5440 matches found
Security update for golang-github-docker-libnetwork
This update for golang-github-docker-libnetwork fixes the following issue CVE-2026-2808: github.com/hashicorp/consul: unvalidated user-supplied file paths can lead to arbitrary file reads through the Vault Kubernetes authentication provider bsc1259566. Patch Instructions: To install this SUSE...
Security update for fontforge
This update for fontforge fixes the following issues CVE-2025-15269: Remote Code Execution via Use-After-Free in SFD file parsing bsc1256032. CVE-2025-15275: Arbitrary code execution via SFD file parsing buffer overflow bsc1256025. CVE-2025-15279: Remote Code Execution via heap-based buffer...
Security update for ansible-core
This update for ansible-core fixes the following issues: CVE-2026-11332: Argument injection in ansible-galaxy role install leads to arbitrary code execution bsc1267822. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for opensc
This update for opensc fixes the following issues CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device responses bsc1261214. CVE-2025-66215: crafted smart card or USB device can cause a stack-buffer-overflow write bsc1261220. CVE-2026-10275: global buffer overflow during key...
Security update for xen
This update for xen fixes the following issues: CVE-2026-42487: xen: x86 HVM I/O port list traversal XSA-491 bsc1266952. CVE-2026-42488: xen: x86: mismatched mapcache metadata XSA-494 bsc1266955. CVE-2026-42489,CVE-2026-42490: xen: domctl lock open to abuse XSA-492 bsc1266953. Patch Instructions:...
Security update for apache2
This update for apache2 fixes the following issues Update to 2.4.66 jscPED-16334: Security issues: CVE-2026-23918: http2: double free and possible RCE on early reset bsc1263957. CVE-2026-24072: modrewrite elevation of privileges via apexpr bsc1263935. CVE-2026-28780: heap buffer overflow in...
Security update for the Linux Kernel (Live Patch 18 for SUSE Linux Enterprise 15 SP6)
This update for the SUSE Linux Enterprise Kernel 6.4.0-150600.23.81 fixes various security issues The following security issues were fixed: CVE-2026-23278: netfilter: nftables: always walk all pending catchall elements bsc1260907. CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cac...
Security update for libsolv, libzypp, zypper
This update for libsolv, libzypp, zypper fixes the following issues CVE-2026-9149: Heap buffer overflow in libsolv repoaddsolv via negative maxsize from crafted .solv file bsc1265935. CVE-2026-9150: Stack-based buffer overflow in libsolv's Debian metadata parser when handling SHA384/SHA512...
Security update for libinput
This update for libinput fixes the following issues CVE-2026-50265,CVE-2026-50292: crafted uinput devices can lead to local privilege escalation bsc1267852. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for postfix
This update for postfix fixes the following issue CVE-2026-43964: buffer overread and process crash via an enhanced status code that lacks text after the third number bsc1264062. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate o...
Security update for python-starlette
This update for python-starlette fixes the following issues CVE-2026-54282: request path that lacks a leading forward slash can lead to request.url.hostname manipulation bsc1268520. CVE-2026-54283: urlencoded request body with an oversized data can lead to a denial of service bsc1268517. Patch...
Security update for glibc
This update for glibc fixes the following issues: CVE-2026-4046: Use pending character state in IBM1390, IBM1399 character sets bsc1261206, BZ 33980 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternativel...
Security update for glibc
This update for glibc fixes the following issues: CVE-2026-5928: libio: Fix ungetwc operating on byte stream bsc1262464, BZ 33998 CVE-2026-5450: stdio-common: Fix buffer overflow in scanf %mc bsc1262465, BZ 34008 CVE-2026-4046: Use pending character state in IBM1390, IBM1399 character sets...
Security update for docker
This update for docker fixes the following issues: Update to Docker 29.4.0. See upstream changelog online at Update to buildx 0.33.0. See upstream changelog online at Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 kernel was updated to fix various security issues The following security issues were fixed: CVE-2026-31629: nfc: llcp: add missing return after LLCPCLOSED checks bsc1263790. CVE-2026-43037: ip6tunnel: clear skb2-cb in ip4ip6err bsc1263995. CVE-2026-43206:...
Security update for buildah
This update for buildah rebuilds it against the current go security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: SUSE Linux Enterprise...
Security update for openssl-1_1-livepatches
This update for openssl-11-livepatches fixes the following issues CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7verify bsc1266357. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can ru...
Security update for openssl-1_1
This update for openssl-11 fixes the following issues: CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7verify bsc1266357. CVE-2026-42766: Possible NULL Dereference in Password-Based CMS Decryption bsc1266349. CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption bsc1266341...
Security update for openssl-3
This update for openssl-3 fixes the following issues CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion bsc1266340. CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption bsc1266341. CVE-2026-34180: Heap Buffer Over-read in ASN.1 Content Parsing...
Security update for openssl-1_0_0
This update for openssl-100 fixes the following issues CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion bsc1266340. CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption bsc1266341. CVE-2026-28388: NULL Pointer Dereference When Processing a Delta CRL...
Security update for libcaca
This update for libcaca fixes the following issue CVE-2026-42046: an integer overflow vulnerability in libcaca's canvas import functionality may allow an attacker to cause a controlled heap out-of-bounds write bsc1264984. Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for GraphicsMagick
This update for GraphicsMagick fixes the following issue CVE-2026-42050: stack buffer overflow in XTileImage bsc1265048. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command...
Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues Update to version 2.52.4: Security fixes: CVE-2026-28847: processing maliciously crafted web content may lead to an unexpected process crash or arbitrary code execution due to a heap buffer overflow bsc1267506. CVE-2026-28883: processing...
Security update for tomcat11
This update for tomcat11 fixes the following issues Update to Tomcat 11.0.22: CVE-2026-41284: Unbounded read in WebDAV LOCK and PROPFIND handling bsc1265162. CVE-2026-41293: HTTP/2 request headers not validated bsc1265163. CVE-2026-42498: WebSocket authentication header exposure bsc1265165...
Security update for unbound
This update for unbound fixes the following issues CVE-2026-32792: Packet of death with DNSCrypt bsc1265583. CVE-2026-33278: Possible remote code execution during DNSSEC validation bsc1265587. CVE-2026-40622: "Ghost domain name" variant bsc1265581. CVE-2026-41292: Parsing a long list of incoming...
Security update for strongswan
This update for strongswan fixes the following issues CVE-2026-35328: infinite loop when handling supported versions TLS extension bsc1261712. CVE-2026-35329: null pointer dereference when processing padding in PKCS7 bsc1261717. CVE-2026-35330: integer underflow when handling EAP-SIM/AKA attribut...
Security update for gnutls
This update for gnutls fixes the following issues CVE-2026-33845: buffers: switch from endoffset over to fraglength bsc1263704. CVE-2026-33846: buffers: add more checks to DTLS reassembly bsc1263705. CVE-2026-42009: lib/buffers: ensure packets have differing sequence numbers bsc1263708. Patch...
Security update for gnutls
This update for gnutls fixes the following issues CVE-2026-33845: buffers: switch from endoffset over to fraglength bsc1263704. CVE-2026-33846: buffers: add more checks to DTLS reassembly bsc1263705. CVE-2026-42009: lib/buffers: ensure packets have differing sequence numbers bsc1263708. Patch...
Security update for wicked
This update for wicked fixes the following issues: CVE-2026-44932: Fixed indirect remote shell command injection via unsanitized DHCP options bsc1265221. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for kubernetes1.28
This update for kubernetes1.28 fixes the following issues: Security fixes: CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265740. CVE-2026-35469: github.com/moby/spdystream: memory amplification in SPDY frame parsing leads to deni...
Security update for kubernetes
This update for kubernetes fixes the following issues CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265748. CVE-2026-35469: github.com/moby/spdystream: memory amplification in SPDY frame parsing leads to denial of service...
Security update for kubernetes1.27
This update for kubernetes1.27 fixes the following issues CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265740. CVE-2026-35469: github.com/moby/spdystream: memory amplification in SPDY frame parsing leads to denial of service...
Security update for libyang
This update for libyang fixes the following issues CVE-2026-41401: use-after-free in lydparsersetdataflags when processing crafted YANG XML documents with specific metadata attributes bsc1266316. CVE-2026-44673: integer overflow in lybreadstring of src/parserlyb.c leads to heap buffer overflow wh...
Security update for libyang
This update for libyang fixes the following issues CVE-2026-41401: use-after-free in lydparsersetdataflags when processing crafted YANG XML documents with specific metadata attributes bsc1266316. CVE-2026-44673: integer overflow in lybreadstring of src/parserlyb.c leads to heap buffer overflow wh...
Security update for go1.26
This update for go1.26 fixes the following issues Update to go1.26.4 bsc1255111: CVE-2026-27145: crypto/x509: split candidate hostname only once bsc1267450. CVE-2026-42504: mime: quadratic complexity in WordDecoder.DecodeHeader bsc1267442. CVE-2026-42507: net/textproto: arbitrary input are includ...
Security update for kubernetes1.23
This update for kubernetes1.23 fixes the following issues CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265740. CVE-2026-35469: github.com/moby/spdystream: memory amplification in SPDY frame parsing leads to denial of service...
Security update for libsoup
This update for libsoup fixes the following issues CVE-2026-1801: HTTP Request Smuggling in soupfilterinputstreamreadline bsc1257649. CVE-2026-4271: use-after-free in the HTTP/2 server when user signal handlers disconnect connections during callback execution bsc1259767. Patch Instructions: To...
Security update for strongswan
This update for strongswan fixes the following issue CVE-2026-47895: double-free when destroying certain cloned identities bsc1266360. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run...
Security update for nginx
This update for nginx fixes the following issue CVE-2026-9256: heap buffer overflow in the ngxhttprewritemodule when using a configuration with overlapping captures bsc1266215. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for postgresql17
This update for postgresql17 fixes the following issues Update to version 17.10. Security issues: CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. CVE-2026-6474: Guard against...
Security update for libjxl
This update for libjxl fixes the following issues: Security fixes: CVE-2025-70103: heap buffer overflow when hen processing crafted pbm-images due to insufficient bounds checks bsc1266460. Other fixes: Update to version 0.10.5: fix tile dimension in low memory rendering pipeline. fix number of...
Security update for python-pyOpenSSL
This update for python-pyOpenSSL fixes the following issue CVE-2026-40475: improper input handling of null bytes can lead to silent data truncation and security-state inconsistency bsc1262803. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for python3-pyOpenSSL
This update for python3-pyOpenSSL fixes the following issue CVE-2026-40475: improper input handling of null bytes can lead to silent data truncation and security-state inconsistency bsc1262803. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for salt
This update for salt fixes the following issue: Security issues fixed: CVE-2026-31958: python-tornado: parsing large multipart bodies with many parts can cause a denial of service bsc1259554. Other updates and bugfixes: Use non vendored Tornado with Python 3.11 bsc1257583, bsc1259700 Harden Torna...
Security update 5.0.8 for Multi-Linux Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2026-31958: tornado: Fixed parsing large multipart bodies with many parts can cause a denial of service bsc1259554 CVE-2026-27459: pyOpenSSL: Fixed issue with large cookie value that can lead to a buffer overflow...
Security update for salt
This update for salt fixes the following issue: Security issues fixed: CVE-2026-31958: python-tornado: parsing large multipart bodies with many parts can cause a denial of service bsc1259554. Other updates and bugfixes: Use non vendored Tornado with Python 3.11 bsc1257583, bsc1259700 Harden Torna...
Security update 5.0.8 for Multi-Linux Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2026-31958: tornado: Fixed parsing large multipart bodies with many parts can cause a denial of service bsc1259554 CVE-2026-27459: pyOpenSSL: Fixed issue with large cookie value that can lead to a buffer overflow...
Security update 5.0.8 for Multi-Linux Manager Client Tools, Salt Bundle and Salt
This update fixes the following issues: golang-github-prometheus-nodeexporter: Version 1.10.2: meminfo: Fix typo in Zswap metric name Version 1.10.1: filesystem: Fix mount points being collected multiple times filesystem: Refactor mountinfo parsing bsc1261810 meminfo: Add Zswap/Zswapped metrics...
Security update for rootlesskit
This update for rootlesskit rebuilds it against the current go security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: SUSE Linux...
Security update for rootlesskit
This update for rootlesskit rebuilds it against the current go security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: openSUSE Leap 15....