Security update for patch

This update for patch fixes the following issues: CVE-2019-20633: Fix double-free/OOB read in pch.c bsc1167721 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for...

Security update for protobuf

This update for protobuf fixes the following issues: CVE-2024-7254: Fixed a stack overflow vulnerability in protocol buffers bsc1230778 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run...

Security update for opensc

This update for opensc fixes the following issues: CVE-2024-8443: Fixed heap buffer overflow in OpenPGP driver when generating key bsc1230364 CVE-2024-45620: Fixed incorrect handling of the length of buffers or files in pkcs15init bsc1230076 CVE-2024-45619: Fixed incorrect handling length of...

Security update for sevctl

This update for sevctl fixes the following issues: Security issue fixed: CVE-2023-50711: Fixed out of bounds memory accesses in a vendored dependency bsc1218502 Non-security issue fixed: Update vendored dependencies and re-enable cargo update obs service bsc1229953 Patch Instructions: To install...

Security update for systemd

This update for systemd fixes the following issues: Import commit 0512d0d1fc0b54a84964281708036a46ab39c153 0512d0d1fc cgroup: Rename effective limits internal table jscPED-5659 765846b70b cgroup: Restrict effective limits with global resource provision jscPED-5659 e29909088b test: Add effective...

Security update for glib2

This update for glib2 fixes the following issues: Fixed a possible use after free regression introduced by CVE-2024-34397 patch bsc1224044. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can...

Security update for curl

This update for curl fixes the following issues: Security issues fixed: CVE-2024-7264: ASN.1 date parser overread bsc1228535 CVE-2024-6197: Freeing stack buffer in utf8asn1str bsc1227888 CVE-2024-2379: QUIC certificate check bypass with wolfSSL bsc1221666 CVE-2024-2466: TLS certificate check bypa...

Security update for kernel-firmware

This update for kernel-firmware fixes the following issues: Update to version 20240712: amdgpu: update DMCUB to v0.0.225.0 for Various AMDGPU Asics qcom: add gpu firmwares for x1e80100 chipset bsc1219458 linux-firmware: add firmware for qat402xx devices amdgpu: update raven firmware amdgpu: updat...

Security update for podman

This update for podman fixes the following issues: CVE-2024-6104: Fixed dependency issue with go-retryablehttp: url might write sensitive information to log file bsc1227052. Update to version 4.9.5: Bump to v4.9.5 Update release notes for v4.9.5 fix "concurrent map writes" in network ls compat...

Security update for buildah

This update for buildah fixes the following issues: Update to version 1.35.5 CVE-2024-11218: Fix TOCTOU error when bind and cache mounts use "src" values. bsc1236272 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

Security update for orc

This update for orc fixes the following issues: CVE-2024-40897: Fixed stack-based buffer overflow in the Orc compiler when formatting error messages for certain input files bsc1228184 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

Security update for krb5

This update for krb5 fixes the following issues: CVE-2025-24528: Fixed out-of-bounds write caused by overflow when calculating ulog block size can lead to process crash bsc1236619. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate...

Security update for libxml2

This update for libxml2 fixes the following issues: CVE-2022-49043: Fixed a use-after-free in xmlXIncludeAddNode. bsc1236460 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the comman...

Security update for google-osconfig-agent

This update for google-osconfig-agent fixes the following issues: Update to version 20250115.01 bsc1236406, bsc1236407 CVE-2024-24790: Bump the golang compiler version to 1.22.4 bsc1225974 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

Security update for libxml2

This update for libxml2 fixes the following issues: CVE-2022-49043: Fixed a use-after-free in xmlXIncludeAddNode. bsc1236460 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the comman...

Security update for iperf

This update for iperf fixes the following issues: Update to version 3.18 CVE-2024-53580: Fixed a segmentation violation via the iperfexchangeparameters function. bsc1234705 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 Confidential Computing kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-52489: mm/sparsemem: fix race in accessing memorysection-usage bsc1221326. CVE-2024-26596: net: dsa: fix netdevpriv dereference before...

Security update for nodejs22

This update for nodejs22 fixes the following issues: Update to 22.13.1: CVE-2025-23083: Fixed worker permission bypass via InternalWorker leak in diagnostics bsc1236251 CVE-2025-23085: Fixed HTTP2 memory leak on premature close and ERRPROTO bsc1236250 CVE-2025-22150: Fixed insufficiently random...

Security update for go1.22

This update for go1.22 fixes the following issues: Update to go1.22.11 bsc1218424 CVE-2024-45341: Properly check for IPv6 hosts in URIs bsc1236045 CVE-2024-45336: Persist header stripping across repeated redirects bsc1236046 Patch Instructions: To install this SUSE update use the SUSE recommended...

Security update for java-21-openjdk

This update for java-21-openjdk fixes the following issues: Upgrade to upstream tag jdk-21.0.6+7 January 2025 CPU Security fixes: CVE-2025-21502: Enhance array handling JDK-8330045, bsc1236278 Other changes: JDK-6942632: Hotspot should be able to use more than 64 logical processors on Windows...

Security update for amazon-ssm-agent

This update for amazon-ssm-agent fixes the following issues: Update to version 3.3.1611.0: CVE-2025-21613: Fixed argument injection via the URL field in github.com/go-git/go-git/v5 bsc1235575 Full changelog: https://github.com/aws/amazon-ssm-agent/compare/3.1.1260.0...3.3.1611.0 Patch Instruction...

Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005549 fixes several issues. The following security issues were fixed: CVE-2024-41057: cachefiles: fix slab-use-after-free in cachefileswithdrawcookie bsc1229275. CVE-2024-36971: Fixed dstnegativeadvice race bsc1226324. CVE-2024-50264: vsock/virtio:...

Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002317 fixes several issues. The following security issues were fixed: CVE-2024-40921: net: bridge: mst: pass vlan group directly to brmstvlansetstate bsc1227784. CVE-2024-40920: net: bridge: mst: fix suspicious rcu usage in brmstsetstate bsc1227781...

Security update for the Linux Kernel (Live Patch 14 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005565 fixes several issues. The following security issues were fixed: CVE-2024-41057: cachefiles: fix slab-use-after-free in cachefileswithdrawcookie bsc1229275. CVE-2024-36971: Fixed dstnegativeadvice race bsc1226324. CVE-2024-50264: vsock/virtio:...

Security update for the Linux Kernel (Live Patch 24 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024111 fixes several issues. The following security issues were fixed: CVE-2024-36971: Fixed dstnegativeadvice race bsc1226324. CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956: ipv...

Security update for the Linux Kernel (Live Patch 22 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024103 fixes one issue. The following security issue was fixed: CVE-2024-36971: Fixed dstnegativeadvice race bsc1226324. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

Security update for the Linux Kernel (Live Patch 27 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024122 fixes several issues. The following security issues were fixed: CVE-2024-36971: Fixed dstnegativeadvice race bsc1226324. CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956: ipv...

Security update for the Linux Kernel (Live Patch 48 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059174 fixes several issues. The following security issues were fixed: CVE-2024-36971: Fixed dstnegativeadvice race bsc1226324. CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956: ipv6...

Security update for the Linux Kernel (Live Patch 46 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059167 fixes several issues. The following security issues were fixed: CVE-2024-36971: Fixed dstnegativeadvice race bsc1226324. CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956: ipv6...

Security update for the Linux Kernel (Live Patch 41 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059150 fixes one issue. The following security issue was fixed: CVE-2024-36971: Fixed dstnegativeadvice race bsc1226324. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

Security update for the Linux Kernel (Live Patch 9 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005544 fixes several issues. The following security issues were fixed: CVE-2024-41057: cachefiles: fix slab-use-after-free in cachefileswithdrawcookie bsc1229275. CVE-2024-36971: Fixed dstnegativeadvice race bsc1226324. Patch Instructions: To install...

Security update for cdi-apiserver-container, cdi-cloner-container, cdi-controller-container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy-container, cdi-uploadserver-container, cont

This update for cdi-apiserver-container, cdi-cloner-container, cdi-controller-container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy-container, cdi-uploadserver-container, containerized-data-importer fixes the following issues: Install nbdkit-server to avoid pulling unneeded...

Security update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-t

This update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container fixes the following issues: Drop...

Security update for nvidia-open-driver-G06-signed

This update for nvidia-open-driver-G06-signed fixes the following issues: Update to 550.144.03 bsc1235461, bsc1235871 fixes CVE-2024-0131, CVE-2024-0147, CVE-2024-0149, CVE-2024-0150, CVE-2024-53869 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-49035: media: s5pcec: limit msg.len to CECMAXMSGSIZE bsc1215304. CVE-2024-53146: NFSD: Prevent a potential integer overflow bsc1234853. CVE-2024-53156: wifi:...

Security update for pam_u2f

This update for pamu2f fixes the following issues: CVE-2025-23013: Fixed problematic PAMIGNORE return values in pamsmauthenticate bsc1233517 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you ca...

Security update for pam_u2f

This update for pamu2f fixes the following issues: CVE-2025-23013: Fixed problematic PAMIGNORE return values in pamsmauthenticate bsc1233517 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you ca...

Security update for pam_u2f

This update for pamu2f fixes the following issues: CVE-2025-23013: Fixed problematic PAMIGNORE return values in pamsmauthenticate bsc1233517 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you ca...

Security update for amazon-ssm-agent

This update for amazon-ssm-agent fixes the following issues: Update to version 3.3.1611.0: CVE-2025-21613: Fixed argument injection via the URL field in github.com/go-git/go-git/v5 bsc1235575 Full changelog: https://github.com/aws/amazon-ssm-agent/compare/3.1.1260.0...3.3.1611.0 Patch Instruction...

Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005573 fixes several issues. The following security issues were fixed: CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1232637...

Security update for the Linux Kernel (Live Patch 4 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002322 fixes several issues. The following security issues were fixed: CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2023-52752: smb: client: fix use-after-free bug in cifsdebugdataprocshow...

Security update for pam_u2f

This update for pamu2f fixes the following issues: CVE-2025-23013: Fixed problematic PAMIGNORE return values in pamsmauthenticate bsc1233517 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you ca...

Security update for rsync

This update for rsync fixes the following issues: CVE-2024-12085: leak of uninitialized stack data on the server leading to possible ASLR bypass. bsc1234101 CVE-2024-12086: leak of a client machine's file contents through the processing of checksum data. bsc1234102 CVE-2024-12087: arbitrary file...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-26924: scsi: lpfc: Release hbalock before calling lpfcworkerwakeup bsc1225820. CVE-2024-27397: netfilter: nftables: use timestamp to check for set element...

Security update for xen

This update for xen fixes the following issues: CVE-2024-53241: Xen hypercall page unsafe against speculative attacks bsc1234282. Bug fixes: Update to Xen 4.18.4 security bug fix release bsc1027519 x86: Prefer ACPI reboot over UEFI ResetSystem run time service call No other changes mentioned in...

Security update for the Linux Kernel (Live Patch 47 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059170 fixes several issues. The following security issues were fixed: CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1232637...

Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024119 fixes several issues. The following security issues were fixed: CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1232637...

Security update for rsync

This update for rsync fixes the following issues: CVE-2024-12084: heap buffer overflow in checksum parsing. bsc1234100 CVE-2024-12085: leak of uninitialized stack data on the server leading to possible ASLR bypass. bsc1234101 CVE-2024-12086: leak of a client machine's file contents through the...

Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005552 fixes several issues. The following security issues were fixed: CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1232637...

Security update for the Linux Kernel (Live Patch 9 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005544 fixes several issues. The following security issues were fixed: CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1232637. Patch...