openSUSE 15.4: SUSE-SU-2025:01978-1 important: xorg-x11-server update

opensuse

June 17, 2025

An update that solves five vulnerabilities can now be installed.

Description

This update for xorg-x11-server fixes the following issues:

* CVE-2025-49175: Out-of-bounds access in X Rendering extension (Animated

cursors) (bsc#1244082).

* CVE-2025-49176: Integer overflow in Big Requests Extension (bsc#1244084).

* CVE-2025-49178: Unprocessed client request via bytes to ignore

(bsc#1244087).

* CVE-2025-49179: Integer overflow in X Record extension (bsc#1244089).

* CVE-2025-49180: Integer overflow in RandR extension

(RRChangeProviderProperty) (bsc#1244090).

Topics Covered

security advisory remote access important integer overflow xorg-x11-server openSUSE

Patch

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like

YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4

zypper in -t patch SUSE-2025-1978=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4

zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1978=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4

zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1978=1

* SUSE Linux Enterprise Server 15 SP4 LTSS

zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1978=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4

zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1978=1

* SUSE Manager Proxy 4.3

zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-1978=1

* SUSE Manager Retail Branch Server 4.3

zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-

Server-4.3-2025-1978=1

* SUSE Manager Server 4.3

zypper in -t patch...

Read the Full Advisory

Package List

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)

* xorg-x11-server-extra-debuginfo-1.20.3-150400.38.57.1

* xorg-x11-server-debuginfo-1.20.3-150400.38.57.1

* xorg-x11-server-1.20.3-150400.38.57.1

* xorg-x11-server-debugsource-1.20.3-150400.38.57.1

* xorg-x11-server-extra-1.20.3-150400.38.57.1

* xorg-x11-server-source-1.20.3-150400.38.57.1

* xorg-x11-server-sdk-1.20.3-150400.38.57.1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64

x86_64)

* xorg-x11-server-extra-debuginfo-1.20.3-150400.38.57.1

* xorg-x11-server-debuginfo-1.20.3-150400.38.57.1

* xorg-x11-server-1.20.3-150400.38.57.1

* xorg-x11-server-debugsource-1.20.3-150400.38.57.1

* xorg-x11-server-extra-1.20.3-150400.38.57.1

* xorg-x11-server-sdk-1.20.3-150400.38.57.1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64

x86_64)

* xorg-x11-server-extra-debuginfo-1.20.3-150400.38.57.1

* xorg-x11-server-debuginfo-1.20.3-150400.38.57.1

* xorg-x11-server-1.20.3-150400.38.57.1

*...

Read the Full Advisory

References

* bsc#1244082

* bsc#1244084

* bsc#1244087

* bsc#1244089

* bsc#1244090

## References:

* https://www.suse.com/security/cve/CVE-2025-49175.html

* https://www.suse.com/security/cve/CVE-2025-49176.html

* https://www.suse.com/security/cve/CVE-2025-49178.html

* https://www.suse.com/security/cve/CVE-2025-49179.html

* https://www.suse.com/security/cve/CVE-2025-49180.html

* https://bugzilla.suse.com/show_bug.cgi?id=1244082

* https://bugzilla.suse.com/show_bug.cgi?id=1244084

* https://bugzilla.suse.com/show_bug.cgi?id=1244087

* https://bugzilla.suse.com/show_bug.cgi?id=1244089

* https://bugzilla.suse.com/show_bug.cgi?id=1244090

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2025:01978-1

Release Date: 2025-06-17T15:29:55Z

Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3

Topics Covered

security advisory remote access important integer overflow xorg-x11-server openSUSE

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

openSUSE 15.4: SUSE-SU-2025:01978-1 important: xorg-x11-server update

Description

Topics Covered

Patch

Package List

References

Topics Covered

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

openSUSE 15.4: SUSE-SU-2025:01978-1 important: xorg-x11-server update

Description

Topics Covered

Patch

Package List

References

Topics Covered

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!