SUSE-SU-2025:0741-1: important: Security update for procps
SUSE-SU-2025:0742-1: important: Security update for openvswitch3
SUSE-SU-2025:0737-1: important: Security update for postgresql13
SUSE-SU-2025:0739-1: moderate: Security update for libX11
openSUSE-SU-2025:14845-1: moderate: python311-jupyter-server-2.14.2-3.1 on GA media
openSUSE-SU-2025:14843-1: moderate: govulncheck-vulndb-0.0.20250226T025151-1.1 on GA media
openSUSE-SU-2025:14844-1: moderate: bsdtar-3.7.7-2.1 on GA media
SUSE-SU-2025:0746-1: important: Security update for libxml2
SUSE-SU-2025:0748-1: important: Security update for libxml2
SUSE-SU-2025:0750-1: moderate: Security update for python-azure-identity
SUSE-SU-2025:0751-1: important: Security update for azure-cli
SUSE-SU-2025:0753-1: moderate: Security update for tiff
SUSE-SU-2025:0754-1: important: Security update for wireshark
SUSE-SU-2025:0756-1: moderate: Security update for python
SUSE-SU-2025:0752-1: important: Security update for ovmf
SUSE-SU-2025:0755-1: moderate: Security update for u-boot
SUSE-SU-2025:0758-1: moderate: Security update for libxkbfile
SUSE-SU-2025:0741-1: important: Security update for procps
# Security update for procps
Announcement ID: SUSE-SU-2025:0741-1
Release Date: 2025-02-28T10:17:02Z
Rating: important
References:
* bsc#1214290
* bsc#1236842
Cross-References:
* CVE-2023-4016
CVSS scores:
* CVE-2023-4016 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2023-4016 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Affected Products:
* Basesystem Module 15-SP6
* openSUSE Leap 15.6
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Micro 5.1
* SUSE Linux Enterprise Micro 5.2
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Micro for Rancher 5.2
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3
An update that solves one vulnerability and has one security fix can now be
installed.
## Description:
This update for procps fixes the following issues:
* Integer overflow due to incomplete fix for CVE-2023-4016 can lead to
segmentation fault in ps command when pid argument has a leading space
(bsc#1236842, bsc#1214290).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2025-741=1
* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2025-741=1
* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2025-741=1
* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2025-741=1
* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2025-741=1
* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2025-741=1
* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-741=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-741=1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-741=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-741=1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-741=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-741=1
* SUSE Linux Enterprise Server 15 SP3 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-741=1
* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-741=1
* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-741=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-741=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-741=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-741=1
* SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-741=1
* SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-741=1
* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-741=1
* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2025-741=1
* SUSE Linux Enterprise Micro 5.1
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-741=1
* SUSE Linux Enterprise Micro 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-741=1
* SUSE Linux Enterprise Micro for Rancher 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-741=1
## Package List:
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* procps-3.3.17-150000.7.42.1
* procps-debugsource-3.3.17-150000.7.42.1
* procps-debuginfo-3.3.17-150000.7.42.1
* libprocps8-debuginfo-3.3.17-150000.7.42.1
* procps-devel-3.3.17-150000.7.42.1
* libprocps8-3.3.17-150000.7.42.1
* openSUSE Leap 15.6 (noarch)
* procps-lang-3.3.17-150000.7.42.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* procps-3.3.17-150000.7.42.1
* procps-debugsource-3.3.17-150000.7.42.1
* procps-debuginfo-3.3.17-150000.7.42.1
* libprocps8-debuginfo-3.3.17-150000.7.42.1
* libprocps8-3.3.17-150000.7.42.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* procps-3.3.17-150000.7.42.1
* procps-debugsource-3.3.17-150000.7.42.1
* procps-debuginfo-3.3.17-150000.7.42.1
* libprocps8-debuginfo-3.3.17-150000.7.42.1
* libprocps8-3.3.17-150000.7.42.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* procps-3.3.17-150000.7.42.1
* procps-debugsource-3.3.17-150000.7.42.1
* procps-debuginfo-3.3.17-150000.7.42.1
* libprocps8-debuginfo-3.3.17-150000.7.42.1
* libprocps8-3.3.17-150000.7.42.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* procps-3.3.17-150000.7.42.1
* procps-debugsource-3.3.17-150000.7.42.1
* procps-debuginfo-3.3.17-150000.7.42.1
* libprocps8-debuginfo-3.3.17-150000.7.42.1
* libprocps8-3.3.17-150000.7.42.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
* procps-3.3.17-150000.7.42.1
* procps-debugsource-3.3.17-150000.7.42.1
* procps-debuginfo-3.3.17-150000.7.42.1
* libprocps8-debuginfo-3.3.17-150000.7.42.1
* libprocps8-3.3.17-150000.7.42.1
* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* procps-3.3.17-150000.7.42.1
* procps-debugsource-3.3.17-150000.7.42.1
* procps-debuginfo-3.3.17-150000.7.42.1
* libprocps8-debuginfo-3.3.17-150000.7.42.1
* procps-devel-3.3.17-150000.7.42.1
* libprocps8-3.3.17-150000.7.42.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
x86_64)
* procps-3.3.17-150000.7.42.1
* procps-debugsource-3.3.17-150000.7.42.1
* procps-debuginfo-3.3.17-150000.7.42.1
* libprocps8-debuginfo-3.3.17-150000.7.42.1
* procps-devel-3.3.17-150000.7.42.1
* libprocps8-3.3.17-150000.7.42.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* procps-3.3.17-150000.7.42.1
* procps-debugsource-3.3.17-150000.7.42.1
* procps-debuginfo-3.3.17-150000.7.42.1
* libprocps8-debuginfo-3.3.17-150000.7.42.1
* procps-devel-3.3.17-150000.7.42.1
* libprocps8-3.3.17-150000.7.42.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* procps-3.3.17-150000.7.42.1
* procps-debugsource-3.3.17-150000.7.42.1
* procps-debuginfo-3.3.17-150000.7.42.1
* libprocps8-debuginfo-3.3.17-150000.7.42.1
* procps-devel-3.3.17-150000.7.42.1
* libprocps8-3.3.17-150000.7.42.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
x86_64)
* procps-3.3.17-150000.7.42.1
* procps-debugsource-3.3.17-150000.7.42.1
* procps-debuginfo-3.3.17-150000.7.42.1
* libprocps8-debuginfo-3.3.17-150000.7.42.1
* procps-devel-3.3.17-150000.7.42.1
* libprocps8-3.3.17-150000.7.42.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
x86_64)
* procps-3.3.17-150000.7.42.1
* procps-debugsource-3.3.17-150000.7.42.1
* procps-debuginfo-3.3.17-150000.7.42.1
* libprocps8-debuginfo-3.3.17-150000.7.42.1
* procps-devel-3.3.17-150000.7.42.1
* libprocps8-3.3.17-150000.7.42.1
* SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
* procps-3.3.17-150000.7.42.1
* procps-debugsource-3.3.17-150000.7.42.1
* procps-debuginfo-3.3.17-150000.7.42.1
* libprocps8-debuginfo-3.3.17-150000.7.42.1
* procps-devel-3.3.17-150000.7.42.1
* libprocps8-3.3.17-150000.7.42.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* procps-3.3.17-150000.7.42.1
* procps-debugsource-3.3.17-150000.7.42.1
* procps-debuginfo-3.3.17-150000.7.42.1
* libprocps8-debuginfo-3.3.17-150000.7.42.1
* procps-devel-3.3.17-150000.7.42.1
* libprocps8-3.3.17-150000.7.42.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* procps-3.3.17-150000.7.42.1
* procps-debugsource-3.3.17-150000.7.42.1
* procps-debuginfo-3.3.17-150000.7.42.1
* libprocps8-debuginfo-3.3.17-150000.7.42.1
* procps-devel-3.3.17-150000.7.42.1
* libprocps8-3.3.17-150000.7.42.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
* procps-3.3.17-150000.7.42.1
* procps-debugsource-3.3.17-150000.7.42.1
* procps-debuginfo-3.3.17-150000.7.42.1
* libprocps8-debuginfo-3.3.17-150000.7.42.1
* procps-devel-3.3.17-150000.7.42.1
* libprocps8-3.3.17-150000.7.42.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* procps-3.3.17-150000.7.42.1
* procps-debugsource-3.3.17-150000.7.42.1
* procps-debuginfo-3.3.17-150000.7.42.1
* libprocps8-debuginfo-3.3.17-150000.7.42.1
* procps-devel-3.3.17-150000.7.42.1
* libprocps8-3.3.17-150000.7.42.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* procps-3.3.17-150000.7.42.1
* procps-debugsource-3.3.17-150000.7.42.1
* procps-debuginfo-3.3.17-150000.7.42.1
* libprocps8-debuginfo-3.3.17-150000.7.42.1
* procps-devel-3.3.17-150000.7.42.1
* libprocps8-3.3.17-150000.7.42.1
* SUSE Manager Proxy 4.3 (x86_64)
* procps-3.3.17-150000.7.42.1
* procps-debugsource-3.3.17-150000.7.42.1
* procps-debuginfo-3.3.17-150000.7.42.1
* libprocps8-debuginfo-3.3.17-150000.7.42.1
* procps-devel-3.3.17-150000.7.42.1
* libprocps8-3.3.17-150000.7.42.1
* SUSE Manager Retail Branch Server 4.3 (x86_64)
* procps-3.3.17-150000.7.42.1
* procps-debugsource-3.3.17-150000.7.42.1
* procps-debuginfo-3.3.17-150000.7.42.1
* libprocps8-debuginfo-3.3.17-150000.7.42.1
* procps-devel-3.3.17-150000.7.42.1
* libprocps8-3.3.17-150000.7.42.1
* SUSE Manager Server 4.3 (ppc64le s390x x86_64)
* procps-3.3.17-150000.7.42.1
* procps-debugsource-3.3.17-150000.7.42.1
* procps-debuginfo-3.3.17-150000.7.42.1
* libprocps8-debuginfo-3.3.17-150000.7.42.1
* procps-devel-3.3.17-150000.7.42.1
* libprocps8-3.3.17-150000.7.42.1
* SUSE Enterprise Storage 7.1 (aarch64 x86_64)
* procps-3.3.17-150000.7.42.1
* procps-debugsource-3.3.17-150000.7.42.1
* procps-debuginfo-3.3.17-150000.7.42.1
* libprocps8-debuginfo-3.3.17-150000.7.42.1
* procps-devel-3.3.17-150000.7.42.1
* libprocps8-3.3.17-150000.7.42.1
* SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
* procps-3.3.17-150000.7.42.1
* procps-debugsource-3.3.17-150000.7.42.1
* procps-debuginfo-3.3.17-150000.7.42.1
* libprocps8-debuginfo-3.3.17-150000.7.42.1
* libprocps8-3.3.17-150000.7.42.1
* SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
* procps-3.3.17-150000.7.42.1
* procps-debugsource-3.3.17-150000.7.42.1
* procps-debuginfo-3.3.17-150000.7.42.1
* libprocps8-debuginfo-3.3.17-150000.7.42.1
* libprocps8-3.3.17-150000.7.42.1
* SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
* procps-3.3.17-150000.7.42.1
* procps-debugsource-3.3.17-150000.7.42.1
* procps-debuginfo-3.3.17-150000.7.42.1
* libprocps8-debuginfo-3.3.17-150000.7.42.1
* libprocps8-3.3.17-150000.7.42.1
## References:
* https://www.suse.com/security/cve/CVE-2023-4016.html
* https://bugzilla.suse.com/show_bug.cgi?id=1214290
* https://bugzilla.suse.com/show_bug.cgi?id=1236842
SUSE-SU-2025:0742-1: important: Security update for openvswitch3
# Security update for openvswitch3
Announcement ID: SUSE-SU-2025:0742-1
Release Date: 2025-02-28T10:17:43Z
Rating: important
References:
* bsc#1236353
Cross-References:
* CVE-2025-0650
CVSS scores:
* CVE-2025-0650 ( SUSE ): 9.2
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-0650 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-0650 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:
* openSUSE Leap 15.5
* openSUSE Leap 15.6
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
An update that solves one vulnerability can now be installed.
## Description:
This update for openvswitch3 fixes the following issues:
* CVE-2025-0650: Fixed egress ACLs that may be bypassed via specially crafted
UDP packet (bsc#1236353).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.5
zypper in -t patch SUSE-2025-742=1
* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2025-742=1
* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2025-742=1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-742=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-742=1
* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-742=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-742=1
## Package List:
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
* libopenvswitch-3_1-0-debuginfo-3.1.0-150500.3.22.1
* openvswitch3-ipsec-3.1.0-150500.3.22.1
* openvswitch3-test-3.1.0-150500.3.22.1
* openvswitch3-pki-3.1.0-150500.3.22.1
* libopenvswitch-3_1-0-3.1.0-150500.3.22.1
* ovn3-debuginfo-23.03.0-150500.3.22.1
* python3-ovs3-3.1.0-150500.3.22.1
* ovn3-host-23.03.0-150500.3.22.1
* ovn3-docker-23.03.0-150500.3.22.1
* openvswitch3-debugsource-3.1.0-150500.3.22.1
* ovn3-23.03.0-150500.3.22.1
* openvswitch3-devel-3.1.0-150500.3.22.1
* libovn-23_03-0-debuginfo-23.03.0-150500.3.22.1
* ovn3-central-23.03.0-150500.3.22.1
* ovn3-vtep-23.03.0-150500.3.22.1
* openvswitch3-test-debuginfo-3.1.0-150500.3.22.1
* ovn3-devel-23.03.0-150500.3.22.1
* ovn3-vtep-debuginfo-23.03.0-150500.3.22.1
* ovn3-host-debuginfo-23.03.0-150500.3.22.1
* libovn-23_03-0-23.03.0-150500.3.22.1
* ovn3-central-debuginfo-23.03.0-150500.3.22.1
* openvswitch3-vtep-3.1.0-150500.3.22.1
* openvswitch3-3.1.0-150500.3.22.1
* openvswitch3-debuginfo-3.1.0-150500.3.22.1
* openvswitch3-vtep-debuginfo-3.1.0-150500.3.22.1
* openSUSE Leap 15.5 (noarch)
* openvswitch3-doc-3.1.0-150500.3.22.1
* ovn3-doc-23.03.0-150500.3.22.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* openvswitch3-ipsec-3.1.0-150500.3.22.1
* openvswitch3-test-3.1.0-150500.3.22.1
* openvswitch3-pki-3.1.0-150500.3.22.1
* ovn3-debuginfo-23.03.0-150500.3.22.1
* python3-ovs3-3.1.0-150500.3.22.1
* ovn3-host-23.03.0-150500.3.22.1
* ovn3-docker-23.03.0-150500.3.22.1
* openvswitch3-debugsource-3.1.0-150500.3.22.1
* ovn3-23.03.0-150500.3.22.1
* openvswitch3-devel-3.1.0-150500.3.22.1
* ovn3-central-23.03.0-150500.3.22.1
* ovn3-vtep-23.03.0-150500.3.22.1
* openvswitch3-test-debuginfo-3.1.0-150500.3.22.1
* ovn3-devel-23.03.0-150500.3.22.1
* ovn3-vtep-debuginfo-23.03.0-150500.3.22.1
* ovn3-host-debuginfo-23.03.0-150500.3.22.1
* ovn3-central-debuginfo-23.03.0-150500.3.22.1
* openvswitch3-vtep-3.1.0-150500.3.22.1
* openvswitch3-3.1.0-150500.3.22.1
* openvswitch3-debuginfo-3.1.0-150500.3.22.1
* openvswitch3-vtep-debuginfo-3.1.0-150500.3.22.1
* openSUSE Leap 15.6 (noarch)
* openvswitch3-doc-3.1.0-150500.3.22.1
* ovn3-doc-23.03.0-150500.3.22.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
* ovn3-debuginfo-23.03.0-150500.3.22.1
* python3-ovs3-3.1.0-150500.3.22.1
* ovn3-vtep-23.03.0-150500.3.22.1
* openvswitch3-vtep-debuginfo-3.1.0-150500.3.22.1
* ovn3-central-debuginfo-23.03.0-150500.3.22.1
* openvswitch3-vtep-3.1.0-150500.3.22.1
* ovn3-23.03.0-150500.3.22.1
* ovn3-host-23.03.0-150500.3.22.1
* libopenvswitch-3_1-0-debuginfo-3.1.0-150500.3.22.1
* ovn3-docker-23.03.0-150500.3.22.1
* openvswitch3-debugsource-3.1.0-150500.3.22.1
* ovn3-vtep-debuginfo-23.03.0-150500.3.22.1
* openvswitch3-3.1.0-150500.3.22.1
* ovn3-host-debuginfo-23.03.0-150500.3.22.1
* openvswitch3-debuginfo-3.1.0-150500.3.22.1
* libovn-23_03-0-23.03.0-150500.3.22.1
* libovn-23_03-0-debuginfo-23.03.0-150500.3.22.1
* libopenvswitch-3_1-0-3.1.0-150500.3.22.1
* ovn3-central-23.03.0-150500.3.22.1
* openvswitch3-pki-3.1.0-150500.3.22.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
x86_64)
* libopenvswitch-3_1-0-debuginfo-3.1.0-150500.3.22.1
* openvswitch3-ipsec-3.1.0-150500.3.22.1
* openvswitch3-test-3.1.0-150500.3.22.1
* openvswitch3-pki-3.1.0-150500.3.22.1
* libopenvswitch-3_1-0-3.1.0-150500.3.22.1
* ovn3-debuginfo-23.03.0-150500.3.22.1
* python3-ovs3-3.1.0-150500.3.22.1
* ovn3-host-23.03.0-150500.3.22.1
* ovn3-docker-23.03.0-150500.3.22.1
* openvswitch3-debugsource-3.1.0-150500.3.22.1
* ovn3-23.03.0-150500.3.22.1
* openvswitch3-devel-3.1.0-150500.3.22.1
* libovn-23_03-0-debuginfo-23.03.0-150500.3.22.1
* ovn3-central-23.03.0-150500.3.22.1
* ovn3-vtep-23.03.0-150500.3.22.1
* openvswitch3-test-debuginfo-3.1.0-150500.3.22.1
* ovn3-devel-23.03.0-150500.3.22.1
* ovn3-vtep-debuginfo-23.03.0-150500.3.22.1
* ovn3-host-debuginfo-23.03.0-150500.3.22.1
* libovn-23_03-0-23.03.0-150500.3.22.1
* ovn3-central-debuginfo-23.03.0-150500.3.22.1
* openvswitch3-vtep-3.1.0-150500.3.22.1
* openvswitch3-3.1.0-150500.3.22.1
* openvswitch3-debuginfo-3.1.0-150500.3.22.1
* openvswitch3-vtep-debuginfo-3.1.0-150500.3.22.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
x86_64)
* libopenvswitch-3_1-0-debuginfo-3.1.0-150500.3.22.1
* openvswitch3-ipsec-3.1.0-150500.3.22.1
* openvswitch3-test-3.1.0-150500.3.22.1
* openvswitch3-pki-3.1.0-150500.3.22.1
* libopenvswitch-3_1-0-3.1.0-150500.3.22.1
* ovn3-debuginfo-23.03.0-150500.3.22.1
* python3-ovs3-3.1.0-150500.3.22.1
* ovn3-host-23.03.0-150500.3.22.1
* ovn3-docker-23.03.0-150500.3.22.1
* openvswitch3-debugsource-3.1.0-150500.3.22.1
* ovn3-23.03.0-150500.3.22.1
* openvswitch3-devel-3.1.0-150500.3.22.1
* libovn-23_03-0-debuginfo-23.03.0-150500.3.22.1
* ovn3-central-23.03.0-150500.3.22.1
* ovn3-vtep-23.03.0-150500.3.22.1
* openvswitch3-test-debuginfo-3.1.0-150500.3.22.1
* ovn3-devel-23.03.0-150500.3.22.1
* ovn3-vtep-debuginfo-23.03.0-150500.3.22.1
* ovn3-host-debuginfo-23.03.0-150500.3.22.1
* libovn-23_03-0-23.03.0-150500.3.22.1
* ovn3-central-debuginfo-23.03.0-150500.3.22.1
* openvswitch3-vtep-3.1.0-150500.3.22.1
* openvswitch3-3.1.0-150500.3.22.1
* openvswitch3-debuginfo-3.1.0-150500.3.22.1
* openvswitch3-vtep-debuginfo-3.1.0-150500.3.22.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* libopenvswitch-3_1-0-debuginfo-3.1.0-150500.3.22.1
* openvswitch3-ipsec-3.1.0-150500.3.22.1
* openvswitch3-test-3.1.0-150500.3.22.1
* openvswitch3-pki-3.1.0-150500.3.22.1
* libopenvswitch-3_1-0-3.1.0-150500.3.22.1
* ovn3-debuginfo-23.03.0-150500.3.22.1
* python3-ovs3-3.1.0-150500.3.22.1
* ovn3-host-23.03.0-150500.3.22.1
* ovn3-docker-23.03.0-150500.3.22.1
* openvswitch3-debugsource-3.1.0-150500.3.22.1
* ovn3-23.03.0-150500.3.22.1
* openvswitch3-devel-3.1.0-150500.3.22.1
* libovn-23_03-0-debuginfo-23.03.0-150500.3.22.1
* ovn3-central-23.03.0-150500.3.22.1
* ovn3-vtep-23.03.0-150500.3.22.1
* openvswitch3-test-debuginfo-3.1.0-150500.3.22.1
* ovn3-devel-23.03.0-150500.3.22.1
* ovn3-vtep-debuginfo-23.03.0-150500.3.22.1
* ovn3-host-debuginfo-23.03.0-150500.3.22.1
* libovn-23_03-0-23.03.0-150500.3.22.1
* ovn3-central-debuginfo-23.03.0-150500.3.22.1
* openvswitch3-vtep-3.1.0-150500.3.22.1
* openvswitch3-3.1.0-150500.3.22.1
* openvswitch3-debuginfo-3.1.0-150500.3.22.1
* openvswitch3-vtep-debuginfo-3.1.0-150500.3.22.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* libopenvswitch-3_1-0-debuginfo-3.1.0-150500.3.22.1
* openvswitch3-ipsec-3.1.0-150500.3.22.1
* openvswitch3-test-3.1.0-150500.3.22.1
* openvswitch3-pki-3.1.0-150500.3.22.1
* libopenvswitch-3_1-0-3.1.0-150500.3.22.1
* ovn3-debuginfo-23.03.0-150500.3.22.1
* python3-ovs3-3.1.0-150500.3.22.1
* ovn3-host-23.03.0-150500.3.22.1
* ovn3-docker-23.03.0-150500.3.22.1
* openvswitch3-debugsource-3.1.0-150500.3.22.1
* ovn3-23.03.0-150500.3.22.1
* openvswitch3-devel-3.1.0-150500.3.22.1
* libovn-23_03-0-debuginfo-23.03.0-150500.3.22.1
* ovn3-central-23.03.0-150500.3.22.1
* ovn3-vtep-23.03.0-150500.3.22.1
* openvswitch3-test-debuginfo-3.1.0-150500.3.22.1
* ovn3-devel-23.03.0-150500.3.22.1
* ovn3-vtep-debuginfo-23.03.0-150500.3.22.1
* ovn3-host-debuginfo-23.03.0-150500.3.22.1
* libovn-23_03-0-23.03.0-150500.3.22.1
* ovn3-central-debuginfo-23.03.0-150500.3.22.1
* openvswitch3-vtep-3.1.0-150500.3.22.1
* openvswitch3-3.1.0-150500.3.22.1
* openvswitch3-debuginfo-3.1.0-150500.3.22.1
* openvswitch3-vtep-debuginfo-3.1.0-150500.3.22.1
## References:
* https://www.suse.com/security/cve/CVE-2025-0650.html
* https://bugzilla.suse.com/show_bug.cgi?id=1236353
SUSE-SU-2025:0737-1: important: Security update for postgresql13
# Security update for postgresql13
Announcement ID: SUSE-SU-2025:0737-1
Release Date: 2025-02-28T09:56:56Z
Rating: important
References:
* bsc#1237093
Cross-References:
* CVE-2025-1094
CVSS scores:
* CVE-2025-1094 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-1094 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-1094 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:
* openSUSE Leap 15.6
An update that solves one vulnerability can now be installed.
## Description:
This update for postgresql13 fixes the following issues:
Upgrade to 13.20:
* CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-
encoded input strings (bsc#1237093).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2025-737=1 SUSE-2025-737=1
## Package List:
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* postgresql13-plpython-13.20-150600.14.5.2
* postgresql13-llvmjit-devel-13.20-150600.14.5.2
* postgresql13-debugsource-13.20-150600.14.5.2
* postgresql13-pltcl-13.20-150600.14.5.2
* postgresql13-server-devel-debuginfo-13.20-150600.14.5.2
* postgresql13-pltcl-debuginfo-13.20-150600.14.5.2
* postgresql13-server-13.20-150600.14.5.2
* postgresql13-test-13.20-150600.14.5.2
* postgresql13-13.20-150600.14.5.2
* postgresql13-devel-13.20-150600.14.5.2
* postgresql13-contrib-debuginfo-13.20-150600.14.5.2
* postgresql13-server-devel-13.20-150600.14.5.2
* postgresql13-llvmjit-debuginfo-13.20-150600.14.5.2
* postgresql13-server-debuginfo-13.20-150600.14.5.2
* postgresql13-plperl-13.20-150600.14.5.2
* postgresql13-contrib-13.20-150600.14.5.2
* postgresql13-plperl-debuginfo-13.20-150600.14.5.2
* postgresql13-llvmjit-13.20-150600.14.5.2
* postgresql13-devel-debuginfo-13.20-150600.14.5.2
* postgresql13-debuginfo-13.20-150600.14.5.2
* postgresql13-plpython-debuginfo-13.20-150600.14.5.2
* openSUSE Leap 15.6 (noarch)
* postgresql13-docs-13.20-150600.14.5.2
## References:
* https://www.suse.com/security/cve/CVE-2025-1094.html
* https://bugzilla.suse.com/show_bug.cgi?id=1237093
SUSE-SU-2025:0739-1: moderate: Security update for libX11
# Security update for libX11
Announcement ID: SUSE-SU-2025:0739-1
Release Date: 2025-02-28T10:09:50Z
Rating: moderate
References:
* bsc#1237431
Cross-References:
* CVE-2025-26597
CVSS scores:
* CVE-2025-26597 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2025-26597 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
* CVE-2025-26597 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
* Basesystem Module 15-SP6
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
An update that solves one vulnerability can now be installed.
## Description:
This update for libX11 fixes the following issues:
* CVE-2025-26597: improper resizing of key actions when nGroups is 0 can lead
to buffer overflows in XkbChangeTypesOfKey() (bsc#1237431).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.6
zypper in -t patch SUSE-2025-739=1 openSUSE-SLE-15.6-2025-739=1
* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-739=1
## Package List:
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* libX11-xcb1-1.8.7-150600.3.3.1
* libX11-xcb1-debuginfo-1.8.7-150600.3.3.1
* libX11-debugsource-1.8.7-150600.3.3.1
* libX11-6-1.8.7-150600.3.3.1
* libX11-devel-1.8.7-150600.3.3.1
* libX11-6-debuginfo-1.8.7-150600.3.3.1
* openSUSE Leap 15.6 (x86_64)
* libX11-6-32bit-debuginfo-1.8.7-150600.3.3.1
* libX11-xcb1-32bit-1.8.7-150600.3.3.1
* libX11-devel-32bit-1.8.7-150600.3.3.1
* libX11-6-32bit-1.8.7-150600.3.3.1
* libX11-xcb1-32bit-debuginfo-1.8.7-150600.3.3.1
* openSUSE Leap 15.6 (noarch)
* libX11-data-1.8.7-150600.3.3.1
* openSUSE Leap 15.6 (aarch64_ilp32)
* libX11-6-64bit-1.8.7-150600.3.3.1
* libX11-6-64bit-debuginfo-1.8.7-150600.3.3.1
* libX11-devel-64bit-1.8.7-150600.3.3.1
* libX11-xcb1-64bit-1.8.7-150600.3.3.1
* libX11-xcb1-64bit-debuginfo-1.8.7-150600.3.3.1
* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* libX11-xcb1-1.8.7-150600.3.3.1
* libX11-xcb1-debuginfo-1.8.7-150600.3.3.1
* libX11-debugsource-1.8.7-150600.3.3.1
* libX11-6-1.8.7-150600.3.3.1
* libX11-devel-1.8.7-150600.3.3.1
* libX11-6-debuginfo-1.8.7-150600.3.3.1
* Basesystem Module 15-SP6 (noarch)
* libX11-data-1.8.7-150600.3.3.1
* Basesystem Module 15-SP6 (x86_64)
* libX11-6-32bit-1.8.7-150600.3.3.1
* libX11-xcb1-32bit-1.8.7-150600.3.3.1
* libX11-xcb1-32bit-debuginfo-1.8.7-150600.3.3.1
* libX11-6-32bit-debuginfo-1.8.7-150600.3.3.1
## References:
* https://www.suse.com/security/cve/CVE-2025-26597.html
* https://bugzilla.suse.com/show_bug.cgi?id=1237431
openSUSE-SU-2025:14845-1: moderate: python311-jupyter-server-2.14.2-3.1 on GA media
# python311-jupyter-server-2.14.2-3.1 on GA media
Announcement ID: openSUSE-SU-2025:14845-1
Rating: moderate
Cross-References:
* CVE-2022-29241
Affected Products:
* openSUSE Tumbleweed
An update that solves one vulnerability can now be installed.
## Description:
These are all security issues fixed in the python311-jupyter-server-2.14.2-3.1 package on the GA media of openSUSE Tumbleweed.
## Package List:
* openSUSE Tumbleweed:
* python311-jupyter-server 2.14.2-3.1
* python311-jupyter-server-test 2.14.2-3.1
* python312-jupyter-server 2.14.2-3.1
* python312-jupyter-server-test 2.14.2-3.1
* python313-jupyter-server 2.14.2-3.1
* python313-jupyter-server-test 2.14.2-3.1
## References:
* https://www.suse.com/security/cve/CVE-2022-29241.html
openSUSE-SU-2025:14843-1: moderate: govulncheck-vulndb-0.0.20250226T025151-1.1 on GA media
# govulncheck-vulndb-0.0.20250226T025151-1.1 on GA media
Announcement ID: openSUSE-SU-2025:14843-1
Rating: moderate
Cross-References:
* CVE-2025-22868
* CVE-2025-22869
Affected Products:
* openSUSE Tumbleweed
An update that solves 2 vulnerabilities can now be installed.
## Description:
These are all security issues fixed in the govulncheck-vulndb-0.0.20250226T025151-1.1 package on the GA media of openSUSE Tumbleweed.
## Package List:
* openSUSE Tumbleweed:
* govulncheck-vulndb 0.0.20250226T025151-1.1
## References:
* https://www.suse.com/security/cve/CVE-2025-22868.html
* https://www.suse.com/security/cve/CVE-2025-22869.html
openSUSE-SU-2025:14844-1: moderate: bsdtar-3.7.7-2.1 on GA media
# bsdtar-3.7.7-2.1 on GA media
Announcement ID: openSUSE-SU-2025:14844-1
Rating: moderate
Cross-References:
* CVE-2024-57970
CVSS scores:
* CVE-2024-57970 ( SUSE ): 4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-57970 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
Affected Products:
* openSUSE Tumbleweed
An update that solves one vulnerability can now be installed.
## Description:
These are all security issues fixed in the bsdtar-3.7.7-2.1 package on the GA media of openSUSE Tumbleweed.
## Package List:
* openSUSE Tumbleweed:
* bsdtar 3.7.7-2.1
* libarchive-devel 3.7.7-2.1
* libarchive13 3.7.7-2.1
* libarchive13-32bit 3.7.7-2.1
## References:
* https://www.suse.com/security/cve/CVE-2024-57970.html
SUSE-SU-2025:0746-1: important: Security update for libxml2
# Security update for libxml2
Announcement ID: SUSE-SU-2025:0746-1
Release Date: 2025-02-28T16:10:45Z
Rating: important
References:
* bsc#1237363
* bsc#1237370
* bsc#1237418
Cross-References:
* CVE-2024-56171
* CVE-2025-24928
* CVE-2025-27113
CVSS scores:
* CVE-2024-56171 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-56171 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2024-56171 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
* CVE-2025-24928 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N
* CVE-2025-24928 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L
* CVE-2025-24928 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
* CVE-2025-27113 ( SUSE ): 5.1
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-27113 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-27113 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-27113 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
* Basesystem Module 15-SP6
* openSUSE Leap 15.5
* openSUSE Leap 15.6
* Python 3 Module 15-SP6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
An update that solves three vulnerabilities can now be installed.
## Description:
This update for libxml2 fixes the following issues:
* CVE-2024-56171: use-after-free in xmlSchemaIDCFillNodeTables and
xmlSchemaBubbleIDCNodeTables in xmlschemas.c (bsc#1237363).
* CVE-2025-24928: stack-based buffer overflow in xmlSnprintfElements in
valid.c (bsc#1237370).
* CVE-2025-27113: NULL pointer dereference in xmlPatMatch in pattern.c
(bsc#1237418).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.5
zypper in -t patch SUSE-2025-746=1
* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2025-746=1
* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2025-746=1
* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-746=1
* Python 3 Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2025-746=1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-746=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-746=1
* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-746=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-746=1
## Package List:
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
* libxml2-tools-2.10.3-150500.5.23.1
* libxml2-tools-debuginfo-2.10.3-150500.5.23.1
* libxml2-2-debuginfo-2.10.3-150500.5.23.1
* libxml2-debugsource-2.10.3-150500.5.23.1
* libxml2-2-2.10.3-150500.5.23.1
* python3-libxml2-debuginfo-2.10.3-150500.5.23.1
* libxml2-python-debugsource-2.10.3-150500.5.23.1
* python3-libxml2-2.10.3-150500.5.23.1
* libxml2-devel-2.10.3-150500.5.23.1
* python311-libxml2-debuginfo-2.10.3-150500.5.23.1
* python311-libxml2-2.10.3-150500.5.23.1
* openSUSE Leap 15.5 (x86_64)
* libxml2-devel-32bit-2.10.3-150500.5.23.1
* libxml2-2-32bit-2.10.3-150500.5.23.1
* libxml2-2-32bit-debuginfo-2.10.3-150500.5.23.1
* openSUSE Leap 15.5 (noarch)
* libxml2-doc-2.10.3-150500.5.23.1
* openSUSE Leap 15.5 (aarch64_ilp32)
* libxml2-2-64bit-debuginfo-2.10.3-150500.5.23.1
* libxml2-2-64bit-2.10.3-150500.5.23.1
* libxml2-devel-64bit-2.10.3-150500.5.23.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* libxml2-tools-2.10.3-150500.5.23.1
* libxml2-tools-debuginfo-2.10.3-150500.5.23.1
* libxml2-2-debuginfo-2.10.3-150500.5.23.1
* libxml2-debugsource-2.10.3-150500.5.23.1
* libxml2-2-2.10.3-150500.5.23.1
* python3-libxml2-debuginfo-2.10.3-150500.5.23.1
* libxml2-python-debugsource-2.10.3-150500.5.23.1
* python3-libxml2-2.10.3-150500.5.23.1
* libxml2-devel-2.10.3-150500.5.23.1
* python311-libxml2-debuginfo-2.10.3-150500.5.23.1
* python311-libxml2-2.10.3-150500.5.23.1
* openSUSE Leap 15.6 (x86_64)
* libxml2-devel-32bit-2.10.3-150500.5.23.1
* libxml2-2-32bit-2.10.3-150500.5.23.1
* libxml2-2-32bit-debuginfo-2.10.3-150500.5.23.1
* openSUSE Leap 15.6 (noarch)
* libxml2-doc-2.10.3-150500.5.23.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
* libxml2-tools-2.10.3-150500.5.23.1
* libxml2-tools-debuginfo-2.10.3-150500.5.23.1
* libxml2-2-debuginfo-2.10.3-150500.5.23.1
* libxml2-debugsource-2.10.3-150500.5.23.1
* libxml2-2-2.10.3-150500.5.23.1
* python3-libxml2-debuginfo-2.10.3-150500.5.23.1
* libxml2-python-debugsource-2.10.3-150500.5.23.1
* python3-libxml2-2.10.3-150500.5.23.1
* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* libxml2-tools-2.10.3-150500.5.23.1
* libxml2-tools-debuginfo-2.10.3-150500.5.23.1
* libxml2-2-debuginfo-2.10.3-150500.5.23.1
* libxml2-debugsource-2.10.3-150500.5.23.1
* libxml2-2-2.10.3-150500.5.23.1
* python3-libxml2-debuginfo-2.10.3-150500.5.23.1
* libxml2-python-debugsource-2.10.3-150500.5.23.1
* python3-libxml2-2.10.3-150500.5.23.1
* libxml2-devel-2.10.3-150500.5.23.1
* Basesystem Module 15-SP6 (x86_64)
* libxml2-2-32bit-2.10.3-150500.5.23.1
* libxml2-2-32bit-debuginfo-2.10.3-150500.5.23.1
* Python 3 Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* libxml2-python-debugsource-2.10.3-150500.5.23.1
* python311-libxml2-debuginfo-2.10.3-150500.5.23.1
* python311-libxml2-2.10.3-150500.5.23.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
x86_64)
* libxml2-tools-2.10.3-150500.5.23.1
* libxml2-tools-debuginfo-2.10.3-150500.5.23.1
* libxml2-2-debuginfo-2.10.3-150500.5.23.1
* libxml2-debugsource-2.10.3-150500.5.23.1
* libxml2-2-2.10.3-150500.5.23.1
* python3-libxml2-debuginfo-2.10.3-150500.5.23.1
* libxml2-python-debugsource-2.10.3-150500.5.23.1
* python3-libxml2-2.10.3-150500.5.23.1
* libxml2-devel-2.10.3-150500.5.23.1
* python311-libxml2-debuginfo-2.10.3-150500.5.23.1
* python311-libxml2-2.10.3-150500.5.23.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64)
* libxml2-2-32bit-2.10.3-150500.5.23.1
* libxml2-2-32bit-debuginfo-2.10.3-150500.5.23.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
x86_64)
* libxml2-tools-2.10.3-150500.5.23.1
* libxml2-tools-debuginfo-2.10.3-150500.5.23.1
* libxml2-2-debuginfo-2.10.3-150500.5.23.1
* libxml2-debugsource-2.10.3-150500.5.23.1
* libxml2-2-2.10.3-150500.5.23.1
* python3-libxml2-debuginfo-2.10.3-150500.5.23.1
* libxml2-python-debugsource-2.10.3-150500.5.23.1
* python3-libxml2-2.10.3-150500.5.23.1
* libxml2-devel-2.10.3-150500.5.23.1
* python311-libxml2-debuginfo-2.10.3-150500.5.23.1
* python311-libxml2-2.10.3-150500.5.23.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64)
* libxml2-2-32bit-2.10.3-150500.5.23.1
* libxml2-2-32bit-debuginfo-2.10.3-150500.5.23.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* libxml2-tools-2.10.3-150500.5.23.1
* libxml2-tools-debuginfo-2.10.3-150500.5.23.1
* libxml2-2-debuginfo-2.10.3-150500.5.23.1
* libxml2-debugsource-2.10.3-150500.5.23.1
* libxml2-2-2.10.3-150500.5.23.1
* python3-libxml2-debuginfo-2.10.3-150500.5.23.1
* libxml2-python-debugsource-2.10.3-150500.5.23.1
* python3-libxml2-2.10.3-150500.5.23.1
* libxml2-devel-2.10.3-150500.5.23.1
* python311-libxml2-debuginfo-2.10.3-150500.5.23.1
* python311-libxml2-2.10.3-150500.5.23.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64)
* libxml2-2-32bit-2.10.3-150500.5.23.1
* libxml2-2-32bit-debuginfo-2.10.3-150500.5.23.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* libxml2-tools-2.10.3-150500.5.23.1
* libxml2-tools-debuginfo-2.10.3-150500.5.23.1
* libxml2-2-debuginfo-2.10.3-150500.5.23.1
* libxml2-debugsource-2.10.3-150500.5.23.1
* libxml2-2-2.10.3-150500.5.23.1
* python3-libxml2-debuginfo-2.10.3-150500.5.23.1
* libxml2-python-debugsource-2.10.3-150500.5.23.1
* python3-libxml2-2.10.3-150500.5.23.1
* libxml2-devel-2.10.3-150500.5.23.1
* python311-libxml2-debuginfo-2.10.3-150500.5.23.1
* python311-libxml2-2.10.3-150500.5.23.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64)
* libxml2-2-32bit-2.10.3-150500.5.23.1
* libxml2-2-32bit-debuginfo-2.10.3-150500.5.23.1
## References:
* https://www.suse.com/security/cve/CVE-2024-56171.html
* https://www.suse.com/security/cve/CVE-2025-24928.html
* https://www.suse.com/security/cve/CVE-2025-27113.html
* https://bugzilla.suse.com/show_bug.cgi?id=1237363
* https://bugzilla.suse.com/show_bug.cgi?id=1237370
* https://bugzilla.suse.com/show_bug.cgi?id=1237418
SUSE-SU-2025:0748-1: important: Security update for libxml2
# Security update for libxml2
Announcement ID: SUSE-SU-2025:0748-1
Release Date: 2025-02-28T16:14:28Z
Rating: important
References:
* bsc#1237363
* bsc#1237370
* bsc#1237418
Cross-References:
* CVE-2024-56171
* CVE-2025-24928
* CVE-2025-27113
CVSS scores:
* CVE-2024-56171 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-56171 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2024-56171 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
* CVE-2025-24928 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N
* CVE-2025-24928 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L
* CVE-2025-24928 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
* CVE-2025-27113 ( SUSE ): 5.1
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-27113 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-27113 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-27113 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
* openSUSE Leap 15.4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3
An update that solves three vulnerabilities can now be installed.
## Description:
This update for libxml2 fixes the following issues:
* CVE-2024-56171: use-after-free in xmlSchemaIDCFillNodeTables and
xmlSchemaBubbleIDCNodeTables in xmlschemas.c (bsc#1237363).
* CVE-2025-24928: stack-based buffer overflow in xmlSnprintfElements in
valid.c (bsc#1237370).
* CVE-2025-27113: NULL pointer dereference in xmlPatMatch in pattern.c
(bsc#1237418).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2025-748=1
* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2025-748=1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-748=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-748=1
* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-748=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-748=1
* SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-748=1
* SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-748=1
* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-748=1
* openSUSE Leap 15.4
zypper in -t patch SUSE-2025-748=1
* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2025-748=1
* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2025-748=1
## Package List:
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* libxml2-2-2.9.14-150400.5.38.1
* libxml2-tools-debuginfo-2.9.14-150400.5.38.1
* python3-libxml2-2.9.14-150400.5.38.1
* libxml2-python-debugsource-2.9.14-150400.5.38.1
* libxml2-debugsource-2.9.14-150400.5.38.1
* libxml2-tools-2.9.14-150400.5.38.1
* libxml2-2-debuginfo-2.9.14-150400.5.38.1
* python3-libxml2-debuginfo-2.9.14-150400.5.38.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* libxml2-2-2.9.14-150400.5.38.1
* libxml2-tools-debuginfo-2.9.14-150400.5.38.1
* python3-libxml2-2.9.14-150400.5.38.1
* libxml2-python-debugsource-2.9.14-150400.5.38.1
* libxml2-debugsource-2.9.14-150400.5.38.1
* libxml2-tools-2.9.14-150400.5.38.1
* libxml2-2-debuginfo-2.9.14-150400.5.38.1
* python3-libxml2-debuginfo-2.9.14-150400.5.38.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* libxml2-2-2.9.14-150400.5.38.1
* libxml2-tools-debuginfo-2.9.14-150400.5.38.1
* python3-libxml2-2.9.14-150400.5.38.1
* python311-libxml2-2.9.14-150400.5.38.1
* libxml2-devel-2.9.14-150400.5.38.1
* python311-libxml2-debuginfo-2.9.14-150400.5.38.1
* libxml2-debugsource-2.9.14-150400.5.38.1
* libxml2-tools-2.9.14-150400.5.38.1
* libxml2-2-debuginfo-2.9.14-150400.5.38.1
* python3-libxml2-debuginfo-2.9.14-150400.5.38.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64)
* libxml2-2-32bit-debuginfo-2.9.14-150400.5.38.1
* libxml2-2-32bit-2.9.14-150400.5.38.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* libxml2-2-2.9.14-150400.5.38.1
* libxml2-tools-debuginfo-2.9.14-150400.5.38.1
* python3-libxml2-2.9.14-150400.5.38.1
* python311-libxml2-2.9.14-150400.5.38.1
* libxml2-devel-2.9.14-150400.5.38.1
* python311-libxml2-debuginfo-2.9.14-150400.5.38.1
* libxml2-debugsource-2.9.14-150400.5.38.1
* libxml2-tools-2.9.14-150400.5.38.1
* libxml2-2-debuginfo-2.9.14-150400.5.38.1
* python3-libxml2-debuginfo-2.9.14-150400.5.38.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64)
* libxml2-2-32bit-debuginfo-2.9.14-150400.5.38.1
* libxml2-2-32bit-2.9.14-150400.5.38.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* libxml2-2-2.9.14-150400.5.38.1
* libxml2-tools-debuginfo-2.9.14-150400.5.38.1
* python3-libxml2-2.9.14-150400.5.38.1
* python311-libxml2-2.9.14-150400.5.38.1
* libxml2-devel-2.9.14-150400.5.38.1
* python311-libxml2-debuginfo-2.9.14-150400.5.38.1
* libxml2-debugsource-2.9.14-150400.5.38.1
* libxml2-tools-2.9.14-150400.5.38.1
* libxml2-2-debuginfo-2.9.14-150400.5.38.1
* python3-libxml2-debuginfo-2.9.14-150400.5.38.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64)
* libxml2-2-32bit-debuginfo-2.9.14-150400.5.38.1
* libxml2-2-32bit-2.9.14-150400.5.38.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* libxml2-2-2.9.14-150400.5.38.1
* libxml2-tools-debuginfo-2.9.14-150400.5.38.1
* python3-libxml2-2.9.14-150400.5.38.1
* python311-libxml2-2.9.14-150400.5.38.1
* libxml2-devel-2.9.14-150400.5.38.1
* python311-libxml2-debuginfo-2.9.14-150400.5.38.1
* libxml2-debugsource-2.9.14-150400.5.38.1
* libxml2-tools-2.9.14-150400.5.38.1
* libxml2-2-debuginfo-2.9.14-150400.5.38.1
* python3-libxml2-debuginfo-2.9.14-150400.5.38.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
* libxml2-2-32bit-debuginfo-2.9.14-150400.5.38.1
* libxml2-2-32bit-2.9.14-150400.5.38.1
* SUSE Manager Proxy 4.3 (x86_64)
* libxml2-2-32bit-debuginfo-2.9.14-150400.5.38.1
* libxml2-2-2.9.14-150400.5.38.1
* libxml2-2-32bit-2.9.14-150400.5.38.1
* libxml2-tools-debuginfo-2.9.14-150400.5.38.1
* python3-libxml2-2.9.14-150400.5.38.1
* libxml2-devel-2.9.14-150400.5.38.1
* libxml2-debugsource-2.9.14-150400.5.38.1
* libxml2-tools-2.9.14-150400.5.38.1
* libxml2-2-debuginfo-2.9.14-150400.5.38.1
* python3-libxml2-debuginfo-2.9.14-150400.5.38.1
* SUSE Manager Retail Branch Server 4.3 (x86_64)
* libxml2-2-32bit-debuginfo-2.9.14-150400.5.38.1
* libxml2-2-2.9.14-150400.5.38.1
* libxml2-2-32bit-2.9.14-150400.5.38.1
* libxml2-tools-debuginfo-2.9.14-150400.5.38.1
* python3-libxml2-2.9.14-150400.5.38.1
* libxml2-devel-2.9.14-150400.5.38.1
* libxml2-debugsource-2.9.14-150400.5.38.1
* libxml2-tools-2.9.14-150400.5.38.1
* libxml2-2-debuginfo-2.9.14-150400.5.38.1
* python3-libxml2-debuginfo-2.9.14-150400.5.38.1
* SUSE Manager Server 4.3 (ppc64le s390x x86_64)
* libxml2-2-2.9.14-150400.5.38.1
* libxml2-tools-debuginfo-2.9.14-150400.5.38.1
* python3-libxml2-2.9.14-150400.5.38.1
* libxml2-devel-2.9.14-150400.5.38.1
* libxml2-debugsource-2.9.14-150400.5.38.1
* libxml2-tools-2.9.14-150400.5.38.1
* libxml2-2-debuginfo-2.9.14-150400.5.38.1
* python3-libxml2-debuginfo-2.9.14-150400.5.38.1
* SUSE Manager Server 4.3 (x86_64)
* libxml2-2-32bit-debuginfo-2.9.14-150400.5.38.1
* libxml2-2-32bit-2.9.14-150400.5.38.1
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* libxml2-2-2.9.14-150400.5.38.1
* libxml2-tools-debuginfo-2.9.14-150400.5.38.1
* python3-libxml2-2.9.14-150400.5.38.1
* python311-libxml2-2.9.14-150400.5.38.1
* libxml2-devel-2.9.14-150400.5.38.1
* libxml2-python-debugsource-2.9.14-150400.5.38.1
* python311-libxml2-debuginfo-2.9.14-150400.5.38.1
* libxml2-debugsource-2.9.14-150400.5.38.1
* libxml2-tools-2.9.14-150400.5.38.1
* libxml2-2-debuginfo-2.9.14-150400.5.38.1
* python3-libxml2-debuginfo-2.9.14-150400.5.38.1
* openSUSE Leap 15.4 (x86_64)
* libxml2-2-32bit-debuginfo-2.9.14-150400.5.38.1
* libxml2-devel-32bit-2.9.14-150400.5.38.1
* libxml2-2-32bit-2.9.14-150400.5.38.1
* openSUSE Leap 15.4 (noarch)
* libxml2-doc-2.9.14-150400.5.38.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* libxml2-2-64bit-debuginfo-2.9.14-150400.5.38.1
* libxml2-devel-64bit-2.9.14-150400.5.38.1
* libxml2-2-64bit-2.9.14-150400.5.38.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* libxml2-2-2.9.14-150400.5.38.1
* libxml2-tools-debuginfo-2.9.14-150400.5.38.1
* python3-libxml2-2.9.14-150400.5.38.1
* libxml2-python-debugsource-2.9.14-150400.5.38.1
* libxml2-debugsource-2.9.14-150400.5.38.1
* libxml2-tools-2.9.14-150400.5.38.1
* libxml2-2-debuginfo-2.9.14-150400.5.38.1
* python3-libxml2-debuginfo-2.9.14-150400.5.38.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* libxml2-2-2.9.14-150400.5.38.1
* libxml2-tools-debuginfo-2.9.14-150400.5.38.1
* python3-libxml2-2.9.14-150400.5.38.1
* libxml2-python-debugsource-2.9.14-150400.5.38.1
* libxml2-debugsource-2.9.14-150400.5.38.1
* libxml2-tools-2.9.14-150400.5.38.1
* libxml2-2-debuginfo-2.9.14-150400.5.38.1
* python3-libxml2-debuginfo-2.9.14-150400.5.38.1
## References:
* https://www.suse.com/security/cve/CVE-2024-56171.html
* https://www.suse.com/security/cve/CVE-2025-24928.html
* https://www.suse.com/security/cve/CVE-2025-27113.html
* https://bugzilla.suse.com/show_bug.cgi?id=1237363
* https://bugzilla.suse.com/show_bug.cgi?id=1237370
* https://bugzilla.suse.com/show_bug.cgi?id=1237418
SUSE-SU-2025:0750-1: moderate: Security update for python-azure-identity
# Security update for python-azure-identity
Announcement ID: SUSE-SU-2025:0750-1
Release Date: 2025-02-28T16:25:48Z
Rating: moderate
References:
* bsc#1230100
Cross-References:
* CVE-2024-35255
CVSS scores:
* CVE-2024-35255 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2024-35255 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Affected Products:
* openSUSE Leap 15.6
* Public Cloud Module 15-SP3
* Public Cloud Module 15-SP4
* Public Cloud Module 15-SP5
* Public Cloud Module 15-SP6
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Manager Proxy 4.2
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.2
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.2
* SUSE Manager Server 4.3
An update that solves one vulnerability can now be installed.
## Description:
This update for python-azure-identity fixes the following issues:
* CVE-2024-35255: race condition leading to privilege escalation and
unauthorized access to sensitive information in Azure Identity libraries
(bsc#1230100).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2025-750=1
* Public Cloud Module 15-SP3
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2025-750=1
* Public Cloud Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2025-750=1
* Public Cloud Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2025-750=1
* Public Cloud Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2025-750=1
## Package List:
* openSUSE Leap 15.6 (noarch)
* python3-azure-identity-1.10.0.0-150200.6.7.1
* Public Cloud Module 15-SP3 (noarch)
* python3-azure-identity-1.10.0.0-150200.6.7.1
* Public Cloud Module 15-SP4 (noarch)
* python3-azure-identity-1.10.0.0-150200.6.7.1
* Public Cloud Module 15-SP5 (noarch)
* python3-azure-identity-1.10.0.0-150200.6.7.1
* Public Cloud Module 15-SP6 (noarch)
* python3-azure-identity-1.10.0.0-150200.6.7.1
## References:
* https://www.suse.com/security/cve/CVE-2024-35255.html
* https://bugzilla.suse.com/show_bug.cgi?id=1230100
SUSE-SU-2025:0751-1: important: Security update for azure-cli
# Security update for azure-cli
Announcement ID: SUSE-SU-2025:0751-1
Release Date: 2025-02-28T16:26:27Z
Rating: important
References:
* bsc#1231971
Cross-References:
* CVE-2024-43591
CVSS scores:
* CVE-2024-43591 ( SUSE ): 8.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H
* CVE-2024-43591 ( NVD ): 8.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H
* CVE-2024-43591 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Affected Products:
* openSUSE Leap 15.4
* openSUSE Leap 15.6
* Public Cloud Module 15-SP4
* Public Cloud Module 15-SP5
* Public Cloud Module 15-SP6
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3
An update that solves one vulnerability can now be installed.
## Description:
This update for azure-cli fixes the following issues:
* CVE-2024-43591: improper neutralization of special elements could allow
users to run Azure CLI commands that result in certain service management
operations being performed with System level permissions in Azure Defender
for Cloud (bsc#1231971).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.4
zypper in -t patch SUSE-2025-751=1
* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2025-751=1
* Public Cloud Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2025-751=1
* Public Cloud Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2025-751=1
* Public Cloud Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2025-751=1
## Package List:
* openSUSE Leap 15.4 (noarch)
* azure-cli-2.58.0-150400.14.12.1
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* azure-cli-test-2.58.0-150400.14.12.1
* openSUSE Leap 15.6 (noarch)
* azure-cli-2.58.0-150400.14.12.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* azure-cli-test-2.58.0-150400.14.12.1
* Public Cloud Module 15-SP4 (noarch)
* azure-cli-2.58.0-150400.14.12.1
* Public Cloud Module 15-SP5 (noarch)
* azure-cli-2.58.0-150400.14.12.1
* Public Cloud Module 15-SP6 (noarch)
* azure-cli-2.58.0-150400.14.12.1
* Public Cloud Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* azure-cli-test-2.58.0-150400.14.12.1
## References:
* https://www.suse.com/security/cve/CVE-2024-43591.html
* https://bugzilla.suse.com/show_bug.cgi?id=1231971
SUSE-SU-2025:0753-1: moderate: Security update for tiff
# Security update for tiff
Announcement ID: SUSE-SU-2025:0753-1
Release Date: 2025-02-28T16:30:46Z
Rating: moderate
References:
* bsc#1212607
* bsc#1219213
* bsc#1236834
Cross-References:
* CVE-2023-25435
* CVE-2023-52356
CVSS scores:
* CVE-2023-25435 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L
* CVE-2023-25435 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2023-25435 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2023-52356 ( SUSE ): 5.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
* CVE-2023-52356 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52356 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
* Basesystem Module 15-SP6
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Package Hub 15 15-SP6
An update that solves two vulnerabilities and has one security fix can now be
installed.
## Description:
This update for tiff fixes the following issues:
* CVE-2023-25435: Heap-buffer-overflow in extractContigSamplesShifted8bits()
in tiffcrop.c (bsc#1212607).
* CVE-2023-52356: Segment fault in libtiff in TIFFReadRGBATileExt() leading to
denial of service (bsc#1219213).
Other bugfixes:
* Fixed tiff build issue on s390x as test 12 test_directory fails
(bsc#1236834).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* SUSE Package Hub 15 15-SP6
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-753=1
* openSUSE Leap 15.6
zypper in -t patch SUSE-2025-753=1 openSUSE-SLE-15.6-2025-753=1
* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-753=1
## Package List:
* SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64)
* tiff-debugsource-4.7.0-150600.3.8.1
* tiff-4.7.0-150600.3.8.1
* tiff-debuginfo-4.7.0-150600.3.8.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* tiff-4.7.0-150600.3.8.1
* tiff-debuginfo-4.7.0-150600.3.8.1
* libtiff6-4.7.0-150600.3.8.1
* libtiff6-debuginfo-4.7.0-150600.3.8.1
* libtiff-devel-4.7.0-150600.3.8.1
* tiff-debugsource-4.7.0-150600.3.8.1
* openSUSE Leap 15.6 (noarch)
* tiff-docs-4.7.0-150600.3.8.1
* libtiff-devel-docs-4.7.0-150600.3.8.1
* openSUSE Leap 15.6 (x86_64)
* libtiff6-32bit-debuginfo-4.7.0-150600.3.8.1
* libtiff-devel-32bit-4.7.0-150600.3.8.1
* libtiff6-32bit-4.7.0-150600.3.8.1
* openSUSE Leap 15.6 (aarch64_ilp32)
* libtiff6-64bit-debuginfo-4.7.0-150600.3.8.1
* libtiff6-64bit-4.7.0-150600.3.8.1
* libtiff-devel-64bit-4.7.0-150600.3.8.1
* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* tiff-debuginfo-4.7.0-150600.3.8.1
* libtiff6-4.7.0-150600.3.8.1
* libtiff6-debuginfo-4.7.0-150600.3.8.1
* libtiff-devel-4.7.0-150600.3.8.1
* tiff-debugsource-4.7.0-150600.3.8.1
* Basesystem Module 15-SP6 (x86_64)
* libtiff6-32bit-debuginfo-4.7.0-150600.3.8.1
* libtiff6-32bit-4.7.0-150600.3.8.1
## References:
* https://www.suse.com/security/cve/CVE-2023-25435.html
* https://www.suse.com/security/cve/CVE-2023-52356.html
* https://bugzilla.suse.com/show_bug.cgi?id=1212607
* https://bugzilla.suse.com/show_bug.cgi?id=1219213
* https://bugzilla.suse.com/show_bug.cgi?id=1236834
SUSE-SU-2025:0754-1: important: Security update for wireshark
# Security update for wireshark
Announcement ID: SUSE-SU-2025:0754-1
Release Date: 2025-02-28T16:31:33Z
Rating: important
References:
* bsc#1237414
Cross-References:
* CVE-2025-1492
CVSS scores:
* CVE-2025-1492 ( SUSE ): 7.1
CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-1492 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-1492 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products:
* Basesystem Module 15-SP6
* Desktop Applications Module 15-SP6
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
An update that solves one vulnerability can now be installed.
## Description:
This update for wireshark fixes the following issues:
Update to version 4.2.11:
* CVE-2025-1492: uncontrolled recursion leading to a stack buffer overflow can
cause Bundle Protocol and CBOR dissector to crash (bsc#1237414).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.6
zypper in -t patch SUSE-2025-754=1 openSUSE-SLE-15.6-2025-754=1
* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-754=1
* Desktop Applications Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-754=1
## Package List:
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* libwiretap14-debuginfo-4.2.11-150600.18.20.1
* libwsutil15-4.2.11-150600.18.20.1
* libwsutil15-debuginfo-4.2.11-150600.18.20.1
* wireshark-ui-qt-4.2.11-150600.18.20.1
* wireshark-ui-qt-debuginfo-4.2.11-150600.18.20.1
* libwireshark17-4.2.11-150600.18.20.1
* wireshark-4.2.11-150600.18.20.1
* wireshark-debuginfo-4.2.11-150600.18.20.1
* wireshark-debugsource-4.2.11-150600.18.20.1
* wireshark-devel-4.2.11-150600.18.20.1
* libwiretap14-4.2.11-150600.18.20.1
* libwireshark17-debuginfo-4.2.11-150600.18.20.1
* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* libwiretap14-debuginfo-4.2.11-150600.18.20.1
* libwsutil15-4.2.11-150600.18.20.1
* libwsutil15-debuginfo-4.2.11-150600.18.20.1
* libwireshark17-4.2.11-150600.18.20.1
* wireshark-4.2.11-150600.18.20.1
* wireshark-debuginfo-4.2.11-150600.18.20.1
* wireshark-debugsource-4.2.11-150600.18.20.1
* libwiretap14-4.2.11-150600.18.20.1
* libwireshark17-debuginfo-4.2.11-150600.18.20.1
* Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* wireshark-ui-qt-4.2.11-150600.18.20.1
* wireshark-ui-qt-debuginfo-4.2.11-150600.18.20.1
* wireshark-debugsource-4.2.11-150600.18.20.1
* wireshark-debuginfo-4.2.11-150600.18.20.1
* wireshark-devel-4.2.11-150600.18.20.1
## References:
* https://www.suse.com/security/cve/CVE-2025-1492.html
* https://bugzilla.suse.com/show_bug.cgi?id=1237414
SUSE-SU-2025:0756-1: moderate: Security update for python
# Security update for python
Announcement ID: SUSE-SU-2025:0756-1
Release Date: 2025-02-28T16:38:14Z
Rating: moderate
References:
* bsc#1223694
* bsc#1236705
Cross-References:
* CVE-2025-0938
CVSS scores:
* CVE-2025-0938 ( SUSE ): 6.3
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N
* CVE-2025-0938 ( SUSE ): 4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
* CVE-2025-0938 ( NVD ): 6.3
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Affected Products:
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Package Hub 15 15-SP6
An update that solves one vulnerability and has one security fix can now be
installed.
## Description:
This update for python fixes the following issues:
* Reference to no longer used 'bracketed_host' variable in the fix for
CVE-2025-0938 (bsc#1236705, bsc#1223694).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2025-756=1
* SUSE Package Hub 15 15-SP6
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-756=1
## Package List:
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* python-curses-debuginfo-2.7.18-150000.74.1
* python-tk-2.7.18-150000.74.1
* python-base-2.7.18-150000.74.1
* python-demo-2.7.18-150000.74.1
* python-2.7.18-150000.74.1
* python-idle-2.7.18-150000.74.1
* libpython2_7-1_0-2.7.18-150000.74.1
* python-gdbm-2.7.18-150000.74.1
* python-xml-2.7.18-150000.74.1
* python-base-debuginfo-2.7.18-150000.74.1
* python-xml-debuginfo-2.7.18-150000.74.1
* python-curses-2.7.18-150000.74.1
* libpython2_7-1_0-debuginfo-2.7.18-150000.74.1
* python-debuginfo-2.7.18-150000.74.1
* python-devel-2.7.18-150000.74.1
* python-tk-debuginfo-2.7.18-150000.74.1
* python-gdbm-debuginfo-2.7.18-150000.74.1
* python-base-debugsource-2.7.18-150000.74.1
* python-debugsource-2.7.18-150000.74.1
* openSUSE Leap 15.6 (x86_64)
* python-32bit-2.7.18-150000.74.1
* python-base-32bit-debuginfo-2.7.18-150000.74.1
* python-32bit-debuginfo-2.7.18-150000.74.1
* python-base-32bit-2.7.18-150000.74.1
* libpython2_7-1_0-32bit-debuginfo-2.7.18-150000.74.1
* libpython2_7-1_0-32bit-2.7.18-150000.74.1
* openSUSE Leap 15.6 (noarch)
* python-doc-2.7.18-150000.74.1
* python-doc-pdf-2.7.18-150000.74.1
* SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64)
* python-curses-debuginfo-2.7.18-150000.74.1
* python-base-2.7.18-150000.74.1
* python-2.7.18-150000.74.1
* libpython2_7-1_0-2.7.18-150000.74.1
* python-gdbm-2.7.18-150000.74.1
* python-xml-2.7.18-150000.74.1
* python-base-debuginfo-2.7.18-150000.74.1
* python-xml-debuginfo-2.7.18-150000.74.1
* python-curses-2.7.18-150000.74.1
* libpython2_7-1_0-debuginfo-2.7.18-150000.74.1
* python-debuginfo-2.7.18-150000.74.1
* python-gdbm-debuginfo-2.7.18-150000.74.1
* python-base-debugsource-2.7.18-150000.74.1
* python-debugsource-2.7.18-150000.74.1
## References:
* https://www.suse.com/security/cve/CVE-2025-0938.html
* https://bugzilla.suse.com/show_bug.cgi?id=1223694
* https://bugzilla.suse.com/show_bug.cgi?id=1236705
SUSE-SU-2025:0752-1: important: Security update for ovmf
# Security update for ovmf
Announcement ID: SUSE-SU-2025:0752-1
Release Date: 2025-02-28T16:27:49Z
Rating: important
References:
* bsc#1218879
* bsc#1218880
* bsc#1218881
* bsc#1218882
* bsc#1218883
* bsc#1218884
* bsc#1218885
Cross-References:
* CVE-2023-45229
* CVE-2023-45230
* CVE-2023-45231
* CVE-2023-45232
* CVE-2023-45233
* CVE-2023-45234
* CVE-2023-45235
CVSS scores:
* CVE-2023-45229 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2023-45229 ( NVD ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2023-45230 ( SUSE ): 8.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
* CVE-2023-45230 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-45230 ( NVD ): 8.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
* CVE-2023-45231 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2023-45231 ( NVD ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2023-45232 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-45232 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-45232 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-45233 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-45233 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-45233 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-45234 ( SUSE ): 8.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
* CVE-2023-45234 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-45234 ( NVD ): 8.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
* CVE-2023-45235 ( SUSE ): 8.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
* CVE-2023-45235 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-45235 ( NVD ): 8.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
Affected Products:
* openSUSE Leap 15.3
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise Micro 5.1
* SUSE Linux Enterprise Micro 5.2
* SUSE Linux Enterprise Micro for Rancher 5.2
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
An update that solves seven vulnerabilities can now be installed.
## Description:
This update for ovmf fixes the following issues:
* CVE-2023-45229: out-of-bounds read in edk2 when processing IA_NA/IA_TA
options in DHCPv6 Advertise messages. (bsc#1218879)
* CVE-2023-45230: buffer overflow in the DHCPv6 client in edk2 via a long
Server ID option. (bsc#1218880)
* CVE-2023-45231: out-of-bounds read in edk2 when handling a ND Redirect
message with truncated options. (bsc#1218881)
* CVE-2023-45232: infinite loop in edk2 when parsing unknown options in the
Destination Options header. (bsc#1218882)
* CVE-2023-45233: infinite loop in edk2 when parsing PadN options in the
Destination Options header. (bsc#1218883)
* CVE-2023-45234: buffer overflow in edk2 when processing DNS Servers options
in a DHCPv6 Advertise message. (bsc#1218884)
* CVE-2023-45235: buffer overflow in edk2 when handling the Server ID option
in a DHCPv6 proxy Advertise message. (bsc#1218885)
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.3
zypper in -t patch SUSE-2025-752=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-752=1
* SUSE Linux Enterprise Server 15 SP3 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-752=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-752=1
* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2025-752=1
* SUSE Linux Enterprise Micro 5.1
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-752=1
* SUSE Linux Enterprise Micro 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-752=1
* SUSE Linux Enterprise Micro for Rancher 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-752=1
## Package List:
* openSUSE Leap 15.3 (aarch64 x86_64)
* ovmf-202008-150300.10.26.1
* ovmf-tools-202008-150300.10.26.1
* openSUSE Leap 15.3 (noarch)
* qemu-uefi-aarch32-202008-150300.10.26.1
* qemu-uefi-aarch64-202008-150300.10.26.1
* qemu-ovmf-x86_64-202008-150300.10.26.1
* qemu-ovmf-ia32-202008-150300.10.26.1
* openSUSE Leap 15.3 (x86_64)
* qemu-ovmf-x86_64-debug-202008-150300.10.26.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
x86_64)
* ovmf-202008-150300.10.26.1
* ovmf-tools-202008-150300.10.26.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
* qemu-ovmf-x86_64-202008-150300.10.26.1
* qemu-uefi-aarch64-202008-150300.10.26.1
* SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 x86_64)
* ovmf-202008-150300.10.26.1
* ovmf-tools-202008-150300.10.26.1
* SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
* qemu-ovmf-x86_64-202008-150300.10.26.1
* qemu-uefi-aarch64-202008-150300.10.26.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64)
* ovmf-202008-150300.10.26.1
* ovmf-tools-202008-150300.10.26.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
* qemu-ovmf-x86_64-202008-150300.10.26.1
* SUSE Enterprise Storage 7.1 (aarch64 x86_64)
* ovmf-202008-150300.10.26.1
* ovmf-tools-202008-150300.10.26.1
* SUSE Enterprise Storage 7.1 (noarch)
* qemu-ovmf-x86_64-202008-150300.10.26.1
* qemu-uefi-aarch64-202008-150300.10.26.1
* SUSE Linux Enterprise Micro 5.1 (noarch)
* qemu-ovmf-x86_64-202008-150300.10.26.1
* qemu-uefi-aarch64-202008-150300.10.26.1
* SUSE Linux Enterprise Micro 5.2 (noarch)
* qemu-ovmf-x86_64-202008-150300.10.26.1
* qemu-uefi-aarch64-202008-150300.10.26.1
* SUSE Linux Enterprise Micro for Rancher 5.2 (noarch)
* qemu-ovmf-x86_64-202008-150300.10.26.1
* qemu-uefi-aarch64-202008-150300.10.26.1
## References:
* https://www.suse.com/security/cve/CVE-2023-45229.html
* https://www.suse.com/security/cve/CVE-2023-45230.html
* https://www.suse.com/security/cve/CVE-2023-45231.html
* https://www.suse.com/security/cve/CVE-2023-45232.html
* https://www.suse.com/security/cve/CVE-2023-45233.html
* https://www.suse.com/security/cve/CVE-2023-45234.html
* https://www.suse.com/security/cve/CVE-2023-45235.html
* https://bugzilla.suse.com/show_bug.cgi?id=1218879
* https://bugzilla.suse.com/show_bug.cgi?id=1218880
* https://bugzilla.suse.com/show_bug.cgi?id=1218881
* https://bugzilla.suse.com/show_bug.cgi?id=1218882
* https://bugzilla.suse.com/show_bug.cgi?id=1218883
* https://bugzilla.suse.com/show_bug.cgi?id=1218884
* https://bugzilla.suse.com/show_bug.cgi?id=1218885
SUSE-SU-2025:0755-1: moderate: Security update for u-boot
# Security update for u-boot
Announcement ID: SUSE-SU-2025:0755-1
Release Date: 2025-02-28T16:37:12Z
Rating: moderate
References:
* bsc#1237284
* bsc#1237287
Cross-References:
* CVE-2024-57256
* CVE-2024-57258
CVSS scores:
* CVE-2024-57256 ( SUSE ): 6.7
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2024-57256 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
* CVE-2024-57256 ( NVD ): 7.1 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
* CVE-2024-57258 ( SUSE ): 6.7
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2024-57258 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
* CVE-2024-57258 ( NVD ): 7.1 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Affected Products:
* openSUSE Leap 15.6
An update that solves two vulnerabilities can now be installed.
## Description:
This update for u-boot fixes the following issues:
* CVE-2024-57256: integer overflow in U-Boot's ext4 symlink resolution
function (bsc#1237284).
* CVE-2024-57258: multiple integer overflows in U-Boot's memory allocator
(bsc#1237287).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2025-755=1
## Package List:
* openSUSE Leap 15.6 (aarch64)
* u-boot-xilinxzynqmpgeneric-2020.01-150200.10.18.1
* u-boot-xilinxzynqmpgeneric-doc-2020.01-150200.10.18.1
## References:
* https://www.suse.com/security/cve/CVE-2024-57256.html
* https://www.suse.com/security/cve/CVE-2024-57258.html
* https://bugzilla.suse.com/show_bug.cgi?id=1237284
* https://bugzilla.suse.com/show_bug.cgi?id=1237287
SUSE-SU-2025:0758-1: moderate: Security update for libxkbfile
# Security update for libxkbfile
Announcement ID: SUSE-SU-2025:0758-1
Release Date: 2025-02-28T18:23:41Z
Rating: moderate
References:
* bsc#1237429
Cross-References:
* CVE-2025-26595
CVSS scores:
* CVE-2025-26595 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2025-26595 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
* CVE-2025-26595 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
* Basesystem Module 15-SP6
* openSUSE Leap 15.6
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3
An update that solves one vulnerability can now be installed.
## Description:
This update for libxkbfile fixes the following issues:
* CVE-2025-26595: Fixed buffer overflow in XkbVModMaskText() (bsc#1237429).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-758=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-758=1
* SUSE Linux Enterprise Server 15 SP3 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-758=1
* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-758=1
* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-758=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-758=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-758=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-758=1
* SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-758=1
* SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-758=1
* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-758=1
* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2025-758=1
* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2025-758=1
* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-758=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-758=1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-758=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-758=1
## Package List:
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
x86_64)
* libxkbfile-devel-1.0.9-150000.3.3.1
* libxkbfile1-1.0.9-150000.3.3.1
* libxkbfile1-debuginfo-1.0.9-150000.3.3.1
* libxkbfile-debugsource-1.0.9-150000.3.3.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
x86_64)
* libxkbfile-devel-1.0.9-150000.3.3.1
* libxkbfile1-1.0.9-150000.3.3.1
* libxkbfile1-debuginfo-1.0.9-150000.3.3.1
* libxkbfile-debugsource-1.0.9-150000.3.3.1
* SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
* libxkbfile-devel-1.0.9-150000.3.3.1
* libxkbfile1-1.0.9-150000.3.3.1
* libxkbfile1-debuginfo-1.0.9-150000.3.3.1
* libxkbfile-debugsource-1.0.9-150000.3.3.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* libxkbfile-devel-1.0.9-150000.3.3.1
* libxkbfile1-1.0.9-150000.3.3.1
* libxkbfile1-debuginfo-1.0.9-150000.3.3.1
* libxkbfile-debugsource-1.0.9-150000.3.3.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* libxkbfile-devel-1.0.9-150000.3.3.1
* libxkbfile1-1.0.9-150000.3.3.1
* libxkbfile1-debuginfo-1.0.9-150000.3.3.1
* libxkbfile-debugsource-1.0.9-150000.3.3.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
* libxkbfile-devel-1.0.9-150000.3.3.1
* libxkbfile1-1.0.9-150000.3.3.1
* libxkbfile1-debuginfo-1.0.9-150000.3.3.1
* libxkbfile-debugsource-1.0.9-150000.3.3.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* libxkbfile-devel-1.0.9-150000.3.3.1
* libxkbfile1-1.0.9-150000.3.3.1
* libxkbfile1-debuginfo-1.0.9-150000.3.3.1
* libxkbfile-debugsource-1.0.9-150000.3.3.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* libxkbfile-devel-1.0.9-150000.3.3.1
* libxkbfile1-1.0.9-150000.3.3.1
* libxkbfile1-debuginfo-1.0.9-150000.3.3.1
* libxkbfile-debugsource-1.0.9-150000.3.3.1
* SUSE Manager Proxy 4.3 (x86_64)
* libxkbfile-devel-1.0.9-150000.3.3.1
* libxkbfile1-1.0.9-150000.3.3.1
* libxkbfile1-debuginfo-1.0.9-150000.3.3.1
* libxkbfile-debugsource-1.0.9-150000.3.3.1
* SUSE Manager Retail Branch Server 4.3 (x86_64)
* libxkbfile-devel-1.0.9-150000.3.3.1
* libxkbfile1-1.0.9-150000.3.3.1
* libxkbfile1-debuginfo-1.0.9-150000.3.3.1
* libxkbfile-debugsource-1.0.9-150000.3.3.1
* SUSE Manager Server 4.3 (ppc64le s390x x86_64)
* libxkbfile-devel-1.0.9-150000.3.3.1
* libxkbfile1-1.0.9-150000.3.3.1
* libxkbfile1-debuginfo-1.0.9-150000.3.3.1
* libxkbfile-debugsource-1.0.9-150000.3.3.1
* SUSE Enterprise Storage 7.1 (aarch64 x86_64)
* libxkbfile-devel-1.0.9-150000.3.3.1
* libxkbfile1-1.0.9-150000.3.3.1
* libxkbfile1-debuginfo-1.0.9-150000.3.3.1
* libxkbfile-debugsource-1.0.9-150000.3.3.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* libxkbfile-devel-1.0.9-150000.3.3.1
* libxkbfile1-1.0.9-150000.3.3.1
* libxkbfile1-debuginfo-1.0.9-150000.3.3.1
* libxkbfile-debugsource-1.0.9-150000.3.3.1
* openSUSE Leap 15.6 (x86_64)
* libxkbfile1-32bit-debuginfo-1.0.9-150000.3.3.1
* libxkbfile1-32bit-1.0.9-150000.3.3.1
* libxkbfile-devel-32bit-1.0.9-150000.3.3.1
* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* libxkbfile-devel-1.0.9-150000.3.3.1
* libxkbfile1-1.0.9-150000.3.3.1
* libxkbfile1-debuginfo-1.0.9-150000.3.3.1
* libxkbfile-debugsource-1.0.9-150000.3.3.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
x86_64)
* libxkbfile-devel-1.0.9-150000.3.3.1
* libxkbfile1-1.0.9-150000.3.3.1
* libxkbfile1-debuginfo-1.0.9-150000.3.3.1
* libxkbfile-debugsource-1.0.9-150000.3.3.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* libxkbfile-devel-1.0.9-150000.3.3.1
* libxkbfile1-1.0.9-150000.3.3.1
* libxkbfile1-debuginfo-1.0.9-150000.3.3.1
* libxkbfile-debugsource-1.0.9-150000.3.3.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* libxkbfile-devel-1.0.9-150000.3.3.1
* libxkbfile1-1.0.9-150000.3.3.1
* libxkbfile1-debuginfo-1.0.9-150000.3.3.1
* libxkbfile-debugsource-1.0.9-150000.3.3.1
## References:
* https://www.suse.com/security/cve/CVE-2025-26595.html
* https://bugzilla.suse.com/show_bug.cgi?id=1237429
