Security update for 389-ds

This update for 389-ds fixes the following issues: Update to LTS branch 2.7 jscPED-14342: CVE-2025-14905: Fixed heap buffer overflow due to improper size calculation in schemaattrenumcallback callback bsc1258727. Bug fixes: Resolve python build error that caused lib389 to be missing some librarie...

Security update for openCryptoki

This update for openCryptoki fixes the following issues: CVE-2026-22791: Fixed supplying malformed compressed EC public key can lead to heap corruption or denial-of-service bsc1256673. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

Security update for bind

This update for bind fixes the following issues: Upgrade to release 9.20.11 CVE-2025-40777: Fixed a possible assertion failure when stale-answer-client-timeout is set to 0. bsc1246548 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

Security update for rabbitmq-server313

This update for rabbitmq-server313 fixes the following issues: CVE-2025-30219: incorrectly escaped virtual hostname present in error message could lead to XSS attack. bsc1240071 Non-security fixes: Require rabbitmq-server313-plugins rather then rabbitmq-server-plugins. bsc1231656, bsc1234763 Patc...

Security update for rabbitmq-server313

This update for rabbitmq-server313 fixes the following issues: CVE-2025-30219: incorrectly escaped virtual hostname present in error message could lead to XSS attack. bsc1240071 Non-security fixes: Require rabbitmq-server313-plugins rather then rabbitmq-server-plugins. bsc1231656, bsc1234763 Patc...

Security update for redis

This update for redis fixes the following issues: CVE-2025-21605: Fixed an output buffer denial of service. bsc1241708 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command list...

Security update for bind

This update for bind fixes the following issues: Update to release 9.18.33 Security Fixes: CVE-2024-11187: Fixes CPU exhaustion caused by many records in the additional section bsc1236596 CVE-2024-12705: Fixes multiple issues in DNS-over-HTTPS implementation when under heavy query load bsc1236597...

Security update for gtk3

This update for gtk3 fixes the following issues: CVE-2024-6655: Fixed library injection from current working directory bsc1228120. Other fixes: - Updated to version 3.24.43 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...

Security update for libgsf

This update for libgsf fixes the following issues: CVE-2024-42415, CVE-2024-36474: Fixed integer overflows affecting memory allocation bsc1231282, bsc1231283. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

SUSE CVE-2022-45153

An Incorrect Default Permissions vulnerability in saphanabootstrap-formula of SUSE Linux Enterprise Module for SAP Applications 15-SP1, SUSE Linux Enterprise Server for SAP 12-SP5; openSUSE Leap 15.4 allows local attackers to escalate to root by manipulating the sudo configuration that is created...

Huawei HarmonyOS directory traversal vulnerability

Huawei HarmonyOS is an operating system from Huawei, a Chinese company that provides a microkernel-based distributed operating system. A directory traversal vulnerability exists in the Applications module of Huawei HarmonyOS version 2.0, which provides a microkernel-based, full-scenario distribut...

Huawei HarmonyOS 输入验证错误漏洞

Huawei HarmonyOS is an operating system from Huawei, China. An input validation error vulnerability exists in the System Applications module of Huawei HarmonyOS, which provides a microkernel-based, full-scenario distributed operating system. The vulnerability stems from the program's inability to...

Huawei HarmonyOS 路径遍历漏洞

Huawei HarmonyOS is an operating system from Huawei, a Chinese company that provides a microkernel-based distributed operating system. A directory traversal vulnerability exists in the Applications module of Huawei HarmonyOS version 2.0, which provides a microkernel-based, full-scenario distribut...