Key updates include:
1. OpenVPN: Important security fix for CVE-2024-5594, which involved improper handling of null bytes in control messages, applicable to multiple SUSE Linux products.
2. AppArmor: Two moderate updates enhancing security by allowing `dovecot-auth` to execute Unix password checks from `/sbin`, not just from `/usr/bin`.
3. XZ: An important fix for CVE-2025-31115 that resolves a heap-use-after-free issue, affecting various SUSE platforms.
4. Mozilla Firefox: Critical updates addressing multiple vulnerabilities (CVE-2025-3028, CVE-2025-3029, CVE-2025-3030) that include use-after-free issues and memory safety bugs.
5. Ghostscript: Multiple vulnerabilities addressed, including buffer overflows that could lead to potential exploitation.
6. The Linux Kernel: Important security updates for live patches addressing several vulnerabilities, including use-after-free scenarios.
7. FFmpeg: An update introduced to fix numerous vulnerabilities related to unchecked return values, null pointer dereferences, and memory leaks.
8. GraphicsMagick: An update addressing missing image dimension resource limits.
The release also includes updates for several other packages such as `libsaml-devel`, `aws-efs-utils`, `headscale`, `libmozjs`, `libxslt`, and more, each having moderate to important ratings based on their severity and potential impact.
For system administrators and users of SUSE products, it is crucial to apply these updates promptly using the recommended installation methods like YaST or `zypper patch`. Users are also encouraged to check the provided references for detailed CVE information to understand the implications of these vulnerabilities fully.
In summary, these updates are a vital part of ensuring system security and stability within the SUSE Linux environment, and users should prioritize their implementation to protect against potential exploits
OpenVPN, Apparmor, XZ, and more updates for SUSE Linux
SUSE Linux has issued multiple security updates, highlighting significant updates for openvpn, apparmor, xz, MozillaFirefox, perl-Data-Entropy, libsaml-devel, aws-efs-utils, headscale, libmozjs, ghostscript, assimp-devel, gotosocial, expat, tomcat, libxslt, and GraphicsMagick:
SUSE-SU-2025:1131-1: important: Security update for openvpn
SUSE-SU-2025:1134-1: moderate: Security update for apparmor
SUSE-SU-2025:1135-1: moderate: Security update for apparmor
SUSE-SU-2025:1137-1: important: Security update for xz
SUSE-SU-2025:1138-1: important: Security update for MozillaFirefox
openSUSE-SU-2025:14960-1: moderate: perl-Data-Entropy-0.8.0-1.1 on GA media
openSUSE-SU-2025:14959-1: moderate: libsaml-devel-3.3.1-2.1 on GA media
openSUSE-SU-2025:14951-1: moderate: aws-efs-utils-2.2.1-1.1 on GA media
openSUSE-SU-2025:14956-1: moderate: headscale-0.25.1-2.1 on GA media
openSUSE-SU-2025:14958-1: moderate: libmozjs-128-0-128.8.1-1.1 on GA media
openSUSE-SU-2025:14953-1: moderate: ghostscript-10.05.0-1.1 on GA media
openSUSE-SU-2025:14950-1: moderate: assimp-devel-5.4.3-5.1 on GA media
openSUSE-SU-2025:14954-1: moderate: gotosocial-0.18.3-2.1 on GA media
openSUSE-SU-2025:14952-1: moderate: expat-2.7.1-1.1 on GA media
openSUSE-SU-2025:14949-1: moderate: GraphicsMagick-1.3.45-2.1 on GA media
SUSE-SU-2025:1126-1: important: Security update for tomcat
SUSE-SU-2025:1125-1: important: Security update for libxslt
SUSE-SU-2025:1129-1: moderate: Security update for GraphicsMagick
SUSE-SU-2025:1123-1: important: Security update for the Linux Kernel (Live Patch 47 for SLE 15 SP3)
SUSE-SU-2025:1128-1: important: Security update for ffmpeg-4
SUSE-SU-2025:1127-1: important: Security update for ghostscript
SUSE-SU-2025:1139-1: important: Security update for the Linux Kernel (Live Patch 44 for SLE 15 SP3)
openSUSE-SU-2025:14955-1: moderate: govulncheck-vulndb-0.0.20250331T171002-1.1 on GA mediaOpenVPN, Apparmor, XZ, and more updates for SUSE Linux @ Linux Compatible
