Key Updates Include:
1. polkit: A significant update (SUSE-SU-2025:02527-1) fixes a vulnerability (CVE-2025-7519) that could lead to an out-of-bounds write, rated as important with a CVSS score of 7.1. The update is applicable to several SUSE products including openSUSE and SUSE Linux Enterprise.
2. Firefox ESR: The update (openSUSE-SU-2025:15371-1) addresses 22 vulnerabilities, significantly enhancing security in the Firefox Extended Support Release. Various issues, from memory safety bugs to improper URL parsing, were resolved.
3. Jupyter Components: Updates for jupyter-jupyterlab-templates and jupyter-nbdime address vulnerabilities rated as moderate. These updates support the ongoing security posture of the Jupyter ecosystem.
4. Cloud-init: The update (openSUSE-SU-2025:15376-1) fixes two vulnerabilities (CVE-2024-11584 and CVE-2024-6174), enhancing cloud initialization processes.
5. Kubernetes: A critical security update (SUSE-SU-2025:02515-2) for Kubernetes 1.18 addresses a vulnerability (CVE-2025-22872) impacting how HTML tags are interpreted, rated at 6.3.
6. Mozilla Firefox: A significant update (SUSE-SU-2025:02529-1) resolves 27 vulnerabilities, enhancing the security of this web browser with updates to its branding and functionality.
7. Additional Packages: Other updates include fixes for components such as minio-client, javamail, chromedriver, and viewvc, each addressing specific vulnerabilities and improving overall system performance.
General Patch Instructions:
Users are encouraged to utilize SUSE's recommended installation methods, such as YaST online_update or "zypper patch," to ensure their systems are up to date with the latest security patches. Specific commands for different distributions and modules are provided, enabling users to easily apply the necessary updates.
Conclusion:
These updates reflect SUSE's commitment to maintaining robust security standards across its Linux distributions. Users are advised to apply these patches promptly to mitigate potential risks and enhance their systems' resilience against vulnerabilities. Regular updates not only secure the system but also improve functionality and user experience across various applications
Polkit, Firefox-ESR, Jupyter, and more updates for SUSE
SUSE Linux has released several security updates, including polkit, firefox-esr, jupyter-jupyterlab-templates, jupyter-nbdime, minio-client, cloud-init, grype-db, javamail, chromedriver, viewvc, grafana, ovmf, kubernetes1.18, and Mozilla Firefox:
SUSE-SU-2025:02527-1: important: Security update for polkit
openSUSE-SU-2025:15371-1: moderate: firefox-esr-140.1.0-1.1 on GA media
openSUSE-SU-2025:15373-1: moderate: jupyter-jupyterlab-templates-0.5.2-3.1 on GA media
openSUSE-SU-2025:15380-1: moderate: jupyter-nbdime-7.0.2-21.1 on GA media
openSUSE-SU-2025:15379-1: moderate: minio-client-20250721T052808Z-1.1 on GA media
openSUSE-SU-2025:15376-1: moderate: cloud-init-25.1.3-1.1 on GA media
openSUSE-SU-2025:15377-1: moderate: grype-db-0.35.0-1.1 on GA media
openSUSE-SU-2025:15378-1: moderate: javamail-1.6.2-3.1 on GA media
openSUSE-SU-2025:15375-1: moderate: chromedriver-138.0.7204.168-1.1 on GA media
openSUSE-SU-2025:15374-1: moderate: viewvc-1.3.0~dev20250722-1.1 on GA media
openSUSE-SU-2025:15372-1: moderate: grafana-11.6.3+security01-1.1 on GA media
SUSE-SU-2025:02516-1: moderate: Security update for ovmf
SUSE-SU-2025:02515-2: important: Security update for kubernetes1.18
SUSE-SU-2025:02529-1: important: Security update for MozillaFirefox, MozillaFirefox-branding-SLEPolkit, Firefox-ESR, Jupyter, and more updates for SUSE @ Linux Compatible
