Important: Red Hat Security Advisory: RHOAI 2.16.0 - Red Hat OpenShift AI

Updated images are now available for Red Hat OpenShift AI. Release of RHOAI 2.16.0 provides these changes:...

SUSE-SU-2025:0338-1 Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: Upgrade to upstream tag jdk-11.0.26+4 January 2025 CPU Security fixes: - CVE-2025-21502: Enhance array handling JDK-8330045, bsc1236278 Other changes: - JDK-8224624: Inefficiencies in CodeStrings::addcomment cause - timeouts - JDK-822504...

SUSE-SU-2025:0328-1 Security update for clamav

This update for clamav fixes the following issues: New version 1.4.2: CVE-2025-20128, bsc1236307: Fixed a possible buffer overflow read bug in the OLE2 file parser that could cause a denial-of-service DoS condition. - Start clamonacc with --fdpass to avoid errors due to clamd not being able to...

Security update for git

This update for git fixes the following issues: git was updated to 2.45.1: CVE-2024-32002: recursive clones on case-insensitive filesystems that support symbolic links are susceptible to case confusion bsc1224168 CVE-2024-32004: arbitrary code execution during local clones bsc1224170...

Security update for openssl-3, libpulp, ulp-macros

This update for openssl-3, libpulp, ulp-macros fixes the following issues: openssl-3: - CVE-2024-6119: possible denial of service in X.509 name checks bsc1229465 - CVE-2024-5535: SSLselectnextproto buffer overread bsc1227138 - CVE-2024-4741: Fixed a use-after-free with SSLfreebuffers bsc1225551...

SUSE-SU-2025:20008-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-41014: xfs: add bounds checking to xlogrecoverprocessdata bsc1228408. - CVE-2024-41013: xfs: do not walk off the end of a directory data block bsc1228405...

DSA-5855-1 chromium - security update

Bulletin has no description...

Important: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.11.5 bug fixes and container updates

Red Hat Advanced Cluster Management for Kubernetes 2.11.5 General Availability release images, which provide enhancements, bug fixes, and updated container images. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS...

SUSE-SU-2025:0279-1 Security update for java-21-openjdk

This update for java-21-openjdk fixes the following issues: Upgrade to upstream tag jdk-21.0.6+7 January 2025 CPU Security fixes: - CVE-2025-21502: Enhance array handling JDK-8330045, bsc1236278 Other changes: - JDK-6942632: Hotspot should be able to use more than 64 logical processors on Windows...

GHSA-P953-3J66-HG45 vulnerabilities

Vulnerabilities for packages: spark-scala-2.13...

January 28, 2025—KB5050094 (OS Build 26100.3037) Preview

January 28, 2025—KB5050094 OS Build 26100.3037 Preview or information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 11, version 24H2, see its update history page. Note Follow @WindowsUpdate to...

SUSE-SU-2025:0251-1 Security update for the Linux Kernel (Live Patch 24 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024111 fixes several issues. The following security issues were fixed: - CVE-2024-36971: Fixed dstnegativeadvice race bsc1226324. - CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. - CVE-2022-4895...

About the security content of watchOS 11.3

About the security content of watchOS 11.3 This document describes the security content of watchOS 11.3. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are availabl...

Virtuozzo Hybrid Infrastructure 6.3 Update 1 (6.3.1-91)

In this release, Virtuozzo Hybrid Infrastructure provides a range of new features that cover improvements in the compute service, core and object storage, as well as monitoring and alerting. Additionally, this release delivers stability and security improvements, and addresses issues found in...

SUSE-SU-2025:0238-1 Security update for the Linux Kernel (Live Patch 44 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059161 fixes several issues. The following security issues were fixed: - CVE-2024-36971: Fixed dstnegativeadvice race bsc1226324. - CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. - CVE-2022-48956...

openSUSE 15 Security Update : gh (openSUSE-SU-2025:0021-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2025:0021-1 advisory. - Update to version 2.65.0: Bump cli/go-gh for indirect security vulnerability Panic mustParseTrackingRef if format is incorrect Move trackingRef into pr...

OPENSUSE-SU-2025:0021-1 Security update for gh

This update for gh fixes the following issues: - Update to version 2.65.0: Bump cli/go-gh for indirect security vulnerability Panic mustParseTrackingRef if format is incorrect Move trackingRef into pr create package Make tryDetermineTrackingRef tests more respective of reality Rework...

CVE-2024-57930 tracing: Have process_string() also allow arrays

In the Linux kernel, the following vulnerability has been resolved: tracing: Have processstring also allow arrays In order to catch a common bug where a TRACEEVENT TPfastassign assigns an address of an allocated string to the ring buffer and then references it in TPprintk, which can be executed...

CVE-2023-52923

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: adapt set backend to use GC transaction API Use the GC transaction API to replace the old and buggy gc API and the busy mark approach. No set elements are removed from async garbage collection anymore, instea...

SUSE CVE-2025-21647

In the Linux kernel, the following vulnerability has been resolved: sched: schcake: add bounds checks to host bulk flow fairness counts Even though we fixed a logic error in the commit cited below, syzbot still managed to trigger an underflow of the per-host bulk flow counters, leading to an out ...