5418 matches found
Security update for pacemaker
This update for pacemaker fixes the following issues: CVE-2026-10649: Fixed denial-of-service via integer overflow in remote message decompression bsc1268381. Changes for pacemaker: Update to version 2.1.10+20260618.4bca25e3c1: libcrmcommon: Add additional checks to pcmkremotemessagexml...
Security update for cups
This update for cups fixes the following issues CVE-2026-27447: Authorization bypass via case-insensitive group-member lookup bsc1261572. CVE-2026-34978: Path traversal in RSS notify-recipient-uri enables file write outside CacheDir/rss bsc1261571. CVE-2026-34979: Heap overflow in getoptions...
Security update for apache2
This update for apache2 fixes the following issues CVE-2026-29167: modldap per-dir use-after-free bsc1267976. CVE-2026-29170: modproxyftp XSS bsc1267977. CVE-2026-34355: modproxyhtml buffer overflow bsc1267978. CVE-2026-34356: malicious backend servers can lead to a heap-based buffer overflow...
Security update for xdg-desktop-portal
This update for xdg-desktop-portal fixes the following issue: CVE-2026-40354: File deletion via symlink attack bsc1262045. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command...
Security update for perl-Config-IniFiles
This update for perl-Config-IniFiles fixes the following issue CVE-2026-11527: OS command injection and file overwrite via a 2-arg open of the -file argument in makefilehandle bsc1268236. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for buildah
This update for buildah fixes the following issues CVE-2026-25680,CVE-2026-25681,CVE-2026-27136,CVE-2026-42502,CVE-2026-42506: golang.org/x/net/html: multiple issues when parsing HTML files bsc1267179. CVE-2026-34986: github.com/go-jose/go-jose/v4,github.com/go-jose/go-jose/v3: crafted JWE input...
Security update for exiv2-0_26
This update for exiv2-026 fixes the following issues CVE-2025-54080: out-of-bounds read in Exiv2::EpsImage::writeMetadata when writing metadata into a crafted image file bsc1248962. CVE-2026-25884: out-of-bounds read in CrwMap::decode0x0805 bsc1259083. CVE-2026-27596: integer overflow in...
Security update for curl
This update for curl fixes the following issues CVE-2026-4873: connection reuse ignores TLS requirement bsc1262631. CVE-2026-5545: wrong reuse of HTTP Negotiate connection bsc1262632. CVE-2026-5773: wrong reuse of SMB connection bsc1262633. CVE-2026-6253: proxy credentials leak over redirect-to...
Security update for libsoup
This update for libsoup fixes the following issue CVE-2026-1801: HTTP Request Smuggling in soupfilterinputstreamreadline bsc1257649. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run th...
Security update for pacemaker
This update for pacemaker fixes the following issue CVE-2026-10649: denial of service via integer overflow in remote message decompression bsc1268381. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for cifs-utils
This update for cifs-utils fixes the following issue CVE-2026-12505: cifs.upcall local privilege escalation via requestkey-controlled namespace switch and NSS loading bsc1267389. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate o...
Security update for sg3_utils
This update for sg3utils fixes the following issue Update to version 1.47+16.aad0b411: sginq: --export output conformance for SCSI name string and ATA fields bsc1267823. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for sg3_utils
This update for sg3utils fixes the following issue Update to version 1.44763+23.769c9b5b: sginq: --export output conformance for SCSI name string and ATA fields bsc1267823. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for sg3_utils
This update for sg3utils fixes the following issue Update to version 1.43+49.47792c16: sginq: --export output conformance for SCSI name string and ATA fields bsc1267823. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for sg3_utils
This update for sg3utils fixes the following issue sginq: --export output conformance for SCSI name string and ATA fields bsc1267823. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run t...
Security update for google-cloud-sap-agent
This update for google-cloud-sap-agent fixes the following issues: CVE-2026-39821: Update golang.org/x/net dependency bsc1266604. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for libheif
This update for libheif fixes the following issues CVE-2026-32282: os: Root.Chmod can follow symlinks out of the root on Linux bsc1261658. CVE-2026-32814: Uninitialized Heap Memory Information Leak via Failed Grid Tiles bsc1265878. Patch Instructions: To install this SUSE update use the SUSE...
Security update for freeipmi
This update for freeipmi fixes the following issue CVE-2026-50031: denial of service via buffer overflow in ipmi-oem client bsc1267605. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run...
Security update for giflib
This update for giflib fixes the following issue CVE-2026-26740: heap out-of-bounds read when processing a specially crafted GIF file containing a GCE block with a truncated extension byte count bsc1259836. Patch Instructions: To install this SUSE update use the SUSE recommended installation...
Security update for google-osconfig-agent
This update for google-osconfig-agent fixes the following issues: CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2: path pseudo- header bsc1260264. CVE-2026-39821: Update golang.org/x/net/idna dependency bsc1266603. CVE-2026-39827: Update...
Security update for exiv2
This update for exiv2 fixes the following issues CVE-2025-54080: out-of-bounds read in Exiv2::EpsImage::writeMetadata when writing metadata into a crafted image file bsc1248962. CVE-2026-25884: out-of-bounds read in CrwMap::decode0x0805 bsc1259083. CVE-2026-27596: integer overflow in...
Security update for openssl-3-livepatches
This update for openssl-3-livepatches fixes the following issues CVE-2025-11187: Improper validation of PBMAC1 parameters in PKCS12 MAC verification bsc1256878. CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing bsc1256876. CVE-2025-15468: NULL dereference in SSLCIPHERfind...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs bsc1266290. CVE-2025-68324: scsi: imm: Fix use-after-free bug caused by unfinished delayed work...
Security update for opensc
This update for opensc fixes the following issues CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device responses bsc1261214. CVE-2025-66037: crafted input can cause an out-of-bounds read bsc1261218. CVE-2025-66038: improper compact-TLV length validation can lead to crash or...
Security update for python36
This update for python36 fixes the following issues: CVE-2026-3446: Base64 decoding stops at first padded quad by default bsc1261970. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run t...
Security update for util-linux
This update for util-linux fixes the following issue CVE-2026-27456: TOCTOU in the mount program when setting up loop devices bsc1261606. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can r...
Security update for haproxy
This update for haproxy fixes the following issues CVE-2026-55203: integer overflow vulnerability in the fcgiconn structure's drl field that allows buffer misparse as new FCGI record headers bsc1268557. CVE-2026-55204: null pointer dereference vulnerability in hpackdhtinsert within src/hpack-tbl....
Security update for dovecot22
This update for dovecot22 fixes the following issues CVE-2026-33603: login: base64 input can contain tabs that bypass IPC protection bsc1265147. CVE-2026-40020: IMAP folders can be shared-spammed to everyone bsc1265149. CVE-2026-42006: imap-login: uncontrolled memory usage with excessive bracing...
Security update for aws-iam-authenticator
This update for aws-iam-authenticator fixes the following issues CVE-2022-1996: CORS bypass bsc1200528. CVE-2022-2385: aws-iam-authenticator AccessKeyID validation bypass bsc1201395. CVE-2024-39689: remove root certificates from GLOBALTRUST from the root store. CVE-2025-47910: net/http:...
Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues Update to version 2.52.4: CVE-2026-28847: processing maliciously crafted web content may lead to an unexpected process crash or arbitrary code execution due to a heap buffer overflow bsc1267506. CVE-2026-28883: processing maliciously crafted...
Security update for openssl-1_1-livepatches
This update for openssl-11-livepatches fixes the following issues CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7verify bsc1266357. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can ru...
Security update for openssl-1_1
This update for openssl-11 fixes the following issues: CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7verify bsc1266357. CVE-2026-42766: Possible NULL Dereference in Password-Based CMS Decryption bsc1266349. CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption bsc1266341...
Security update for xen
This update for xen fixes the following issues CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264066. CVE-2026-42487: x86 HVM I/O port list traversal bsc1266952. CVE-2026-42488: x86: mismatched mapcache metadata bsc1266955. CVE-2026-42489,CVE-2026-42490: domctl lock open to abuse...
Security update for google-guest-agent
This update for google-guest-agent fixes the following issues Security issues: CVE-2026-39821: Update golang.org/x/net/idna dependency bsc1266603. CVE-2026-39827: Update golang.org/x/crypto dependency bsc1266171. CVE-2026-39828: Update golang.org/x/crypto dependency bsc1266171. CVE-2026-39829:...
Security update for the Linux Kernel (Live Patch 72 for SUSE Linux Enterprise 12 SP5)
This update for the SUSE Linux Enterprise Kernel 4.12.14-122.272 fixes various security issues The following security issues were fixed: CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache bsc1261640. CVE-2026-31504: net: fix fanout UAF in packetrelease via NETDEVUP race...
Security update for the Linux Kernel (Live Patch 38 for SUSE Linux Enterprise 15 SP5)
This update for the SUSE Linux Enterprise Kernel 5.14.21-150500.55.149 fixes various security issues The following security issues were fixed: CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache bsc1261640. CVE-2026-31504: net: fix fanout UAF in packetrelease via NETDEVUP race...
Security update for libarchive
This update for libarchive fixes the following issues CVE-2025-60753: bsdtar hangs and OOMs with zero-length pattern matches bsc1253088. CVE-2026-4111: logical deadlock the RAR5 filter subsystem and the half-window output limiter leads to infinite loop and DoS bsc1259635. CVE-2026-4424: informati...
Security update for podman
This update for podman rebuilds it against the current go security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: SUSE Linux Enterprise...
Security update for rekor
This update for rekor rebuilds it against the current go security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: SUSE Linux Enterprise...
Security update for the Linux Kernel (Live Patch 14 for SUSE Linux Enterprise 15 SP7)
This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.53.52 fixes various security issues The following security issues were fixed: CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache bsc1261640. CVE-2026-31504: net: fix fanout UAF in packetrelease via NETDEVUP race...
Security update for the Linux Kernel (Live Patch 39 for SUSE Linux Enterprise 15 SP5)
This update for the SUSE Linux Enterprise Kernel 5.14.21-150500.55.163 fixes various security issues The following security issues were fixed: CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache bsc1261640. CVE-2026-31504: net: fix fanout UAF in packetrelease via NETDEVUP race...
Security update for the Linux Kernel (Live Patch 79 for SUSE Linux Enterprise 12 SP5)
This update for the SUSE Linux Enterprise Kernel 4.12.14-122.299 fixes various security issues The following security issues were fixed: CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache bsc1261640. CVE-2026-31504: net: fix fanout UAF in packetrelease via NETDEVUP race...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP7 RT kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-38549: efivarfs: Fix memory leak of efivarfsfsinfo in fscontext error paths bsc1248235. CVE-2025-68324: scsi: imm: Fix use-after-free bug caused by unfinished...
Security update for libxslt
This update for libxslt fixes the following issue CVE-2023-40403: Processing web content may disclose sensitive information bsc1238591. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run...
Security update for exiv2
This update for exiv2 fixes the following issues CVE-2021-34334: DoS due to integer overflow in loop counter bsc1189338. CVE-2026-25884: out-of-bounds read in CrwMap: decode0x0805 bsc1259083. CVE-2026-27596: integer overflow in LoaderNative: getData leads to out-of-bounds read bsc1259084...
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Update to Firefox 140.12.0 ESR MFSA 2026-58, bsc1268071: CVE-2026-12289: Privilege escalation in the Graphics: WebRender component. CVE-2026-12290: Memory safety bug fixed in Firefox ESR 140.12. CVE-2026-12291: Use-after-free in the...
Security update for docker-stable
This update for docker-stable fixes the following issues: CVE-2026-33997: Fixed privilege validation bypass during plugin bsc1265907. CVE-2026-34040: Fixed Authz zero length regression bsc1265929. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like...
Security update for docker-stable
This update for docker-stable fixes the following issues CVE-2026-33747: github.com/moby/buildkit: malicious frontends can craft API messages that cause files to be written outside of the BuildKit state directory bsc1260967. CVE-2026-33748: github.com/moby/buildkit: insufficient validation of Git...
Security update for the Linux Kernel (Live Patch 25 for SUSE Linux Enterprise 15 SP6)
This update for the SUSE Linux Enterprise Kernel 6.4.0-150600.23.109 fixes various security issues The following security issues were fixed: CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache bsc1261640. CVE-2026-31504: net: fix fanout UAF in packetrelease via NETDEVUP race...
Security update for the Linux Kernel (Live Patch 31 for SUSE Linux Enterprise 15 SP5)
This update for the SUSE Linux Enterprise Kernel 5.14.21-150500.55.124 fixes various security issues The following security issues were fixed: CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache bsc1261640. CVE-2026-31504: net: fix fanout UAF in packetrelease via NETDEVUP race...