SUSE CVE-2025-38663

In the Linux kernel, the following vulnerability has been resolved: nilfs2: reject invalid file types when reading inodes To prevent inodes with invalid file types from tripping through the vfs and causing malfunctions or assertion failures, add a missing sanity check when reading an inode from a...

Security update for gdk-pixbuf

This update for gdk-pixbuf fixes the following issues: CVE-2025-6199: Fixed uninitialized memory leading to arbitrary memory contents leak bsc1245227 CVE-2025-7345: Fixed heap buffer overflow within the gdkpixbufjpegimageloadincrement function bsc1246114 Patch Instructions: To install this SUSE...

Security update for rust-keylime

This update for rust-keylime fixes the following issues: Update slab to version 0.4.11: CVE-2025-55159: Fixed incorrect bounds check in getdisjointmut function bsc1248006 Update to version 0.2.8+12: builddeps: bump actions/checkout from 4 to 5 builddeps: bump cfg-if from 1.0.0 to 1.0.1 builddeps:...

Security update for libxml2

This update for libxml2 fixes the following issues: CVE-2025-6021: Integer Overflow in xmlBuildQName Leads to Stack Buffer Overflow in libxml2 bsc1244580 CVE-2025-6170: stack buffer overflow may lead to a crash bsc1244700 CVE-2025-7425: Heap Use-After-Free in libxslt caused by atype corruption in...

Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002360 fixes several issues. The following security issues were fixed: CVE-2025-38494: HID: core: do not bypass hidhwrawrequest bsc1247350. CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID bsc1247351. Patch...

Security update for the Linux Kernel (Live Patch 21 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005588 fixes several issues. The following security issues were fixed: CVE-2025-38494: HID: core: do not bypass hidhwrawrequest bsc1247350. CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID bsc1247351...

Security update for go1.24-openssl

This update for go1.24-openssl fixes the following issues: Updated to go1.24.6 released 2025-08-06 bsc1236217: - CVE-2025-4674: Fixed unexpected command execution in untrusted VCS repositories in cmd/go bsc1246118 - CVE-2025-47906: Fixed incorrect expansion of "", "." and ".." in some PATH...

Security update for apache-commons-lang3

This update for apache-commons-lang3 fixes the following issues: Update to version 3.18.0 CVE-2025-48924: Fixed an uncontrolled recursion vulnerability that may lead to a DoS. bsc1246397 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

Security update for rust-keylime

This update for rust-keylime fixes the following issues: Update to version 0.2.7+141: CVE-2025-58266: shlex: Fixed command injection bsc1247193 Update to version 0.2.7+117: CVE-2023-26964: rust-keylime: hyper,h2: stream stacking when H2 processing HTTP2 RSTSTREAM frames bsc1210344. CVE-2024-12224...

Security update for kubernetes1.26

This update for kubernetes1.26 fixes the following issues: CVE-2025-22872: Properly handle trailing solidus in unquoted attribute value in foreign content bsc1241865. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

Security update for apache-commons-lang3

This update for apache-commons-lang3 fixes the following issues: CVE-2025-48924: Fixed an uncontrolled recursion vulnerability that may lead to a DoS. bsc1246397 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

Security update for libgcrypt

This update for libgcrypt fixes the following issues: CVE-2024-2236: timing-based side-channel flaw in RSA implementation can lead to decryption of RSA ciphertexts bsc1221107. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...

Security update for tiff

This update for tiff fixes the following issues: CVE-2025-8176: Fixed heap use-after-free in tools/tiffmedian.c bsc1247108 CVE-2025-8177: Fixed possible buffer overflow in tools/thumbnail.c:setrow when processing malformed TIFF files bsc1247106 Patch Instructions: To install this SUSE update use...

Security update for python313

This update for python313 fixes the following issues: CVE-2025-8194: Fixed denial of service caused by tar archives with negative offsets bsc1247249. CVE-2025-6069: Avoid worst case quadratic complexity when processing certain crafted malformed inputs with HTMLParser bsc1244705. CVE-2025-4435:...

Security update for libgcrypt

This update for libgcrypt fixes the following issues: CVE-2024-2236: timing-based side-channel flaw in RSA implementation can lead to decryption of RSA ciphertexts bsc1221107. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...

Security update for nginx

This update for nginx fixes the following issues: Security hardening: - Drop root priviledges while running logrotatei. bsc1246090 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...

PT-2025-31960 · Undefined · Undefined

📢BREAKING: CVE-2025-02701 Python vuln CVSS 6.8 patched in SUSE. Local privilege escalation risk! 🔐 Patch guide ⚠️ Container impact analysis. 📉 Compliance stats . Read more: 👉 https://t.co/X2STlybkx2 https://t.co/mF9A2QGv6o...

Security update for tgt

This update for tgt fixes the following issues: CVE-2024-45751: Fixed CHAP authentication bypass in user-space Linux target framework bsc1230360 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively yo...

Security update for redis

This update for redis fixes the following issues: CVE-2025-32023: Fixed out-of-bounds write when working with HyperLogLog commands can lead to remote code execution. bsc1246059 CVE-2025-48367: Fixed unauthenticated connection causing repeated IP protocol erros can lead to client starvation and Do...

Security update for coreutils

This update for coreutils fixes the following issues: CVE-2025-5278: Fixed heap buffer under-read ledaing to a crash or leak sensitive data bsc1243767 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...