SUSE has released several important security updates for various products, addressing vulnerabilities in key software components such as V2Ray-Core, PostgreSQL, and Tomcat. These updates apply to multiple distributions, including openSUSE Tumbleweed, openSUSE Leap 15.6, and SUSE Linux Enterprise versions.

Key Updates & Vulnerabilities:

1. V2Ray-Core: Two critical updates (openSUSE-SU-2025:0322-1 and openSUSE-SU-2025:0323-1) have been issued to fix vulnerabilities, including CVE-2024-22189, which has a CVSS score of 7.5. The updates include enhancements like Dns Proxy Response TTL Control and fixes for various bugs.

2. PostgreSQL 17: An important update (SUSE-SU-2025:02986-1) fixes three significant vulnerabilities (CVE-2025-8713, CVE-2025-8714, CVE-2025-8715) related to optimizer statistics and data handling, with CVSS scores as high as 8.8.

3. Tomcat Versions (10 & 11): Updates for Tomcat (openSUSE-SU-2025:15490-1 for version 10 and openSUSE-SU-2025:15491-1 for version 11) address vulnerabilities with CVSS scores up to 8.7, improving security against potential exploits.

4. Cheat: An update for the Cheat tool resolves five vulnerabilities (openSUSE-SU-2025:15488-1), with notable CVE scores reaching 8.2.

5. Govulncheck-vulndb: This moderate update (SUSE-SU-2025:02988-1) introduces enhancements and fixes related to multiple vulnerabilities, impacting openSUSE Leap and SUSE Linux products.

6. Intel Microcode (ucode-intel): The update for Intel microcode addresses seven vulnerabilities (openSUSE-SU-2025:15492-1) with CVSS scores up to 7.9.

Patch Instructions:

Users are advised to apply these updates promptly using SUSE's recommended methods such as YaST online_update or via the command line with `zypper patch`. Specific commands for each product version are provided in the update announcements.

Recommendations:

- Regularly check for updates and apply patches to ensure systems remain secure.
- Monitor the CVEs and their respective severity ratings to prioritize critical updates.
- Utilize available documentation and resources from SUSE for detailed instructions on applying updates and understanding vulnerabilities.

These updates highlight SUSE's commitment to maintaining the security and integrity of their products, addressing both high-severity vulnerabilities and ensuring that users are equipped with the latest software enhancements

V2Ray-Core, PostgreSQL, Tomcat, and more updates for SUSE

Several security updates are available for openSUSE and SUSE products, including v2ray-core, postgresql17, tomcat11, tomcat10, govulncheck-vulndb, ucode-intel-20250812, and cheat. These updates fix various vulnerabilities, with some rated as high or moderate severity. The affected products include openSUSE Tumbleweed, openSUSE Leap 15.6, SUSE Linux Enterprise Desktop 15 SP6, SUSE Linux Enterprise Real Time 15 SP6, and more.

openSUSE-SU-2025:0322-1: important: Security update for v2ray-core
openSUSE-SU-2025:0323-1: important: Security update for v2ray-core
SUSE-SU-2025:02986-1: important: Security update for postgresql17
openSUSE-SU-2025:15492-1: moderate: ucode-intel-20250812-1.1 on GA media
openSUSE-SU-2025:15491-1: moderate: tomcat11-11.0.10-1.1 on GA media
openSUSE-SU-2025:15489-1: moderate: tomcat-9.0.108-1.1 on GA media
openSUSE-SU-2025:15488-1: moderate: cheat-4.4.2-2.1 on GA media
openSUSE-SU-2025:15490-1: moderate: tomcat10-10.1.44-1.1 on GA media
SUSE-SU-2025:02988-1: moderate: Security update for govulncheck-vulndb

V2Ray-Core, PostgreSQL, Tomcat, and more updates for SUSE @ Linux Compatible