Security update 5.1.1 for Multi-Linux Manager Client Tools SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2025:3819-1 Final 1 1 2025-10-28T07:20:07Z current 2025-10-28T07:20:07Z 2025-10-28T07:20:07Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update 5.1.1 for Multi-Linux Manager Client Tools This update fixes the following issues: dracut-saltboot was updated from version 0.1 to version 1.0.0: - Version 1.0.0 bugs fixed: * Reboot on salt key timeout (bsc#1237495) * Fixed parsing files with space in the name (bsc#1252100) golang-github-prometheus-alertmanager was updated from version 0.26.0 to 0.28.1 to : - Security issues fixed: * CVE-2025-47908: Fixed a Denial of Service vulnerability (bsc#1247748) - Version 0.28.1 changes and bugs fixed (jsc#PED-13285): * Improved performance of inhibition rules when using Equal labels. * Improve the documentation on escaping in UTF-8 matchers. * Update alertmanager_config_hash metric help to document the hash is not cryptographically strong. * Fixed panic in amtool when using --verbose. * Fixed templating of channel field for Rocket.Chat. * Fixed rocketchat_configs written as rocket_configs in docs. * Fixed usage for --enable-feature flag. * Trim whitespace from OpsGenie API Key. * Fixed Jira project template not rendered when searching for existing issues. * Fixed subtle bug in JSON/YAML encoding of inhibition rules that would cause Equal labels to be omitted. * Fixed header for slack_configs in docs. * Fixed weight and wrap of Microsoft Teams notifications. - Version 0.28.0 changes and bugs fixed: * Templating errors in the SNS integration now return an error. * Adopt log/slog, drop go-kit/log. * Added a new Microsoft Teams integration based on Flows. * Added a new Rocket.Chat integration. * Added a new Jira integration. * Added support for GOMEMLIMIT, enable it via the feature flag --enable-feature=auto-gomemlimit. * Added support for GOMAXPROCS, enable it via the feature flag --enable-feature=auto-gomaxprocs. * Added support for limits of silences including the maximum number of active and pending silences, and the maximum size per silence (in bytes). You can use the flags --silences.max-silences and --silences.max-silence-size-bytes to set them accordingly. * Muted alerts now show whether they are suppressed or not in both the /api/v2/alerts endpoint and the Alertmanager UI. - Version 0.27.0 changes and bugs fixed: * API: Removal of all api/v1/ endpoints. These endpoints now log and return a deprecation message and respond with a status code of 410. * UTF-8 Support: Introduction of support for any UTF-8 character as part of label names and matchers. * Discord Integration: Enforce max length in message. * Metrics: Introduced the experimental feature flag --enable-feature=receiver-name-in-metrics to include the receiver name. * Metrics: Introduced a new gauge named alertmanager_inhibition_rules that counts the number of configured inhibition rules. * Metrics: Introduced a new counter named alertmanager_alerts_supressed_total that tracks muted alerts, it contains a reason label to indicate the source of the mute. * Discord Integration: Introduced support for webhook_url_file. * Microsoft Teams Integration: Introduced support for webhook_url_file. * Microsoft Teams Integration: Added support for summary. * Metrics: Notification metrics now support two new values for the label reason, contextCanceled and contextDeadlineExceeded. * Email Integration: Contents of auth_password_file are now trimmed of prefixed and suffixed whitespace. * amtool: Fixes the error scheme required for webhook url when using amtool with --alertmanager.url. * Mixin: Fixed AlertmanagerFailedToSendAlerts, AlertmanagerClusterFailedToSendAlerts, and AlertmanagerClusterFailedToSendAlerts to make sure they ignore the reason label. grafana was updated to from version 11.5.5 to 11.5.7: - Security issues fixed: * CVE-2025-6023: Fixed cross-site-scripting via scripted dashboards (bsc#1246735) * CVE-2025-6197: Fixed open redirect in organization switching (bsc#1246736) * CVE-2025-3415: Fixed exposure of DingDing alerting integration URL to Viewer level users (bsc#1245302) - Other bugs fixed: * Azure: Fixed legend formatting. * Azure: Fixed resource name determination in template variable queries. mgr-push was updated from version 5.1.3 to 5.1.4: - Use absolute paths when invoking external commands python-defusedxml: - New package implemented at version 0.7.1 rhnlib was updated from version 5.1.2 to 5.1.3: - Use more secure defusedxml parser (bsc#1227577) spacecmd was updated from version 5.1.8 to 5.1.11: - Version 5.1.11 changes and bugs fixed: * Make spacecmd work with Python 3.12 and higher * Call print statements properly in Python 3 - Version 5.1.10 changes and bugs fixed: * Fixed use of renamed config parser class where the backward compatible alias was dropped in latest python version (bsc#1246586) - Version 5.1.9 changes and bugs fixed: * Fixed installation of python lib files on Ubuntu 24.04 spacewalk-client-tools was updated from version 5.1.6 to 5.1.7: - Fixed syntax error in changelog supportutils-plugin-susemanager-client was updated from version 5.1.3 to 5.1.4: - Fixed syntax error in changelog uyuni-tools was updated from version 5.1.15 to 5.1.20: - Version 5.1.20 changes and bugs fixed: * Added migration for server monitoring configuration (bsc#1247688) - Version 5.1.19 changes and bugs fixed: * Added a lowercase version of --logLevel (bsc#1243611) * Stop executing scripts in temporary folder (bsc#1243704) * support config: collect podman inspect for hub container (bsc#1245099) * Use new dedicated path for Cobbler settings (bsc#1244027) * Migrate custom auto installation snippets (bsc#1246320) * Added SUSE Linux Enterprise 15 SP7 to buildin productmap * Fixed loading product map from mgradm configuration file (bsc#1246068) * Fixed channel override for distro copy * Do not use sudo when running as a root user (bsc#1246882) * Do not require backups to be at the same location for restoring (bsc#1246906) * Fixed recomputing proxy images when installing a PTF or TEST (bsc#1246553) * Added mgradm server rename to change the server FQDN (bsc#1229825) * If no DB SSL CA parameter is given, use the other one (bsc#1245120) * More fault tolerant mgradm stop (bsc#1243331) * Backup systemd dropin directory too and create if missing * Added 3rd party SSL options for upgrade and migration scenarios * Do not consider stderr output of podman as an error (bsc#1247836) * Restore SELinux contexts for restored backup volumes (bsc#1244127) * Automatically get up-to-date systemid file on salt based proxy hosts (bsc#1246789) * Bump the default image tag to 5.1.1 - Version 5.1.18 changes and bugs fixed: * Updated translation strings - Version 5.1.17 changes and bugs fixed: * Upgrade of saline should use scale function (bsc#1246864) - Version 5.1.16 changes and bugs fixed: * Use database backup volume as temporary backup location (bsc#1246628) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2025-3819,SUSE-MultiLinuxManagerTools-SLE-15-2025-3819,SUSE-MultiLinuxManagerTools-SLE-Micro-5-2025-3819 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2025/suse-su-20253819-1/ Link for SUSE-SU-2025:3819-1 https://lists.suse.com/pipermail/sle-security-updates/2025-October/023070.html E-Mail link for SUSE-SU-2025:3819-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1019074 SUSE Bug 1019074 https://bugzilla.suse.com/1227577 SUSE Bug 1227577 https://bugzilla.suse.com/1229825 SUSE Bug 1229825 https://bugzilla.suse.com/1237495 SUSE Bug 1237495 https://bugzilla.suse.com/1243331 SUSE Bug 1243331 https://bugzilla.suse.com/1243611 SUSE Bug 1243611 https://bugzilla.suse.com/1243704 SUSE Bug 1243704 https://bugzilla.suse.com/1244027 SUSE Bug 1244027 https://bugzilla.suse.com/1244127 SUSE Bug 1244127 https://bugzilla.suse.com/1245099 SUSE Bug 1245099 https://bugzilla.suse.com/1245120 SUSE Bug 1245120 https://bugzilla.suse.com/1245302 SUSE Bug 1245302 https://bugzilla.suse.com/1246068 SUSE Bug 1246068 https://bugzilla.suse.com/1246320 SUSE Bug 1246320 https://bugzilla.suse.com/1246553 SUSE Bug 1246553 https://bugzilla.suse.com/1246586 SUSE Bug 1246586 https://bugzilla.suse.com/1246628 SUSE Bug 1246628 https://bugzilla.suse.com/1246735 SUSE Bug 1246735 https://bugzilla.suse.com/1246736 SUSE Bug 1246736 https://bugzilla.suse.com/1246789 SUSE Bug 1246789 https://bugzilla.suse.com/1246864 SUSE Bug 1246864 https://bugzilla.suse.com/1246882 SUSE Bug 1246882 https://bugzilla.suse.com/1246906 SUSE Bug 1246906 https://bugzilla.suse.com/1247688 SUSE Bug 1247688 https://bugzilla.suse.com/1247748 SUSE Bug 1247748 https://bugzilla.suse.com/1247836 SUSE Bug 1247836 https://bugzilla.suse.com/1252100 SUSE Bug 1252100 https://www.suse.com/security/cve/CVE-2025-3415/ SUSE CVE CVE-2025-3415 page https://www.suse.com/security/cve/CVE-2025-47908/ SUSE CVE CVE-2025-47908 page https://www.suse.com/security/cve/CVE-2025-6023/ SUSE CVE CVE-2025-6023 page https://www.suse.com/security/cve/CVE-2025-6197/ SUSE CVE CVE-2025-6197 page SUSE Multi Linux Manager Tools SLE-15 SUSE Multi Linux Manager Tools SLE-Micro-5 dracut-saltboot-1.0.0-150002.3.3.1 golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3 grafana-11.5.7-150002.4.3.3 mgr-push-5.1.4-150002.3.3.3 mgrctl-5.1.20-150002.3.3.3 mgrctl-bash-completion-5.1.20-150002.3.3.3 mgrctl-lang-5.1.20-150002.3.3.3 mgrctl-zsh-completion-5.1.20-150002.3.3.3 python2-defusedxml-0.7.1-150002.1.3.2 python3-defusedxml-0.7.1-150002.1.3.2 python3-mgr-push-5.1.4-150002.3.3.3 python3-rhnlib-5.1.3-150002.3.3.2 python3-spacewalk-client-tools-5.1.7-150002.3.3.3 spacecmd-5.1.11-150002.3.3.2 spacewalk-client-tools-5.1.7-150002.3.3.3 supportutils-plugin-susemanager-client-5.1.4-150002.3.3.2 dracut-saltboot-1.0.0-150002.3.3.1 as a component of SUSE Multi Linux Manager Tools SLE-15 golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3 as a component of SUSE Multi Linux Manager Tools SLE-15 grafana-11.5.7-150002.4.3.3 as a component of SUSE Multi Linux Manager Tools SLE-15 mgr-push-5.1.4-150002.3.3.3 as a component of SUSE Multi Linux Manager Tools SLE-15 mgrctl-5.1.20-150002.3.3.3 as a component of SUSE Multi Linux Manager Tools SLE-15 mgrctl-bash-completion-5.1.20-150002.3.3.3 as a component of SUSE Multi Linux Manager Tools SLE-15 mgrctl-lang-5.1.20-150002.3.3.3 as a component of SUSE Multi Linux Manager Tools SLE-15 mgrctl-zsh-completion-5.1.20-150002.3.3.3 as a component of SUSE Multi Linux Manager Tools SLE-15 python3-defusedxml-0.7.1-150002.1.3.2 as a component of SUSE Multi Linux Manager Tools SLE-15 python3-mgr-push-5.1.4-150002.3.3.3 as a component of SUSE Multi Linux Manager Tools SLE-15 python3-rhnlib-5.1.3-150002.3.3.2 as a component of SUSE Multi Linux Manager Tools SLE-15 python3-spacewalk-client-tools-5.1.7-150002.3.3.3 as a component of SUSE Multi Linux Manager Tools SLE-15 spacecmd-5.1.11-150002.3.3.2 as a component of SUSE Multi Linux Manager Tools SLE-15 spacewalk-client-tools-5.1.7-150002.3.3.3 as a component of SUSE Multi Linux Manager Tools SLE-15 supportutils-plugin-susemanager-client-5.1.4-150002.3.3.2 as a component of SUSE Multi Linux Manager Tools SLE-15 dracut-saltboot-1.0.0-150002.3.3.1 as a component of SUSE Multi Linux Manager Tools SLE-Micro-5 mgrctl-5.1.20-150002.3.3.3 as a component of SUSE Multi Linux Manager Tools SLE-Micro-5 mgrctl-bash-completion-5.1.20-150002.3.3.3 as a component of SUSE Multi Linux Manager Tools SLE-Micro-5 mgrctl-lang-5.1.20-150002.3.3.3 as a component of SUSE Multi Linux Manager Tools SLE-Micro-5 mgrctl-zsh-completion-5.1.20-150002.3.3.3 as a component of SUSE Multi Linux Manager Tools SLE-Micro-5 Grafana is an open-source platform for monitoring and observability. The Grafana Alerting DingDing integration was not properly protected and could be exposed to users with Viewer permission. Fixed in versions 10.4.19+security-01, 11.2.10+security-01, 11.3.7+security-01, 11.4.5+security-01, 11.5.5+security-01, 11.6.2+security-01 and 12.0.1+security-01 CVE-2025-3415 SUSE Multi Linux Manager Tools SLE-15:dracut-saltboot-1.0.0-150002.3.3.1 SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3 SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3 SUSE Multi Linux Manager Tools SLE-15:mgr-push-5.1.4-150002.3.3.3 SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3 SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.20-150002.3.3.3 SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.20-150002.3.3.3 SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.20-150002.3.3.3 SUSE Multi Linux Manager Tools SLE-15:python3-defusedxml-0.7.1-150002.1.3.2 SUSE Multi Linux Manager Tools SLE-15:python3-mgr-push-5.1.4-150002.3.3.3 SUSE Multi Linux Manager Tools SLE-15:python3-rhnlib-5.1.3-150002.3.3.2 SUSE Multi Linux Manager Tools SLE-15:python3-spacewalk-client-tools-5.1.7-150002.3.3.3 SUSE Multi Linux Manager Tools SLE-15:spacecmd-5.1.11-150002.3.3.2 SUSE Multi Linux Manager Tools SLE-15:spacewalk-client-tools-5.1.7-150002.3.3.3 SUSE Multi Linux Manager Tools SLE-15:supportutils-plugin-susemanager-client-5.1.4-150002.3.3.2 SUSE Multi Linux Manager Tools SLE-Micro-5:dracut-saltboot-1.0.0-150002.3.3.1 SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3 SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.20-150002.3.3.3 SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.20-150002.3.3.3 SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.20-150002.3.3.3 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20253819-1/ https://www.suse.com/security/cve/CVE-2025-3415.html CVE-2025-3415 https://bugzilla.suse.com/1245302 SUSE Bug 1245302 Middleware causes a prohibitive amount of heap allocations when processing malicious preflight requests that include a Access-Control-Request-Headers (ACRH) header whose value contains many commas. This behavior can be abused by attackers to produce undue load on the middleware/server as an attempt to cause a denial of service. CVE-2025-47908 SUSE Multi Linux Manager Tools SLE-15:dracut-saltboot-1.0.0-150002.3.3.1 SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3 SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3 SUSE Multi Linux Manager Tools SLE-15:mgr-push-5.1.4-150002.3.3.3 SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3 SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.20-150002.3.3.3 SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.20-150002.3.3.3 SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.20-150002.3.3.3 SUSE Multi Linux Manager Tools SLE-15:python3-defusedxml-0.7.1-150002.1.3.2 SUSE Multi Linux Manager Tools SLE-15:python3-mgr-push-5.1.4-150002.3.3.3 SUSE Multi Linux Manager Tools SLE-15:python3-rhnlib-5.1.3-150002.3.3.2 SUSE Multi Linux Manager Tools SLE-15:python3-spacewalk-client-tools-5.1.7-150002.3.3.3 SUSE Multi Linux Manager Tools SLE-15:spacecmd-5.1.11-150002.3.3.2 SUSE Multi Linux Manager Tools SLE-15:spacewalk-client-tools-5.1.7-150002.3.3.3 SUSE Multi Linux Manager Tools SLE-15:supportutils-plugin-susemanager-client-5.1.4-150002.3.3.2 SUSE Multi Linux Manager Tools SLE-Micro-5:dracut-saltboot-1.0.0-150002.3.3.1 SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3 SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.20-150002.3.3.3 SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.20-150002.3.3.3 SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.20-150002.3.3.3 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20253819-1/ https://www.suse.com/security/cve/CVE-2025-47908.html CVE-2025-47908 https://bugzilla.suse.com/1247746 SUSE Bug 1247746 An open redirect vulnerability has been identified in Grafana OSS that can be exploited to achieve XSS attacks. The vulnerability was introduced in Grafana v11.5.0. The open redirect can be chained with path traversal vulnerabilities to achieve XSS. Fixed in versions 12.0.2+security-01, 11.6.3+security-01, 11.5.6+security-01, 11.4.6+security-01 and 11.3.8+security-01 CVE-2025-6023 SUSE Multi Linux Manager Tools SLE-15:dracut-saltboot-1.0.0-150002.3.3.1 SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3 SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3 SUSE Multi Linux Manager Tools SLE-15:mgr-push-5.1.4-150002.3.3.3 SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3 SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.20-150002.3.3.3 SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.20-150002.3.3.3 SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.20-150002.3.3.3 SUSE Multi Linux Manager Tools SLE-15:python3-defusedxml-0.7.1-150002.1.3.2 SUSE Multi Linux Manager Tools SLE-15:python3-mgr-push-5.1.4-150002.3.3.3 SUSE Multi Linux Manager Tools SLE-15:python3-rhnlib-5.1.3-150002.3.3.2 SUSE Multi Linux Manager Tools SLE-15:python3-spacewalk-client-tools-5.1.7-150002.3.3.3 SUSE Multi Linux Manager Tools SLE-15:spacecmd-5.1.11-150002.3.3.2 SUSE Multi Linux Manager Tools SLE-15:spacewalk-client-tools-5.1.7-150002.3.3.3 SUSE Multi Linux Manager Tools SLE-15:supportutils-plugin-susemanager-client-5.1.4-150002.3.3.2 SUSE Multi Linux Manager Tools SLE-Micro-5:dracut-saltboot-1.0.0-150002.3.3.1 SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3 SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.20-150002.3.3.3 SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.20-150002.3.3.3 SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.20-150002.3.3.3 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20253819-1/ https://www.suse.com/security/cve/CVE-2025-6023.html CVE-2025-6023 https://bugzilla.suse.com/1246735 SUSE Bug 1246735 An open redirect vulnerability has been identified in Grafana OSS organization switching functionality. Prerequisites for exploitation: - Multiple organizations must exist in the Grafana instance - Victim must be on a different organization than the one specified in the URL CVE-2025-6197 SUSE Multi Linux Manager Tools SLE-15:dracut-saltboot-1.0.0-150002.3.3.1 SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3 SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3 SUSE Multi Linux Manager Tools SLE-15:mgr-push-5.1.4-150002.3.3.3 SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3 SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.20-150002.3.3.3 SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.20-150002.3.3.3 SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.20-150002.3.3.3 SUSE Multi Linux Manager Tools SLE-15:python3-defusedxml-0.7.1-150002.1.3.2 SUSE Multi Linux Manager Tools SLE-15:python3-mgr-push-5.1.4-150002.3.3.3 SUSE Multi Linux Manager Tools SLE-15:python3-rhnlib-5.1.3-150002.3.3.2 SUSE Multi Linux Manager Tools SLE-15:python3-spacewalk-client-tools-5.1.7-150002.3.3.3 SUSE Multi Linux Manager Tools SLE-15:spacecmd-5.1.11-150002.3.3.2 SUSE Multi Linux Manager Tools SLE-15:spacewalk-client-tools-5.1.7-150002.3.3.3 SUSE Multi Linux Manager Tools SLE-15:supportutils-plugin-susemanager-client-5.1.4-150002.3.3.2 SUSE Multi Linux Manager Tools SLE-Micro-5:dracut-saltboot-1.0.0-150002.3.3.1 SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3 SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.20-150002.3.3.3 SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.20-150002.3.3.3 SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.20-150002.3.3.3 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20253819-1/ https://www.suse.com/security/cve/CVE-2025-6197.html CVE-2025-6197 https://bugzilla.suse.com/1246736 SUSE Bug 1246736