5440 matches found
Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506002347 fixes several issues. The following security issues were fixed: CVE-2025-38494: HID: core: do not bypass hidhwrawrequest bsc1247350. CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID bsc1247351...
Security update for the Linux Kernel (Live Patch 49 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059179 fixes several issues. The following security issues were fixed: CVE-2024-53146: NFSD: Prevent a potential integer overflow bsc1234854. CVE-2022-49465: blk-throttle: Set BIOTHROTTLED when bio has been throttled bsc1238920. CVE-2024-53214: vfio/pc...
Security update for elemental-toolkit
This update for elemental-toolkit fixes the following issues: Updated to v2.2.3: Adapted .golangci.yml format to a new version Simplified podman calls in CI steup Switched GHA runners to Ubuntu 24.04 Updated year in headers Vendored go.mod libraries CVE-2025-22870: golang.org/x/net/proxy: Fixed...
Security update for the Linux Kernel
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-26924: scsi: lpfc: Release hbalock before calling lpfcworkerwakeup bsc1225820. CVE-2024-27397: netfilter: nftables: use timestamp to check for s...
Security update for postgresql16
This update for postgresql16 fixes the following issues: Upgrade to 16.8: CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-encoded input strings bsc1237093. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for the Linux Kernel (Live Patch 21 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024100 fixes several issues. The following security issues were fixed: CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. Patch Instructions: To install this SUSE...
Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005552 fixes several issues. The following security issues were fixed: CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool bsc1225429. CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. CVE-2024-43861: Fix memor...
Security update for java-1_8_0-openjdk
This update for java-180-openjdk fixes the following issues: Update to version jdk8u432 icedtea-3.33.0: - CVE-2024-21208: Fixed partial DoS in component Networking bsc1231702,JDK-8328286 - CVE-2024-21210: Fixed unauthorized update, insert or delete access to some of Oracle Java SE accessible data...
Security update for the Linux Kernel RT (Live Patch 10 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505001335 fixes several issues. The following security issues were fixed: CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool bsc1225429. CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. CVE-2024-43861: Fix memor...
Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005549 fixes several issues. The following security issues were fixed: CVE-2024-35905: Fixed int overflow for stack access size bsc1226327. CVE-2021-47598: schcake: do not call cakedestroy from cakeinit bsc1227471. CVE-2024-35863: Fixed potential UAF i...
Security update for protobuf
This update for protobuf fixes the following issues: CVE-2024-7254: Fixed stack overflow vulnerability in Protocol Buffer bsc1230778 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run th...
Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506002317 fixes several issues. The following security issues were fixed: CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails bsc1227808 CVE-2024-40909: bpf: Fix a potential use-after-free in bpflinkfree bsc1228349. Patch...
Security update for ffmpeg-4
This update for ffmpeg-4 fixes the following issues Update to version 4.4.7: CVE-2023-6601: HLS Unsafe File Extension Bypass bsc1220545. CVE-2024-35366: FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in the parseoptions function of sbgdec.c within the libavformat module. When parsing...
Security update for xorg-x11-server
This update for xorg-x11-server fixes the following issues CreateSaverWindow Use-After-Free Information Disclosure. bsc1266301 DRI2 DRIGetBuffers/DRIGetBuffersWithFormat Out-Of-Bounds Write. bsc1266302 Font Alias Stack-based Buffer Overflow. bsc1266294 GLX ChangeDrawableAttributes Out-Of-Bounds...
Security update for xorg-x11-server
This update for xorg-x11-server fixes the following issues CreateSaverWindow Use-After-Free Information Disclosure. bsc1266301 DRI2 DRIGetBuffers/DRIGetBuffersWithFormat Out-Of-Bounds Write. bsc1266302 Font Alias Stack-based Buffer Overflow. bsc1266294 GLX ChangeDrawableAttributes Out-Of-Bounds...
Security update for hplip
This update for hplip fixes the following issues Security issues: CVE-2025-43023: weak code signing DSA key used to generate package signatures can lead to key spoofing and malicious software installation bsc1266031. CVE-2026-8631: escalation of privileges and/or arbitrary code execution via an...
Security update for python-Twisted
This update for python-Twisted fixes the following issue CVE-2026-42304: Prior to 26.4.0rc2, the twisted.names module is vulnerable to a Denial of Service DoS attack via resource exhaustion during DNS name decompression bsc1265265. Patch Instructions: To install this SUSE update use the SUSE...
Security update for python3-Twisted
This update for python3-Twisted fixes the following issue CVE-2026-42304: Prior to 26.4.0rc2, the twisted.names module is vulnerable to a Denial of Service DoS attack via resource exhaustion during DNS name decompression bsc1265265. Patch Instructions: To install this SUSE update use the SUSE...
Security update for the Linux Kernel (Live Patch 13 for SUSE Linux Enterprise 15 SP7)
This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.53.45 fixes various security issues The following security issues were fixed: CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264096. CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit bsc1265224...
Security update for strongswan
This update for strongswan fixes the following issues: CVE-2026-35328: infinite loop when handling supported versions TLS extension bsc1261712. CVE-2026-35329: null pointer dereference when processing padding in PKCS7 bsc1261717. CVE-2026-35330: integer underflow when handling EAP-SIM/AKA...
Security update for the Linux Kernel (Live Patch 76 for SUSE Linux Enterprise 12 SP5)
This update for the SUSE Linux Enterprise Kernel 4.12.14-122.290 fixes various security issues The following security issues were fixed: CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264096. CVE-2026-23243: RDMA/umad: Reject negative datalen in ibumadwrite bsc1259798. CVE-2026-46300:...
Security update for the Linux Kernel (Live Patch 36 for SUSE Linux Enterprise 15 SP5)
This update for the SUSE Linux Enterprise Kernel 5.14.21-150500.55.141 fixes various security issues The following security issues were fixed: CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264096. CVE-2026-23243: RDMA/umad: Reject negative datalen in ibumadwrite bsc1259798...
Security update for apache2
This update for apache2 fixes the following issues CVE-2026-23918: http2: double free and possible RCE on early reset bsc1263957. CVE-2026-24072: modrewrite elevation of privileges via apexpr bsc1263935. CVE-2026-28780: heap buffer overflow in modproxyajp via ajpmsgcheckheader bsc1264163...
Security update for rsync
This update for rsync fixes the following issues CVE-2026-29518: Symlink-Race TOCTOU in Daemon bsc1264511. CVE-2026-41035: count of entries mismatch can lead to a use-after-free bsc1262223. CVE-2026-43617: Authorization Bypass via Hostname Resolution bsc1264515. CVE-2026-43618: Integer Overflow...
Security update for go1.25-openssl
This update for go1.25-openssl fixes the following issues Security issues: CVE-2026-33811: net: crash when handling long CNAME response bsc1264508. CVE-2026-33814: net/http: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1264506. CVE-2026-39817: cmd/go: "go tool pack" do...
Security update for the Linux Kernel
The SUSE Linux Enterprise 12 SP5 kernel was updated to fix various security issues The following security issues were fixed: CVE-2022-50053: iavf: Fix reset error handling bsc1245038. CVE-2023-20585: x86/CPU: Fix FPDSS on Zen1. bsc1243603. CVE-2024-50082: blk-rq-qos: fix crash on rqqoswait vs...
Security update for python-urllib3_1
This update for python-urllib31 fixes the following issue CVE-2026-44431: sensitive information disclosure due to sensitive headers being forwarded across origins in proxied low-level redirects bsc1265267. Patch Instructions: To install this SUSE update use the SUSE recommended installation metho...
Security update for python312
This update for python312 fixes the following issues CVE-2026-1502: HTTP client proxy tunnel headers not validated for CR/LF bsc1261969. CVE-2026-4786: Incomplete mitigation of %action expansion for command injection to webbrowser.open bsc1262319. CVE-2026-6019: BaseCookie.jsoutput does not...
Security update for xz
This update for xz fixes the following issue CVE-2026-34743: buffer overflow in lzmaindexappend bsc1261280. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your...
Security update for cockpit
This update for cockpit fixes the following issues CVE-2026-0775: npm: loading of modules from an unsecured location can be used for local privilege escalation and arbitrary code execution in the context of a target user bsc1256521. CVE-2026-4802: remote command execution via unsanitized...
Security update for the Linux Kernel (Live Patch 69 for SUSE Linux Enterprise 12 SP5)
This update for the SUSE Linux Enterprise Kernel 4.12.14-122.261 fixes one security issue The following security issue was fixed: CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264459. Patch Instructions: To install this SUSE update use the SUSE recommended installation...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-54518: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache bsc1264013. CVE-2026-46300: net: skbuff: propagate shared-frag marker through...
Security update for python-Pillow
This update for python-Pillow fixes the following issue CVE-2026-42310: infinite loop and resource exhaustion when processing specially crafted PDFs bsc1265154. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for the Linux Kernel
The SUSE Linux Enterprise 11 SP4 kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-38234: sched/rt: Fix race in pushrttask bsc1246057. CVE-2026-23243: RDMA/umad: Reject negative datalen in ibumadwrite bsc1259797. Special Instructions and Notes:...
Security update for the Linux Kernel (Live Patch 34 for SUSE Linux Enterprise 15 SP5)
This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.133 fixes various security issues The following security issues were fixed: CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size bsc1258073. CVE-2025-71066: net/sched: ets: Always remove class from...
Security update for the Linux Kernel (Live Patch 69 for SUSE Linux Enterprise 12 SP5)
This update for the SUSE Linux Enterprise kernel 4.12.14-122.261 fixes various security issues The following security issues were fixed: CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size bsc1258073. CVE-2026-23004: dst: fix races in rt6uncachedlistdel and...
Security update for the Linux Kernel (Live Patch 30 for SUSE Linux Enterprise 15 SP5)
This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.121 fixes various security issues The following security issues were fixed: CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size bsc1258073. CVE-2025-39977: futex: Prevent use-after-free during...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP4 kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-38234: sched/rt: Fix race in pushrttask bsc1246057. CVE-2026-23103: ipvlan: Make the addrslock be per port bsc1257773. CVE-2026-23243: RDMA/umad: Reject negative...
Security update for the Linux Kernel (Live Patch 68 for SUSE Linux Enterprise 12 SP5)
This update for the SUSE Linux Enterprise Kernel 4.12.14-122.258 fixes various security issues The following security issues were fixed: CVE-2026-23191: ALSA: aloop: Fix racy access at PCM trigger bsc1258396. CVE-2026-23268: apparmor: fix unprivileged local user can do privileged policy managemen...
Security update for xorg-x11-server
This update for xorg-x11-server fixes the following issues: CVE-2026-33999: XKB integer underflow in XkbSetCompatMap bsc1260922. CVE-2026-34000: XKB out-of-bounds read in CheckSetGeom bsc1260923. CVE-2026-34001: XSYNC use-after-free in miSyncTriggerFence bsc1260924. CVE-2026-34002: XKB...
Security update for the Linux Kernel (Live Patch 75 for SUSE Linux Enterprise 12 SP5)
This update for the SUSE Linux Enterprise Kernel 4.12.14-122.283 fixes various security issues The following security issues were fixed: CVE-2023-53794: cifs: fix session state check in reconnect to avoid use-after-free issue bsc1255235. CVE-2025-71120: SUNRPC: svcauthgss: avoid NULL deref on zer...
Security update for strongswan
This update for strongswan fixes the following issues: CVE-2026-25075: Fixed integer underflow when handling EAP-TTLS AVP bsc1259472. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run t...
Security update for libvirt
This update for libvirt fixes the following issues: CVE-2025-13193: Fixed umask for 'qemu-img' when creating external inactive snapshots bsc1253703 CVE-2025-12748: Fixed Check ACLs before parsing the whole domain XML bsc1253278 Patch Instructions: To install this SUSE update use the SUSE...
Security update for libcryptopp
This update for libcryptopp fixes the following issues: CVE-2023-50979: Fixed side-channel leakage during decryption with PKCS1v1.5 padding. bsc1218217 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for the Linux Kernel (Live Patch 13 for SUSE Linux Enterprise 15 SP6)
This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.60 fixes various security issues The following security issues were fixed: CVE-2025-38500: xfrm: interface: fix use-after-free after changing collectmd xfrm interface bsc1248672. CVE-2025-38616: tls: handle data disappearing from...
Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise 15 SP6)
This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.47 fixes various security issues The following security issues were fixed: CVE-2025-23145: mptcp: fix NULL pointer in canacceptnewsubflow bsc1242882. CVE-2025-38500: xfrm: interface: fix use-after-free after changing collectmd xfrm...
Security update for tomcat10
This update for tomcat10 fixes the following issues: Update to Tomcat 10.1.48 CVE-2025-55752: Fixed directory traversal via rewrite with possible RCE if PUT is enabled bsc1252753 CVE-2025-55754: Fixed improper neutralization of escape, meta, or control sequences vulnerability bsc1252905...
Security update for java-1_8_0-ibm
This update for java-180-ibm fixes the following issues: CVE-2025-53057: Fixed an issue where an unauthenticated attacker can achieve unauthorized creation, deletion or modification access to critical data bsc1252414 CVE-2025-53066: Fixed an issue where an unauthenticated attacker can achieve...
Security update for the Linux Kernel (Live Patch 42 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024170 fixes several issues. The following security issues were fixed: CVE-2025-38181: calipso: Fix null-ptr-deref in calipsoreqset,delattr bsc1246001. CVE-2025-38498: dochangetype: refuse to operate on unmounted/not ours mounts bsc1247499...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_8
This update for kernel-livepatch-MICRO-6-0-RTUpdate8 fixes the following issues: CVE-2025-37752: netsched: schsfq: move the limit validation bsc1245776 CVE-2025-37797: netsched: hfsc: Fix a UAF vulnerability in class handling bsc1245793 CVE-2025-21702: pfifotailenqueue: Drop new packet when...