SUSE-SU-2026:20134-1 Security update for busybox

This update for busybox fixes the following issues: Security fixes: - CVE-2025-60876: HTTP request header injection in wget bsc1253245. - CVE-2025-46394: Fixed tar hidden files via escape sequence bsc1241661. Other fixes: - Set CONFIGFIRSTSYSTEMID to 201 to avoid confclict bsc1236670 - Fix unshar...

EUVD-2021-17399

Malware in sbrugna...

EUVD-2025-2585

Malicious code in bioql PyPI...

Important: kernel-livepatch-6.1.147-172.259

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: bridge: mcast: Fix use-after-free during router port configuration CVE-2025-38248 Affected Packages: kernel-livepatch-6.1.147-172.259 Issue Correction: Please ensure you have live patching enabled. Run dnf update...

SUSE SLES15 Security Update : go1.24-openssl (SUSE-SU-2025:02837-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02837-1 advisory. Updated to go1.24.6 released 2025-08-06 bsc1236217: - CVE-2025-4674: Fixed unexpected command execution in untrusted VCS...

CVE-2025-38272 net: dsa: b53: do not enable EEE on bcm63xx

In the Linux kernel, the following vulnerability has been resolved: net: dsa: b53: do not enable EEE on bcm63xx BCM63xx internal switches do not support EEE, but provide multiple RGMII ports where external PHYs may be connected. If one of these PHYs are EEE capable, we may try to enable EEE for t...

CVE-2022-50003

In the Linux kernel, the following vulnerability has been resolved: ice: xsk: prohibit usage of non-balanced queue id Fix the following scenario: 1. ethtool -L $IFACE rx 8 tx 96 2. xdpsock -q 10 -t -z Above refers to a case where user would like to attach XSK socket in txonly mode at a queue id...

PT-2025-26149 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.19-rc5+ Description: A warning has been fixed in the Linux kernel for LoongArch when CONFIG CPUMASK OFFSTACK and CONFIG DEBUG PER CPU MAPS are selected. The issue generated a runtime warning while showing...

CVE-2021-30476

HashiCorp Terraform’s Vault Provider terraform-provider-vault did not correctly configure GCE-type bound labels for Vault’s GCP auth method. Fixed in 2.19.1...

Any user with view access to the XWiki space can change the authenticator

Impact A user who can access pages located in the XWiki space by default, anyone can access the page XWiki.Authentication.Administration and unless an authenticator is set in xwiki.cfg switch to another installed authenticator. Note that, by default, there is only one authenticator available...

CVE-2025-22118 ice: validate queue quanta parameters to prevent OOB access

In the Linux kernel, the following vulnerability has been resolved: ice: validate queue quanta parameters to prevent OOB access Add queue wraparound prevention in quanta configuration. Ensure endqid does not overflow by validating startqid and numqueues...

gitea -- Multiple vulnerabilities

[email protected] reports: Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NOPROXY environment variable is set to ".example.com", a request to "::1%25.example.com:80 will incorrectly match and not be proxied. go-redis ...

openSUSE 15 Security Update : etcd (SUSE-SU-2025:0357-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:0357-1 advisory. Security Update to version 3.5.18: Ensure all goroutines created by StartEtcd to exit before closing the errc mvcc: restore tombstone index if it's first...

Security update for haproxy

This update for haproxy fixes the following issues: Update to version 2.8.11+git0.01c1056a4: VUL-0: CVE-2024-53008: haproxy: HTTP/3 request smuggling via malformed HTTP headers forwarded to a HTTP/1.1 non-compliant back-end server bsc1233973 BUG/MINOR: cfgparse-listen: fix option httpslog overrid...

CVE-2024-56580 media: qcom: camss: fix error path on configuration of power domains

In the Linux kernel, the following vulnerability has been resolved: media: qcom: camss: fix error path on configuration of power domains There is a chance to meet runtime issues during configuration of CAMSS power domains, because on the error path devpmdomaindetach is unexpectedly called with NU...

SUSE SLES15 / openSUSE 15 Security Update : python (SUSE-SU-2024:4151-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:4151-1 advisory. - CVE-2024-11168: Fixed improper validation of IPv6 and IPvFuture addresses bsc1233307 Other fixes: - Add ipaddress module from...

Security update for python39

This update for python39 fixes the following issues: CVE-2024-11168: Improper validation of IPv6 and IPvFuture addresses bsc1233307. Bug fixes: Remove -IVendor/ from python-config bsc1231795. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

PT-2024-4669

Name of the Vulnerable Software and Affected Versions: OpenSSH versions 8.7 and 8.8 Description: A race condition vulnerability was discovered in how signals are handled by OpenSSH's server sshd. If a remote attacker does not authenticate within a set time period, then sshd's SIGALRM handler is...

SUSE-SU-2023:3711-1 Security update for redis7

This update for redis7 fixes the following issues: - CVE-2023-41053: Fixed SORTRO may bypass ACL configuration bsc1215094...

SUSE-SU-2023:1702-1 Security update for shim

This update for shim fixes the following issues: - Updated shim signature after shim 15.7 be signed back: signature-sles.x8664.asc, signature-sles.aarch64.asc bsc1198458 - Add POSTPROCESSPEFLAGS=-N to the build command in shim.spec to disable the NX compatibility flag when using post-process-pe...