SUSE-SU-2026:1520-1 Security update 5.1.3 for Multi-Linux Manager Client Tools

This update fixes the following issues: golang-github-lusitaniae-apacheexporter: - Internal changes to fix build issues with no impact for customers spacecmd: - Version 5.1.13-0 Updated translation strings uyuni-tools: - Version 5.1.26-0 Fixed applying PTF with images from RPMs bsc1252548 Ssl Key...

Security update 5.1.3 for Multi-Linux Manager Client Tools

This update fixes the following issues: spacecmd: Version 5.1.13-0 Update translation strings uyuni-tools: Version 5.1.26-0 Fix applying PTF with images from RPMs bsc1252548 Ssl Key file can miss if CA password is blank bsc1254154 mgrpxy ssh tuning should happens before crypto policies bsc1254619...

Security update for libvirt

This update for libvirt fixes the following issues: Security fixes: CVE-2025-13193: Fixed umask for 'qemu-img' when creating external inactive snapshots bsc1253703 CVE-2025-12748: Fixed check ACLs before parsing the whole domain XML bsc1253278 Other fixes: libvirt-supportconfig: Add support for...

Security update for libvirt

This update for libvirt fixes the following issues: Security fixes: CVE-2025-13193: Fixed umask for 'qemu-img' when creating external inactive snapshots bsc1253703 CVE-2025-12748: Fixed check ACLs before parsing the whole domain XML bsc1253278 Other fixes: libvirt-supportconfig: Add support for...

SUSE-SU-2026:0080-1 Security update for libvirt

This update for libvirt fixes the following issues: Security fixes: - CVE-2025-13193: Fixed umask for 'qemu-img' when creating external inactive snapshots bsc1253703 - CVE-2025-12748: Fixed check ACLs before parsing the whole domain XML bsc1253278 Other fixes: - libvirt-supportconfig: Add support...

Security update for libvirt

This update for libvirt fixes the following issues: Security fixes: CVE-2025-13193: Fixed umask for 'qemu-img' when creating external inactive snapshots bsc1253703 CVE-2025-12748: Fixed check ACLs before parsing the whole domain XML bsc1253278 Other fixes: libvirt-supportconfig: Add support for...

EUVD-2016-2697

Malware in sbrugna...

Security update for xen

This update for xen fixes the following issues: CVE-2024-45818: Fixed deadlock in x86 HVM standard VGA handling XSA-463 bsc1232622. CVE-2024-45819: Fixed libxl data leaks to PVH guests via ACPI tables XSA-464 bsc1232624. Bug fixes: Remove usage of net-tools-deprecated from supportconfig plugin...

SUSE-SU-2024:4116-1 Security update for xen

This update for xen fixes the following issues: - CVE-2024-45818: Fixed deadlock in x86 HVM standard VGA handling XSA-463 bsc1232622. - CVE-2024-45819: Fixed libxl data leaks to PVH guests via ACPI tables XSA-464 bsc1232624. Bug fixes: - Remove usage of net-tools-deprecated from supportconfig...

SUSE-SU-2024:4073-1 Security update for xen

This update for xen fixes the following issues: Security issues fixed: - CVE-2024-45818: xen: Deadlock in x86 HVM standard VGA handling bsc1232622 - CVE-2024-45819: xen: libxl leaks data to PVH guests via ACPI tables bsc1232624 - CVE-2024-45817: xen: x86: Deadlock in vlapicerror bsc1230366...

SUSE-SU-2024:3977-1 Security update for xen

This update for xen fixes the following issues: - CVE-2024-45818: Fixed deadlock in x86 HVM standard VGA handling XSA-463 bsc1232622. - CVE-2024-45819: Fixed libxl data leaks to PVH guests via ACPI tables XSA-464 bsc1232624. Bug fixes: - Remove usage of net-tools-deprecated from supportconfig...

SUSE-SU-2023:3822-1 Security update for supportutils

This update for supportutils fixes the following issues: Security fixes: - CVE-2022-45154: Removed iSCSI passwords bsc1207598. Other Fixes: - Changes in version 3.1.26 + powerpc plugin to collect the slots and active memory bsc1210950 + A Cleartext Storage of Sensitive Information vulnerability...

SUSE CVE-2010-3912

The supportconfig script in supportutils in SUSE Linux Enterprise 11 SP1 and 10 SP3 does not "disguise passwords" in configuration files, which has unknown impact and attack vectors...

SUSE CVE-2016-1602

A code injection in the supportconfig data collection tool in supportutils in SUSE Linux Enterprise Server 12 and 12-SP1 and SUSE Linux Enterprise Desktop 12 and 12-SP1 could be used by local attackers to execute code as the user running supportconfig usually root...

CVE-2022-45154 supportconfig does not remove passwords in /etc/iscsi/iscsid.conf and /etc/target/lio_setup.sh

A Cleartext Storage of Sensitive Information vulnerability in suppportutils of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15, SUSE Linux Enterprise Server 15 SP3 allows attackers that get access to the support logs to gain knowledge of the stored credentials This issue affects:...

Security update for hostinfo, supportutils (important)

openSUSE Security Update: Security update for hostinfo, supportutils Announcement ID: openSUSE-SU-2019:1351-1 Rating: important References: 1054979 1099498 1115245 1117751 1117776 1118460 1118462 1118463 1125623 1125666 Cross-References: CVE-2018-19636 CVE-2018-19637 CVE-2018-19638 CVE-2018-19639...

openSUSE Security Update : salt (openSUSE-2018-1574)

This update for salt fixes the following issues : - Crontab module fix: file attributes option missing boo1114824 - Fix gitpillar merging across multiple env repositories boo1112874 - Bugfix: unable to detect os arch when RPM is not installed boo1114197 - Fix LDAP authentication issue when a vali...

openSUSE: Security Advisory for salt (openSUSE-SU-2018:4197-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Novell SUSE Linux Enterprise Server/SUSE Linux Enterprise Desktop Code Injection Vulnerability

SuSE Linux Enterprise Server and SUSE Linux Enterprise Desktop are both enterprise server versions of the Linux operating system from the American company Novell. A code injection vulnerability exists in the supportconfig data collection tool in supportutils in Novell SUSE Linux Enterprise Server...

Code injection

A code injection in the supportconfig data collection tool in supportutils in SUSE Linux Enterprise Server 12 and 12-SP1 and SUSE Linux Enterprise Desktop 12 and 12-SP1 could be used by local attackers to execute code as the user running supportconfig usually root...