Security update for hauler (moderate)

openSUSE security update: security update for hauler ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20662-1 Rating: moderate References: bsc1258614 Cross-References: CVE-2026-24122 CVSS scores: CVE-2026-24122 SUSE : 3.7...

OPENSUSE-SU-2026:20662-1 Security update for hauler

This update for hauler fixes the following issues: Changes in hauler: - update to 1.4.2 bsc1258614, CVE-2026-24122: Bump github.com/theupdateframework/go-tuf/v2 from 2.3.0 to 2.3.1 in the gomodules group across 1 directory fix for new helm chart features Bump github.com/sigstore/rekor from 1.4.3 ...

openSUSE 16 Security Update : git-bug (openSUSE-SU-2025-20143-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025-20143-1 advisory. Changes in git-bug: - Revendor to include fixed version of depending libraries: - GO-2025-4116 CVE-2025-47913, bsc1253506 upgrade...

SUSE-SU-2025:21043-1 Security update for helm

This update for helm fixes the following issues: Update to version 3.19.1 bsc1251649, CVE-2025-58190, bsc1251442, CVE-2025-47911: choredeps: bump github.com/containerd/containerd from 1.7.28 to 1.7.29 jsonschema: warn and ignore unresolved URN $ref to match v3.18.4 Avoid "panic: interface...

This Week in Spring: September 30th, 2025

Hi, Spring fans! As I write this I am about to board a flight for Colorado for the amazing Dev2Next conference! I'll be in Antwerp, Beglium for the amazing Devoxx event next week, and I'll be speaking at the Amsterdam JUG with James Ward on the Thursday after that, too! If you're around, be sure ...

SUSE-SU-2025:0719-1 Recommended update for Maven

This update for Maven fixes the following issues: maven-dependency-analyzer was updated from version 1.13.2 to 1.15.1: - Key changes across versions: Bug fixes and improved support of dynamic types Dependency upgrades ASM, Maven core, and notably the removal of commons-io Improved error handling ...

SUSE-SU-2024:4301-1 Security update for nodejs18

This update for nodejs18 fixes the following issues: - CVE-2024-21538: Fixed regular expression denial of service in cross-spawn dependency bsc1233856 Other fixes: - Update to 18.20.5 esm: mark import attributes and JSON module as stable deps: + upgrade npm to 10.8.2 + update simdutf to 5.6.0 +...

SUSE-SU-2024:4272-1 Security update for nodejs18

This update for nodejs18 fixes the following issues: - CVE-2024-21538: Fixed regular expression denial of service in cross-spawn dependency bsc1233856 - Update to 18.20.5 esm: mark import attributes and JSON module as stable deps: + upgrade npm to 10.8.2 + update simdutf to 5.6.0 + update brotli ...

SUSE: Security Advisory (SUSE-SU-2024:1304-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2024:1304-1 Security update for eclipse, maven-surefire, tycho

This update for eclipse, maven-surefire, tycho fixes the following issues: eclipse received the following security fix: - CVE-2023-4218: Fixed a bug where parsing files with xml content laeds to XXE attacks. bsc1216992 maven-sunfire was updated from version 2.22.0 to 2.22.2: - Changes in version...

SUSE: Security Advisory (SUSE-SU-2023:2097-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Spring Session 2022.0.0-M3 Released

On behalf of the team, I’m pleased to announce the release of Spring Session 2022.0.0-M3. These releases deliver, enhancements, bug fixes, and dependency upgrades. For your convenience, Spring Boot will pick up these artifacts with its upcoming releases. The following modules were updated as part...

Spring Security 5.8.0-M1 and 6.0.0-M6 are released

On behalf of the team and everyone who has contributed, I am pleased to announce that Spring Security 5.8.0-M1 and 6.0.0-M6 are available now. This release includes dependency upgrades, bug fixes, and enhancements. Here are a few noteworthy changes: Deferred SecurityContext lookup...