SUSE Linux Enterprise users: Install this critical update (2025-1526-1) for libsolv, libzypp, and zypper to patch security vulnerabilities, improve package management, and add APK format support. Fixes FIPS compliance, URL encoding, and RPM detection.
Why This Update Matters for Enterprise Linux Systems
The latest SUSE-recommended update (2025-1526-1) addresses nine critical issues across key package management tools, including:
✅ Security Enhancements
Drops SHA-1 hashing for FIPS compliance (bsc#1240529)
Fixes URL encoding vulnerabilities (bsc#1237587, bsc#1238315)
✅ Performance & Stability
Adds APK package format support (v2/v3) for broader compatibility
Resolves Ruby symbol conflicts (bsc#1235598)
Optimizes RPM trigger detection (bsc#1222044)
✅ Enterprise Features
New
lock_timeoutconfig for system administrators (bsc#1239809)Transaction preloader for faster package operations
Affected Products
This update impacts:
SUSE Linux Enterprise Server 15 SP3 (LTSS/HPC/SAP)
SUSE Enterprise Storage 7.1
SUSE MicroOS & Rancher (5.1/5.2)
How to Install the Update
Method 1: Use zypper patch or YaST Online Update.
Method 2: Run the product-specific command:
# Example: SUSE Linux Enterprise Server 15 SP3
zypper in -t patch SUSE-SLE-INSTALLER-15-SP3-2025-1526=1 (Full commands listed in the original advisory.)
Key Technical Improvements
| Fix | Impact | Reference |
|---|---|---|
| FTP URL double-slash correction | Prevents repo sync failures | bsc#1238315 |
| XML stream error handling | Avoids corrupt metadata parsing | – |
| Vendor-change default fix | Ensures policy compliance | – |
| Enhanced search for "Enhances" | Better dependency resolution | bsc#1237949 |
FAQ
Q: Is this update mandatory?
A: Yes, due to security patches (e.g., FIPS/SHA-1 deprecation).
Q: Will it break existing configurations?
A: No—backward-compatible symbol fixes (bsc#1235598) prevent disruptions.
Q: How long does installation take?
A: Typically under 5 minutes for most systems.
Nenhum comentário:
Postar um comentário