Security update for protobuf

This update for protobuf fixes the following issues: CVE-2024-7254: Fixed stack overflow vulnerability in Protocol Buffer bsc1230778 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run th...

Security update for ffmpeg-4

This update for ffmpeg-4 fixes the following issues Update to version 4.4.7: CVE-2023-6601: HLS Unsafe File Extension Bypass bsc1220545. CVE-2024-35366: FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in the parseoptions function of sbgdec.c within the libavformat module. When parsing...

Security update for the Linux Kernel

The SUSE Linux Enterprise 11 SP4 kernel was updated to fix various security issues The following security issues were fixed: CVE-2026-23271: perf: Fix perfeventoverflow vs perfremovefromcontext race bsc1260018. CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache bsc1261638...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues The following security issues were fixed: CVE-2026-31405: media: dvb-net: fix OOB access in ULE extension header tables bsc1261700. CVE-2026-31473: media: mc, v4l2: serialize REINIT and REQBUFS with reqqueuemutex...

Security update for avahi

This update for avahi fixes the following issue: CVE-2026-34933: reachable assertion in transportflagsfromdomain can crash the avahi-daemon bsc1261546. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

Security update for mariadb

This update for mariadb fixes the following issues: CVE-2026-3494: audit plugin comment handling bypass bsc1259176. CVE-2026-34303: mysql: optimizer unspecified vulnerability bsc1266435. CVE-2026-44168: wsrep SST unsafe parameter handling on the donor side bsc1266442. CVE-2026-44170: argument...

Security update for xorg-x11-server

This update for xorg-x11-server fixes the following issues CreateSaverWindow Use-After-Free Information Disclosure. bsc1266301 DRI2 DRIGetBuffers/DRIGetBuffersWithFormat Out-Of-Bounds Write. bsc1266302 Font Alias Stack-based Buffer Overflow. bsc1266294 GLX ChangeDrawableAttributes Out-Of-Bounds...

Security update for hplip

This update for hplip fixes the following issues Security issues: CVE-2025-43023: weak code signing DSA key used to generate package signatures can lead to key spoofing and malicious software installation bsc1266031. CVE-2026-8631: escalation of privileges and/or arbitrary code execution via an...

Security update for python-Twisted

This update for python-Twisted fixes the following issue CVE-2026-42304: Prior to 26.4.0rc2, the twisted.names module is vulnerable to a Denial of Service DoS attack via resource exhaustion during DNS name decompression bsc1265265. Patch Instructions: To install this SUSE update use the SUSE...

Security update for python3-Twisted

This update for python3-Twisted fixes the following issue CVE-2026-42304: Prior to 26.4.0rc2, the twisted.names module is vulnerable to a Denial of Service DoS attack via resource exhaustion during DNS name decompression bsc1265265. Patch Instructions: To install this SUSE update use the SUSE...

Security update for the Linux Kernel (Live Patch 13 for SUSE Linux Enterprise 15 SP7)

This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.53.45 fixes various security issues The following security issues were fixed: CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264096. CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit bsc1265224...

Security update for the Linux Kernel (Live Patch 36 for SUSE Linux Enterprise 15 SP5)

This update for the SUSE Linux Enterprise Kernel 5.14.21-150500.55.141 fixes various security issues The following security issues were fixed: CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264096. CVE-2026-23243: RDMA/umad: Reject negative datalen in ibumadwrite bsc1259798...

Security update for python-urllib3

This update for python-urllib3 fixes the following issue CVE-2026-44431: sensitive information disclosure due to sensitive headers being forwarded across origins in proxied low-level redirects bsc1265267. Patch Instructions: To install this SUSE update use the SUSE recommended installation method...

Security update for apache2

This update for apache2 fixes the following issues CVE-2026-23918: http2: double free and possible RCE on early reset bsc1263957. CVE-2026-24072: modrewrite elevation of privileges via apexpr bsc1263935. CVE-2026-28780: heap buffer overflow in modproxyajp via ajpmsgcheckheader bsc1264163...

Security update for rsync

This update for rsync fixes the following issues CVE-2026-29518: Symlink-Race TOCTOU in Daemon bsc1264511. CVE-2026-41035: count of entries mismatch can lead to a use-after-free bsc1262223. CVE-2026-43617: Authorization Bypass via Hostname Resolution bsc1264515. CVE-2026-43618: Integer Overflow...

Security update for python-urllib3_1

This update for python-urllib31 fixes the following issue CVE-2026-44431: sensitive information disclosure due to sensitive headers being forwarded across origins in proxied low-level redirects bsc1265267. Patch Instructions: To install this SUSE update use the SUSE recommended installation metho...

Security update for rsync

This update for rsync fixes the following issues CVE-2026-29518: Symlink-Race TOCTOU in Daemon bsc1264511. CVE-2026-41035: Count of entries mismatch can lead to a use-after-free bsc1262223 CVE-2026-43617: Authorization Bypass via Hostname Resolution bsc1264515. CVE-2026-43618: Integer Overflow...

Security update for buildah

This update for buildah rebuilds it against the current go security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: openSUSE Leap 15.4...

Security update for vim

This update for vim fixes the following issue: Security fixes: CVE-2026-39881: command injection in NetBeans interface can lead to arbitrary file reads and writes bsc1261833. Other fixes: Update to 9.2.0398. 9.2.0398: MS-Windows: missing strptime support 9.2.0397: tabpanel: double-click opens a n...

Security update for erlang26

This update for erlang26 fixes the following issues Security issues: CVE-2026-21620: remote arbitrary read/write via TFTP relative path traversal bsc1258663. CVE-2026-23941: HTTP Request Smuggling in Erlang OTP bsc1259687. CVE-2026-23942: path traversal vulnerability in Erlang OTP bsc1259681...

Security update for haveged

This update for haveged fixes the following issue CVE-2026-41054: missing exit out of permission check could lead to root exploit bsc1264086. Changes for haveged: Improvements on the linux kernel random subsystem have made move forward to socket communication within private network Fix "stop" of...

Security update for php8

This update for php8 fixes the following issues CVE-2025-14179: improper handling of NULL bytes by the PDO Firebird driver when preparing SQL queries can lead to SQL injection bsc1264778. CVE-2026-6722: use-after-free in SOAP using Apache map can lead to remote code execution bsc1264776...

Security update for zypper-docker

This update for zypper-docker fixes the following issues CVE-2026-2808: github.com/hashicorp/consul: unvalidated user-supplied file paths can lead to arbitrary file reads through the Vault Kubernetes authentication provider bsc1259563. CVE-2026-33186: google.golang.org/grpc: authorization bypass...

Security update for cups-filters

This update for cups-filters fixes the following issues error about PPD file during 'driverless' printer setup bsc1256868. ppd pull out from driverless printer feature broken bsc1256977. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

Security update for python310

This update for python310 fixes the following issues Security issues: CVE-2026-1502: HTTP client proxy tunnel headers not validated for CR/LF bsc1261969. CVE-2026-3446: base64 decoding stops at first padded quad by default bsc1261970. CVE-2026-4786: incomplete mitigation of , %action expansion fo...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-54518: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache bsc1264013. CVE-2026-46300: net: skbuff: propagate shared-frag marker through...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-54518: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache bsc1264013. CVE-2026-46300: net: skbuff: propagate shared-frag marker...

Security update for python-Pillow

This update for python-Pillow fixes the following issue CVE-2026-42310: infinite loop and resource exhaustion when processing specially crafted PDFs bsc1265154. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

Security update for the Linux Kernel (Live Patch 34 for SUSE Linux Enterprise 15 SP5)

This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.133 fixes various security issues The following security issues were fixed: CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size bsc1258073. CVE-2025-71066: net/sched: ets: Always remove class from...

Security update for terraform-provider-aws, terraform-provider-azurerm, terraform-provider-external, terraform-provider-google, terraform-provider-helm, terraform-provider-kubernetes, terraform-provid

This update for terraform-provider-aws, terraform-provider-azurerm, terraform-provider-external, terraform-provider-google, terraform-provider-helm, terraform-provider-kubernetes, terraform-provider-local, terraform-provider-random, terraform-provider-tls fixes the following issues: CVE-2025-2286...

Security update for nginx

This update for nginx fixes the following issues: CVE-2026-1642: plain text data injection into the response from an upstream proxied server via MITM attack bsc1257675. CVE-2026-27654: buffer overflow in the NGINX worker process via the ngxhttpdavmodule module bsc1260416. CVE-2026-27784: NGINX...

Security update for openCryptoki

This update for openCryptoki fixes the following issues: CVE-2026-40253: updated fix by IBM for malformed BER-encoded cryptographic objects bsc1263819 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

Security update for erlang

This update for erlang fixes the following issues: CVE-2026-21620: remote arbitrary read/write via TFTP relative path traversal bsc1258663. CVE-2026-23941: HTTP Request Smuggling in Erlang OTP bsc1259687. CVE-2026-23942: path traversal vulnerability in Erlang OTP bsc1259681. CVE-2026-23943: denia...

Security update for containerd

This update for containerd rebuilds it against the current go 1.25 security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: SUSE Linux...

Security update for xorg-x11-server

This update for xorg-x11-server fixes the following issues: CVE-2026-33999: XKB integer underflow in XkbSetCompatMap bsc1260922. CVE-2026-34000: XKB out-of-bounds read in CheckSetGeom bsc1260923. CVE-2026-34001: XSYNC use-after-free in miSyncTriggerFence bsc1260924. CVE-2026-34002: XKB...

Security update for the Linux Kernel (Live Patch 75 for SUSE Linux Enterprise 12 SP5)

This update for the SUSE Linux Enterprise Kernel 4.12.14-122.283 fixes various security issues The following security issues were fixed: CVE-2023-53794: cifs: fix session state check in reconnect to avoid use-after-free issue bsc1255235. CVE-2025-71120: SUNRPC: svcauthgss: avoid NULL deref on zer...

Security update for strongswan

This update for strongswan fixes the following issues: CVE-2026-25075: Fixed integer underflow when handling EAP-TTLS AVP bsc1259472. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run t...

Security update for go1.25-openssl

This update for go1.25-openssl fixes the following issues: Update to go 1.25.8 bsc1244485, jscSLE-18320: CVE-2025-61732: cmd/cgo: discrepancy between Go and C/C++ comment parsing allows for C code smuggling bsc1257692. CVE-2025-68121: crypto/tls: Config.Clone copies automatically generated sessio...

Security update for gvfs

This update for gvfs fixes the following issues: CVE-2026-28295: Fix ftp use control connection address for PASV data bsc1258953. CVE-2026-28296: Fix ftp reject paths containing CR/LF characters bsc1258954. Patch Instructions: To install this SUSE update use the SUSE recommended installation...

Security update for tomcat

This update for tomcat fixes the following issues: CVE-2026-24733: improper input validation on HTTP/0.9 requests bsc1258385 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the comman...

Security update for zabbix

This update for zabbix fixes the following issues: CVE-2024-36469: Introduced clamping for mitigation of timing attacks. bsc1240676 CVE-2024-42325: Restricted access to user fields using user.get API method for users of User and Admin type, and restricted access to alert entities using alert.get...

Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: Upgrade to upstream tag jdk-11.0.30+7 January 2026 CPU Security fixes: CVE-2026-21925: Fixed Oracle Java SE component RMI bsc1257034. CVE-2026-21932: Fixed Oracle Java SE component AWT and JavaFX bsc1257036. CVE-2026-21933: Fixed Oracle...

Security update for log4j

This update for log4j fixes the following issues: Security fixes: CVE-2025-68161: Fixed absent TLS hostname verification that may allow a man-in-the-middle attack bsc1255427 Other fixes: Upgrade to 2.18.0 Added Add support for Jakarta Mail API in the SMTP appender. Add support for custom Log4j 1....

Security update for mariadb

This update for mariadb fixes the following issues: Update to version 10.5.29. Release notes and changelog: https://mariadb.com/kb/en/mariadb-10-5-29-release-notes/ https://mariadb.com/kb/en/mariadb-10-5-29-changelog/ https://mariadb.com/kb/en/mariadb-10-5-28-release-notes/...

Security update for yelp

This update for yelp fixes the following issues: CVE-2025-3155: JavaScript code execution and arbitrary file read through specially crafted help files and ghelp scheme URLs bsc1240688. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

Security update for the Linux Kernel (Live Patch 58 for SUSE Linux Enterprise 15 SP3)

This update for the SUSE Linux Enterprise kernel 5.3.18-150300.59.207 fixes various security issues The following security issues were fixed: CVE-2022-50388: nvme: fix multipath crash caused by flush request when blktrace is enabled bsc1250295. CVE-2022-50432: kernfs: fix use-after-free in...

Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to fix various security issues The following security issues were fixed: CVE-2021-4460: drm/amdkfd: Fix UBSAN shift-out-of-bounds warning bsc1250764. CVE-2022-48631: ext4: fix bug in extents parsing when ehentries == 0 and ehdepth 0 bsc1223475...

Security update for runc

This update for runc fixes the following issues: Update to runc v1.3.3. Upstream changelog is available from . bsc1252232 CVE-2025-31133 CVE-2025-52565 CVE-2025-52881 Update to runc v1.3.2. Upstream changelog is available from bsc1252110 Includes an important fix for the CPUSet translation for...

Security update for the Linux Kernel (Live Patch 9 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002342 fixes several issues. The following security issues were fixed: CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631. CVE-2025-38617: net/packet: fix a race in packetsetring and packetnotifier bsc1249208...

Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP7)

This update for the Linux Kernel 6.4.0-15070051 fixes several issues. The following security issues were fixed: CVE-2025-38678: netfilter: nftables: reject duplicate device on updates bsc1249534. CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns bsc1248673...