5454 matches found
Security update for cups
This update for cups fixes the following issues: CVE-2025-58060: no password check when AuthType is set to anything but Basic and a request is made with an Authorization: Basic header bsc1249049. CVE-2025-58364: unsafe deserialization and validation of printer attributes leads to NULL pointer...
Security update for kernel-livepatch-MICRO-6-0_Update_5
This update for kernel-livepatch-MICRO-6-0Update5 fixes the following issues: CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245505 CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579 CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree twi...
Security update for kernel-livepatch-MICRO-6-0_Update_5
This update for kernel-livepatch-MICRO-6-0Update5 fixes the following issues: CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245505 CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579 CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree twi...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_9
This update for kernel-livepatch-MICRO-6-0-RTUpdate9 fixes the following issues: CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245505 CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree twice bsc1244235 CVE-2025-38000: schhfsc: Fix qlen...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_8
This update for kernel-livepatch-MICRO-6-0-RTUpdate8 fixes the following issues: CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245505 CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree twice bsc1244235 CVE-2025-38000: schhfsc: Fix qlen...
Security update for kernel-livepatch-MICRO-6-0_Update_7
This update for kernel-livepatch-MICRO-6-0Update7 fixes the following issues: CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245505 CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree twice bsc1244235 CVE-2025-38000: schhfsc: Fix qlen accountin...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_5
This update for kernel-livepatch-MICRO-6-0-RTUpdate5 fixes the following issues: CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245505 CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579 CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_7
This update for kernel-livepatch-MICRO-6-0-RTUpdate7 fixes the following issues: CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245505 CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579 CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree...
Security update for kernel-livepatch-MICRO-6-0_Update_3
This update for kernel-livepatch-MICRO-6-0Update3 fixes the following issues: CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245505 CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579 CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree twi...
Security update for kernel-livepatch-MICRO-6-0_Update_8
This update for kernel-livepatch-MICRO-6-0Update8 fixes the following issues: CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245505 CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree twice bsc1244235 CVE-2025-38000: schhfsc: Fix qlen accountin...
Security update for kernel-livepatch-MICRO-6-0_Update_4
This update for kernel-livepatch-MICRO-6-0Update4 fixes the following issues: CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245505 CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579 CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree twi...
Security update for kernel-livepatch-MICRO-6-0_Update_6
This update for kernel-livepatch-MICRO-6-0Update6 fixes the following issues: CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245505 CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579 CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree twi...
Security update for kernel-livepatch-MICRO-6-0_Update_8
This update for kernel-livepatch-MICRO-6-0Update8 fixes the following issues: CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245505 CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree twice bsc1244235 CVE-2025-38000: schhfsc: Fix qlen accountin...
Security update for the Linux Kernel (Live Patch 38 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024158 fixes several issues. The following security issues were fixed: CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF bsc1237930. CVE-2025-38001: netsched: hfsc: Address reentrant...
Security update for go1.23-openssl
This update for go1.23-openssl fixes the following issues: Update to version 1.23.12 cut from the go1.23-fips-release branch at the revision tagged go1.23.12-1-openssl-fips. jscSLE-18320 Rebase to 1.23.12 Fix HKDF-Extract The latest OpenSSL in c9s/c10s requires nil salt to be passed as a hash...
Security update for docker
This update for docker fixes the following issues: Update to docker-buildx v0.28.0. See upstream changelog: Update to Docker 28.4.0-ce. See upstream changelog: Update warnings and errors related to "docker buildx ..." so that they reference our openSUSE docker-buildx packages. Enable building...
Security update for the Linux Kernel (Live Patch 57 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059204 fixes several issues. The following security issues were fixed: CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree twice bsc1244235. CVE-2025-38000: schhfsc:...
Security update for the Linux Kernel (Live Patch 70 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122266 fixes one issue. The following security issue was fixed: CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU bsc1246030. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for the Linux Kernel (Live Patch 52 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059188 fixes several issues. The following security issues were fixed: CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF bsc1237930. CVE-2025-38001: netsched: hfsc: Address reentrant...
Security update for java-1_8_0-openjdk
This update for java-180-openjdk fixes the following issues: Update to version jdk8u462 icedtea-3.36.0. Security issues fixed: CVE-2025-30749: heap corruption allows unauthenticated attacker with network access to compromise and takeover Java applications that load and run untrusted code...
Security update for the Linux Kernel RT (Live Patch 7 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506001023 fixes several issues. The following security issues were fixed: CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245504. CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. CVE-2025-38001: netsched: hfsc: Address...
Security update for the Linux Kernel RT (Live Patch 2 for SLE 15 SP7)
This update for the Linux Kernel 6.4.0-15070078 fixes several issues. The following security issue was fixed: CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU bsc1246030. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate...
Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP7)
This update for the Linux Kernel 6.4.0-1507005 fixes several issues. The following security issues were fixed: CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245504. CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree twice bsc1244235...
Security update for gdk-pixbuf
This update for gdk-pixbuf fixes the following issues: CVE-2025-7345: Uninitialized memory could lead to leak arbitrary memory contents bsc1246114. CVE-2025-6199: Heap buffer overflow within the gdkpixbufjpegimageloadincrement function bsc1245227. Patch Instructions: To install this SUSE update u...
Security update for rav1e
This update for rav1e fixes the following issues: Update crate shlex to 1.3.0: CVE-2024-58266: Fixed command injection bsc1247207 RUSTSEC-2024-0006: Fixed multiple issues involving quote API bsc1230028 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods...
Security update for iperf
This update for iperf fixes the following issues: Update to 3.19.1: CVE-2025-54349: Fixed off-by-one error and resultant heap-based buffer overflow bsc1247519. CVE-2025-54350: Fixed Base64Decode assertion failure and application exit upon a malformed authentication attempt bsc1247520...
Security update for cloud-init
This update for cloud-init fixes the following issues: Update to version 25.1.3: CVE-2024-6174: Unpriveleged user could trigger hotplug-hook commands bsc1245403. None security fixes: Rebase cloud-init to 24.4 or higher bsc1239715, jscPED-8680. Fixed cloud-init --debug status bsc1228414. Using...
Security update for glib2
This update for glib2 fixes the following issues: CVE-2025-6052: Fix overflow check when expanding a GString bsc1244596. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command...
Security update for dpkg
This update for dpkg fixes the following issues: CVE-2025-6297: Fixed cleanup for control member with restricted directories bsc1245573. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can ru...
Security update for nginx
This update for nginx fixes the following issues: CVE-2025-53859: the server side may leak arbitrary bytes during the NGINX SMTP authentication process bsc1248070. CVE-2025-23419: session resumption can bypass client certificate authentication requirements using TLSv1.3 bsc1236851. Patch...
Security update for perl-Authen-SASL, perl-Crypt-URandom
This update for perl-Authen-SASL, perl-Crypt-URandom fixes the following issues: Changes in perl-Authen-SASL: CVE-2025-40918: Fixed insecurely generated client nonce bsc1246623 Changes in perl-Crypt-URandom: Included 0.540.0 for use by perl-Authen-SASL in SLE-15 jscPED-13306 / bsc1246623. Patch...
Security update for postgresql15
This update for postgresql15 fixes the following issues: Upgrade to 15.14: CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table bsc1248120. CVE-2025-8714: untrusted data inclusion in pgdump lets superuser of origin server execute arbitrary code in...
Security update for munge
This update for munge fixes the following issues: Make logrotate work on log as user munge to prevent local privilege escalation bsc1246088. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you ca...
Security update for python-future
This update for python-future fixes the following issues: CVE-2025-50817: Fixed arbitrary code execution via the automatic import of file test.py bsc1248124 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_9
This update for kernel-livepatch-MICRO-6-0-RTUpdate9 fixes the following issues: CVE-2025-38083: netsched: prio: fix a race in priotune bsc1245350 CVE-2025-38494: HID: core: do not bypass hidhwrawrequest bsc1247350 CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the...
Security update for kernel-livepatch-MICRO-6-0_Update_2
This update for kernel-livepatch-MICRO-6-0Update2 fixes the following issues: CVE-2025-38079: crypto: algifhash - fix double free in hashaccept bsc1245218 CVE-2025-38083: netsched: prio: fix a race in priotune bsc1245350 CVE-2025-38494: HID: core: do not bypass hidhwrawrequest bsc1247350...
Security update for python
This update for python fixes the following issues: CVE-2025-8194: Fixed denial of service caused by tar archives with negative offsets bsc1247249. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...
Security update for kernel-livepatch-MICRO-6-0_Update_8
This update for kernel-livepatch-MICRO-6-0Update8 fixes the following issues: CVE-2025-38079: crypto: algifhash - fix double free in hashaccept bsc1245218 CVE-2025-38083: netsched: prio: fix a race in priotune bsc1245350 CVE-2025-38494: HID: core: do not bypass hidhwrawrequest bsc1247350...
Security update for kernel-livepatch-MICRO-6-0_Update_5
This update for kernel-livepatch-MICRO-6-0Update5 fixes the following issues: CVE-2025-38079: crypto: algifhash - fix double free in hashaccept bsc1245218 CVE-2025-38083: netsched: prio: fix a race in priotune bsc1245350 CVE-2025-38494: HID: core: do not bypass hidhwrawrequest bsc1247350...
Security update for kernel-livepatch-MICRO-6-0_Update_7
This update for kernel-livepatch-MICRO-6-0Update7 fixes the following issues: CVE-2025-38079: crypto: algifhash - fix double free in hashaccept bsc1245218 CVE-2025-38083: netsched: prio: fix a race in priotune bsc1245350 CVE-2025-38494: HID: core: do not bypass hidhwrawrequest bsc1247350...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_8
This update for kernel-livepatch-MICRO-6-0-RTUpdate8 fixes the following issues: CVE-2025-38079: crypto: algifhash - fix double free in hashaccept bsc1245218 CVE-2025-38083: netsched: prio: fix a race in priotune bsc1245350 CVE-2025-38494: HID: core: do not bypass hidhwrawrequest bsc1247350...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_2
This update for kernel-livepatch-MICRO-6-0-RTUpdate2 fixes the following issues: CVE-2025-38079: crypto: algifhash - fix double free in hashaccept bsc1245218 CVE-2025-38083: netsched: prio: fix a race in priotune bsc1245350 CVE-2025-38494: HID: core: do not bypass hidhwrawrequest bsc1247350...
Security update for Mesa
This update for Mesa fixes the following issues: CVE-2023-45913: NULL pointer dereference via dri2GetGlxDrawableFromXDrawableId bsc1222040. CVE-2023-45919: Buffer over-read in glXQueryServerString bsc1222041. CVE-2023-45922: Segmentation violation in glXGetDrawableAttribute bsc1222042. Patch...
Security update for udisks2
This update for udisks2 fixes the following issues: CVE-2025-8067: Fixed missing bounds check can lead to out-of-bounds read in udisks daemon bsc1248502 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for polkit
This update for polkit fixes the following issues: CVE-2025-7519: Fixed that a XML policy file with a large number of nested elements may lead to out-of-bounds write bsc1246472. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 140.2.0 ESR MFSA 2025-67 bsc1248162 CVE-2025-9179 bmo1979527: Sandbox escape due to invalid pointer in the Audio/Video: GMP component CVE-2025-9180 bmo1979782: Same-origin policy bypass in the Graphics:...
Security update for ignition
This update for ignition fixes the following issues: CVE-2022-28948: Fixed an issue during unmarshaling in Go-Yaml v3 can lead to DoS via invalid input bsc1248548 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for tomcat11
This update for tomcat11 fixes the following issues: Updated to Tomcat 11.0.10 - CVE-2025-48989: Fixed "MadeYouReset" DoS in HTTP/2 due to client triggered stream reset bsc1243895 Other fixes: Catalina + Fix: Fix bloom filter population for archive indexing when using a packed WAR containing one...
Security update for firebird
This update for firebird fixes the following issues: CVE-2025-54989: Fixed NULL pointer dereference in XDR message parsing leading to denial-of-service ZDI-CAN-26486, bsc1248143 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for python311
This update for python311 fixes the following issues: CVE-2025-8194: Fixed infinite loop and deadlock caused by tar archives with negative offsets bsc1247249 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...