Key Updates:
1. Linux Kernel: Multiple important security patches have been issued, including Live Patch versions for both SLE 15 SP4 and SP5. Notable updates include fixes for vulnerabilities such as CVE-2025-21999 and CVE-2025-38001, which address issues like use-after-free (UAF) and memory corruption.2. Go: A moderate security update for Go version 1.25 includes a fix for CVE-2025-47910, which addresses insecure bypass patterns in the CrossOriginProtection feature. Additionally, the update includes bug fixes and improvements.
3. CURL: An update to CURL resolves several vulnerabilities, including CVE-2025-0665, which involved issues related to double closing of event descriptors and potential man-in-the-middle (MITM) attacks. The update also introduces new features and numerous bug fixes.
4. Python: The Python eventlet library has been updated to fix CVE-2025-58068, which pertains to improper handling of HTTP trailer sections leading to request smuggling.
5. LibSSH: Security updates for libssh involve addressing vulnerabilities such as CVE-2025-8114 and CVE-2025-8277, enhancing the security of SSH connections.
6. Orthanc: The Orthanc package update addresses vulnerabilities like CVE-2024-22373, CVE-2024-22391, and CVE-2024-25569, which can lead to security risks in medical image management.
Installation Instructions:
Users are encouraged to apply these updates using recommended methods such as YaST or the command line with "zypper patch". Detailed commands for specific products are provided in the announcements.Summary:
These updates are crucial for maintaining system integrity and security in SUSE environments. The patches resolve critical vulnerabilities and enhance the functionality of various applications and libraries. Users should prioritize updating their systems to the latest versions to mitigate potential risks.In conclusion, SUSE's proactive approach in issuing these updates underscores its commitment to providing secure and reliable Linux distributions, ensuring that users can utilize their systems without compromising on security
Kernel, Go, CURL, Python, LibSSH, Orthanc updates for SUSE
SUSE Linux has released several important security updates for its kernel, including Live Patch 32 for SLE 15 SP4 and multiple patches for SLE 15 SP5. Additionally, there are security updates available for third-party packages such as curl and go1.25. Moderate security updates have also been released for python-eventlet, libssh-config-0.11.3-1.1 on openSUSE GA media, and orthanc-gdcm-1.7-1.1 on openSUSE GA media.
SUSE-SU-2025:03181-1: important: Security update for the Linux Kernel (Live Patch 32 for SLE 15 SP4)
SUSE-SU-2025:03185-1: important: Security update for the Linux Kernel (Live Patch 22 for SLE 15 SP5)
SUSE-SU-2025:03184-1: important: Security update for the Linux Kernel (Live Patch 40 for SLE 15 SP4)
SUSE-SU-2025:03186-1: important: Security update for the Linux Kernel (Live Patch 19 for SLE 15 SP5)
SUSE-SU-2025:03183-1: important: Security update for the Linux Kernel (Live Patch 42 for SLE 15 SP4)
SUSE-SU-2025:03188-1: important: Security update for the Linux Kernel (Live Patch 28 for SLE 15 SP5)
SUSE-SU-2025:03190-1: important: Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP5)
SUSE-SU-2025:03191-1: important: Security update for the Linux Kernel (Live Patch 20 for SLE 15 SP5)
SUSE-SU-2025:03194-1: important: Security update for the Linux Kernel (Live Patch 24 for SLE 15 SP5)
SUSE-SU-2025:03195-1: important: Security update for the Linux Kernel (Live Patch 27 for SLE 15 SP5)
SUSE-SU-2025:03200-1: moderate: Security update for go1.25
SUSE-SU-2025:03198-1: important: Security update for curl
SUSE-SU-2025:03202-1: moderate: Security update for python-eventlet
openSUSE-SU-2025:15545-1: moderate: libssh-config-0.11.3-1.1 on GA media
openSUSE-SU-2025:15546-1: moderate: orthanc-gdcm-1.7-1.1 on GA mediaKernel, Go, CURL, Python, LibSSH, Orthanc updates for SUSE @ Linux Compatible
