SUSE Linux has implemented several security updates affecting key components including libsoup, python-cryptography, and HaProxy. The updates address various vulnerabilities, categorized by severity levels ranging from important to low, and cover multiple SUSE distributions.
Key updates include:
1. libsoup - An important security update (SUSE-SU-2025:01817-1) was released on June 5, 2025, fixing three vulnerabilities (CVE-2025-4476, CVE-2025-4948, CVE-2025-4969) that could lead to information leaks and denial of service. The update applies to numerous SUSE products including openSUSE Leap 15.4 and SUSE Linux Enterprise Server 15.
2. python-cryptography - A low-severity update (SUSE-SU-2025:01818-1) was also issued on June 5, 2025, addressing a single vulnerability (CVE-2025-3416) related to a use-after-free issue in OpenSSL. This affects various SUSE products including openSUSE Leap and SUSE Manager.
3. Other Python Packages - Updates were made for python311-nh3 and python311-selenium on openSUSE Tumbleweed to fix vulnerabilities (CVE-2024-12224), rated as moderate.
4. HaProxy - A moderate update (openSUSE-SU-2025:15200-1) was issued to fix a vulnerability (CVE-2025-32464) affecting the HaProxy package.
Affected Products: The updates impact a wide range of SUSE products, including various versions of openSUSE, SUSE Linux Enterprise Server, and SUSE Manager.
Patch Instructions: Users are encouraged to install the updates using recommended methods such as YaST online_update or the `zypper patch` command, with specific commands provided for different product versions.
This series of updates emphasizes SUSE's commitment to maintaining system security and addressing vulnerabilities promptly. Users should ensure that their systems are updated to protect against potential exploits arising from these vulnerabilities.
In addition to these updates, users are advised to regularly monitor security announcements and apply patches promptly to enhance their system's security posture. Additionally, it may be beneficial for SUSE to implement a more comprehensive communication strategy to ensure users are aware of vulnerabilities and updates in real-time, thus further mitigating risks
Key updates include:
1. libsoup - An important security update (SUSE-SU-2025:01817-1) was released on June 5, 2025, fixing three vulnerabilities (CVE-2025-4476, CVE-2025-4948, CVE-2025-4969) that could lead to information leaks and denial of service. The update applies to numerous SUSE products including openSUSE Leap 15.4 and SUSE Linux Enterprise Server 15.
2. python-cryptography - A low-severity update (SUSE-SU-2025:01818-1) was also issued on June 5, 2025, addressing a single vulnerability (CVE-2025-3416) related to a use-after-free issue in OpenSSL. This affects various SUSE products including openSUSE Leap and SUSE Manager.
3. Other Python Packages - Updates were made for python311-nh3 and python311-selenium on openSUSE Tumbleweed to fix vulnerabilities (CVE-2024-12224), rated as moderate.
4. HaProxy - A moderate update (openSUSE-SU-2025:15200-1) was issued to fix a vulnerability (CVE-2025-32464) affecting the HaProxy package.
Affected Products: The updates impact a wide range of SUSE products, including various versions of openSUSE, SUSE Linux Enterprise Server, and SUSE Manager.
Patch Instructions: Users are encouraged to install the updates using recommended methods such as YaST online_update or the `zypper patch` command, with specific commands provided for different product versions.
This series of updates emphasizes SUSE's commitment to maintaining system security and addressing vulnerabilities promptly. Users should ensure that their systems are updated to protect against potential exploits arising from these vulnerabilities.
In addition to these updates, users are advised to regularly monitor security announcements and apply patches promptly to enhance their system's security posture. Additionally, it may be beneficial for SUSE to implement a more comprehensive communication strategy to ensure users are aware of vulnerabilities and updates in real-time, thus further mitigating risks
Libsoup, Python, HaProxy updates for SUSE
SUSE Linux has received security updates for libsoup, python-cryptography, python31-nh3, python311-selenium, and haproxy:
SUSE-SU-2025:01817-1: important: Security update for libsoup
SUSE-SU-2025:01818-1: low: Security update for python-cryptography
openSUSE-SU-2025:15201-1: moderate: python311-nh3-0.2.17-2.1 on GA media
openSUSE-SU-2025:15202-1: moderate: python311-selenium-4.25.0-5.1 on GA media
openSUSE-SU-2025:15200-1: moderate: haproxy-3.2.0+git0.e134140d2-2.1 on GA mediaLibsoup, Python, HaProxy updates for SUSE @ Linux Compatible
