5423 matches found
Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools
This update fixes the following issues: mgr-push: Version 5.2.3-0 Disable build for SLES 16 rhnlib: Version 5.2.4-0 Disable build for SLES 16 spacecmd: Version 5.2.6-0 Update translation strings spacewalk-client-tools: Version 5.2.4-0 Disable build for SLES 16 uyuni-common-libs: Version 5.2.3-0...
Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools
This update fixes the following issues: spacecmd: Version 5.2.6-0 Update translation strings uyuni-tools: Version 5.2.5-0 Remove migrate command Remove template script from mgradm: use the one in the image Split the TFTP server into a separate container Explicitly start proxy pods after operation...
Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools
This update fixes the following issues: spacecmd: Version 5.2.6-0 Update translation strings uyuni-tools: Version 5.2.5-0 Remove migrate command Remove template script from mgradm: use the one in the image Split the TFTP server into a separate container Explicitly start proxy pods after operation...
Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools
This update fixes the following issues: mgr-push: Version 5.2.3-0 Disable build for SLES 16 rhnlib: Version 5.2.4-0 Disable build for SLES 16 spacecmd: Version 5.2.6-0 Update translation strings spacewalk-client-tools: Version 5.2.4-0 Disable build for SLES 16 uyuni-common-libs: Version 5.2.3-0...
Security update for freerdp
This update for freerdp fixes the following issues: CVE-2026-26271: Buffer Overread in FreeRDP Icon Processing bsc1258979. CVE-2026-26955: Out-of-bounds Write in freerdp bsc1258982. CVE-2026-26965: Out-of-bounds Write in freerdp bsc1258985. CVE-2026-31806: improper validation of server messages c...
Security update for docker-stable
This update for docker-stable fixes the following issues: CVE-2025-58181: golang.org/x/crypto/ssh: invalidated number of mechanisms can cause unbounded memory consumption bsc1253904. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupda...
Security update for python311
This update for python311 fixes the following issues: Update to python 3.11.15: CVE-2025-6075: quadratic complexity in os.path.expandvars bsc1252974. CVE-2025-11468: header injection with carefully crafted inputs bsc1257029. CVE-2025-12084: quadratic complexity in xml.minidom node ID cache cleari...
Security update for the Linux Kernel (Live Patch 6 for SUSE Linux Enterprise 15 SP7)
This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.53.22 fixes various security issues The following security issues were fixed: CVE-2025-40258: mptcp: fix race condition in mptcpschedulework bsc1255053. CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed...
Security update for containerd
This update for containerd rebuilds it against the current go 1.25 security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: Containers...
Security update for python3
This update for python3 fixes the following issues: CVE-2026-1299: header injection when an email is serialized due to improper newline quoting in BytesGenerator bsc1257181. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for the Linux Kernel (Live Patch 67 for SUSE Linux Enterprise 12 SP5)
This update for the SUSE Linux Enterprise Kernel 4.12.14-122.255 fixes various security issues The following security issues were fixed: CVE-2022-50423: ACPICA: Fix use-after-free in acpiutcopyipackagetoipackage bsc1250785. CVE-2022-50697: mrp: introduce active flags to prevent UAF when applicant...
Security update for nghttp2
This update for nghttp2 fixes the following issues: CVE-2026-27135: Assertion failure due to missing state validation can lead to DoS bsc1259845. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively y...
Security update for python-urllib3
This update for python-urllib3 fixes the following issue: CVE-2025-66471: excessive resource consumption via decompression of highly compressed data in Streaming API bsc1254867. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for python-tornado6
This update for python-tornado6 fixes the following issues: CVE-2026-31958: parsing large multipart bodies with many parts can cause a denial of service bsc1259553. incomplete validation of cookie attributes allows for injection of user-controlled values in other cookie attributes bsc1259630. Pat...
Security update for frr
This update for frr fixes the following issues: CVE-2025-61099: NULL Pointer Dereference in FRRouting bsc1252838. CVE-2025-61100: NULL Pointer Dereference in FRRouting bsc1252829. CVE-2025-61101: NULL Pointer Dereference in FRRouting bsc1252833. CVE-2025-61102: NULL Pointer Dereference in FRRouti...
Security update for the Linux Kernel (Live Patch 30 for SUSE Linux Enterprise 15 SP5)
This update for the SUSE Linux Enterprise Kernel 5.14.21-150500.55.121 fixes various security issues The following security issues were fixed: CVE-2022-50697: mrp: introduce active flags to prevent UAF when applicant uninit bsc1255595. CVE-2023-53257: wifi: mac80211: check S1G action frame size...
Security update for vim
This update for vim fixes the following issues: Update Vim to version 9.2.0110: CVE-2025-53906: malicious zip archive may cause a path traversal in Vim's zip bsc1246602. CVE-2026-26269: Netbeans specialKeys stack buffer overflow bsc1258229. CVE-2026-28417: crafted URL parsed by netrw plugin can...
Security update for systemd
This update for systemd fixes the following issues: CVE-2026-4105: privilege escalation due to improper access control in RegisterMachine D-Bus method bsc1259650. CVE-2026-29111: local unprivileged user can trigger an assert in systemd bsc1259418. udev: check for invalid chars in various fields...
Maintenance update for Multi-Linux Manager 4.3: Server, Proxy and Retail
Description: This update fixes the following issues: mgr-cfg: Version 4.3.7-0 Non-customer-facing optimization and update mgr-custom-info: Version 4.3.4-0 Non-customer-facing optimization and update mgr-daemon: Version 4.3.13-0 Update translation strings mgr-osad: Version 4.3.8-0...
Security update for salt
This update for salt fixes the following issues: Security issues fixed: CVE-2025-67724: Fixed missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: Fixed DoS via malicious HTTP request bsc1254905 CVE-2025-67726: Fixed HTTP header parameter parsing algorithm bsc1254904...
Security update 5.0.7 for Multi-Linux Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2025-67724: Fixed missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: Fixed DoS via malicious HTTP request bsc1254905 CVE-2025-67726: Fixed HTTP header parameter parsing algorithm bsc1254904...
Security update for python-Jinja2
This update for python-Jinja2 fixes the following issues: CVE-2025-27516: Fixed sandbox breakout through attr filter selecting format method bsc1238879 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for gstreamer-plugins-ugly
This update for gstreamer-plugins-ugly fixes the following issues: CVE-2026-2920: GStreamer ASF Demuxer Heap-based Buffer Overflow Remote Code Execution Vulnerability bsc1259367. CVE-2026-2922: GStreamer RealMedia Demuxer Out-Of-Bounds Write Remote Code Execution Vulnerability bsc1259370. Patch...
Security update for the Linux Kernel (Live Patch 44 for SUSE Linux Enterprise 15 SP4)
This update for the SUSE Linux Enterprise Kernel 5.14.21-150400.24.176 fixes various security issues The following security issues were fixed: CVE-2022-50697: mrp: introduce active flags to prevent UAF when applicant uninit bsc1255595. CVE-2023-53781: smc: Fix use-after-free in tcpwritetimerhandl...
Security update for strongswan
This update for strongswan fixes the following issues: CVE-2026-25075: Fixed integer underflow when handling EAP-TTLS AVP bsc1259472. Other bug fixes: -Fix rpm scripts to not break swanctl.conf use bsc1256442: Guard rpm migration scripts migrating strongswan.service using ipsec.conf on less than...
Security update for python39
This update for python39 fixes the following issue: CVE-2026-2297: validation bypass via incorrectly handled hook in FileLoader bsc1259240. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can...
Security update for freerdp
This update for freerdp fixes the following issue: CVE-2026-24491: Heap-use-after-free in videotimer additional fix bsc1257981. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for the Linux Kernel (Live Patch 71 for SUSE Linux Enterprise 12 SP5)
This update for the SUSE Linux Enterprise Kernel 4.12.14-122.269 fixes various security issues The following security issues were fixed: CVE-2022-50423: ACPICA: Fix use-after-free in acpiutcopyipackagetoipackage bsc1250785. CVE-2022-50697: mrp: introduce active flags to prevent UAF when applicant...
Security update for the Linux Kernel (Live Patch 2 for SUSE Linux Enterprise 15 SP7 RT)
This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.7.8 fixes various security issues The following security issues were fixed: CVE-2025-38488: smb: client: fix use-after-free in cryptmessage when using async crypto bsc1247240. CVE-2025-40258: mptcp: fix race condition in...
Security update for the Linux Kernel (Live Patch 6 for SUSE Linux Enterprise 15 SP7 RT)
This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.7.22 fixes various security issues The following security issues were fixed: CVE-2025-40258: mptcp: fix race condition in mptcpschedulework bsc1255053. CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed bsc125766...
Security update for
This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.7.22 fixes various security issues The following security issues were fixed: CVE-2025-40258: mptcp: fix race condition in mptcpschedulework bsc1255053. CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed bsc125766...
Security update for krb5-appl
This update for krb5-appl fixes the following issue: CVE-2026-32746: Remote Pre-Auth Buffer Overflow in GNU Inetutils telnetd LINEMODE bsc1259691. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP3 kernel was updated to fix various security issues The following security issues were fixed: CVE-2023-53794: cifs: fix session state check in reconnect to avoid use-after-free issue bsc1255163. CVE-2023-53827: Bluetooth: L2CAP: Fix use-after-free in...
Security update for glibc
This update for glibc fixes the following issues: CVE-2026-0861: memalign: reinstate alignment overflow check bsc1256766 CVE-2026-0915: resolv: Fix NSS DNS backend for getnetbyaddr bsc1256822 CVE-2025-15281: posix: Reset wordexpt fields with WRDEREUSE bsc1257005 CVE-2025-8058: posix: Fix...
Security update for libsoup
This update for libsoup fixes the following issue: CVE-2026-0716: improper bounds handling may allow out-of-bounds read bsc1256418. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for busybox
This update for busybox fixes the following issues: CVE-2023-42363: use-after-free vulnerability in xasprintf function in xfuncsprintf.c bsc1217580. CVE-2023-42364: use-after-free in the awk.c evaluate function bsc1217584. CVE-2023-42365: use-after-free in the awk.c copyvar function bsc1217585...
Security update for curl
This update for curl fixes the following issues: CVE-2026-1965: bad reuse of HTTP Negotiate connection bsc1259362. CVE-2026-3783: token leak with redirect and netrc bsc1259363. CVE-2026-3784: wrong proxy connection reuse with credentials bsc1259364. CVE-2026-3805: use after free in SMB connection...
Security update for busybox
This update for busybox fixes the following issues: CVE-2023-42363: use-after-free vulnerability in xasprintf function in xfuncsprintf.c bsc1217580. CVE-2023-42364: use-after-free in the awk.c evaluate function bsc1217584. CVE-2023-42365: use-after-free in the awk.c copyvar function bsc1217585...
Security update for c3p0 and mchange-commons
This update for c3p0 and mchange-commons fixes the following issues: c3p0: Security issues fixed: CVE-2026-27830: Fixed unsafe object deserialization bsc1258942 Fix the null pointer exception in the userOverridesAsString method bsc1259313. mchange-commons: Security issues fixed: CVE-2026-27727:...
Security update for glibc-livepatches
This update for glibc-livepatches fixes the following issues: CVE-2026-0861: Fixed inadequate size check in the memalign suite may result in an integer overflow bsc1256913 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypp...
Security update for virtiofsd
This update for virtiofsd fixes the following issue: CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion bsc1257912. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for wireshark
This update for wireshark fixes the following issue: CVE-2026-3201: USB HID protocol dissector memory exhaustion bsc1258907. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the comman...
Security update for util-linux
This update for util-linux fixes the following issues: CVE-2026-3184: Fix full hostname usage for PAM to ensure correct access control for "login -h" bsc1258859. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for ocaml
This update for ocaml fixes the following issues: CVE-2026-28364: missing bounds validation in readblock can lead to arbitrary code execution bsc1258992. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for libsoup
This update for libsoup fixes the following issues: CVE-2026-1467: lack of input sanitization can lead to unintended or unauthorized HTTP requests bsc1257398. CVE-2026-1539: proxy authentication credentials leaked via the Proxy-Authorization header when handling HTTP redirects bsc1257441...
Security update for go1.25-openssl
This update for go1.25-openssl fixes the following issues: Update to version 1.25.7. Security issues fixed: CVE-2025-61732: cmd/go: discrepancy between Go and C/C++ comment parsing allows for C code smuggling bsc1257692. CVE-2025-68121: crypto/tls: Config.Clone copies automatically generated...
Security update for postgresql16
This update for postgresql16 fixes the following issue: Update to version 16.13 bsc1258754. Regression fixes: the substring function raises an error "invalid byte sequence for encoding" on non-ASCII text values if the source of that value is a database column caused by CVE-2026-2006 fix. a standb...
Security update for postgresql18
This update for postgresql18 fixes the following issue: Update to version 18.3 bsc1258754. Regression fixes: the substring function raises an error "invalid byte sequence for encoding" on non-ASCII text values if the source of that value is a database column caused by CVE-2026-2006 fix. a standby...
Security update for gnome-remote-desktop
This update for gnome-remote-desktop fixes the following issue: CVE-2025-5024: an unauthenticated attacker can exhaust system resources bsc1244053. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...
Security update for busybox
This update for busybox fixes the following issues: CVE-2026-26157: Arbitrary file overwrite and potential code execution via incomplete path sanitization bsc1258163. CVE-2026-26158: Arbitrary file modification and privilege escalation via unvalidated tar archive entries bsc1258167. Patch...