Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 573
Alerts This Week
Warning Icon 1 573

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 1,008 articles for you...
100

SUSE: 2025:02120-1 important: go1.24-openssl cross-origin leak

* bsc#1236217 * bsc#1244156 * bsc#1244157 * bsc#1244158 * jsc#SLE-18320 . # Security update for go1.24-openssl Announcement ID: SUSE-SU-2025:02120-1 Release Date: 2025-06-26T08:22:59Z Rating: important References: * bsc#1236217 * bsc#1244156 * bsc#1244157 * bsc#1244158 * jsc#SLE-18320 Cross-References: * CVE-2025-0913 * CVE-2025-22874 * CVE-2025-4673 CVSS scores: * CVE-2025-0913 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-0913 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2025-0913 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2025-22874 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-22874 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2025-22874 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2025-4673 ( SUSE ): 8.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2025-4673 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N * CVE-2025-4673 ( NVD ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities, contains one feature and has one security fix can now be installed. ## Description: This update for go1.24-openssl fixes the following issues: Update to version 1.24.4 (bsc#1236217): * CVE-2025-22874 crypto/x509: ExtKeyUsageAny bypasses policy validation (bsc#1244158). * CVE-2025-0913 os: inconsistent handling of O_CREATE|O_EXCL on Unix and Windows (bsc#1244157). * CVE-2025-4673 net/http: sensitive headers not cleared on cross-origin redirect (bsc#1244156). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2120=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-2120=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-2120=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2120=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2120=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2120=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2120=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-2120=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2120=1 * SUSE Linux Enterprise Server 15SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2120=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-2120=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2120=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * go1.24-openssl-1.24.4-150000.1.9.1 * go1.24-openssl-doc-1.24.4-150000.1.9.1 * go1.24-openssl-race-1.24.4-150000.1.9.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * go1.24-openssl-1.24.4-150000.1.9.1 * go1.24-openssl-doc-1.24.4-150000.1.9.1 * go1.24-openssl-race-1.24.4-150000.1.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * go1.24-openssl-1.24.4-150000.1.9.1 * go1.24-openssl-doc-1.24.4-150000.1.9.1 * go1.24-openssl-race-1.24.4-150000.1.9.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * go1.24-openssl-1.24.4-150000.1.9.1 * go1.24-openssl-doc-1.24.4-150000.1.9.1 * go1.24-openssl-race-1.24.4-150000.1.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * go1.24-openssl-1.24.4-150000.1.9.1 * go1.24-openssl-doc-1.24.4-150000.1.9.1 * go1.24-openssl-race-1.24.4-150000.1.9.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * go1.24-openssl-1.24.4-150000.1.9.1 * go1.24-openssl-doc-1.24.4-150000.1.9.1 * go1.24-openssl-race-1.24.4-150000.1.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * go1.24-openssl-1.24.4-150000.1.9.1 * go1.24-openssl-doc-1.24.4-150000.1.9.1 * go1.24-openssl-race-1.24.4-150000.1.9.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * go1.24-openssl-1.24.4-150000.1.9.1 * go1.24-openssl-doc-1.24.4-150000.1.9.1 *go1.24-openssl-race-1.24.4-150000.1.9.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * go1.24-openssl-1.24.4-150000.1.9.1 * go1.24-openssl-doc-1.24.4-150000.1.9.1 * go1.24-openssl-race-1.24.4-150000.1.9.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * go1.24-openssl-1.24.4-150000.1.9.1 * go1.24-openssl-doc-1.24.4-150000.1.9.1 * go1.24-openssl-race-1.24.4-150000.1.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * go1.24-openssl-1.24.4-150000.1.9.1 * go1.24-openssl-doc-1.24.4-150000.1.9.1 * go1.24-openssl-race-1.24.4-150000.1.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * go1.24-openssl-1.24.4-150000.1.9.1 * go1.24-openssl-doc-1.24.4-150000.1.9.1 * go1.24-openssl-race-1.24.4-150000.1.9.1 ## References: * https://www.suse.com/security/cve/CVE-2025-0913.html * https://www.suse.com/security/cve/CVE-2025-22874.html * https://www.suse.com/security/cve/CVE-2025-4673.html * https://bugzilla.suse.com/show_bug.cgi?id=1236217 * https://bugzilla.suse.com/show_bug.cgi?id=1244156 * https://bugzilla.suse.com/show_bug.cgi?id=1244157 * https://bugzilla.suse.com/show_bug.cgi?id=1244158 * https://jira.suse.com/login.jsp?permissionViolation=true&os_destination=%2Fbrowse%2FSLE-18320&page_caps=&user_role= . Critical announcement regarding SUSE go1.24-openssl addressing multiple security flaws. Immediate measures recommended for system protection.. SUSE Security Update, go1.24-openssl Patch, OpenSSL Vulnerabilities, SUSE Advisory Importance. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 26, 2025 Important SuSE
100

SUSE: 2025:01818-1 low: python-cryptography use-after-free issue

* bsc#1242631 Cross-References: * CVE-2025-3416 . # Security update for python-cryptography Announcement ID: SUSE-SU-2025:01818-1 Release Date: 2025-06-05T13:53:12Z Rating: low References: * bsc#1242631 Cross-References: * CVE-2025-3416 CVSS scores: * CVE-2025-3416 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-3416 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-3416 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.4 * Public Cloud Module 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for python-cryptography fixes the following issues: * CVE-2025-3416: openssl: use-after-free in `Md::fetch` and `Cipher::fetch` when `Some(...)` value passed as `properties` argument to either function (bsc#1242631). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2025-1818=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1818=1 ## Package List: * Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64) * python311-cryptography-41.0.3-150400.16.22.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * python311-cryptography-41.0.3-150400.16.22.1 ## References: * https://www.suse.com/security/cve/CVE-2025-3416.html * https://bugzilla.suse.com/show_bug.cgi?id=1242631 . SUSE patch resolves CVE-2025-3416, categorized with a low severity level. Important installationguidance provided.. SUSE Linux, python-cryptography, security update, CVE-2025-3416, use-after-free. . Severity: Low. LinuxSecurity.com Team

Calendar%202 Jun 05, 2025 Low SuSE
100

SUSE Linux Micro 6.0: 2025:20014-1 important: openssl DoS and other issues

* bsc#1220523 * bsc#1220690 * bsc#1220693 * bsc#1220696 * bsc#1221365 . # Security update for openssl-3, libpulp, ulp-macros Announcement ID: SUSE-SU-2025:20014-1 Release Date: 2025-02-03T08:48:39Z Rating: important References: * bsc#1220523 * bsc#1220690 * bsc#1220693 * bsc#1220696 * bsc#1221365 * bsc#1221751 * bsc#1221752 * bsc#1221753 * bsc#1221760 * bsc#1221763 * bsc#1221786 * bsc#1221787 * bsc#1221821 * bsc#1221822 * bsc#1221824 * bsc#1221827 * bsc#1222548 * bsc#1222899 * bsc#1223306 * bsc#1223336 * bsc#1223428 * bsc#1224388 * bsc#1225291 * bsc#1225551 * bsc#1226463 * bsc#1227138 * bsc#1229465 Cross-References: * CVE-2024-2511 * CVE-2024-4603 * CVE-2024-4741 * CVE-2024-5535 * CVE-2024-6119 CVSS scores: * CVE-2024-2511 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-2511 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-4603 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-4603 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-4741 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-4741 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-5535 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-6119 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-6119 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-6119 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-6119 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.0 An update that solves five vulnerabilities and has 22 fixes can now be installed. ## Description: This update for openssl-3, libpulp, ulp-macros fixes the following issues: openssl-3: \- CVE-2024-6119: possible denial of service in X.509 name checks (bsc#1229465) \- CVE-2024-5535: SSL_select_next_protobuffer overread (bsc#1227138) \- CVE-2024-4741: Fixed a use-after-free with SSL_free_buffers (bsc#1225551) \- CVE-2024-4603: Check DSA parameters for excessive sizes before validating (bsc#1224388) \- CVE-2024-2511: Fix unconstrained session cache growth in TLSv1.3 (bsc#1222548) \- FIPS: Deny SHA-1 signature verification in FIPS provider (bsc#1221365) \- FIPS: RSA keygen PCT requirements. (bsc#1221760, bsc#1221753) \- FIPS: Check that the fips provider is available before setting it as the default provider in FIPS mode. (bsc#1220523) \- FIPS: Port openssl to use jitterentropy (bsc#1220523) \- FIPS: Block non-Approved Elliptic Curves (bsc#1221786) \- FIPS: Service Level Indicator (bsc#1221365) \- FIPS: Output the FIPS-validation name and module version which uniquely identify the FIPS validated module. (bsc#1221751) \- FIPS: Add required selftests (bsc#1221760) \- FIPS: DH: Disable FIPS 186-4 Domain Parameters (bsc#1221821) \- FIPS: Recommendation for Password-Based Key Derivation (bsc#1221827) \- FIPS: Zeroization is required (bsc#1221752) \- FIPS: Reseed DRBG (bsc#1220690, bsc#1220693, bsc#1220696) \- FIPS: NIST SP 800-56Brev2 (bsc#1221824) \- FIPS: Approved Modulus Sizes for RSA Digital Signature for FIPS 186-4 (bsc#1221787) \- FIPS: Port openssl to use jitterentropy (bsc#1220523) \- FIPS: NIST SP 800-56Arev3 (bsc#1221822) \- FIPS: Error state has to be enforced (bsc#1221753) \- Build with enabled sm2 and sm4 support (bsc#1222899) \- fix non-reproducible build issue \- Fix HDKF key derivation (bsc#1225291) \- Enable livepatching support (bsc#1223428) libpulp: \- Update package with libpulp-0.3.5 * Change .so load policy from lazy to eager. * Fix patch of references when mprotect is enabled. * Fix tramposed calloc arguments. * Fix crash of ulp packer on empty lines. * Disabled ptrace_scope through aaa_base-enable-ptrace package (bsc#1221763). * Update package with libpulp-0.3.4: * Add debuginfo into ulp extract. * Disabled ptrace_scope when building the package (bsc#1221763). * Update packagewith libpulp-0.3.3: * Fixed a race condition when process list is empty. * Removed "Unable to get section data" error message (bsc#1223306). * Bumped asunsafe_conversion attempts from 100 to 2000. * Fixed banner test on clang-18. * Check if ptrace_scope is enabled when attempting a ptrace operation (bsc#1221763). * Update package with libpulp-0.3.1: * Add timestamp information on `ulp patches`. ulp-macros: \- Initial release. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-58=1 ## Package List: * SUSE Linux Micro 6.0 (x86_64) * libpulp0-debuginfo-0.3.5-1.1 * libpulp-tools-debuginfo-0.3.5-1.1 * libpulp-debugsource-0.3.5-1.1 * libpulp0-0.3.5-1.1 * libpulp-tools-0.3.5-1.1 * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * libopenssl-3-fips-provider-debuginfo-3.1.4-6.1 * openssl-3-debuginfo-3.1.4-6.1 * jitterentropy-devel-3.4.1-3.1 * libopenssl3-3.1.4-6.1 * openssl-3-debugsource-3.1.4-6.1 * openssl-3-3.1.4-6.1 * libopenssl-3-fips-provider-3.1.4-6.1 * libjitterentropy3-3.4.1-3.1 * libopenssl-3-devel-3.1.4-6.1 * libopenssl3-debuginfo-3.1.4-6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-2511.html * https://www.suse.com/security/cve/CVE-2024-4603.html * https://www.suse.com/security/cve/CVE-2024-4741.html * https://www.suse.com/security/cve/CVE-2024-5535.html * https://www.suse.com/security/cve/CVE-2024-6119.html * https://bugzilla.suse.com/show_bug.cgi?id=1220523 * https://bugzilla.suse.com/show_bug.cgi?id=1220690 * https://bugzilla.suse.com/show_bug.cgi?id=1220693 * https://bugzilla.suse.com/show_bug.cgi?id=1220696 * https://bugzilla.suse.com/show_bug.cgi?id=1221365 * https://bugzilla.suse.com/show_bug.cgi?id=1221751 *https://bugzilla.suse.com/show_bug.cgi?id=1221752 * https://bugzilla.suse.com/show_bug.cgi?id=1221753 * https://bugzilla.suse.com/show_bug.cgi?id=1221760 * https://bugzilla.suse.com/show_bug.cgi?id=1221763 * https://bugzilla.suse.com/show_bug.cgi?id=1221786 * https://bugzilla.suse.com/show_bug.cgi?id=1221787 * https://bugzilla.suse.com/show_bug.cgi?id=1221821 * https://bugzilla.suse.com/show_bug.cgi?id=1221822 * https://bugzilla.suse.com/show_bug.cgi?id=1221824 * https://bugzilla.suse.com/show_bug.cgi?id=1221827 * https://bugzilla.suse.com/show_bug.cgi?id=1222548 * https://bugzilla.suse.com/show_bug.cgi?id=1222899 * https://bugzilla.suse.com/show_bug.cgi?id=1223306 * https://bugzilla.suse.com/show_bug.cgi?id=1223336 * https://bugzilla.suse.com/show_bug.cgi?id=1223428 * https://bugzilla.suse.com/show_bug.cgi?id=1224388 * https://bugzilla.suse.com/show_bug.cgi?id=1225291 * https://bugzilla.suse.com/show_bug.cgi?id=1225551 * https://bugzilla.suse.com/show_bug.cgi?id=1226463 * https://bugzilla.suse.com/show_bug.cgi?id=1227138 * https://bugzilla.suse.com/show_bug.cgi?id=1229465 . An essential patch for SUSE Linux Micro addressing several vulnerabilities in openssl, libpulp, and ulp-macros to improve system security.. SUSE Linux Micro, openssl security update, libpulp fixes, ulp-macros vulnerabilities. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 04, 2025 Important SuSE
100

SUSE: 2025:20014-1 important: openssl-3 DoS issue resolved

* bsc#1220523 * bsc#1220690 * bsc#1220693 * bsc#1220696 * bsc#1221365 . # Security update for openssl-3, libpulp, ulp-macros Announcement ID: SUSE-SU-2025:20014-1 Release Date: 2025-02-03T08:48:39Z Rating: important References: * bsc#1220523 * bsc#1220690 * bsc#1220693 * bsc#1220696 * bsc#1221365 * bsc#1221751 * bsc#1221752 * bsc#1221753 * bsc#1221760 * bsc#1221763 * bsc#1221786 * bsc#1221787 * bsc#1221821 * bsc#1221822 * bsc#1221824 * bsc#1221827 * bsc#1222548 * bsc#1222899 * bsc#1223306 * bsc#1223336 * bsc#1223428 * bsc#1224388 * bsc#1225291 * bsc#1225551 * bsc#1226463 * bsc#1227138 * bsc#1229465 Cross-References: * CVE-2024-2511 * CVE-2024-4603 * CVE-2024-4741 * CVE-2024-5535 * CVE-2024-6119 CVSS scores: * CVE-2024-2511 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-2511 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-4603 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-4603 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-4741 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-4741 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-5535 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-6119 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-6119 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-6119 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-6119 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.0 An update that solves five vulnerabilities and has 22 fixes can now be installed. ## Description: This update for openssl-3, libpulp, ulp-macros fixes the following issues: openssl-3: \- CVE-2024-6119: possible denial of service in X.509 name checks (bsc#1229465) \- CVE-2024-5535: SSL_select_next_protobuffer overread (bsc#1227138) \- CVE-2024-4741: Fixed a use-after-free with SSL_free_buffers (bsc#1225551) \- CVE-2024-4603: Check DSA parameters for excessive sizes before validating (bsc#1224388) \- CVE-2024-2511: Fix unconstrained session cache growth in TLSv1.3 (bsc#1222548) \- FIPS: Deny SHA-1 signature verification in FIPS provider (bsc#1221365) \- FIPS: RSA keygen PCT requirements. (bsc#1221760, bsc#1221753) \- FIPS: Check that the fips provider is available before setting it as the default provider in FIPS mode. (bsc#1220523) \- FIPS: Port openssl to use jitterentropy (bsc#1220523) \- FIPS: Block non-Approved Elliptic Curves (bsc#1221786) \- FIPS: Service Level Indicator (bsc#1221365) \- FIPS: Output the FIPS-validation name and module version which uniquely identify the FIPS validated module. (bsc#1221751) \- FIPS: Add required selftests (bsc#1221760) \- FIPS: DH: Disable FIPS 186-4 Domain Parameters (bsc#1221821) \- FIPS: Recommendation for Password-Based Key Derivation (bsc#1221827) \- FIPS: Zeroization is required (bsc#1221752) \- FIPS: Reseed DRBG (bsc#1220690, bsc#1220693, bsc#1220696) \- FIPS: NIST SP 800-56Brev2 (bsc#1221824) \- FIPS: Approved Modulus Sizes for RSA Digital Signature for FIPS 186-4 (bsc#1221787) \- FIPS: Port openssl to use jitterentropy (bsc#1220523) \- FIPS: NIST SP 800-56Arev3 (bsc#1221822) \- FIPS: Error state has to be enforced (bsc#1221753) \- Build with enabled sm2 and sm4 support (bsc#1222899) \- fix non-reproducible build issue \- Fix HDKF key derivation (bsc#1225291) \- Enable livepatching support (bsc#1223428) libpulp: \- Update package with libpulp-0.3.5 * Change .so load policy from lazy to eager. * Fix patch of references when mprotect is enabled. * Fix tramposed calloc arguments. * Fix crash of ulp packer on empty lines. * Disabled ptrace_scope through aaa_base-enable-ptrace package (bsc#1221763). * Update package with libpulp-0.3.4: * Add debuginfo into ulp extract. * Disabled ptrace_scope when building the package (bsc#1221763). * Update packagewith libpulp-0.3.3: * Fixed a race condition when process list is empty. * Removed "Unable to get section data" error message (bsc#1223306). * Bumped asunsafe_conversion attempts from 100 to 2000. * Fixed banner test on clang-18. * Check if ptrace_scope is enabled when attempting a ptrace operation (bsc#1221763). * Update package with libpulp-0.3.1: * Add timestamp information on `ulp patches`. ulp-macros: \- Initial release. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-58=1 ## Package List: * SUSE Linux Micro 6.0 (x86_64) * libpulp-tools-debuginfo-0.3.5-1.1 * libpulp-debugsource-0.3.5-1.1 * libpulp0-debuginfo-0.3.5-1.1 * libpulp-tools-0.3.5-1.1 * libpulp0-0.3.5-1.1 * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * libopenssl-3-devel-3.1.4-6.1 * openssl-3-3.1.4-6.1 * libjitterentropy3-3.4.1-3.1 * openssl-3-debuginfo-3.1.4-6.1 * libopenssl-3-fips-provider-debuginfo-3.1.4-6.1 * jitterentropy-devel-3.4.1-3.1 * libopenssl3-debuginfo-3.1.4-6.1 * libopenssl-3-fips-provider-3.1.4-6.1 * libopenssl3-3.1.4-6.1 * openssl-3-debugsource-3.1.4-6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-2511.html * https://www.suse.com/security/cve/CVE-2024-4603.html * https://www.suse.com/security/cve/CVE-2024-4741.html * https://www.suse.com/security/cve/CVE-2024-5535.html * https://www.suse.com/security/cve/CVE-2024-6119.html * https://bugzilla.suse.com/show_bug.cgi?id=1220523 * https://bugzilla.suse.com/show_bug.cgi?id=1220690 * https://bugzilla.suse.com/show_bug.cgi?id=1220693 * https://bugzilla.suse.com/show_bug.cgi?id=1220696 * https://bugzilla.suse.com/show_bug.cgi?id=1221365 * https://bugzilla.suse.com/show_bug.cgi?id=1221751 *https://bugzilla.suse.com/show_bug.cgi?id=1221752 * https://bugzilla.suse.com/show_bug.cgi?id=1221753 * https://bugzilla.suse.com/show_bug.cgi?id=1221760 * https://bugzilla.suse.com/show_bug.cgi?id=1221763 * https://bugzilla.suse.com/show_bug.cgi?id=1221786 * https://bugzilla.suse.com/show_bug.cgi?id=1221787 * https://bugzilla.suse.com/show_bug.cgi?id=1221821 * https://bugzilla.suse.com/show_bug.cgi?id=1221822 * https://bugzilla.suse.com/show_bug.cgi?id=1221824 * https://bugzilla.suse.com/show_bug.cgi?id=1221827 * https://bugzilla.suse.com/show_bug.cgi?id=1222548 * https://bugzilla.suse.com/show_bug.cgi?id=1222899 * https://bugzilla.suse.com/show_bug.cgi?id=1223306 * https://bugzilla.suse.com/show_bug.cgi?id=1223336 * https://bugzilla.suse.com/show_bug.cgi?id=1223428 * https://bugzilla.suse.com/show_bug.cgi?id=1224388 * https://bugzilla.suse.com/show_bug.cgi?id=1225291 * https://bugzilla.suse.com/show_bug.cgi?id=1225551 * https://bugzilla.suse.com/show_bug.cgi?id=1226463 * https://bugzilla.suse.com/show_bug.cgi?id=1227138 * https://bugzilla.suse.com/show_bug.cgi?id=1229465 . This SUSE advisory emphasizes essential upgrades for openssl-3, libpulp, and ulp-macros to resolve significant vulnerabilities and corrections.. openssl update, libpulp fixes, security patch SUSE, SUSE security advisory. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 04, 2025 Important SuSE
100

SUSE: 2025:20081-1 important: openssl-3 Denial of Service Fix

* bsc#1220262 * bsc#1230698 Cross-References: * CVE-2023-50782 . # Security update for openssl-3 Announcement ID: SUSE-SU-2025:20081-1 Release Date: 2025-02-03T09:06:02Z Rating: important References: * bsc#1220262 * bsc#1230698 Cross-References: * CVE-2023-50782 * CVE-2024-41996 CVSS scores: * CVE-2023-50782 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-50782 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-50782 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-41996 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-41996 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves two vulnerabilities can now be installed. ## Description: This update for openssl-3 fixes the following issues: * CVE-2024-41996: Fixed a denial of service in the Diffie-Hellman Key Agreement Protocol (bsc#1230698). * CVE-2023-50782: Implicit rejection in PKCS#1 v1.5 (bsc#1220262) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-201=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * libopenssl3-3.1.4-7.1 * openssl-3-3.1.4-7.1 * libopenssl3-debuginfo-3.1.4-7.1 * libopenssl-3-fips-provider-3.1.4-7.1 * openssl-3-debugsource-3.1.4-7.1 * openssl-3-debuginfo-3.1.4-7.1 * libopenssl-3-devel-3.1.4-7.1 * libopenssl-3-fips-provider-debuginfo-3.1.4-7.1 ## References: * https://www.suse.com/security/cve/CVE-2023-50782.html * https://www.suse.com/security/cve/CVE-2024-41996.html * https://bugzilla.suse.com/show_bug.cgi?id=1220262 * https://bugzilla.suse.com/show_bug.cgi?id=1230698 . Urgent openssl-3 upgrade for SUSE addressessignificant vulnerabilities threatening users; immediate patch released.. Suse Security Update, openssl patch, SUSE vulnerabilities, software security advisory. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 04, 2025 Important SuSE
100

SUSE: 2025:20233-1 moderate: openssl-3 timing attack vulnerability

* bsc#1236136 Cross-References: * CVE-2024-13176 . # Security update for openssl-3 Announcement ID: SUSE-SU-2025:20233-1 Release Date: 2025-03-07T16:28:37Z Rating: moderate References: * bsc#1236136 Cross-References: * CVE-2024-13176 CVSS scores: * CVE-2024-13176 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-13176 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-13176 ( NVD ): 4.1 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L Affected Products: * SUSE Linux Micro 6.1 An update that solves one vulnerability can now be installed. ## Description: This update for openssl-3 fixes the following issues: * CVE-2024-13176: Fixed timing side-channel in the ECDSA signature computation(bsc#1236136). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-31=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * openssl-3-debugsource-3.1.4-slfo.1.1_4.1 * openssl-3-3.1.4-slfo.1.1_4.1 * libopenssl3-3.1.4-slfo.1.1_4.1 * libopenssl3-debuginfo-3.1.4-slfo.1.1_4.1 * libopenssl-3-fips-provider-debuginfo-3.1.4-slfo.1.1_4.1 * libopenssl-3-devel-3.1.4-slfo.1.1_4.1 * libopenssl-3-fips-provider-3.1.4-slfo.1.1_4.1 * openssl-3-debuginfo-3.1.4-slfo.1.1_4.1 ## References: * https://www.suse.com/security/cve/CVE-2024-13176.html * https://bugzilla.suse.com/show_bug.cgi?id=1236136 . This notice outlines a significant security revision for openssl-3 resolving a timing vulnerability for SUSE Micro.. SUSE Update, OpenSSL Patch, Security Advisory, Timing Attack, Software Update. . LinuxSecurity.com Team

Calendar%202 Jun 04, 2025 SuSE
100

SUSE Linux Micro 6.0 moderate: 2025:20352-1 s390-tools Use-After-Free

* bsc#1242622 Cross-References: * CVE-2025-3416 . # Security update for s390-tools Announcement ID: SUSE-SU-2025:20352-1 Release Date: May 23, 2025, 7:48 a.m. Rating: moderate References: * bsc#1242622 Cross-References: * CVE-2025-3416 CVSS scores: * CVE-2025-3416 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-3416 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-3416 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Micro 6.0 An update that solves one vulnerability can now be installed. ## Description: This update for s390-tools fixes the following issues: * CVE-2025-3416: s390-tools: openssl: Fixed Use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate (bsc#1242622) * Amended the .spec file * Updated the '_service' file * Removed the obsolete file 'cargo_config' * Updated 'cputype' and 'read_value.c' * Added the new IBM z17 (9175) processor type ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-335=1 ## Package List: * SUSE Linux Micro 6.0 (s390x) * libekmfweb1-2.31.0-2.1 * s390-tools-debugsource-2.31.0-2.1 * libekmfweb1-debuginfo-2.31.0-2.1 * s390-tools-2.31.0-2.1 * libkmipclient1-debuginfo-2.31.0-2.1 * libkmipclient1-2.31.0-2.1 * s390-tools-debuginfo-2.31.0-2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-3416.html * https://bugzilla.suse.com/show_bug.cgi?id=1242622 . The latest SUSE release tackles a medium-severity vulnerability in s390-tools associated with a Use-After-Free flaw in openssl. Execute installation using the zypper command.. SUSE Linux, s390-tools update, openssl issue, Linux security, system patching. . LinuxSecurity.com Team

Calendar%202 May 29, 2025 SuSE
100

SUSE: 2025:01731-1 moderate: go1.23-openssl security update

* bsc#1229122 * bsc#1236045 * bsc#1236046 * bsc#1236801 * bsc#1238572 . # Security update for go1.23-openssl Announcement ID: SUSE-SU-2025:01731-1 Release Date: 2025-05-28T14:33:28Z Rating: moderate References: * bsc#1229122 * bsc#1236045 * bsc#1236046 * bsc#1236801 * bsc#1238572 * bsc#1240550 * jsc#SLE-18320 Cross-References: * CVE-2024-45336 * CVE-2024-45341 * CVE-2025-22866 * CVE-2025-22870 * CVE-2025-22871 CVSS scores: * CVE-2024-45336 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-45336 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-45341 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-45341 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2025-22866 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-22866 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2025-22866 ( NVD ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2025-22870 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-22870 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2025-22870 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2025-22871 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N * CVE-2025-22871 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-22871 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High PerformanceComputing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves five vulnerabilities, contains one feature and has one security fix can now be installed. ## Description: This update for go1.23-openssl fixes the following issues: Update to version 1.23.9 (bsc#1229122): Security fixes: * CVE-2024-45336: net/http: sensitive headers incorrectly sent after cross- domain redirect (bsc#1236046) * CVE-2024-45341: crypto/x509: usage of IPv6 zone IDs can bypass URI name constraints (bsc#1236045) * CVE-2025-22866: crypto/internal/fips140/nistec: p256NegCond is variable time on ppc64le (bsc#1236801) * CVE-2025-22870: net/http, x/net/proxy, x/net/http/httpproxy: proxy bypass using IPv6 zone IDs (bsc#1238572) * CVE-2025-22871: net/http: reject bare LF in chunked encoding (bsc#1240550) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1731=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1731=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1731=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patchSUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1731=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1731=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1731=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1731=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1731=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1731=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1731=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1731=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1731=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * go1.23-openssl-race-1.23.9-150000.1.9.1 * go1.23-openssl-1.23.9-150000.1.9.1 * go1.23-openssl-debuginfo-1.23.9-150000.1.9.1 * go1.23-openssl-doc-1.23.9-150000.1.9.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * go1.23-openssl-race-1.23.9-150000.1.9.1 * go1.23-openssl-1.23.9-150000.1.9.1 * go1.23-openssl-debuginfo-1.23.9-150000.1.9.1 * go1.23-openssl-doc-1.23.9-150000.1.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * go1.23-openssl-race-1.23.9-150000.1.9.1 * go1.23-openssl-1.23.9-150000.1.9.1 * go1.23-openssl-debuginfo-1.23.9-150000.1.9.1 * go1.23-openssl-doc-1.23.9-150000.1.9.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * go1.23-openssl-race-1.23.9-150000.1.9.1 * go1.23-openssl-1.23.9-150000.1.9.1 *go1.23-openssl-debuginfo-1.23.9-150000.1.9.1 * go1.23-openssl-doc-1.23.9-150000.1.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * go1.23-openssl-race-1.23.9-150000.1.9.1 * go1.23-openssl-1.23.9-150000.1.9.1 * go1.23-openssl-debuginfo-1.23.9-150000.1.9.1 * go1.23-openssl-doc-1.23.9-150000.1.9.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * go1.23-openssl-race-1.23.9-150000.1.9.1 * go1.23-openssl-1.23.9-150000.1.9.1 * go1.23-openssl-debuginfo-1.23.9-150000.1.9.1 * go1.23-openssl-doc-1.23.9-150000.1.9.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * go1.23-openssl-race-1.23.9-150000.1.9.1 * go1.23-openssl-1.23.9-150000.1.9.1 * go1.23-openssl-debuginfo-1.23.9-150000.1.9.1 * go1.23-openssl-doc-1.23.9-150000.1.9.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * go1.23-openssl-race-1.23.9-150000.1.9.1 * go1.23-openssl-1.23.9-150000.1.9.1 * go1.23-openssl-debuginfo-1.23.9-150000.1.9.1 * go1.23-openssl-doc-1.23.9-150000.1.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * go1.23-openssl-race-1.23.9-150000.1.9.1 * go1.23-openssl-1.23.9-150000.1.9.1 * go1.23-openssl-debuginfo-1.23.9-150000.1.9.1 * go1.23-openssl-doc-1.23.9-150000.1.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * go1.23-openssl-race-1.23.9-150000.1.9.1 * go1.23-openssl-1.23.9-150000.1.9.1 * go1.23-openssl-debuginfo-1.23.9-150000.1.9.1 * go1.23-openssl-doc-1.23.9-150000.1.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * go1.23-openssl-race-1.23.9-150000.1.9.1 * go1.23-openssl-1.23.9-150000.1.9.1 * go1.23-openssl-debuginfo-1.23.9-150000.1.9.1 * go1.23-openssl-doc-1.23.9-150000.1.9.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * go1.23-openssl-race-1.23.9-150000.1.9.1 *go1.23-openssl-1.23.9-150000.1.9.1 * go1.23-openssl-debuginfo-1.23.9-150000.1.9.1 * go1.23-openssl-doc-1.23.9-150000.1.9.1 ## References: * https://www.suse.com/security/cve/CVE-2024-45336.html * https://www.suse.com/security/cve/CVE-2024-45341.html * https://www.suse.com/security/cve/CVE-2025-22866.html * https://www.suse.com/security/cve/CVE-2025-22870.html * https://www.suse.com/security/cve/CVE-2025-22871.html * https://bugzilla.suse.com/show_bug.cgi?id=1229122 * https://bugzilla.suse.com/show_bug.cgi?id=1236045 * https://bugzilla.suse.com/show_bug.cgi?id=1236046 * https://bugzilla.suse.com/show_bug.cgi?id=1236801 * https://bugzilla.suse.com/show_bug.cgi?id=1238572 * https://bugzilla.suse.com/show_bug.cgi?id=1240550 * https://jira.suse.com/login.jsp?permissionViolation=true&os_destination=%2Fbrowse%2FSLE-18320&page_caps=&user_role= . The latest patch for go1.23-openssl tackles various vulnerabilities found in SUSE offerings, enhancing overall system protection and stability.. SUSE Linux Enterprise, go1.23-openssl, security update, threat management. . LinuxSecurity.com Team

Calendar%202 May 28, 2025 SuSE
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200