Explore top 10 tips to secure your open-source projects now. Read More
×An update that solves three vulnerabilities can now be installed.. # Security update for the Linux Kernel (Live Patch 23 for SLE 15 SP5) Announcement ID: SUSE-SU-2025:01893-1 Release Date: 2025-06-11T12:04:17Z Rating: important References: * bsc#1238324 * bsc#1239077 * bsc#1239096 Cross-References: * CVE-2022-49080 * CVE-2024-57996 * CVE-2024-58013 CVSS scores: * CVE-2022-49080 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49080 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57996 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57996 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-58013 ( SUSE ): 7.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-58013 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-58013 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_94 fixes several issues. The following security issues were fixed: * CVE-2022-49080: mm/mempolicy: fix mpol_new leak in shared_policy_replace (bsc#1238324). * CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync (bsc#1239096). * CVE-2024-57996: net_sched: sch_sfq: do not allow 1 packet limit (bsc#1239077). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the commandlisted for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-1893=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-1893=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_94-default-debuginfo-2-150500.2.2 * kernel-livepatch-SLE15-SP5_Update_23-debugsource-2-150500.2.2 * kernel-livepatch-5_14_21-150500_55_94-default-2-150500.2.2 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_94-default-debuginfo-2-150500.2.2 * kernel-livepatch-SLE15-SP5_Update_23-debugsource-2-150500.2.2 * kernel-livepatch-5_14_21-150500_55_94-default-2-150500.2.2 ## References: * https://www.suse.com/security/cve/CVE-2022-49080.html * https://www.suse.com/security/cve/CVE-2024-57996.html * https://www.suse.com/security/cve/CVE-2024-58013.html * https://bugzilla.suse.com/show_bug.cgi?id=1238324 * https://bugzilla.suse.com/show_bug.cgi?id=1239077 * https://bugzilla.suse.com/show_bug.cgi?id=1239096 . The most recent update to the Linux Kernel addresses essential vulnerabilities in Fedora, greatly enhancing both performance and safety.. openSUSE updates, Linux Kernel patches, security fixes, important updates, system vulnerabilities. . Severity: Important. LinuxSecurity.com Team
An update that solves three vulnerabilities can now be installed.. # Security update for the Linux Kernel (Live Patch 22 for SLE 15 SP5) Announcement ID: SUSE-SU-2025:01875-1 Release Date: 2025-06-10T23:03:54Z Rating: important References: * bsc#1238324 * bsc#1239077 * bsc#1239096 Cross-References: * CVE-2022-49080 * CVE-2024-57996 * CVE-2024-58013 CVSS scores: * CVE-2022-49080 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49080 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57996 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57996 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-58013 ( SUSE ): 7.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-58013 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-58013 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_91 fixes several issues. The following security issues were fixed: * CVE-2022-49080: mm/mempolicy: fix mpol_new leak in shared_policy_replace (bsc#1238324). * CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync (bsc#1239096). * CVE-2024-57996: net_sched: sch_sfq: do not allow 1 packet limit (bsc#1239077). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the commandlisted for your product: * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-1876=1 SUSE-SLE- Module-Live-Patching-15-SP5-2025-1875=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-1875=1 SUSE-2025-1876=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_91-default-5-150500.2.2 * kernel-livepatch-5_14_21-150500_55_91-default-debuginfo-5-150500.2.2 * kernel-livepatch-SLE15-SP5_Update_22-debugsource-5-150500.2.2 * kernel-livepatch-5_14_21-150500_55_88-default-5-150500.2.2 * kernel-livepatch-5_14_21-150500_55_88-default-debuginfo-5-150500.2.2 * kernel-livepatch-SLE15-SP5_Update_21-debugsource-5-150500.2.2 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_91-default-5-150500.2.2 * kernel-livepatch-5_14_21-150500_55_91-default-debuginfo-5-150500.2.2 * kernel-livepatch-SLE15-SP5_Update_22-debugsource-5-150500.2.2 * kernel-livepatch-5_14_21-150500_55_88-default-5-150500.2.2 * kernel-livepatch-5_14_21-150500_55_88-default-debuginfo-5-150500.2.2 * kernel-livepatch-SLE15-SP5_Update_21-debugsource-5-150500.2.2 ## References: * https://www.suse.com/security/cve/CVE-2022-49080.html * https://www.suse.com/security/cve/CVE-2024-57996.html * https://www.suse.com/security/cve/CVE-2024-58013.html * https://bugzilla.suse.com/show_bug.cgi?id=1238324 * https://bugzilla.suse.com/show_bug.cgi?id=1239077 * https://bugzilla.suse.com/show_bug.cgi?id=1239096 . An important update for openSUSE has been released to address critical kernel vulnerabilities and enhance system stability and performance for users. openSUSE Security Advisories, Linux Kernel Updates, System Patches, Important Security Fixes. . Severity: Important. LinuxSecurity.com Team
An update that solves four vulnerabilities can now be installed.. # Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP5) Announcement ID: SUSE-SU-2025:01869-1 Release Date: 2025-06-10T18:33:47Z Rating: important References: * bsc#1232900 * bsc#1238324 * bsc#1239077 * bsc#1239096 Cross-References: * CVE-2022-49080 * CVE-2024-49855 * CVE-2024-57996 * CVE-2024-58013 CVSS scores: * CVE-2022-49080 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49080 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49855 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49855 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49855 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57996 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57996 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-58013 ( SUSE ): 7.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-58013 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-58013 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_73 fixes several issues. The following security issues were fixed: * CVE-2022-49080: mm/mempolicy: fix mpol_new leak in shared_policy_replace (bsc#1238324). * CVE-2024-49855: nbd: fix race between timeout and normal completion (bsc#1232900). *CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync (bsc#1239096). * CVE-2024-57996: net_sched: sch_sfq: do not allow 1 packet limit (bsc#1239077). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-1872=1 SUSE-2025-1869=1 SUSE-2025-1870=1 SUSE-2025-1871=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-1871=1 SUSE-SLE- Module-Live-Patching-15-SP5-2025-1872=1 SUSE-SLE-Module-Live- Patching-15-SP5-2025-1869=1 SUSE-SLE-Module-Live-Patching-15-SP5-2025-1870=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_62-default-17-150500.2.2 * kernel-livepatch-5_14_21-150500_55_65-default-debuginfo-17-150500.2.2 * kernel-livepatch-5_14_21-150500_55_68-default-debuginfo-16-150500.2.2 * kernel-livepatch-5_14_21-150500_55_73-default-11-150500.2.2 * kernel-livepatch-5_14_21-150500_55_73-default-debuginfo-11-150500.2.2 * kernel-livepatch-5_14_21-150500_55_65-default-17-150500.2.2 * kernel-livepatch-5_14_21-150500_55_68-default-16-150500.2.2 * kernel-livepatch-SLE15-SP5_Update_13-debugsource-17-150500.2.2 * kernel-livepatch-SLE15-SP5_Update_17-debugsource-11-150500.2.2 * kernel-livepatch-SLE15-SP5_Update_14-debugsource-17-150500.2.2 * kernel-livepatch-SLE15-SP5_Update_15-debugsource-16-150500.2.2 * kernel-livepatch-5_14_21-150500_55_62-default-debuginfo-17-150500.2.2 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_62-default-17-150500.2.2 * kernel-livepatch-5_14_21-150500_55_65-default-debuginfo-17-150500.2.2 * kernel-livepatch-5_14_21-150500_55_68-default-debuginfo-16-150500.2.2 *kernel-livepatch-5_14_21-150500_55_73-default-11-150500.2.2 * kernel-livepatch-5_14_21-150500_55_73-default-debuginfo-11-150500.2.2 * kernel-livepatch-5_14_21-150500_55_65-default-17-150500.2.2 * kernel-livepatch-5_14_21-150500_55_68-default-16-150500.2.2 * kernel-livepatch-SLE15-SP5_Update_13-debugsource-17-150500.2.2 * kernel-livepatch-SLE15-SP5_Update_14-debugsource-17-150500.2.2 * kernel-livepatch-SLE15-SP5_Update_15-debugsource-16-150500.2.2 * kernel-livepatch-5_14_21-150500_55_62-default-debuginfo-17-150500.2.2 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le x86_64) * kernel-livepatch-SLE15-SP5_Update_17-debugsource-11-150500.2.2 ## References: * https://www.suse.com/security/cve/CVE-2022-49080.html * https://www.suse.com/security/cve/CVE-2024-49855.html * https://www.suse.com/security/cve/CVE-2024-57996.html * https://www.suse.com/security/cve/CVE-2024-58013.html * https://bugzilla.suse.com/show_bug.cgi?id=1232900 * https://bugzilla.suse.com/show_bug.cgi?id=1238324 * https://bugzilla.suse.com/show_bug.cgi?id=1239077 * https://bugzilla.suse.com/show_bug.cgi?id=1239096 . New release for the Linux Kernel addressing various vulnerabilities impacting Debian systems, enhancing overall safety and reliability.. Linux Kernel Patch, SUSE Security Update, Kernel Vulnerabilities, Security Improvement, Linux Kernel Fixes. . Severity: Important. LinuxSecurity.com Team
The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2025-8314 http://linux.oracle.com/errata/ELSA-2025-8314.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: minizip-1.2.7-21.0.1.el7_9.i686.rpm minizip-1.2.7-21.0.1.el7_9.x86_64.rpm minizip-devel-1.2.7-21.0.1.el7_9.i686.rpm minizip-devel-1.2.7-21.0.1.el7_9.x86_64.rpm zlib-1.2.7-21.0.1.el7_9.i686.rpm zlib-1.2.7-21.0.1.el7_9.x86_64.rpm zlib-devel-1.2.7-21.0.1.el7_9.i686.rpm zlib-devel-1.2.7-21.0.1.el7_9.x86_64.rpm zlib-static-1.2.7-21.0.1.el7_9.i686.rpm zlib-static-1.2.7-21.0.1.el7_9.x86_64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates//zlib-1.2.7-21.0.1.el7_9.src.rpm Related CVEs: CVE-2016-9840 Description of changes: [1.2.7-21.0.1] - Resolves: CVE-2025-4638 [Orabug: 38010977] _______________________________________________ El-errata mailing list
An update that solves four vulnerabilities and has one security fix can now be installed.. # Security update for go1.24 Announcement ID: SUSE-SU-2025:01846-1 Release Date: 2025-06-09T18:34:33Z Rating: important References: * bsc#1236217 * bsc#1242715 * bsc#1244156 * bsc#1244157 * bsc#1244158 Cross-References: * CVE-2025-0913 * CVE-2025-22873 * CVE-2025-22874 * CVE-2025-4673 CVSS scores: * CVE-2025-0913 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-0913 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2025-22873 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-22873 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2025-22874 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-22874 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2025-4673 ( SUSE ): 8.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2025-4673 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N Affected Products: * Development Tools Module 15-SP6 * Development Tools Module 15-SP7 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux EnterpriseServer 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves four vulnerabilities and has one security fix can now be installed. ## Description: This update for go1.24 fixes the following issues: go1.24.4 (released 2025-06-05) includes security fixes to the crypto/x509, net/http, and os packages, as well as bug fixes to the linker, the go command, and the hash/maphash and os packages. ( bsc#1236217 go1.24 release tracking CVE-2025-22874 CVE-2025-0913 CVE-2025-4673) * CVE-2025-22874: crypto/x509: ExtKeyUsageAny bypasses policy validation (bsc#1244158) * CVE-2025-0913: os: inconsistent handling of O_CREATE|O_EXCL on Unix and Windows (bsc#1244157) * CVE-2025-4673: net/http: sensitive headers not cleared on cross-origin redirect (bsc#1244156) * os: Root.Mkdir creates directories with zero permissions on OpenBSD * hash/maphash: hashing channels with purego impl. of maphash.Comparable panics * runtime/debug: BuildSetting does not document DefaultGODEBUG * cmd/go: add fips140 module selection mechanism * cmd/link: Go 1.24.3 and 1.23.9 regression - duplicated definition of symbol dlopen * CVE-2025-22873: os: Root permits access to parent directory ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Development Tools Module 15-SP6 zypper in -t patchSUSE-SLE-Module-Development-Tools-15-SP6-2025-1846=1 * Development Tools Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP7-2025-1846=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1846=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1846=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1846=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1846=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1846=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1846=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1846=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1846=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1846=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1846=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1846=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1846=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1846=1 ## Package List: * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * Development Tools Module 15-SP7 (aarch64 ppc64le s390x x86_64) *go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * SUSE LinuxEnterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 ## References: * https://www.suse.com/security/cve/CVE-2025-0913.html * https://www.suse.com/security/cve/CVE-2025-22873.html * https://www.suse.com/security/cve/CVE-2025-22874.html * https://www.suse.com/security/cve/CVE-2025-4673.html * https://bugzilla.suse.com/show_bug.cgi?id=1236217 * https://bugzilla.suse.com/show_bug.cgi?id=1242715 * https://bugzilla.suse.com/show_bug.cgi?id=1244156 * https://bugzilla.suse.com/show_bug.cgi?id=1244157 * https://bugzilla.suse.com/show_bug.cgi?id=1244158 . This notice outlines critical security patches for the go1.24 module in openSUSE, addressing several potential threats.. go package, openSUSE security, important update, security fix, SUSE vulnerabilities. . Severity: Important. LinuxSecurity.com Team
* bsc#1236217 * bsc#1242715 * bsc#1244156 * bsc#1244157 * bsc#1244158 . # Security update for go1.24 Announcement ID: SUSE-SU-2025:01846-1 Release Date: 2025-06-09T18:34:33Z Rating: important References: * bsc#1236217 * bsc#1242715 * bsc#1244156 * bsc#1244157 * bsc#1244158 Cross-References: * CVE-2025-0913 * CVE-2025-22873 * CVE-2025-22874 * CVE-2025-4673 CVSS scores: * CVE-2025-0913 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-0913 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2025-22873 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-22873 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2025-22874 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-22874 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2025-4673 ( SUSE ): 8.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2025-4673 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N Affected Products: * Development Tools Module 15-SP6 * Development Tools Module 15-SP7 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS *SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves four vulnerabilities and has one security fix can now be installed. ## Description: This update for go1.24 fixes the following issues: go1.24.4 (released 2025-06-05) includes security fixes to the crypto/x509, net/http, and os packages, as well as bug fixes to the linker, the go command, and the hash/maphash and os packages. ( bsc#1236217 go1.24 release tracking CVE-2025-22874 CVE-2025-0913 CVE-2025-4673) * CVE-2025-22874: crypto/x509: ExtKeyUsageAny bypasses policy validation (bsc#1244158) * CVE-2025-0913: os: inconsistent handling of O_CREATE|O_EXCL on Unix and Windows (bsc#1244157) * CVE-2025-4673: net/http: sensitive headers not cleared on cross-origin redirect (bsc#1244156) * os: Root.Mkdir creates directories with zero permissions on OpenBSD * hash/maphash: hashing channels with purego impl. of maphash.Comparable panics * runtime/debug: BuildSetting does not document DefaultGODEBUG * cmd/go: add fips140 module selection mechanism * cmd/link: Go 1.24.3 and 1.23.9 regression - duplicated definition of symbol dlopen * CVE-2025-22873: os: Root permits access to parent directory ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-1846=1 *Development Tools Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP7-2025-1846=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1846=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1846=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1846=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1846=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1846=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1846=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1846=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1846=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1846=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1846=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1846=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1846=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1846=1 ## Package List: * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * Development Tools Module 15-SP7 (aarch64 ppc64le s390x x86_64) * go1.24-race-1.24.4-150000.1.26.1 *go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * SUSE Linux Enterprise Server for SAP Applications15 SP5 (ppc64le x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 ## References: * https://www.suse.com/security/cve/CVE-2025-0913.html * https://www.suse.com/security/cve/CVE-2025-22873.html * https://www.suse.com/security/cve/CVE-2025-22874.html * https://www.suse.com/security/cve/CVE-2025-4673.html * https://bugzilla.suse.com/show_bug.cgi?id=1236217 * https://bugzilla.suse.com/show_bug.cgi?id=1242715 * https://bugzilla.suse.com/show_bug.cgi?id=1244156 * https://bugzilla.suse.com/show_bug.cgi?id=1244157 * https://bugzilla.suse.com/show_bug.cgi?id=1244158 . Crucial patch release for the go1.24 module resolving various vulnerabilities affecting SUSE ecosystems.. SUSE Security Update, go Package Security, Linux Update, Linux Patch Management. . Severity: Important. LinuxSecurity.com Team
* bsc#1236701 * bsc#1239077 * bsc#1239096 Cross-References: . # Security update for the Linux Kernel RT (Live Patch 7 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:01839-1 Release Date: 2025-06-09T15:33:45Z Rating: important References: * bsc#1236701 * bsc#1239077 * bsc#1239096 Cross-References: * CVE-2024-57996 * CVE-2024-58013 * CVE-2025-21680 CVSS scores: * CVE-2024-57996 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57996 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-58013 ( SUSE ): 7.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-58013 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-58013 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21680 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21680 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21680 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_10_23 fixes several issues. The following security issues were fixed: * CVE-2025-21680: pktgen: Avoid out-of-bounds access in get_imix_entries (bsc#1236701). * CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync (bsc#1239096). * CVE-2024-57996: net_sched: sch_sfq: do not allow 1 packet limit (bsc#1239077). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE LinuxEnterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-1839=1 SUSE-SLE- Module-Live-Patching-15-SP6-2025-1842=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64) * kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo-9-150600.2.1 * kernel-livepatch-6_4_0-150600_10_23-rt-6-150600.2.1 * kernel-livepatch-6_4_0-150600_10_17-rt-9-150600.2.1 * kernel-livepatch-6_4_0-150600_10_23-rt-debuginfo-6-150600.2.1 * kernel-livepatch-SLE15-SP6-RT_Update_7-debugsource-6-150600.2.1 * kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource-9-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-57996.html * https://www.suse.com/security/cve/CVE-2024-58013.html * https://www.suse.com/security/cve/CVE-2025-21680.html * https://bugzilla.suse.com/show_bug.cgi?id=1236701 * https://bugzilla.suse.com/show_bug.cgi?id=1239077 * https://bugzilla.suse.com/show_bug.cgi?id=1239096 . SUSE Linux Kernel RT addresses significant vulnerabilities, resolving a severe buffer overflow along with memory management flaws. Find out how to apply the necessary patches.. SUSE Linux Kernel, Critical Update, Security Patch, Kernel Fixes. . Severity: Important. LinuxSecurity.com Team
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2025-8506 http://linux.oracle.com/errata/ELSA-2025-8506.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: nodejs-22.16.0-1.module+el8.10.0+90605+76e4d41a.x86_64.rpm nodejs-devel-22.16.0-1.module+el8.10.0+90605+76e4d41a.x86_64.rpm nodejs-docs-22.16.0-1.module+el8.10.0+90605+76e4d41a.noarch.rpm nodejs-full-i18n-22.16.0-1.module+el8.10.0+90605+76e4d41a.x86_64.rpm nodejs-libs-22.16.0-1.module+el8.10.0+90605+76e4d41a.x86_64.rpm nodejs-nodemon-3.0.1-1.module+el8.10.0+90605+76e4d41a.noarch.rpm nodejs-packaging-2021.06-4.module+el8.10.0+90605+76e4d41a.noarch.rpm nodejs-packaging-bundler-2021.06-4.module+el8.10.0+90605+76e4d41a.noarch.rpm npm-10.9.2-1.22.16.0.1.module+el8.10.0+90605+76e4d41a.x86_64.rpm v8-12.4-devel-12.4.254.21-1.22.16.0.1.module+el8.10.0+90605+76e4d41a.x86_64.rpm aarch64: nodejs-22.16.0-1.module+el8.10.0+90605+76e4d41a.aarch64.rpm nodejs-devel-22.16.0-1.module+el8.10.0+90605+76e4d41a.aarch64.rpm nodejs-docs-22.16.0-1.module+el8.10.0+90605+76e4d41a.noarch.rpm nodejs-full-i18n-22.16.0-1.module+el8.10.0+90605+76e4d41a.aarch64.rpm nodejs-libs-22.16.0-1.module+el8.10.0+90605+76e4d41a.aarch64.rpm nodejs-nodemon-3.0.1-1.module+el8.10.0+90605+76e4d41a.noarch.rpm nodejs-packaging-2021.06-4.module+el8.10.0+90605+76e4d41a.noarch.rpm nodejs-packaging-bundler-2021.06-4.module+el8.10.0+90605+76e4d41a.noarch.rpm npm-10.9.2-1.22.16.0.1.module+el8.10.0+90605+76e4d41a.aarch64.rpm v8-12.4-devel-12.4.254.21-1.22.16.0.1.module+el8.10.0+90605+76e4d41a.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//nodejs-22.16.0-1.module+el8.10.0+90605+76e4d41a.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//nodejs-nodemon-3.0.1-1.module+el8.10.0+90605+76e4d41a.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//nodejs-packaging-2021.06-4.module+el8.10.0+90605+76e4d41a.src.rpm Related CVEs: CVE-2025-23166 Description ofchanges: nodejs [1:22.15-1-1] - Update to 22.16.0 Fixes: CVE-2025-23166 - Resolves: RHEL-91596 RHEL-92859 [1:22.15.0-1] - Update to 22.15.0 - Drop upstream patches [1:22.13.1-4] - Patch fix for sqlite CVE-2025-31498 Resolves: RHEL-87300 [1:22.13.1-3] - Update c-ares to newest version with fix for CVE-2025-31498 Resolves: RHEL-86581 [1:22.13.1-2] - Remove obsolete lua pretransaction script from spec file Resolves: RHEL-81117 RHEL-71410 - Disable npm update notifications for users Resolves: RHEL-81080 [22.13.1-1] - Upgrade to version 22.13.1 Fixes CVE-2025-23083 CVE-2025-23085 CVE-2025-22150 Resolves: RHEL-76362 RHEL-76897 [22.11.0-1] - Upgrade to nodejs 22.11.0. Resolves: RHEL-35991 [22.4.1-4] - Exclude ix86 arches from building. Related: RHEL-35991 [22.4.1-4] - Initial import of nodeJS 22 Resolves: RHEL-35991 nodejs-nodemon nodejs-packaging _______________________________________________ El-errata mailing list
Get the latest Linux and open source security news straight to your inbox.