5387 matches found
Security update for kernel-livepatch-MICRO-6-0-RT_Update_8
This update for kernel-livepatch-MICRO-6-0-RTUpdate8 fixes the following issues: CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245505 CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree twice bsc1244235 CVE-2025-38000: schhfsc: Fix qlen...
Security update for kernel-livepatch-MICRO-6-0_Update_9
This update for kernel-livepatch-MICRO-6-0Update9 fixes the following issues: CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU bsc1246030 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_5
This update for kernel-livepatch-MICRO-6-0-RTUpdate5 fixes the following issues: CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245505 CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579 CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree...
Security update for the Linux Kernel (Live Patch 37 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024153 fixes several issues. The following security issues were fixed: CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF bsc1237930. CVE-2025-38001: netsched: hfsc: Address reentrant...
Security update for the Linux Kernel (Live Patch 29 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024128 fixes several issues. The following security issues were fixed: CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF bsc1237930. CVE-2025-38001: netsched: hfsc: Address reentrant...
Security update for curl
This update for curl fixes the following issues: CVE-2025-9086: bug in path comparison logic when processing cookies can lead to out-of-bounds read in heap buffer bsc1249191. CVE-2025-10148: predictable websocket mask can lead to proxy cache poisoning by malicious server bsc1249348. Patch...
Security update for go1.25-openssl
This update for go1.25-openssl fixes the following issues: Update to version 1.25.0 cut from the go1.25-fips-release branch at the revision tagged go1.25.0-1-openssl-fips. jscSLE-18320 Rebase to 1.25.0 Fix HKDF-Extract The latest OpenSSL in c9s/c10s requires nil salt to be passed as a hash length...
Security update for the Linux Kernel (Live Patch 56 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059201 fixes several issues. The following security issues were fixed: CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree twice bsc1244235. CVE-2025-38000: schhfsc:...
Security update for the Linux Kernel (Live Patch 55 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059198 fixes several issues. The following security issues were fixed: CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF bsc1237930. CVE-2025-38001: netsched: hfsc: Address reentrant...
Security update for python-deepdiff
This update for python-deepdiff fixes the following issues: CVE-2025-58367: class pollution via the Delta class constructor can lead to denial-of-service and remote code execution bsc1249347. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for regionServiceClientConfigAzure
This update for regionServiceClientConfigAzure contains the following fixes: Update to version 3.0.0.bsc1246995 SLE 16 python-requests requires SSL v3 certificates. Update 2 region server certs to support SLE 16 when it gets released. Update dependency name for metadata package, name change in SL...
Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506008 fixes several issues. The following security issues were fixed: CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245504 . CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. CVE-2025-38001: netsched: hfsc: Address reentran...
Security update for the Linux Kernel RT (Live Patch 9 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506001029 fixes several issues. The following security issues were fixed: CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245504. CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. CVE-2025-38001: netsched: hfsc: Address...
Security update for the Linux Kernel RT (Live Patch 4 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506001014 fixes several issues. The following security issues were fixed: CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245504. CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. CVE-2025-38001: netsched: hfsc: Address...
Security update for postgresql15
This update for postgresql15 fixes the following issues: Upgrade to 15.12: CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-encoded input strings bsc1237093. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for kernel-livepatch-MICRO-6-0_Update_4
This update for kernel-livepatch-MICRO-6-0Update4 fixes the following issues: CVE-2025-38079: crypto: algifhash - fix double free in hashaccept bsc1245218 CVE-2025-38083: netsched: prio: fix a race in priotune bsc1245350 CVE-2025-38494: HID: core: do not bypass hidhwrawrequest bsc1247350...
Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issues: Updated to Mozilla Thunderbird 140.2 MFSA 2025-72 bsc1248162: CVE-2025-9179: Sandbox escape due to invalid pointer in the Audio/Video: GMP component CVE-2025-9180: Same-origin policy bypass in the Graphics: Canvas2D component...
Security update for ignition
This update for ignition fixes the following issues: CVE-2022-28948: Fixed an issue during unmarshaling in Go-Yaml v3 can lead to DoS via invalid input bsc1248548 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for postgresql17
This update for postgresql17 fixes the following issues: Updated to 17.6: CVE-2025-8713: Fixed optimizer statistics exposing sampled data within a view, partition, or child table bsc1248120 CVE-2025-8714: Fixed untrusted data inclusion in pgdump allows superuser of origin server to execute...
Security update for postgresql16
This update for postgresql16 fixes the following issues: Upgraded to 16.10: CVE-2025-8713: Fixed optimizer statistics exposing sampled data within a view, partition, or child table bsc1248120 CVE-2025-8714: Fixed untrusted data inclusion in pgdump allows superuser of origin server to execute...
Security update for the Linux Kernel
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2019-11135: TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may CVE-2024-36028: mm/hugetlb: fix DEBUGLOCKSWARNON1 when...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_11
This update for kernel-livepatch-MICRO-6-0-RTUpdate11 fixes the following issues: This is the initial livepatch for the Update 11 of the RT Kernel for SL Micro 6.0 and 6.1. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_7
This update for kernel-livepatch-MICRO-6-0-RTUpdate7 fixes the following issues: CVE-2025-37752: netsched: schsfq: move the limit validation bsc1245776 CVE-2025-37797: netsched: hfsc: Fix a UAF vulnerability in class handling bsc1245793 CVE-2025-21702: pfifotailenqueue: Drop new packet when...
Security update for the Linux Kernel (Live Patch 59 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059211 fixes several issues. The following security issues were fixed: CVE-2025-38494: HID: core: do not bypass hidhwrawrequest bsc1247350. CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID bsc1247351...
Security update for go1.25
go1.25 released 2025-08-12 is a major release of Go. go1.25.x minor releases will be provided through August 2026. https://github.com/golang/go/wiki/Go-Release-Cycle go1.25 arrives six months after Go 1.24. Most of its changes are in the implementation of the toolchain, runtime, and libraries. As...
Security update for docker
This update for docker fixes the following issues: Update to Docker 28.3.3-ce. CVE-2025-54388: Fixed a bug where firewalld when reloaded can make published container ports accessible from remote hosts. bsc1247367 Patch Instructions: To install this SUSE update use the SUSE recommended installatio...
Security update for the Linux Kernel (Live Patch 7 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506002333 fixes several issues. The following security issues were fixed: CVE-2025-38494: HID: core: do not bypass hidhwrawrequest bsc1247350. CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID bsc1247351...
Security update for lua51-luajit
This update for lua51-luajit fixes the following issues: CVE-2024-25176: Fixed stack-buffer-overflow in ljstrfmtwfnum in ljstrfmtnum.c bsc1246077 CVE-2024-25177: Fixed unsinking of IRFSTORE for NULL metatable bsc1246078 CVE-2024-25178: Fixed ut-of-bounds read in the stack-overflow handler in...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP7 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-36028: mm/hugetlb: fix DEBUGLOCKSWARNON1 when dissolvefreehugetlbfolio bsc1225707. - CVE-2024-36348, CVE-2024-36349, CVE-2024-36350, CVE-2024-36357:...
Security update for the Linux Kernel (Live Patch 38 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024158 fixes several issues. The following security issues were fixed: CVE-2025-38494: HID: core: do not bypass hidhwrawrequest bsc1247350. CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID bsc1247351...
Security update for apache-commons-lang3
This update for apache-commons-lang3 fixes the following issues: Update to version 3.18.0 CVE-2025-48924: Fixed an uncontrolled recursion vulnerability that may lead to a DoS. bsc1246397 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for libavif
This update for libavif fixes the following issues: update to 1.3.0: CVE-2025-48175: Fixed an integer overflows in multiplications involving rgbRowBytes, yRowBytes, uRowBytes, and vRowBytes. bsc1243270 CVE-2025-48174: Fixed an integer overflow and resultant buffer overflow in stream-offset+size...
Security update for ruby2.5
This update for ruby2.5 fixes the following issues: CVE-2024-35221: Fixed remote denial of service via YAML manifest bsc1225905 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for cairo
This update for cairo fixes the following issues: CVE-2019-6462: Fixed a potentially infinite loop bsc1122321. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for...
Security update for kubernetes1.23
This update for kubernetes1.23 fixes the following issues: CVE-2025-22872: Properly handle trailing solidus in unquoted attribute value in foreign content bsc1241865. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for openssl-3
This update for openssl-3 fixes the following issues: CVE-2023-50782: Implicit rejection in PKCS1 v1.5 bsc1220262 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed fo...
Security update for libssh
This update for libssh fixes the following issues: CVE-2025-5372: sshkdf returns a success code on certain failures bsc1245314 CVE-2025-5987: Invalid return code for chacha20 poly1305 with OpenSSL backend bsc1245317 CVE-2025-4877: Write beyond bounds in binary to base64 conversion functions...
Security update for libxslt
This update for libxslt fixes the following issues: CVE-2025-7424: Fixed type confusion in xmlNode.psvi between stylesheet and source nodes bsc1246360 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for poppler
This update for poppler fixes the following issues: CVE-2025-50420: Fixed Denial of Service in pdfseparate utility bsc1247590 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the comma...
Security update for poppler
This update for poppler fixes the following issues: CVE-2025-50420: Fixed Denial of Service in pdfseparate utility bsc1247590 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the comma...
Security update for apache-commons-lang3
This update for apache-commons-lang3 fixes the following issues: CVE-2025-48924: Fixed an uncontrolled recursion vulnerability that may lead to a DoS. bsc1246397 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for tiff
This update for tiff fixes the following issues: Updated TIFFMergeFieldInfo with readcount=writecount=0 for FIELDIGNORE bsc1243503 CVE-2025-8176: Fixed heap use-after-free in tools/tiffmedian.c bsc1247108 CVE-2025-8177: Fixed possible buffer overflow in tools/thumbnail.c:setrow when processing...
Security update for sccache
This update for sccache fixes the following issues: Update to version 0.4.24: CVE-2024-12224: Fixed improper validation of unsafe equivalence in punycode. bsc1243868 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for go1.24
This update for go1.24 fixes the following issues: Update to go1.24.6: CVE-2025-47906: Fixed LookPath returning unexpected paths bsc1247719 CVE-2025-47907: Fixed incorrect results returned from Rows.Scan bsc1247720 go73800 runtime: RSS seems to have increased in Go 1.24 while the runtime accounti...
Security update for libssh
This update for libssh fixes the following issues: CVE-2025-4877: Fixed write beyond bounds in binary to base64 conversion functions bsc1245309. CVE-2025-4878: Fixed use of uninitialized variable in privatekeyfromfile bsc1245310. CVE-2025-5318: Fixed likely read beyond bounds in sftp server handl...
Security update for postgresql14
This update for postgresql14 fixes the following issues: Upgrade to 14.18: CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation bsc1242931 Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for ruby2.5
This update for ruby2.5 fixes the following issues: CVE-2025-6442: Fixed readheader HTTP Request Smuggling Vulnerability in WEBrick bsc1245254 CVE-2025-27221: Fixed userinfo leakage in URIjoin, URImerge and URI+ bsc1237805 Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for grub2
This update for grub2 fixes the following issues: CVE-2024-56738: Fixed side-channel attack due to not constant-time algorithm in grubcryptomemcmp bsc1234959 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for djvulibre
This update for djvulibre fixes the following issues: CVE-2025-53367: Fixed a bug where a crafted document may lead to an out of bound write. bsc1245773 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for redis
This update for redis fixes the following issues: CVE-2025-32023: Fixed out-of-bounds write when working with HyperLogLog commands can lead to remote code execution. bsc1246059 CVE-2025-48367: Fixed unauthenticated connection causing repeated IP protocol erros can lead to client starvation and Do...