5440 matches found
Security update for python313
This update for python313 fixes the following issues: Update to Python 3.13.12 CVE-2026-0672: Fixed a HTTP header injection via user-controlled cookie values and parameters when using http.cookies.Morsel. bsc1257031 CVE-2026-0865: Fixed a bug where a user-controlled header containing newlines can...
Security update 5.1.2 for Multi-Linux Manager Client Tools
This update fixes the following issues: golang-github-QubitProducts-exporterexporter: Non-customer-facing optimization around source building golang-github-lusitaniae-apacheexporter: Build without apparmor for openSUSE Leap 16, SLES 16 or newer Require Go 1.23 for building Update to version 1.0.1...
Security update 5.1.2 for Multi-Linux Manager Client Tools
This update fixes the following issues: golang-github-QubitProducts-exporterexporter: Non-customer-facing optimization around source building golang-github-lusitaniae-apacheexporter: Build without apparmor for openSUSE Leap 16, SLES 16 or newer Require Go 1.23 for building Update to version 1.0.1...
Security update for libpng12
This update for libpng12 fixes the following issues: CVE-2026-25646: heap buffer overflow vulnerability in pngsetdither/pngsetquantize bsc1258020. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...
Security update for openCryptoki
This update for openCryptoki fixes the following issues: CVE-2026-23893: Privilege Escalation or Data Exposure via Symlink Following bsc1257116. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively yo...
Security update for python-Django
This update for python-Django fixes the following issues: CVE-2025-14550: Fixed potential denial-of-service via repeated headers when using ASGIbsc1257403 CVE-2026-1312: Fixed potential SQL injection via QuerySet.orderby and FilteredRelation bsc1257408 CVE-2026-1287: Fixed potential SQL injection...
Security update for glibc
This update for glibc fixes the following issues: Security fixes: CVE-2026-0861: Fixed inadequate size check in the memalign suite may result in an integer overflow bsc1256766. CVE-2026-0915: Fixed uninitialized stack buffer used as DNS query name when net==0 in nssdnsgetnetbyaddrr bsc1256822...
Security update for java-21-openjdk
This update for java-21-openjdk fixes the following issues: Update to upstream tag jdk-21.0.10+7 January 2026 CPU Security fixes: CVE-2026-21925: Fixed Oracle Java SE component RMI bsc1257034. CVE-2026-21932: Fixed Oracle Java SE component AWT and JavaFX bsc1257036. CVE-2026-21933: Fixed Oracle...
Security update for openssl-1_1
This update for openssl-11 fixes the following issues: CVE-2026-22795: Missing ASN1TYPE validation in PKCS12 parsing bsc1256839. CVE-2025-69420: Missing ASN1TYPE validation in TSRESPverifyresponse function bsc1256837. CVE-2025-69421: NULL Pointer Dereference in PKCS12itemdecryptd2iex function...
Security update for java-25-openjdk
This update for java-25-openjdk fixes the following issues: Update to upstream tag jdk-25.0.2+10 January 2026 CPU Security fixes: CVE-2026-21925: Fixed Oracle Java SE component RMI bsc1257034. CVE-2026-21932: Fixed Oracle Java SE component AWT and JavaFX bsc1257036. CVE-2026-21933: Fixed Oracle...
Security update for java-11-openjdk
This update for java-11-openjdk fixes the following issues: Upgrade to upstream tag jdk-11.0.30+7 January 2026 CPU Security fixes: CVE-2026-21925: Fixed Oracle Java SE component RMI bsc1257034. CVE-2026-21932: Fixed Oracle Java SE component AWT and JavaFX bsc1257036. CVE-2026-21933: Fixed Oracle...
Security update for openssl-1_0_0
This update for openssl-100 fixes the following issues: CVE-2025-68160: Heap out-of-bounds write in BIOflinebuffer on short writes bsc1256834. CVE-2025-69420: Missing ASN1TYPE validation in TSRESPverifyresponse function bsc1256837. CVE-2025-69421: NULL Pointer Dereference in PKCS12itemdecryptd2ie...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 kernel was updated to fix various security issues The following security issues were fixed: CVE-2022-50630: mm: hugetlb: fix UAF in hugetlbhandleuserfault bsc1254785. CVE-2022-50700: wifi: ath10k: Delay the unmapping of the buffer bsc1255576. CVE-2023-53254:...
Security update for nodejs22
This update for nodejs22 fixes the following issues: Security fixes: CVE-2026-22036: Fixed unbounded decompression chain in HTTP response leading to resource exhaustion bsc1256848 CVE-2026-21637: Fixed synchronous exceptions thrown during callbacks that bypass TLS error handling and causing denia...
Security update for libsoup
This update for libsoup fixes the following issues: CVE-2026-0719: Fixed stack-based buffer overflow in NTLM authentication bsc1256399. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run...
Security update for the Linux Kernel (Live Patch 5 for SUSE Linux Enterprise 15 SP7)
This update for the SUSE Linux Enterprise kernel 6.4.0-150700.53.19 fixes various security issues The following security issues were fixed: CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in liotargetnaclinfoshow bsc1251787. CVE-2025-40204: sctp: Fix MAC comparison to be constant-time...
Security update for python-virtualenv
This update for python-virtualenv fixes the following issues: CVE-2026-22702: Fixed local attacker can redirect file operations via TOCTOU race condition bsc1256458. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for gpg2
This update for gpg2 fixes the following issues: CVE-2025-68973: Fix possible memory corruption in the armor parser gpg.fail/memcpybsc1255715. Avoid potential downgrade to SHA1 in 3rd party key signatures gpg.fail/sha1 bsc1256246. Error out on unverified output for non-detached signatures...
Security update for python3
This update for python3 fixes the following issues: Security fixes: CVE-2025-4517: Fixed arbitrary filesystem writes outside the extraction directory during extraction with filter="data" bsc1244032 CVE-2025-4330: Fixed extraction filter bypass for linking outside extraction directory bsc1244060...
Security update for the Linux Kernel (Live Patch 43 for SUSE Linux Enterprise 15 SP4)
This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.173 fixes various security issues The following security issues were fixed: CVE-2022-50233: bluetooth: device name can cause reading kernel memory by not supplying terminal \0 bsc1249242. CVE-2022-50327: ACPI: processor: idle: Che...
Security update 5.0.6 for Multi-Linux Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2025-62349: Added minimumauthversion to enforce security bsc1254257 CVE-2025-62348: Fixed Junos module yaml loader bsc1254256 Backport security fixes for vendored tornado BDSA-2024-3438 BDSA-2024-3439...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP7 kernel was updated to fix various security issues The following security issues were fixed: CVE-2022-50253: bpf: make sure skb-len != 0 when redirecting to a tunneling device bsc1249912. CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in...
Security update for postgresql13
This update for postgresql13 fixes the following issues: Upgraded to 13.23: CVE-2025-12817: Fixed missing check for CREATE privileges on the schema in CREATE STATISTICS bsc1253332 CVE-2025-12818: Fixed integer overflow in allocation-size calculations within libpq bsc1253333 Other fixes: Use...
Security update for rubygem-rack
This update for rubygem-rack fixes the following issues: Update to version 2.2.20 bsc1251936 CVE-2025-61919: Fixed application/x-www-form-urlencoded, callingrack.input.readnil without enforcing a length or cap bsc1251936 CVE-2025-61780: Fixed improper handling of headers in Rack::Sendfile allows...
Security update for python39
This update for python39 fixes the following issues: Updated to 3.9.24: CVE-2025-6075: Fixed simple quadratic complexity vulnerabilities of os.path.expandvars bsc1252974 CVE-2025-8291: Fixed validity of the ZIP64 End of Central Directory EOCD not checked by the 'zipfile' module bsc1251305 Patch...
Security update for the Linux Kernel RT (Live Patch 2 for SUSE Linux Enterprise 15 SP7)
This update for the SUSE Linux Enterprise kernel 6.4.0-150700.7.8 fixes various security issues The following security issues were fixed: CVE-2025-38500: xfrm: interface: fix use-after-free after changing collectmd xfrm interface bsc1248672. CVE-2025-38616: tls: handle data disappearing from unde...
Security update for the Linux Kernel RT (Live Patch 13 for SUSE Linux Enterprise 15 SP6)
This update for the SUSE Linux Enterprise kernel 6.4.0-150600.10.44 fixes various security issues The following security issues were fixed: CVE-2025-38500: xfrm: interface: fix use-after-free after changing collectmd xfrm interface bsc1248672. CVE-2025-38616: tls: handle data disappearing from...
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 140.5.0 ESR bsc1253188 CVE-2025-13012: Race condition in the Graphics component. CVE-2025-13016: Incorrect boundary conditions in the JavaScript: WebAssembly component. CVE-2025-13017: Same-origi...
Security update for podman
This update for podman fixes the following issues: CVE-2025-47913: golang.org/x/crypto/ssh/agent: Fixed client process termination when receiving an unexpected message type in response to a key listing or signing request bsc1253542 Patch Instructions: To install this SUSE update use the SUSE...
Security update for the Linux Kernel (Live Patch 29 for SUSE Linux Enterprise 15 SP5)
This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.116 fixes various security issues The following security issues were fixed: CVE-2022-50252: igb: Do not free qvector unless new one was allocated bsc1249847. CVE-2025-38617: net/packet: fix a race in packetsetring and packetnotifi...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_2
This update for kernel-livepatch-MICRO-6-0-RTUpdate2 fixes the following issues: CVE-2024-53164: net: sched: fix ordering of qlen adjustment bsc1246019 CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631 CVE-2025-38618: vsock: Do not allow binding to VMADDRPORTANY...
Security update for java-1_8_0-ibm
This update for java-180-ibm fixes the following issues: CVE-2025-53057: Fixed an issue where an unauthenticated attacker can achieve unauthorized creation, deletion or modification access to critical data bsc1252414 CVE-2025-53066: Fixed an issue where an unauthenticated attacker can achieve...
Security update for kernel-livepatch-MICRO-6-0_Update_5
This update for kernel-livepatch-MICRO-6-0Update5 fixes the following issues: CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631 CVE-2025-38618: vsock: Do not allow binding to VMADDRPORTANY bsc1249207 CVE-2025-38617: net/packet: fix a race in packetsetring and...
Security update for kernel-livepatch-MICRO-6-0_Update_8
This update for kernel-livepatch-MICRO-6-0Update8 fixes the following issues: CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631 CVE-2025-38618: vsock: Do not allow binding to VMADDRPORTANY bsc1249207 CVE-2025-38617: net/packet: fix a race in packetsetring and...
Security update for kernel-livepatch-MICRO-6-0_Update_6
This update for kernel-livepatch-MICRO-6-0Update6 fixes the following issues: CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631 CVE-2025-38618: vsock: Do not allow binding to VMADDRPORTANY bsc1249207 CVE-2025-38617: net/packet: fix a race in packetsetring and...
Security update for xorg-x11-server
This update for xorg-x11-server fixes the following issues: Fixed use-after-free in XPresentNotify structures creation CVE-2025-62229, bsc1251958 Fixed use-after-free in Xkb client resource removal CVE-2025-62230, bsc1251959 Fixed value overflow in Xkb extension XkbSetCompatMap CVE-2025-62231,...
Security update 5.0.5.1 for for Multi-Linux Manager
Description: This update fixes the following issues: proxy-helm, proxy-httpd-image, proxy-salt-broker-image, proxy-squid-image, proxy-ssh-image, proxy-tftpd-image: Images rebuilt to the newest version and updated build dependencies Security update 5.0.5.1 for Multi-Linux Manager Proxy Description...
Security update for chrony
This update for chrony fixes the following issues: Race condition during socket creation by chronyc allows privilege escalation from user chrony to root bsc1246544. This update also ships chrony-pool-empty to SLE Micro 5.x jscSMO-587 Patch Instructions: To install this SUSE update use the SUSE...
Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP7)
This update for the Linux Kernel 6.4.0-1507005311 fixes several issues. The following security issues were fixed: CVE-2025-38678: netfilter: nftables: reject duplicate device on updates bsc1249534. CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns...
Security update for podman
This update for podman fixes the following issues: CVE-2025-9566: Fixed kube play command overwriting host files bsc1249154 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP7 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-53261: coresight: Fix memory leak in acpibuffer-pointer bsc1249770. CVE-2024-46733: btrfs: fix qgroup reserve leaks in cowfilerange bsc1230708...
Security update for squid
This update for squid fixes the following issues: CVE-2025-59362: fixed buffer overflow bsc1250627 CVE-2024-37894: fixed denial of service in ESI processing bsc1227086 CVE-2024-33427: fixed possible buffer overread leading to denial of service bsc1225417 Patch Instructions: To install this SUSE...
Security update for cJSON
This update for cJSON fixes the following issues: CVE-2023-26819: Allocate memory for the temporary buffer when paring numbers bsc1241502 CVE-2025-57052: Fix the incorrect check in decodearrayindexfrompointer bsc1249112 Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_10
This update for kernel-livepatch-MICRO-6-0-RTUpdate10 fixes the following issues: CVE-2025-38477: net/sched: schqfq: Fix race condition on qfqaggregate bsc1247315 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_10
This update for kernel-livepatch-MICRO-6-0-RTUpdate10 fixes the following issues: CVE-2025-38477: net/sched: schqfq: Fix race condition on qfqaggregate bsc1247315 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for kernel-livepatch-MICRO-6-0_Update_5
This update for kernel-livepatch-MICRO-6-0Update5 fixes the following issues: CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing bsc1237048 CVE-2025-21791: vrf: use RCU protection in l3mdevl3out bsc1240744 CVE-2025-38089: sunrpc: handle SVCGARBAGE during svc auth processing as auth error...
Security update for ghostscript
This update for ghostscript fixes the following issues: CVE-2025-48708: Fixed password disclosure due to lacks of argument sanitization bsc1243701 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...
Security update for the Linux Kernel (Live Patch 12 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506002353 fixes several issues. The following security issues were fixed: CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow bsc1245685. CVE-2025-38181: calipso: Fix null-ptr-deref in calipsoreqset,delattr bsc1246001. CVE-2025-38498:...
Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506002350 fixes several issues. The following security issues were fixed: CVE-2025-38177: schhfsc: make hfscqlennotify idempotent bsc1246356. CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow bsc1245685. CVE-2025-38181: calipso: Fix...
Security update for the Linux Kernel (Live Patch 19 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005580 fixes several issues. The following security issues were fixed: CVE-2024-49860: ACPI: sysfs: validate return type of STR method bsc1231862. CVE-2025-38177: schhfsc: make hfscqlennotify idempotent bsc1246356. CVE-2025-38181: calipso: Fix...