5387 matches found
Security update for ruby2.5
This update for ruby2.5 fixes the following issues: CVE-2025-24294: resolv: insufficient checks on the length of a decompressed domain name when processing a DNS packet can lead to a denial of service due to excessive resource consumption bsc1246430. Patch Instructions: To install this SUSE updat...
Security update for kernel-livepatch-MICRO-6-0_Update_2
This update for kernel-livepatch-MICRO-6-0Update2 fixes the following issues: CVE-2024-49974: NFSD: limit the number of concurrent async COPY operations bsc1232384 CVE-2025-21971: netsched: Prevent creation of classes with TCHROOT bsc1245794 CVE-2025-38206: exfat: fix double free in delayedfree...
Security update for the Linux Kernel (Live Patch 4 for SLE 15 SP7)
This update for the Linux Kernel 6.4.0-1507005316 fixes one issue. The following security issue was fixed: CVE-2025-38678: netfilter: nftables: reject duplicate device on updates bsc1249534. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP7)
This update for the Linux Kernel 6.4.0-1507005311 fixes several issues. The following security issues were fixed: CVE-2025-38678: netfilter: nftables: reject duplicate device on updates bsc1249534. CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns...
Security update for the Linux Kernel
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-53261: coresight: Fix memory leak in acpibuffer-pointer bsc1249770. CVE-2024-58090: sched/core: Prevent rescheduling when interrupts are disable...
Security update for haproxy
This update for haproxy fixes the following issues: CVE-2025-11230: Fixed mjson JSON decoder excessive resource consumption bsc1250983 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run...
Security update for libsoup
This update for libsoup fixes the following issues: CVE-2025-11021: Ignored invalid date when processing cookies to prevent out-of-bounds read bsc1250562. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for the Linux Kernel (Live Patch 29 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-15050055116 fixes several issues. The following security issues were fixed: CVE-2025-38678: netfilter: nftables: reject duplicate device on updates bsc1249534. CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns...
Security update for the Linux Kernel RT (Live Patch 4 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506001014 fixes several issues. The following security issues were fixed: CVE-2025-38678: netfilter: nftables: reject duplicate device on updates bsc1249534. CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP7 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-53261: coresight: Fix memory leak in acpibuffer-pointer bsc1249770. CVE-2024-46733: btrfs: fix qgroup reserve leaks in cowfilerange bsc1230708...
Security update for open-vm-tools
This update for open-vm-tools fixes the following issues: Update to open-vm-tools 13.0.5 based on build 24915695. bsc1250692: Please refer to the Release Notes at: https://github.com/vmware/open-vm-tools/blob/stable-13.0.5/ReleaseNotes.md. The granular changes that have gone into the open-vm-tool...
Security update for samba
This update for samba fixes the following issues: CVE-2025-9640: Fixed uninitialized memory disclosure via vfsstreamsxattr bsc1251279. CVE-2025-10230: Fixed command Injection in WINS server hook script bsc1251280. Patch Instructions: To install this SUSE update use the SUSE recommended installati...
Security update for qt6-base
This update for qt6-base fixes the following issues: CVE-2025-5455: processing of malformed data in qDecodeDataUrl can trigger assertion and cause a crash bsc1243958. CVE-2025-30348: complex algorithm used in encodeText in QDom when processing XML data can cause low performance bsc1239896. Patch...
Security update for open-vm-tools
This update for open-vm-tools fixes the following issues: CVE-2025-41244: fixed a local privilege escalation vulnerability bnc1250373. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run...
Security update for the Linux Kernel (Live Patch 20 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005583 fixes several issues. The following security issues were fixed: CVE-2024-53168: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket bsc1243650. CVE-2024-50154: tcp/dccp: Do not use timerpending in reqskqueueunlink bsc1233072...
Security update for the Linux Kernel (Live Patch 33 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024141 fixes several issues. The following security issues were fixed: CVE-2024-53168: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket bsc1243650. CVE-2024-50154: tcp/dccp: Do not use timerpending in reqskqueueunlink bsc1233072...
Security update for podofo
This update for podofo fixes the following issues: fixed a free-after-use in PdfTokenizer bsc1249105 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your produc...
Security update for go1.25-openssl
This update for go1.25-openssl fixes the following issues: Update to version 1.25.1, released 2025-09-03 bsc1244485. Security issues fixed: CVE-2025-47910: net/http: CrossOriginProtection insecure bypass patterns not limited to exact matches bsc1249141. Other issues fixed: go74822 cmd/go: "get...
Security update for redis7
This update for redis7 fixes the following issues: CVE-2025-49844: Malicious Lua scripts may lead to remote code execution. bsc1250995 CVE-2025-46817: Malicious Lua scripts may lead to integer overflow and potential remote code execution. bsc1250995 CVE-2025-46818: Malicious Lua scripts can be...
Security update for redis7
This update for redis7 fixes the following issues: CVE-2025-49844: Malicious Lua scripts may lead to remote code execution. bsc1250995 CVE-2025-46817: Malicious Lua scripts may lead to integer overflow and potential remote code execution. bsc1250995 CVE-2025-46818: Malicious Lua scripts can be...
Security update for cairo
This update for cairo fixes the following issues: CVE-2019-6461: Avoid assert when drawing arcs with NaN angles bsc1122338 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command...
Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP7)
This update for the Linux Kernel 6.4.0-15070073 fixes several issues. The following security issues were fixed: CVE-2025-38477: net/sched: schqfq: Fix race condition on qfqaggregate bsc1247315. CVE-2025-38089: sunrpc: handle SVCGARBAGE during svc auth processing as auth error bsc1245509. Patch...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_2
This update for kernel-livepatch-MICRO-6-0-RTUpdate2 fixes the following issues: CVE-2024-50154: tcp/dccp: Don't use timerpending in reqskqueueunlink bsc1233072 CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing bsc1237048 CVE-2025-21791: vrf: use RCU protection in l3mdevl3out bsc1240744...
Security update for rubygem-puma
This update for rubygem-puma fixes the following issues: Update to version 5.6.9. CVE-2024-45614: improper header normalization allows for clients to clobber proxy set headers, which can lead to information leaks bsc1230848, fixed in an earlier update. CVE-2024-21647: unbounded resource consumpti...
Security update for podman
This update for podman fixes the following issues: CVE-2025-6032: Fixed machine init command failing to verify TLS certificate bsc1245320 Fix conditional Requires remove deprecated sleversion macro Update to version 5.4.2: Add release notes for v5.4.2 Fix a potential deadlock during podman cp...
Security update for nvidia-open-driver-G06-signed
This update for nvidia-open-driver-G06-signed fixes the following issues: Updated CUDA variant to 580.82.07: CVE-2025-23277: Fixed access memory outside bounds permitted under normal use cases in NVIDIA Display Driver bsc1247528. CVE-2025-23278: Fixed improper index validation by issuing a call...
Security update for apache2-mod_security2
This update for apache2-modsecurity2 fixes the following issues: CVE-2025-54571: Fixed insufficient return value handling on modsecurity leads to xss and source code disclosure bsc1247674 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for the Linux Kernel (Live Patch 40 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024164 fixes several issues. The following security issues were fixed: CVE-2025-38177: schhfsc: make hfscqlennotify idempotent bsc1246356. CVE-2025-38181: calipso: Fix null-ptr-deref in calipsoreqset,delattr bsc1246001. CVE-2025-38498: dochangetype:...
Security update for the Linux Kernel RT (Live Patch 5 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506001017 fixes several issues. The following security issues were fixed: CVE-2025-38177: schhfsc: make hfscqlennotify idempotent bsc1246356. CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow bsc1245685. CVE-2025-38181: calipso: Fix...
Security update for the Linux Kernel RT (Live Patch 2 for SLE 15 SP7)
This update for the Linux Kernel 6.4.0-15070078 fixes several issues. The following security issues were fixed: CVE-2025-38498: dochangetype: refuse to operate on unmounted/not ours mounts bsc1247499. CVE-2025-38555: usb: gadget : fix use-after-free in compositedevcleanup bsc1248298. Patch...
Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issues: Update to Mozilla Thunderbird 140.3 bsc1249391. Security issues fixed: MFSA 2025-78 CVE-2025-10527: sandbox escape due to use-after-free in the Graphics: Canvas2D component. CVE-2025-10528: sandbox escape due to undefined behavior,...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_12
This update for kernel-livepatch-MICRO-6-0-RTUpdate12 fixes the following issues: New livepatch SLE Micro 6.0/6.1 kernel rt update 12 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run t...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_2
This update for kernel-livepatch-MICRO-6-0-RTUpdate2 fixes the following issues: CVE-2024-49860: ACPI: sysfs: validate return type of STR method bsc1231862 CVE-2025-38177: kernel: schhfsc: make hfscqlennotify idempotent bsc1246356 CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow...
Security update for git
This update for git fixes the following issues: Update to 2.51.0 UI, Workflows & Features Userdiff patterns for the R language have been added. Documentation for "git send-email" has been updated with a bit more credential helper and OAuth information. "git cat-file --batch" learns to understand...
Security update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-t
This update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container fixes the following issues: This...
Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506002325 fixes several issues. The following security issues were fixed: CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245504. CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. CVE-2025-38001: netsched: hfsc: Address...
Security update for the Linux Kernel (Live Patch 32 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024136 fixes several issues. The following security issues were fixed: CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF bsc1237930. CVE-2025-38001: netsched: hfsc: Address reentrant...
Security update for kernel-livepatch-MICRO-6-0_Update_2
This update for kernel-livepatch-MICRO-6-0Update2 fixes the following issues: CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245505 CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579 CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree twi...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_6
This update for kernel-livepatch-MICRO-6-0-RTUpdate6 fixes the following issues: CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245505 CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579 CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_3
This update for kernel-livepatch-MICRO-6-0-RTUpdate3 fixes the following issues: CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245505 CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579 CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree...
Security update for kernel-livepatch-MICRO-6-0_Update_7
This update for kernel-livepatch-MICRO-6-0Update7 fixes the following issues: CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245505 CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree twice bsc1244235 CVE-2025-38000: schhfsc: Fix qlen accountin...
Security update for ffmpeg-4
This update for ffmpeg-4 fixes the following issues: CVE-2025-7700: Fixed NULL Pointer Dereference in FFmpeg ALS Decoder bsc1246790. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run th...
Security update for the Linux Kernel (Live Patch 58 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059207 fixes several issues. The following security issues were fixed: CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree twice bsc1244235. CVE-2025-38000: schhfsc: Fix qlen accounting bug when using peek in hfscenqueue...
Security update for the Linux Kernel (Live Patch 48 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059174 fixes several issues. The following security issues were fixed: CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF bsc1237930. CVE-2025-38001: netsched: hfsc: Address reentrant...
Security update for the Linux Kernel (Live Patch 54 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059195 fixes several issues. The following security issues were fixed: CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF bsc1237930. CVE-2025-38001: netsched: hfsc: Address reentrant...
Security update for the Linux Kernel (Live Patch 49 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059179 fixes several issues. The following security issues were fixed: CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF bsc1237930. CVE-2025-38001: netsched: hfsc: Address reentrant...
Security update for the Linux Kernel RT (Live Patch 5 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506001017 fixes several issues. The following security issues were fixed: CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245504. CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. CVE-2025-38001: netsched: hfsc: Address...
Security update for netty, netty-tcnative
This update for netty, netty-tcnative fixes the following issues: Upgrade to upstream version 4.1.126. Security issues fixed: CVE-2025-58057: decompression codecs allocating a large number of buffers after processing specially crafted input can cause a denial of service bsc1249134. CVE-2025-58056...
Security update for ruby2.5
This update for ruby2.5 fixes the following issues: CVE-2024-35221: Fixed remote denial of service via YAML manifest bsc1225905 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for kernel-livepatch-MICRO-6-0_Update_9
This update for kernel-livepatch-MICRO-6-0Update9 fixes the following issues: CVE-2025-38079: crypto: algifhash - fix double free in hashaccept bsc1245218 CVE-2025-38083: netsched: prio: fix a race in priotune bsc1245350 CVE-2025-38494: HID: core: do not bypass hidhwrawrequest bsc1247350...