SUSE Linux has announced a series of important security updates, addressing vulnerabilities in various software components. The updates include critical patches for Python tornado 6, Intel microcode, PostgreSQL, and multiple versions of the Linux Kernel. The updates also include Mozilla Thunderbird and python-cryptography, among others.

Key Updates and Vulnerabilities Addressed:

1. Python Tornado 6:
- CVE-2025-47287: Excessive logging during parsing malformed `multipart/form-data` could lead to denial-of-service attacks.

2. Intel Microcode (ucode-intel):
- Multiple CVEs (CVE-2024-28956, CVE-2024-43420, CVE-2025-20012, etc.) were addressed, with security updates targeting information disclosure and denial of service vulnerabilities for various Intel processors.

3. PostgreSQL Updates:
- CVE-2025-4207: Validation errors in GB18030 encoding could lead to out-of-bounds read vulnerabilities.

4. Linux Kernel:
- Several security patches were issued for various live patches (Live Patch 15, Live Patch 19, etc.) addressing vulnerabilities like CVE-2024-43882 and CVE-2024-53156 related to potential privilege escalation and memory issues.

5. Mozilla Thunderbird:
- Multiple vulnerabilities fixed, including issues with spoofed sender headers and file download vulnerabilities (CVE-2025-3875, CVE-2025-3909, etc.).

6. Python Cryptography:
- Addressed a use-after-free vulnerability (CVE-2025-3416) that could be exploited via the OpenSSL API.

Installation Instructions:

Users are encouraged to apply these updates using the recommended methods such as `YaST online_update` or via the command line using `zypper patch`. Specific commands are provided for each affected product version, ensuring that users can easily patch their systems.

Conclusion:

These security updates are critical for maintaining the integrity and security of systems running SUSE Linux. Users are advised to update their systems promptly to mitigate potential vulnerabilities that could be exploited by attackers. Regular updates and patch management are essential components of a robust security posture in any IT environment

Python-Tornado6, Ucode-Intel, PostrgreSQL, and more updates for SUSE

SUSE Linux has released several security updates, including python-tornado6, ucode-intel, postgresql, govulncheck-vulndb, open-vm-tools, Linux Kernel (Live Patch 15 for SLE 15 SP5), Linux Kernel (Live Patch 19 for SLE 15 SP5), MozillaThunderbird, Linux Kernel (Live Patch 2 for SLE 15 SP6), Linux Kernel (Live Patch 5 for SLE 15 SP6), Python-cryptography, Linux Kernel (Live Patch 14 for SLE 15 SP5), and Linux Kernel (Live Patch 50 for SLE 15 SP3).

SUSE-SU-2025:01649-1: important: Security update for python-tornado6
SUSE-SU-2025:01651-1: moderate: Security update for ucode-intel
SUSE-SU-2025:01654-1: moderate: Security update for postgresql13
SUSE-SU-2025:01653-1: important: Security update for govulncheck-vulndb
SUSE-SU-2025:01658-1: moderate: Security update for open-vm-tools
SUSE-SU-2025:01655-1: important: Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP5)
SUSE-SU-2025:01656-1: important: Security update for the Linux Kernel (Live Patch 19 for SLE 15 SP5)
openSUSE-SU-2025:15143-1: moderate: chromedriver-136.0.7103.113-1.1 on GA media
SUSE-SU-2025:01661-1: moderate: Security update for postgresql14
SUSE-SU-2025:01660-1: important: Security update for MozillaThunderbird
SUSE-SU-2025:01675-1: important: Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP6)
SUSE-SU-2025:01663-1: important: Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP6)
SUSE-SU-2025:01662-1: low: Security update for python-cryptography
SUSE-SU-2025:01668-1: important: Security update for the Linux Kernel (Live Patch 14 for SLE 15 SP5)
SUSE-SU-2025:01669-1: important: Security update for the Linux Kernel (Live Patch 50 for SLE 15 SP3)
SUSE-SU-2025:01672-1: important: Security update for the Linux Kernel (Live Patch 51 for SLE 15 SP3)

Python-Tornado6, Ucode-Intel, PostrgreSQL, and more updates for SUSE @ Linux Compatible