SUSE: 2025:0524-1 Moderate: Multiple SUSE Manager Security Issues

suse

February 14, 2025

* bsc#1212641 * bsc#1219912 * bsc#1229079 * bsc#1229104 * bsc#1231024

Summary

## This update fixes the following issues: golang-github-prometheus-prometheus was updated from version 2.45.6 to 2.53.3 (jsc#PED-11649): * Security issues fixed: * CVE-2024-51744: Updated golang-jwt to version 5.0 to fix bad error handling (bsc#1232970) * Highlights of other changes: * Performance: * Significant enhancements to PromQL execution speed, TSDB operations (especially querying and compaction) and remote write operations. * Default GOGC value lowered to 75 for better memory management. * Option to limit memory usage from dropped targets added. * New Features: * Experimental OpenTelemetry ingestion. * Automatic memory limit handling. * Native histogram support, including new functions, UI enhancements, and improved scraping.

Topics Covered

security advisory moderate security issue update patch software updates threat mitigation bug fixes security issues SUSE Manager SUSE Manager Client

References

* bsc#1212641

* bsc#1219912

* bsc#1229079

* bsc#1229104

* bsc#1231024

* bsc#1231497

* bsc#1231568

* bsc#1231759

* bsc#1232575

* bsc#1232769

* bsc#1232817

* bsc#1232970

* bsc#1233202

* bsc#1233279

* bsc#1233630

* bsc#1233660

* bsc#1234123

* bsc#1234554

* bsc#1235145

* bsc#1236301

* jsc#MSQA-914

* jsc#PED-11591

* jsc#PED-11649

Cross-

* CVE-2023-3128

* CVE-2023-6152

* CVE-2024-22037

* CVE-2024-45337

* CVE-2024-51744

* CVE-2024-6837

* CVE-2024-8118

CVSS scores:

* CVE-2023-3128 ( SUSE ): 9.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L

* CVE-2023-3128 ( NVD ): 9.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L

* CVE-2023-3128 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

* CVE-2023-6152 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

Announcement ID: SUSE-SU-2025:0524-1

Release Date: 2025-02-14T07:16:37Z

Rating: moderate

Topics Covered

security advisory moderate security issue update patch software updates threat mitigation bug fixes security issues SUSE Manager SUSE Manager Client

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2025:0524-1 Moderate: Multiple SUSE Manager Security Issues

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2025:0524-1 Moderate: Multiple SUSE Manager Security Issues

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!