1. FFmpeg (SUSE-SU-2025:03162-1): A moderate security update addresses a vulnerability (CVE-2025-7700) involving a NULL pointer dereference in the FFmpeg ALS decoder. Users of openSUSE Leap 15.6 and SUSE Linux Enterprise versions are advised to apply this update.
2. PostgreSQL (SUSE-SU-2025:03005-2): This important update fixes three vulnerabilities (CVE-2025-8713, CVE-2025-8714, CVE-2025-8715) related to optimizer statistics and untrusted data inclusion, requiring users to upgrade to version 16.10.
3. ImageMagick (SUSE-SU-2025:03164-1): Seven vulnerabilities have been addressed in this important update, including heap buffer overflows and integer overflows (CVE-2025-55004 through CVE-2025-57803). Users are encouraged to install the latest version.
4. go1.24-openssl (SUSE-SU-2025:03158-1): This important update resolves six vulnerabilities related to database/sql and os/exec packages, ensuring the security of Go applications.
5. Linux Kernel Updates: Several live patches for the Linux Kernel (SUSE-SU-2025:03156-1, SUSE-SU-2025:03160-1, SUSE-SU-2025:03175-1, SUSE-SU-2025:03165-1, SUSE-SU-2025:03180-1, SUSE-SU-2025:03179-1) address various vulnerabilities (CVE-2022-49053, CVE-2025-21999, etc.) affecting multiple SUSE Linux Enterprise versions. These patches improve security against potential exploits.
6. Trivy (openSUSE-SU-2025:15542-1): A moderate security update has been released to fix a vulnerability (CVE-2025-58058) in the Trivy package, enhancing security for vulnerability scanning in containers.
Recommendations for Users:
- Users are strongly advised to apply these updates as soon as possible to mitigate security risks associated with known vulnerabilities.- For installation, SUSE recommends using methods such as YaST online_update or the "zypper patch" command.
Future Considerations:
As security threats evolve, it is essential for users to regularly check for updates and apply patches to maintain system integrity. Additionally, users may consider setting up automated update processes to ensure timely application of critical security fixesFFmpeg, PostgreSQL, ImageMagick, and more updates for SUSE
There are several new security updates available for SUSE. The updates include a moderate security update for ffmpeg-4 and multiple important security updates for packages such as postgresql16, ImageMagick, go1.24-openssl, and the Linux Kernel (with various live patches).
SUSE-SU-2025:03162-1: moderate: Security update for ffmpeg-4
SUSE-SU-2025:03005-2: important: Security update for postgresql16
SUSE-SU-2025:03164-1: important: Security update for ImageMagick
SUSE-SU-2025:03158-1: important: Security update for go1.24-openssl
SUSE-SU-2025:03156-1: important: Security update for the Linux Kernel (Live Patch 31 for SLE 15 SP4)
SUSE-SU-2025:03159-1: important: Security update for go1.23-openssl
SUSE-SU-2025:03160-1: important: Security update for the Linux Kernel (Live Patch 38 for SLE 15 SP4)
openSUSE-SU-2025:15542-1: moderate: trivy-0.66.0-1.1 on GA media
SUSE-SU-2025:03175-1: important: Security update for the Linux Kernel (Live Patch 29 for SLE 15 SP4)
SUSE-SU-2025:03165-1: important: Security update for the Linux Kernel (Live Patch 37 for SLE 15 SP4)
SUSE-SU-2025:03180-1: important: Security update for the Linux Kernel (Live Patch 33 for SLE 15 SP4)
SUSE-SU-2025:03179-1: important: Security update for the Linux Kernel (Live Patch 39 for SLE 15 SP4)FFmpeg, PostgreSQL, ImageMagick, and more updates for SUSE @ Linux Compatible
