5440 matches found
Security update for kernel-livepatch-MICRO-6-0-RT_Update_3
This update for kernel-livepatch-MICRO-6-0-RTUpdate3 fixes the following issues: CVE-2024-50208: RDMA/bnxtre: Fix a bug while setting up Level-2 PBL pages bsc1233118 CVE-2024-50250: fsdax: daxunshareiter needs to copy entire blocks bsc1233227 CVE-2024-53146: NFSD: prevent a potential integer...
Security update for java-1_8_0-openj9
This update for java-180-openj9 fixes the following issues: Update to OpenJDK 8u462 build 08 with OpenJ9 0.53.0 virtual machine: CVE-2025-30749: several scenarios can lead to heap corruption Oracle CPU 2025-07 bsc1246595 CVE-2025-30754: incomplete handshake may lead to weakening TLS protections...
Security update for the Linux Kernel
This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE update use the SUSE...
Security update 5.0.5 for Multi-Linux Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2024-38822: Fixed Minion token validation bsc1244561 CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 CVE-2024-38824: Fixed directory traversal...
Security update 5.0.5 for Multi-Linux Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2024-38822: Fixed Minion token validation bsc1244561 CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 CVE-2024-38824: Fixed directory traversal...
Security update 5.0.5 for Multi-Linux Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2024-38822: Fixed Minion token validation bsc1244561 CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 CVE-2024-38824: Fixed directory traversal...
Security update for Multi-Linux Manager 5.0: Server, Proxy and Retail Server
Description: This update fixes the following issues: proxy-helm: Version 5.0.15: Image rebuilt to the newest version with updated dependencies proxy-httpd-image: Version 5.0.13: Add redirect of API calls from proxy to the server bsc1241880 proxy-salt-broker-image: Version 5.0.13: Image rebuilt to...
Maintenance update for Multi-Linux Manager 4.3 Release Notes Release Notes
Description: This update fixes the following issues: release-notes-susemanager-proxy: Update to SUSE Manager 4.3.16 CVE Fixed CVE-2025-23392, CVE-2025-23393, CVE-2025-46809 Bugs mentioned: bsc1236601, bsc1236635, bsc1236779, bsc1237294, bsc1238922 bsc1239826, bsc1240386, bsc1242004, bsc1243460,...
Security update for the Linux Kernel (Live Patch 40 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024164 fixes one issue. The following security issue was fixed: CVE-2024-56558: nfsd: make sure exp active before svcexportshow bsc1243648. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for postgresql17
This update for postgresql17 fixes the following issues: Upgrade to 17.5: CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation bsc1242931 Changelog: https://www.postgresql.org/docs/release/17.5/ Patch Instructions: To...
Security update for the Linux Kernel RT (Live Patch 5 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506001017 fixes several issues. The following security issues were fixed: CVE-2024-53146: NFSD: Prevent a potential integer overflow bsc1234854. CVE-2024-53214: vfio/pci: Properly hide first-in-list PCIe extended capability bsc1235005. CVE-2024-53173:...
Security update for the Linux Kernel (Live Patch 52 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059188 fixes several issues. The following security issues were fixed: CVE-2022-49465: blk-throttle: Set BIOTHROTTLED when bio has been throttled bsc1238920. CVE-2024-57893: ALSA: seq: oss: Fix races at processing SysEx messages bsc1235921...
Security update for the Linux Kernel RT (Live Patch 6 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506001020 fixes several issues. The following security issues were fixed: CVE-2024-53146: NFSD: Prevent a potential integer overflow bsc1234854. CVE-2024-53214: vfio/pci: Properly hide first-in-list PCIe extended capability bsc1235005. CVE-2024-53173:...
Security update for the Linux Kernel
This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE update use the SUSE...
Security update for python36
This update for python36 fixes the following issues: CVE-2024-12718: Fixed extraction filter bypass that allowed file metadata modification outside extraction directory bsc1244056 CVE-2025-4138: Fixed issue that might allow symlink targets to point outside the destination directory, and the...
Security update for the Linux Kernel
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-57982: xfrm: state: fix out-of-bounds read during lookup bsc1237913. CVE-2024-58053: rxrpc: Fix handling of received connection abort bsc1238982...
Security update for tomcat
This update for tomcat fixes the following issues: CVE-2025-46701: Fixed refactor CGI servlet to access resources via WebResources bsc1243815. CVE-2025-48988: Fixed limits the total number of parts in a multi-part request and limits the size of the headers provided with each part bsc1244656...
Security update for apache2
This update for apache2 fixes the following issues: CVE-2024-38477: Fixed null pointer dereference in modproxy bsc1227270. CVE-2024-39573: Fixed source code disclosure with handlers configured via AddType bsc1227271. CVE-2024-39884: Fixed source code disclosure of local content bsc1227353...
Security update for python-tornado6
This update for python-tornado6 fixes the following issues: CVE-2024-52804: Fixed excessive CPU consumption by the algorithm used for parsing HTTP cookies bsc1233668 CVE-2025-47287: Fixed denial-of-service via generation of an extremely high volume of logs due to multipart/form-data parser...
Security update for python-tornado6
This update for python-tornado6 fixes the following issues: CVE-2025-47287: Fixed denial of service via generation of an extremely high volume of logs due to multipart/form-data parser bsc1243268. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like...
Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: Update to version 2.48.2: CVE-2025-24223: Processing maliciously crafted web content may lead to memory corruption bsc1243424. CVE-2025-31204: Processing maliciously crafted web content may lead to memory corruption bsc1243286. CVE-2025-3120...
Security update for the Linux Kernel (Live Patch 29 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024128 fixes several issues. The following security issues were fixed: CVE-2022-49080: mm/mempolicy: fix mpolnew leak in sharedpolicyreplace bsc1238324. CVE-2024-57996: netsched: schsfq: do not allow 1 packet limit bsc1239077. Patch Instructions: To...
Security update for the Linux Kernel (Live Patch 4 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506002322 fixes several issues. The following security issues were fixed: CVE-2024-49855: nbd: fix race between timeout and normal completion bsc1232900. CVE-2025-21680: pktgen: Avoid out-of-bounds access in getimixentries bsc1236701. CVE-2024-58013:...
Security update for tomcat10
This update for tomcat10 fixes the following issues: Update to Tomcat 10.1.40 CVE-2025-31650: invalid priority field values should be ignored bsc1242008 CVE-2025-31651: Better handling of URLs with literal ';' and '?' bsc1242009 Full changelog:...
Security update for kernel-livepatch-MICRO-6-0_Update_2
This update for kernel-livepatch-MICRO-6-0Update2 fixes the following issues: CVE-2024-53042: ipv4: iptunnel: Fix suspicious RCU usage warning in iptunnelinitflow bsc1233678 CVE-2024-53156: wifi: ath9k: add range check for connrspepid in htcconnectservice bsc1234847 CVE-2024-50115: KVM: nSVM:...
Security update for python-maturin
This update for python-maturin fixes the following issues: CVE-2025-3416: openssl: use-after-free in Md::fetch and Cipher::fetch when Some... value passed as properties argument to either function bsc1242631. CVE-2025-4574: crossbeam-channel: double-free leading to possible memory corruption in...
Security update for the Linux Kernel (Live Patch 34 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024144 fixes several issues. The following security issues were fixed: CVE-2024-8805: Bluetooth: hcievent: Align BR/EDR JUSTWORKS paring with LE bsc1240840. CVE-2024-56650: netfilter: xtables: fix LED ID check in ledtgcheck bsc1235431. Patch...
Security update for kernel-livepatch-MICRO-6-0_Update_4
This update for kernel-livepatch-MICRO-6-0Update4 fixes the following issues: CVE-2024-53237: Fixed bluetooth: fix use-after-free in deviceforeachchild bsc1235008 CVE-2024-56650: Fixed netfilter: xtables: fix LED ID check in ledtgcheck bsc1235431 Patch Instructions: To install this SUSE update us...
Security update for helm
This update for helm fixes the following issues: Update to version 3.17.2 bsc1238688, CVE-2025-22870: Updating to 0.37.0 for x/net builddeps: bump the k8s-io group with 7 updates Update to version 3.17.1: merge null child chart objects builddeps: bump the k8s-io group with 7 updates fix: check...
Security update for kernel-livepatch-MICRO-6-0_Update_2
This update for kernel-livepatch-MICRO-6-0Update2 fixes the following issues: CVE-2024-57882: Fixed mptcp: fix TCP options overflow. bsc1235916 CVE-2024-46818: Fixed drm/amd/display: check gpioid before used as array index bsc1231204 CVE-2024-46815: Fixed drm/amd/display: check numvalidsets befor...
Security update for the Linux Kernel (Live Patch 47 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059170 fixes several issues. The following security issues were fixed: CVE-2022-49014: net: tun: Fix use-after-free in tundetach bsc1232818. CVE-2022-49563: crypto: qat - add param check for RSA bsc1238788. CVE-2022-49564: crypto: qat - add param check...
Security update for microcode_ctl
This update for microcodectl fixes the following issues: CVE-2024-31068: Improper Finite State Machines FSMs in Hardware Logic for some Intel Processors may allow privileged user to potentially enable denial of service via local access. bsc1237096 CVE-2024-36293: A potential security vulnerabilit...
Security update for rsync
This update for rsync fixes the following issues: CVE-2024-12747: Fixed race condition in handling symbolic links bsc1235475 Broken rsyncd after protocol bump, regression reported bsc1237187. Bump protocol version to 32 - make it easier to show server is patched. Patch Instructions: To install th...
Security update for tomcat
This update for tomcat fixes the following issues: CVE-2025-24813: Fixed potential RCE and/or information disclosure/corruption with partial PUT bsc1239302 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for qemu
This update for qemu fixes the following issues: CVE-2024-8612: Fixed information leak in virtio devices bsc1230915. CVE-2024-7409: Fixed denial of service via improper synchronization in QEMU NBD Server during socket closure bsc1229007. CVE-2024-3447: Fixed heap buffer overflow in...
Security update for SUSE Manager Client Tools
This update fixes the following issues: salt: Build all python bindings for all flavors Fixed the condition of alternatives for Tumbleweed and Leap 16 Handle logger exception when flushing already closed file Included passlib as a recommended dependency Make minion reconnecting on changing master...
Security update for the Linux Kernel (Live Patch 14 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005565 fixes several issues. The following security issues were fixed: CVE-2024-45016: netem: fix return value if duplicate enqueue fails bsc1230998. CVE-2022-48912: Fix use-after-free in nfregisternethook bsc1229641 CVE-2022-48923: btrfs: prevent...
Security update for python-setuptools
This update for python-setuptools fixes the following issues: CVE-2024-6345: Fixed code execution via download functions in the packageindex module in pypa/setuptools bsc1228105 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for unbound
This update for unbound fixes the following issues: Update to 1.20.0: Features: The config for discard-timeout, wait-limit, wait-limit-cookie, wait-limit-netblock and wait-limit-cookie-netblock was added, for the fix to the DNSBomb issue. Merge GH1027: Introduce 'cache-min-negative-ttl' option...
Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024119 fixes several issues. The following security issues were fixed: CVE-2024-36971: Fixed dstnegativeadvice race bsc1226324. CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956: ipv...
Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506002314 fixes several issues. The following security issues were fixed: CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. CVE-2024-42133:...
Security update for the Linux Kernel (Live Patch 58 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122222 fixes several issues. The following security issues were fixed: CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1232637...
Security update for tomcat10
This update for tomcat10 fixes the following issues: Update to Tomcat 10.1.34 Fixed CVEs: CVE-2024-54677: DoS in examples web application bsc1234664 CVE-2024-50379: RCE due to TOCTOU issue in JSP compilation bsc1234663 CVE-2024-52317: Request/response mix-up with HTTP/2 bsc1233435 Catalina Add: A...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1231893. CVE-2022-48960: net: hisilicon: Fix potential use-after-free in hix5hd2rx bsc1231979...
Security update for SUSE Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Security fixes on Python 3.11 interpreter: CVE-2024-7592: Fixed quadratic complexity in parsing -quoted cookie values with backslashes bsc1229873, bsc1230059 CVE-2024-8088: Prevent malformed payload to cause infinite loops in zipfile.Path...
Security update for the Linux Kernel (Live Patch 25 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024116 fixes several issues. The following security issues were fixed: CVE-2024-35905: Fixed int overflow for stack access size bsc1226327. CVE-2021-47598: schcake: do not call cakedestroy from cakeinit bsc1227471. CVE-2024-35863: Fixed potential UAF ...
Security update for the Linux Kernel (Live Patch 52 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122189 fixes several issues. The following security issues were fixed: CVE-2024-41059: hfsplus: fix uninit-value in copyname bsc1228573. CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 bsc1226325. Patch Instructions: To install this...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-48945: media: vivid: fix compose size exceed boundary bsc1230398. CVE-2022-48911: kabi: add nfqueuegetrefs for kabi compliance. bsc1229633. CVE-2024-44946:...
Security update for libarchive
This update for libarchive fixes the following issues CVE-2025-60753: bsdtar hangs and OOMs with zero-length pattern matches bsc1253088. CVE-2026-4424: information disclosure via heap out-of-bounds read in RAR archive processing bsc1259928. CVE-2026-4426: undefined behavior due to unvalidated...
Security update for firewalld-legacy
This update for firewalld-legacy fixes the following issue CVE-2026-4948: local unprivileged users can modify firewall state due to D-Bus setter mis-authorizations bsc1260903. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...