Alerts This Week
Warning Icon 1 677
Alerts This Week
Warning Icon 1 677

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -5 articles for you...
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorymoderateOpenSUSE

openSUSE: Moderate Patch for CVE-2025-22872 via go-sendxmpp Update

An update that fixes one vulnerability is now available. . openSUSE Security Update: Security update for go-sendxmpp ______________________________________________________________________________ Announcement ID: openSUSE-SU-2025:0332-1 Rating: moderate References: #1241814 Cross-References: CVE-2025-22872 CVSS scores: CVE-2025-22872 (SUSE): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L Affected Products: openSUSE Backports SLE-15-SP7 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for go-sendxmpp fixes the following issues: - Update to 0.15.0: Added: * Add flag --verbose to show debug information. * Add flag --recipients to specify recipients by file. * Add flag --retry-connect to try after a waiting time if the connection fails. * Add flag --retry-connect-max to specify the amount of retry attempts. * Add flag --legacy-pgp for using XEP-0027 PGP encryption with Ox keys. * Add support for punycode domains. Changed: * Update gopenpgp library to v3. * Improve error detection for MUC joins. * Don't try to connect to other SRV record targets if error contains 'auth-failure'. * Remove support for old SSDP version (via go-xmpp v0.2.15). * Http-upload: Stop checking other disco items after finding upload component. * Increase default TLS version to 1.3. - CVE-2025-22872: Fixed golang.org/x/net/html: incorrectly interpreted tags can cause content to be placed wrong scope during DOM construction (boo#1241814) - Update to 0.14.1: * Use prettier date format for error messages. * Update XEP-0474 to version 0.4.0 (requires go-xmpp > = 0.2.10). Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypperpatch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP7: zypper in -t patch openSUSE-2025-332=1 Package List: - openSUSE Backports SLE-15-SP7 (aarch64 i586 ppc64le s390x x86_64): go-sendxmpp-0.15.0-bp157.2.3.1 References: https://www.suse.com/security/cve/CVE-2025-22872.html https://bugzilla.suse.com/1241814 . The recent openSUSE update introduces a significant security enhancement for go-sendxmpp, tackling CVE-2025-22872 while also enhancing current functionalities.. openSUSE update, go-sendxmpp patch, security advisory, moderate vulnerabilities, CVE-2025-22872. . LinuxSecurity.com Team

Calendar 2 Aug 30, 2025 OpenSUSE
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorySuSEimportant

SUSE: Kubernetes1.18 Important Fix for DOM Scope Issue CVE-2025-22872

* bsc#1229122 * bsc#1241865 Cross-References: * CVE-2025-22872 . # Security update for kubernetes1.18 Announcement ID: SUSE-SU-2025:02515-1 Release Date: 2025-07-24T18:51:30Z Rating: important References: * bsc#1229122 * bsc#1241865 Cross-References: * CVE-2025-22872 CVSS scores: * CVE-2025-22872 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L * CVE-2025-22872 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L * CVE-2025-22872 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L Affected Products: * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update of kubernetes1.18 fixes the following issues: * CVE-2025-22872: Fixed golang.org/x/net/html: incorrectly interpreted tags can cause content to be placed wrong scope during DOM construction (bsc#1241865) * rebuild the package with the current go 1.23 security release (bsc#1229122). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-2515=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -tpatch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-2515=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2515=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2515=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-2515=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2515=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-2515=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2515=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-2515=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * kubernetes1.18-client-1.18.10-150200.5.21.1 * kubernetes1.18-client-common-1.18.10-150200.5.21.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * kubernetes1.18-client-1.18.10-150200.5.21.1 * kubernetes1.18-client-common-1.18.10-150200.5.21.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * kubernetes1.18-client-1.18.10-150200.5.21.1 * kubernetes1.18-client-common-1.18.10-150200.5.21.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * kubernetes1.18-client-1.18.10-150200.5.21.1 * kubernetes1.18-client-common-1.18.10-150200.5.21.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * kubernetes1.18-client-1.18.10-150200.5.21.1 * kubernetes1.18-client-common-1.18.10-150200.5.21.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * kubernetes1.18-client-1.18.10-150200.5.21.1 * kubernetes1.18-client-common-1.18.10-150200.5.21.1 * SUSELinux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * kubernetes1.18-client-1.18.10-150200.5.21.1 * kubernetes1.18-client-common-1.18.10-150200.5.21.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * kubernetes1.18-client-1.18.10-150200.5.21.1 * kubernetes1.18-client-common-1.18.10-150200.5.21.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * kubernetes1.18-client-1.18.10-150200.5.21.1 * kubernetes1.18-client-common-1.18.10-150200.5.21.1 ## References: * https://www.suse.com/security/cve/CVE-2025-22872.html * https://bugzilla.suse.com/show_bug.cgi?id=1229122 * https://bugzilla.suse.com/show_bug.cgi?id=1241865 . The recent update for Kubernetes 1.18 addresses serious vulnerabilities, including incorrect tag handling during the creation of DOM for SUSE applications.. Kubernetes Update,SUSE Security Patch,CVE-2025-22872,OpenSUSE Leap Patch. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jul 24, 2025 Important SuSE
Banner 2 1028x280 1708121730 1 1771599631
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorymoderateSuSE

SUSE Advisory 2025:02289-2 on Docker Credential Leakage & DOM Risks

* bsc#1239765 * bsc#1240150 * bsc#1241830 * bsc#1242114 * bsc#1243833 . # Security update for docker Announcement ID: SUSE-SU-2025:02289-2 Release Date: 2025-07-16T15:48:13Z Rating: moderate References: * bsc#1239765 * bsc#1240150 * bsc#1241830 * bsc#1242114 * bsc#1243833 * bsc#1244035 * jsc#PED-12534 * jsc#PED-8905 Cross-References: * CVE-2025-0495 * CVE-2025-22872 CVSS scores: * CVE-2025-0495 ( SUSE ): 4.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:L/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2025-0495 ( SUSE ): 5.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N * CVE-2025-0495 ( NVD ): 4.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:L/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-22872 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L * CVE-2025-22872 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L * CVE-2025-22872 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Serverfor SAP Applications 15 SP5 An update that solves two vulnerabilities, contains two features and has four security fixes can now be installed. ## Description: This update for docker fixes the following issues: Update to Docker 28.2.2-ce (bsc#1243833, bsc#1242114): * CVE-2025-0495: Fixed credential leakage to telemetry endpoints when credentials allowed to be set as attribute values in cache-to/cache-from configuration.(bsc#1239765) * CVE-2025-22872: golang.org/x/net/html: incorrectly interpreted tags can cause content to be placed wrong scope during DOM construction (bsc#1241830). Other fixes: * Update to docker-buildx v0.22.0. * Always clear SUSEConnect suse_* secrets when starting containers (bsc#1244035). * Disable transparent SUSEConnect support for SLE-16. (jsc#PED-12534) * Now that the only blocker for docker-buildx support was removed for SLE-16, enable docker-buildx for SLE-16 as well. (jsc#PED-8905) * SUSEConnect secrets fails in SLES rootless docker containers (bsc#1240150). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-2289=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2289=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2289=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-2289=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2289=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2289=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-2289=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-2289=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2289=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2289=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2289=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2289=1 ## Package List: * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * docker-stable-24.0.9_ce-150000.1.22.1 * docker-stable-debuginfo-24.0.9_ce-150000.1.22.1 * docker-debuginfo-28.2.2_ce-150000.227.1 * docker-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * docker-bash-completion-28.2.2_ce-150000.227.1 * docker-stable-bash-completion-24.0.9_ce-150000.1.22.1 * docker-fish-completion-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * docker-stable-24.0.9_ce-150000.1.22.1 * docker-stable-debuginfo-24.0.9_ce-150000.1.22.1 * docker-debuginfo-28.2.2_ce-150000.227.1 * docker-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * docker-bash-completion-28.2.2_ce-150000.227.1 * docker-stable-bash-completion-24.0.9_ce-150000.1.22.1 * docker-rootless-extras-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * docker-stable-24.0.9_ce-150000.1.22.1 * docker-stable-debuginfo-24.0.9_ce-150000.1.22.1 * docker-debuginfo-28.2.2_ce-150000.227.1 * docker-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) *docker-bash-completion-28.2.2_ce-150000.227.1 * docker-stable-bash-completion-24.0.9_ce-150000.1.22.1 * docker-rootless-extras-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * docker-stable-24.0.9_ce-150000.1.22.1 * docker-stable-debuginfo-24.0.9_ce-150000.1.22.1 * docker-debuginfo-28.2.2_ce-150000.227.1 * docker-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * docker-bash-completion-28.2.2_ce-150000.227.1 * docker-stable-bash-completion-24.0.9_ce-150000.1.22.1 * docker-fish-completion-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * docker-stable-24.0.9_ce-150000.1.22.1 * docker-stable-debuginfo-24.0.9_ce-150000.1.22.1 * docker-debuginfo-28.2.2_ce-150000.227.1 * docker-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * docker-bash-completion-28.2.2_ce-150000.227.1 * docker-stable-bash-completion-24.0.9_ce-150000.1.22.1 * docker-rootless-extras-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * docker-stable-24.0.9_ce-150000.1.22.1 * docker-stable-debuginfo-24.0.9_ce-150000.1.22.1 * docker-debuginfo-28.2.2_ce-150000.227.1 * docker-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * docker-bash-completion-28.2.2_ce-150000.227.1 * docker-stable-bash-completion-24.0.9_ce-150000.1.22.1 * docker-rootless-extras-28.2.2_ce-150000.227.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * docker-stable-24.0.9_ce-150000.1.22.1 * docker-stable-debuginfo-24.0.9_ce-150000.1.22.1 * docker-debuginfo-28.2.2_ce-150000.227.1 * docker-28.2.2_ce-150000.227.1 * SUSE Enterprise Storage 7.1 (noarch) * docker-bash-completion-28.2.2_ce-150000.227.1 * docker-stable-bash-completion-24.0.9_ce-150000.1.22.1 *docker-fish-completion-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * docker-stable-24.0.9_ce-150000.1.22.1 * docker-stable-debuginfo-24.0.9_ce-150000.1.22.1 * docker-debuginfo-28.2.2_ce-150000.227.1 * docker-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * docker-bash-completion-28.2.2_ce-150000.227.1 * docker-stable-bash-completion-24.0.9_ce-150000.1.22.1 * docker-fish-completion-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * docker-stable-24.0.9_ce-150000.1.22.1 * docker-stable-debuginfo-24.0.9_ce-150000.1.22.1 * docker-debuginfo-28.2.2_ce-150000.227.1 * docker-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * docker-bash-completion-28.2.2_ce-150000.227.1 * docker-stable-bash-completion-24.0.9_ce-150000.1.22.1 * docker-rootless-extras-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * docker-stable-24.0.9_ce-150000.1.22.1 * docker-stable-debuginfo-24.0.9_ce-150000.1.22.1 * docker-debuginfo-28.2.2_ce-150000.227.1 * docker-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * docker-bash-completion-28.2.2_ce-150000.227.1 * docker-stable-bash-completion-24.0.9_ce-150000.1.22.1 * docker-rootless-extras-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * docker-stable-24.0.9_ce-150000.1.22.1 * docker-stable-debuginfo-24.0.9_ce-150000.1.22.1 * docker-debuginfo-28.2.2_ce-150000.227.1 * docker-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * docker-bash-completion-28.2.2_ce-150000.227.1 * docker-stable-bash-completion-24.0.9_ce-150000.1.22.1 *docker-rootless-extras-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * docker-stable-24.0.9_ce-150000.1.22.1 * docker-stable-debuginfo-24.0.9_ce-150000.1.22.1 * docker-debuginfo-28.2.2_ce-150000.227.1 * docker-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * docker-bash-completion-28.2.2_ce-150000.227.1 * docker-stable-bash-completion-24.0.9_ce-150000.1.22.1 * docker-rootless-extras-28.2.2_ce-150000.227.1 ## References: * https://www.suse.com/security/cve/CVE-2025-0495.html * https://www.suse.com/security/cve/CVE-2025-22872.html * https://bugzilla.suse.com/show_bug.cgi?id=1239765 * https://bugzilla.suse.com/show_bug.cgi?id=1240150 * https://bugzilla.suse.com/show_bug.cgi?id=1241830 * https://bugzilla.suse.com/show_bug.cgi?id=1242114 * https://bugzilla.suse.com/show_bug.cgi?id=1243833 * https://bugzilla.suse.com/show_bug.cgi?id=1244035 * https://jira.suse.com/login.jsp?permissionViolation=true&os_destination=%2Fbrowse%2FPED-12534&page_caps=&user_role= * https://jira.suse.com/login.jsp?permissionViolation=true&os_destination=%2Fbrowse%2FPED-8905&page_caps=&user_role= . SUSE has published a security advisory announcing a moderate update for Docker that resolves concerns related to credential exposure and issues within the Document Object Model (DOM).. Docker Update, SUSE Security, Vulnerability Fix, Linux Administration, Threat Mitigation. . LinuxSecurity.com Team

Calendar 2 Jul 16, 2025 SuSE
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorymoderateOpenSUSE

openSUSE Security Update: 2025:02289-1 Addresses Docker Vulnerabilities

An update that solves two vulnerabilities, contains two features and has four security fixes can now be installed.. # Security update for docker Announcement ID: SUSE-SU-2025:02289-1 Release Date: 2025-07-11T11:13:10Z Rating: moderate References: * bsc#1239765 * bsc#1240150 * bsc#1241830 * bsc#1242114 * bsc#1243833 * bsc#1244035 * jsc#PED-12534 * jsc#PED-8905 Cross-References: * CVE-2025-0495 * CVE-2025-22872 CVSS scores: * CVE-2025-0495 ( SUSE ): 4.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:L/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2025-0495 ( SUSE ): 5.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N * CVE-2025-0495 ( NVD ): 4.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:L/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-22872 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L * CVE-2025-22872 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L * CVE-2025-22872 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L Affected Products: * Basesystem Module 15-SP7 * Containers Module 15-SP6 * Containers Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves two vulnerabilities, contains two features and has four security fixes can now be installed. ##Description: This update for docker fixes the following issues: Update to Docker 28.2.2-ce (bsc#1243833, bsc#1242114): * CVE-2025-0495: Fixed credential leakage to telemetry endpoints when credentials allowed to be set as attribute values in cache-to/cache-from configuration.(bsc#1239765) * CVE-2025-22872: golang.org/x/net/html: incorrectly interpreted tags can cause content to be placed wrong scope during DOM construction (bsc#1241830). Other fixes: * Update to docker-buildx v0.22.0. * Always clear SUSEConnect suse_* secrets when starting containers (bsc#1244035). * Disable transparent SUSEConnect support for SLE-16. (jsc#PED-12534) * Now that the only blocker for docker-buildx support was removed for SLE-16, enable docker-buildx for SLE-16 as well. (jsc#PED-8905) * SUSEConnect secrets fails in SLES rootless docker containers (bsc#1240150). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-2289=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2289=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2289=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2289=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2289=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-2289=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-2289=1 * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2025-2289=1 * Containers Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Containers-15-SP7-2025-2289=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patchSUSE-SUSE-MicroOS-5.1-2025-2289=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-2289=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-2289=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * docker-stable-debuginfo-24.0.9_ce-150000.1.22.1 * docker-debuginfo-28.2.2_ce-150000.227.1 * docker-stable-24.0.9_ce-150000.1.22.1 * docker-28.2.2_ce-150000.227.1 * openSUSE Leap 15.6 (noarch) * docker-stable-rootless-extras-24.0.9_ce-150000.1.22.1 * docker-stable-zsh-completion-24.0.9_ce-150000.1.22.1 * docker-stable-fish-completion-24.0.9_ce-150000.1.22.1 * docker-bash-completion-28.2.2_ce-150000.227.1 * docker-stable-bash-completion-24.0.9_ce-150000.1.22.1 * docker-fish-completion-28.2.2_ce-150000.227.1 * docker-zsh-completion-28.2.2_ce-150000.227.1 * docker-rootless-extras-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * docker-debuginfo-28.2.2_ce-150000.227.1 * docker-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * docker-debuginfo-28.2.2_ce-150000.227.1 * docker-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * docker-debuginfo-28.2.2_ce-150000.227.1 * docker-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * docker-debuginfo-28.2.2_ce-150000.227.1 * docker-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * docker-debuginfo-28.2.2_ce-150000.227.1 * docker-28.2.2_ce-150000.227.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * docker-debuginfo-28.2.2_ce-150000.227.1 * docker-28.2.2_ce-150000.227.1 * Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64) * docker-stable-debuginfo-24.0.9_ce-150000.1.22.1 * docker-debuginfo-28.2.2_ce-150000.227.1 *docker-stable-24.0.9_ce-150000.1.22.1 * docker-28.2.2_ce-150000.227.1 * Containers Module 15-SP6 (noarch) * docker-rootless-extras-28.2.2_ce-150000.227.1 * docker-bash-completion-28.2.2_ce-150000.227.1 * docker-stable-bash-completion-24.0.9_ce-150000.1.22.1 * Containers Module 15-SP7 (noarch) * docker-rootless-extras-28.2.2_ce-150000.227.1 * docker-bash-completion-28.2.2_ce-150000.227.1 * docker-stable-bash-completion-24.0.9_ce-150000.1.22.1 * Containers Module 15-SP7 (aarch64 ppc64le s390x x86_64) * docker-stable-debuginfo-24.0.9_ce-150000.1.22.1 * docker-stable-24.0.9_ce-150000.1.22.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * docker-debuginfo-28.2.2_ce-150000.227.1 * docker-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * docker-debuginfo-28.2.2_ce-150000.227.1 * docker-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * docker-debuginfo-28.2.2_ce-150000.227.1 * docker-28.2.2_ce-150000.227.1 ## References: * https://www.suse.com/security/cve/CVE-2025-0495.html * https://www.suse.com/security/cve/CVE-2025-22872.html * https://bugzilla.suse.com/show_bug.cgi?id=1239765 * https://bugzilla.suse.com/show_bug.cgi?id=1240150 * https://bugzilla.suse.com/show_bug.cgi?id=1241830 * https://bugzilla.suse.com/show_bug.cgi?id=1242114 * https://bugzilla.suse.com/show_bug.cgi?id=1243833 * https://bugzilla.suse.com/show_bug.cgi?id=1244035 * https://jira.suse.com/login.jsp?permissionViolation=true&os_destination=%2Fbrowse%2FPED-12534&page_caps=&user_role= * https://jira.suse.com/login.jsp?permissionViolation=true&os_destination=%2Fbrowse%2FPED-8905&page_caps=&user_role= . The recent update for Kubernetes addresses medium-risk flaws including credential leaks and issues with API response formatting.. openSUSE docker security, moderate security update, Linux package patch. . LinuxSecurity.com Team

Calendar 2 Jul 11, 2025 OpenSUSE
Banner 2 1028x280 1708121730 1 1771599631
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here