251 matches found
ALSA-2025:9878 Important: libblockdev security update
The libblockdev packages provide a C library with GObject introspection support used for low-level operations on block devices. The library serves as a thin wrapper around plug-ins for specific functionality, such as LVM, Btrfs, LUKS, or MD RAID. Security Fixes: libblockdev: LPE from allowactive ...
CLSA-2025-1750688636 gcc: Fix of CVE-2020-11023
CVE-2020-11023: sanitize HTML content passed to DOM manipulation methods to prevent execution of untrusted code...
Security update for golang-github-prometheus-prometheus
This update for golang-github-prometheus-prometheus fixes the following issues: Security issues fixed: CVE-2023-45288: Require Go = 1.23 for building bsc1236516 CVE-2025-22870: Bump golang.org/x/net to version 0.39.0 bsc1238686 Version was updated to 2.53.4 with the following bug fixes: Runtime:...
Security update for Multi-Linux Manager Client Tools
This update fixes the following issues: golang-github-prometheus-prometheus was updated to version 2.53.4: Security issues fixed: CVE-2023-45288: Require Go = 1.23 for building bsc1236516 CVE-2025-22870: Bumped golang.org/x/net to version 0.39.0 bsc1238686 Other bugs fixes from version 2.53.4:...
Security update for Multi-Linux Manager Client Tools
This update fixes the following issues: golang-github-prometheus-prometheus was updated to version 2.53.4: Security issues fixed: CVE-2023-45288: Require Go = 1.23 for building bsc1236516 CVE-2025-22870: Bumped golang.org/x/net to version 0.39.0 bsc1238686 Other bugs fixes from version 2.53.4:...
CLSA-2025-1749568472 java-1.8.0-openjdk: Fix of 3 CVEs
Upgrade openjdk-shenandoah-jdk8u-shenandoah-jdk8u452-b09. That fixes the following CVE: CVE-2025-21587, CVE-2025-30691 and CVE-2025-30698...
CLSA-2025-1749548768 Update of alt-php
Bump ABI 4.15.0-248...
CLSA-2025-1749548339 Update of alt-php
Bump ABI 4.4.0-275...
Expired Pointer Dereference
Overview Affected versions of this package are vulnerable to Expired Pointer Dereference via 'xmlSchematronGetNode function in Schematron validator. An attacker can cause a crash or execute arbitrary code by triggering use of freed memory. Remediation Upgrade libxml2 to version 2.14.5 or higher...
CLSA-2025-1749481186 mysql: Fix of 20 CVEs
Update to MySQL 8.0.42 - CVEs fixed: CVE-2025-21574 CVE-2025-21577 CVE-2025-21579 CVE-2025-21581 CVE-2025-21584 CVE-2025-21585 CVE-2025-30681 CVE-2025-30682 CVE-2025-30683 CVE-2025-30684 CVE-2025-30688 CVE-2025-30689 CVE-2025-30695 CVE-2025-30696 CVE-2025-30699 CVE-2025-30703 CVE-2025-30705...
SUSE-SU-2025:01713-1 Security update for govulncheck-vulndb
This update for govulncheck-vulndb fixes the following issues: - Update to version 0.0.20250523T151856 2025-05-23T15:18:56Z jscPED-11136 GO-2025-3699 GO-2025-3690 GO-2025-3691 GO-2025-3692 GO-2025-3693 GO-2025-3694 GO-2025-3696 GO-2025-3697 GO-2025-3698 GO-2025-3699 GO-2025-3700 GO-2025-3701...
CLSA-2025-1747926350 Update of python
Version was updated...
CLSA-2025-1747854497 Update of expat
Version was updated...
CLSA-2025-1747431252 Update of alt-php
Bump ABI 4.4.0-274...
CLSA-2025-1747431031 Update of alt-php
Bump ABI 4.15.0-247...
CLSA-2025-1745587914 libxslt: Fix of CVE-2025-24855
CVE-2025-24855: fix use-after-free of XPath context node...
[SECURITY] Fedora 40 Update: rust-zip-2.6.1-1.fc40
Library to support the reading and writing of zip files...
CLSA-2025-1744874696 Fix CVE(s): CVE-2024-7592
SECURITY UPDATE: Quadratic complexity, resulting in excess CPU while parsing - debian/patches/CVE-2024-7592.patch: fix quadratic complexity in parsing "-quoted cookie values with backslashes - CVE-2024-7592...
CLSA-2025-1744714100 Update of alt-php
Bump ABI 4.4.0-273...
python311-PyJWT-2.10.1-2.1 on GA media (moderate)
python311-PyJWT-2.10.1-2.1 on GA media Announcement ID: openSUSE-SU-2025:14987-1 Rating: moderate Cross-References: CVE-2022-29217 CVSS scores: CVE-2022-29217 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can...