5440 matches found
Security update for glibc-livepatches
This update for glibc-livepatches fixes the following issues: CVE-2026-0861: Fixed inadequate size check in the memalign suite may result in an integer overflow bsc1256913 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypp...
Security update for virtiofsd
This update for virtiofsd fixes the following issue: CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion bsc1257912. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for wireshark
This update for wireshark fixes the following issue: CVE-2026-3201: USB HID protocol dissector memory exhaustion bsc1258907. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the comman...
Security update for ocaml
This update for ocaml fixes the following issues: CVE-2026-28364: missing bounds validation in readblock can lead to arbitrary code execution bsc1258992. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for libsoup
This update for libsoup fixes the following issues: CVE-2026-1467: lack of input sanitization can lead to unintended or unauthorized HTTP requests bsc1257398. CVE-2026-1539: proxy authentication credentials leaked via the Proxy-Authorization header when handling HTTP redirects bsc1257441...
Security update for go1.25-openssl
This update for go1.25-openssl fixes the following issues: Update to version 1.25.7. Security issues fixed: CVE-2025-61732: cmd/go: discrepancy between Go and C/C++ comment parsing allows for C code smuggling bsc1257692. CVE-2025-68121: crypto/tls: Config.Clone copies automatically generated...
Security update for postgresql16
This update for postgresql16 fixes the following issue: Update to version 16.13 bsc1258754. Regression fixes: the substring function raises an error "invalid byte sequence for encoding" on non-ASCII text values if the source of that value is a database column caused by CVE-2026-2006 fix. a standb...
Security update for postgresql18
This update for postgresql18 fixes the following issue: Update to version 18.3 bsc1258754. Regression fixes: the substring function raises an error "invalid byte sequence for encoding" on non-ASCII text values if the source of that value is a database column caused by CVE-2026-2006 fix. a standby...
Security update for gnome-remote-desktop
This update for gnome-remote-desktop fixes the following issue: CVE-2025-5024: an unauthenticated attacker can exhaust system resources bsc1244053. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...
Security update for busybox
This update for busybox fixes the following issues: CVE-2026-26157: Arbitrary file overwrite and potential code execution via incomplete path sanitization bsc1258163. CVE-2026-26158: Arbitrary file modification and privilege escalation via unvalidated tar archive entries bsc1258167. Patch...
Security update for govulncheck-vulndb
This update for govulncheck-vulndb fixes the following issues: Update to version 0.0.20260226T182644 2026-02-26T18:26:44Z jscPED-11136 Go CVE Numbering Authority IDs added or updated with aliases: GO-2025-4259 CVE-2025-13767 GHSA-fmqf-pmcm-8cx9 GO-2025-4260 CVE-2025-64641 GHSA-vww6-79rv-3j4x...
Security update for shim
This update for shim fixes the following issues: shim is updated to version 16.1: shimstartimage: fix guid/handle pairing when uninstalling protocols Fix uncompressed ipv6 netboot fix test segfaults caused by uninitialized memory SbatLevelVariable.txt: minor typo fix. Realloc needs to allocate on...
Security update for mozilla-nss
This update for mozilla-nss fixes the following issues: update to NSS 3.112.3: CVE-2026-2781: Avoid integer overflow in platform-independent ghash bsc1258568 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for the Linux Kernel (Live Patch 26 for SUSE Linux Enterprise 15 SP5)
This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.103 fixes various security issues The following security issues were fixed: CVE-2022-50700: wifi: ath10k: Delay the unmapping of the buffer bsc1255577. CVE-2023-54142: gtp: Fix use-after-free in gtpencapdestroy bsc1256097...
Security update for the Linux Kernel
The SUSE Linux Enterprise 11 SP4 kernel was updated to fix various security issues The following security issues were fixed: CVE-2021-0920: net: split out functions related to registering inflight socket files bsc1193731. CVE-2025-38177: schhfsc: make hfscqlennotify idempotent bsc1245986. Special...
Security update for glibc
This update for glibc fixes the following issues: CVE-2026-0915: resolv: Fix NSS DNS backend for getnetbyaddr bsc1256822, BZ 33802 CVE-2025-15281: posix: Reset wordexpt fields with WRDEREUSE bsc1257005, BZ 33814 CVE-2025-8058: posix: Fix double-free after allocation failure in regcomp bsc1246965,...
Security update for docker
This update for docker fixes the following issues: CVE-2025-58181: Fixed a bug in crypto/ssh where invalidated number of mechanisms can cause unbounded memory consumption. bsc1253904 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupda...
Security update for freerdp
This update for freerdp fixes the following issues: CVE-2026-22855: heap-buffer-overflow in smartcardunpacksetattribcall bsc1256721. CVE-2026-22857: heap-use-after-free in irpthreadfunc bsc1256723. CVE-2026-23533: improper validation can lead to heap buffer overflow in cleardecompressresidualdata...
Security update for freerdp
This update for freerdp fixes the following issues: CVE-2026-24491: heap-use-after-free in videotimer bsc1257981. CVE-2026-24675: heap-use-after-free in urbselectinterface bsc1257982. CVE-2026-24676: heap-use-after-free in audioformatcompatible bsc1257983. CVE-2026-24679: heap-buffer-overflow in...
Security update for expat
This update for expat fixes the following issues: CVE-2026-24515: Fixed a null dereference in XMLExternalEntityParserCreate. bsc1257144 CVE-2026-25210: Fixed an integer overflow in doContent. bsc1257496 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods...
Security update for python312
This update for python312 fixes the following issues: CVE-2025-11468: header injection when folding a long comment in an email header containing exclusively unfoldable characters bsc1257029. CVE-2026-0672: HTTP header injection via user-controlled cookie values and parameters when using...
Security update for docker-stable
This update for docker-stable fixes the following issues: CVE-2025-30204: Fixed a vulnerability in jwt-go which allowed excessive memory allocation during header parsing. bsc1240513 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdat...
Security update 5.1.2 for Multi-Linux Manager Client Tools
This update fixes the following issues: golang-github-QubitProducts-exporterexporter: Non-customer-facing optimization around source building golang-github-boynux-squidexporter: Update to version 1.13.0 jscPED-14971 Add support for squid-internal-mgr path for metrics. Update to version 1.12.0 Add...
Security update for python-tornado
This update for python-tornado fixes the following issues: CVE-2025-67725: inefficient algorithm when parsing parameters for HTTP header values bsc1254905. CVE-2025-67726: Denial of Service DoS via maliciously crafted HTTP request caused by the HTTPHeaders.add method bsc1254904. Patch Instruction...
Security update for freerdp
This update for freerdp fixes the following issues: CVE-2026-24491: heap-use-after-free in videotimer bsc1257981. CVE-2026-24675: heap-use-after-free in urbselectinterface bsc1257982. CVE-2026-24676: heap-use-after-free in audioformatcompatible bsc1257983. CVE-2026-24679: heap-buffer-overflow in...
Security update for snpguest
This update for snpguest fixes the following issues: Update to version 0.10.0. Security issues fixed: CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion bsc1257927. CVE-2025-3416: openssl: Use-After-Free in Md::fetch and Cipher::fetch in...
Security update for protobuf
This update for protobuf fixes the following issues:i CVE-2026-0994: Fixed google.protobuf.Any recursion depth bypass in Python jsonformat.ParseDict bsc1257173. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for postgresql14
This update for postgresql14 fixes the following issues: Update to version 14.21. Security issues fixed: CVE-2026-2003: improper validation of type "oidvector" may allow disclose a few bytes of server memory bsc1258008. CVE-2026-2004: intarray missing validation of type of input to selectivity...
Security update for postgresql15
This update for postgresql15 fixes the following issues: Update to version 15.16. Security issues fixed: CVE-2026-2003: improper validation of type "oidvector" may allow disclose a few bytes of server memory bsc1258008. CVE-2026-2004: intarray missing validation of type of input to selectivity...
Security update for python310
This update for python310 fixes the following issues: CVE-2025-11468: header injection when folding a long comment in an email header containing exclusively unfoldable characters bsc1257029. CVE-2026-0672: HTTP header injection via user-controlled cookie values and parameters when using...
Security update for xen
This update for xen fixes the following issues: CVE-2025-58150: buffer overrun with shadow paging + tracing XSA-477 bsc1256745. CVE-2026-23553: incomplete IBPB for vCPU isolation XSA-479 bsc1256747. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like...
Security update for postgresql18
This update for postgresql18 fixes the following issues: Update to version 18.2. Security issues fixed: CVE-2026-2003: improper validation of type "oidvector" may allow disclose a few bytes of server memory bsc1258008. CVE-2026-2004: intarray missing validation of type of input to selectivity...
Security update for libpng16
This update for libpng16 fixes the following issues: CVE-2026-25646: heap buffer overflow vulnerability in pngsetdither/pngsetquantize bsc1258020. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...
Security update for abseil-cpp
This update for abseil-cpp fixes the following issues: Update to version 20230802.3 CVE-2025-0838: Fixed potential integer overflow in hash container create/resize bsc1237543. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for libpcap
This update for libpcap fixes the following issues: CVE-2025-11961: missing validation of provided MAC-48 address string in pcapetheraton can lead to out-of-bounds read and write bsc1255765. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for the Linux Kernel (Live Patch 44 for SUSE Linux Enterprise 15 SP4)
This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.176 fixes various security issues The following security issues were fixed: CVE-2023-53321: wifi: mac80211hwsim: drop short frames bsc1250314. CVE-2025-38111: net/mdiobus: Fix potential out-of-bounds read/write access bsc1249455...
Security update for protobuf
This update for protobuf fixes the following issues: CVE-2026-0994: Fixed google.protobuf.Any recursion depth bypass in Python jsonformat.ParseDict bsc1257173. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for freerdp
This update for freerdp fixes the following issues: CVE-2026-22852: a malicious RDP server can trigger a heap-buffer-overflow in audinprocessformats bsc1256718. CVE-2026-22854: server-controlled read length is used to read file data into an IRP output can cause heap-buffer-overflow in...
Security update for libnvidia-container
This update for libnvidia-container fixes the following issues: Update to version 1.18.0. Security issues fixed: CVE-2024-0132: time-of-check time-of-use TOCTOU race condition in default configuration via specifically crafted container image bsc1231033. CVE-2024-0133: data tampering in host file...
Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 15 SP7)
This update for the SUSE Linux Enterprise kernel 6.4.0-150700.51 fixes various security issues The following security issues were fixed: CVE-2025-38111: net/mdiobus: Fix potential out-of-bounds read/write access bsc1249455. CVE-2025-38352: posix-cpu-timers: fix race between handleposixcputimers a...
Security update for the Linux Kernel (Live Patch 13 for SUSE Linux Enterprise 15 SP6)
This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.60 fixes various security issues The following security issues were fixed: CVE-2025-38352: posix-cpu-timers: fix race between handleposixcputimers and posixcputimerdel bsc1249205. CVE-2025-39742: RDMA: hfi1: fix possible...
Security update for util-linux
This update for util-linux fixes the following issues: CVE-2025-14104: Fixed heap buffer overread in setpwnam when processing 256-byte usernames bsc1254666. lscpu: Add support for NVIDIA Olympus arm64 core jscPED-13682. Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues The following security issues were fixed: CVE-2022-50697: mrp: introduce active flags to prevent UAF when applicant uninit bsc1255594. CVE-2023-54142: gtp: Fix use-after-free in gtpencapdestroy bsc1256095...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP3 RT kernel was updated to fix various security issues The following security issues were fixed: CVE-2022-50697: mrp: introduce active flags to prevent UAF when applicant uninit bsc1255594. CVE-2025-38129: pagepool: fix inconsistency for pagepoolringlock bsc1245723...
Security update for curl
This update for curl fixes the following issues: CVE-2023-27534: Regression fix for SFTP path resolving discrepancy bsc1219273 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for libsodium
This update for libsodium fixes the following issues: CVE-2025-15444: Fixed cryptographic bypass via improper elliptic curve point validation bsc1256070. CVE-2025-69277: Fixed incorrect validation of elliptic curve points in cryptocoreed25519isvalidpoint function bsc1255764. Patch Instructions: T...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP7 Azure kernel was updated to fix various security issues The following security issues were fixed: CVE-2023-54013: interconnect: Fix locking for runpm vs reclaim bsc1256280. CVE-2025-39880: libceph: fix invalid accesses to cephconnectionv1info bsc1250388...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-40257: mptcp: fix a race in mptcppmdeladdtimer bsc1254842. CVE-2025-40259: scsi: sg: Do not sleep in atomic context bsc1254845. CVE-2025-68284: libceph: prevent...
Security update for nvidia-modprobe.cuda, nvidia-open-driver-G06-signed, nvidia-persistenced.cuda
This update for nvidia-modprobe.cuda, nvidia-open-driver-G06-signed, nvidia-persistenced.cuda fixes the following issues: Changes in nvidia-open-driver-G06-signed: updated CUDA variant to version 580.126.09 update non-CUDA variant to version 580.126.09 bsc1255858 update non-CUDA variant to versio...
Security update for uriparser
This update for uriparser fixes the following issues: CVE-2025-67899: large input containing many commas can cause unbounded recursion and stack consumption bsc1255000. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...