO-2025-3495
* GO-2025-3498
* GO-2025-3499
* GO-2025-3500
* GO-2025-3503
* GO-2025-3504
* GO-2025-3505
* GO-2025-3507

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2025-876=1

* SUSE Package Hub 15 15-SP6
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-876=1

## Package List:

* openSUSE Leap 15.6 (noarch)
* govulncheck-vulndb-0.0.20250313T170021-150000.1.40.1
* SUSE Package Hub 15 15-SP6 (noarch)
* govulncheck-vulndb-0.0.20250313T170021-150000.1.40.1

## References:

* https://jira.suse.com/browse/PED-11136



SUSE-SU-2025:0882-1: important: Security update for google-cloud-sap-agent


# Security update for google-cloud-sap-agent

Announcement ID: SUSE-SU-2025:0882-1
Release Date: 2025-03-17T11:26:00Z
Rating: important
References:

* bsc#1239197

Cross-References:

* CVE-2025-22868

CVSS scores:

* CVE-2025-22868 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-22868 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.6
* Public Cloud Module 15-SP3
* Public Cloud Module 15-SP4
* Public Cloud Module 15-SP5
* Public Cloud Module 15-SP6
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Manager Proxy 4.2
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.2
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.2
* SUSE Manager Server 4.3

An update that solves one vulnerability can now be installed.

## Description:

This update for google-cloud-sap-agent fixes the following issues:

* CVE-2025-22868: golang.org/x/oauth2/jws: Fixed unexpected memory consumption
during token parsing (bsc#1239197)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2025-882=1

* Public Cloud Module 15-SP3
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2025-882=1

* Public Cloud Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2025-882=1

* Public Cloud Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2025-882=1

* Public Cloud Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2025-882=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* google-cloud-sap-agent-3.6-150100.3.44.1
* Public Cloud Module 15-SP3 (aarch64 ppc64le s390x x86_64)
* google-cloud-sap-agent-3.6-150100.3.44.1
* Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64)
* google-cloud-sap-agent-3.6-150100.3.44.1
* Public Cloud Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* google-cloud-sap-agent-3.6-150100.3.44.1
* Public Cloud Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* google-cloud-sap-agent-3.6-150100.3.44.1

## References:

* https://www.suse.com/security/cve/CVE-2025-22868.html
* https://bugzilla.suse.com/show_bug.cgi?id=1239197



openSUSE-SU-2025:14898-1: moderate: nethack-3.4.3-6.1 on GA media


# nethack-3.4.3-6.1 on GA media

Announcement ID: openSUSE-SU-2025:14898-1
Rating: moderate

Cross-References:

* CVE-2020-5253

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the nethack-3.4.3-6.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* nethack 3.4.3-6.1

## References:

* https://www.suse.com/security/cve/CVE-2020-5253.html



openSUSE-SU-2025:14899-1: moderate: wpa_supplicant-2.11-4.1 on GA media


# wpa_supplicant-2.11-4.1 on GA media

Announcement ID: openSUSE-SU-2025:14899-1
Rating: moderate

Cross-References:

* CVE-2025-24912

CVSS scores:

* CVE-2025-24912 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the wpa_supplicant-2.11-4.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* wpa_supplicant 2.11-4.1
* wpa_supplicant-gui 2.11-4.1

## References:

* https://www.suse.com/security/cve/CVE-2025-24912.html



SUSE-SU-2025:0883-1: low: Security update for python312


# Security update for python312

Announcement ID: SUSE-SU-2025:0883-1
Release Date: 2025-03-17T15:21:49Z
Rating: low
References:

* bsc#1238450
* bsc#1239210

Cross-References:

* CVE-2025-1795

CVSS scores:

* CVE-2025-1795 ( SUSE ): 2.3
CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2025-1795 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2025-1795 ( NVD ): 2.3
CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Affected Products:

* openSUSE Leap 15.6
* Python 3 Module 15-SP6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves one vulnerability and has one security fix can now be
installed.

## Description:

This update for python312 fixes the following issues:

* CVE-2025-1795: Fixed mishandling of comma during folding and unicode-
encoding of email headers (bsc#1238450).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2025-883=1 openSUSE-SLE-15.6-2025-883=1

* Python 3 Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2025-883=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* python312-testsuite-3.12.9-150600.3.21.1
* python312-idle-3.12.9-150600.3.21.1
* python312-testsuite-debuginfo-3.12.9-150600.3.21.1
* python312-curses-debuginfo-3.12.9-150600.3.21.1
* python312-debuginfo-3.12.9-150600.3.21.1
* python312-3.12.9-150600.3.21.1
* python312-base-debuginfo-3.12.9-150600.3.21.1
* python312-doc-devhelp-3.12.9-150600.3.21.1
* python312-dbm-3.12.9-150600.3.21.1
* libpython3_12-1_0-debuginfo-3.12.9-150600.3.21.1
* python312-debugsource-3.12.9-150600.3.21.1
* python312-core-debugsource-3.12.9-150600.3.21.1
* python312-devel-3.12.9-150600.3.21.1
* python312-tk-3.12.9-150600.3.21.1
* python312-dbm-debuginfo-3.12.9-150600.3.21.1
* python312-base-3.12.9-150600.3.21.1
* python312-tools-3.12.9-150600.3.21.1
* python312-tk-debuginfo-3.12.9-150600.3.21.1
* python312-curses-3.12.9-150600.3.21.1
* libpython3_12-1_0-3.12.9-150600.3.21.1
* python312-doc-3.12.9-150600.3.21.1
* openSUSE Leap 15.6 (x86_64)
* python312-32bit-debuginfo-3.12.9-150600.3.21.1
* libpython3_12-1_0-32bit-debuginfo-3.12.9-150600.3.21.1
* python312-base-32bit-3.12.9-150600.3.21.1
* libpython3_12-1_0-32bit-3.12.9-150600.3.21.1
* python312-base-32bit-debuginfo-3.12.9-150600.3.21.1
* python312-32bit-3.12.9-150600.3.21.1
* openSUSE Leap 15.6 (aarch64_ilp32)
* python312-64bit-debuginfo-3.12.9-150600.3.21.1
* python312-64bit-3.12.9-150600.3.21.1
* libpython3_12-1_0-64bit-3.12.9-150600.3.21.1
* libpython3_12-1_0-64bit-debuginfo-3.12.9-150600.3.21.1
* python312-base-64bit-debuginfo-3.12.9-150600.3.21.1
* python312-base-64bit-3.12.9-150600.3.21.1
* Python 3 Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* python312-core-debugsource-3.12.9-150600.3.21.1
* python312-devel-3.12.9-150600.3.21.1
* python312-curses-debuginfo-3.12.9-150600.3.21.1
* python312-base-3.12.9-150600.3.21.1
* python312-debuginfo-3.12.9-150600.3.21.1
* python312-tools-3.12.9-150600.3.21.1
* python312-3.12.9-150600.3.21.1
* python312-tk-debuginfo-3.12.9-150600.3.21.1
* python312-idle-3.12.9-150600.3.21.1
* python312-tk-3.12.9-150600.3.21.1
* python312-debugsource-3.12.9-150600.3.21.1
* python312-dbm-debuginfo-3.12.9-150600.3.21.1
* python312-base-debuginfo-3.12.9-150600.3.21.1
* python312-curses-3.12.9-150600.3.21.1
* python312-dbm-3.12.9-150600.3.21.1
* libpython3_12-1_0-debuginfo-3.12.9-150600.3.21.1
* libpython3_12-1_0-3.12.9-150600.3.21.1

## References:

* https://www.suse.com/security/cve/CVE-2025-1795.html
* https://bugzilla.suse.com/show_bug.cgi?id=1238450
* https://bugzilla.suse.com/show_bug.cgi?id=1239210


PowerPC-Utils, Librtas, OpenSSL-Ibmca, and more updates for Rocky Linux

X.Org X Server, RESTEasy, FreeType, PlantUML updates for Ubuntu

Windows

Linux

macOS

Community

  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...
  • Philipp
    I would try the XanMod kernel: https://xanmod.org  I ...