SUSE has released several important security updates, primarily targeting Python-Maturin, Helm, and Glib2, all classified as moderate in severity. The updates address various vulnerabilities and enhance the security of affected products, which include openSUSE Leap and various SUSE Linux Enterprise editions.
1. Python-Maturin (Announcement ID: SUSE-SU-2025:01591-1)
- Release Date: May 19, 2025
- Vulnerabilities Addressed:
- CVE-2025-3416: A use-after-free vulnerability in OpenSSL.
- CVE-2025-4574: A double-free issue in the crossbeam-channel library.
- Affected Product: openSUSE Leap 15.6
- Installation Command: `zypper in -t patch SUSE-2025-1591=1`
2. Helm (Announcement ID: SUSE-SU-2025:01596-1)
- Release Date: May 20, 2025
- Notable Update: Helm version updated to 3.17.3, which includes critical security fixes.
- Affected Products: Multiple, including openSUSE Leap 15.6 and various SUSE Linux Enterprise editions.
- Installation Command: `zypper in -t patch openSUSE-SLE-15.6-2025-1596=1`
3. Glib2 (Announcement ID: SUSE-SU-2025:01599-1)
- Release Date: May 20, 2025
- Vulnerability Addressed:
- CVE-2025-3360: Fixed an integer overflow and buffer under-read issue when parsing invalid ISO 8601 timestamps.
- Affected Products: Several versions of openSUSE and SUSE Linux Enterprise Micro.
- Installation Command: `zypper in -t patch SUSE-2025-1599=1`
For detailed information regarding each vulnerability, users can refer to the provided CVE links and SUSE's official security pages
Security Updates:
1. Python-Maturin (Announcement ID: SUSE-SU-2025:01591-1)
- Release Date: May 19, 2025
- Vulnerabilities Addressed:
- CVE-2025-3416: A use-after-free vulnerability in OpenSSL.
- CVE-2025-4574: A double-free issue in the crossbeam-channel library.
- Affected Product: openSUSE Leap 15.6
- Installation Command: `zypper in -t patch SUSE-2025-1591=1`
2. Helm (Announcement ID: SUSE-SU-2025:01596-1)
- Release Date: May 20, 2025
- Notable Update: Helm version updated to 3.17.3, which includes critical security fixes.
- Affected Products: Multiple, including openSUSE Leap 15.6 and various SUSE Linux Enterprise editions.
- Installation Command: `zypper in -t patch openSUSE-SLE-15.6-2025-1596=1`
3. Glib2 (Announcement ID: SUSE-SU-2025:01599-1)
- Release Date: May 20, 2025
- Vulnerability Addressed:
- CVE-2025-3360: Fixed an integer overflow and buffer under-read issue when parsing invalid ISO 8601 timestamps.
- Affected Products: Several versions of openSUSE and SUSE Linux Enterprise Micro.
- Installation Command: `zypper in -t patch SUSE-2025-1599=1`
Installation Instructions:
For each update, users are encouraged to utilize SUSE's recommended installation methods, such as YaST online updates or using the `zypper patch` command. Specific commands for each affected product version are provided to facilitate easy updates.Conclusion:
These updates are crucial for maintaining the security integrity of systems running affected SUSE distributions. Users are strongly advised to apply these patches promptly to mitigate potential risks associated with the identified vulnerabilities.For detailed information regarding each vulnerability, users can refer to the provided CVE links and SUSE's official security pages
Python-Maturin, Helm, Glib2 updates for SUSE
SUSE has issued multiple security updates, featuring moderate enhancements for Python-Maturin, Helm, and Glib2:
SUSE-SU-2025:01591-1: moderate: Security update for python-maturin
SUSE-SU-2025:01596-1: moderate: Security update for helm
SUSE-SU-2025:01599-1: moderate: Security update for glib2Python-Maturin, Helm, Glib2 updates for SUSE @ Linux Compatible
