5440 matches found
Security update for the Linux Kernel (Live Patch 15 for SUSE Linux Enterprise 15 SP6)
This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.70 fixes various security issues The following security issues were fixed: CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in liotargetnaclinfoshow bsc1251787. CVE-2025-39682: tls: fix handling of zero-length records on the...
Security update for the Linux Kernel (Live Patch 73 for SUSE Linux Enterprise 12 SP5)
This update for the SUSE Linux Enterprise kernel 4.12.14-122.275 fixes various security issues The following security issues were fixed: CVE-2022-50327: ACPI: processor: idle: Check acpifetchacpidev return value bsc1254451. CVE-2022-50367: fs: fix UAF/GPF bug in nilfsmdtdestroy bsc1250280...
Security update for abseil-cpp
This update for abseil-cpp fixes the following issues: CVE-2025-0838: Fixed potential integer overflow in hash container create/resize bsc1237543. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 140.7.0 ESR bsc1256340. MFSA 2026-03 CVE-2026-0877: Mitigation bypass in the DOM: Security component CVE-2026-0878: Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebG...
Security update for the Linux Kernel (Live Patch 28 for SUSE Linux Enterprise 15 SP5)
This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.113 fixes various security issues The following security issues were fixed: CVE-2023-53574: wifi: rtw88: delete timer and free skb queue when unloading bsc1251984. CVE-2025-38257: s390/pkey: prevent overflow in size calculation fo...
Security update for libpng16
This update for libpng16 fixes the following issues: CVE-2025-66293: out-of-bounds read of the pngsRGBbase array when processing palette PNG images with partial transparency and gamma correction bsc1254480. Patch Instructions: To install this SUSE update use the SUSE recommended installation...
Security update for ImageMagick
This update for ImageMagick fixes the following issues: CVE-2025-68618: read a malicious SVG file may result in a DoS attack bsc1255821. CVE-2025-68950: check for circular references in mvg files may lead to stack overflow bsc1255822. CVE-2025-69204: an integer overflow can lead to a DoS attack...
Security update for curl
This update for curl fixes the following issues: CVE-2025-14524: bearer token leak on cross-protocol redirect bsc1255731. CVE-2025-14819: libssh global knownhost override bsc1255732. CVE-2025-15079: libssh key passphrase bypass without agent set bsc1255733. CVE-2025-15224: OpenSSL partial chain...
Security update for libpcap
This update for libpcap fixes the following issues: CVE-2025-11961: missing validation of provided MAC-48 address string in pcapetheraton can lead to out-of-bounds read and write bsc1255765. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-50280: pnode: terminate at peers of source bsc1249806. CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in liotargetnaclinfoshow bsc1251786...
Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: Update to version 2.50.4. Security issues fixed: CVE-2025-13502: processing of maliciously crafted payloads by the GLib remote inspector server may lead to a UIProcess crash due to an out-of-bounds read and an integer underflow bsc1254208...
Security update for apache2
This update for apache2 fixes the following issues: CVE-2025-55753: Fixed modmd ACME unintended retry intervals bsc1254511 CVE-2025-65082: Fixed CGI environment variable override bsc1254514 CVE-2025-58098: Fixed Server Side Includes adding query string to exec cmd=... bsc1254512 CVE-2025-66200:...
Security update for dpdk22
This update for dpdk22 fixes the following issues: Update to version 22.11.10. Security issues fixed: CVE-2025-23259: issue in the Poll Mode Driver PMD allows an attacker on a VM in the system to leak information and cause a denial of service on the network interface bsc1254161. Other updates and...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-50253: bpf: make sure skb-len != 0 when redirecting to a tunneling device bsc1249912. CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP7 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-50253: bpf: make sure skb-len != 0 when redirecting to a tunneling device bsc1249912. CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in...
Security update for xen
This update for xen fixes the following issues: Update to Xen 4.17.6. Security issues fixed: CVE-2025-58149: incorrect removal of permissions on PCI device unplug allows PV guests to access memory of devices no longer assigned to them bsc1252692. Other issues fixed: Several upstream bug fixes...
Security update for salt
This update for salt fixes the following issues: Security issues fixed: CVE-2025-62349: Added minimumauthversion to enforce security bsc1254257 CVE-2025-62348: Fixed Junos module yaml loader bsc1254256 Backport security fixes for vendored tornado BDSA-2024-3438 BDSA-2024-3439 BDSA-2024-9026 Other...
Security update 5.0.6 for Multi-Linux Manager Client Tools
This update fixes the following issues: golang-github-prometheus-alertmanager: Update to version 0.28.1 jscPED-13285: Improved performance of inhibition rules when using Equal labels. Improve the documentation on escaping in UTF-8 matchers. Update alertmanagerconfighash metric help to document th...
Security update 5.1.1.1 for Multi-Linux Manager Client Tools
This update fixes the following issues: grafana was updated from version 11.5.7 to 11.5.10: Security issues fixed: CVE-2025-64751: Drop experimental implementation of authorization Zanzana server/client version 11.5.10 bsc1254113 CVE-2025-47911: Fixed parsing HTML documents version 11.5.10...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues The following security issues were fixed: CVE-2022-50253: bpf: make sure skb-len != 0 when redirecting to a tunneling device bsc1249912. CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in...
Security update for buildah
This update for buildah rebuilds it against the current security release of GO. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: SUSE Linux...
Security update for wireshark
This update for wireshark fixes the following issues: CVE-2025-13499: Fixed Kafka dissector crash due to a malformed packet bsc1254108. CVE-2025-13946: Fixed MEGACO dissector infinite loop that allows a denial of service bsc1254472. Patch Instructions: To install this SUSE update use the SUSE...
Security update for python3
This update for python3 fixes the following issues: Security issues fixed: CVE-2025-6075: Fixed simple quadratic complexity vulnerabilities on os.path.expandvars bsc1252974. CVE-2025-8291: Fixed missing validity checks of the ZIP64 End of Central Directory EOCD bsc1251305. Other issues fixed: Add...
Security update for rhino
This update for rhino fixes the following issues: Update to version 1.7.15.1. Security issues fixed: CVE-2025-66453: high CPU consumption when processing specific numbers via the toFixed function bsc1254481. Other changes and issues fixed: Version 1.7.15: Basic support for "rest parameters"...
Security update for kubernetes-client
This update for kubernetes client rebuilds it against current the go release to fix bugs and security issues in the go stdlib. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for postgresql17, postgresql18
This update for postgresql17, postgresql18 fixes the following issues: Changes in postgresql18: Fix build with uring for post SLE15 code streams. Update to 18.1: https://www.postgresql.org/about/news/p-3171/ https://www.postgresql.org/docs/release/18.1/ bsc1253332, CVE-2025-12817: Missing check f...
Security update for the Linux Kernel (Live Patch 15 for SUSE Linux Enterprise 15 SP6)
This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.70 fixes one security issue The following security issue was fixed: CVE-2025-38616: tls: handle data disappearing from under the TLS ULP bsc1249537. Patch Instructions: To install this SUSE update use the SUSE recommended installati...
Security update for buildah
This update for buildah fixes the following issues: CVE-2025-47913: Fixed a bug in the client process termination when receiving an unexpected message type in response to a key listing or signing request. bsc1253598 Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for gnutls
This update for gnutls fixes the following issues: CVE-2025-9820: Fixed buffer overflow in gnutlspkcs11tokeninit. bsc1254132 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the comman...
Security update for python312
This update for python312 fixes the following issues: Update to 3.12.12: CVE-2025-6075: Fixed quadratic complexity vulnerabilities of os.path.expandvars bsc1252974 CVE-2025-8291: Fixed validity of the ZIP64 End of Central Directory EOCD not checked by the 'zipfile' module bsc1251305 Other fixes:...
Security update for the Linux Kernel (Live Patch 27 for SUSE Linux Enterprise 15 SP5)
This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.110 fixes one security issue The following security issue was fixed: CVE-2024-53141: netfilter: ipset: add missing range check in bitmapipuadt bsc1245778. Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for buildah
This update for buildah fixes the following issues: CVE-2025-47913: Fixed a bug in the client process termination when receiving an unexpected message type in response to a key listing or signing request. bsc1253598 Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for the Linux Kernel (Live Patch 45 for SUSE Linux Enterprise 15 SP4)
This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.179 fixes one security issue The following security issue was fixed: CVE-2023-53673: Bluetooth: hcievent: call disconnect callback before deleting conn bsc1251983. Patch Instructions: To install this SUSE update use the SUSE...
Security update for sssd
This update for sssd fixes the following issues: CVE-2025-11561: Fixed privilege escalation on AD-joined Linux systems due to default Kerberos configuration disabling localauth an2ln plugin bsc1251827 Other fixes: Install file in krb5.conf.d to include sssd krb5 config snippets bsc1244325 Patch...
Security update for helm
This update for helm fixes the following issues: Update to version 3.19.1 CVE-2025-53547: Fixed local code execution in Helm Chart. bsc1246152 CVE-2025-58190: Fixed excessive memory consumption by html.ParseFragment when processing specially crafted input. bsc1251649 CVE-2025-47911: Fixed various...
Security update for elfutils
This update for elfutils fixes the following issues: Fixing build/testsuite for more recent glibc and kernels. Fixing denial of service and general buffer overflow errors bsc1237236, bsc1237240, bsc1237241, bsc1237242: CVE-2025-1376: Fixed denial of service in function elfstrptr in the library...
Security update for podman
This update for podman fixes the following issues: CVE-2025-47913: golang.org/x/crypto/ssh/agent: Fixed client process termination when receiving an unexpected message type in response to a key listing or signing request bsc1253542 Patch Instructions: To install this SUSE update use the SUSE...
Security update for cups-filters
This update for cups-filters fixes the following issues: CVE-2025-64503: Fixed out-of-bounds write in pdftoraster tool bsc1253374 CVE-2025-57812: Fixed multiple TIFF-related issues in libcupsfilters bsc1253373 CVE-2025-64524: Fixed out-of-bounds write de to use of unvalidated length parameter in...
Security update for podman
This update for podman fixes the following issues: CVE-2025-47913: golang.org/x/crypto/ssh/agent: Fixed client process termination when receiving an unexpected message type in response to a key listing or signing request bsc1253542 Patch Instructions: To install this SUSE update use the SUSE...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP4 RT kernel was updated to fix various security issues The following security issues were fixed: CVE-2022-50327: ACPI: processor: idle: Check acpifetchacpidev return value bsc1249859. CVE-2022-50334: hugetlbfs: fix null-ptr-deref in hugetlbfsparseparam bsc1249857...
Security update for gimp
This update for gimp fixes the following issues: CVE-2025-10934: Fixed XWD file parsing heap-based buffer overflow vulnerability bsc1252886 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can...
Security update for openssl-1_0_0
This update for openssl-100 fixes the following issues: CVE-2025-9230: Fixed out-of-bounds read & write in RFC 3211 KEK unwrap bsc1250232. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can...
Security update for bind
This update for bind fixes the following issues: CVE-2025-40778: Address various spoofing attacks bsc1252379. CVE-2025-40780: Cache-poisoning due to weak pseudo-random number generator bsc1252380. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like...
Security update for netty, netty-tcnative
This update for netty, netty-tcnative fixes the following issues: CVE-2025-59419: fixed SMTP command injection vulnerability that allowed email forgery bsc1252097 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for containerd
This update for containerd fixes the following issues: Update to containerd v1.7.29 CVE-2024-25621: Fixed an overly broad default permission vulnerability. bsc1253126 CVE-2025-64329: Fixed a goroutine leaks which can lead to memory exhaustion on the host. bsc1253132 Patch Instructions: To install...
Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP7)
This update for the Linux Kernel 6.4.0-15070051 fixes several issues. The following security issues were fixed: CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631. CVE-2025-38511: drm/xe/pf: Clear all LMTT pages on alloc bsc1248176. CVE-2025-38617: net/packet: fix...
Security update for the Linux Kernel
This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE update use the SUSE...
Security update for java-1_8_0-openjdk
This update for java-180-openjdk fixes the following issues: Update to version jdk8u472 icedtea-3.37.0: CVE-2025-53057: Fixed certificate handling leading to unauthorized creation, deletion or modification access to critical data bsc1252414 CVE-2025-53066: Fixed Path factories leading to...
Security update for java-1_8_0-openjdk
This update for java-180-openjdk fixes the following issues: Update to version jdk8u472 icedtea-3.37.0: CVE-2025-53057: Fixed certificate handling leading to unauthorized creation, deletion or modification access to critical data bsc1252414 CVE-2025-53066: Fixed Path factories leading to...
Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issue: Mozilla Thunderbird is updated to 140.4. changed: Account Hub is now disabled by default for second email account bmo1992027 changed: Flatpak runtime has been updated to Freedesktop SDK 24.08 bmo1952100 fixed: Users could not read mail...