22 matches found
OESA-2026-2946 rpm-ostree security update
rpm-ostree is a hybrid image/package system. It supports "composing" packages on a build server into an OSTree repository, which can then be replicated by client systems with atomic upgrades. Additionally, unlike many "pure" image systems, with rpm-ostree each client system can layer on additiona...
OESA-2026-2945 rpm-ostree security update
rpm-ostree is a hybrid image/package system. It supports "composing" packages on a build server into an OSTree repository, which can then be replicated by client systems with atomic upgrades. Additionally, unlike many "pure" image systems, with rpm-ostree each client system can layer on additiona...
OPENSUSE-SU-2026:21241-1 Security update for buildah
This update for buildah fixes the following issues - CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded labels allows for validation bypass and privilege escalation bsc1266648. - CVE-2026-39829: golang.org/x/crypto/ssh: pathological RSA/DSA parameters may cause D...
Security update for amazon-ecs-init (important)
openSUSE security update: security update for amazon-ecs-init ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:21013-1 Rating: important References: bsc1265843 bsc1266652 Cross-References: CVE-2026-33814 CVE-2026-39821 CVSS scores: CVE-2026-33814 SUS...
SUSE-SU-2026:2640-1 Security update for containerd
This update for containerd fixes the following issues - CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2 :path pseudo- header bsc1260296. - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad...
SUSE-SU-2026:2639-1 Security update for containerd
This update for containerd fixes the following issues - CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2 :path pseudo- header bsc1260296. - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad...
SUSE-SU-2026:22320-1 Security update for amazon-ecs-init
This update for amazon-ecs-init fixes the following issues Update to version 1.103.2: - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265843. - CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded...
OPENSUSE-SU-2026:21010-1 Security update for google-cloud-sap-agent
This update for google-cloud-sap-agent fixes the following issues - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265764. - CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded labels allows for...
Security update for yq
This update for yq fixes the following issues: CVE-2026-25680,CVE-2026-25681,CVE-2026-27136,CVE-2026-42502,CVE-2026-42506: golang.org/x/net/html: multiple issues when parsing HTML files bsc1267053. CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded labels allows...
openSUSE 16 Security Update : cargo-c (openSUSE-SU-2026:20060-1)
The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20060-1 advisory. - CVE-2025-4574: crossbeam-channel: Fixed double-free on drop in Channel::discardallmessages bsc1243179 - CVE-2025-58160: tracing-subscriber:...
Security update for sevctl
This update for sevctl fixes the following issues: CVE-2024-12224: idna: Fixed improper validation of unsafe equivalence in punycode. bsc1243860 CVE-2025-3416: openssl: Fixed use-after-free in Md::fetch and Cipher::fetch bsc1242618 Patch Instructions: To install this SUSE update use the SUSE...
SUSE-SU-2025:03307-1 Security update for sevctl
This update for sevctl fixes the following issues: - CVE-2024-12224: idna: Fixed improper validation of unsafe equivalence in punycode. bsc1243860 - CVE-2025-3416: openssl: Fixed use-after-free in Md::fetch and Cipher::fetch bsc1242618...
Security update for sevctl
This update for sevctl fixes the following issues: CVE-2024-12224: idna: Fixed improper validation of unsafe equivalence in punycode. bsc1243860 CVE-2025-3416: openssl: Fixed use-after-free in Md::fetch and Cipher::fetch bsc1242618 Patch Instructions: To install this SUSE update use the SUSE...
SUSE-SU-2025:03306-1 Security update for sevctl
This update for sevctl fixes the following issues: - CVE-2024-12224: idna: Fixed improper validation of unsafe equivalence in punycode. bsc1243860 - CVE-2025-3416: openssl: Fixed use-after-free in Md::fetch and Cipher::fetch bsc1242618...
Security update for rustup
This update for rustup fixes the following issues: CVE-2024-12224: Fixed improper validation of unsafe equivalence in punycode bsc1243862 CVE-2025-3416: Fixed use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate bsc1242617 Patch Instructions: To install this SUSE update use the SUS...
SUSE-SU-2025:03298-1 Security update for rustup
This update for rustup fixes the following issues: - CVE-2024-12224: Fixed improper validation of unsafe equivalence in punycode bsc1243862 - CVE-2025-3416: Fixed use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate bsc1242617...
SUSE-SU-2025:20783-1 Security update for sevctl
This update for sevctl fixes the following issues: - CVE-2025-3416: openssl: Fixed Use-After-Free in Md::fetch and Cipher::fetch bsc1242618 - CVE-2024-12224: idna: Fixed Punycode improper validation bsc1243860...
Security update for sevctl
This update for sevctl fixes the following issues: CVE-2025-3416: openssl: Fixed Use-After-Free in Md::fetch and Cipher::fetch bsc1242618 CVE-2024-12224: idna: Fixed Punycode improper validation bsc1243860 Patch Instructions: To install this SUSE update use the SUSE recommended installation metho...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : sccache (SUSE-SU-2025:02768-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:02768-1 advisory. - Update to version 0.4.24: - CVE-2024-12224: Fixed improper validation of unsafe equivalence in punycod...
Security update for sccache
This update for sccache fixes the following issues: Update to version 0.4.24: CVE-2024-12224: Fixed improper validation of unsafe equivalence in punycode. bsc1243868 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...