openSUSE: Trivy Important Security Update 2025:0489-1 Enhances Protection
opensuse
December 30, 2025
An update that fixes 14 vulnerabilities is now available.
Description
This update for trivy fixes the following issues:
Update to version 0.68.2:
* fix(deps): bump alpine from `3.22.1` to `3.23.0` [backport:
release/v0.68] (#9949)
* ci: enable `check-latest` for `setup-go` [backport: release/v0.68]
(#9946)
Update to version 0.68.1 (boo#1251363, CVE-2025-47911, boo#1251547,
CVE-2025-58190, boo#1253512, CVE-2025-47913, boo#1253512, CVE-2025-47913,
boo#1253786, CVE-2025-58181, boo#1253977, CVE-2025-47914):
* fix: update cosing settings for GoReleaser after bumping cosing to v3
(#9863)
* chore(deps): bump the testcontainers group with 2 updates (#9506)
* feat(aws): Add support for dualstack ECR endpoints (#9862)
* fix(vex): use a separate `visited` set for each DFS path (#9760)
* docs: catch some missed docs -> guide (#9850)
* refactor(misconf): parse azure_policy_enabled to
addonprofile.azurepolicy.enabled (#9851)
* chore(cli): Remove Trivy Cloud (#9847)
*...
Read the Full Advisory
Topics Covered
Patch
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP7:
zypper in -t patch openSUSE-2025-489=1
Package List
- openSUSE Backports SLE-15-SP7 (aarch64 i586 ppc64le s390x x86_64):
trivy-0.68.2-bp157.2.6.1
References
https://www.suse.com/security/cve/CVE-2025-11065.html
https://www.suse.com/security/cve/CVE-2025-22868.html
https://www.suse.com/security/cve/CVE-2025-22869.html
https://www.suse.com/security/cve/CVE-2025-22872.html
https://www.suse.com/security/cve/CVE-2025-30204.html
https://www.suse.com/security/cve/CVE-2025-46569.html
https://www.suse.com/security/cve/CVE-2025-47291.html
https://www.suse.com/security/cve/CVE-2025-47911.html
https://www.suse.com/security/cve/CVE-2025-47913.html
https://www.suse.com/security/cve/CVE-2025-47914.html
https://www.suse.com/security/cve/CVE-2025-53547.html
https://www.suse.com/security/cve/CVE-2025-58058.html
https://www.suse.com/security/cve/CVE-2025-58181.html
https://www.suse.com/security/cve/CVE-2025-58190.html
https://bugzilla.suse.com/1239225
https://bugzilla.suse.com/1239385
https://bugzilla.suse.com/1240466
https://bugzilla.suse.com/1241724
https://bugzilla.suse.com/1243633
https://bugzilla.suse.com/1246730
https://bugzilla.suse.com/1248897
https://bugzilla.suse.com/1...
Read the Full Advisory
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: openSUSE-SU-2025:0489-1
Rating: important
Affected Products:
openSUSE Backports SLE-15-SP7
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!