Security update for flatpak

This update for flatpak fixes the following issues: CVE-2026-34078: Arbitrary code execution via crafted symlinks in sandbox-expose options bsc1261769. CVE-2026-34079: Arbitrary file deletion on host via improper cache file path validation bsc1261770. Patch Instructions: To install this SUSE upda...

Security update for openexr

This update for openexr fixes the following issues: CVE-2026-40244: Integer overflow in DWA setupChannelData planarUncRle pointer arithmetic bsc1262426. CVE-2026-40250: Integer overflow in DWA decoder outBufferEnd pointer arithmetic bsc1262425. Patch Instructions: To install this SUSE update use...

Security update for openssl-3

This update for openssl-3 fixes the following issue: CVE-2026-28390: NULL pointer dereference during processing of a crafted CMS EnvelopedData message with KeyTransportRecipientInfo bsc1261678. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

Security update for the Linux Kernel (Live Patch 5 for SUSE Linux Enterprise 15 SP7)

This update for the SUSE Linux Enterprise kernel 6.4.0-150700.53.19 fixes various security issues The following security issues were fixed: CVE-2025-39977: futex: Prevent use-after-free during requeue-PI bsc1252048. CVE-2025-71066: net/sched: ets: Always remove class from active list before...

Security update for java-21-openjdk

This update for java-21-openjdk fixes the following issues: Update to upstream tag jdk-21.0.11+10 April 2026 CPU. Security issues fixed: CVE-2026-22007: Security: unauthenticated attacker with logon to the infrastructure where java executes can gain unauthorized read access to a subset of...

Security update for PackageKit

This update for PackageKit fixes the following issue: CVE-2026-41651: race condition allows for arbitrary RPM package installation as root and can lead to LPE bsc1262220. Special Instructions and Notes: Patch Instructions: To install this SUSE update use the SUSE recommended installation methods...

Security update for sed

This update for sed fixes the following issue: CVE-2026-5958: a TOCTOU race can allow to read attacker-controlled content and write it to an unintended file bsc1262144. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 kernel was updated to fix one security issue The following security issue was fixed: CVE-2026-31431: The copy.fail security issue is fixed by revert to operating out-of-place in algifaead bsc1262573. Special Instructions and Notes: Please reboot the system after...

Security update for glibc-livepatches

This update for glibc-livepatches fixes the following issue: Security fixes: CVE-2026-4046: assertion failure when converting inputs may be used to remotely crash an application bsc1261209. Other fixes: Fix problems with livepatches targeting libc-2.31.so instead of libc.so.6 in 15.4 bsc1263035...

Security update for libheif

This update for libheif fixes the following issues: CVE-2026-3949: Manipulation of the argument size of a malicious frame can lead to out-of-bounds read bsc1259541. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

Security update for xen

This update for xen fixes the following issues: CVE-2025-54505: floating point divider state sampling on AMD CPUs AMD-SN-7053 bsc1262428. CVE-2026-23557: Xenstored DoS via XSRESETWATCHES command bsc1262178. CVE-2026-23558: grant table v2 race in status page mapping bsc1262180. Special Instruction...

Security update for protobuf

This update for protobuf fixes the following issues: Refresh fixes: CVE-2025-4565: parsing of untrusted Protocol Buffers data containing an arbitrary number of recursive groups or messages can lead to crash due to RecursionError bsc1244663. CVE-2026-0994: maxrecursiondepth limit can be bypassed...

Security update for xen

This update for xen fixes the following issues: CVE-2025-54505: floating point divider state sampling on AMD CPUs AMD-SN-7053 bsc1262428. CVE-2026-23557: Xenstored DoS via XSRESETWATCHES command bsc1262178. CVE-2026-23558: grant table v2 race in status page mapping bsc1262180. Special Instruction...

Security update for python-requests

This update for python-requests fixes the following issues: CVE-2026-25645: extractzippedpaths uses predictable filenames when extracting files from zip archives and reuses target files that already exist without validation bsc1260589. Patch Instructions: To install this SUSE update use the SUSE...

Security update for dovecot22

This update for dovecot22 fixes the following issues: CVE-2025-59031: decode2text.sh OOXML extraction may follow symlinks and read unintended files during indexing bsc1260895. CVE-2025-59032: pigeonhole: ManageSieve panic occurs with sieve-connect as a client bsc1260902. CVE-2026-27855: OTP drive...

Security update for freerdp

This update for freerdp fixes the following issues: CVE-2026-25941: Out-of-Bounds Read in client RDPGFX channel via crafted WIRETOSURFACE2 PDU bsc1258919. CVE-2026-25942: Global-buffer-overflow in xfrailserverexecuteresult bsc1258920. CVE-2026-25952: Heap-use-after-free in xfSetWindowMinMaxInfo...

Security update for freerdp

This update for freerdp fixes the following issues: CVE-2026-25941: Out-of-Bounds Read in client RDPGFX channel via crafted WIRETOSURFACE2 PDU bsc1258919. CVE-2026-25942: Global-buffer-overflow in xfrailserverexecuteresult bsc1258920. CVE-2026-25952: Heap-use-after-free in xfSetWindowMinMaxInfo...

Security update for freerdp

This update for freerdp fixes the following issues: CVE-2026-25941: Out-of-Bounds Read in client RDPGFX channel via crafted WIRETOSURFACE2 PDU bsc1258919. CVE-2026-25942: Global-buffer-overflow in xfrailserverexecuteresult bsc1258920. CVE-2026-25952: Heap-use-after-free in xfSetWindowMinMaxInfo...

Security update for the Linux Kernel (Live Patch 34 for SUSE Linux Enterprise 15 SP5)

This update for the SUSE Linux Enterprise Kernel 5.14.21-150500.55.133 fixes various security issues The following security issues were fixed: CVE-2026-23191: ALSA: aloop: Fix racy access at PCM trigger bsc1258396. CVE-2026-23268: apparmor: fix unprivileged local user can do privileged policy...

Security update for libpng16

This update for libpng16 fixes the following issue: CVE-2026-34757: information disclosure and data corruption due to use-after-free in pngsetPLTE, pngsettRNS and pngsethIST bsc1261957. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

Security update for librsvg

This update for librsvg fixes the following issue: CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion bsc1257922. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...

Security update for ImageMagick

This update for ImageMagick fixes the following issues: CVE-2026-33899: Denial of Service via out-of-bounds write in XML parsing bsc1262154. CVE-2026-33900: Denial of Service via integer truncation in viff encoder bsc1262156. CVE-2026-33901: Denial of Service due to heap buffer overflow in MVG...

Security update for python-pyOpenSSL

This update for python-pyOpenSSL fixes the following issue: CVE-2026-27448: unhandled exception can result in connection not being cancelled bsc1259804. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

Security update for gdk-pixbuf

This update for gdk-pixbuf fixes the following issue: CVE-2026-5201: Denial of Service via heap-based buffer overflow when processing a specially crafted JPEG image bsc1261210. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...

Security update for ntfs-3g_ntfsprogs

This update for ntfs-3gntfsprogs fixes the following issue: CVE-2026-40706: heap buffer overflow in ntfsbuildpermissionsposix in acls.c bsc1262216. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...

Security update for haproxy

This update for haproxy fixes the following issue: CVE-2026-33555: Request smuggling via HTTP/3 parser desynchronization bsc1262103. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run th...

Security update for perl

This update for perl fixes the following issue: CVE-2017-20230: Storable versions before 3.05 for Perl has a stack overflow bsc1262486. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run...

Security update for the Linux Kernel (Live Patch 32 for SUSE Linux Enterprise 15 SP5)

This update for the SUSE Linux Enterprise Kernel 5.14.21-150500.55.127 fixes various security issues The following security issues were fixed: CVE-2026-23191: ALSA: aloop: Fix racy access at PCM trigger bsc1258396. CVE-2026-23268: apparmor: fix unprivileged local user can do privileged policy...

Security update for libraw

This update for libraw fixes the following issues: CVE-2026-5342: out-of-bounds read via LibRaw::nikonloadpaddedpackedraw bsc1261499. CVE-2026-20884: integer overflow and heap buffer overflow via deflatedngloadraw bsc1261671. CVE-2026-20889: heap-based buffer overflow in x3fthumbloaderbsc1261672...

Security update for openssl-1_1

This update for openssl-11 fixes the following issues: CVE-2026-28390: NULL pointer dereference during processing of a crafted CMS EnvelopedData message with KeyTransportRecipientInfo bsc1261678. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like Ya...

Security update for docker

This update for docker rebuilds it against the current go 1.25 security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: SUSE Linux...

Security update for kubernetes

This update for kubernetes rebuilds it against the current go 1.25 security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: openSUSE Leap...

Security update for kubernetes-old

This update for kubernetes-old rebuilds it against the current go 1.25 security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: openSUSE...

Security update for cosign

This update for cosign rebuilds it against the current go 1.25 security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: SUSE Linux...

Security update for openvswitch

This update for openvswitch fixes the following issues: CVE-2026-34956: invalid memory access via crafted FTP payloads in userspace conntrack flows specifying the FTP alg handler bsc1261273. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

Security update for nodejs22

This update for nodejs22 fixes the following issues: Update to version 22.22.2. CVE-2026-21717: trivially predictable hash collisions due to flaw in V8's string hashing mechanism allows for performance degradation via a crafted request bsc1260494. CVE-2026-21716: incomplete fix for CVE-2024-36137...

Security update for opensc

This update for opensc fixes the following issues: CVE-2025-49010: specially crafted smart card or USB device can lead to a stack buffer overflow write in GET RESPONSE bsc1261214. CVE-2025-66037: specially crafted input processed by the fuzzpkcs15reader harness can lead to an out-of-bounds heap...

Security update for the Linux Kernel (Live Patch 9 for SUSE Linux Enterprise 15 SP7)

This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.53.31 fixes one security issue The following security issue was fixed: CVE-2026-23268: apparmor: fix unprivileged local user can do privileged policy management bsc1259859. Patch Instructions: To install this SUSE update use the SUSE...

Security update for jetty-minimal

This update for jetty-minimal fixes the following issues: CVE-2025-11143: Fixed different parsing of invalid URIs bsc1259242. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the comma...

Security update for avahi

This update for avahi fixes the following issue: CVE-2026-24401: avahi-daemon can be crashed via a segmentation fault by sending an unsolicited mDNS response containing a recursive CNAME record bsc1257235. Patch Instructions: To install this SUSE update use the SUSE recommended installation metho...

Security update for python-ecdsa

This update for python-ecdsa fixes the following issues: CVE-2026-33936: issue in the low-level DER parsing functions can cause unexpected exceptions to be raised from the public API functions bsc1261009. Patch Instructions: To install this SUSE update use the SUSE recommended installation method...

Security update for gdk-pixbuf

This update for gdk-pixbuf fixes the following issue: CVE-2026-5201: Denial of Service via heap-based buffer overflow when processing a specially crafted JPEG image bsc1261210. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...

Security update for NetworkManager

This update for NetworkManager fixes the following issues: CVE-2025-9615: non-admin users are allowed to use certificates from other users bsc1257359. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

Security update for python-urllib3

This update for python-urllib3 fixes the following issues: Security issues: CVE-2025-66418: resource exhaustion via unbounded number of links in the decompression chain bsc1254866. CVE-2025-66471: excessive resource consumption via decompression of highly compressed data in Streaming API...

Security update for tiff

This update for tiff fixes the following issues: CVE-2025-61143: Fixed NULL pointer dereference bsc1258798. CVE-2025-61144: Fixed stack overflow in readSeparateStripsIntoBuffer bsc1258801. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

Security update for python-PyJWT

This update for python-PyJWT fixes the following issues: CVE-2026-32597: Fixed unknown crit header extensions accepts bsc1259616. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...

Security update for openssl-3

This update for openssl-3 fixes the following issues: Security issues fixed: CVE-2026-28387: Potential use-after-free in DANE client code bsc1260441. CVE-2026-28388: NULL pointer dereference when processing a Delta CRL bsc1260442. CVE-2026-28389: Possible NULL dereference when processing CMS...

Security update for python

This update for python fixes the following issues: CVE-2026-3479: improper resource argument validation in pkgutil.getdata can allow path traversal bsc1259989. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

Security update for tigervnc

This update for tigervnc fixes the following issues: CVE-2026-34352: Fixed permissions to prevent other users from observing the screen, or modifying what is sent to the client. bsc1260871 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

Security update for xwayland

This update for xwayland fixes the following issues: CVE-2026-33999: XKB integer underflow in XkbSetCompatMap bsc1260922. CVE-2026-34000: XKB out-of-bounds read in CheckSetGeom bsc1260923. CVE-2026-34001: XSYNC use-after-free in miSyncTriggerFence bsc1260924. CVE-2026-34002: XKB out-of-bounds rea...