Security update for curl SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2025:03267-1 Final 1 1 2025-09-18T11:06:28Z current 2025-09-18T11:06:28Z 2025-09-18T11:06:28Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for curl This update for curl fixes the following issues: Security issues fixed: - CVE-2025-9086: bug in patch comparison logic when processing cookies can lead to out-of-bounds read in heap buffer (bsc#1249191). - CVE-2025-10148: predictable websocket mask can lead to proxy cache poisoning by malicious server (bsc#1249348). Other issues fixed: - Fix the --ftp-pasv option in curl v8.14.1 (bsc#1246197). * tool_getparam: fix --ftp-pasv [5f805ee] - Update to version 8.14.1 (jsc#PED-13055, jsc#PED-13056). * TLS: add CURLOPT_SSL_SIGNATURE_ALGORITHMS and --sigalgs. * websocket: add option to disable auto-pong reply. * huge number of bugfixes. Please see https://curl.se/ch/ for full changelogs. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Container suse/manager/4.3/proxy-httpd:latest-2025-3267,Container suse/manager/4.3/proxy-salt-broker:latest-2025-3267,Container suse/sle-micro-rancher/5.3:latest-2025-3267,Container suse/sle-micro-rancher/5.4:latest-2025-3267,Container suse/sle-micro/5.5:latest-2025-3267,Container suse/sle-micro/base-5.5:latest-2025-3267,Container suse/sle-micro/kvm-5.5:latest-2025-3267,Container suse/sle-micro/rt-5.5:latest-2025-3267,SUSE-2025-3267,SUSE-SLE-INSTALLER-15-SP4-2025-3267,SUSE-SLE-INSTALLER-15-SP5-2025-3267,SUSE-SLE-Micro-5.3-2025-3267,SUSE-SLE-Micro-5.4-2025-3267,SUSE-SLE-Micro-5.5-2025-3267,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-3267,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-3267,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-3267,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-3267,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-3267,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-3267,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-3267,SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-LTS-2025-3267,SUSE-SLE-Product-SUSE-Manager-Server-4.3-LTS-2025-3267 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2025/suse-su-202503267-1/ Link for SUSE-SU-2025:03267-1 https://lists.suse.com/pipermail/sle-updates/2025-September/041770.html E-Mail link for SUSE-SU-2025:03267-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1246197 SUSE Bug 1246197 https://bugzilla.suse.com/1249191 SUSE Bug 1249191 https://bugzilla.suse.com/1249348 SUSE Bug 1249348 https://bugzilla.suse.com/1249367 SUSE Bug 1249367 https://www.suse.com/security/cve/CVE-2025-10148/ SUSE CVE CVE-2025-10148 page https://www.suse.com/security/cve/CVE-2025-9086/ SUSE CVE CVE-2025-9086 page Container suse/manager/4.3/proxy-httpd:latest Container suse/manager/4.3/proxy-salt-broker:latest Container suse/sle-micro-rancher/5.3:latest Container suse/sle-micro-rancher/5.4:latest Container suse/sle-micro/5.5:latest Container suse/sle-micro/base-5.5:latest Container suse/sle-micro/kvm-5.5:latest Container suse/sle-micro/rt-5.5:latest SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS SUSE Linux Enterprise Installer Updates 15 SP4 SUSE Linux Enterprise Installer Updates 15 SP5 SUSE Linux Enterprise Micro 5.3 SUSE Linux Enterprise Micro 5.4 SUSE Linux Enterprise Micro 5.5 SUSE Linux Enterprise Server 15 SP4-LTSS SUSE Linux Enterprise Server 15 SP5-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SP4 SUSE Manager Proxy LTS 4.3 SUSE Manager Server LTS 4.3 curl-8.14.1-150400.5.69.1 libcurl4-8.14.1-150400.5.69.1 curl-fish-completion-8.14.1-150400.5.69.1 curl-zsh-completion-8.14.1-150400.5.69.1 libcurl-devel-8.14.1-150400.5.69.1 libcurl-devel-32bit-8.14.1-150400.5.69.1 libcurl-devel-64bit-8.14.1-150400.5.69.1 libcurl-devel-doc-8.14.1-150400.5.69.1 libcurl-mini4-8.14.1-150400.5.69.1 libcurl4-32bit-8.14.1-150400.5.69.1 libcurl4-64bit-8.14.1-150400.5.69.1 curl-8.14.1-150400.5.69.1 as a component of Container suse/manager/4.3/proxy-httpd:latest libcurl4-8.14.1-150400.5.69.1 as a component of Container suse/manager/4.3/proxy-httpd:latest curl-8.14.1-150400.5.69.1 as a component of Container suse/manager/4.3/proxy-salt-broker:latest libcurl4-8.14.1-150400.5.69.1 as a component of Container suse/manager/4.3/proxy-salt-broker:latest curl-8.14.1-150400.5.69.1 as a component of Container suse/sle-micro-rancher/5.3:latest libcurl4-8.14.1-150400.5.69.1 as a component of Container suse/sle-micro-rancher/5.3:latest curl-8.14.1-150400.5.69.1 as a component of Container suse/sle-micro-rancher/5.4:latest libcurl4-8.14.1-150400.5.69.1 as a component of Container suse/sle-micro-rancher/5.4:latest libcurl4-8.14.1-150400.5.69.1 as a component of Container suse/sle-micro/5.5:latest curl-8.14.1-150400.5.69.1 as a component of Container suse/sle-micro/base-5.5:latest libcurl4-8.14.1-150400.5.69.1 as a component of Container suse/sle-micro/base-5.5:latest libcurl4-8.14.1-150400.5.69.1 as a component of Container suse/sle-micro/kvm-5.5:latest libcurl4-8.14.1-150400.5.69.1 as a component of Container suse/sle-micro/rt-5.5:latest curl-8.14.1-150400.5.69.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS libcurl-devel-8.14.1-150400.5.69.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS libcurl4-8.14.1-150400.5.69.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS libcurl4-32bit-8.14.1-150400.5.69.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS curl-8.14.1-150400.5.69.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS libcurl-devel-8.14.1-150400.5.69.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS libcurl4-8.14.1-150400.5.69.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS libcurl4-32bit-8.14.1-150400.5.69.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS curl-8.14.1-150400.5.69.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS libcurl-devel-8.14.1-150400.5.69.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS libcurl4-8.14.1-150400.5.69.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS libcurl4-32bit-8.14.1-150400.5.69.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS curl-8.14.1-150400.5.69.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS libcurl-devel-8.14.1-150400.5.69.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS libcurl4-8.14.1-150400.5.69.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS libcurl4-32bit-8.14.1-150400.5.69.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS libcurl4-8.14.1-150400.5.69.1 as a component of SUSE Linux Enterprise Installer Updates 15 SP4 libcurl4-8.14.1-150400.5.69.1 as a component of SUSE Linux Enterprise Installer Updates 15 SP5 curl-8.14.1-150400.5.69.1 as a component of SUSE Linux Enterprise Micro 5.3 libcurl4-8.14.1-150400.5.69.1 as a component of SUSE Linux Enterprise Micro 5.3 curl-8.14.1-150400.5.69.1 as a component of SUSE Linux Enterprise Micro 5.4 libcurl4-8.14.1-150400.5.69.1 as a component of SUSE Linux Enterprise Micro 5.4 curl-8.14.1-150400.5.69.1 as a component of SUSE Linux Enterprise Micro 5.5 libcurl4-8.14.1-150400.5.69.1 as a component of SUSE Linux Enterprise Micro 5.5 curl-8.14.1-150400.5.69.1 as a component of SUSE Linux Enterprise Server 15 SP4-LTSS libcurl-devel-8.14.1-150400.5.69.1 as a component of SUSE Linux Enterprise Server 15 SP4-LTSS libcurl4-8.14.1-150400.5.69.1 as a component of SUSE Linux Enterprise Server 15 SP4-LTSS libcurl4-32bit-8.14.1-150400.5.69.1 as a component of SUSE Linux Enterprise Server 15 SP4-LTSS curl-8.14.1-150400.5.69.1 as a component of SUSE Linux Enterprise Server 15 SP5-LTSS libcurl-devel-8.14.1-150400.5.69.1 as a component of SUSE Linux Enterprise Server 15 SP5-LTSS libcurl4-8.14.1-150400.5.69.1 as a component of SUSE Linux Enterprise Server 15 SP5-LTSS libcurl4-32bit-8.14.1-150400.5.69.1 as a component of SUSE Linux Enterprise Server 15 SP5-LTSS curl-8.14.1-150400.5.69.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP4 libcurl-devel-8.14.1-150400.5.69.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP4 libcurl4-8.14.1-150400.5.69.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP4 libcurl4-32bit-8.14.1-150400.5.69.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP4 curl-8.14.1-150400.5.69.1 as a component of SUSE Manager Proxy LTS 4.3 libcurl-devel-8.14.1-150400.5.69.1 as a component of SUSE Manager Proxy LTS 4.3 libcurl4-8.14.1-150400.5.69.1 as a component of SUSE Manager Proxy LTS 4.3 libcurl4-32bit-8.14.1-150400.5.69.1 as a component of SUSE Manager Proxy LTS 4.3 curl-8.14.1-150400.5.69.1 as a component of SUSE Manager Server LTS 4.3 libcurl-devel-8.14.1-150400.5.69.1 as a component of SUSE Manager Server LTS 4.3 libcurl4-8.14.1-150400.5.69.1 as a component of SUSE Manager Server LTS 4.3 libcurl4-32bit-8.14.1-150400.5.69.1 as a component of SUSE Manager Server LTS 4.3 curl's websocket code did not update the 32 bit mask pattern for each new outgoing frame as the specification says. Instead it used a fixed mask that persisted and was used throughout the entire connection. A predictable mask pattern allows for a malicious server to induce traffic between the two communicating parties that could be interpreted by an involved proxy (configured or transparent) as genuine, real, HTTP traffic with content and thereby poison its cache. That cached poisoned content could then be served to all users of that proxy. CVE-2025-10148 Container suse/manager/4.3/proxy-httpd:latest:curl-8.14.1-150400.5.69.1 Container suse/manager/4.3/proxy-httpd:latest:libcurl4-8.14.1-150400.5.69.1 Container suse/manager/4.3/proxy-salt-broker:latest:curl-8.14.1-150400.5.69.1 Container suse/manager/4.3/proxy-salt-broker:latest:libcurl4-8.14.1-150400.5.69.1 Container suse/sle-micro-rancher/5.3:latest:curl-8.14.1-150400.5.69.1 Container suse/sle-micro-rancher/5.3:latest:libcurl4-8.14.1-150400.5.69.1 Container suse/sle-micro-rancher/5.4:latest:curl-8.14.1-150400.5.69.1 Container suse/sle-micro-rancher/5.4:latest:libcurl4-8.14.1-150400.5.69.1 Container suse/sle-micro/5.5:latest:libcurl4-8.14.1-150400.5.69.1 Container suse/sle-micro/base-5.5:latest:curl-8.14.1-150400.5.69.1 Container suse/sle-micro/base-5.5:latest:libcurl4-8.14.1-150400.5.69.1 Container suse/sle-micro/kvm-5.5:latest:libcurl4-8.14.1-150400.5.69.1 Container suse/sle-micro/rt-5.5:latest:libcurl4-8.14.1-150400.5.69.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:curl-8.14.1-150400.5.69.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libcurl-devel-8.14.1-150400.5.69.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libcurl4-32bit-8.14.1-150400.5.69.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libcurl4-8.14.1-150400.5.69.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:curl-8.14.1-150400.5.69.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libcurl-devel-8.14.1-150400.5.69.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libcurl4-32bit-8.14.1-150400.5.69.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libcurl4-8.14.1-150400.5.69.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:curl-8.14.1-150400.5.69.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libcurl-devel-8.14.1-150400.5.69.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libcurl4-32bit-8.14.1-150400.5.69.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libcurl4-8.14.1-150400.5.69.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:curl-8.14.1-150400.5.69.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libcurl-devel-8.14.1-150400.5.69.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libcurl4-32bit-8.14.1-150400.5.69.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libcurl4-8.14.1-150400.5.69.1 SUSE Linux Enterprise Installer Updates 15 SP4:libcurl4-8.14.1-150400.5.69.1 SUSE Linux Enterprise Installer Updates 15 SP5:libcurl4-8.14.1-150400.5.69.1 SUSE Linux Enterprise Micro 5.3:curl-8.14.1-150400.5.69.1 SUSE Linux Enterprise Micro 5.3:libcurl4-8.14.1-150400.5.69.1 SUSE Linux Enterprise Micro 5.4:curl-8.14.1-150400.5.69.1 SUSE Linux Enterprise Micro 5.4:libcurl4-8.14.1-150400.5.69.1 SUSE Linux Enterprise Micro 5.5:curl-8.14.1-150400.5.69.1 SUSE Linux Enterprise Micro 5.5:libcurl4-8.14.1-150400.5.69.1 SUSE Linux Enterprise Server 15 SP4-LTSS:curl-8.14.1-150400.5.69.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl-devel-8.14.1-150400.5.69.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl4-32bit-8.14.1-150400.5.69.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl4-8.14.1-150400.5.69.1 SUSE Linux Enterprise Server 15 SP5-LTSS:curl-8.14.1-150400.5.69.1 SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl-devel-8.14.1-150400.5.69.1 SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl4-32bit-8.14.1-150400.5.69.1 SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl4-8.14.1-150400.5.69.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:curl-8.14.1-150400.5.69.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libcurl-devel-8.14.1-150400.5.69.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libcurl4-32bit-8.14.1-150400.5.69.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libcurl4-8.14.1-150400.5.69.1 SUSE Manager Proxy LTS 4.3:curl-8.14.1-150400.5.69.1 SUSE Manager Proxy LTS 4.3:libcurl-devel-8.14.1-150400.5.69.1 SUSE Manager Proxy LTS 4.3:libcurl4-32bit-8.14.1-150400.5.69.1 SUSE Manager Proxy LTS 4.3:libcurl4-8.14.1-150400.5.69.1 SUSE Manager Server LTS 4.3:curl-8.14.1-150400.5.69.1 SUSE Manager Server LTS 4.3:libcurl-devel-8.14.1-150400.5.69.1 SUSE Manager Server LTS 4.3:libcurl4-32bit-8.14.1-150400.5.69.1 SUSE Manager Server LTS 4.3:libcurl4-8.14.1-150400.5.69.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202503267-1/ https://www.suse.com/security/cve/CVE-2025-10148.html CVE-2025-10148 https://bugzilla.suse.com/1249348 SUSE Bug 1249348 1. A cookie is set using the `secure` keyword for `https://target` 2. curl is redirected to or otherwise made to speak with `http://target` (same hostname, but using clear text HTTP) using the same cookie set 3. The same cookie name is set - but with just a slash as path (`path='/'`). Since this site is not secure, the cookie *should* just be ignored. 4. A bug in the path comparison logic makes curl read outside a heap buffer boundary The bug either causes a crash or it potentially makes the comparison come to the wrong conclusion and lets the clear-text site override the contents of the secure cookie, contrary to expectations and depending on the memory contents immediately following the single-byte allocation that holds the path. The presumed and correct behavior would be to plainly ignore the second set of the cookie since it was already set as secure on a secure host so overriding it on an insecure host should not be okay. CVE-2025-9086 Container suse/manager/4.3/proxy-httpd:latest:curl-8.14.1-150400.5.69.1 Container suse/manager/4.3/proxy-httpd:latest:libcurl4-8.14.1-150400.5.69.1 Container suse/manager/4.3/proxy-salt-broker:latest:curl-8.14.1-150400.5.69.1 Container suse/manager/4.3/proxy-salt-broker:latest:libcurl4-8.14.1-150400.5.69.1 Container suse/sle-micro-rancher/5.3:latest:curl-8.14.1-150400.5.69.1 Container suse/sle-micro-rancher/5.3:latest:libcurl4-8.14.1-150400.5.69.1 Container suse/sle-micro-rancher/5.4:latest:curl-8.14.1-150400.5.69.1 Container suse/sle-micro-rancher/5.4:latest:libcurl4-8.14.1-150400.5.69.1 Container suse/sle-micro/5.5:latest:libcurl4-8.14.1-150400.5.69.1 Container suse/sle-micro/base-5.5:latest:curl-8.14.1-150400.5.69.1 Container suse/sle-micro/base-5.5:latest:libcurl4-8.14.1-150400.5.69.1 Container suse/sle-micro/kvm-5.5:latest:libcurl4-8.14.1-150400.5.69.1 Container suse/sle-micro/rt-5.5:latest:libcurl4-8.14.1-150400.5.69.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:curl-8.14.1-150400.5.69.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libcurl-devel-8.14.1-150400.5.69.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libcurl4-32bit-8.14.1-150400.5.69.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libcurl4-8.14.1-150400.5.69.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:curl-8.14.1-150400.5.69.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libcurl-devel-8.14.1-150400.5.69.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libcurl4-32bit-8.14.1-150400.5.69.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libcurl4-8.14.1-150400.5.69.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:curl-8.14.1-150400.5.69.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libcurl-devel-8.14.1-150400.5.69.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libcurl4-32bit-8.14.1-150400.5.69.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libcurl4-8.14.1-150400.5.69.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:curl-8.14.1-150400.5.69.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libcurl-devel-8.14.1-150400.5.69.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libcurl4-32bit-8.14.1-150400.5.69.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libcurl4-8.14.1-150400.5.69.1 SUSE Linux Enterprise Installer Updates 15 SP4:libcurl4-8.14.1-150400.5.69.1 SUSE Linux Enterprise Installer Updates 15 SP5:libcurl4-8.14.1-150400.5.69.1 SUSE Linux Enterprise Micro 5.3:curl-8.14.1-150400.5.69.1 SUSE Linux Enterprise Micro 5.3:libcurl4-8.14.1-150400.5.69.1 SUSE Linux Enterprise Micro 5.4:curl-8.14.1-150400.5.69.1 SUSE Linux Enterprise Micro 5.4:libcurl4-8.14.1-150400.5.69.1 SUSE Linux Enterprise Micro 5.5:curl-8.14.1-150400.5.69.1 SUSE Linux Enterprise Micro 5.5:libcurl4-8.14.1-150400.5.69.1 SUSE Linux Enterprise Server 15 SP4-LTSS:curl-8.14.1-150400.5.69.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl-devel-8.14.1-150400.5.69.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl4-32bit-8.14.1-150400.5.69.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl4-8.14.1-150400.5.69.1 SUSE Linux Enterprise Server 15 SP5-LTSS:curl-8.14.1-150400.5.69.1 SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl-devel-8.14.1-150400.5.69.1 SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl4-32bit-8.14.1-150400.5.69.1 SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl4-8.14.1-150400.5.69.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:curl-8.14.1-150400.5.69.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libcurl-devel-8.14.1-150400.5.69.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libcurl4-32bit-8.14.1-150400.5.69.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libcurl4-8.14.1-150400.5.69.1 SUSE Manager Proxy LTS 4.3:curl-8.14.1-150400.5.69.1 SUSE Manager Proxy LTS 4.3:libcurl-devel-8.14.1-150400.5.69.1 SUSE Manager Proxy LTS 4.3:libcurl4-32bit-8.14.1-150400.5.69.1 SUSE Manager Proxy LTS 4.3:libcurl4-8.14.1-150400.5.69.1 SUSE Manager Server LTS 4.3:curl-8.14.1-150400.5.69.1 SUSE Manager Server LTS 4.3:libcurl-devel-8.14.1-150400.5.69.1 SUSE Manager Server LTS 4.3:libcurl4-32bit-8.14.1-150400.5.69.1 SUSE Manager Server LTS 4.3:libcurl4-8.14.1-150400.5.69.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202503267-1/ https://www.suse.com/security/cve/CVE-2025-9086.html CVE-2025-9086 https://bugzilla.suse.com/1249191 SUSE Bug 1249191