5373 matches found
Security update for the Linux Kernel (Live Patch 22 for SUSE Linux Enterprise 15 SP6)
This update for the SUSE Linux Enterprise Kernel 6.4.0-150600.23.95 fixes various security issues The following security issues were fixed: CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264096. CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit bsc1265224...
Security update for samba
This update for samba fixes the following issues CVE-2026-2340: vfsworm does not block directory modification bsc1261158. CVE-2026-3238: unauthenticated udp packet crashes AD DC nbt server bsc1261160. CVE-2026-4408: Remote Code Execution in SAMR bsc1261163. CVE-2026-4480: Unauthenticated Remote...
Security update for samba
This update for samba fixes the following issues CVE-2026-2340: vfsworm does not block directory modification bsc1261158. CVE-2026-3238: unauthenticated udp packet crashes AD DC nbt server bsc1261160. CVE-2026-4408: Remote Code Execution in SAMR bsc1261163. CVE-2026-4480: Unauthenticated Remote...
Security update for python
This update for python fixes the following issues CVE-2026-1703: files may be extracted outside the installation directory when installing and extracting maliciously crafted wheel archives bsc1257599. CVE-2026-3219: pip doesn't reject concatenated ZIP bsc1262429. CVE-2026-4786: Incomplete...
Security update for redis
This update for redis fixes the following issue CVE-2026-25243: invalid memory access in RESTORE command via a specially crafted serialized payload may lead to remote code execution bsc1264166. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for libsndfile
This update for libsndfile fixes the following issues CVE-2025-52194: buffer overflow in the ircamreadheader function of file src/ircam.c when processing malformed IRCAM audio files bsc1248458. CVE-2026-37555: IMA-ADPCM integer overflow bsc1263695. Patch Instructions: To install this SUSE update...
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues Update to Firefox Extended Support Release 140.11.0 ESR MFSA 2026-41, MFSA 2026-48 bsc1265212, bsc1264378: CVE-2026-8090: Use-after-free in the DOM: Networking component. CVE-2026-8092: Memory safety bugs fixed in Firefox ESR 115.35.2,...
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 140.8.0 ESR MFSA 2026-15 bsc1258568: CVE-2026-2757: Incorrect boundary conditions in the WebRTC: Audio/Video component CVE-2026-2758: Use-after-free in the JavaScript: GC component CVE-2026-2759:...
Security update for samba
This update for samba fixes the following issues CVE-2026-2340: vfsworm does not block directory modification bsc1261158. CVE-2026-3238: unauthenticated udp packet crashes AD DC nbt server bsc1261160. CVE-2026-4408: Remote Code Execution in SAMR bsc1261163. CVE-2026-4480: Unauthenticated Remote...
Security update for nginx
This update for nginx fixes the following issues CVE-2026-27651: denial of service via undisclosed requests when the ngxmailauthhttpmodule is enabled bsc1260415. CVE-2026-32647: NGINX worker memory over-read or over-write via a specially crafted MP4 file bsc1260420. CVE-2026-40701: heap...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues The following security issues were fixed: CVE-2022-50327: ACPI: processor: idle: Check acpifetchacpidev return value bsc1249859. CVE-2022-50334: hugetlbfs: fix null-ptr-deref in hugetlbfsparseparam bsc1249857...
Security update for runc
This update for runc fixes the following issues: CVE-2025-31133: Fixed container escape via 'masked path' abuse due to mount race conditions bsc1252232. CVE-2025-52565: Fixed container escape with malicious config due to /dev/console mount and related races bsc1252232. CVE-2025-52881: Fixed...
Security update for wireshark
This update for wireshark fixes the following issues CVE-2026-5401: AFP dissector crash bsc1263756. CVE-2026-5403: SBC audio codec crash bsc1263765. CVE-2026-5404: K12 RF5 file parser crash bsc1263766. CVE-2026-5405: RDP dissector crash bsc1263767. CVE-2026-5406: FC-SWILS dissector crash...
Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise 15 SP7)
This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.53.34 fixes various security issues The following security issues were fixed: CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264096. CVE-2026-23243: RDMA/umad: Reject negative datalen in ibumadwrite bsc1259798. CVE-2026-23274...
Security update for java-1_8_0-ibm
This update for java-180-ibm fixes the following issues CVE-2026-22007: APIs in the specified component can lead to an unauthorized read access bsc1262490. CVE-2026-22013: unauthenticated attacker with network access can access to critical data bsc1262494. CVE-2026-22016: APIs in the specified...
Security update for postgresql15
This update for postgresql15 fixes the following issues Update to version 15.18. Security issues: CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. CVE-2026-6474: Guard against...
Security update for go1.26-openssl
This update for go1.26-openssl fixes the following issues: Update to go 1.26.1 bsc1255111, jscSLE-18320: CVE-2026-25679: net/url: reject IPv6 literal not at start of host bsc1259264. CVE-2026-27137: crypto/x509: incorrect enforcement of email constraints bsc1259266. CVE-2026-27138: crypto/x509:...
Security update for java-21-openjdk
This update for java-21-openjdk fixes the following issues: Update to upstream tag jdk-21.0.8+9 July 2025 CPU: Security fixes: CVE-2025-30749: several scenarios can lead to heap corruption bsc1246595 CVE-2025-30754: incomplete handshake may lead to weakening TLS protections bsc1246598...
Security update for the Linux Kernel RT (Live Patch 16 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505001358 fixes several issues. The following security issues were fixed: CVE-2021-47598: schcake: do not call cakedestroy from cakeinit bsc1227471. CVE-2023-52752: smb: client: fix use-after-free bug in cifsdebugdataprocshow bsc1225819. CVE-2024-36899:...
Security update for apache2
This update for apache2 fixes the following issues CVE-2026-23918: http2: double free and possible RCE on early reset bsc1263957. CVE-2026-24072: modrewrite elevation of privileges via apexpr bsc1263935. CVE-2026-28780: heap buffer overflow in modproxyajp via ajpmsgcheckheader bsc1264163...
Security update for docker
This update for docker rebuilds it against the current go security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: Basesystem Module 15-S...
Security update for golang-github-prometheus-prometheus
This update for golang-github-prometheus-prometheus fixes the following issues: Security issues fixed: CVE-2023-45288: Require Go = 1.23 for building bsc1236516 CVE-2025-22870: Bump golang.org/x/net to version 0.39.0 bsc1238686 Version was updated to 2.53.4 with the following bug fixes: Runtime:...
Security update for qemu
This update for qemu fixes the following issues: CVE-2025-14876: qemu-kvm: Unbounded allocation in virtio-crypto bsc1255400. CVE-2026-0665: out-of-bounds heap access can lead to a denial of service or potential memory corruption bsc1256484. CVE-2026-2243: incorrect bounds check leads to heap...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues The following security issues were fixed: CVE-2023-2058: x86/CPU: Fix FPDSS on Zen1 bsc1243603. CVE-2025-54518: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache bsc1264013...
Security update for postgresql16
This update for postgresql16 fixes the following issues Security issues: CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. CVE-2026-6474: Guard against malicious time zone names...
Security update for samba
This update for samba fixes the following issues CVE-2026-2340: vfsworm does not block directory modification bsc1261158. CVE-2026-3012: group policy certificate enrollment uses http: // without validation bsc1261159. CVE-2026-3238: unauthenticated udp packet crashes AD DC nbt server bsc1261160...
Security update for python3
This update for python3 fixes the following issue: CVE-2026-1502: HTTP client proxy tunnel headers not validated for CR/LF bsc1261969. CVE-2026-3446: base64 decoding stops at first padded quad by default and ignores other information that could be processed bsc1261970. CVE-2026-4786: URLs prefixe...
Security update 5.0.7 for Multi-Linux Manager Client Tools
This update fixes the following issues: dracut-saltboot: Version update to 1.1.0: Retry DHCP requests up to 3 times bsc1253004 golang-github-QubitProducts-exporterexporter: Non-customer-facing optimization and update golang-github-boynux-squidexporter: Version update from 1.6.0 to 1.13.0 with the...
Security update for podman
This update for podman fixes the following issues: CVE-2025-31133: Fixed container escape via 'masked path' abuse due to mount race conditions bsc1252376 CVE-2025-52565: Fixed container escape with malicious config due to /dev/console mount and related races bsc1252376 CVE-2025-52881: Fixed...
Security update for redis
This update for redis fixes the following issues CVE-2026-23479: use-after-free in unblock client flow may lead to remote code execution bsc1264164. CVE-2026-23631: Lua use-after-free via the master-replica synchronization mechanism may lead to remote code execution bsc1264165. CVE-2026-25243:...
Security update for bubblewrap
This update for bubblewrap fixes the following issue CVE-2026-41163: improper process attachment via ptrace can lead to arbitrary privileged operations and local root escalation bsc1263113. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for samba
This update for samba fixes the following issues Security issues: CVE-2026-1933: Missing access check on reparse point operations bsc1261188. CVE-2026-2340: vfsworm does not block directory modification bsc1261158. CVE-2026-3012: group policy certificate enrollment uses http: // without validatio...
Security update for the Linux Kernel (Live Patch 71 for SUSE Linux Enterprise 12 SP5)
This update for the SUSE Linux Enterprise kernel 4.12.14-122.269 fixes various security issues The following security issues were fixed: CVE-2026-23004: dst: fix races in rt6uncachedlistdel and rtdeluncachedlist bsc1258655. CVE-2026-23204: net/sched: clsu32: use skbheaderpointercareful bsc1259126...
Security update for postgresql18
This update for postgresql18 fixes the following issues: Update to version 18.3 bsc1258754. Security issues fixed: CVE-2026-2003: improper validation of type "oidvector" may allow disclose a few bytes of server memory bsc1258008. CVE-2026-2004: intarray missing validation of type of input to...
Security update for go1.24-openssl
This update for go1.24-openssl fixes the following issues: Update to version 1.24.13 jscSLE-18320, bsc1236217. Security issues fixed: CVE-2025-61732: cmd/cgo: discrepancy between Go and C/C++ comment parsing allows for C code smuggling bsc1257692. CVE-2025-68119: cmd/go: unexpected code execution...
Security update for postgresql15
This update for postgresql15 fixes the following issues: Update to version 15.17 bsc1258754. Security issues fixed: CVE-2026-2003: improper validation of type "oidvector" may allow disclose a few bytes of server memory bsc1258008. CVE-2026-2004: intarray missing validation of type of input to...
Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issues: Update to Mozilla Thunderbird 140.1 MFSA 2025-63 bsc1246664: CVE-2025-8027: JavaScript engine only wrote partial return value to stack bmo1968423 CVE-2025-8028: Large branch table could lead to truncated instruction bmo1971581...
Security update for the Linux Kernel (Live Patch 50 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059182 fixes several issues. The following security issues were fixed: CVE-2024-53156: wifi: ath9k: add range check for connrspepid in htcconnectservice bsc1234847. CVE-2024-50115: KVM: nSVM: Ignore nCR34:0 when loading PDPTEs from memory bsc1233019...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF bsc1237918. CVE-2022-49465: blk-throttle: Set BIOTHROTTLED when bio has been throttled bsc1238919...
Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005568 fixes several issues. The following security issues were fixed: CVE-2021-47598: schcake: do not call cakedestroy from cakeinit bsc1227471. CVE-2023-52752: smb: client: fix use-after-free bug in cifsdebugdataprocshow bsc1225819. CVE-2024-36899:...
Security update for the Linux Kernel (Live Patch 78 for SUSE Linux Enterprise 12 SP5)
This update for the SUSE Linux Enterprise Kernel 4.12.14-122.296 fixes various security issues The following security issues were fixed: CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264096. CVE-2026-23243: RDMA/umad: Reject negative datalen in ibumadwrite bsc1259798. CVE-2026-46300:...
Security update for java-1_8_0-openjdk
This update for java-180-openjdk fixes the following issues CVE-2026-22007: APIs in the specified component can lead to an unauthorized read access bsc1262490. CVE-2026-22013: unauthenticated attacker with network access can access to critical data bsc1262494. CVE-2026-22016: APIs in the specifie...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 kernel was updated to fix various security issues The following security issues were fixed: CVE-2022-50697: mrp: introduce active flags to prevent UAF when applicant uninit bsc1255594. CVE-2023-54142: gtp: Fix use-after-free in gtpencapdestroy bsc1256095...
Security update for the Linux Kernel
The SUSE Linux Enterprise 12 SP5 kernel was updated to fix various security issues The following security issues were fixed: CVE-2022-50347: mmc: rtsxusbsdmmc: fix return value check of mmcaddhost bsc1249928. CVE-2022-50580: blk-throttle: prevent overflow while calculating wait time bsc1252542...
Security update for govulncheck-vulndb
This update for govulncheck-vulndb fixes the following issues: Update to version 0.0.20251209T172047 2025-12-09T17:20:47Z jscPED-11136. Go CVE Numbering Authority IDs added or updated with aliases: GO-2025-4006 CVE-2025-61725 GO-2025-4176 CVE-2025-65105 GHSA-j3rw-fx6g-q46j GO-2025-4177...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP7 RT kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-38008: mm/pagealloc: fix race condition in unaccepted memory handling bsc1244939. CVE-2025-38539: trace/fgraph: Fix the warning caused by missing unregister...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 Confidential Computing kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2019-11135: TSX Asynchronous Abort condition bsc1139073. CVE-2023-52888: media: mediatek: vcodec: Only free buffer VA that is not NULL...
Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-15060021 fixes several issues. The following security issues were fixed: CVE-2024-35905: Fixed int overflow for stack access size bsc1226327. CVE-2024-42133: Bluetooth: Ignore too large handle values in BIG bsc1231419 CVE-2024-35863: Fixed potential UAF in...
Security update for LibVNCServer
This update for LibVNCServer fixes the following issues: CVE-2026-44988: Fixed missing validation of rectangle width in tight gradient decoding can lead to server-triggered out-of-bounds write bsc1266459. Patch Instructions: To install this SUSE update use the SUSE recommended installation method...
Security update for ignition
This update for ignition fixes the following issue CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265751. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...