SUSE Linux has released a series of important and critical security updates aimed at enhancing the security of its systems, particularly addressing vulnerabilities in several components such as Netty, Kernel, OpenJDK, and RegionServiceClientConfig for cloud services like Azure, EC2, and GCE.

Key Updates

1. Netty and Netty-tcnative:
- Severity: Important
- Details: The updates address multiple vulnerabilities including denial of service and request smuggling issues linked to specific CVEs (CVE-2025-55163, CVE-2025-58056, CVE-2025-58057). The Netty version has been upgraded to 4.1.126, including various bug fixes and performance improvements.
- Affected Products: Various SUSE Linux Enterprise and openSUSE versions.

2. RegionServiceClientConfig:
- Severity: Critical
- Details: Security updates for Azure, EC2, and GCE configurations were issued, requiring immediate attention due to their critical nature. These updates include significant changes in the handling of SSL certificates and dependencies for upcoming versions of SUSE Linux.
- Affected Products: Multiple versions of SUSE Linux Enterprise and openSUSE.

3. Kernel Updates:
- Severity: Moderate to Important
- Details: Updates for kernel-devel 6.16.5-1.1 and a Live Patch for the Linux Kernel (Live Patch 49 for SLE 15 SP3) include fixes for several vulnerabilities that could allow for privilege escalation or denial of service.
- Affected Products: Various SUSE Linux and openSUSE versions.

4. Java OpenJDK:
- Severity: Moderate
- Details: The update addresses multiple vulnerabilities (CVE-2025-30749, CVE-2025-30754, CVE-2025-30761, CVE-2025-50106) impacting Java runtime, enhancing security against potential exploits.
- Affected Products: openSUSE Tumbleweed.

Installation Instructions

To install these updates, users are recommended to use SUSE's standard installation methods such as YaST online_update or the `zypper patch` command. Specific command examples for various products are provided in the original release notes.

Conclusion

The critical nature of these updates emphasizes the importance of keeping systems up to date to mitigate risks associated with cybersecurity threats. Users of SUSE Linux are urged to apply these updates promptly to safeguard their systems against potential vulnerabilities.

For further details about each update, including specific CVE references and installation commands, users can refer to the links provided in the release notes

Netty, Kernel, OpenJDK, RegionServiceClientConfig updates for SUSE

There are several security updates available for SUSE Linux. Important and critical security updates include a fix for netty, netty-tcnative, and regionServiceClientConfig for Azure, EC2, and GCE, which have been rated as important or critical. Additionally, there are two moderate updates for kernel-devel-6.16.5-1.1 and java-1_8_0-openjdk-1.8.0.462-1.1.

SUSE-SU-2025:03114-1: important: Security update for netty, netty-tcnative
openSUSE-SU-2025:15533-1: moderate: kernel-devel-6.16.5-1.1 on GA media
openSUSE-SU-2025:15532-1: moderate: java-1_8_0-openjdk-1.8.0.462-1.1 on GA media
SUSE-SU-2025:03117-1: critical: Security update for regionServiceClientConfigAzure
SUSE-SU-2025:03118-1: critical: Security update for regionServiceClientConfigEC2
SUSE-SU-2025:03119-1: critical: Security update for regionServiceClientConfigGCE
SUSE-SU-2025:03124-1: important: Security update for the Linux Kernel (Live Patch 49 for SLE 15 SP3)

Netty, Kernel, OpenJDK, RegionServiceClientConfig updates for SUSE @ Linux Compatible