SUSE Linux has released several important security updates for its software, addressing vulnerabilities in four key components: runc, ClamAV, the Xorg X11 Server, and python-requests.
1. runc: The update, identified as SUSE-SU-2025:02198-1, was released on July 2, 2025, and carries a low severity rating. It resolves CVE-2024-45310, which involved the unintentional creation of empty files/directories on the host. Users are encouraged to update to runc version 1.2.6 using the recommended installation methods such as YaST online_update or "zypper patch".
2. ClamAV: Announced in SUSE-SU-2025:02200-1, this important update also released on July 2, addresses two vulnerabilities: CVE-2025-20234 and CVE-2025-20260. The former relates to a vulnerability in Universal Disk Format (UDF) processing, and the latter pertains to a PDF scanning buffer overflow. Users should update to ClamAV version 1.4.3 to mitigate these risks.
3. Xorg-X11-Server: The update, SUSE-SU-2025:02207-1, rated as important, fixes CVE-2025-49176, which involves an integer overflow in the Big Requests Extension. This update is crucial for users running various SUSE products, including enterprise servers.
4. python-requests: This moderate severity update, identified as SUSE-SU-2025:02205-1, resolves CVE-2024-47081, addressing a netrc credential leak. Users are advised to update to the latest version of python-requests to ensure security.
- ClamAV: Important, two vulnerabilities (CVE-2025-20234, CVE-2025-20260) fixed.
- Xorg-X11-Server: Important, CVE-2025-49176 addressed.
- python-requests: Moderate severity, CVE-2024-47081 fixed.
1. runc: The update, identified as SUSE-SU-2025:02198-1, was released on July 2, 2025, and carries a low severity rating. It resolves CVE-2024-45310, which involved the unintentional creation of empty files/directories on the host. Users are encouraged to update to runc version 1.2.6 using the recommended installation methods such as YaST online_update or "zypper patch".
2. ClamAV: Announced in SUSE-SU-2025:02200-1, this important update also released on July 2, addresses two vulnerabilities: CVE-2025-20234 and CVE-2025-20260. The former relates to a vulnerability in Universal Disk Format (UDF) processing, and the latter pertains to a PDF scanning buffer overflow. Users should update to ClamAV version 1.4.3 to mitigate these risks.
3. Xorg-X11-Server: The update, SUSE-SU-2025:02207-1, rated as important, fixes CVE-2025-49176, which involves an integer overflow in the Big Requests Extension. This update is crucial for users running various SUSE products, including enterprise servers.
4. python-requests: This moderate severity update, identified as SUSE-SU-2025:02205-1, resolves CVE-2024-47081, addressing a netrc credential leak. Users are advised to update to the latest version of python-requests to ensure security.
Summary of Updates:
- runc: Low severity, CVE-2024-45310 resolved.- ClamAV: Important, two vulnerabilities (CVE-2025-20234, CVE-2025-20260) fixed.
- Xorg-X11-Server: Important, CVE-2025-49176 addressed.
- python-requests: Moderate severity, CVE-2024-47081 fixed.
Recommended Actions:
- Users of SUSE products should promptly apply these updates using the provided patch commands for their respective products to maintain system security. This proactive approach helps protect against potential exploits that could arise from these vulnerabilities.Conclusion
The timely release of these security updates underscores SUSE's commitment to maintaining the integrity and security of its software. Users are urged to stay informed about updates and to act swiftly to apply them to safeguard their systemsRunc, ClamAV, Xorg-X11-Server, Python-Requests updates for SUSE
SUSE Linux has been updated with security enhancements for runc, clamav, xorg-x11-server, and python-requests:
SUSE-SU-2025:02198-1: low: Security update for runc
SUSE-SU-2025:02200-1: important: Security update for clamav
SUSE-SU-2025:02207-1: important: Security update for xorg-x11-server
SUSE-SU-2025:02205-1: moderate: Security update for python-requestsRunc, ClamAV, Xorg-X11-Server, Python-Requests updates for SUSE @ Linux Compatible
