Webkit2GTK, LibXML2, Libarchive, and more updates for SUSE

SUSE 5262 Published by

SUSE Linux has been updated with several security enhancements, including significant updates for webkit2gtk3, libxml2, wpa_supplicant, mercurial-6.9.4-1.1, zvbi, python311, apptainer, xorg-x11-server, libarchive, and libarchive:

SUSE-SU-2025:0975-1: important: Security update for webkit2gtk3
SUSE-SU-2025:0974-1: important: Security update for webkit2gtk3
SUSE-SU-2025:0976-1: important: Security update for libxml2
SUSE-SU-2025:0977-1: moderate: Security update for wpa_supplicant
openSUSE-SU-2025:14912-1: moderate: mercurial-6.9.4-1.1 on GA media
SUSE-SU-2025:0979-1: important: Security update for zvbi
SUSE-SU-2025:0981-1: low: Security update for python311
SUSE-SU-2025:0980-1: critical: Security update for apptainer
SUSE-SU-2025:0982-1: low: Security update for python311
SUSE-SU-2025:0984-1: moderate: Security update for xorg-x11-server
SUSE-SU-2025:0985-1: moderate: Security update for libarchive
SUSE-SU-2025:0986-1: moderate: Security update for libarchive




SUSE-SU-2025:0975-1: important: Security update for webkit2gtk3


# Security update for webkit2gtk3

Announcement ID: SUSE-SU-2025:0975-1
Release Date: 2025-03-21T08:24:37Z
Rating: important
References:

* bsc#1239547

Cross-References:

* CVE-2025-24201

CVSS scores:

* CVE-2025-24201 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-24201 ( NVD ): 7.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-24201 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products:

* openSUSE Leap 15.4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3

An update that solves one vulnerability can now be installed.

## Description:

This update for webkit2gtk3 fixes the following issues:

* CVE-2025-24201: Fixed out-of-bounds write vulnerability due to that WebGL
context primitive restart can be toggled from WebContent process
(bsc#1239547).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2025-975=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-975=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-975=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-975=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-975=1

* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-975=1

* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-975=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-975=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-975=1

* SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-975=1

* SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-975=1

* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-975=1

## Package List:

* openSUSE Leap 15.4 (noarch)
* WebKitGTK-6.0-lang-2.46.6-150400.4.109.1
* WebKitGTK-4.0-lang-2.46.6-150400.4.109.1
* WebKitGTK-4.1-lang-2.46.6-150400.4.109.1
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* webkit2gtk-4_0-injected-bundles-2.46.6-150400.4.109.1
* webkit2gtk3-minibrowser-2.46.6-150400.4.109.1
* webkit2gtk-4_1-injected-bundles-2.46.6-150400.4.109.1
* webkit2gtk3-minibrowser-debuginfo-2.46.6-150400.4.109.1
* libjavascriptcoregtk-4_0-18-2.46.6-150400.4.109.1
* libjavascriptcoregtk-6_0-1-2.46.6-150400.4.109.1
* typelib-1_0-JavaScriptCore-6_0-2.46.6-150400.4.109.1
* webkit-jsc-4-debuginfo-2.46.6-150400.4.109.1
* webkit2gtk4-minibrowser-2.46.6-150400.4.109.1
* typelib-1_0-JavaScriptCore-4_1-2.46.6-150400.4.109.1
* webkit2gtk3-soup2-minibrowser-2.46.6-150400.4.109.1
* webkit2gtk3-debugsource-2.46.6-150400.4.109.1
* typelib-1_0-WebKit-6_0-2.46.6-150400.4.109.1
* webkit-jsc-4.1-2.46.6-150400.4.109.1
* webkit-jsc-4.1-debuginfo-2.46.6-150400.4.109.1
* libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150400.4.109.1
* webkit-jsc-4-2.46.6-150400.4.109.1
* webkit-jsc-6.0-2.46.6-150400.4.109.1
* libwebkit2gtk-4_1-0-2.46.6-150400.4.109.1
* typelib-1_0-JavaScriptCore-4_0-2.46.6-150400.4.109.1
* libjavascriptcoregtk-4_1-0-2.46.6-150400.4.109.1
* webkit2gtk4-minibrowser-debuginfo-2.46.6-150400.4.109.1
* typelib-1_0-WebKit2-4_0-2.46.6-150400.4.109.1
* libwebkit2gtk-4_1-0-debuginfo-2.46.6-150400.4.109.1
* typelib-1_0-WebKit2WebExtension-4_1-2.46.6-150400.4.109.1
* webkit2gtk3-soup2-devel-2.46.6-150400.4.109.1
* libwebkit2gtk-4_0-37-debuginfo-2.46.6-150400.4.109.1
* webkitgtk-6_0-injected-bundles-2.46.6-150400.4.109.1
* libjavascriptcoregtk-4_1-0-debuginfo-2.46.6-150400.4.109.1
* libwebkitgtk-6_0-4-debuginfo-2.46.6-150400.4.109.1
* webkit2gtk3-devel-2.46.6-150400.4.109.1
* webkit2gtk4-debugsource-2.46.6-150400.4.109.1
* webkit2gtk4-devel-2.46.6-150400.4.109.1
* libwebkitgtk-6_0-4-2.46.6-150400.4.109.1
* webkit2gtk3-soup2-minibrowser-debuginfo-2.46.6-150400.4.109.1
* webkitgtk-6_0-injected-bundles-debuginfo-2.46.6-150400.4.109.1
* libjavascriptcoregtk-6_0-1-debuginfo-2.46.6-150400.4.109.1
* typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150400.4.109.1
* typelib-1_0-WebKit2-4_1-2.46.6-150400.4.109.1
* libwebkit2gtk-4_0-37-2.46.6-150400.4.109.1
* webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150400.4.109.1
* webkit-jsc-6.0-debuginfo-2.46.6-150400.4.109.1
* webkit2gtk3-soup2-debugsource-2.46.6-150400.4.109.1
* webkit2gtk-4_1-injected-bundles-debuginfo-2.46.6-150400.4.109.1
* typelib-1_0-WebKitWebProcessExtension-6_0-2.46.6-150400.4.109.1
* openSUSE Leap 15.4 (x86_64)
* libjavascriptcoregtk-4_0-18-32bit-2.46.6-150400.4.109.1
* libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.46.6-150400.4.109.1
* libwebkit2gtk-4_1-0-32bit-debuginfo-2.46.6-150400.4.109.1
* libwebkit2gtk-4_0-37-32bit-2.46.6-150400.4.109.1
* libjavascriptcoregtk-4_1-0-32bit-debuginfo-2.46.6-150400.4.109.1
* libwebkit2gtk-4_1-0-32bit-2.46.6-150400.4.109.1
* libjavascriptcoregtk-4_1-0-32bit-2.46.6-150400.4.109.1
* libwebkit2gtk-4_0-37-32bit-debuginfo-2.46.6-150400.4.109.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* libjavascriptcoregtk-4_1-0-64bit-2.46.6-150400.4.109.1
* libwebkit2gtk-4_0-37-64bit-debuginfo-2.46.6-150400.4.109.1
* libjavascriptcoregtk-4_0-18-64bit-2.46.6-150400.4.109.1
* libjavascriptcoregtk-4_1-0-64bit-debuginfo-2.46.6-150400.4.109.1
* libwebkit2gtk-4_1-0-64bit-debuginfo-2.46.6-150400.4.109.1
* libjavascriptcoregtk-4_0-18-64bit-debuginfo-2.46.6-150400.4.109.1
* libwebkit2gtk-4_0-37-64bit-2.46.6-150400.4.109.1
* libwebkit2gtk-4_1-0-64bit-2.46.6-150400.4.109.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
* WebKitGTK-6.0-lang-2.46.6-150400.4.109.1
* WebKitGTK-4.0-lang-2.46.6-150400.4.109.1
* WebKitGTK-4.1-lang-2.46.6-150400.4.109.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* webkit2gtk-4_0-injected-bundles-2.46.6-150400.4.109.1
* webkit2gtk-4_1-injected-bundles-2.46.6-150400.4.109.1
* libjavascriptcoregtk-4_0-18-2.46.6-150400.4.109.1
* libjavascriptcoregtk-6_0-1-2.46.6-150400.4.109.1
* typelib-1_0-JavaScriptCore-4_1-2.46.6-150400.4.109.1
* webkit2gtk3-debugsource-2.46.6-150400.4.109.1
* libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150400.4.109.1
* libwebkit2gtk-4_1-0-2.46.6-150400.4.109.1
* typelib-1_0-JavaScriptCore-4_0-2.46.6-150400.4.109.1
* libjavascriptcoregtk-4_1-0-2.46.6-150400.4.109.1
* typelib-1_0-WebKit2-4_0-2.46.6-150400.4.109.1
* libwebkit2gtk-4_1-0-debuginfo-2.46.6-150400.4.109.1
* typelib-1_0-WebKit2WebExtension-4_1-2.46.6-150400.4.109.1
* webkit2gtk3-soup2-devel-2.46.6-150400.4.109.1
* libwebkit2gtk-4_0-37-debuginfo-2.46.6-150400.4.109.1
* webkitgtk-6_0-injected-bundles-2.46.6-150400.4.109.1
* libjavascriptcoregtk-4_1-0-debuginfo-2.46.6-150400.4.109.1
* libwebkitgtk-6_0-4-debuginfo-2.46.6-150400.4.109.1
* webkit2gtk3-devel-2.46.6-150400.4.109.1
* webkit2gtk4-debugsource-2.46.6-150400.4.109.1
* libwebkitgtk-6_0-4-2.46.6-150400.4.109.1
* libjavascriptcoregtk-6_0-1-debuginfo-2.46.6-150400.4.109.1
* typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150400.4.109.1
* typelib-1_0-WebKit2-4_1-2.46.6-150400.4.109.1
* libwebkit2gtk-4_0-37-2.46.6-150400.4.109.1
* webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150400.4.109.1
* webkit2gtk3-soup2-debugsource-2.46.6-150400.4.109.1
* webkit2gtk-4_1-injected-bundles-debuginfo-2.46.6-150400.4.109.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
* WebKitGTK-6.0-lang-2.46.6-150400.4.109.1
* WebKitGTK-4.0-lang-2.46.6-150400.4.109.1
* WebKitGTK-4.1-lang-2.46.6-150400.4.109.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* webkit2gtk-4_0-injected-bundles-2.46.6-150400.4.109.1
* webkit2gtk-4_1-injected-bundles-2.46.6-150400.4.109.1
* libjavascriptcoregtk-4_0-18-2.46.6-150400.4.109.1
* libjavascriptcoregtk-6_0-1-2.46.6-150400.4.109.1
* typelib-1_0-JavaScriptCore-4_1-2.46.6-150400.4.109.1
* webkit2gtk3-debugsource-2.46.6-150400.4.109.1
* libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150400.4.109.1
* libwebkit2gtk-4_1-0-2.46.6-150400.4.109.1
* typelib-1_0-JavaScriptCore-4_0-2.46.6-150400.4.109.1
* libjavascriptcoregtk-4_1-0-2.46.6-150400.4.109.1
* typelib-1_0-WebKit2-4_0-2.46.6-150400.4.109.1
* libwebkit2gtk-4_1-0-debuginfo-2.46.6-150400.4.109.1
* typelib-1_0-WebKit2WebExtension-4_1-2.46.6-150400.4.109.1
* webkit2gtk3-soup2-devel-2.46.6-150400.4.109.1
* libwebkit2gtk-4_0-37-debuginfo-2.46.6-150400.4.109.1
* webkitgtk-6_0-injected-bundles-2.46.6-150400.4.109.1
* libjavascriptcoregtk-4_1-0-debuginfo-2.46.6-150400.4.109.1
* libwebkitgtk-6_0-4-debuginfo-2.46.6-150400.4.109.1
* webkit2gtk3-devel-2.46.6-150400.4.109.1
* webkit2gtk4-debugsource-2.46.6-150400.4.109.1
* libwebkitgtk-6_0-4-2.46.6-150400.4.109.1
* libjavascriptcoregtk-6_0-1-debuginfo-2.46.6-150400.4.109.1
* typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150400.4.109.1
* typelib-1_0-WebKit2-4_1-2.46.6-150400.4.109.1
* libwebkit2gtk-4_0-37-2.46.6-150400.4.109.1
* webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150400.4.109.1
* webkit2gtk3-soup2-debugsource-2.46.6-150400.4.109.1
* webkit2gtk-4_1-injected-bundles-debuginfo-2.46.6-150400.4.109.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
* WebKitGTK-6.0-lang-2.46.6-150400.4.109.1
* WebKitGTK-4.0-lang-2.46.6-150400.4.109.1
* WebKitGTK-4.1-lang-2.46.6-150400.4.109.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
x86_64)
* webkit2gtk-4_0-injected-bundles-2.46.6-150400.4.109.1
* webkit2gtk-4_1-injected-bundles-2.46.6-150400.4.109.1
* libjavascriptcoregtk-4_0-18-2.46.6-150400.4.109.1
* libjavascriptcoregtk-6_0-1-2.46.6-150400.4.109.1
* typelib-1_0-JavaScriptCore-4_1-2.46.6-150400.4.109.1
* webkit2gtk3-debugsource-2.46.6-150400.4.109.1
* libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150400.4.109.1
* libwebkit2gtk-4_1-0-2.46.6-150400.4.109.1
* typelib-1_0-JavaScriptCore-4_0-2.46.6-150400.4.109.1
* libjavascriptcoregtk-4_1-0-2.46.6-150400.4.109.1
* typelib-1_0-WebKit2-4_0-2.46.6-150400.4.109.1
* libwebkit2gtk-4_1-0-debuginfo-2.46.6-150400.4.109.1
* typelib-1_0-WebKit2WebExtension-4_1-2.46.6-150400.4.109.1
* webkit2gtk3-soup2-devel-2.46.6-150400.4.109.1
* libwebkit2gtk-4_0-37-debuginfo-2.46.6-150400.4.109.1
* webkitgtk-6_0-injected-bundles-2.46.6-150400.4.109.1
* libjavascriptcoregtk-4_1-0-debuginfo-2.46.6-150400.4.109.1
* libwebkitgtk-6_0-4-debuginfo-2.46.6-150400.4.109.1
* webkit2gtk3-devel-2.46.6-150400.4.109.1
* webkit2gtk4-debugsource-2.46.6-150400.4.109.1
* libwebkitgtk-6_0-4-2.46.6-150400.4.109.1
* libjavascriptcoregtk-6_0-1-debuginfo-2.46.6-150400.4.109.1
* typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150400.4.109.1
* typelib-1_0-WebKit2-4_1-2.46.6-150400.4.109.1
* libwebkit2gtk-4_0-37-2.46.6-150400.4.109.1
* webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150400.4.109.1
* webkit2gtk3-soup2-debugsource-2.46.6-150400.4.109.1
* webkit2gtk-4_1-injected-bundles-debuginfo-2.46.6-150400.4.109.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
* WebKitGTK-6.0-lang-2.46.6-150400.4.109.1
* WebKitGTK-4.0-lang-2.46.6-150400.4.109.1
* WebKitGTK-4.1-lang-2.46.6-150400.4.109.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
x86_64)
* webkit2gtk-4_0-injected-bundles-2.46.6-150400.4.109.1
* webkit2gtk-4_1-injected-bundles-2.46.6-150400.4.109.1
* libjavascriptcoregtk-4_0-18-2.46.6-150400.4.109.1
* libjavascriptcoregtk-6_0-1-2.46.6-150400.4.109.1
* typelib-1_0-JavaScriptCore-4_1-2.46.6-150400.4.109.1
* webkit2gtk3-debugsource-2.46.6-150400.4.109.1
* libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150400.4.109.1
* libwebkit2gtk-4_1-0-2.46.6-150400.4.109.1
* typelib-1_0-JavaScriptCore-4_0-2.46.6-150400.4.109.1
* libjavascriptcoregtk-4_1-0-2.46.6-150400.4.109.1
* typelib-1_0-WebKit2-4_0-2.46.6-150400.4.109.1
* libwebkit2gtk-4_1-0-debuginfo-2.46.6-150400.4.109.1
* typelib-1_0-WebKit2WebExtension-4_1-2.46.6-150400.4.109.1
* webkit2gtk3-soup2-devel-2.46.6-150400.4.109.1
* libwebkit2gtk-4_0-37-debuginfo-2.46.6-150400.4.109.1
* webkitgtk-6_0-injected-bundles-2.46.6-150400.4.109.1
* libjavascriptcoregtk-4_1-0-debuginfo-2.46.6-150400.4.109.1
* libwebkitgtk-6_0-4-debuginfo-2.46.6-150400.4.109.1
* webkit2gtk3-devel-2.46.6-150400.4.109.1
* webkit2gtk4-debugsource-2.46.6-150400.4.109.1
* libwebkitgtk-6_0-4-2.46.6-150400.4.109.1
* libjavascriptcoregtk-6_0-1-debuginfo-2.46.6-150400.4.109.1
* typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150400.4.109.1
* typelib-1_0-WebKit2-4_1-2.46.6-150400.4.109.1
* libwebkit2gtk-4_0-37-2.46.6-150400.4.109.1
* webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150400.4.109.1
* webkit2gtk3-soup2-debugsource-2.46.6-150400.4.109.1
* webkit2gtk-4_1-injected-bundles-debuginfo-2.46.6-150400.4.109.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
* WebKitGTK-6.0-lang-2.46.6-150400.4.109.1
* WebKitGTK-4.0-lang-2.46.6-150400.4.109.1
* WebKitGTK-4.1-lang-2.46.6-150400.4.109.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* webkit2gtk-4_0-injected-bundles-2.46.6-150400.4.109.1
* webkit2gtk-4_1-injected-bundles-2.46.6-150400.4.109.1
* libjavascriptcoregtk-4_0-18-2.46.6-150400.4.109.1
* libjavascriptcoregtk-6_0-1-2.46.6-150400.4.109.1
* typelib-1_0-JavaScriptCore-4_1-2.46.6-150400.4.109.1
* webkit2gtk3-debugsource-2.46.6-150400.4.109.1
* libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150400.4.109.1
* libwebkit2gtk-4_1-0-2.46.6-150400.4.109.1
* typelib-1_0-JavaScriptCore-4_0-2.46.6-150400.4.109.1
* libjavascriptcoregtk-4_1-0-2.46.6-150400.4.109.1
* typelib-1_0-WebKit2-4_0-2.46.6-150400.4.109.1
* libwebkit2gtk-4_1-0-debuginfo-2.46.6-150400.4.109.1
* typelib-1_0-WebKit2WebExtension-4_1-2.46.6-150400.4.109.1
* webkit2gtk3-soup2-devel-2.46.6-150400.4.109.1
* libwebkit2gtk-4_0-37-debuginfo-2.46.6-150400.4.109.1
* webkitgtk-6_0-injected-bundles-2.46.6-150400.4.109.1
* libjavascriptcoregtk-4_1-0-debuginfo-2.46.6-150400.4.109.1
* libwebkitgtk-6_0-4-debuginfo-2.46.6-150400.4.109.1
* webkit2gtk3-devel-2.46.6-150400.4.109.1
* webkit2gtk4-debugsource-2.46.6-150400.4.109.1
* libwebkitgtk-6_0-4-2.46.6-150400.4.109.1
* libjavascriptcoregtk-6_0-1-debuginfo-2.46.6-150400.4.109.1
* typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150400.4.109.1
* typelib-1_0-WebKit2-4_1-2.46.6-150400.4.109.1
* libwebkit2gtk-4_0-37-2.46.6-150400.4.109.1
* webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150400.4.109.1
* webkit2gtk3-soup2-debugsource-2.46.6-150400.4.109.1
* webkit2gtk-4_1-injected-bundles-debuginfo-2.46.6-150400.4.109.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
* WebKitGTK-6.0-lang-2.46.6-150400.4.109.1
* WebKitGTK-4.0-lang-2.46.6-150400.4.109.1
* WebKitGTK-4.1-lang-2.46.6-150400.4.109.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* webkit2gtk-4_0-injected-bundles-2.46.6-150400.4.109.1
* webkit2gtk-4_1-injected-bundles-2.46.6-150400.4.109.1
* libjavascriptcoregtk-4_0-18-2.46.6-150400.4.109.1
* libjavascriptcoregtk-6_0-1-2.46.6-150400.4.109.1
* typelib-1_0-JavaScriptCore-4_1-2.46.6-150400.4.109.1
* webkit2gtk3-debugsource-2.46.6-150400.4.109.1
* libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150400.4.109.1
* libwebkit2gtk-4_1-0-2.46.6-150400.4.109.1
* typelib-1_0-JavaScriptCore-4_0-2.46.6-150400.4.109.1
* libjavascriptcoregtk-4_1-0-2.46.6-150400.4.109.1
* typelib-1_0-WebKit2-4_0-2.46.6-150400.4.109.1
* libwebkit2gtk-4_1-0-debuginfo-2.46.6-150400.4.109.1
* typelib-1_0-WebKit2WebExtension-4_1-2.46.6-150400.4.109.1
* webkit2gtk3-soup2-devel-2.46.6-150400.4.109.1
* libwebkit2gtk-4_0-37-debuginfo-2.46.6-150400.4.109.1
* webkitgtk-6_0-injected-bundles-2.46.6-150400.4.109.1
* libjavascriptcoregtk-4_1-0-debuginfo-2.46.6-150400.4.109.1
* libwebkitgtk-6_0-4-debuginfo-2.46.6-150400.4.109.1
* webkit2gtk3-devel-2.46.6-150400.4.109.1
* webkit2gtk4-debugsource-2.46.6-150400.4.109.1
* libwebkitgtk-6_0-4-2.46.6-150400.4.109.1
* libjavascriptcoregtk-6_0-1-debuginfo-2.46.6-150400.4.109.1
* typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150400.4.109.1
* typelib-1_0-WebKit2-4_1-2.46.6-150400.4.109.1
* libwebkit2gtk-4_0-37-2.46.6-150400.4.109.1
* webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150400.4.109.1
* webkit2gtk3-soup2-debugsource-2.46.6-150400.4.109.1
* webkit2gtk-4_1-injected-bundles-debuginfo-2.46.6-150400.4.109.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
* WebKitGTK-6.0-lang-2.46.6-150400.4.109.1
* WebKitGTK-4.0-lang-2.46.6-150400.4.109.1
* WebKitGTK-4.1-lang-2.46.6-150400.4.109.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* webkit2gtk-4_0-injected-bundles-2.46.6-150400.4.109.1
* webkit2gtk-4_1-injected-bundles-2.46.6-150400.4.109.1
* libjavascriptcoregtk-4_0-18-2.46.6-150400.4.109.1
* libjavascriptcoregtk-6_0-1-2.46.6-150400.4.109.1
* typelib-1_0-JavaScriptCore-4_1-2.46.6-150400.4.109.1
* webkit2gtk3-debugsource-2.46.6-150400.4.109.1
* libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150400.4.109.1
* libwebkit2gtk-4_1-0-2.46.6-150400.4.109.1
* typelib-1_0-JavaScriptCore-4_0-2.46.6-150400.4.109.1
* libjavascriptcoregtk-4_1-0-2.46.6-150400.4.109.1
* typelib-1_0-WebKit2-4_0-2.46.6-150400.4.109.1
* libwebkit2gtk-4_1-0-debuginfo-2.46.6-150400.4.109.1
* typelib-1_0-WebKit2WebExtension-4_1-2.46.6-150400.4.109.1
* webkit2gtk3-soup2-devel-2.46.6-150400.4.109.1
* libwebkit2gtk-4_0-37-debuginfo-2.46.6-150400.4.109.1
* webkitgtk-6_0-injected-bundles-2.46.6-150400.4.109.1
* libjavascriptcoregtk-4_1-0-debuginfo-2.46.6-150400.4.109.1
* libwebkitgtk-6_0-4-debuginfo-2.46.6-150400.4.109.1
* webkit2gtk3-devel-2.46.6-150400.4.109.1
* webkit2gtk4-debugsource-2.46.6-150400.4.109.1
* libwebkitgtk-6_0-4-2.46.6-150400.4.109.1
* libjavascriptcoregtk-6_0-1-debuginfo-2.46.6-150400.4.109.1
* typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150400.4.109.1
* typelib-1_0-WebKit2-4_1-2.46.6-150400.4.109.1
* libwebkit2gtk-4_0-37-2.46.6-150400.4.109.1
* webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150400.4.109.1
* webkit2gtk3-soup2-debugsource-2.46.6-150400.4.109.1
* webkit2gtk-4_1-injected-bundles-debuginfo-2.46.6-150400.4.109.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
* WebKitGTK-6.0-lang-2.46.6-150400.4.109.1
* WebKitGTK-4.0-lang-2.46.6-150400.4.109.1
* WebKitGTK-4.1-lang-2.46.6-150400.4.109.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* webkit2gtk-4_0-injected-bundles-2.46.6-150400.4.109.1
* webkit2gtk-4_1-injected-bundles-2.46.6-150400.4.109.1
* libjavascriptcoregtk-4_0-18-2.46.6-150400.4.109.1
* libjavascriptcoregtk-6_0-1-2.46.6-150400.4.109.1
* typelib-1_0-JavaScriptCore-4_1-2.46.6-150400.4.109.1
* webkit2gtk3-debugsource-2.46.6-150400.4.109.1
* libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150400.4.109.1
* libwebkit2gtk-4_1-0-2.46.6-150400.4.109.1
* typelib-1_0-JavaScriptCore-4_0-2.46.6-150400.4.109.1
* libjavascriptcoregtk-4_1-0-2.46.6-150400.4.109.1
* typelib-1_0-WebKit2-4_0-2.46.6-150400.4.109.1
* libwebkit2gtk-4_1-0-debuginfo-2.46.6-150400.4.109.1
* typelib-1_0-WebKit2WebExtension-4_1-2.46.6-150400.4.109.1
* webkit2gtk3-soup2-devel-2.46.6-150400.4.109.1
* libwebkit2gtk-4_0-37-debuginfo-2.46.6-150400.4.109.1
* webkitgtk-6_0-injected-bundles-2.46.6-150400.4.109.1
* libjavascriptcoregtk-4_1-0-debuginfo-2.46.6-150400.4.109.1
* libwebkitgtk-6_0-4-debuginfo-2.46.6-150400.4.109.1
* webkit2gtk3-devel-2.46.6-150400.4.109.1
* webkit2gtk4-debugsource-2.46.6-150400.4.109.1
* libwebkitgtk-6_0-4-2.46.6-150400.4.109.1
* libjavascriptcoregtk-6_0-1-debuginfo-2.46.6-150400.4.109.1
* typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150400.4.109.1
* typelib-1_0-WebKit2-4_1-2.46.6-150400.4.109.1
* libwebkit2gtk-4_0-37-2.46.6-150400.4.109.1
* webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150400.4.109.1
* webkit2gtk3-soup2-debugsource-2.46.6-150400.4.109.1
* webkit2gtk-4_1-injected-bundles-debuginfo-2.46.6-150400.4.109.1
* SUSE Manager Proxy 4.3 (noarch)
* WebKitGTK-4.0-lang-2.46.6-150400.4.109.1
* SUSE Manager Proxy 4.3 (x86_64)
* typelib-1_0-WebKit2-4_0-2.46.6-150400.4.109.1
* webkit2gtk-4_0-injected-bundles-2.46.6-150400.4.109.1
* libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150400.4.109.1
* webkit2gtk3-soup2-devel-2.46.6-150400.4.109.1
* libjavascriptcoregtk-4_0-18-2.46.6-150400.4.109.1
* libwebkit2gtk-4_0-37-debuginfo-2.46.6-150400.4.109.1
* typelib-1_0-JavaScriptCore-4_0-2.46.6-150400.4.109.1
* typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150400.4.109.1
* libwebkit2gtk-4_0-37-2.46.6-150400.4.109.1
* webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150400.4.109.1
* webkit2gtk3-soup2-debugsource-2.46.6-150400.4.109.1
* SUSE Manager Retail Branch Server 4.3 (noarch)
* WebKitGTK-4.0-lang-2.46.6-150400.4.109.1
* SUSE Manager Retail Branch Server 4.3 (x86_64)
* typelib-1_0-WebKit2-4_0-2.46.6-150400.4.109.1
* webkit2gtk-4_0-injected-bundles-2.46.6-150400.4.109.1
* libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150400.4.109.1
* webkit2gtk3-soup2-devel-2.46.6-150400.4.109.1
* libjavascriptcoregtk-4_0-18-2.46.6-150400.4.109.1
* libwebkit2gtk-4_0-37-debuginfo-2.46.6-150400.4.109.1
* typelib-1_0-JavaScriptCore-4_0-2.46.6-150400.4.109.1
* typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150400.4.109.1
* libwebkit2gtk-4_0-37-2.46.6-150400.4.109.1
* webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150400.4.109.1
* webkit2gtk3-soup2-debugsource-2.46.6-150400.4.109.1
* SUSE Manager Server 4.3 (noarch)
* WebKitGTK-4.0-lang-2.46.6-150400.4.109.1
* SUSE Manager Server 4.3 (ppc64le s390x x86_64)
* typelib-1_0-WebKit2-4_0-2.46.6-150400.4.109.1
* webkit2gtk-4_0-injected-bundles-2.46.6-150400.4.109.1
* libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150400.4.109.1
* webkit2gtk3-soup2-devel-2.46.6-150400.4.109.1
* libjavascriptcoregtk-4_0-18-2.46.6-150400.4.109.1
* libwebkit2gtk-4_0-37-debuginfo-2.46.6-150400.4.109.1
* typelib-1_0-JavaScriptCore-4_0-2.46.6-150400.4.109.1
* typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150400.4.109.1
* libwebkit2gtk-4_0-37-2.46.6-150400.4.109.1
* webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150400.4.109.1
* webkit2gtk3-soup2-debugsource-2.46.6-150400.4.109.1

## References:

* https://www.suse.com/security/cve/CVE-2025-24201.html
* https://bugzilla.suse.com/show_bug.cgi?id=1239547



SUSE-SU-2025:0974-1: important: Security update for webkit2gtk3


# Security update for webkit2gtk3

Announcement ID: SUSE-SU-2025:0974-1
Release Date: 2025-03-21T08:23:25Z
Rating: important
References:

* bsc#1239547

Cross-References:

* CVE-2025-24201

CVSS scores:

* CVE-2025-24201 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-24201 ( NVD ): 7.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-24201 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products:

* Basesystem Module 15-SP6
* Desktop Applications Module 15-SP6
* Development Tools Module 15-SP6
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves one vulnerability can now be installed.

## Description:

This update for webkit2gtk3 fixes the following issues:

* CVE-2025-24201: Fixed out-of-bounds write vulnerability due to that WebGL
context primitive restart can be toggled from WebContent process
(bsc#1239547).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-974=1

* Desktop Applications Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-974=1

* Development Tools Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-974=1

* openSUSE Leap 15.6
zypper in -t patch SUSE-2025-974=1 openSUSE-SLE-15.6-2025-974=1

## Package List:

* Basesystem Module 15-SP6 (noarch)
* WebKitGTK-4.0-lang-2.46.6-150600.12.30.2
* WebKitGTK-6.0-lang-2.46.6-150600.12.30.2
* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* libjavascriptcoregtk-6_0-1-2.46.6-150600.12.30.2
* webkitgtk-6_0-injected-bundles-debuginfo-2.46.6-150600.12.30.2
* libwebkit2gtk-4_0-37-debuginfo-2.46.6-150600.12.30.2
* webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150600.12.30.2
* webkitgtk-6_0-injected-bundles-2.46.6-150600.12.30.2
* webkit2gtk3-soup2-devel-2.46.6-150600.12.30.2
* webkit2gtk4-debugsource-2.46.6-150600.12.30.2
* libwebkitgtk-6_0-4-debuginfo-2.46.6-150600.12.30.2
* typelib-1_0-JavaScriptCore-4_0-2.46.6-150600.12.30.2
* libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150600.12.30.2
* webkit2gtk-4_0-injected-bundles-2.46.6-150600.12.30.2
* libwebkitgtk-6_0-4-2.46.6-150600.12.30.2
* typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150600.12.30.2
* typelib-1_0-WebKit2-4_0-2.46.6-150600.12.30.2
* webkit2gtk3-soup2-debugsource-2.46.6-150600.12.30.2
* libwebkit2gtk-4_0-37-2.46.6-150600.12.30.2
* libjavascriptcoregtk-6_0-1-debuginfo-2.46.6-150600.12.30.2
* libjavascriptcoregtk-4_0-18-2.46.6-150600.12.30.2
* Desktop Applications Module 15-SP6 (noarch)
* WebKitGTK-4.1-lang-2.46.6-150600.12.30.2
* Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* webkit2gtk3-devel-2.46.6-150600.12.30.2
* webkit2gtk3-debugsource-2.46.6-150600.12.30.2
* libwebkit2gtk-4_1-0-2.46.6-150600.12.30.2
* typelib-1_0-JavaScriptCore-4_1-2.46.6-150600.12.30.2
* typelib-1_0-WebKit2WebExtension-4_1-2.46.6-150600.12.30.2
* libjavascriptcoregtk-4_1-0-debuginfo-2.46.6-150600.12.30.2
* webkit2gtk-4_1-injected-bundles-2.46.6-150600.12.30.2
* webkit2gtk-4_1-injected-bundles-debuginfo-2.46.6-150600.12.30.2
* libwebkit2gtk-4_1-0-debuginfo-2.46.6-150600.12.30.2
* typelib-1_0-WebKit2-4_1-2.46.6-150600.12.30.2
* libjavascriptcoregtk-4_1-0-2.46.6-150600.12.30.2
* Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* typelib-1_0-WebKitWebProcessExtension-6_0-2.46.6-150600.12.30.2
* webkit2gtk4-debugsource-2.46.6-150600.12.30.2
* typelib-1_0-WebKit-6_0-2.46.6-150600.12.30.2
* webkit2gtk4-devel-2.46.6-150600.12.30.2
* typelib-1_0-JavaScriptCore-6_0-2.46.6-150600.12.30.2
* openSUSE Leap 15.6 (noarch)
* WebKitGTK-4.0-lang-2.46.6-150600.12.30.2
* WebKitGTK-6.0-lang-2.46.6-150600.12.30.2
* WebKitGTK-4.1-lang-2.46.6-150600.12.30.2
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* libjavascriptcoregtk-6_0-1-2.46.6-150600.12.30.2
* libwebkit2gtk-4_0-37-debuginfo-2.46.6-150600.12.30.2
* webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150600.12.30.2
* webkit2gtk4-debugsource-2.46.6-150600.12.30.2
* webkit2gtk3-soup2-minibrowser-debuginfo-2.46.6-150600.12.30.2
* webkit-jsc-4.1-2.46.6-150600.12.30.2
* webkit2gtk-4_0-injected-bundles-2.46.6-150600.12.30.2
* libjavascriptcoregtk-4_1-0-debuginfo-2.46.6-150600.12.30.2
* webkit2gtk3-minibrowser-debuginfo-2.46.6-150600.12.30.2
* webkit2gtk3-soup2-minibrowser-2.46.6-150600.12.30.2
* libwebkit2gtk-4_1-0-debuginfo-2.46.6-150600.12.30.2
* typelib-1_0-WebKitWebProcessExtension-6_0-2.46.6-150600.12.30.2
* webkit2gtk4-minibrowser-debuginfo-2.46.6-150600.12.30.2
* webkitgtk-6_0-injected-bundles-2.46.6-150600.12.30.2
* typelib-1_0-WebKit-6_0-2.46.6-150600.12.30.2
* typelib-1_0-JavaScriptCore-4_1-2.46.6-150600.12.30.2
* libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150600.12.30.2
* typelib-1_0-WebKit2-4_0-2.46.6-150600.12.30.2
* webkit2gtk3-minibrowser-2.46.6-150600.12.30.2
* typelib-1_0-WebKit2-4_1-2.46.6-150600.12.30.2
* webkit2gtk3-soup2-debugsource-2.46.6-150600.12.30.2
* libwebkit2gtk-4_0-37-2.46.6-150600.12.30.2
* webkit2gtk4-minibrowser-2.46.6-150600.12.30.2
* webkit-jsc-4-debuginfo-2.46.6-150600.12.30.2
* libwebkitgtk-6_0-4-debuginfo-2.46.6-150600.12.30.2
* webkit2gtk3-debugsource-2.46.6-150600.12.30.2
* typelib-1_0-WebKit2WebExtension-4_1-2.46.6-150600.12.30.2
* typelib-1_0-JavaScriptCore-4_0-2.46.6-150600.12.30.2
* webkit-jsc-4.1-debuginfo-2.46.6-150600.12.30.2
* typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150600.12.30.2
* libwebkitgtk-6_0-4-2.46.6-150600.12.30.2
* typelib-1_0-JavaScriptCore-6_0-2.46.6-150600.12.30.2
* libjavascriptcoregtk-4_1-0-2.46.6-150600.12.30.2
* libjavascriptcoregtk-6_0-1-debuginfo-2.46.6-150600.12.30.2
* webkitgtk-6_0-injected-bundles-debuginfo-2.46.6-150600.12.30.2
* webkit2gtk3-soup2-devel-2.46.6-150600.12.30.2
* webkit2gtk3-devel-2.46.6-150600.12.30.2
* libwebkit2gtk-4_1-0-2.46.6-150600.12.30.2
* webkit-jsc-4-2.46.6-150600.12.30.2
* webkit2gtk4-devel-2.46.6-150600.12.30.2
* webkit-jsc-6.0-2.46.6-150600.12.30.2
* webkit-jsc-6.0-debuginfo-2.46.6-150600.12.30.2
* webkit2gtk-4_1-injected-bundles-2.46.6-150600.12.30.2
* webkit2gtk-4_1-injected-bundles-debuginfo-2.46.6-150600.12.30.2
* libjavascriptcoregtk-4_0-18-2.46.6-150600.12.30.2
* openSUSE Leap 15.6 (x86_64)
* libwebkit2gtk-4_0-37-32bit-2.46.6-150600.12.30.2
* libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.46.6-150600.12.30.2
* libjavascriptcoregtk-4_1-0-32bit-debuginfo-2.46.6-150600.12.30.2
* libjavascriptcoregtk-4_0-18-32bit-2.46.6-150600.12.30.2
* libwebkit2gtk-4_1-0-32bit-debuginfo-2.46.6-150600.12.30.2
* libwebkit2gtk-4_1-0-32bit-2.46.6-150600.12.30.2
* libwebkit2gtk-4_0-37-32bit-debuginfo-2.46.6-150600.12.30.2
* libjavascriptcoregtk-4_1-0-32bit-2.46.6-150600.12.30.2
* openSUSE Leap 15.6 (aarch64_ilp32)
* libwebkit2gtk-4_1-0-64bit-debuginfo-2.46.6-150600.12.30.2
* libjavascriptcoregtk-4_0-18-64bit-2.46.6-150600.12.30.2
* libjavascriptcoregtk-4_1-0-64bit-2.46.6-150600.12.30.2
* libjavascriptcoregtk-4_1-0-64bit-debuginfo-2.46.6-150600.12.30.2
* libwebkit2gtk-4_0-37-64bit-debuginfo-2.46.6-150600.12.30.2
* libwebkit2gtk-4_0-37-64bit-2.46.6-150600.12.30.2
* libjavascriptcoregtk-4_0-18-64bit-debuginfo-2.46.6-150600.12.30.2
* libwebkit2gtk-4_1-0-64bit-2.46.6-150600.12.30.2

## References:

* https://www.suse.com/security/cve/CVE-2025-24201.html
* https://bugzilla.suse.com/show_bug.cgi?id=1239547



SUSE-SU-2025:0976-1: important: Security update for libxml2


# Security update for libxml2

Announcement ID: SUSE-SU-2025:0976-1
Release Date: 2025-03-21T08:25:31Z
Rating: important
References:

* bsc#1237363
* bsc#1237370
* bsc#1237418

Cross-References:

* CVE-2024-56171
* CVE-2025-24928
* CVE-2025-27113

CVSS scores:

* CVE-2024-56171 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-56171 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2024-56171 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
* CVE-2025-24928 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N
* CVE-2025-24928 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L
* CVE-2025-24928 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
* CVE-2025-27113 ( SUSE ): 5.1
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-27113 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-27113 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-27113 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.6
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise Micro 5.1
* SUSE Linux Enterprise Micro 5.2
* SUSE Linux Enterprise Micro for Rancher 5.2
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP3

An update that solves three vulnerabilities can now be installed.

## Description:

This update for libxml2 fixes the following issues:

* CVE-2024-56171: Fixed use-after-free in xmlSchemaIDCFillNodeTables and
xmlSchemaBubbleIDCNodeTables in xmlschemas.c (bsc#1237363).
* CVE-2025-24928: Fixed stack-based buffer overflow in xmlSnprintfElements in
valid.c (bsc#1237370).
* CVE-2025-27113: Fixed NULL Pointer Dereference in libxml2 xmlPatMatch
(bsc#1237418).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2025-976=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-976=1

* SUSE Linux Enterprise Server 15 SP3 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-976=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-976=1

* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2025-976=1

* SUSE Linux Enterprise Micro 5.1
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-976=1

* SUSE Linux Enterprise Micro 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-976=1

* SUSE Linux Enterprise Micro for Rancher 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-976=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* python-libxml2-python-debugsource-2.9.7-150000.3.76.1
* python3-libxml2-python-2.9.7-150000.3.76.1
* python3-libxml2-python-debuginfo-2.9.7-150000.3.76.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
x86_64)
* libxml2-tools-debuginfo-2.9.7-150000.3.76.1
* libxml2-2-debuginfo-2.9.7-150000.3.76.1
* python3-libxml2-python-debuginfo-2.9.7-150000.3.76.1
* python3-libxml2-python-2.9.7-150000.3.76.1
* libxml2-tools-2.9.7-150000.3.76.1
* libxml2-devel-2.9.7-150000.3.76.1
* libxml2-debugsource-2.9.7-150000.3.76.1
* python-libxml2-python-debugsource-2.9.7-150000.3.76.1
* libxml2-2-2.9.7-150000.3.76.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64)
* libxml2-2-32bit-debuginfo-2.9.7-150000.3.76.1
* libxml2-2-32bit-2.9.7-150000.3.76.1
* SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
* libxml2-tools-debuginfo-2.9.7-150000.3.76.1
* libxml2-2-debuginfo-2.9.7-150000.3.76.1
* python3-libxml2-python-debuginfo-2.9.7-150000.3.76.1
* python3-libxml2-python-2.9.7-150000.3.76.1
* libxml2-tools-2.9.7-150000.3.76.1
* libxml2-devel-2.9.7-150000.3.76.1
* libxml2-debugsource-2.9.7-150000.3.76.1
* python-libxml2-python-debugsource-2.9.7-150000.3.76.1
* libxml2-2-2.9.7-150000.3.76.1
* SUSE Linux Enterprise Server 15 SP3 LTSS (x86_64)
* libxml2-2-32bit-debuginfo-2.9.7-150000.3.76.1
* libxml2-2-32bit-2.9.7-150000.3.76.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
* libxml2-tools-debuginfo-2.9.7-150000.3.76.1
* libxml2-2-debuginfo-2.9.7-150000.3.76.1
* python3-libxml2-python-debuginfo-2.9.7-150000.3.76.1
* python3-libxml2-python-2.9.7-150000.3.76.1
* libxml2-tools-2.9.7-150000.3.76.1
* libxml2-devel-2.9.7-150000.3.76.1
* libxml2-debugsource-2.9.7-150000.3.76.1
* python-libxml2-python-debugsource-2.9.7-150000.3.76.1
* libxml2-2-2.9.7-150000.3.76.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64)
* libxml2-2-32bit-debuginfo-2.9.7-150000.3.76.1
* libxml2-2-32bit-2.9.7-150000.3.76.1
* SUSE Enterprise Storage 7.1 (aarch64 x86_64)
* libxml2-tools-debuginfo-2.9.7-150000.3.76.1
* libxml2-2-debuginfo-2.9.7-150000.3.76.1
* python3-libxml2-python-debuginfo-2.9.7-150000.3.76.1
* python3-libxml2-python-2.9.7-150000.3.76.1
* libxml2-tools-2.9.7-150000.3.76.1
* libxml2-devel-2.9.7-150000.3.76.1
* libxml2-debugsource-2.9.7-150000.3.76.1
* python-libxml2-python-debugsource-2.9.7-150000.3.76.1
* libxml2-2-2.9.7-150000.3.76.1
* SUSE Enterprise Storage 7.1 (x86_64)
* libxml2-2-32bit-debuginfo-2.9.7-150000.3.76.1
* libxml2-2-32bit-2.9.7-150000.3.76.1
* SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
* libxml2-2-debuginfo-2.9.7-150000.3.76.1
* libxml2-2-2.9.7-150000.3.76.1
* libxml2-tools-2.9.7-150000.3.76.1
* libxml2-debugsource-2.9.7-150000.3.76.1
* libxml2-tools-debuginfo-2.9.7-150000.3.76.1
* SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
* libxml2-2-debuginfo-2.9.7-150000.3.76.1
* python3-libxml2-python-debuginfo-2.9.7-150000.3.76.1
* python3-libxml2-python-2.9.7-150000.3.76.1
* libxml2-2-2.9.7-150000.3.76.1
* libxml2-tools-2.9.7-150000.3.76.1
* libxml2-debugsource-2.9.7-150000.3.76.1
* python-libxml2-python-debugsource-2.9.7-150000.3.76.1
* libxml2-tools-debuginfo-2.9.7-150000.3.76.1
* SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
* libxml2-2-debuginfo-2.9.7-150000.3.76.1
* python3-libxml2-python-debuginfo-2.9.7-150000.3.76.1
* python3-libxml2-python-2.9.7-150000.3.76.1
* libxml2-2-2.9.7-150000.3.76.1
* libxml2-tools-2.9.7-150000.3.76.1
* libxml2-debugsource-2.9.7-150000.3.76.1
* python-libxml2-python-debugsource-2.9.7-150000.3.76.1
* libxml2-tools-debuginfo-2.9.7-150000.3.76.1

## References:

* https://www.suse.com/security/cve/CVE-2024-56171.html
* https://www.suse.com/security/cve/CVE-2025-24928.html
* https://www.suse.com/security/cve/CVE-2025-27113.html
* https://bugzilla.suse.com/show_bug.cgi?id=1237363
* https://bugzilla.suse.com/show_bug.cgi?id=1237370
* https://bugzilla.suse.com/show_bug.cgi?id=1237418



SUSE-SU-2025:0977-1: moderate: Security update for wpa_supplicant


# Security update for wpa_supplicant

Announcement ID: SUSE-SU-2025:0977-1
Release Date: 2025-03-21T08:26:03Z
Rating: moderate
References:

* bsc#1239461

Cross-References:

* CVE-2025-24912

CVSS scores:

* CVE-2025-24912 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-24912 ( NVD ): 3.7 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

Affected Products:

* Basesystem Module 15-SP6
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves one vulnerability can now be installed.

## Description:

This update for wpa_supplicant fixes the following issues:

* CVE-2025-24912: Fixed hostapd failing to process crafted RADIUS packets
properly (bsc#1239461)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-977=1

* openSUSE Leap 15.6
zypper in -t patch SUSE-2025-977=1 openSUSE-SLE-15.6-2025-977=1

## Package List:

* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* wpa_supplicant-2.10-150600.7.6.1
* wpa_supplicant-debugsource-2.10-150600.7.6.1
* wpa_supplicant-debuginfo-2.10-150600.7.6.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* wpa_supplicant-debuginfo-2.10-150600.7.6.1
* wpa_supplicant-2.10-150600.7.6.1
* wpa_supplicant-gui-2.10-150600.7.6.1
* wpa_supplicant-gui-debuginfo-2.10-150600.7.6.1
* wpa_supplicant-debugsource-2.10-150600.7.6.1

## References:

* https://www.suse.com/security/cve/CVE-2025-24912.html
* https://bugzilla.suse.com/show_bug.cgi?id=1239461



openSUSE-SU-2025:14912-1: moderate: mercurial-6.9.4-1.1 on GA media


# mercurial-6.9.4-1.1 on GA media

Announcement ID: openSUSE-SU-2025:14912-1
Rating: moderate

Cross-References:

* CVE-2025-2361

CVSS scores:

* CVE-2025-2361 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
* CVE-2025-2361 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:L

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the mercurial-6.9.4-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* mercurial 6.9.4-1.1
* mercurial-lang 6.9.4-1.1
* mercurial-tests 6.9.4-1.1

## References:

* https://www.suse.com/security/cve/CVE-2025-2361.html



SUSE-SU-2025:0979-1: important: Security update for zvbi


# Security update for zvbi

Announcement ID: SUSE-SU-2025:0979-1
Release Date: 2025-03-21T12:54:45Z
Rating: important
References:

* bsc#1239222
* bsc#1239299
* bsc#1239312
* bsc#1239319
* bsc#1239320

Cross-References:

* CVE-2025-2173
* CVE-2025-2174
* CVE-2025-2175
* CVE-2025-2176
* CVE-2025-2177

CVSS scores:

* CVE-2025-2173 ( SUSE ): 6.9
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2025-2173 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2025-2173 ( NVD ): 6.9
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2025-2173 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2025-2174 ( SUSE ): 6.9
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2025-2174 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-2174 ( NVD ): 6.9
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2025-2174 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-2175 ( SUSE ): 5.3
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2025-2175 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2025-2175 ( NVD ): 5.3
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2025-2175 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2025-2176 ( SUSE ): 6.9
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2025-2176 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
* CVE-2025-2176 ( NVD ): 6.9
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2025-2176 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
* CVE-2025-2177 ( SUSE ): 6.9
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2025-2177 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
* CVE-2025-2177 ( NVD ): 6.9
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2025-2177 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Affected Products:

* Desktop Applications Module 15-SP6
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Package Hub 15 15-SP6

An update that solves five vulnerabilities can now be installed.

## Description:

This update for zvbi fixes the following issues:

* CVE-2025-2173: Fixed check on src_length to avoid an unitinialized heap read
(bsc#1239222).
* CVE-2025-2174: Fixed integer overflow leading to heap overflow in
src/conv.c, src/io-sim.c, src/search.c (bsc#1239299).
* CVE-2025-2175: Fixed integer overflow in _vbi_strndup_iconv (bsc#1239312).
* CVE-2025-2176: Fixed integer overflow in function
vbi_capture_sim_load_caption in src/io-sim.c (bsc#1239319).
* CVE-2025-2177: Fixed integer overflow in function vbi_search_new in
src/search.c (bsc#1239320).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-979=1

* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-979=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-979=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-979=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2025-979=1

* Desktop Applications Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-979=1

* SUSE Package Hub 15 15-SP6
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-979=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-979=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-979=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-979=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-979=1

## Package List:

* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* zvbi-debugsource-0.2.35-150000.4.3.1
* zvbi-debuginfo-0.2.35-150000.4.3.1
* libzvbi0-debuginfo-0.2.35-150000.4.3.1
* libzvbi0-0.2.35-150000.4.3.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* zvbi-debugsource-0.2.35-150000.4.3.1
* zvbi-debuginfo-0.2.35-150000.4.3.1
* libzvbi0-debuginfo-0.2.35-150000.4.3.1
* libzvbi0-0.2.35-150000.4.3.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* zvbi-debugsource-0.2.35-150000.4.3.1
* zvbi-debuginfo-0.2.35-150000.4.3.1
* libzvbi0-debuginfo-0.2.35-150000.4.3.1
* libzvbi0-0.2.35-150000.4.3.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* zvbi-debugsource-0.2.35-150000.4.3.1
* zvbi-debuginfo-0.2.35-150000.4.3.1
* libzvbi0-debuginfo-0.2.35-150000.4.3.1
* libzvbi0-0.2.35-150000.4.3.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* zvbi-0.2.35-150000.4.3.1
* zvbi-devel-0.2.35-150000.4.3.1
* zvbi-debugsource-0.2.35-150000.4.3.1
* libzvbi-chains0-debuginfo-0.2.35-150000.4.3.1
* zvbi-debuginfo-0.2.35-150000.4.3.1
* libzvbi0-0.2.35-150000.4.3.1
* libzvbi-chains0-0.2.35-150000.4.3.1
* libzvbi0-debuginfo-0.2.35-150000.4.3.1
* openSUSE Leap 15.6 (x86_64)
* libzvbi-chains0-32bit-0.2.35-150000.4.3.1
* libzvbi-chains0-32bit-debuginfo-0.2.35-150000.4.3.1
* libzvbi0-32bit-debuginfo-0.2.35-150000.4.3.1
* zvbi-devel-32bit-0.2.35-150000.4.3.1
* libzvbi0-32bit-0.2.35-150000.4.3.1
* openSUSE Leap 15.6 (noarch)
* zvbi-lang-0.2.35-150000.4.3.1
* Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* zvbi-debugsource-0.2.35-150000.4.3.1
* zvbi-debuginfo-0.2.35-150000.4.3.1
* libzvbi0-debuginfo-0.2.35-150000.4.3.1
* libzvbi0-0.2.35-150000.4.3.1
* SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64)
* zvbi-0.2.35-150000.4.3.1
* zvbi-devel-0.2.35-150000.4.3.1
* zvbi-debugsource-0.2.35-150000.4.3.1
* libzvbi-chains0-debuginfo-0.2.35-150000.4.3.1
* zvbi-debuginfo-0.2.35-150000.4.3.1
* libzvbi-chains0-0.2.35-150000.4.3.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* zvbi-debugsource-0.2.35-150000.4.3.1
* zvbi-debuginfo-0.2.35-150000.4.3.1
* libzvbi0-debuginfo-0.2.35-150000.4.3.1
* libzvbi0-0.2.35-150000.4.3.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* zvbi-debugsource-0.2.35-150000.4.3.1
* zvbi-debuginfo-0.2.35-150000.4.3.1
* libzvbi0-debuginfo-0.2.35-150000.4.3.1
* libzvbi0-0.2.35-150000.4.3.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
x86_64)
* zvbi-debugsource-0.2.35-150000.4.3.1
* zvbi-debuginfo-0.2.35-150000.4.3.1
* libzvbi0-debuginfo-0.2.35-150000.4.3.1
* libzvbi0-0.2.35-150000.4.3.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
x86_64)
* zvbi-debugsource-0.2.35-150000.4.3.1
* zvbi-debuginfo-0.2.35-150000.4.3.1
* libzvbi0-debuginfo-0.2.35-150000.4.3.1
* libzvbi0-0.2.35-150000.4.3.1

## References:

* https://www.suse.com/security/cve/CVE-2025-2173.html
* https://www.suse.com/security/cve/CVE-2025-2174.html
* https://www.suse.com/security/cve/CVE-2025-2175.html
* https://www.suse.com/security/cve/CVE-2025-2176.html
* https://www.suse.com/security/cve/CVE-2025-2177.html
* https://bugzilla.suse.com/show_bug.cgi?id=1239222
* https://bugzilla.suse.com/show_bug.cgi?id=1239299
* https://bugzilla.suse.com/show_bug.cgi?id=1239312
* https://bugzilla.suse.com/show_bug.cgi?id=1239319
* https://bugzilla.suse.com/show_bug.cgi?id=1239320



SUSE-SU-2025:0981-1: low: Security update for python311


# Security update for python311

Announcement ID: SUSE-SU-2025:0981-1
Release Date: 2025-03-21T14:16:50Z
Rating: low
References:

* bsc#1238450
* bsc#1239210

Cross-References:

* CVE-2025-1795

CVSS scores:

* CVE-2025-1795 ( SUSE ): 2.3
CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2025-1795 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2025-1795 ( NVD ): 2.3
CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Affected Products:

* openSUSE Leap 15.4
* Public Cloud Module 15-SP4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3

An update that solves one vulnerability and has one security fix can now be
installed.

## Description:

This update for python311 fixes the following issues:

* CVE-2025-1795: Fixed mishandling of comma during folding and unicode-
encoding of email headers (bsc#1238450).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* Public Cloud Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2025-981=1

* openSUSE Leap 15.4
zypper in -t patch SUSE-2025-981=1

## Package List:

* Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64)
* python311-3.11.11-150400.9.49.1
* libpython3_11-1_0-3.11.11-150400.9.49.1
* python311-base-3.11.11-150400.9.49.1
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* python311-tk-3.11.11-150400.9.49.1
* python311-doc-3.11.11-150400.9.49.1
* python311-debuginfo-3.11.11-150400.9.49.1
* python311-idle-3.11.11-150400.9.49.1
* python311-testsuite-3.11.11-150400.9.49.1
* python311-curses-3.11.11-150400.9.49.1
* python311-tk-debuginfo-3.11.11-150400.9.49.1
* python311-3.11.11-150400.9.49.1
* libpython3_11-1_0-debuginfo-3.11.11-150400.9.49.1
* python311-base-debuginfo-3.11.11-150400.9.49.1
* python311-base-3.11.11-150400.9.49.1
* python311-testsuite-debuginfo-3.11.11-150400.9.49.1
* python311-core-debugsource-3.11.11-150400.9.49.1
* python311-doc-devhelp-3.11.11-150400.9.49.1
* python311-tools-3.11.11-150400.9.49.1
* python311-curses-debuginfo-3.11.11-150400.9.49.1
* python311-debugsource-3.11.11-150400.9.49.1
* python311-dbm-debuginfo-3.11.11-150400.9.49.1
* python311-dbm-3.11.11-150400.9.49.1
* python311-devel-3.11.11-150400.9.49.1
* libpython3_11-1_0-3.11.11-150400.9.49.1
* openSUSE Leap 15.4 (x86_64)
* libpython3_11-1_0-32bit-debuginfo-3.11.11-150400.9.49.1
* python311-base-32bit-3.11.11-150400.9.49.1
* libpython3_11-1_0-32bit-3.11.11-150400.9.49.1
* python311-base-32bit-debuginfo-3.11.11-150400.9.49.1
* python311-32bit-debuginfo-3.11.11-150400.9.49.1
* python311-32bit-3.11.11-150400.9.49.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* libpython3_11-1_0-64bit-debuginfo-3.11.11-150400.9.49.1
* python311-64bit-3.11.11-150400.9.49.1
* python311-64bit-debuginfo-3.11.11-150400.9.49.1
* libpython3_11-1_0-64bit-3.11.11-150400.9.49.1
* python311-base-64bit-debuginfo-3.11.11-150400.9.49.1
* python311-base-64bit-3.11.11-150400.9.49.1

## References:

* https://www.suse.com/security/cve/CVE-2025-1795.html
* https://bugzilla.suse.com/show_bug.cgi?id=1238450
* https://bugzilla.suse.com/show_bug.cgi?id=1239210



SUSE-SU-2025:0980-1: critical: Security update for apptainer


# Security update for apptainer

Announcement ID: SUSE-SU-2025:0980-1
Release Date: 2025-03-21T14:15:24Z
Rating: critical
References:

* bsc#1228324
* bsc#1234595
* bsc#1234794
* bsc#1237679
* bsc#1238611
* bsc#1239341

Cross-References:

* CVE-2024-41110
* CVE-2024-45337
* CVE-2024-45338
* CVE-2025-22869
* CVE-2025-22870
* CVE-2025-27144

CVSS scores:

* CVE-2024-41110 ( SUSE ): 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
* CVE-2024-45337 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-45337 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
* CVE-2024-45338 ( SUSE ): 8.2
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-45338 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-45338 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-22869 ( SUSE ): 8.2
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-22869 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-22870 ( SUSE ): 4.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-22870 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
* CVE-2025-22870 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
* CVE-2025-27144 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-27144 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-27144 ( NVD ): 6.6
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Affected Products:

* HPC Module 15-SP6
* openSUSE Leap 15.6
* SUSE Linux Enterprise Server 15 SP6

An update that solves six vulnerabilities can now be installed.

## Description:

This update for apptainer fixes the following issues:

* CVE-2025-27144: Fixed Denial of Service in Go JOSE's Parsing (bsc#1237679).
* CVE-2024-45338: Fixed denial of service due to non-linear parsing of case-
insensitive content (bsc#1234794).
* CVE-2024-45337: Fixed Misuse of ServerConfig.PublicKeyCallback may cause
authorization bypass in golang.org/x/crypto (bsc#1234595).
* CVE-2025-22870: Fixed proxy bypass using IPv6 zone IDs (bsc#1238611).
* CVE-2025-22869: Fixed Denial of Service in the Key Exchange of
golang.org/x/crypto/ssh (bsc#1239341).
* CVE-2024-41110: Fixed Authz zero length regression (bsc#1228324).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2025-980=1 openSUSE-SLE-15.6-2025-980=1

* HPC Module 15-SP6
zypper in -t patch SUSE-SLE-Module-HPC-15-SP6-2025-980=1

## Package List:

* openSUSE Leap 15.6 (aarch64 x86_64)
* apptainer-debuginfo-1.3.6-150600.4.9.1
* apptainer-1.3.6-150600.4.9.1
* openSUSE Leap 15.6 (noarch)
* apptainer-sle15_5-1.3.6-150600.4.9.1
* apptainer-sle15_6-1.3.6-150600.4.9.1
* apptainer-leap-1.3.6-150600.4.9.1
* apptainer-sle15_7-1.3.6-150600.4.9.1
* HPC Module 15-SP6 (aarch64 x86_64)
* apptainer-debuginfo-1.3.6-150600.4.9.1
* apptainer-1.3.6-150600.4.9.1
* HPC Module 15-SP6 (noarch)
* apptainer-sle15_6-1.3.6-150600.4.9.1

## References:

* https://www.suse.com/security/cve/CVE-2024-41110.html
* https://www.suse.com/security/cve/CVE-2024-45337.html
* https://www.suse.com/security/cve/CVE-2024-45338.html
* https://www.suse.com/security/cve/CVE-2025-22869.html
* https://www.suse.com/security/cve/CVE-2025-22870.html
* https://www.suse.com/security/cve/CVE-2025-27144.html
* https://bugzilla.suse.com/show_bug.cgi?id=1228324
* https://bugzilla.suse.com/show_bug.cgi?id=1234595
* https://bugzilla.suse.com/show_bug.cgi?id=1234794
* https://bugzilla.suse.com/show_bug.cgi?id=1237679
* https://bugzilla.suse.com/show_bug.cgi?id=1238611
* https://bugzilla.suse.com/show_bug.cgi?id=1239341



SUSE-SU-2025:0982-1: low: Security update for python311


# Security update for python311

Announcement ID: SUSE-SU-2025:0982-1
Release Date: 2025-03-21T14:17:21Z
Rating: low
References:

* bsc#1238450
* bsc#1239210

Cross-References:

* CVE-2025-1795

CVSS scores:

* CVE-2025-1795 ( SUSE ): 2.3
CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2025-1795 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2025-1795 ( NVD ): 2.3
CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Affected Products:

* Basesystem Module 15-SP6
* openSUSE Leap 15.6
* Python 3 Module 15-SP6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves one vulnerability and has one security fix can now be
installed.

## Description:

This update for python311 fixes the following issues:

* CVE-2025-1795: Fixed mishandling of comma during folding and unicode-
encoding of email headers (bsc#1238450).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2025-982=1 openSUSE-SLE-15.6-2025-982=1

* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-982=1

* Python 3 Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2025-982=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* python311-debuginfo-3.11.11-150600.3.21.1
* python311-tk-debuginfo-3.11.11-150600.3.21.1
* python311-base-debuginfo-3.11.11-150600.3.21.1
* python311-core-debugsource-3.11.11-150600.3.21.1
* python311-tools-3.11.11-150600.3.21.1
* python311-testsuite-3.11.11-150600.3.21.1
* libpython3_11-1_0-debuginfo-3.11.11-150600.3.21.1
* python311-debugsource-3.11.11-150600.3.21.1
* python311-tk-3.11.11-150600.3.21.1
* python311-curses-debuginfo-3.11.11-150600.3.21.1
* python311-base-3.11.11-150600.3.21.1
* python311-testsuite-debuginfo-3.11.11-150600.3.21.1
* python311-curses-3.11.11-150600.3.21.1
* libpython3_11-1_0-3.11.11-150600.3.21.1
* python311-doc-devhelp-3.11.11-150600.3.21.1
* python311-dbm-debuginfo-3.11.11-150600.3.21.1
* python311-devel-3.11.11-150600.3.21.1
* python311-doc-3.11.11-150600.3.21.1
* python311-dbm-3.11.11-150600.3.21.1
* python311-idle-3.11.11-150600.3.21.1
* python311-3.11.11-150600.3.21.1
* openSUSE Leap 15.6 (x86_64)
* python311-base-32bit-debuginfo-3.11.11-150600.3.21.1
* python311-32bit-3.11.11-150600.3.21.1
* libpython3_11-1_0-32bit-debuginfo-3.11.11-150600.3.21.1
* libpython3_11-1_0-32bit-3.11.11-150600.3.21.1
* python311-32bit-debuginfo-3.11.11-150600.3.21.1
* python311-base-32bit-3.11.11-150600.3.21.1
* openSUSE Leap 15.6 (aarch64_ilp32)
* python311-64bit-debuginfo-3.11.11-150600.3.21.1
* libpython3_11-1_0-64bit-debuginfo-3.11.11-150600.3.21.1
* python311-base-64bit-debuginfo-3.11.11-150600.3.21.1
* python311-base-64bit-3.11.11-150600.3.21.1
* libpython3_11-1_0-64bit-3.11.11-150600.3.21.1
* python311-64bit-3.11.11-150600.3.21.1
* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* python311-base-3.11.11-150600.3.21.1
* libpython3_11-1_0-debuginfo-3.11.11-150600.3.21.1
* python311-base-debuginfo-3.11.11-150600.3.21.1
* python311-core-debugsource-3.11.11-150600.3.21.1
* libpython3_11-1_0-3.11.11-150600.3.21.1
* Python 3 Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* python311-debuginfo-3.11.11-150600.3.21.1
* python311-tk-debuginfo-3.11.11-150600.3.21.1
* python311-curses-debuginfo-3.11.11-150600.3.21.1
* python311-core-debugsource-3.11.11-150600.3.21.1
* python311-curses-3.11.11-150600.3.21.1
* python311-debugsource-3.11.11-150600.3.21.1
* python311-dbm-3.11.11-150600.3.21.1
* python311-idle-3.11.11-150600.3.21.1
* python311-tk-3.11.11-150600.3.21.1
* python311-3.11.11-150600.3.21.1
* python311-tools-3.11.11-150600.3.21.1
* python311-dbm-debuginfo-3.11.11-150600.3.21.1
* python311-devel-3.11.11-150600.3.21.1

## References:

* https://www.suse.com/security/cve/CVE-2025-1795.html
* https://bugzilla.suse.com/show_bug.cgi?id=1238450
* https://bugzilla.suse.com/show_bug.cgi?id=1239210



SUSE-SU-2025:0984-1: moderate: Security update for xorg-x11-server


# Security update for xorg-x11-server

Announcement ID: SUSE-SU-2025:0984-1
Release Date: 2025-03-21T17:44:55Z
Rating: moderate
References:

* bsc#1239750

Cross-References:

* CVE-2022-49737

CVSS scores:

* CVE-2022-49737 ( SUSE ): 5.7
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2022-49737 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-49737 ( NVD ): 7.7 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H

Affected Products:

* Basesystem Module 15-SP6
* Development Tools Module 15-SP6
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves one vulnerability can now be installed.

## Description:

This update for xorg-x11-server fixes the following issues:

* CVE-2022-49737: Fixed Xorg crashing when client applications use easystroke
for mouse gestures (bsc#1239750)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-984=1

* Development Tools Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-984=1

* openSUSE Leap 15.6
zypper in -t patch SUSE-2025-984=1 openSUSE-SLE-15.6-2025-984=1

## Package List:

* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* xorg-x11-server-extra-21.1.11-150600.5.9.1
* xorg-x11-server-extra-debuginfo-21.1.11-150600.5.9.1
* xorg-x11-server-Xvfb-21.1.11-150600.5.9.1
* xorg-x11-server-Xvfb-debuginfo-21.1.11-150600.5.9.1
* xorg-x11-server-debugsource-21.1.11-150600.5.9.1
* xorg-x11-server-debuginfo-21.1.11-150600.5.9.1
* xorg-x11-server-21.1.11-150600.5.9.1
* Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* xorg-x11-server-debuginfo-21.1.11-150600.5.9.1
* xorg-x11-server-sdk-21.1.11-150600.5.9.1
* xorg-x11-server-debugsource-21.1.11-150600.5.9.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* xorg-x11-server-extra-21.1.11-150600.5.9.1
* xorg-x11-server-extra-debuginfo-21.1.11-150600.5.9.1
* xorg-x11-server-Xvfb-21.1.11-150600.5.9.1
* xorg-x11-server-sdk-21.1.11-150600.5.9.1
* xorg-x11-server-Xvfb-debuginfo-21.1.11-150600.5.9.1
* xorg-x11-server-debugsource-21.1.11-150600.5.9.1
* xorg-x11-server-debuginfo-21.1.11-150600.5.9.1
* xorg-x11-server-source-21.1.11-150600.5.9.1
* xorg-x11-server-21.1.11-150600.5.9.1

## References:

* https://www.suse.com/security/cve/CVE-2022-49737.html
* https://bugzilla.suse.com/show_bug.cgi?id=1239750



SUSE-SU-2025:0985-1: moderate: Security update for libarchive


# Security update for libarchive

Announcement ID: SUSE-SU-2025:0985-1
Release Date: 2025-03-21T17:45:26Z
Rating: moderate
References:

* bsc#1237606
* bsc#1238610

Cross-References:

* CVE-2025-1632
* CVE-2025-25724

CVSS scores:

* CVE-2025-1632 ( SUSE ): 4.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-1632 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-1632 ( NVD ): 4.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2025-1632 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-25724 ( SUSE ): 2.1
CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2025-25724 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
* CVE-2025-25724 ( NVD ): 4.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L

Affected Products:

* Basesystem Module 15-SP6
* Development Tools Module 15-SP6
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves two vulnerabilities can now be installed.

## Description:

This update for libarchive fixes the following issues:

* CVE-2025-1632: Fixed null pointer dereference in bsdunzip.c (bsc#1237606)
* CVE-2025-25724: Fixed buffer overflow vulnerability in function
list_item_verbose() in tar/util.c (bsc#1238610)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2025-985=1 openSUSE-SLE-15.6-2025-985=1

* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-985=1

* Development Tools Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-985=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* libarchive-devel-3.7.2-150600.3.12.1
* libarchive13-3.7.2-150600.3.12.1
* bsdtar-debuginfo-3.7.2-150600.3.12.1
* libarchive13-debuginfo-3.7.2-150600.3.12.1
* bsdtar-3.7.2-150600.3.12.1
* libarchive-debugsource-3.7.2-150600.3.12.1
* openSUSE Leap 15.6 (x86_64)
* libarchive13-32bit-debuginfo-3.7.2-150600.3.12.1
* libarchive13-32bit-3.7.2-150600.3.12.1
* openSUSE Leap 15.6 (aarch64_ilp32)
* libarchive13-64bit-debuginfo-3.7.2-150600.3.12.1
* libarchive13-64bit-3.7.2-150600.3.12.1
* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* libarchive-devel-3.7.2-150600.3.12.1
* libarchive13-3.7.2-150600.3.12.1
* libarchive-debugsource-3.7.2-150600.3.12.1
* libarchive13-debuginfo-3.7.2-150600.3.12.1
* Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* bsdtar-3.7.2-150600.3.12.1
* libarchive-debugsource-3.7.2-150600.3.12.1
* bsdtar-debuginfo-3.7.2-150600.3.12.1

## References:

* https://www.suse.com/security/cve/CVE-2025-1632.html
* https://www.suse.com/security/cve/CVE-2025-25724.html
* https://bugzilla.suse.com/show_bug.cgi?id=1237606
* https://bugzilla.suse.com/show_bug.cgi?id=1238610



SUSE-SU-2025:0986-1: moderate: Security update for libarchive


# Security update for libarchive

Announcement ID: SUSE-SU-2025:0986-1
Release Date: 2025-03-21T17:49:34Z
Rating: moderate
References:

* bsc#1238610

Cross-References:

* CVE-2025-25724

CVSS scores:

* CVE-2025-25724 ( SUSE ): 2.1
CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2025-25724 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
* CVE-2025-25724 ( NVD ): 4.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L

Affected Products:

* openSUSE Leap 15.4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4

An update that solves one vulnerability can now be installed.

## Description:

This update for libarchive fixes the following issues:

* CVE-2025-25724: Fixed buffer overflow vulnerability in function
list_item_verbose() in tar/util.c (bsc#1238610).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2025-986=1

* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2025-986=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2025-986=1

* openSUSE Leap 15.4
zypper in -t patch SUSE-2025-986=1

* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2025-986=1

* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2025-986=1

## Package List:

* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* libarchive13-3.5.1-150400.3.18.1
* libarchive13-debuginfo-3.5.1-150400.3.18.1
* libarchive-debugsource-3.5.1-150400.3.18.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* libarchive13-3.5.1-150400.3.18.1
* libarchive13-debuginfo-3.5.1-150400.3.18.1
* libarchive-debugsource-3.5.1-150400.3.18.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
* libarchive13-3.5.1-150400.3.18.1
* libarchive13-debuginfo-3.5.1-150400.3.18.1
* libarchive-debugsource-3.5.1-150400.3.18.1
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* libarchive13-debuginfo-3.5.1-150400.3.18.1
* libarchive13-3.5.1-150400.3.18.1
* bsdtar-debuginfo-3.5.1-150400.3.18.1
* libarchive-devel-3.5.1-150400.3.18.1
* bsdtar-3.5.1-150400.3.18.1
* libarchive-debugsource-3.5.1-150400.3.18.1
* openSUSE Leap 15.4 (x86_64)
* libarchive13-32bit-3.5.1-150400.3.18.1
* libarchive13-32bit-debuginfo-3.5.1-150400.3.18.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* libarchive13-64bit-3.5.1-150400.3.18.1
* libarchive13-64bit-debuginfo-3.5.1-150400.3.18.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* libarchive13-3.5.1-150400.3.18.1
* libarchive13-debuginfo-3.5.1-150400.3.18.1
* libarchive-debugsource-3.5.1-150400.3.18.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* libarchive13-3.5.1-150400.3.18.1
* libarchive13-debuginfo-3.5.1-150400.3.18.1
* libarchive-debugsource-3.5.1-150400.3.18.1

## References:

* https://www.suse.com/security/cve/CVE-2025-25724.html
* https://bugzilla.suse.com/show_bug.cgi?id=1238610


Kitty update for Fedora 40

Go-Gh update for Ubuntu

Windows

Linux

macOS

Community

  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...
  • Philipp
    I would try the XanMod kernel: https://xanmod.org  I ...