Security update for afterburn SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2025:20429-1 Final 1 1 2025-06-20T14:11:51Z current 2025-06-20T14:11:51Z 2025-06-20T14:11:51Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for afterburn This update for afterburn fixes the following issues: Update to version 5.8.2: * cargo: Afterburn release 5.8.2 * docs/release-notes: update for release 5.8.2 * cargo: update dependencies * cargo: Afterburn release 5.8.1 * cargo: Afterburn release 5.8.0 * docs/release-notes: update for release 5.8.0 * cargo: update dependencies * packit: add initial support Update to version 5.7.0.git103.bae893c: * Sync repo templates ⚙ fixes RUSTSEC-2025-0022 AKA CVE-2025-3416 * mod.rs: Fix clippy lint errors * release-notes.md: add release notes for rust version update * Cargo.toml: bump MSRV to 1.84.1 * Fix clippy lint issues * Sync repo templates ⚙ * Update release notes. * proxmoxve: Add more context to log messages. * proxmoxve: Remove unneeded fields * proxmoxve: Add tests for static network configuration from cloud-init. * proxmoxve: Add support for static network configuration from cloud-init. * Sync repo templates ⚙ * release notes: add notes for tempfile bump from 3.16.0 to 3.17.1 * add makefile targets for fmt,lint and test * providers/openstack: ignore ec2 metadata if not present * Sync repo templates ⚙ * docs: add changelog entry * proxmox: use noop provider if no configdrive * add noop provider * release-notes: remove "upcoming" Update to version 5.7.0: * cargo: Afterburn release 5.7.0 * docs/release-notes: update for release 5.7.0 * cargo: update dependencies * dhcp: replace dbus_proxy with proxy, and zbus traits * providers/hetzner: private ipv4 addresses in attributes * openstack: Document the two platforms * microsoft/azure: allow empty certificate chain in PKCS12 file * proxmoxve: implement proxmoxve provider * providers/hetzner: fix duplicate attribute prefix * cargo: Afterburn release 5.6.0 * docs/release-notes: update for release 5.6.0 * cargo: update dependencies * lint: silence deadcode warnings * lint: address latest lint's from msrv update * workflows/rust: directly update toolchain to 1.75.0 * cargo: update msrv to 1.75 * Sync repo templates ⚙ * providers: Add "akamai" provider * Sync repo templates ⚙ * cargo: Afterburn release 5.5.1 * docs/release-notes: update for release 5.5.1 * cargo: update dependencies * providers/vmware: add missing public functions for non-amd64 * cargo: Afterburn release 5.5.0 * Sync repo templates ⚙ * docs/release-notes: update for release 5.5.0 * cargo: update dependencies * ci: cancel previous build on PR update * providers/vmware: Process guestinfo.metadata netplan configuration * kubevirt: Run afterburn-hostname service * providers: add support for scaleway * Move away from deprecated `users` to `uzers` * Sync repo templates ⚙ * providers/hetzner: add support for Hetzner Cloud * cargo: update MSRV to 1.71 * chore: Get rid of Clippy warnings * cargo: specify required features for nix dependency * Sync repo templates ⚙ * openstack: Add attribute OPENSTACK_INSTANCE_UUID * cargo: Afterburn release 5.4.3 * docs/release-notes: update for release 5.4.3 * cargo: update dependencies * cargo: allow openssl 0.10.46 * ci: strip debug symbols * Sync repo templates ⚙ * build-sys: Use new tier = 2 for cargo-vendor-filterer * Sync repo templates ⚙ * cargo: Afterburn release 5.4.2 * docs/release-notes: update for release * docs/release-notes: note Azure SSH regression fix with new openssl * cargo: fix minimum version of openssl crate * microsoft/crypto/mod: replace deprecated function `parse` with `parse2` * Update mockito to 1.0.1 * cli: switch to clap derive * cli: add descriptive value names for option arguments in --help * cli: have clap require exactly one of --cmdline/--provider * providers/*: move endpoint mocking into retry::Client * retry/client: move URL parsing into helper function * providers/microsoft: import crate::retry * providers/microsoft: use stored client for all fetches * providers/packet: use stored client for boot checkin * Sync repo templates ⚙ * docs: Use upstream theme & update to 0.4.1 * initrd: remember to write trailing newline to network kargs file * util: drop obsolete "OEM" terminology * Update to clap 4 * workflows: update clippy to 1.67 * Fix clippy lints * Inline variables into format strings The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-SLE-Micro-6.0-363 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2025/suse-su-202520429-1/ Link for SUSE-SU-2025:20429-1 https://lists.suse.com/pipermail/sle-updates/2025-June/040507.html E-Mail link for SUSE-SU-2025:20429-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1244675 SUSE Bug 1244675 https://www.suse.com/security/cve/CVE-2025-3416/ SUSE CVE CVE-2025-3416 page SUSE Linux Micro 6.0 afterburn-5.8.2-1.1 afterburn-dracut-5.8.2-1.1 afterburn-5.8.2-1.1 as a component of SUSE Linux Micro 6.0 afterburn-dracut-5.8.2-1.1 as a component of SUSE Linux Micro 6.0 A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL treating the input as an empty string. CVE-2025-3416 SUSE Linux Micro 6.0:afterburn-5.8.2-1.1 SUSE Linux Micro 6.0:afterburn-dracut-5.8.2-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202520429-1/ https://www.suse.com/security/cve/CVE-2025-3416.html CVE-2025-3416 https://bugzilla.suse.com/1242599 SUSE Bug 1242599