SUSE Linux has rolled out significant security updates for various components, addressing critical vulnerabilities across its platform. Key updates include:
1. Mozilla Firefox: An important update (SUSE-SU-2025:01701-1) that resolves two critical vulnerabilities (CVE-2025-4918, CVE-2025-4919), characterized by high CVSS scores of 8.7 and 8.8, respectively. The affected products include various iterations of SUSE Linux Enterprise Desktop, Server, and High Performance Computing modules.
2. Glibc: Another important update (SUSE-SU-2025:01702-1) that addresses a critical issue (CVE-2025-4802) with a CVSS score of 9.4, which could allow execution of attacker-controlled code. The fix is applicable to several SUSE products, including the Desktop and Server modules.
3. Xen Hypervisor: A moderate security update (SUSE-SU-2025:01703-1) that fixes one vulnerability (CVE-2024-28956) and includes other enhancements, with a CVSS score of 5.7. This update is crucial for maintaining secure virtualization environments.
4. Python Setuptools: The update (SUSE-SU-2025:01704-1) addresses a vulnerability (CVE-2025-47273) that could lead to arbitrary file writes, rated with a CVSS score of 7.7. It applies to various SUSE and openSUSE versions.
5. Linux Kernel: A significant update (SUSE-SU-2025:01707-1) that brings a host of fixes for 170 vulnerabilities, enhancing overall security and stability across the platform. This update includes critical fixes for numerous CVEs, including CVE-2024-27415, CVE-2024-28956, and others.
6. Python310-Setuptools: An important update (SUSE-SU-2025:01709-1) resolving a critical path traversal vulnerability (CVE-2025-47273) that could lead to arbitrary file writing, with an associated CVSS score of 7.7.
To apply these updates, users are encouraged to utilize SUSE's recommended installation methods, such as `YaST online_update` or `zypper patch`. Specific commands for each product version are provided in the announcements to ensure proper patching.
Overall, these updates are essential for maintaining the security integrity of systems running SUSE Linux, protecting against potential vulnerabilities that could be exploited by malicious actors. Users should prioritize applying these patches promptly to safeguard their systems
1. Mozilla Firefox: An important update (SUSE-SU-2025:01701-1) that resolves two critical vulnerabilities (CVE-2025-4918, CVE-2025-4919), characterized by high CVSS scores of 8.7 and 8.8, respectively. The affected products include various iterations of SUSE Linux Enterprise Desktop, Server, and High Performance Computing modules.
2. Glibc: Another important update (SUSE-SU-2025:01702-1) that addresses a critical issue (CVE-2025-4802) with a CVSS score of 9.4, which could allow execution of attacker-controlled code. The fix is applicable to several SUSE products, including the Desktop and Server modules.
3. Xen Hypervisor: A moderate security update (SUSE-SU-2025:01703-1) that fixes one vulnerability (CVE-2024-28956) and includes other enhancements, with a CVSS score of 5.7. This update is crucial for maintaining secure virtualization environments.
4. Python Setuptools: The update (SUSE-SU-2025:01704-1) addresses a vulnerability (CVE-2025-47273) that could lead to arbitrary file writes, rated with a CVSS score of 7.7. It applies to various SUSE and openSUSE versions.
5. Linux Kernel: A significant update (SUSE-SU-2025:01707-1) that brings a host of fixes for 170 vulnerabilities, enhancing overall security and stability across the platform. This update includes critical fixes for numerous CVEs, including CVE-2024-27415, CVE-2024-28956, and others.
6. Python310-Setuptools: An important update (SUSE-SU-2025:01709-1) resolving a critical path traversal vulnerability (CVE-2025-47273) that could lead to arbitrary file writing, with an associated CVSS score of 7.7.
To apply these updates, users are encouraged to utilize SUSE's recommended installation methods, such as `YaST online_update` or `zypper patch`. Specific commands for each product version are provided in the announcements to ensure proper patching.
Overall, these updates are essential for maintaining the security integrity of systems running SUSE Linux, protecting against potential vulnerabilities that could be exploited by malicious actors. Users should prioritize applying these patches promptly to safeguard their systems
Firefox, Glibc, Xen, Python-Setuptools, Kernel updates for SUSE
SUSE Linux has been updated with several security enhancements, which include critical fixes for Mozilla Firefox, glibc, xen, python-setuptools, the Linux Kernel, and python310-setuptools:
SUSE-SU-2025:01701-1: important: Security update for MozillaFirefox
SUSE-SU-2025:01702-1: important: Security update for glibc
SUSE-SU-2025:01703-1: moderate: Security update for xen
SUSE-SU-2025:01704-1: important: Security update for python-setuptools
SUSE-SU-2025:01707-1: important: Security update for the Linux Kernel
SUSE-SU-2025:01709-1: important: Security update for python310-setuptoolsFirefox, Glibc, Xen, Python-Setuptools, Kernel updates for SUSE @ Linux Compatible
