Security update for cups-filters

This update for cups-filters fixes the following issues: CVE-2025-64503: Fixed out-of-bounds write in pdftoraster tool bsc1253374 CVE-2025-57812: Fixed multiple TIFF-related issues in libcupsfilters bsc1253373 CVE-2025-64524: Fixed out-of-bounds write de to use of unvalidated length parameter in...

Security update for grub2

This update for grub2 fixes the following issues: CVE-2025-54770: Fixed missing unregister call for netsetvlan command may lead to use-after-free bsc1252930 CVE-2025-54771: Fixed rubfileclose does not properly controls the fs refcount bsc1252931 CVE-2025-61661: Fixed out-of-bounds write in...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 kernel was updated to fix various security issues The following security issues were fixed: CVE-2022-50327: ACPI: processor: idle: Check acpifetchacpidev return value bsc1249859. CVE-2022-50334: hugetlbfs: fix null-ptr-deref in hugetlbfsparseparam bsc1249857...

Security update for nvidia-container-toolkit

This update for nvidia-container-toolkit fixes the following issues: Update to version 1.18.0: This is a major release and includes the following high-level changes: The default mode of the NVIDIA Container Runtime has been updated to make use of a just-in-time-generated CDI specification instead...

Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 140.5.0 ESR bsc1253188 CVE-2025-13012: Race condition in the Graphics component. CVE-2025-13016: Incorrect boundary conditions in the JavaScript: WebAssembly component. CVE-2025-13017: Same-origi...

Security update for runc

This update for runc fixes the following issues: Update to runc v1.3.3. Upstream changelog is available from . bsc1252232 CVE-2025-31133 CVE-2025-52565 CVE-2025-52881 Update to runc v1.3.2. Upstream changelog is available from bsc1252110 Includes an important fix for the CPUSet translation for...

Security update for grub2

This update for grub2 fixes the following issues: CVE-2025-54771: Fixed rubfileclose does not properly controls the fs refcount bsc1252931 CVE-2025-61661: Fixed out-of-bounds write in grubusbgetstring function bsc1252932 CVE-2025-61662: Fixed missing unregister call for gettext command may lead t...

Security update for unbound

This update for unbound fixes the following issues: CVE-2025-11411: Fixed possible domain hijacking attack. bsc1252525 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command list...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 Azure kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-38008: mm/pagealloc: fix race condition in unaccepted memory handling bsc1244939. CVE-2025-38539: trace/fgraph: Fix the warning caused by missing unregister...

Security update for bind

This update for bind fixes the following issues: CVE-2025-8677: DNSSEC validation fails if matching but invalid DNSKEY is found bsc1252378. CVE-2025-40778: Address various spoofing attacks bsc1252379. CVE-2025-40780: Cache-poisoning due to weak pseudo-random number generator bsc1252380. Patch...

Security update for python-Django

This update for python-Django fixes the following issues: CVE-2025-64459: Fixed a potential SQL injection via the 'connector' keyword bsc1252926 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively yo...

Security update for squid

This update for squid fixes the following issues: CVE-2025-62168: Fixed failure to redact HTTP authentication credentials in error handling leading to information disclosure bsc1252281 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

Security update for the Linux Kernel

This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE update use the SUSE...

Security update for the Linux Kernel (Live Patch 61 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059218 fixes several issues. The following security issues were fixed: CVE-2022-50248: wifi: iwlwifi: mvm: fix double free on tx path bsc1249841. CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631. CVE-2022-50252: igb: ...

Security update for java-17-openjdk

This update for java-17-openjdk fixes the following issues: Upgrade to upstream tag jdk-17.0.17+10 October 2025 CPU: CVE-2025-53057: Fixed unauthenticated attacker can achieve unauthorized creation, deletion or modification access to critical data bsc1252414. CVE-2025-53066: Fixed unauthenticated...

Security update for the Linux Kernel

The SUSE Linux Enterprise Server 16.0 and SUSE Linux Micro 6.2 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-53164: net: sched: fix ordering of qlen adjustment bsc1234863. CVE-2024-57891: schedext: Fix invalid irq restore in scxopsbypass...

Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002370 fixes one issue. The following security issue was fixed: CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

Security update for fetchmail

This update for fetchmail fixes the following issues: CVE-2025-61962: fixed a denial of service condition bsc1251194 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed...

Security update for ffmpeg

This update for ffmpeg fixes the following issues: CVE-2025-7700: Fixed NULL Pointer Dereference in FFmpeg ALS Decoder libavcodec/alsdec.c bsc1246790. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

Security update for poppler

This update for poppler fixes the following issues: CVE-2025-3154: Fixed out-of-bounds array write due to invalid VerticesPerRow bsc1240687. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you ca...

Security update for qatengine, qatlib

This update for qatengine, qatlib fixes the following issues: Note that the 1.6.1 release included in 1.7.0 fixes the following vulnerabilities: bsc1233363 CVE-2024-28885 bsc1233365 CVE-2024-31074 bsc1233366 CVE-2024-33617 Update to 1.7.0: ipp-crypto name change to cryptography-primitives QATSW G...

Security update for tiff

This update for tiff fixes the following issues: CVE-2025-9900: Fixed Write-What-Where in libtiff via TIFFReadRGBAImageOriented bsc1250413. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can...

Security update for squid

This update for squid fixes the following issues: CVE-2025-62168: Fixed proxy auth data visible to scripts bsc1252281. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command list...

Security update for poppler

This update for poppler fixes the following issues: CVE-2025-43718: fixed uncontrolled recursion in the regex-based metadata parser when processing specially crafted PDF files bsc1250908 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

Security update for xwayland

This update for xwayland fixes the following issues: Fixed use-after-free in XPresentNotify structures creation CVE-2025-62229, bsc1251958 Fixed Use-after-free in Xkb client resource removal CVE-2025-62230, bsc1251959 Fixed Value overflow in Xkb extension XkbSetCompatMap CVE-2025-62231, bsc125196...

Maintenance update for Multi-Linux Manager 5.1.1

Description: This update fixes the following issues: Multi-Linux-Manager-Proxy-SLE-release: Update for the release packages for fixing the EOL Fixed migration issue bsc1243486 proxy-helm was updated fromv version 5.1.7 to 5.1.9: Version 5.1.9 Chart rebuilt to the newest version with updated...

Security update for rabbitmq-server

This update for rabbitmq-server fixes the following issues: CVE-2025-50200: prevented logging of Basic Auth header from HTTP requests bsc1245105 fixed a bad logrotate configuration that allowed escalation from rabbitmq to root, /var/log/rabbitmq ownership is now 750 bsc1246091 Patch Instructions:...

Security update for xen

This update for xen fixes the following issues: CVE-2025-58147, CVE-2025-58148: Fixed incorrect input sanitisation in Viridian hypercalls bsc1251271, XSA-475 CVE-2025-27466, CVE-2025-58142, CVE-2025-58143: Fixed mutiple vulnerabilities in the Viridian interface bsc1248807, XSA-472 Patch...

Security update for libssh

This update for libssh fixes the following issues: CVE-2025-8277: memory exhaustion leading to client-side DoS due to improper memory management when KEX process is repeated with incorrect guesses bsc1249375. CVE-2025-8114: NULL pointer dereference when an allocation error happens during the...

Security update for poppler

This update for poppler fixes the following issues: CVE-2025-43718: fixed uncontrolled recursion in the regex-based metadata parser when processing specially crafted PDF files bsc1250908 CVE-2025-52885: improved pointer handling that could have led to dangling pointers when the vector is resized...

Security update for libxslt

This update for libxslt fixes the following issues: CVE-2025-11731: type confusion in exsltFuncResultCompfunction leading to denial of service bsc1251979 CVE-2025-10911: use-after-free with key data stored cross-RVT bsc1250553 Patch Instructions: To install this SUSE update use the SUSE recommend...

Security update for kernel-livepatch-MICRO-6-0_Update_4

This update for kernel-livepatch-MICRO-6-0Update4 fixes the following issues: CVE-2025-21971: netsched: Prevent creation of classes with TCHROOT bsc1245794 CVE-2025-38206: exfat: fix double free in delayedfree bsc1246075 CVE-2025-38396: fs: export anoninodemakesecureinode and fix secretmem LSM...

Security update for kernel-livepatch-MICRO-6-0_Update_8

This update for kernel-livepatch-MICRO-6-0Update8 fixes the following issues: CVE-2025-38206: exfat: fix double free in delayedfree bsc1246075 CVE-2025-38396: fs: export anoninodemakesecureinode and fix secretmem LSM bypass bsc1247158 CVE-2025-38471: kernel: tls: always refresh the queue when...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-49138: Bluetooth: hcievent: Fix checking conn for leconncompleteevt bsc1238160. CVE-2022-50233: Bluetooth: eir: Fix using strlen with hdev-devname,shortnam...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-53261: coresight: Fix memory leak in acpibuffer-pointer bsc1249770. CVE-2024-58090: sched/core: Prevent rescheduling when interrupts are disabled bsc124032...

Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002325 fixes several issues. The following security issues were fixed: CVE-2025-38678: netfilter: nftables: reject duplicate device on updates bsc1249534. CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns...

Security update for python313

This update for python313 fixes the following issues: Update to version 3.13.7. Fixes in 3.13.7: gh-137583: Fix a deadlock introduced in 3.13.6 when a call to ssl.SSLSocket.recv was blocked in one thread, and then another method on the object such as ssl.SSLSocket.send was subsequently called in...

Security update for krb5

This update for krb5 fixes the following issues: CVE-2025-3576: weakness in the MD5 checksum design allows for spoofing of GSSAPI-protected messages that are using RC4-HMAC-MD5 bsc1241219. Krb5 as very old protocol supported quite a number of ciphers that are not longer up to current cryptographi...

Security update for krb5

This update for krb5 fixes the following issues: CVE-2025-3576: weakness in the MD5 checksum design allows for spoofing of GSSAPI-protected messages that are using RC4-HMAC-MD5 bsc1241219. Krb5 as very old protocol supported quite a number of ciphers that are not longer up to current cryptographi...

Security update for go1.24

This update for go1.24 fixes the following issues: go1.24.9 released 2025-10-13 includes fixes to the crypto/x509 package. bsc1236217 crypto/x509: TLS validation fails for FQDNs with trailing dot go1.24.8 released 2025-10-07 includes security fixes to the archive/tar, crypto/tls, crypto/x509,...

Security update for go1.25

This update for go1.25 fixes the following issues: go1.25.3 released 2025-10-13 includes fixes to the crypto/x509 package. bsc1244485 go75861 crypto/x509: TLS validation fails for FQDNs with trailing dot go75777 spec: Go1.25 spec should be dated closer to actual release date Further fixups to the...

Security update for samba

This update for samba fixes the following issues: CVE-2025-9640: Fixed vfsstreamsxattr uninitialized memory write bsc1251279. CVE-2025-10230: Fixed command Injection in WINS Server Hook Script bsc1251280. Patch Instructions: To install this SUSE update use the SUSE recommended installation method...

Security update for samba

This update for samba fixes the following issues: CVE-2025-9640: Fixed uninitialized memory disclosure via vfsstreamsxattr bsc1251279. CVE-2025-10230: Fixed command Injection in WINS server hook script bsc1251280. Update to 4.21.8: netrLogonSamLogonEx returns NRSTATUSACCESSDENIED with...

Security update for the Linux Kernel (Live Patch 31 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024133 fixes several issues. The following security issues were fixed: CVE-2025-38678: netfilter: nftables: reject duplicate device on updates bsc1249534. CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns...

Security update for the Linux Kernel (Live Patch 69 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122261 fixes several issues. The following security issues were fixed: CVE-2022-50386: Bluetooth: L2CAP: Fix user-after-free bsc1250302. CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns bsc1248673. CVE-2025-21971:...

Security update for the Linux Kernel RT (Live Patch 3 for SLE 15 SP7)

This update for the Linux Kernel 6.4.0-150700713 fixes several issues. The following security issues were fixed: CVE-2025-38678: netfilter: nftables: reject duplicate device on updates bsc1249534. CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns bsc124867...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-53261: coresight: Fix memory leak in acpibuffer-pointer bsc1249770. CVE-2024-46733: btrfs: fix qgroup reserve leaks in cowfilerange bsc1230708...

Security update for pam

This update for pam fixes the following issues: Improve previous CVE-2024-10041 fix which led to CPU performance issues bsc1232234 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...

Security update for open-vm-tools

This update for open-vm-tools fixes the following issues: Update to open-vm-tools 13.0.5 based on build 24915695. bsc1250692: Please refer to the Release Notes at https://github.com/vmware/open-vm-tools/blob/stable-13.0.5/ReleaseNotes.md. The granular changes that have gone into the open-vm-tools...

Security update for squid

This update for squid fixes the following issues: CVE-2025-59362: fixed buffer overflow bsc1250627 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product:...