SUSE has announced several security updates for its openSUSE Tumbleweed distribution, addressing vulnerabilities in four key packages: libtiff-devel, jupyter-bqplot-jupyterlab, jetty-annotations, and terragrunt. Each update is rated as moderate in severity and includes details on specific vulnerabilities and their CVSS scores.
1. libtiff-devel-32bit-4.7.0-8.1 (Announcement ID: openSUSE-SU-2025:15487-1)
- This update addresses three vulnerabilities (CVE-2024-13978, CVE-2025-8534, and CVE-2025-9165) with CVSS scores ranging from 2.0 to 5.7.
- The affected package versions include libtiff-devel, libtiff6, and related 32-bit libraries.
2. jupyter-bqplot-jupyterlab-0.5.46-12.1 (Announcement ID: openSUSE-SU-2025:15485-1)
- This update fixes one critical vulnerability (CVE-2025-9287) with a CVSS score of 9.0, indicating a severe risk.
- It includes updates for the jupyter-bqplot-jupyterlab package, jupyter-bqplot-notebook, and the python311-bqplot library.
3. jetty-annotations-9.4.58-1.1 (Announcement ID: openSUSE-SU-2025:15483-1)
- This update resolves one vulnerability (CVE-2025-5115) with a CVSS score of 7.5.
- The update affects the jetty-annotations package and other associated Jetty components.
4. terragrunt-0.85.1-1.1 (Announcement ID: openSUSE-SU-2025:15486-1)
- This update addresses one vulnerability (CVE-2025-8959) but does not provide a CVSS score.
- The affected packages include terragrunt and its completion scripts for bash and zsh.
These updates are crucial for maintaining system security and stability in openSUSE Tumbleweed, and users are encouraged to install them promptly to mitigate risks associated with these vulnerabilities. For detailed information on each CVE, users can refer to the respective links provided by SUSE.
In addition to these updates, it is recommended that users regularly check for security patches and updates to ensure their systems remain protected against emerging threats. Implementing a routine update schedule and staying informed about the latest security advisories can significantly enhance the overall security posture of any open-source system
1. libtiff-devel-32bit-4.7.0-8.1 (Announcement ID: openSUSE-SU-2025:15487-1)
- This update addresses three vulnerabilities (CVE-2024-13978, CVE-2025-8534, and CVE-2025-9165) with CVSS scores ranging from 2.0 to 5.7.
- The affected package versions include libtiff-devel, libtiff6, and related 32-bit libraries.
2. jupyter-bqplot-jupyterlab-0.5.46-12.1 (Announcement ID: openSUSE-SU-2025:15485-1)
- This update fixes one critical vulnerability (CVE-2025-9287) with a CVSS score of 9.0, indicating a severe risk.
- It includes updates for the jupyter-bqplot-jupyterlab package, jupyter-bqplot-notebook, and the python311-bqplot library.
3. jetty-annotations-9.4.58-1.1 (Announcement ID: openSUSE-SU-2025:15483-1)
- This update resolves one vulnerability (CVE-2025-5115) with a CVSS score of 7.5.
- The update affects the jetty-annotations package and other associated Jetty components.
4. terragrunt-0.85.1-1.1 (Announcement ID: openSUSE-SU-2025:15486-1)
- This update addresses one vulnerability (CVE-2025-8959) but does not provide a CVSS score.
- The affected packages include terragrunt and its completion scripts for bash and zsh.
These updates are crucial for maintaining system security and stability in openSUSE Tumbleweed, and users are encouraged to install them promptly to mitigate risks associated with these vulnerabilities. For detailed information on each CVE, users can refer to the respective links provided by SUSE.
In addition to these updates, it is recommended that users regularly check for security patches and updates to ensure their systems remain protected against emerging threats. Implementing a routine update schedule and staying informed about the latest security advisories can significantly enhance the overall security posture of any open-source system
Libtiff-Devel, Jupyter-Bqplot-Jupyterlab, Jetty-Annotations, Terragrunt updates for SUSE
SUSE has implemented multiple security updates, which include libtiff-devel, jupyter-bqplot-jupyterlab, jetty-annotations, and terragrunt:
openSUSE-SU-2025:15487-1: moderate: libtiff-devel-32bit-4.7.0-8.1 on GA media
openSUSE-SU-2025:15485-1: moderate: jupyter-bqplot-jupyterlab-0.5.46-12.1 on GA media
openSUSE-SU-2025:15483-1: moderate: jetty-annotations-9.4.58-1.1 on GA media
openSUSE-SU-2025:15486-1: moderate: terragrunt-0.85.1-1.1 on GA media
