Ruby3.4-Rubygem-Nokogiri, Libopenssl-3-Devel, Go updates for SUSE

SUSE 5298 Published 2 months ago by Philipp Esselbach

News

SUSE Linux has been updated with multiple security enhancements, including ruby3.4-rubygem-nokogiri, libopenssl-3-devel, and go:

openSUSE-SU-2025:14697-1: moderate: ruby3.4-rubygem-nokogiri-1.18.2-1.1 on GA media
openSUSE-SU-2025:14696-1: moderate: libopenssl-3-devel-3.2.3-4.1 on GA media
openSUSE-SU-2025:14694-1: moderate: go1.22-1.22.11-1.1 on GA media
openSUSE-SU-2025:14695-1: moderate: go1.23-1.23.5-1.1 on GA media

openSUSE-SU-2025:14697-1: moderate: ruby3.4-rubygem-nokogiri-1.18.2-1.1 on GA media

# ruby3.4-rubygem-nokogiri-1.18.2-1.1 on GA media

Announcement ID: openSUSE-SU-2025:14697-1
Rating: moderate

Cross-References:

* CVE-2013-2877
* CVE-2014-0191
* CVE-2015-1819
* CVE-2015-5312
* CVE-2015-7497
* CVE-2015-7498
* CVE-2015-7499
* CVE-2015-7500
* CVE-2015-7941
* CVE-2015-7942
* CVE-2015-7995
* CVE-2015-8035
* CVE-2015-8241
* CVE-2015-8242
* CVE-2015-8317
* CVE-2016-4658
* CVE-2016-4738
* CVE-2016-5131
* CVE-2017-15412
* CVE-2017-5029
* CVE-2018-14404
* CVE-2018-25032
* CVE-2018-8048
* CVE-2019-11068
* CVE-2019-20388
* CVE-2019-5477
* CVE-2020-24977
* CVE-2020-7595
* CVE-2021-30560
* CVE-2021-3516
* CVE-2021-3517
* CVE-2021-3518
* CVE-2021-3537
* CVE-2021-3541
* CVE-2021-41098
* CVE-2022-23308
* CVE-2022-23437
* CVE-2022-23476
* CVE-2022-24836
* CVE-2022-24839
* CVE-2022-29181
* CVE-2022-29824
* CVE-2022-34169
* CVE-2023-29469

CVSS scores:

* CVE-2016-5131 ( SUSE ): 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2017-15412 ( SUSE ): 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2018-14404 ( SUSE ): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2018-25032 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2018-8048 ( SUSE ): 5.4 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
* CVE-2019-11068 ( SUSE ): 6.6 CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
* CVE-2019-20388 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2019-5477 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2020-24977 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2020-7595 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2021-30560 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2021-3516 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-3517 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
* CVE-2021-3518 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-3537 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-3541 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-23308 ( SUSE ): 7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
* CVE-2022-23437 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-24836 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-24839 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-29181 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H
* CVE-2022-29824 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2022-34169 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
* CVE-2023-29469 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Tumbleweed

An update that solves 44 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the ruby3.4-rubygem-nokogiri-1.18.2-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* ruby3.4-rubygem-nokogiri 1.18.2-1.1

## References:

* https://www.suse.com/security/cve/CVE-2013-2877.html
* https://www.suse.com/security/cve/CVE-2014-0191.html
* https://www.suse.com/security/cve/CVE-2015-1819.html
* https://www.suse.com/security/cve/CVE-2015-5312.html
* https://www.suse.com/security/cve/CVE-2015-7497.html
* https://www.suse.com/security/cve/CVE-2015-7498.html
* https://www.suse.com/security/cve/CVE-2015-7499.html
* https://www.suse.com/security/cve/CVE-2015-7500.html
* https://www.suse.com/security/cve/CVE-2015-7941.html
* https://www.suse.com/security/cve/CVE-2015-7942.html
* https://www.suse.com/security/cve/CVE-2015-7995.html
* https://www.suse.com/security/cve/CVE-2015-8035.html
* https://www.suse.com/security/cve/CVE-2015-8241.html
* https://www.suse.com/security/cve/CVE-2015-8242.html
* https://www.suse.com/security/cve/CVE-2015-8317.html
* https://www.suse.com/security/cve/CVE-2016-4658.html
* https://www.suse.com/security/cve/CVE-2016-4738.html
* https://www.suse.com/security/cve/CVE-2016-5131.html
* https://www.suse.com/security/cve/CVE-2017-15412.html
* https://www.suse.com/security/cve/CVE-2017-5029.html
* https://www.suse.com/security/cve/CVE-2018-14404.html
* https://www.suse.com/security/cve/CVE-2018-25032.html
* https://www.suse.com/security/cve/CVE-2018-8048.html
* https://www.suse.com/security/cve/CVE-2019-11068.html
* https://www.suse.com/security/cve/CVE-2019-20388.html
* https://www.suse.com/security/cve/CVE-2019-5477.html
* https://www.suse.com/security/cve/CVE-2020-24977.html
* https://www.suse.com/security/cve/CVE-2020-7595.html
* https://www.suse.com/security/cve/CVE-2021-30560.html
* https://www.suse.com/security/cve/CVE-2021-3516.html
* https://www.suse.com/security/cve/CVE-2021-3517.html
* https://www.suse.com/security/cve/CVE-2021-3518.html
* https://www.suse.com/security/cve/CVE-2021-3537.html
* https://www.suse.com/security/cve/CVE-2021-3541.html
* https://www.suse.com/security/cve/CVE-2021-41098.html
* https://www.suse.com/security/cve/CVE-2022-23308.html
* https://www.suse.com/security/cve/CVE-2022-23437.html
* https://www.suse.com/security/cve/CVE-2022-23476.html
* https://www.suse.com/security/cve/CVE-2022-24836.html
* https://www.suse.com/security/cve/CVE-2022-24839.html
* https://www.suse.com/security/cve/CVE-2022-29181.html
* https://www.suse.com/security/cve/CVE-2022-29824.html
* https://www.suse.com/security/cve/CVE-2022-34169.html
* https://www.suse.com/security/cve/CVE-2023-29469.html

openSUSE-SU-2025:14696-1: moderate: libopenssl-3-devel-3.2.3-4.1 on GA media

# libopenssl-3-devel-3.2.3-4.1 on GA media

Announcement ID: openSUSE-SU-2025:14696-1
Rating: moderate

Cross-References:

* CVE-2024-13176

CVSS scores:

* CVE-2024-13176 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2024-13176 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the libopenssl-3-devel-3.2.3-4.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* libopenssl-3-devel 3.2.3-4.1
* libopenssl-3-devel-32bit 3.2.3-4.1
* libopenssl-3-fips-provider 3.2.3-4.1
* libopenssl-3-fips-provider-32bit 3.2.3-4.1
* libopenssl-3-fips-provider-x86-64-v3 3.2.3-4.1
* libopenssl3 3.2.3-4.1
* libopenssl3-32bit 3.2.3-4.1
* libopenssl3-x86-64-v3 3.2.3-4.1
* openssl-3 3.2.3-4.1
* openssl-3-doc 3.2.3-4.1

## References:

* https://www.suse.com/security/cve/CVE-2024-13176.html

openSUSE-SU-2025:14694-1: moderate: go1.22-1.22.11-1.1 on GA media

# go1.22-1.22.11-1.1 on GA media

Announcement ID: openSUSE-SU-2025:14694-1
Rating: moderate

Cross-References:

* CVE-2024-45336
* CVE-2024-45341

Affected Products:

* openSUSE Tumbleweed

An update that solves 2 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the go1.22-1.22.11-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* go1.22 1.22.11-1.1
* go1.22-doc 1.22.11-1.1
* go1.22-libstd 1.22.11-1.1
* go1.22-race 1.22.11-1.1

## References:

* https://www.suse.com/security/cve/CVE-2024-45336.html
* https://www.suse.com/security/cve/CVE-2024-45341.html

openSUSE-SU-2025:14695-1: moderate: go1.23-1.23.5-1.1 on GA media

# go1.23-1.23.5-1.1 on GA media

Announcement ID: openSUSE-SU-2025:14695-1
Rating: moderate

Cross-References:

* CVE-2024-45336
* CVE-2024-45341

Affected Products:

* openSUSE Tumbleweed

An update that solves 2 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the go1.23-1.23.5-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* go1.23 1.23.5-1.1
* go1.23-doc 1.23.5-1.1
* go1.23-libstd 1.23.5-1.1
* go1.23-race 1.23.5-1.1

## References:

* https://www.suse.com/security/cve/CVE-2024-45336.html
* https://www.suse.com/security/cve/CVE-2024-45341.html

Redis and Rsync updates for RHEL

Git and Ruby updates for Debian

Ruby3.4-Rubygem-Nokogiri, Libopenssl-3-Devel, Go updates for SUSE

openSUSE-SU-2025:14697-1: moderate: ruby3.4-rubygem-nokogiri-1.18.2-1.1 on GA media

openSUSE-SU-2025:14696-1: moderate: libopenssl-3-devel-3.2.3-4.1 on GA media

openSUSE-SU-2025:14694-1: moderate: go1.22-1.22.11-1.1 on GA media

openSUSE-SU-2025:14695-1: moderate: go1.23-1.23.5-1.1 on GA media

Windows

Linux

macOS

Community