Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

SUSE: Multi-Linux Manager Important Update Threat Mitigation 2025:4458-1

suse
Calendar Grey December 18, 2025
Dist Suse Esm H88
This important update addresses four vulnerabilities in Multi-Linux Manager Client Tools to enhance security and functionality.
An update that solves four vulnerabilities, contains one feature and has 24 security fixes can now be installed.

Summary

## This update fixes the following issues: dracut-saltboot: * Update to version 1.0.0 * Reboot on salt key timeout (bsc#1237495) * Fixed parsing files with space in the name (bsc#1252100) grafana was updated from version 11.5.5 to 11.5.10: * Security issues fixed: * CVE-2025-47911: Fix parsing HTML documents (bsc#1251454) * CVE-2025-58190: Fix excessive memory consumption (bsc#1251657) * CVE-2025-64751: Drop experimental implementation of authorization Zanzana server/client (bsc#1254113) * CVE-2025-11065: Fixed sensitive information leak in logs (version 11.5.9) (bsc#1250616) * CVE-2025-6023: Fixed cross-site-scripting via scripted dashboards (version 11.5.7) (bsc#1246735) * CVE-2025-6197: Fixed open redirect in organization switching (version 11.5.7) (bsc#1246736)

References

* bsc#1227577

* bsc#1227579

* bsc#1237495

* bsc#1243611

* bsc#1243704

* bsc#1244027

* bsc#1244127

* bsc#1244534

* bsc#1245099

* bsc#1245302

* bsc#1246068

* bsc#1246320

* bsc#1246553

* bsc#1246586

* bsc#1246662

* bsc#1246735

* bsc#1246736

* bsc#1246738

* bsc#1246789

* bsc#1246882

* bsc#1246906

* bsc#1246925

* bsc#1247688

* bsc#1247721

* bsc#1250616

* bsc#1251044

* bsc#1251138

* bsc#1252100

* jsc#MSQA-1034

Cross-

* CVE-2025-11065

* CVE-2025-3415

* CVE-2025-6023

* CVE-2025-6197

CVSS scores:

* CVE-2025-11065 ( SUSE ): 5.7

CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

* CVE-2025-11065 ( SUSE ): 4.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N

* CVE-2025-3415 ( SUSE ): 5.3

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2025:4458-1
Release Date: 2025-12-18T11:57:41Z
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here