5387 matches found
Security update for python312
This update for python312 fixes the following issues: Properly quote path names provided when creating a virtual environment bsc1232241, CVE-2024-9287 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for file-roller
This update for file-roller fixes the following issues: CVE-2020-36314: Fixed directory traversal via directory symlink pointing outside of the target directory bsc1189131 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypp...
Security update for python-Jinja2
This update for python-Jinja2 fixes the following issues: CVE-2024-56201: Fixed sandbox breakout through malicious content and filename of a template bsc1234808 CVE-2024-56326: Fixed sandbox breakout through indirect reference to format method bsc1234809 Patch Instructions: To install this SUSE...
Security update for liboqs, oqs-provider
This update for liboqs, oqs-provider fixes the following issues: This update supplies the new FIPS standardized ML-KEM, ML-DSA, SHL-DSA algorithms. This update liboqs to 0.12.0: This release updates the ML-DSA implementation to the final FIPS 204 version. This release still includes the NIST Roun...
Security update for curl
This update for curl fixes the following issues: CVE-2024-9681: Fixed HSTS subdomain overwrites parent cache entry bsc1232528 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the comma...
Security update for docker
This update for docker fixes the following issues: Update docker-buildx to v0.19.2. See upstream changelog online at . Some notable changelogs from the last update: Add a new toggle file /etc/docker/suse-secrets-enable which allows users to disable the SUSEConnect integration with Docker which...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2021-47594: mptcp: never allow the PM to close a listener subflow bsc1226560. CVE-2022-48983: iouring: Fix a null-ptr-deref in iotctxexitcb bsc1231959...
Security update for the Linux Kernel (Live Patch 8 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005539 fixes several issues. The following security issues were fixed: CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool bsc1225429. CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. CVE-2024-43861: Fix memor...
Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-150600237 fixes several issues. The following security issues were fixed: CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. CVE-2024-42133: Bluetooth: Ignore too large hand...
Security update for docker-stable
This update for docker-stable fixes the following issues: Remove DOCKERNETWORKOPTS from docker.service. This was removed from sysconfig a long time ago, and apparently this causes issues with systemd in some cases. Update --add-runtime to point to correct binary path. Further merge docker and...
Security update for postgresql14
This update for postgresql14 fixes the following issues: CVE-2024-10976: Ensure cached plans are marked as dependent on the calling role when RLS applies to a non-top-level table reference bsc1233323. CVE-2024-10977: Make libpq discard error messages received during SSL or GSS protocol negotiatio...
Security update for python
This update for python fixes the following issues: CVE-2024-11168: Fixed improper validation of IPv6 and IPvFuture addresses bsc1233307 Other fixes: - Add ipaddress module from https://github.com/phihag/ipaddress - Remove -IVendor/ from python-config bsc1231795 - Stop using %%defattr, it seems...
Security update for python39
This update for python39 fixes the following issues: CVE-2024-11168: Improper validation of IPv6 and IPvFuture addresses bsc1233307. Bug fixes: Remove -IVendor/ from python-config bsc1231795. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506008 fixes several issues. The following security issues were fixed: CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. CVE-2024-35949: btrfs: make sure that WRITTEN is s...
Security update for postgresql12
This update for postgresql12 fixes the following issues: CVE-2024-10976: Ensure cached plans are marked as dependent on the calling role when RLS applies to a non-top-level table reference bsc1233323. CVE-2024-10977: Make libpq discard error messages received during SSL or GSS protocol negotiatio...
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 128.5.0 ESR, fixed various security fixes and other quality improvements, MFSA 2024-64 bsc1233695: CVE-2024-11691: Memory corruption in Apple GPU drivers CVE-2024-11692: Select list elements could be shown...
Security update for xen
This update for xen fixes the following issues: Security issues fixed: CVE-2024-45818: xen: Deadlock in x86 HVM standard VGA handling bsc1232622 CVE-2024-45819: xen: libxl leaks data to PVH guests via ACPI tables bsc1232624 CVE-2024-45817: xen: x86: Deadlock in vlapicerror bsc1230366 Non-security...
Security update for java-21-openjdk
This update for java-21-openjdk fixes the following issues: Update to upstream tag jdk-21.0.5+13 October 2024 CPU Security fixes JDK-8307383: Enhance DTLS connections JDK-8311208: Improve CDS Support JDK-8328286, CVE-2024-21208, bsc1231702: Enhance HTTP client JDK-8328544, CVE-2024-21210,...
Security update for govulncheck-vulndb
This update for govulncheck-vulndb fixes the following issues: Update to version 0.0.20241030T212825 2024-10-30T21:28:25Z jscPED-11136 Go CVE Numbering Authority IDs added or updated with aliases: GO-2024-3230 CVE-2024-48921 GHSA-qjvc-p88j-j9rm GO-2024-3232 CVE-2024-10241 GHSA-6mvp-gh77-7vwh Go C...
Security update for python-waitress
This update for python-waitress fixes the following issues: CVE-2024-49768: Fixed request processing race condition in HTTP pipelining with invalid first request when lookahead is enabled bsc1232556 CVE-2024-49769: Fixed incorrect connection clean up leads to a busy-loop and resource exhaustion...
Security update for cups-filters
This update for cups-filters fixes the following issues: CVE-2024-47850: cups-browsed can be abused to initiate remote DDoS against third-party targets bsc1231294 CVE-2024-47076: Fixed lack of input sanitization in cfGetPrinterAttributes5 bsc1230937. Patch Instructions: To install this SUSE updat...
Security update for the Linux Kernel (Live Patch 21 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024100 fixes several issues. The following security issues were fixed: CVE-2021-47598: schcake: do not call cakedestroy from cakeinit bsc1227471. CVE-2024-35863: Fixed potential UAF in isvalidoplockbreak bsc1225011. CVE-2023-52752: smb: client: fix...
Security update for apache2
This update for apache2 fixes the following issues: CVE-2024-40725: Fixed source code disclosure of local content bsc1228097 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the comman...
Security update for cups-filters
This update for cups-filters fixes the following issues: cups-browsed would bind on UDP INADDRANY:631 and trust any packet from any source to trigger a Get-Printer-Attributes IPP request to an attacker controlled URL. This patch removes support for the legacy CUPS and LDAP protocols, the previous...
Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005568 fixes several issues. The following security issues were fixed: CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfochangednotify bsc1225739. CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails bsc1227808...
Security update for google-cloud-sap-agent
This update for google-cloud-sap-agent fixes the following issues: CVE-2026-39821: Update golang.org/x/net dependency bsc1266604. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for ansible-core
This update for ansible-core fixes the following issues: CVE-2026-11332: Argument injection in ansible-galaxy role install leads to arbitrary code execution bsc1267822. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for opensc
This update for opensc fixes the following issues CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device responses bsc1261214. CVE-2025-66215: crafted smart card or USB device can cause a stack-buffer-overflow write bsc1261220. CVE-2026-10275: global buffer overflow during key...
Security update for tomcat
This update for tomcat fixes the following issues Update to Tomcat 9.0.118: CVE-2026-41284: Unbounded read in WebDAV LOCK and PROPFIND handling bsc1265162. CVE-2026-41293: HTTP/2 request headers not validated bsc1265163. CVE-2026-42498: WebSocket authentication header exposure bsc1265165...
Security update for xen
This update for xen fixes the following issues: CVE-2026-42487: xen: x86 HVM I/O port list traversal XSA-491 bsc1266952. CVE-2026-42488: xen: x86: mismatched mapcache metadata XSA-494 bsc1266955. CVE-2026-42489,CVE-2026-42490: xen: domctl lock open to abuse XSA-492 bsc1266953. Patch Instructions:...
Security update for clamav
This update for clamav fixes the following issues: Update to clamav 1.5.2: Security issue: CVE-2026-20031: improper error handling in the HTML CSS module when splitting UTF-8 strings can lead to denial of service conditions via a crafted HTML file bsc1259207. Non security issue: Support...
Security update for haproxy
This update for haproxy fixes the following issues CVE-2026-55203: integer overflow vulnerability in the fcgiconn structure's drl field that allows buffer misparse as new FCGI record headers bsc1268557. CVE-2026-55204: null pointer dereference vulnerability in hpackdhtinsert within src/hpack-tbl....
Security update for nodejs22
This update for nodejs22 fixes the following issues Update to 22.23.0: CVE-2026-6733: undici: Undici: Response queue poisoning on reused keep-alive sockets can lead to incorrect response delivery bsc1268479. CVE-2026-9496: pacote: excessive CPU consumption in addGitSha when processing a specially...
Security update for frr
This update for frr fixes the following issues CVE-2026-28532: Denial of Service due to integer overflow in OSPF TLV parser functions bsc1263859. CVE-2026-37457: An off-by-one out-of-bounds write vulnerability in the bgpflowspecopdecode function bgpd/bgpflowspecutil.c of FRRouting FRR stable/10.0...
Security update for containerd
This update for containerd fixes the following issues CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2 :path pseudo- header bsc1260296. CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZ...
Security update for podman
This update for podman fixes the following issues CVE-2026-34986: github.com/go-jose/go-jose/v4,github.com/go-jose/go-jose/v3: crafted JWE input with a missing encrypted key can lead to a denial of service bsc1262856. CVE-2026-39829,CVE-2026-39830,CVE-2026-42508,CVE-2026-46598:...
Security update for nodejs24
This update for nodejs24 fixes the following issues Update to 24.17.0: CVE-2026-2581: undici: Undici: Denial of Service due to uncontrolled resource consumption bsc1268480. CVE-2026-6733: undici: Undici: Response queue poisoning on reused keep-alive sockets can lead to incorrect response delivery...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs bsc1266290. CVE-2025-68324: scsi: imm: Fix use-after-free bug caused by unfinished delayed work...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP4 RT kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs bsc1266290. CVE-2025-68324: scsi: imm: Fix use-after-free bug caused by unfinished delayed work...
Security update for python-PyJWT
This update for python-PyJWT fixes the following issues CVE-2026-48522: PyJWKClient passes URI arguments directly to urllib.request.urlopen and allows for SSRF and token forgery bsc1266798. CVE-2026-48523: verifier-side algorithm allow-list bypass when jwt.decode or jwt.decodecomplete are called...
Security update for python-PyJWT
This update for python-PyJWT fixes the following issues CVE-2026-48522: PyJWKClient passes URI arguments directly to urllib.request.urlopen and allows for SSRF and token forgery bsc1266798. CVE-2026-48523: verifier-side algorithm allow-list bypass when jwt.decode or jwt.decodecomplete are called...
Security update for GraphicsMagick
This update for GraphicsMagick fixes the following issue CVE-2026-46523: heap-use-after-free via a crafted MSL image bsc1268125. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for java-1_8_0-openjdk
This update for java-180-openjdk fixes the following issues Update to version jdk8u492: Security issues: CVE-2026-22007: APIs in the specified component can lead to an unauthorized read access bsc1262490. CVE-2026-22013: unauthenticated attacker with network access can access to critical data...
Security update for libheif
This update for libheif fixes the following issues Update to 1.23.0: CVE-2025-68431: heap buffer over-read in HeifPixelImage: overlay via crafted HEIF that exercises the overlay image item bsc1255735. CVE-2026-3950: manipulation of the component stsz/stts can lead to out-of-bounds read bsc1259544...
Security update for iproute2
This update for iproute2 fixes the following issue CVE-2024-58251: denial of service via terminal escape sequences bsc1254324. Other updates: support display of bound but unconnected sockets bsc1204562 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods...
Security update for libpng15
This update for libpng15 fixes the following issues Security issues: CVE-2025-64720: buffer overflow in pngimagereadcomposite via incorrect palette premultiplication bsc1254159. Non security issue: version update to 1.5.30 jscPED-16191. Changes for libpng15: Replaced "unexpected" with an integer ...
Security update for bind
This update for bind fixes the following issues: CVE-2026-3592: Amplification vulnerabilities via self-pointed glue records bsc1265592. CVE-2026-3039: BIND 9 server memory exhaustion during GSS-API TKEY negotiation bsc1265591. CVE-2026-5946: Invalid handling of CLASS != IN bsc1265594. Patch...
Security update for bind
This update for bind fixes the following issues: CVE-2026-3592: Amplification vulnerabilities via self-pointed glue records bsc1265592. CVE-2026-3039: BIND 9 server memory exhaustion during GSS-API TKEY negotiation bsc1265591. CVE-2026-5946: Invalid handling of CLASS != IN bsc1265594. Patch...
Security update for tar
This update for tar fixes the following issues: Upgrade tar to version 1.34 jscPED-16073. Security issues fixed: CVE-2025-45582: file overwrite via directory traversal in crafted TAR archives bsc1246399. Other updates and bugfixes: Changes from 1.28: New --one-top-level option: extract all files...
Security update for the Linux Kernel (Live Patch 11 for SUSE Linux Enterprise 15 SP6)
This update for the SUSE Linux Enterprise Kernel 6.4.0-150600.23.50 fixes various security issues The following security issues were fixed: CVE-2026-23278: netfilter: nftables: always walk all pending catchall elements bsc1260907. CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cac...