SUSE Linux has rolled out numerous important security updates to several packages, including libgcrypt, webkit2gtk3, python3, slurm, apache-commons-lang3, and poppler, among others. Below is a summary of the updates:

1. Libgcrypt: A moderate security update (SUSE-SU-2025:02773-1) addressing a timing-based side-channel vulnerability in RSA implementation (CVE-2024-2236), which could lead to decryption of RSA ciphertexts. Applies to various SUSE Linux Enterprise and openSUSE products.

2. Webkit2GTK3: An important update (SUSE-SU-2025:02777-1) that corrects multiple vulnerabilities (CVE-2024-44192, CVE-2024-54467, CVE-2025-24189, among others) related to memory corruption and denial-of-service issues. The update affects various versions of openSUSE and SUSE Linux Enterprise.

3. Python3: Another significant update (SUSE-SU-2025:02778-1) that fixes several vulnerabilities, including a use-after-free issue in the unicode-escape decoder and extraction filter bypass vulnerabilities (CVE-2024-12718, CVE-2025-4138, etc.). This impacts multiple SUSE and openSUSE modules.

4. Slurm: An important update (SUSE-SU-2025:02779-1) that resolves a vulnerability allowing Coordinator roles to promote users to Administrator (CVE-2025-43904). Applies to various SUSE Linux Enterprise and openSUSE products.

5. Apache-commons-lang3: A moderate security update (SUSE-SU-2025:02785-1) that addresses an uncontrolled recursion vulnerability, potentially leading to denial-of-service (CVE-2025-48924).

6. Poppler: Two important updates (SUSE-SU-2025:02789-1 and SUSE-SU-2025:02790-1) that address a denial-of-service vulnerability in the pdfseparate utility (CVE-2025-50420). These updates apply to various SUSE Linux Enterprise products and openSUSE.

7. Framework-inputmodule-control: A moderate update (openSUSE-SU-2025:15433-1) that fixes two vulnerabilities, including one with CVE-2023-53156.

Installation Instructions: Users are recommended to use SUSE’s recommended installation methods, such as YaST online_update or "zypper patch," to apply these updates. Specific commands for each affected product version have been provided in the detailed announcements.

Conclusion: The recent updates for SUSE Linux enhance security by addressing critical vulnerabilities across multiple packages. It is essential for users to apply these updates promptly to maintain system integrity and security

LibCrypt, Webkit2GTK3, Python3, and more updates for SUSE

SUSE Linux has received several security updates, including moderate updates for libgcrypt, webkit2gtk3, python3, slurm, apache-commons-lang3, poppler, and framework-inputmodule-control:

SUSE-SU-2025:02773-1: moderate: Security update for libgcrypt
SUSE-SU-2025:02777-1: important: Security update for webkit2gtk3
SUSE-SU-2025:02778-1: important: Security update for python3
SUSE-SU-2025:02779-1: important: Security update for slurm
SUSE-SU-2025:02785-1: moderate: Security update for apache-commons-lang3
SUSE-SU-2025:02789-1: important: Security update for poppler
SUSE-SU-2025:02791-1: important: Security update for poppler
SUSE-SU-2025:02790-1: important: Security update for poppler
openSUSE-SU-2025:15433-1: moderate: framework-inputmodule-control-0.2.0-3.1 on GA media

LibCrypt, Webkit2GTK3, Python3, and more updates for SUSE @ Linux Compatible