SUSE CVE-2026-31526

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix exception exit lock checking for subprogs processbpfexitfull passes checklock = !curframe to checkresourceleak, which is false in cases when bpfthrow is called from a static subprog. This makes checkresourceleak to skip...

CLSA-2025-1762419767 Fix CVE(s): CVE-2022-3296

SECURITY UPDATE: Stack-based Buffer Overflow with unexpected :finally - debian/patches/CVE-2022-3296.patch: check CSFTRY can be found - CVE-2022-3296 Fix Testterminalnoblock - debian/patches/fix-flaky-terminal-noblock-test.patch...

EUVD-2025-13134

Malicious code in bioql PyPI...

EUVD-2025-5995

Malicious code in bioql PyPI...

SUSE CVE-2025-38274

In the Linux kernel, the following vulnerability has been resolved: fpga: fix potential null pointer deref in fpgamgrtestimgloadsgt fpgamgrtestimgloadsgt allocates memory for sgt using kunitkzalloc however it does not check if the allocation failed. It then passes sgt to sgalloctable, which passe...

CLSA-2024-1730480495 bind: Fix of CVE-2023-4408

CVE-2023-4408: speed up parsing of DNS messages with many different names - fix tests...

UBUNTU-CVE-2024-38617

In the Linux kernel, the following vulnerability has been resolved: kunit/fortify: Fix mismatched kvalloc/vfree usage The kv family of tests were accidentally freeing with vfree instead of kvfree. Use kvfree instead...

PT-2024-26784

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A descriptor leak issue has been resolved in the Linux kernel. The iaa compress and iaa decompress functions' disable async paths do not free idxd descriptors when req-dst is set to null...

CLSA-2023-1696537106 libxml2: Fix of 5 CVEs

CVE-2021-3517: fix flaw in the xml entity encoding - CVE-2021-3518: fix dangling pointers in entity reference nodes - CVE-2022-23308: fix use-after-free of ID and IDREF attributes - CVE-2022-40303: fix integer counters overflow when parsing a multi-gigabyte XML - CVE-2022-40304: fix double free...

ALSA-2023:5069 Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. The following packages have been upgraded to a later upstream version: kernel 5.14.0. Security Fixes: kernel: UAF in nftables when nftsetlookupglobal triggered after handling named and anonymous sets in batch...

CLSA-2023-1689885378 python2: Fix of CVE-2023-24329

CVE-2023-24329: part2: Start stripping C0 control and space chars in urlsplit - Also correct the first CVE-2023-24329 patch: Fix testattributesbadscheme to check for non-ascii symbol as first character of url...

Security Bulletin: FileNet Content Manager GraphQL jackson-databind security vulnerabilities, affected but not vulnerable

Summary FileNet Content Manager GraphQL jackson-databind security vulnerabilities CVE-2022-42003 and CVE-2022-42004, affected but not vulnerable Vulnerability Details CVEID:CVE-2022-42003 DESCRIPTION: FasterXML jackson-databind is vulnerable to a denial of service, caused by a lack of a check in...

OPENSUSE-SU-2021:0949-1 Security update for opera

This update for opera fixes the following issues: Update to version 77.0.4054.146 - CHR-8458 Update chromium on desktop-stable-91-4054 to 91.0.4472.114 - DNA-92171 Create active linkdiscovery service - DNA-92388 Fix and unskip WorkspacesEmoji.testChooseEmojiAsWorkspaceIcon when possible - DNA-931...

SUSE-SU-2020:0763-1 Security Beta update for Salt

This update fixes the following issues: salt: - Requiring python3-distro only for openSUSE/SLE = 15 - Use full option name instead of undocumented abbreviation for zypper - Python-distro is only needed for Python 3.7. Removing it for Python 2 - Fixed a local privilege escalation to root bsc115746...

OPENSUSE-SU-2020:0022-1 Security update for libgcrypt

This update for libgcrypt fixes the following issues: Security issues fixed: - CVE-2019-13627: Mitigation against an ECDSA timing attack bsc1148987. Bug fixes: - Added CMAC AES self test bsc1155339. - Added CMAC TDES self test missing bsc1155338. - Fix test dsa-rfc6979 in FIPS mode. This update w...

GStreamer security, bug fix, and enhancement update

clutter-gst2 2.0.18-1 - Update to 2.0.18 - Remove obsolete patches - Use license macro for COPYING - Resolves: 1386833 gnome-video-effects 0.4.3-1 - Update to 0.4.3 - Resolves: 1386968 0.4.1-5 - Fix URL rhbz1380981 gstreamer-plugins-bad-free 0.10.23-23 - Rebuild with hardened flags Resolves:...

SUSE-SU-2017:1611-1 Security update for glibc

This update for glibc fixes the following issues: - CVE-2017-1000366: Fix a potential privilege escalation vulnerability that allowed unprivileged system users to manipulate the stack of setuid binaries to gain special privileges. bsc1039357 - The incorrectly defined constant OTMPFILE has been...

mod_nss security, bug fix, and enhancement update

1.0.14-7 - Add the permission patch to the repository 1312583 1.0.14-6 - Check the NSS certificate database directory for read permissions by the Apache user. 1312583 1.0.14-5 - Update clean semaphore patch to not free the pinList twice. 1364560 1.0.14-4 - Update clean semaphore patch to not clos...