Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -7 articles for you...
100
security advisorySuSEimportantSUSE Multi-Linux Manager 5.0 Important Update for CVE-2024-29371
An update that solves one vulnerability, contains one feature and has 41 security fixes can now be installed.. # Maintenance update for Multi-Linux Manager 5.0: Server, Proxy and Retail Branch Server Announcement ID: SUSE-SU-2026:1010-1 Release Date: 2026-03-25T10:10:03Z Rating: important References: * bsc#1220899 * bsc#1237181 * bsc#1244177 * bsc#1246315 * bsc#1247544 * bsc#1247722 * bsc#1248783 * bsc#1249041 * bsc#1249425 * bsc#1250561 * bsc#1251865 * bsc#1251995 * bsc#1252098 * bsc#1252388 * bsc#1252638 * bsc#1252665 * bsc#1252908 * bsc#1252937 * bsc#1253174 * bsc#1253197 * bsc#1253249 * bsc#1253285 * bsc#1253322 * bsc#1253501 * bsc#1253659 * bsc#1253660 * bsc#1253711 * bsc#1253712 * bsc#1253773 * bsc#1254251 * bsc#1255089 * bsc#1255176 * bsc#1255298 * bsc#1255634 * bsc#1255653 * bsc#1255743 * bsc#1255857 * bsc#1256991 * bsc#1257255 * bsc#1257538 * bsc#1257992 * bsc#1259057 * jsc#MSQA-1045 Cross-References: * CVE-2024-29371 CVSS scores: * CVE-2024-29371 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-29371 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-29371 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Manager Proxy 5.0 Extension * SUSE Manager Retail Branch Server 5.0 Extension * SUSE Manager Server 5.0 Extension An update that solves one vulnerability, contains one feature and has 41 security fixes can now be installed. ## Security update 5.0.7 for Multi-Linux Manager Proxy ### Description: This update fixes the following issues: branch-network-formula: * Update to version 1.1.0 * Enable containers on SLE15SP7 * Exclude podman interfaces from sysctl setting cobbler: * Compatibility fixes for tftpboot directory setup inter-server-sync: * Version 0.3.10-0 * Write log to arotated file without rsyslog and logrotate * Recreate cobbler entries on the import (bsc#1220899) * remove support for 4.2 file based pillars * use correct hostname detection for 5.x servers (bsc#1253322) jose4j: * CVE-2024-29371: Safeguard against excessive resource utilization by restricting the size of data during JWE payload decompression (bsc#1255298) liberate-formula: * Version 0.1.2 * Add option to prevent logo packages from being installed spacecmd: * Version 5.0.15-0 * Fix typo in spacecmd help ca-cert flag (bsc#1253174) * Convert cached IDs to int (bsc#1251995) * Fix spacecmd binary file upload (bsc#1253659) spacewalk-backend: * Version 5.0.17-0 * Fix reposync mediaproduct fetch when URL contains auth token (bsc#1252388) spacewalk-certs-tools: * Version 5.0.13-0 * Fix bootstrap script for SLM 6.2 (bsc#1257992) * Fix failing bootstrap with bootstrap script on SLES 16 and SL Micro 6.2 (bsc#1256991) spacewalk-client-tools: * Version 5.0.12-0 * Update translation strings spacewalk-config: * Version 5.0.9-0 * Enable HSTS in Apache config (bsc#1255176) * Force SameSite=Lax on all Set-Cookie headers (bsc#1253711) spacewalk-java: * Version 5.0.31-0 * Commit DB changes before refreshing pillar for SSH push minions (bsc#1253712) * Fix http proxy verification (bsc#1253501) * Fix: Broken URL in API docs (bsc#1244177) * Fix crash in ubuntu errata sync on deleted channel ids (bsc#1250561) * Fix dnf updateinfo showing wrong severity for security updates (bsc#1252937) * Add details on config channels and state order in UI (bsc#1253285) * fix reposync crashing at metadata generation (bsc#1257538) * Block multiple versions of the same package from being locked (bsc#1246315) * Use PackageEvr instead of string for fix_version (bsc#1252638) * Add multi-thread support for message queue (bsc#1247722) * Fix ungrouped systems list menu item (bsc#1254251) spacewalk-proxy: * Version 5.0.8-0 * Disable listing the content of /icons(bsc#1247544) spacewalk-proxy-installer: * Version 5.0.3-0 * Configure squid replacement policy properly before cache dir (bsc#1253773) spacewalk-web: * Version 5.0.26-0 * Update web UI dependencies * Add details on config channels and state order in UI (bsc#1253285) susemanager: * Version 5.0.17-0 * Fix the product ids of client tools channels * Fixed the package name to correct one (bsc#1255089) susemanager-build-keys: * Add openSUSE Backports for SUSE Linux 16 key (bsc#1257255) susemanager-docs_en: * Updated the screenshots in multiple sections in Installation and Upgrade Guide * Reformatted storage-scripts table to use plain paragraphs instead of bullet lists to fix po4a extraction issue causing missing bullets in CJK translations * Added a warning for all instances where mgradm upgrade podman is used * Added section about container-based Kiwi image build support to Administration guide (bsc#1251865) * Included global GPG decryption for pillar data in specialized guide (bsc#1255743) * CIS removed from list of supported OpenSCAP profiles * Changes example for the third-party repository GPG keys (bsc#1255857) * Added SLE16 and openSUSE Leap 16 as supported clients * Explained how to generate the proxy certificates on a peripheral server (bsc#1249425) * Improved procedure formatting for better clarity in Administration Guide (bsc#1253660) * Added links to man pages for createrepo_c and reprepro to Administration Guide (bsc#1237181) * Added missing options to command example in Installation and Upgrade Guide (bsc#1252908) * Added non-SUSE URLs to requirements in installation and Upgrade Guide (bsc#1252665) * Fixed typo for command options in Reference Guide (bsc#1253174) * Added additional step for client deletion in Client Configuration Guide (bsc#1253249) * Clarified server config option for spacemd in Refrence Guide (bsc#1253197) * Changed the installation instructions to use product instead of packages (bsc#1249041) susemanager-schema: * Version 5.0.18-0 * Refactor oval related tables (bsc#1252638) * Increase size of column 'context' on tables 'suseappstream' and 'suseserverappstream' (bsc#1255653) * Add leftovers of partially missing ARMHF for Debian (bsc#1248783) susemanager-sls: * Version 5.0.21-0 * Fix error on shutdown for sles 12 (bsc#1255634) * Fix bootstrap for SLM 6.2 and newer (bsc#1257992) * Make mgr_events salt engine non-blocking on reading events * Avoid losing the events on DB connection issues (bsc#1252098) ## Security update 5.0.7 for Multi-Linux Manager Retail Branch Server ### Description: This update fixes the following issues: branch-network-formula: * Update to version 1.1.0 * Enable containers on SLE15SP7 * Exclude podman interfaces from sysctl setting cobbler: * Compatibility fixes for tftpboot directory setup inter-server-sync: * Version 0.3.10-0 * Write log to a rotated file without rsyslog and logrotate * Recreate cobbler entries on the import (bsc#1220899) * remove support for 4.2 file based pillars * use correct hostname detection for 5.x servers (bsc#1253322) jose4j: * CVE-2024-29371: Safeguard against excessive resource utilization by restricting the size of data during JWE payload decompression (bsc#1255298) liberate-formula: * Version 0.1.2 * Add option to prevent logo packages from being installed spacecmd: * Version 5.0.15-0 * Fix typo in spacecmd help ca-cert flag (bsc#1253174) * Convert cached IDs to int (bsc#1251995) * Fix spacecmd binary file upload (bsc#1253659) spacewalk-backend: * Version 5.0.17-0 * Fix reposync mediaproduct fetch when URL contains auth token (bsc#1252388) spacewalk-certs-tools: * Version 5.0.13-0 * Fix bootstrap script for SLM 6.2 (bsc#1257992) * Fix failing bootstrap with bootstrap script on SLES 16 and SL Micro 6.2 (bsc#1256991) spacewalk-client-tools: * Version 5.0.12-0 * Update translation strings spacewalk-config: * Version 5.0.9-0 *Enable HSTS in Apache config (bsc#1255176) * Force SameSite=Lax on all Set-Cookie headers (bsc#1253711) spacewalk-java: * Version 5.0.31-0 * Commit DB changes before refreshing pillar for SSH push minions (bsc#1253712) * Fix http proxy verification (bsc#1253501) * Fix: Broken URL in API docs (bsc#1244177) * Fix crash in ubuntu errata sync on deleted channel ids (bsc#1250561) * Fix dnf updateinfo showing wrong severity for security updates (bsc#1252937) * Add details on config channels and state order in UI (bsc#1253285) * fix reposync crashing at metadata generation (bsc#1257538) * Block multiple versions of the same package from being locked (bsc#1246315) * Use PackageEvr instead of string for fix_version (bsc#1252638) * Add multi-thread support for message queue (bsc#1247722) * Fix ungrouped systems list menu item (bsc#1254251) spacewalk-proxy: * Version 5.0.8-0 * Disable listing the content of /icons (bsc#1247544) spacewalk-proxy-installer: * Version 5.0.3-0 * Configure squid replacement policy properly before cache dir (bsc#1253773) spacewalk-web: * Version 5.0.26-0 * Update web UI dependencies * Add details on config channels and state order in UI (bsc#1253285) susemanager: * Version 5.0.17-0 * Fix the product ids of client tools channels * Fixed the package name to correct one (bsc#1255089) susemanager-build-keys: * Add openSUSE Backports for SUSE Linux 16 key (bsc#1257255) susemanager-docs_en: * Updated the screenshots in multiple sections in Installation and Upgrade Guide * Reformatted storage-scripts table to use plain paragraphs instead of bullet lists to fix po4a extraction issue causing missing bullets in CJK translations * Added a warning for all instances where mgradm upgrade podman is used * Added section about container-based Kiwi image build support to Administration guide (bsc#1251865) * Included global GPG decryption for pillar data in specialized guide (bsc#1255743) * CIS removed from list ofsupported OpenSCAP profiles * Changes example for the third-party repository GPG keys (bsc#1255857) * Added SLE16 and openSUSE Leap 16 as supported clients * Explained how to generate the proxy certificates on a peripheral server (bsc#1249425) * Improved procedure formatting for better clarity in Administration Guide (bsc#1253660) * Added links to man pages for createrepo_c and reprepro to Administration Guide (bsc#1237181) * Added missing options to command example in Installation and Upgrade Guide (bsc#1252908) * Added non-SUSE URLs to requirements in installation and Upgrade Guide (bsc#1252665) * Fixed typo for command options in Reference Guide (bsc#1253174) * Added additional step for client deletion in Client Configuration Guide (bsc#1253249) * Clarified server config option for spacemd in Refrence Guide (bsc#1253197) * Changed the installation instructions to use product instead of packages (bsc#1249041) susemanager-schema: * Version 5.0.18-0 * Refactor oval related tables (bsc#1252638) * Increase size of column 'context' on tables 'suseappstream' and 'suseserverappstream' (bsc#1255653) * Add leftovers of partially missing ARMHF for Debian (bsc#1248783) susemanager-sls: * Version 5.0.21-0 * Fix error on shutdown for sles 12 (bsc#1255634) * Fix bootstrap for SLM 6.2 and newer (bsc#1257992) * Make mgr_events salt engine non-blocking on reading events * Avoid losing the events on DB connection issues (bsc#1252098) ## Security update 5.0.7 for Multi-Linux Manager Server ### Description: This update fixes the following issues: branch-network-formula: * Update to version 1.1.0 * Enable containers on SLE15SP7 * Exclude podman interfaces from sysctl setting cobbler: * Compatibility fixes for tftpboot directory setup inter-server-sync: * Version 0.3.10-0 * Write log to a rotated file without rsyslog and logrotate * Recreate cobbler entries on the import (bsc#1220899) * remove support for 4.2 file based pillars *use correct hostname detection for 5.x servers (bsc#1253322) jose4j: * CVE-2024-29371: Safeguard against excessive resource utilization by restricting the size of data during JWE payload decompression (bsc#1255298) liberate-formula: * Version 0.1.2 * Add option to prevent logo packages from being installed spacecmd: * Version 5.0.15-0 * Fix typo in spacecmd help ca-cert flag (bsc#1253174) * Convert cached IDs to int (bsc#1251995) * Fix spacecmd binary file upload (bsc#1253659) spacewalk-backend: * Version 5.0.17-0 * Fix reposync mediaproduct fetch when URL contains auth token (bsc#1252388) spacewalk-certs-tools: * Version 5.0.13-0 * Fix bootstrap script for SLM 6.2 (bsc#1257992) * Fix failing bootstrap with bootstrap script on SLES 16 and SL Micro 6.2 (bsc#1256991) spacewalk-client-tools: * Version 5.0.12-0 * Update translation strings spacewalk-config: * Version 5.0.9-0 * Enable HSTS in Apache config (bsc#1255176) * Force SameSite=Lax on all Set-Cookie headers (bsc#1253711) spacewalk-java: * Version 5.0.31-0 * Commit DB changes before refreshing pillar for SSH push minions (bsc#1253712) * Fix http proxy verification (bsc#1253501) * Fix: Broken URL in API docs (bsc#1244177) * Fix crash in ubuntu errata sync on deleted channel ids (bsc#1250561) * Fix dnf updateinfo showing wrong severity for security updates (bsc#1252937) * Add details on config channels and state order in UI (bsc#1253285) * fix reposync crashing at metadata generation (bsc#1257538) * Block multiple versions of the same package from being locked (bsc#1246315) * Use PackageEvr instead of string for fix_version (bsc#1252638) * Add multi-thread support for message queue (bsc#1247722) * Fix ungrouped systems list menu item (bsc#1254251) spacewalk-proxy: * Version 5.0.8-0 * Disable listing the content of /icons (bsc#1247544) spacewalk-proxy-installer: * Version 5.0.3-0 * Configure squid replacement policy properly before cache dir(bsc#1253773) spacewalk-web: * Version 5.0.26-0 * Update web UI dependencies * Add details on config channels and state order in UI (bsc#1253285) susemanager: * Version 5.0.17-0 * Fix the product ids of client tools channels * Fixed the package name to correct one (bsc#1255089) susemanager-build-keys: * Add openSUSE Backports for SUSE Linux 16 key (bsc#1257255) susemanager-docs_en: * Updated the screenshots in multiple sections in Installation and Upgrade Guide * Reformatted storage-scripts table to use plain paragraphs instead of bullet lists to fix po4a extraction issue causing missing bullets in CJK translations * Added a warning for all instances where mgradm upgrade podman is used * Added section about container-based Kiwi image build support to Administration guide (bsc#1251865) * Included global GPG decryption for pillar data in specialized guide (bsc#1255743) * CIS removed from list of supported OpenSCAP profiles * Changes example for the third-party repository GPG keys (bsc#1255857) * Added SLE16 and openSUSE Leap 16 as supported clients * Explained how to generate the proxy certificates on a peripheral server (bsc#1249425) * Improved procedure formatting for better clarity in Administration Guide (bsc#1253660) * Added links to man pages for createrepo_c and reprepro to Administration Guide (bsc#1237181) * Added missing options to command example in Installation and Upgrade Guide (bsc#1252908) * Added non-SUSE URLs to requirements in installation and Upgrade Guide (bsc#1252665) * Fixed typo for command options in Reference Guide (bsc#1253174) * Added additional step for client deletion in Client Configuration Guide (bsc#1253249) * Clarified server config option for spacemd in Refrence Guide (bsc#1253197) * Changed the installation instructions to use product instead of packages (bsc#1249041) susemanager-schema: * Version 5.0.18-0 * Refactor oval related tables (bsc#1252638) * Increase size ofcolumn 'context' on tables 'suseappstream' and 'suseserverappstream' (bsc#1255653) * Add leftovers of partially missing ARMHF for Debian (bsc#1248783) susemanager-sls: * Version 5.0.21-0 * Fix error on shutdown for sles 12 (bsc#1255634) * Fix bootstrap for SLM 6.2 and newer (bsc#1257992) * Make mgr_events salt engine non-blocking on reading events * Avoid losing the events on DB connection issues (bsc#1252098) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Proxy 5.0 Extension zypper in -t patch SUSE-SUSE-Manager-Proxy-5.0-2026-1010=1 * SUSE Manager Retail Branch Server 5.0 Extension zypper in -t patch SUSE-SUSE-Manager-Retail-Branch-Server-5.0-2026-1010=1 * SUSE Manager Server 5.0 Extension zypper in -t patch SUSE-SUSE-Manager-Server-5.0-2026-1010=1 ## Package List: * SUSE Manager Proxy 5.0 Extension (aarch64) * suse-manager-5.0-aarch64-proxy-salt-broker-image-5.0.7-7.32.15 * suse-manager-5.0-aarch64-proxy-httpd-image-5.0.7-7.30.13 * suse-manager-5.0-aarch64-proxy-squid-image-5.0.7-7.30.6 * suse-manager-5.0-aarch64-proxy-ssh-image-5.0.7-7.30.5 * suse-manager-5.0-aarch64-proxy-tftpd-image-5.0.7-7.30.5 * SUSE Manager Proxy 5.0 Extension (ppc64le) * suse-manager-5.0-ppc64le-proxy-salt-broker-image-5.0.7-7.32.15 * suse-manager-5.0-ppc64le-proxy-squid-image-5.0.7-7.30.6 * suse-manager-5.0-ppc64le-proxy-ssh-image-5.0.7-7.30.5 * suse-manager-5.0-ppc64le-proxy-httpd-image-5.0.7-7.30.13 * suse-manager-5.0-ppc64le-proxy-tftpd-image-5.0.7-7.30.5 * SUSE Manager Proxy 5.0 Extension (s390x) * suse-manager-5.0-s390x-proxy-squid-image-5.0.7-7.30.6 * suse-manager-5.0-s390x-proxy-tftpd-image-5.0.7-7.30.5 * suse-manager-5.0-s390x-proxy-httpd-image-5.0.7-7.30.13 * suse-manager-5.0-s390x-proxy-salt-broker-image-5.0.7-7.32.15 *suse-manager-5.0-s390x-proxy-ssh-image-5.0.7-7.30.5 * SUSE Manager Proxy 5.0 Extension (x86_64) * suse-manager-5.0-x86_64-proxy-squid-image-5.0.7-7.30.6 * suse-manager-5.0-x86_64-proxy-ssh-image-5.0.7-7.30.5 * suse-manager-5.0-x86_64-proxy-salt-broker-image-5.0.7-7.32.15 * suse-manager-5.0-x86_64-proxy-tftpd-image-5.0.7-7.30.5 * suse-manager-5.0-x86_64-proxy-httpd-image-5.0.7-7.30.13 * SUSE Manager Retail Branch Server 5.0 Extension (aarch64) * suse-manager-5.0-aarch64-proxy-salt-broker-image-5.0.7-7.32.15 * suse-manager-5.0-aarch64-proxy-httpd-image-5.0.7-7.30.13 * suse-manager-5.0-aarch64-proxy-squid-image-5.0.7-7.30.6 * suse-manager-5.0-aarch64-proxy-ssh-image-5.0.7-7.30.5 * suse-manager-5.0-aarch64-proxy-tftpd-image-5.0.7-7.30.5 * SUSE Manager Retail Branch Server 5.0 Extension (ppc64le) * suse-manager-5.0-ppc64le-proxy-salt-broker-image-5.0.7-7.32.15 * suse-manager-5.0-ppc64le-proxy-squid-image-5.0.7-7.30.6 * suse-manager-5.0-ppc64le-proxy-ssh-image-5.0.7-7.30.5 * suse-manager-5.0-ppc64le-proxy-httpd-image-5.0.7-7.30.13 * suse-manager-5.0-ppc64le-proxy-tftpd-image-5.0.7-7.30.5 * SUSE Manager Retail Branch Server 5.0 Extension (s390x) * suse-manager-5.0-s390x-proxy-squid-image-5.0.7-7.30.6 * suse-manager-5.0-s390x-proxy-tftpd-image-5.0.7-7.30.5 * suse-manager-5.0-s390x-proxy-httpd-image-5.0.7-7.30.13 * suse-manager-5.0-s390x-proxy-salt-broker-image-5.0.7-7.32.15 * suse-manager-5.0-s390x-proxy-ssh-image-5.0.7-7.30.5 * SUSE Manager Retail Branch Server 5.0 Extension (x86_64) * suse-manager-5.0-x86_64-proxy-squid-image-5.0.7-7.30.6 * suse-manager-5.0-x86_64-proxy-ssh-image-5.0.7-7.30.5 * suse-manager-5.0-x86_64-proxy-salt-broker-image-5.0.7-7.32.15 * suse-manager-5.0-x86_64-proxy-tftpd-image-5.0.7-7.30.5 * suse-manager-5.0-x86_64-proxy-httpd-image-5.0.7-7.30.13 * SUSE Manager Server 5.0 Extension (aarch64) * suse-manager-5.0-aarch64-server-hub-xmlrpc-api-image-5.0.7-6.30.7 *suse-manager-5.0-aarch64-server-attestation-image-5.0.7-6.34.5 * suse-manager-5.0-aarch64-server-image-5.0.7-7.37.12 * suse-manager-5.0-aarch64-server-migration-14-16-image-5.0.7-7.30.7 * SUSE Manager Server 5.0 Extension (ppc64le) * suse-manager-5.0-ppc64le-server-migration-14-16-image-5.0.7-7.30.7 * suse-manager-5.0-ppc64le-server-image-5.0.7-7.37.12 * suse-manager-5.0-ppc64le-server-attestation-image-5.0.7-6.34.5 * suse-manager-5.0-ppc64le-server-hub-xmlrpc-api-image-5.0.7-6.30.7 * SUSE Manager Server 5.0 Extension (s390x) * suse-manager-5.0-s390x-server-image-5.0.7-7.37.12 * suse-manager-5.0-s390x-server-migration-14-16-image-5.0.7-7.30.7 * suse-manager-5.0-s390x-server-attestation-image-5.0.7-6.34.5 * suse-manager-5.0-s390x-server-hub-xmlrpc-api-image-5.0.7-6.30.7 * SUSE Manager Server 5.0 Extension (x86_64) * suse-manager-5.0-x86_64-server-image-5.0.7-7.37.12 * suse-manager-5.0-x86_64-server-migration-14-16-image-5.0.7-7.30.7 * suse-manager-5.0-x86_64-server-attestation-image-5.0.7-6.34.5 * suse-manager-5.0-x86_64-server-hub-xmlrpc-api-image-5.0.7-6.30.7 ## References: * https://www.suse.com/security/cve/CVE-2024-29371.html * https://bugzilla.suse.com/show_bug.cgi?id=1220899 * https://bugzilla.suse.com/show_bug.cgi?id=1237181 * https://bugzilla.suse.com/show_bug.cgi?id=1244177 * https://bugzilla.suse.com/show_bug.cgi?id=1246315 * https://bugzilla.suse.com/show_bug.cgi?id=1247544 * https://bugzilla.suse.com/show_bug.cgi?id=1247722 * https://bugzilla.suse.com/show_bug.cgi?id=1248783 * https://bugzilla.suse.com/show_bug.cgi?id=1249041 * https://bugzilla.suse.com/show_bug.cgi?id=1249425 * https://bugzilla.suse.com/show_bug.cgi?id=1250561 * https://bugzilla.suse.com/show_bug.cgi?id=1251865 * https://bugzilla.suse.com/show_bug.cgi?id=1251995 * https://bugzilla.suse.com/show_bug.cgi?id=1252098 * https://bugzilla.suse.com/show_bug.cgi?id=1252388 * https://bugzilla.suse.com/show_bug.cgi?id=1252638 *https://bugzilla.suse.com/show_bug.cgi?id=1252665 * https://bugzilla.suse.com/show_bug.cgi?id=1252908 * https://bugzilla.suse.com/show_bug.cgi?id=1252937 * https://bugzilla.suse.com/show_bug.cgi?id=1253174 * https://bugzilla.suse.com/show_bug.cgi?id=1253197 * https://bugzilla.suse.com/show_bug.cgi?id=1253249 * https://bugzilla.suse.com/show_bug.cgi?id=1253285 * https://bugzilla.suse.com/show_bug.cgi?id=1253322 * https://bugzilla.suse.com/show_bug.cgi?id=1253501 * https://bugzilla.suse.com/show_bug.cgi?id=1253659 * https://bugzilla.suse.com/show_bug.cgi?id=1253660 * https://bugzilla.suse.com/show_bug.cgi?id=1253711 * https://bugzilla.suse.com/show_bug.cgi?id=1253712 * https://bugzilla.suse.com/show_bug.cgi?id=1253773 * https://bugzilla.suse.com/show_bug.cgi?id=1254251 * https://bugzilla.suse.com/show_bug.cgi?id=1255089 * https://bugzilla.suse.com/show_bug.cgi?id=1255176 * https://bugzilla.suse.com/show_bug.cgi?id=1255298 * https://bugzilla.suse.com/show_bug.cgi?id=1255634 * https://bugzilla.suse.com/show_bug.cgi?id=1255653 * https://bugzilla.suse.com/show_bug.cgi?id=1255743 * https://bugzilla.suse.com/show_bug.cgi?id=1255857 * https://bugzilla.suse.com/show_bug.cgi?id=1256991 * https://bugzilla.suse.com/show_bug.cgi?id=1257255 * https://bugzilla.suse.com/show_bug.cgi?id=1257538 * https://bugzilla.suse.com/show_bug.cgi?id=1257992 * https://bugzilla.suse.com/show_bug.cgi?id=1259057 * https://jira.suse.com/browse/MSQA-1045 . Update for SUSE Multi-Linux Manager 5.0 addresses one important vulnerability and introduces 41 security fixes.. SUSE Multi-Linux Manager, Important Update, Security Fixes, CVE-2024-29371. . Severity: Important. LinuxSecurity.com Team
Mar 25, 2026
•Important
SuSE
202
security advisorymoderateOpenSUSEopenSUSE: tor Efficient Resource Management Update 2025:0456-3
An update that fixes one vulnerability is now available.. openSUSE Security Update: Security update for tor ______________________________________________________________________________ Announcement ID: openSUSE-SU-2025:0373-1 Rating: moderate References: #1250101 Cross-References: CVE-2025-4444 Affected Products: openSUSE Backports SLE-15-SP6 openSUSE Backports SLE-15-SP7 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for tor fixes the following issues: - 0.4.8.18 * CVE-2025-4444: onion service descriptor resource consumption issue (boo#1250101) - 0.4.8.17 * Minor features and bugfixes * use quantum-resistant MLKEM-768 cipher - tor 0.4.8.16 * fix typo in a directory authority rule file * fix a sandbox issue for bandwidth authority and a conflux issue on the control port * client fix about relay flag usage - tor 0.4.8.14 * bugfix for onion service directory cache * test-network now unconditionally includes IPv6 * Regenerate fallback directories 2025-02-05 * Update the geoip files to 2025-02-05 * Fix a pointer free - tor 0.4.8.13 * Conflux related client circuit building performance bugfix * Fix minor memory leaks * Add STATUS TYPE=version handler for Pluggable Transport - tor 0.4.8.12 * Minor features and bugfixes * See https://gitlab.torproject.org/tpo/core/tor/-/raw/release-0.4.8/ReleaseNotes Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP7: zypper in -t patch openSUSE-2025-373=1 - openSUSE Backports SLE-15-SP6: zypper in -t patch openSUSE-2025-373=1 Package List: - openSUSE Backports SLE-15-SP7 (aarch64 ppc64le s390x x86_64): tor-0.4.8.18-bp157.2.3.1 tor-debuginfo-0.4.8.18-bp157.2.3.1 tor-debugsource-0.4.8.18-bp157.2.3.1 - openSUSE Backports SLE-15-SP6 (aarch64 ppc64le s390x x86_64): tor-0.4.8.18-bp156.2.3.1 References: https://www.suse.com/security/cve/CVE-2025-4444.html https://bugzilla.suse.com/1250101 . Update fixes moderate resource consumption issue in tor, openSUSE Advisory ID: openSUSE-SU-2025:0373-1.. tor update, openSUSE security, vulnerability patch, onion service. . LinuxSecurity.com Team
Sep 26, 2025
OpenSUSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!