SUSE Linux has announced several important security updates for its software packages, specifically targeting OpenSSH, BRLTTY, and RubyGem Rack. These updates are aimed at enhancing system security and addressing known vulnerabilities.
1. OpenSSH:
- Announcement ID: SUSE-SU-2025:1576-1
- Severity: Moderate
- Release Date: May 19, 2025
- Vulnerabilities Fixed:
- CVE-2025-32728, which involved a logic error in the DisableForwarding option.
- Additional fixes for handling of KEX hashes, audit output, and failures with large MOTDs.
- Affected Products: Various iterations of openSUSE and SUSE Linux Enterprise versions.
- Installation Instructions: Updates can be applied using YaST online_update or "zypper patch".
2. BRLTTY (Braille display driver):
- Announcement IDs: SUSE-SU-2025:1579-1 and SUSE-SU-2025:1582-1
- Severity: Moderate
- Release Date: May 19, 2025
- Vulnerability Fixed: Ensures that the brlapi.key is not temporarily world-readable.
- Affected Products: Include openSUSE Leap 15.4 and 15.6, SUSE Linux Enterprise Micro versions, among others.
- Installation Instructions: Similar to OpenSSH, users can utilize YaST or the "zypper" command.
3. RubyGem Rack:
- Announcement ID: SUSE-SU-2025:01586-1
- Severity: Important
- Release Date: May 19, 2025
- Vulnerabilities Fixed:
- CVE-2025-32441, related to restored deleted sessions being accessible by unauthenticated users.
- CVE-2025-46727, which concerns potential memory exhaustion due to unbounded parameter parsing.
- Affected Products: This update affects multiple SUSE Linux Enterprise and openSUSE versions.
- Installation Instructions: Users can follow the same patching methods as above.
Key Updates:
1. OpenSSH:
- Announcement ID: SUSE-SU-2025:1576-1
- Severity: Moderate
- Release Date: May 19, 2025
- Vulnerabilities Fixed:
- CVE-2025-32728, which involved a logic error in the DisableForwarding option.
- Additional fixes for handling of KEX hashes, audit output, and failures with large MOTDs.
- Affected Products: Various iterations of openSUSE and SUSE Linux Enterprise versions.
- Installation Instructions: Updates can be applied using YaST online_update or "zypper patch".
2. BRLTTY (Braille display driver):
- Announcement IDs: SUSE-SU-2025:1579-1 and SUSE-SU-2025:1582-1
- Severity: Moderate
- Release Date: May 19, 2025
- Vulnerability Fixed: Ensures that the brlapi.key is not temporarily world-readable.
- Affected Products: Include openSUSE Leap 15.4 and 15.6, SUSE Linux Enterprise Micro versions, among others.
- Installation Instructions: Similar to OpenSSH, users can utilize YaST or the "zypper" command.
3. RubyGem Rack:
- Announcement ID: SUSE-SU-2025:01586-1
- Severity: Important
- Release Date: May 19, 2025
- Vulnerabilities Fixed:
- CVE-2025-32441, related to restored deleted sessions being accessible by unauthenticated users.
- CVE-2025-46727, which concerns potential memory exhaustion due to unbounded parameter parsing.
- Affected Products: This update affects multiple SUSE Linux Enterprise and openSUSE versions.
- Installation Instructions: Users can follow the same patching methods as above.
Conclusion:
The updates provided by SUSE are vital for maintaining the integrity and security of its operating systems. Users are urged to apply these updates promptly to mitigate risks associated with the identified vulnerabilities. Regular maintenance through updates is essential to safeguard systems against potential exploits. For detailed installation procedures, users should refer to the respective patch instructions provided for each updateOpenSSH, Britty, Rubygem-Rack updates for SUSE
SUSE Linux has released new security updates, which include moderate updates for openssh and brltty and an important update for rubygem-rack:
SUSE-SU-2025:1576-1: moderate: Security update for openssh
SUSE-SU-2025:1579-1: moderate: Security update for brltty
SUSE-SU-2025:1582-1: moderate: Security update for brltty
SUSE-SU-2025:01586-1: important: Security update for rubygem-rackOpenSSH, Britty, Rubygem-Rack updates for SUSE @ Linux Compatible
