5415 matches found
Security update for python312
This update for python312 fixes the following issues: CVE-2025-12084: quadratic complexity when building nested elements using xml.dom.minidom methods that depend on clearidcache can lead to availability issues when building excessively nested documents bsc1254997. CVE-2025-13836: use of...
Security update for ImageMagick
This update for ImageMagick fixes the following issues: CVE-2025-65955: possible use-after-free/double-free in Options::fontFamily when clearing a family can lead to crashes or memory corruption bsc1254435. CVE-2025-66628: possible integer overflow in the TIM image parser's ReadTIMImage function...
Security update for python3
This update for python3 fixes the following issues: CVE-2025-12084: cpython: Fixed quadratic algorithm in xml.dom.minidom leading to denial of service bsc1254997 CVE-2025-13836: Fixed default Content-Lenght read amount from HTTP response bsc1254400 CVE-2025-13837: Fixed plistlib module denial of...
Security update for apache2-mod_auth_openidc
This update for apache2-modauthopenidc fixes the following issues: Update to 2.4.17.1 bsc1248806 / PED-14130. Remove many patches, as they've been merged upstream. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch...
Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: Update to version 2.50.4. Security issues fixed: CVE-2025-14174: processing maliciously crafted web content may lead to memory corruption due to improper validation bsc1255497. CVE-2025-43501: processing maliciously crafted web content may...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP7 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-50253: bpf: make sure skb-len != 0 when redirecting to a tunneling device bsc1249912. CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in...
Security update for libsoup
This update for libsoup fixes the following issues: CVE-2025-12105: Fixed heap use-after-free in message queue handling during HTTP/2 read completion bsc1252555 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for mozjs52
This update for mozjs52 fixes the following issues: CVE-2024-45491: Fixed integer overflow in dtdCopy bsc1230037 CVE-2024-50602: Fixed DoS via XMLResumeParser bsc1232599 CVE-2024-45492: Fixed integer overflow in function nextScaffoldPart bsc1230038 CVE-2024-45490: Fixed negative len for...
Security update for rsync
This update for rsync fixes the following issues: CVE-2025-10158: Fixed out-of-bounds array access via negative index bsc1254441 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for mariadb
This update for mariadb fixes the following issues: CVE-2025-13699: Fixed MariaDB mariadb-dump utility vulnerable to Path Traversal and Remote Code Execution bsc1254313 Other fixes: Update to 10.6.24 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods lik...
Security update for python36
This update for python36 fixes the following issues: CVE-2025-6075: quadratic complexity in os.path.expandvars can lead to performance degradation when values passed to it are user-controlled bsc1252974. CVE-2025-8291: lack of validity checks on the ZIP64 End of Central Directory EOCD record allo...
Security update for colord
This update for colord fixes the following issues: Rework fix for CVE-2021-42523 to avoid invalid pointer error during certain installations bsc1250750. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Maintenance update for Multi-Linux Manager 4.3 Release Notes Release Notes
Description: This update fixes the following issues: release-notes-susemanager-proxy: Update to SUSE Manager 4.3.16.2 Security update 4.3.16.2 for Multi-Linux Manager Server LTS Description: This update fixes the following issues: release-notes-susemanager: Update to SUSE Manager 4.3.16.2 SUSE...
Security update 5.0.6 for Multi-Linux Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2025-62349: Added minimumauthversion to enforce security bsc1254257 CVE-2025-62348: Fixed Junos module yaml loader bsc1254256 Backport security fixes for vendored tornado BDSA-2024-3438 BDSA-2024-3439...
Security update 5.0.6 for Multi-Linux Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2025-62349: Added minimumauthversion to enforce security bsc1254257 CVE-2025-62348: Fixed Junos module yaml loader bsc1254256 Backport security fixes for vendored tornado BDSA-2024-3438 BDSA-2024-3439...
Security update 5.1.1.1 for Multi-Linux Manager Client Tools
This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2025-62349: Added minimumauthversion to enforce security bsc1254257 CVE-2025-62348: Fixed Junos module yaml loader bsc1254256 Backport security fixes for vendored tornado BDSA-2024-3438 BDSA-2024-3439...
Security update 5.1.1.1 for Multi-Linux Manager Client Tools
This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2025-62349: Added minimumauthversion to enforce security bsc1254257 CVE-2025-62348: Fixed Junos module yaml loader bsc1254256 Backport security fixes for vendored tornado BDSA-2024-3438 BDSA-2024-3439...
Security update 5.1.1.1 for Multi-Linux Manager Client Tools
This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2025-62349: Added minimumauthversion to enforce security bsc1254257 CVE-2025-62348: Fixed Junos module yaml loader bsc1254256 Backport security fixes for vendored tornado BDSA-2024-3438 BDSA-2024-3439...
Security update 5.1.1.1 for Multi-Linux Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2025-62349: Added minimumauthversion to enforce security bsc1254257 CVE-2025-62348: Fixed Junos module yaml loader bsc1254256 Backport security fixes for vendored tornado BDSA-2024-3438 BDSA-2024-3439...
Security update for poppler
This update for poppler fixes the following issues: CVE-2025-11896: Fixed infinite recursion leading to stack overflow due to object loop in PDF CMap bsc1252337 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for helm
This update for helm rebuilds it against current GO to fix security issues in go-stdlib. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: SUSE...
Security update for python39
This update for python39 fixes the following issues: Update to 3.9.25: Security gh-137836: Add support of the “plaintext” element, RAWTEXT elements “xmp”, “iframe”, “noembed” and “noframes”, and optionally RAWTEXT element “noscript” in html.parser.HTMLParser. gh-136063: email.message: ensure line...
Security update for ImageMagick
This update for ImageMagick fixes the following issues: CVE-2025-66628: possible integer overflow in the TIM image parser's ReadTIMImage function can lead to arbitrary memory disclosure on 32-bit systems bsc1254820. Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for ImageMagick
This update for ImageMagick fixes the following issues: CVE-2025-65955: possible use-after-free/double-free in Options::fontFamily when clearing a family can lead to crashes or memory corruption bsc1254435. CVE-2025-66628: possible integer overflow in the TIM image parser's ReadTIMImage function...
Security update for ImageMagick
This update for ImageMagick fixes the following issues: CVE-2025-65955: possible use-after-free/double-free in Options::fontFamily when clearing a family can lead to crashes or memory corruption bsc1254435. CVE-2025-66628: possible integer overflow in the TIM image parser's ReadTIMImage function...
Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issues: Update to Mozilla Thunderbird 140.6 bsc1254551. MFSA 2025-96 CVE-2025-14321: use-after-free in the WebRTC: Signaling component. CVE-2025-14322: sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component...
Security update for python311
This update for python311 fixes the following issues: Update to 3.11.14: CVE-2025-6075: Fixed simple quadratic complexity vulnerabilities of os.path.expandvars bsc1252974 CVE-2025-8291: Fixed validity of the ZIP64 End of Central Directory EOCD not checked by the 'zipfile' module bsc1251305 Patch...
Security update for python-Django
This update for python-Django fixes the following issues: CVE-2025-13372: Fixed SQL Injection in FilteredRelation bsc1254437 CVE-2025-64460: Fixed denial of service via specially crafted XML input in django.core.serializers.xmlserializer.getInnerText bsc1254437 Patch Instructions: To install this...
Security update for gegl
This update for gegl fixes the following issues: CVE-2025-10921: Fixed HDR file parsing heap-based buffer overflow that can lead to remote code execution. bsc1250496 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for glib2
This update for glib2 fixes the following issues: CVE-2025-7039: Fixed buffer under-read on glib through glib/gfileutils.c via gettmpfile bsc1249055 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternativel...
Security update for gnutls
This update for gnutls fixes the following issues: CVE-2025-9820: Fixed buffer overflow in gnutlspkcs11tokeninit. bsc1254132 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the comman...
Security update for gegl
This update for gegl fixes the following issues: CVE-2025-10921: lack of proper validation of user-supplied data when parsing HDR files can lead to RCE bsc1250496. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch...
Security update for gegl
This update for gegl fixes the following issues: CVE-2025-10921: Fixed HDR file parsing heap-based buffer overflow that can lead to remote code execution. bsc1250496 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for gimp
This update for gimp fixes the following issues: CVE-2025-10922: Fixed GIMP DCM file parsing heap-based buffer overflow remote code execution vulnerability. bsc1250497 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for libmicrohttpd
This update for libmicrohttpd fixes the following issues: CVE-2025-59777: Fixed NULL pointer dereference via specially crafted packet sent by an attacker bsc1253177 CVE-2025-62689: Fixed heap-based buffer overflow via specially crafted packet sent by an attacker bsc1253178 Patch Instructions: To...
Security update for the Linux Kernel (Live Patch 26 for SUSE Linux Enterprise 15 SP5)
This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.103 fixes various security issues The following security issues were fixed: CVE-2024-53141: netfilter: ipset: add missing range check in bitmapipuadt bsc1245778. CVE-2025-23145: mptcp: fix NULL pointer in canacceptnewsubflow...
Security update for the Linux Kernel (Live Patch 11 for SUSE Linux Enterprise 15 SP6)
This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.50 fixes various security issues The following security issues were fixed: CVE-2025-38500: xfrm: interface: fix use-after-free after changing collectmd xfrm interface bsc1248672. CVE-2025-38616: tls: handle data disappearing from...
Security update for glib2
This update for glib2 fixes the following issues: CVE-2025-7039: Fixed buffer under-read on glib through glib/gfileutils.c via gettmpfile bsc1249055 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternativel...
Security update for the Linux Kernel (Live Patch 6 for SUSE Linux Enterprise 15 SP6)
This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.30 fixes various security issues The following security issues were fixed: CVE-2024-53141: netfilter: ipset: add missing range check in bitmapipuadt bsc1245778. CVE-2025-23145: mptcp: fix NULL pointer in canacceptnewsubflow...
Security update for grub2
This update for grub2 fixes the following issues: CVE-2025-54771: Fixed rubfileclose does not properly controls the fs refcount bsc1252931 CVE-2025-61661: Fixed out-of-bounds write in grubusbgetstring function bsc1252932 CVE-2025-61662: Fixed missing unregister call for gettext command may lead t...
Security update for the Linux Kernel (Live Patch 35 for SUSE Linux Enterprise 15 SP4)
This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.147 fixes various security issues The following security issues were fixed: CVE-2023-53673: Bluetooth: hcievent: call disconnect callback before deleting conn bsc1251983. CVE-2024-53141: netfilter: ipset: add missing range check i...
Security update for the Linux Kernel (Live Patch 33 for SUSE Linux Enterprise 15 SP4)
This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.141 fixes various security issues The following security issues were fixed: CVE-2023-53673: Bluetooth: hcievent: call disconnect callback before deleting conn bsc1251983. CVE-2024-53141: netfilter: ipset: add missing range check i...
Security update for amazon-ssm-agent
This update for amazon-ssm-agent fixes the following issues: CVE-2025-47913: Fixed a bug in the client process termination when receiving an unexpected message type in response to a key listing or signing request. bsc1253598 Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for glib2
This update for glib2 fixes the following issues: CVE-2025-7039: Fixed buffer under-read on glib through glib/gfileutils.c via gettmpfile bsc1249055 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternativel...
Security update for sssd
This update for sssd fixes the following issues: CVE-2025-11561: Fixed privilege escalation on AD-joined Linux systems due to default Kerberos configuration disabling localauth an2ln plugin bsc1251827 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods li...
Security update for curl
This update for curl fixes the following issues: CVE-2025-11563: Fixed wcurl path traversal with percent-encoded slashes bsc1253757 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for the Linux Kernel (Live Patch 60 for SUSE Linux Enterprise 15 SP3)
This update for the SUSE Linux Enterprise kernel 5.3.18-150300.59.215 fixes various security issues The following security issues were fixed: CVE-2022-50388: nvme: fix multipath crash caused by flush request when blktrace is enabled bsc1250295. CVE-2022-50432: kernfs: fix use-after-free in...
Security update for alloy
This update for alloy fixes the following issues: update to 1.11.3: CVE-2025-58058: Fixed memory leaks in xz. bsc1248960 CVE-2025-11065: Fixed sensitive Information leak in logs. bsc1250621 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for bind
This update for bind fixes the following issues: CVE-2025-40778: Address various spoofing attacks bsc1252379. CVE-2025-40780: Cache-poisoning due to weak pseudo-random number generator bsc1252380. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like...
Security update for openssh8.4
This update for openssh8.4 fixes the following issues: CVE-2025-61984: Fixed code execution via control characters in usernames when a ProxyCommand is used bsc1251198 CVE-2025-61985: Fixed code execution via '\0' character in ssh:// URI when a ProxyCommand is used bsc1251199 Patch Instructions: T...