openSUSE: zk Moderate Security Update 2026:0017-1 CVE-2025-58181
opensuse
January 16, 2026
An update that fixes one vulnerability is now available.
Description
This update for zk fixes the following issues:
- Update to version 0.15.2
* Find notes with missing backlinks using zk list --missing-backlink
* LSP diagnostic for missing backlinks when other notes link to current
note without reciprocal links
* Code action to add missing backlinks
* LSP diagnostic for self-referential links
* Release tarballs now output the program version
* Config path can be set with $ZK_CONFIG_DIR
* bump deps: golang.org/x/crypto v0.45.0 fixes CVE-2025-58181
- Update to version 0.15.0
* fixed LSP crashes when editing code fences and/or working in text
files with code fences
* new feature to set a group path "by name", in that any directory with
the same name can share the same group rules, no matter how deep in
the notebook. See references below.
- Update to version 0.14.2
* Path in .zk/config.toml for the default note template now accepts UNIX
"~/paths"
*...
Read the Full Advisory
Topics Covered
Patch
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP6:
zypper in -t patch openSUSE-2026-17=1
Package List
- openSUSE Backports SLE-15-SP6 (aarch64 i586 ppc64le s390x x86_64):
zk-0.15.2-bp156.2.3.1
References
https://www.suse.com/security/cve/CVE-2025-58181.html
PREVIOUS
NEXT
Announcement ID: openSUSE-SU-2026:0017-1
Rating: moderate
Affected Products:
openSUSE Backports SLE-15-SP6
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!