5415 matches found
Security update for openvswitch
This update for openvswitch fixes the following issues: CVE-2024-2182: Fixed insufficient validation of incoming BFD packets may lead to denial of service bsc1255435 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for protobuf
This update for protobuf fixes the following issues:i CVE-2026-0994: Fixed google.protobuf.Any recursion depth bypass in Python jsonformat.ParseDict bsc1257173. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for the Linux Kernel (Live Patch 43 for SUSE Linux Enterprise 15 SP4)
This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.173 fixes various security issues The following security issues were fixed: CVE-2023-53321: wifi: mac80211hwsim: drop short frames bsc1250314. CVE-2025-38111: net/mdiobus: Fix potential out-of-bounds read/write access bsc1249455...
Security update for the Linux Kernel (Live Patch 16 for SUSE Linux Enterprise 15 SP6)
This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.73 fixes various security issues The following security issues were fixed: CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum bsc1253473. CVE-2025-40186: tcp: Don't call reqskfastopenremove in tcpconnreques...
Security update for curl
This update for curl fixes the following issues: CVE-2025-14017: Fixed broken TLS options for threaded LDAPS bsc1256105. CVE-2025-14524: bearer token leak on cross-protocol redirect bsc1255731. CVE-2025-14819: libssh global knownhost override bsc1255732. CVE-2025-15079: libssh key passphrase bypa...
Security update for ImageMagick
This update for ImageMagick fixes the following issues: CVE-2026-23874: manipulation of digital images can lead to stack overflow bsc1256976. CVE-2026-23876: maliciously crafted image can lead to heap buffer overflow bsc1256962. CVE-2026-23952: processing comment tag can cause null pointer...
Security update for glibc-livepatches
This update for glibc-livepatches fixes the following issues: CVE-2026-0861: Fixed that inadequate size check in the memalign suite may result in an integer overflow bsc1256913 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for openCryptoki
This update for openCryptoki fixes the following issues: CVE-2026-23893: Privilege Escalation or Data Exposure via Symlink Following bsc1257116. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively yo...
Security update for munge
This update for munge fixes the following issues: CVE-2026-25506: buffer overflow in message unpacking bsc1257651. Make logrotate work on log as user munge to prevent local privilege escalation bsc1246088. Patch Instructions: To install this SUSE update use the SUSE recommended installation metho...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP7 kernel was updated to fix various security issues The following security issues were fixed: CVE-2023-54013: interconnect: Fix locking for runpm vs reclaim bsc1256280. CVE-2025-39880: libceph: fix invalid accesses to cephconnectionv1info bsc1250388. CVE-2025-40238:...
Security update for ImageMagick
This update for ImageMagick fixes the following issues: CVE-2026-22770: improper pointer initialization can cause denial of service bsc1256969. CVE-2026-23874: manipulation of digital images can lead to stack overflow bsc1256976. CVE-2026-23876: maliciously crafted image can lead to heap buffer...
Security update for avahi
This update for avahi fixes the following issues: CVE-2025-68276: avahi: reachable assertion in avahiwideareascancache can lead to crash of avahi-daemon bsc1256498. CVE-2025-68468: avahi: reachable assertion in lookupmulticastcallback can lead to crash of avahi-daemon bsc1256499. CVE-2025-68471:...
Security update for freerdp
This update for freerdp fixes the following issues: CVE-2026-22852: a malicious RDP server can trigger a heap-buffer-overflow in audinprocessformats bsc1256718. CVE-2026-22854: server-controlled read length is used to read file data into an IRP output can cause heap-buffer-overflow in...
Security update for libsoup2
This update for libsoup2 fixes the following issues: CVE-2026-1761: Check length of bytes read in soupfilterinputstreamreaduntil to avoid a stack-based buffer overflow. bsc1257598 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate ...
Security update for cockpit-machines
This update for cockpit-machines fixes the following issues: CVE-2025-13465: Update the lodash dependencie to avoid prototype pollution. bsc1257324 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...
Security update for ImageMagick
This update for ImageMagick fixes the following issues: CVE-2026-23874: manipulation of digital images can lead to stack overflow bsc1256976. CVE-2026-23876: maliciously crafted image can lead to heap buffer overflow bsc1256962. CVE-2026-23952: processing comment tag can cause null pointer...
Security update for cockpit-podman
This update for cockpit-podman fixes the following issues: CVE-2025-13465: Update the lodash dependencie to avoid prototype pollution. bsc1257324 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively y...
Security update for libheif
This update for libheif fixes the following issues: CVE-2025-68431: Fixed heap buffer over-read in HeifPixelImage::overlay via crafted HEIF that exercises the overlay image item bsc1255735 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for util-linux
This update for util-linux fixes the following issues: CVE-2025-14104: Fixed heap buffer overread in setpwnam when processing 256-byte usernames bsc1254666. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for openssl-1_1
This update for openssl-11 fixes the following issues: CVE-2026-22795: Missing ASN1TYPE validation in PKCS12 parsing bsc1256839. CVE-2025-69420: Missing ASN1TYPE validation in TSRESPverifyresponse function bsc1256837. CVE-2025-69421: NULL Pointer Dereference in PKCS12itemdecryptd2iex function...
Security update for kubernetes
This update for kubernetes rebuilds it against the current GO security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: Containers Module...
Security update for python-pyasn1
This update for python-pyasn1 fixes the following issues: CVE-2026-23490: Fixed malformed RELATIVE-OID with excessive continuation octets leading to Denial of Service bsc1256902 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for the Linux Kernel (Live Patch 12 for SUSE Linux Enterprise 15 SP6)
This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.53 fixes various security issues The following security issues were fixed: CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in liotargetnaclinfoshow bsc1251787. CVE-2025-38476: rpl: Fix use-after-free in rpldosrhinline...
Security update for glib2
This update for glib2 fixes the following issues: CVE-2026-0988: Fixed a potential integer overflow in gbufferedinputstreampeek bsc1257049. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can...
Security update for libsoup2
This update for libsoup2 fixes the following issues: CVE-2025-14523: Reject duplicated Host in headers and followed upstream update bsc1254876. CVE-2026-0719: Fixed overflow for password md4sum bsc1256399 Patch Instructions: To install this SUSE update use the SUSE recommended installation method...
Security update for librsvg
This update for librsvg fixes the following issues: Update to version 2.57.4 - bsc1243867: CVE-2024-12224: RUSTSEC-2024-0421 - idna accepts Punycode labels that do not produce any non-ASCII when decoded. RUSTSEC-2024-0404 - Unsoundness in anstream. Patch Instructions: To install this SUSE update...
Security update for dpdk
This update for dpdk fixes the following issues: Update to version 24.11.4: CVE-2025-23259: Fixed an attacker on a VM in the system can cause information disclosure and denial of service bsc1254161. Changelog: https://doc.dpdk.org/guides-24.11/relnotes/release2411.htmlid10...
Security update for busybox
This update for busybox fixes the following issues: Security issues: CVE-2025-46394: Fixed tar hidden files via escape sequence CVE-2025-46394, bsc1241661 CVE-2025-60876: Fixed HTTP request header injection in wget CVE-2025-60876, bsc1253245 Other issues: Set CONFIGFIRSTSYSTEMID to 201 to avoid...
Security update for libsoup
This update for libsoup fixes the following issues: CVE-2025-14523: Reject duplicated Host in headers and followed upstream update bsc1254876. CVE-2026-0716: Fixed out-of-bounds read for websocket bsc1256418 CVE-2026-0719: Fixed overflow for password md4sum bsc1256399 Patch Instructions: To insta...
Security update for postgresql17, postgresql18
This update for postgresql17, postgresql18 fixes the following issues: Changes in postgresql18: Fix build with uring for post SLE15 code streams. Update to 18.1: https://www.postgresql.org/about/news/p-3171/ https://www.postgresql.org/docs/release/18.1/ bsc1253332, CVE-2025-12817: Missing check f...
Security update for libsodium
This update for libsodium fixes the following issues: CVE-2025-15444: fixed cryptographic bypass via improper elliptic curve point validation bsc1256070. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for libpng16
This update for libpng16 fixes the following issues: CVE-2026-22695: Fixed heap buffer over-read in pngimagefinishread bsc1256525 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for the Linux Kernel (Live Patch 30 for SUSE Linux Enterprise 15 SP5)
This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.121 fixes various security issues The following security issues were fixed: CVE-2022-50327: ACPI: processor: idle: Check acpifetchacpidev return value bsc1254451. CVE-2022-50409: net: If sock is dead don't access sock's skwq in...
Security update for the Linux Kernel (Live Patch 34 for SUSE Linux Enterprise 15 SP4)
This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.144 fixes various security issues The following security issues were fixed: CVE-2022-50233: bluetooth: device name can cause reading kernel memory by not supplying terminal \0 bsc1249242. CVE-2022-50327: ACPI: processor: idle: Che...
Security update for the Linux Kernel RT (Live Patch 5 for SUSE Linux Enterprise 15 SP7)
This update for the SUSE Linux Enterprise kernel 6.4.0-150700.7.19 fixes various security issues The following security issues were fixed: CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in liotargetnaclinfoshow bsc1251787. CVE-2025-40204: sctp: Fix MAC comparison to be constant-time...
Security update for libsoup
This update for libsoup fixes the following issues: CVE-2025-14523: Reject duplicated Host in headers and followed upsteram update bsc1254876. CVE-2026-0719: Fixed overflow for password md4sum bsc1256399 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-49110: netfilter: conntrack: revisit gc autotuning bsc1237981. CVE-2022-49139: Bluetooth: fix null ptr deref on hcisyncconncompleteevt bsc1238032...
Security update for python310
This update for python310 fixes the following issues: CVE-2025-12084: quadratic complexity when building nested elements using xml.dom.minidom methods that depend on clearidcache can lead to availability issues when building excessively nested documents bsc1254997. CVE-2025-13836: use of...
Security update for ovmf
This update for ovmf fixes the following issues: CVE-2022-36765: Fixed integer overflow to buffer overflow via local network vulnerability bsc1218680. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for libtasn1
This update for libtasn1 fixes the following issues: CVE-2025-13151: stack-based buffer overflow in asn1expendoctetstring bsc1256341. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run t...
Security update for libheif
This update for libheif fixes the following issues: CVE-2025-68431: Fixed heap buffer over-read in HeifPixelImage::overlay via crafted HEIF that exercises the overlay image item bsc1255735 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for gimp
This update for gimp fixes the following issues: CVE-2025-15059: Fixed Heap-based Buffer Overflow Remote Code Execution Vulnerability in GIMP PSP File Parsing bsc1255766. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zyppe...
Security update for poppler
This update for poppler fixes the following issues: CVE-2025-11896: Fixed infinite recursion leading to stack overflow due to object loop in PDF CMap bsc1252337 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for curl
This update for curl fixes the following issues: CVE-2025-14017: Fixed broken TLS options for threaded LDAPS bsc1256105. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command...
Security update for ImageMagick
This update for ImageMagick fixes the following issues: CVE-2025-68469: crash due to heap buffer overflow when processing a specially crafted TIFF file bsc1255391. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch...
Security update for curl
This update for curl fixes the following issues: CVE-2025-14524: bearer token leak on cross-protocol redirect bsc1255731. CVE-2025-14819: libssh global knownhost override bsc1255732. CVE-2025-15079: libssh key passphrase bypass without agent set bsc1255733. CVE-2025-15224: OpenSSL partial chain...
Security update for curl
This update for curl fixes the following issues: CVE-2025-14524: bearer token leak on cross-protocol redirect bsc1255731. CVE-2025-14819: libssh global knownhost override bsc1255732. CVE-2025-15079: libssh key passphrase bypass without agent set bsc1255733. CVE-2025-15224: OpenSSL partial chain...
Security update for rsync
This update for rsync fixes the following issues: CVE-2025-10158: Fixed out of bounds array access via negative index bsc1254441 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for govulncheck-vulndb
This update for govulncheck-vulndb fixes the following issues: Update to version 0.0.20251230T014957 2025-12-30T01:49:57Z jscPED-11136. Go CVE Numbering Authority IDs added or updated with aliases: GO-2025-4249 CVE-2025-68120 CVE-2025-68120 GO-2025-4254 CVE-2025-62190 GHSA-gmx5-frv9-9m9f...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-50280: pnode: terminate at peers of source bsc1249806. CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in liotargetnaclinfoshow bsc1251786...