SUSE Linux has rolled out several important and moderate security updates across various packages, including nbdkit, Node.js, perl-Crypt-OpenSSL-RSA, perl-YAML-LibYAML, the Linux Kernel, and yelp. Each update addresses specific vulnerabilities, with some updates categorized as important due to their potential impact on system security.

Key Updates:

1. nbdkit (SUSE-SU-2025:01889-1)
- Moderate rating.
- Fixes two vulnerabilities (CVE-2025-47711 and CVE-2025-47712) related to denial of service due to integer overflow and off-by-one errors.
- Update to version 1.36.5.

2. Node.js (nodejs22) (SUSE-SU-2025:01878-1)
- Important rating.
- Addresses vulnerabilities (CVE-2025-23165 and CVE-2025-23166) that could lead to crashes and memory leaks.
- Update to version 22.15.1.

3. perl-Crypt-OpenSSL-RSA (SUSE-SU-2025:01884-1)
- Moderate rating.
- Fixes CVE-2024-2467, a side-channel attack vulnerability.

4. perl-YAML-LibYAML (SUSE-SU-2025:01886-1)
- Important rating.
- Addresses CVE-2025-40908, which allows modification of existing files due to improper usage of file opening methods.
- Updated version is 0.890.0.

5. Linux Kernel (Multiple Live Patches)
- Several important updates, including Live Patches 20, 22, 23, and 24 for SLE 15 SP5, addressing various CVEs related to memory policies, Bluetooth management, and packet scheduling.
- Each patch corresponds to different vulnerabilities identified, with CVSS scores reflecting the severity.

6. yelp (SUSE-SU-2025:01904-1)
- Moderate rating.
- Fixes CVE-2025-3155, which allows arbitrary file reads and JavaScript code execution through crafted help files.

Installation Instructions:

Users are advised to apply these updates using the recommended SUSE installation methods, such as YaST online_update or the `zypper patch` command. Specific commands for installing the updates vary based on the version of the product being used.

Summary:

These updates are crucial for maintaining the security and stability of SUSE Linux systems, addressing vulnerabilities that could lead to denial of service, crashes, and unauthorized file access. Users should prioritize applying these patches to safeguard their systems against potential exploits. The updates also include various improvements and changes in functionality for the affected packages

Nbdkit, NodeJS, perl-Crypt-OpenSSL-RSA, perl-YAML-LibYAML, Linux Kernel, yelp updates for SUSE

SUSE Linux has received several security updates, including moderate updates for nbdkit, nodejs22, perl-Crypt-OpenSSL-RSA, perl-YAML-LibYAML, Linux Kernel, and yelp:

SUSE-SU-2025:01889-1: moderate: Security update for nbdkit
SUSE-SU-2025:01878-1: important: Security update for nodejs22
SUSE-SU-2025:01884-1: moderate: Security update for perl-Crypt-OpenSSL-RSA
SUSE-SU-2025:01886-1: important: Security update for perl-YAML-LibYAML
SUSE-SU-2025:01875-1: important: Security update for the Linux Kernel (Live Patch 22 for SLE 15 SP5)
SUSE-SU-2025:01873-1: important: Security update for the Linux Kernel (Live Patch 20 for SLE 15 SP5)
SUSE-SU-2025:01892-1: important: Security update for the Linux Kernel (Live Patch 51 for SLE 15 SP3)
SUSE-SU-2025:01893-1: important: Security update for the Linux Kernel (Live Patch 23 for SLE 15 SP5)
SUSE-SU-2025:01894-1: important: Security update for the Linux Kernel (Live Patch 24 for SLE 15 SP5)
SUSE-SU-2025:01901-1: important: Security update for the Linux Kernel (Live Patch 52 for SLE 15 SP3)
SUSE-SU-2025:01904-1: moderate: Security update for yelp

Nbdkit, NodeJS, perl-Crypt-OpenSSL-RSA, perl-YAML-LibYAML, Linux Kernel, yelp updates for SUSE @ Linux Compatible