## This update fixes the following issues: golang-github-prometheus-node_exporter: * Security issues fixed: * CVE-2025-22870: Prevent a matching of hosts against proxy patterns to improperly treat an IPv6 zone ID as a hostname component (bsc#1238686) * Other bugs fixed: * Fixed Darwin memory leak * pressure: Fix missing IRQ on older kernels salt, venv-salt-minion: * Security issues fixed: * CVE-2024-38822: Fixed Minion token validation (bsc#1244561) * CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport (bsc#1244564) * CVE-2024-38824: Fixed directory traversal vulnerability in recv_file method (bsc#1244565) * CVE-2024-38825: Fixed salt.auth.pki module authentication issue (bsc#1244566)
* bsc#1236621
* bsc#1236877
* bsc#1238686
* bsc#1238849
* bsc#1238929
* bsc#1240626
* bsc#1240698
* bsc#1242174
* bsc#1243105
* bsc#1243268
* bsc#1243274
* bsc#1243297
* bsc#1243802
* bsc#1244561
* bsc#1244564
* bsc#1244565
* bsc#1244566
* bsc#1244567
* bsc#1244568
* bsc#1244570
* bsc#1244571
* bsc#1244572
* bsc#1244574
* bsc#1244575
* jsc#MSQA-993
Cross-
* CVE-2024-38822
* CVE-2024-38823
* CVE-2024-38824
* CVE-2024-38825
* CVE-2025-22236
* CVE-2025-22237
* CVE-2025-22238
* CVE-2025-22239
* CVE-2025-22240
* CVE-2025-22241
* CVE-2025-22242
* CVE-2025-22870
* CVE-2025-47287
CVSS scores:
* CVE-2024-38822 ( SUSE ): 5.1
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2024-38822 ( SUSE ): 2.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
Get the latest Linux and open source security news straight to your inbox.