5412 matches found
Security update for kernel-livepatch-MICRO-6-0_Update_4
This update for kernel-livepatch-MICRO-6-0Update4 fixes the following issues: CVE-2024-56605: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2capsockcreate bsc1235062 CVE-2024-56582: btrfs: fix use-after-free in btrfsencodedreadendio bsc1235129 CVE-2024-56601: net: inet: do not...
Security update for kernel-livepatch-MICRO-6-0_Update_3
This update for kernel-livepatch-MICRO-6-0Update3 fixes the following issues: CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inetcreate bsc1235231 CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing bsc1233708 CVE-2024-50301: security/keys: fix...
Security update for kernel-livepatch-MICRO-6-0_Update_2
This update for kernel-livepatch-MICRO-6-0Update2 fixes the following issues: CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inetcreate bsc1235231 CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing bsc1233708 CVE-2024-50301: security/keys: fix...
Security update for kernel-livepatch-MICRO-6-0_Update_2
This update for kernel-livepatch-MICRO-6-0Update2 fixes the following issues: CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inetcreate bsc1235231 CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing bsc1233708 CVE-2024-50301: security/keys: fix...
Security update for the Linux Kernel (Live Patch 57 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122219 fixes several issues. The following security issues were fixed: CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inetcreate bsc1235231. CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing bsc1233708...
Security update for the Linux Kernel (Live Patch 65 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122247 fixes several issues. The following security issues were fixed: CVE-2022-49545: ALSA: usb-audio: Cancel pending work at closing a MIDI substream bsc1238730. CVE-2022-49179: block, bfq: do not move oombfqq bsc1241331. Patch Instructions: To install...
Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: Update to version 2.46.3 bsc1232747: CVE-2024-44244: Processing maliciously crafted web content may lead to an unexpected process crash. CVE-2024-44296: Processing maliciously crafted web content may prevent Content Security Policy from bein...
Security update for pam-config
This update for pam-config fixes the following issues: CVE-2025-6018: Stop adding pamenv in AUTH stack, and be sure to put this module at the really end of the SESSION stack bsc1243226. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for pam-config
This update for pam-config fixes the following issues: CVE-2025-6018: Stop adding pamenv in AUTH stack, and be sure to put this module at the really end of the SESSION stack bsc1243226. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-150600105 fixes several issues. The following security issues were fixed: CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inetcreate bsc1235231. CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing bsc1233708...
Security update for the Linux Kernel (Live Patch 59 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122225 fixes several issues. The following security issues were fixed: CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inetcreate bsc1235231. CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing bsc1233708...
Security update for the Linux Kernel RT (Live Patch 6 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506001020 fixes several issues. The following security issues were fixed: CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inetcreate bsc1235231. CVE-2024-56582: btrfs: fix use-after-free in btrfsencodedreadendio bsc1235129. CVE-2024-56605:...
Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506008 fixes several issues. The following security issues were fixed: CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inetcreate bsc1235231. CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing bsc1233708...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_2
This update for kernel-livepatch-MICRO-6-0-RTUpdate2 fixes the following issues: CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inetcreate bsc1235231 CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing bsc1233708 CVE-2024-50301: security/keys: fi...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_2
This update for kernel-livepatch-MICRO-6-0-RTUpdate2 fixes the following issues: CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inetcreate bsc1235231 CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing bsc1233708 CVE-2024-50301: security/keys: fi...
Security update for python311
This update for python311 fixes the following issues: python311 was updated from version 3.11.10 to 3.11.13: Security issues fixed: CVE-2025-4516: Fixed blocking DecodeError handling vulnerability, which could lead to DoS bsc1243273. CVE-2024-12718, CVE-2025-4138, CVE-2025-4330, CVE-2025-4517:...
Security update for python310
This update for python310 fixes the following issues: python310 was updated from version 3.10.16 to 3.10.18: Security issues fixed: CVE-2025-4516: Fixed blocking DecodeError handling vulnerability, which could lead to DoS bsc1243273 CVE-2024-12718, CVE-2025-4138, CVE-2025-4330, CVE-2025-4517: Fix...
Security update for python3
This update for python3 fixes the following issues: CVE-2025-4516: CPython DecodeError Handling Vulnerability bsc1243273 Other fixes: - Add python36- provides/obsoletes to enable SLE-12 - SLE-15 migration bsc1233012 - Update vendored ipaddress module to 3.8 equivalent - Limit buffer size for...
Security update for pam_pkcs11
This update for pampkcs11 fixes the following issues: CVE-2025-6018: Removes pamenv from auth stack for security reason bsc1243226. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for pam_pkcs11
This update for pampkcs11 fixes the following issues: CVE-2025-6018: Removes pamenv from auth stack for security reason bsc1243226. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for gdm
This update for gdm fixes the following issues: CVE-2025-6018: Removes pamenv from auth stack for security reason bsc1243226. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the comma...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-49110: netfilter: conntrack: revisit gc autotuning bsc1237981. CVE-2022-49139: Bluetooth: fix null ptr deref on hcisyncconncompleteevt bsc1238032...
Security update 4.3.15.2 SUSE Manager Server 4.3
This update fixes the following issues: netty: Security issues fixed: CVE-2024-47535: Decorate InputStream to throw an exception once the data read limit is reached bsc1233297 Other changes: Replace AlgorithmId.sha256WithRSAEncryptionoid usage with specify the OID directly susemanager-sync-data:...
Security update for xorg-x11-server
This update for xorg-x11-server fixes the following issues: CVE-2025-49175: Out-of-bounds access in X Rendering extension Animated cursors bsc1244082. CVE-2025-49176: Integer overflow in Big Requests Extension bsc1244084. CVE-2025-49178: Unprocessed client request via bytes to ignore bsc1244087...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-49775: tcp: cdg: allow tcpcdgrelease to be called multiple times bsc1242245. CVE-2024-53168: net: make sockinuseadd available bsc1234887. CVE-2024-56558:...
Security update for apache2-mod_auth_openidc
This update for apache2-modauthopenidc fixes the following issues: CVE-2025-3891: Fixed denial of service via an empty POST request when OIDCPreservePost is enabled bsc1242015. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for ucode-intel
This update for ucode-intel fixes the following issues: Intel CPU Microcode was updated to the 20250512 release bsc1243123 Security updates for INTEL-SA-01153 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01153.html CVE-2024-28956: Exposure of Sensitive Information in...
Security update for the Linux Kernel
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-52888: media: mediatek: vcodec: Only free buffer VA that is not NULL bsc1228557. CVE-2024-46713: kabi fix for perf/aux: Fix AUX buffer serializatio...
Security update for the Linux Kernel
This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE update use the SUSE...
Security update for python-cryptography
This update for python-cryptography fixes the following issues: CVE-2025-3416: Fixed Use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate bsc1242631 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch...
Security update for helm
This update for helm fixes the following issues: help was updated to version 3.17.3: Helm v3.17.3 is a security patch release. Users are strongly recommended to update to this release. Changelog Unarchiving fix e4da497 Matt Farina Patch Instructions: To install this SUSE update use the SUSE...
Security update for systemd
This update for systemd fixes the following issues: coredump: use %d in kernel core pattern CVE-2025-4598 Revert "macro: terminate the temporary VAARGSFOREACH array with a sentinel" SUSE specific umount: do not move busy network mounts bsc1236177 man/pstore.conf: pstore.conf template is not alway...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-49110: netfilter: conntrack: revisit gc autotuning bsc1237981. CVE-2022-49139: Bluetooth: fix null ptr deref on hcisyncconncompleteevt bsc1238032...
Security update for nbdkit
This update for nbdkit fixes the following issues: Update to version 1.40.6. Security fixes: CVE-2025-47712: integer overflow in blocksize filter when processing client block status requests larger than 232 will trigger an assertion failure and cause a denial-of-service. bsc1243108. CVE-2025-4771...
Security update for perl-YAML-LibYAML
This update for perl-YAML-LibYAML fixes the following issues: CVE-2025-40908: YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified bsc1243902 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for libsoup2
This update for libsoup2 fixes the following issues: CVE-2025-4948: Fixed integer underflow in soupmultipartnewfrommessage leading to denial of service bsc1243332 CVE-2025-4969: Fixed off-by-one out-of-bounds read may lead to infoleak bsc1243423 CVE-2025-32906: Fixed out of bounds reads in...
Security update for libwebp
This update for libwebp fixes the following issues: CVE-2016-9969: freeing of uninitialized memory pointer in SetFrame of AnimEncoder can lead to double free bsc1136199. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for the Linux Kernel RT (Live Patch 8 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506001026 fixes several issues. The following security issues were fixed: CVE-2025-21680: pktgen: Avoid out-of-bounds access in getimixentries bsc1236701. CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmtremoveadvmonitorsync bsc1239096...
Security update for go1.24
This update for go1.24 fixes the following issues: go1.24.4 released 2025-06-05 includes security fixes to the crypto/x509, net/http, and os packages, as well as bug fixes to the linker, the go command, and the hash/maphash and os packages. bsc1236217 go1.24 release tracking CVE-2025-22874...
Security update for open-vm-tools
This update for open-vm-tools fixes the following issues: Updated to 12.5.2: CVE-2025-22247: Fixed insecure file handling bsc1243106 Fixed gcc15 compile time error bsc1241938 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for python-tornado
This update for python-tornado fixes the following issues: CVE-2025-47287: excessive logging when parsing malformed multipart/form-data can lead to a denial-of-service bsc1243268. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate ...
Security update for python-setuptools
This update for python-setuptools fixes the following issues: CVE-2025-47273: path traversal in PackageIndex.download may lead to an arbitrary file write bsc1243313. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issues: Update to Mozilla Thunderbird 128.10.2 MFSA 2025-40, bsc1243303: Security fixes: CVE-2025-4918: Out-of-bounds access when resolving Promise objects bmo1966612 CVE-2025-4919: Out-of-bounds access when optimizing linear sums bmo1966614...
Security update for postgresql16
This update for postgresql16 fixes the following issues: Upgrade to 16.9: CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation bsc1242931 Changelog: https://www.postgresql.org/docs/release/16.9/ Patch Instructions: To...
Security update for libsoup
This update for libsoup fixes the following issues: CVE-2025-4969: Fixed off-by-one out-of-bounds read may lead to infoleak bsc1243423 CVE-2025-4948: Fixed integer underflow in soupmultipartnewfrommessage leading to denial of service bsc1243332 CVE-2025-4476: Fixed NULL pointer dereference may le...
Security update for glibc
This update for glibc fixes the following issues: CVE-2025-4802: possible execution of attacker controlled code when statically linked setuid binaries using dlopen search for libraries to load in LDLIBRARYPATH bsc1243317. Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for gnuplot
This update for gnuplot fixes the following issues: CVE-2025-31178: unvalidated user input leads to segmentation fault on GetAnnotateString bsc1240327. CVE-2025-31179: improper verification of time values leads to segmentation fault on xstrftime bsc1240328. CVE-2025-31181: double fclose call lead...
Security update for bind
This update for bind fixes the following issues: Update to version 9.20.9. Security issues fixed: CVE-2025-40775: denial-of-service due to assertion failure caused by the processing of a NS message with an invalid TSIG bsc1243361. CVE-2024-12705: CPU and memory exhaustion due to DNS-over-HTTPS...
Security update for glibc
This update for glibc fixes the following issues: Security issues fixed: CVE-2025-4802: possible execution of attacker controlled code when statically linked setuid binaries using dlopen search for libraries to load in LDLIBRARYPATH bsc1243317. Other issues fixed: Multi-threaded application hang...
Security update for open-vm-tools
This update for open-vm-tools fixes the following issues: Update to 12.5.2: Security fixes: CVE-2025-22247: Fixed Insecure file handling bsc1243106 Other fixes: Fixed GCC 15 compile time error bsc1241938 Fixed building with containerd 1.7.25+ bsc1237147 Full changelog:...