- Python packages: python311-pyspnego, python311-ujson, python311-loguru, python311-mechanize, and more.
- Ruby packages: ruby3.4-rubygem-actionmailer, ruby3.4-rubygem-kramdown, ruby3.4-rubygem-rails, among others.
Each update addresses specific vulnerabilities, providing fixes that enhance the security of the software. For instance:
- python311-pyspnego has resolved a vulnerability identified as CVE-2018-0886.
- ruby3.4-rubygem-actionmailer includes fixes for CVE-2024-47889, with a CVSS score of 5.9, indicating a moderate level of risk.
- ruby3.4-rubygem-kramdown addresses multiple vulnerabilities (CVE-2020-14001 and CVE-2021-28834) with more severe CVSS scores of 7.3 and 9.8, respectively.
The updates are classified as moderate in terms of their severity and can be installed via the GA media of openSUSE Tumbleweed. It is critical for users to apply these updates promptly to avoid potential security risks.
As the software ecosystem continues to evolve, users are encouraged to stay updated with the latest security patches and enhancements. This proactive approach not only mitigates risks but also ensures that applications run smoothly and securely. Furthermore, developers should regularly monitor for updates and vulnerabilities in their dependencies to maintain robust security practices in their projects.
For further details on specific vulnerabilities and the associated fixes, users can refer to the respective CVE links provided in the announcements
Python and Ruby updates for SUSE
SUSE has announced the release of multiple security updates, which include python311-pyspnego, ruby3.4-rubygem-actionmailer, kramdown, web-console, sprockets, multi_xml, pycapnp, pycapnp-jquery-rails, pywayland, pywayland-loofah, py7zr, oauthlib, fluentd, nltk, activestorage, activerecord, loguru, cramjam, python311-suds, httptools, jwcrypto, and python311-mechanize:
openSUSE-SU-2025:15103-1: moderate: python311-pyspnego-0.11.2-1.4 on GA media
openSUSE-SU-2025:15109-1: moderate: ruby3.4-rubygem-actionmailer-7.0-7.0.8.6-1.3 on GA media
openSUSE-SU-2025:15119-1: moderate: ruby3.4-rubygem-kramdown-2.4.0-1.15 on GA media
openSUSE-SU-2025:15129-1: moderate: ruby3.4-rubygem-web-console-4.2.1-1.7 on GA media
openSUSE-SU-2025:15128-1: moderate: ruby3.4-rubygem-sprockets-3.7-3.7.5-1.3 on GA media
openSUSE-SU-2025:15122-1: moderate: ruby3.4-rubygem-multi_xml-0.6.0-1.29 on GA media
openSUSE-SU-2025:15127-1: moderate: ruby3.4-rubygem-sprockets-4.2.1-1.7 on GA media
openSUSE-SU-2025:15111-1: moderate: ruby3.4-rubygem-actiontext-7.0-7.0.8.6-1.3 on GA media
openSUSE-SU-2025:15107-1: moderate: python311-ujson-5.10.0-1.5 on GA media
openSUSE-SU-2025:15123-1: moderate: ruby3.4-rubygem-puma-6.4.3-1.3 on GA media
openSUSE-SU-2025:15130-1: moderate: ruby3.4-rubygem-websocket-extensions-0.1.5-1.22 on GA media
openSUSE-SU-2025:15117-1: moderate: ruby3.4-rubygem-jquery-rails-4.6.0-1.7 on GA media
openSUSE-SU-2025:15106-1: moderate: python311-treq-24.9.1-1.4 on GA media
openSUSE-SU-2025:15125-1: moderate: ruby3.4-rubygem-rails-html-sanitizer-1.6.0-1.7 on GA media
openSUSE-SU-2025:15102-1: moderate: python311-pycapnp-2.0.0-2.5 on GA media
openSUSE-SU-2025:15124-1: moderate: ruby3.4-rubygem-rails-7.0-7.0.8.6-1.3 on GA media
openSUSE-SU-2025:15104-1: moderate: python311-pywayland-0.4.17-3.5 on GA media
openSUSE-SU-2025:15120-1: moderate: ruby3.4-rubygem-loofah-2.23.1-1.3 on GA media
openSUSE-SU-2025:15116-1: moderate: ruby3.4-rubygem-globalid-1.2.1-1.7 on GA media
openSUSE-SU-2025:15101-1: moderate: python311-py7zr-0.20.8-2.6 on GA media
openSUSE-SU-2025:15100-1: moderate: python311-oauthlib-3.2.2-5.4 on GA media
openSUSE-SU-2025:15115-1: moderate: ruby3.4-rubygem-fluentd-1.17.1-1.3 on GA media
openSUSE-SU-2025:15099-1: moderate: python311-nltk-3.9.1-2.4 on GA media
openSUSE-SU-2025:15113-1: moderate: ruby3.4-rubygem-activestorage-7.0-7.0.8.6-1.3 on GA media
openSUSE-SU-2025:15112-1: moderate: ruby3.4-rubygem-activerecord-7.0-7.0.8.6-1.3 on GA media
openSUSE-SU-2025:15097-1: moderate: python311-loguru-0.7.2-2.5 on GA media
openSUSE-SU-2025:15108-1: moderate: python311-waitress-3.0.2-1.4 on GA media
openSUSE-SU-2025:15094-1: moderate: python311-cramjam-2.9.1-1.3 on GA media
openSUSE-SU-2025:15105-1: moderate: python311-suds-1.2.0-2.4 on GA media
openSUSE-SU-2025:15095-1: moderate: python311-httptools-0.6.1-1.9 on GA media
openSUSE-SU-2025:15096-1: moderate: python311-jwcrypto-1.5.6-2.5 on GA media
openSUSE-SU-2025:15098-1: moderate: python311-mechanize-0.4.10-1.4 on GA media
