Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

SUSE: 2025:02166-1 important: himmelblau security update

suse
Calendar Grey June 30, 2025
Dist Suse Esm H88
Significant SUSE upgrade tackles crucial vulnerabilities in elbown, improving resilience and safety with detailed installation guidelines.
* bsc#1242648 * bsc#1244202 Cross-References: * CVE-2025-3416

Summary

## This update for himmelblau fixes the following issues: * CVE-2025-5791: Fixed using deprecated `users` crate (bsc#1244202) * CVE-2025-3416: Fixed use-After-Free in Md::fetch and Cipher::fetch in rust- openssl crate (bsc#1242648) Update to version 0.7.17+git.0.1ebdab0 * Update sccache-action version to use new cache service ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-2166=1 ## Package List: * Basesystem Module 15-SP7 (aarch64 x86_64) * himmelblau-0.7.17+git.0.1ebdab0-150700.3.3.2 * himmelblau-debuginfo-0.7.17+git.0.1ebdab0-150700.3.3.2

Topics%20covered

Topics Covered

security advisory denial of service update important suse himmelblau

References

* bsc#1242648

* bsc#1244202

Cross-

* CVE-2025-3416

* CVE-2025-5791

CVSS scores:

* CVE-2025-3416 ( SUSE ): 6.3

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

* CVE-2025-3416 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

* CVE-2025-3416 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

* CVE-2025-5791 ( SUSE ): 8.4

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

* CVE-2025-5791 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

* CVE-2025-5791 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Affected Products:

* Basesystem Module 15-SP7

* SUSE Linux Enterprise Desktop 15 SP7

* SUSE Linux Enterprise Real Time 15 SP7

* SUSE Linux Enterprise Server 15 SP7

* SUSE Linux Enterprise Server for SAP Applications 15 SP7

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2025:02166-1
Release Date: 2025-06-30T07:14:21Z
Rating: important

Topics%20covered

Topics Covered

security advisory denial of service update important suse himmelblau

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here