SUSE Linux has implemented a series of security updates across various packages, enhancing the overall security posture of the system. The updates include fixes for notable components such as Go, DPKG, LibSoup, Python's urllib3, Nginx, Ruby 2.5, and tgt. Each update addresses specific vulnerabilities, with varying severity ratings, as follows:
1. Go (openSUSE-SU-2025:15420-1): This moderate update resolves two vulnerabilities (CVE-2025-47906 and CVE-2025-47907), impacting openSUSE Tumbleweed.
2. DPKG (SUSE-SU-2025:02734-1): Also rated moderate, this update fixes one vulnerability (CVE-2025-6297) related to improper sanitization of directory permissions, applicable to several SUSE Linux Enterprise versions and modules.
3. LibSoup (SUSE-SU-2025:02737-1): A low-severity update that addresses one vulnerability (CVE-2025-4945) in openSUSE Leap 15.4, focusing on date/time parsing.
4. Python-urllib3 (SUSE-SU-2025:02735-1): This moderate update addresses CVE-2025-50181, which improves control over redirects in pool managers, affecting multiple versions of openSUSE and SUSE Linux Enterprise.
5. Nginx (SUSE-SU-2025:02733-1): A moderate update that enhances security by dropping root privileges during log rotation, impacting openSUSE Leap 15.4.
6. Ruby 2.5 (SUSE-SU-2025:02739-1): This moderate update fixes two significant vulnerabilities (CVE-2025-27221 and CVE-2025-6442) affecting various SUSE Linux versions and modules.
7. TGT (SUSE-SU-2025:02740-1): This moderate update addresses a vulnerability (CVE-2024-45751) related to CHAP authentication bypass, applicable to several SUSE Linux Enterprise versions.
To ensure that systems remain secure, users are encouraged to apply these updates using recommended installation methods such as YaST online_update or "zypper patch." Each update provides specific commands for installation based on the impacted product.
In summary, the recent updates from SUSE enhance the security of multiple software components, addressing vulnerabilities that could potentially be exploited. Users should prioritize these updates to maintain system integrity and security. Future updates may continue to focus on vulnerability management and security hardening to keep pace with emerging threats
1. Go (openSUSE-SU-2025:15420-1): This moderate update resolves two vulnerabilities (CVE-2025-47906 and CVE-2025-47907), impacting openSUSE Tumbleweed.
2. DPKG (SUSE-SU-2025:02734-1): Also rated moderate, this update fixes one vulnerability (CVE-2025-6297) related to improper sanitization of directory permissions, applicable to several SUSE Linux Enterprise versions and modules.
3. LibSoup (SUSE-SU-2025:02737-1): A low-severity update that addresses one vulnerability (CVE-2025-4945) in openSUSE Leap 15.4, focusing on date/time parsing.
4. Python-urllib3 (SUSE-SU-2025:02735-1): This moderate update addresses CVE-2025-50181, which improves control over redirects in pool managers, affecting multiple versions of openSUSE and SUSE Linux Enterprise.
5. Nginx (SUSE-SU-2025:02733-1): A moderate update that enhances security by dropping root privileges during log rotation, impacting openSUSE Leap 15.4.
6. Ruby 2.5 (SUSE-SU-2025:02739-1): This moderate update fixes two significant vulnerabilities (CVE-2025-27221 and CVE-2025-6442) affecting various SUSE Linux versions and modules.
7. TGT (SUSE-SU-2025:02740-1): This moderate update addresses a vulnerability (CVE-2024-45751) related to CHAP authentication bypass, applicable to several SUSE Linux Enterprise versions.
To ensure that systems remain secure, users are encouraged to apply these updates using recommended installation methods such as YaST online_update or "zypper patch." Each update provides specific commands for installation based on the impacted product.
In summary, the recent updates from SUSE enhance the security of multiple software components, addressing vulnerabilities that could potentially be exploited. Users should prioritize these updates to maintain system integrity and security. Future updates may continue to focus on vulnerability management and security hardening to keep pace with emerging threats
Go, DPKG, LibSoup, and more updates for SUSE
SUSE Linux has received several security updates, including updates for go, dpkg, libsoup, python-urllib3, nginx, ruby2.5, and tgt:
openSUSE-SU-2025:15420-1: moderate: go1.25-1.25rc3-1.1 on GA media
SUSE-SU-2025:02734-1: moderate: Security update for dpkg
SUSE-SU-2025:02737-1: low: Security update for libsoup
SUSE-SU-2025:02735-1: moderate: Security update for python-urllib3
SUSE-SU-2025:02733-1: moderate: Security update for nginx
SUSE-SU-2025:02739-1: moderate: Security update for ruby2.5
SUSE-SU-2025:02740-1: moderate: Security update for tgtGo, DPKG, LibSoup, and more updates for SUSE @ Linux Compatible
