5412 matches found
Security update for python312-setuptools
This update for python312-setuptools fixes the following issues: CVE-2025-47273: path traversal in PackageIndex.download may lead to an arbitrary file write bsc1243313. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for postgresql15
This update for postgresql15 fixes the following issues: Upgrade to 15.13: CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation bsc1242931 Changelog: https://www.postgresql.org/docs/release/15.13/ Patch Instructions: T...
Security update for apparmor
This update for apparmor fixes the following issues: Add dacreadsearch capability for unixchkpwd to allow it to read the shadow file even if it has 000 permissions. This is needed after the CVE-2024-10041 fix in PAM. bsc1241678 Patch Instructions: To install this SUSE update use the SUSE...
Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issues: Update to Mozilla Thunderbird 128.10.1. Security fixes: MFSA 2025-34 bsc1243216 CVE-2025-3875: Sender Spoofing via Malformed From Header in Thunderbird. CVE-2025-3877: Unsolicited File Download, Disk Space Exhaustion, and Credential...
Security update for go1.24
This update for go1.24 fixes the following issues: Update to go1.24.3 bsc1236217: Security fixes: CVE-2025-22873: Fixed os.Root permits access to parent directory bsc1242715 Changelog: go73556 go73555 security: fix CVE-2025-22873 os: Root permits access to parent directory go73082 os: Root.Open...
Security update for python-tornado
This update for python-tornado fixes the following issues: CVE-2025-47287: excessive logging when parsing malformed multipart/form-data can lead to a denial-of-service bsc1243268. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate ...
Security update for go1.23-openssl
This update for go1.23-openssl fixes the following issues: Update to version 1.23.9 bsc1229122: Security fixes: CVE-2024-45336: net/http: sensitive headers incorrectly sent after cross-domain redirect bsc1236046 CVE-2024-45341: crypto/x509: usage of IPv6 zone IDs can bypass URI name constraints...
Security update for gstreamer-plugins-bad
This update for gstreamer-plugins-bad fixes the following issues: CVE-2025-3887: Fixed possible RCE vulnerability via buffer overflow in H265 Codec Parsing bsc1242809. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for glibc
This update for glibc fixes the following issues: CVE-2025-4802: elf: Ignore LDLIBRARYPATH and debug env var for setuid for static bsc1243317 pthreads NPTL: lost wakeup fix 2 bsc1234128, BZ 25847 Mark functions in libcnonshared.a as hidden bsc1239883 Linux: Switch back to assembly syscall wrapper...
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 128.10.1 ESR. MFSA 2025-37 bsc1243303 CVE-2025-4918: Out-of-bounds access when resolving Promise objects CVE-2025-4919: Out-of-bounds access when optimizing linear sums Patch Instructions: To...
Security update for python310-setuptools
This update for python310-setuptools fixes the following issues: CVE-2025-47273: path traversal in PackageIndex.download may lead to an arbitrary file write bsc1243313. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for python-setuptools
This update for python-setuptools fixes the following issues: CVE-2025-47273: path traversal in PackageIndex.download may lead to an arbitrary file write bsc1243313. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for python-Django
This update for python-Django fixes the following issues: CVE-2025-32873: Fixed denial-of-service possibility in striptags bsc1242210 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run t...
Security update for augeas
This update for augeas fixes the following issues: CVE-2025-2588: Fixed check for NULL pointers when calling recaseexpand in function faexpandnocase bsc1239909 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for python36-setuptools
This update for python36-setuptools fixes the following issues: CVE-2025-47273: path traversal in PackageIndex.download may lead to an arbitrary file write bsc1243313. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005573 fixes several issues. The following security issues were fixed: CVE-2024-53156: wifi: ath9k: add range check for connrspepid in htcconnectservice bsc1234847. CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage bsc1229504...
Security update for ca-certificates-mozilla
This update for ca-certificates-mozilla fixes the following issues: test for a concretely missing certificate rather than just the directory, as the latter is now also provided by openssl-3 Re-create java-cacerts with SOURCEDATEEPOCH set for reproducible builds bsc1229003 explicit remove distrust...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-48933: netfilter: nftables: fix memory leak during stateful obj update bsc1229621. CVE-2022-49110: netfilter: conntrack: revisit gc autotuning bsc1237981...
Security update for s390-tools
This update for s390-tools rebuilds the existing package with the new 4k RSA secure boot key. Security issues fixed: CVE-2025-3416: Fixed Use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate. bsc1242622 Other issues: Added the new IBM z17 9175 processor type Patch Instructions: To...
Security update for python-httpcore, python-h11
This update for python-httpcore, python-h11 fixes the following issues: python-h11: - Update 0.16.0: CVE-2025-43859: Fixed accepting of malformed Chunked-Encoding bodies bsc1241872 - 0.15.0: Reject Content-Lengths = 1 zettabyte 1 billion terabytes early, without attempting to parse the integer...
Security update for openssh
This update for openssh fixes the following issues: Security issues fixed: CVE-2025-32728: Fixed a logic error in DisableForwarding option bsc1241012 Other bugs fixed: Allow KEX hashes greater than 256 bits bsc1241045 Fixed hostname being left out of the audit output bsc1228634 Fixed failures wit...
Security update for libraw
This update for libraw fixes the following issues: CVE-2025-43961: Fixed out-of-bounds read in the Fujifilm 0xf00c tag parser in metadata/tiff.cpp bsc1241643 CVE-2025-43962: Fixed out-of-bounds read when tag 0x412 processing in phaseonecorrect function bsc1241585 CVE-2025-43963: Fixed out-of-buff...
Security update for sqlite3
This update for sqlite3 fixes the following issues: Update to release 3.49.1: Improve portability of makefiles and configure scripts. CVE-2025-29087, bsc1241020: Fix a bug in the concatws function, introduced in version 3.44.0, that could lead to a memory error if the separator string is very lar...
Security update for open-vm-tools
This update for open-vm-tools fixes the following issues: Update to 12.5.2: Security fixes: CVE-2025-22247: Fixed Insecure file handling bsc1243106 Other fixes: Fixed GCC 15 compile time error bsc1241938 Fix building with containerd 1.7.25+ bsc1237147 Full changelog:...
Security update for openssl-3
This update for openssl-3 fixes the following issues: Security: CVE-2025-27587: Timing side channel vulnerability in the P-384 implementation when used with ECDSA in the PPC architecture bsc1240366. Missing null pointer check before accessing handshakefunc in ssllib.c bsc1240607. FIPS: Disabling...
Security update for ca-certificates-mozilla
This update for ca-certificates-mozilla fixes the following issues: Update to 2.74 state of Mozilla SSL root CAs: Removed: SwissSign Silver CA - G2 Added: D-TRUST BR Root CA 2 2023 D-TRUST EV Root CA 2 2023 Updated to 2.72 state of Mozilla SSL root CAs bsc1234798: Removed: SecureSign RootCA11...
Security update for java-1_8_0-openjdk
This update for java-180-openjdk fixes the following issues: Update to version jdk8u452 icedtea-3.35.0 Security issues fixed: CVE-2025-21587: unauthorized creation, deletion or modification of critical data through the JSSE component. bsc1241274 CVE-2025-30691: unauthorized update, insert or dele...
Security update for wireshark
This update for wireshark fixes the following issues: CVE-2024-4853: Fixed denial of service in editcap caused by crafted capture file bsc1224259 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively y...
Security update for govulncheck-vulndb
This update for govulncheck-vulndb fixes the following issues: Update to version 0.0.20250506T153719 2025-05-06T15:37:19Z jscPED-11136 GO-2025-3656 GO-2025-3661 GO-2025-3662 GO-2025-3663 GO-2025-3665 Update to version 0.0.20250505T161433 2025-05-05T16:14:33Z jscPED-11136 GO-2025-3645 GO-2025-3646...
Security update for apparmor
This update for apparmor fixes the following issues: Add dacreadsearch capability for unixchkpwd to allow it to read the shadow file even if it has 000 permissions. This is needed after the CVE-2024-10041 fix in PAM. bsc1241678 Patch Instructions: To install this SUSE update use the SUSE...
Security update for util-linux
This update for util-linux fixes the following issues: Updated to version 2.40.4: agetty: Prevent cursor escape bsc1194818 chcpu8: Document CPU deconfiguring behavior fdisk: SGI fixes hardlink: fix memory corruption hardlink.1 directory|file is mandatory lib/env: fix envlistsetenv for strings...
Security update for krb5
This update for krb5 fixes the following issues: CVE-2025-24528: Prevent overflow when calculating ulog block size. An authenticated attacker can cause kadmind to write beyond the end of the mapped region for the iprop log file, likely causing a process crash; bsc1236619. Patch Instructions: To...
Security update for opensaml
This update for opensaml fixes the following issues: CVE-2025-31335: Fixed parameter manipulation allowing forging signed SAML messages bsc1239889 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...
Security update for opensaml
This update for opensaml fixes the following issues: CVE-2025-31335: Fixed a bug where parameter manipulation allows the forging of signed SAML messages. bsc1239889 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for ImageMagick
This update for ImageMagick fixes the following issues: CVE-2025-43965: mishandling of image depth after SetQuantumFormat is used in MIFF image processing. bsc1241659 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for ImageMagick
This update for ImageMagick fixes the following issues: CVE-2025-43965: mishandling of image depth after SetQuantumFormat is used in MIFF image processing. bsc1241659 CVE-2025-46393: mishandling of packetsize leads to rendering of channels in arbitrary order in multispectral MIFF image processing...
Security update for java-11-openjdk
This update for java-11-openjdk fixes the following issues: Upgrade to upstream tag jdk-11.0.27+6 April 2025 CPU CVEs: CVE-2025-21587: Fixed JSSE unauthorized access, deletion or modification of critical data bsc1241274 CVE-2025-30691: Fixed Oracle Java SE Compiler Unauthorized Data Access...
Security update for glib2
This update for glib2 fixes the following issues: CVE-2025-3360: Fixed integer overflow and buffer underread when parsing a very long and invalid ISO 8601 timestamp with gdatetimenewfromiso8601 bsc1240897 Patch Instructions: To install this SUSE update use the SUSE recommended installation method...
Security update for the Linux Kernel (Live Patch 33 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024141 fixes several issues. The following security issues were fixed: CVE-2024-8805: Bluetooth: hcievent: Align BR/EDR JUSTWORKS paring with LE bsc1240840. CVE-2024-50205: ALSA: firewire-lib: Avoid division by zero in applyconstrainttosize bsc1233294...
Security update for poppler
This update for poppler fixes the following issues: CVE-2025-43903: improper verification of adbe.pkcs7.sha1 signatures allows for signature forgeries. bsc1241620 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for python-h11
This update for python-h11 fixes the following issues: CVE-2025-43859: leniency when parsing of line terminators in chunked-coding message bodies can lead to request smuggling. bsc1241872 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for redis
This update for redis fixes the following issues: CVE-2025-21605: Fixed an output buffer denial of service. bsc1241708 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command list...
Security update for containerd
This update for containerd fixes the following issues: Updated containerd to v1.7.27. CVE-2024-40635: Fixed integer overflow in User ID handling bsc1239749. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 128.10.0 ESR MFSA 2025-29 bsc1241621: CVE-2025-2817: Potential privilege escalation in Firefox Updater MFSA-RESERVE-2025-193709: WebGL shader attribute memory corruption in Firefox for macOS...
Security update for augeas
This update for augeas fixes the following issues: CVE-2025-2588: Check for NULL pointers when calling recaseexpand in function faexpandnocase. bsc1239909 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for the Linux Kernel (Live Patch 60 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122228 fixes several issues. The following security issues were fixed: CVE-2024-8805: Bluetooth: hcievent: Align BR/EDR JUSTWORKS paring with LE bsc1240840. CVE-2024-56650: netfilter: xtables: fix LED ID check in ledtgcheck bsc1235431. Patch Instructions: ...
Security update for gpg2
This update for gpg2 fixes the following issues: CVE-2025-30258: Fixed DoS due to a malicious subkey in the keyring bsc1239119 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for docker
This update for docker fixes the following issues: Updated to docker-buildx v0.22.0. Updated to Docker 27.5.1-ce. CVE-2025-0495: buildx: Fixed credential leakage to telemetry endpoints bsc1239765 CVE-2025-22868: Fixed golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in...
Security update for podman
This update for podman fixes the following issues: CVE-2025-22869: Fixed Denial of Service in the Key Exchange of golang.org/x/crypto/ssh bsc1239330. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternative...
Security update for iperf
This update for iperf fixes the following issues: Update to 3.18 bsc1234705, CVE-2024-53580: SECURITY NOTE: Thanks to Leonid Krolle Bi.Zone for discovering a JSON type security vulnerability that caused a segmentation fault in the server. CVE-2024-53580 This has now been fixed. PR1810 UDP packets...