Security update for java-1_8_0-openjdk

This update for java-180-openjdk fixes the following issues: CVE-2026-21925: Fixed a vulnerability in the Oracle Java SE component RMI. bsc1257034 CVE-2026-21932: Fixed a vulnerability in the Oracle Java SE component AWT and JavaFX. bsc1257036 CVE-2026-21933: Fixed a vulnerability in the Oracle...

Security update for qemu

This update for qemu fixes the following issues: CVE-2026-0665: Added PIRQ bounds check in xenphysdevmappirq to avoid an out-of-bounds heap. bsc1256484 Other fixes: Fixed that QEMU migration fails if a qemu-vdagent channel is present in the VM bsc1257474 Patch Instructions: To install this SUSE...

Security update for nodejs20

This update for nodejs20 fixes the following issues: Update to 20.20.0: CVE-2026-22036: Updated undici to 6.23.0 bsc1256848 CVE-2025-59465: Add TLSSocket default error handler bsc1256573 CVE-2025-55132: Disable futimes when permission model is enabled bsc1256571 CVE-2025-55130: Require full read...

Security update for kubernetes-old

This update for kubernetes-old rebuilds it against the current GO security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: openSUSE Leap...

Security update for go1.24-openssl

This update for go1.24-openssl fixes the following issues: Update to version 1.24.12 released 2026-01-15 jscSLE-18320, bsc1236217: Security fixes: CVE-2025-47912: net/url: insufficient validation of bracketed IPv6 hostnames bsc1251257. CVE-2025-58183: archive/tar: unbounded allocation when parsin...

Security update for libsoup

This update for libsoup fixes the following issues: CVE-2026-0716: Fixed out-of-bounds read for websocket bsc1256418 CVE-2026-0719: Fixed overflow for password md4sum bsc1256399 CVE-2025-14523: Reject duplicated Host in headers and followed upstream update bsc1254876. Patch Instructions: To insta...

Security update for the Linux Kernel (Live Patch 40 for SUSE Linux Enterprise 15 SP4)

This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.164 fixes various security issues The following security issues were fixed: CVE-2022-50233: bluetooth: device name can cause reading kernel memory by not supplying terminal \0 bsc1249242. CVE-2022-50327: ACPI: processor: idle: Che...

Security update for podman

This update for podman fixes the following issues: CVE-2025-47914: Fixed ssh-agent that could cause a panic due to an out-of-bounds read with non validated message size bsc1253993 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate ...

Security update for libpng16

This update for libpng16 fixes the following issues: CVE-2025-65018: Fixed heap buffer overflow in pngcombinerow triggered via pngimagefinishread bsc1254160 CVE-2025-66293: Fixed LIBPNG out-of-bounds read in pngimagereadcomposite bsc1254480 CVE-2025-64506: Fixed heap buffer over-read in...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 kernel was updated to fix various security issues The following security issues were fixed: CVE-2022-50327: ACPI: processor: idle: Check acpifetchacpidev return value bsc1249859. CVE-2022-50334: hugetlbfs: fix null-ptr-deref in hugetlbfsparseparam bsc1249857...

Security update for the Linux Kernel (Live Patch 13 for SUSE Linux Enterprise 15 SP6)

This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.60 fixes various security issues The following security issues were fixed: CVE-2025-38500: xfrm: interface: fix use-after-free after changing collectmd xfrm interface bsc1248672. CVE-2025-38616: tls: handle data disappearing from...

Security update for the Linux Kernel (Live Patch 51 for SUSE Linux Enterprise 15 SP3)

This update for the SUSE Linux Enterprise kernel 5.3.18-150300.59.185 fixes various security issues The following security issues were fixed: CVE-2022-50388: nvme: fix multipath crash caused by flush request when blktrace is enabled bsc1250295. CVE-2022-50432: kernfs: fix use-after-free in...

Security update for the Linux Kernel (Live Patch 30 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-15050055121 fixes several issues. The following security issues were fixed: CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631. CVE-2022-50252: igb: Do not free qvector unless new one was allocated bsc1249847. Patch...

Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP7)

This update for the Linux Kernel 6.4.0-150700533 fixes several issues. The following security issues were fixed: CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631. CVE-2025-38511: drm/xe/pf: Clear all LMTT pages on alloc bsc1248176. CVE-2025-38617: net/packet: fi...

Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: Upgrade to upstream tag jdk-11.0.29+7 October 2025 CPU: CVE-2025-53057: Fixed unauthenticated attacker can achieve unauthorized creation, deletion or modification access to critical data bsc1252414. CVE-2025-53066: Fixed unauthenticated...

Security update for kernel-livepatch-MICRO-6-0_Update_4

This update for kernel-livepatch-MICRO-6-0Update4 fixes the following issues: CVE-2025-21971: netsched: Prevent creation of classes with TCHROOT bsc1245794 CVE-2025-38206: exfat: fix double free in delayedfree bsc1246075 CVE-2025-38396: fs: export anoninodemakesecureinode and fix secretmem LSM...

Security update for the Linux Kernel (Live Patch 58 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059207 fixes several issues. The following security issues were fixed: CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns bsc1248673. CVE-2025-21971: netsched: Prevent creation of classes with TCHROOT bsc1245794...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 Confidential Computing kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2025-39782: jbd2: prevent softlockup in jbd2logdocheckpoint bsc1249526. CVE-2025-39773: net: bridge: fix soft lockup in...

Security update for the Linux Kernel

This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE update use the SUSE...

Security update for haproxy

This update for haproxy fixes the following issues: CVE-2025-11230: Fixed issue in the mjson JSON decoder, that could have let to excessive resource consumption when processing numbers with large exponents bsc1250983. Patch Instructions: To install this SUSE update use the SUSE recommended...

Security update for the Linux Kernel (Live Patch 69 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122261 fixes one issue. The following security issue was fixed: CVE-2025-38477: net/sched: schqfq: Fix race condition on qfqaggregate bsc1247315. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

Security update for open-vm-tools

This update for open-vm-tools fixes the following issues: CVE-2025-41244: local privilege escalation via the Service Discovery Plugin bsc1250373. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively y...

Security update for open-vm-tools

This update for open-vm-tools fixes the following issues: CVE-2025-41244: local privilege escalation via the Service Discovery Plugin bsc1250373. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively y...

Security update for kernel-livepatch-MICRO-6-0-RT_Update_4

This update for kernel-livepatch-MICRO-6-0-RTUpdate4 fixes the following issues: CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245505 CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579 CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree...

Security update for kernel-livepatch-MICRO-6-0-RT_Update_2

This update for kernel-livepatch-MICRO-6-0-RTUpdate2 fixes the following issues: CVE-2025-38079: crypto: algifhash - fix double free in hashaccept bsc1245218 CVE-2025-38083: netsched: prio: fix a race in priotune bsc1245350 CVE-2025-38494: HID: core: do not bypass hidhwrawrequest bsc1247350...

Security update for the Linux Kernel (Live Patch 12 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002353 fixes several issues. The following security issues were fixed: CVE-2025-38494: HID: core: do not bypass hidhwrawrequest bsc1247350. CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID bsc1247351...

Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002350 fixes several issues. The following security issues were fixed: CVE-2025-38494: HID: core: do not bypass hidhwrawrequest bsc1247350. CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID bsc1247351...

Security update for python3

This update for python3 fixes the following issues: CVE-2025-4516: use-after-free in the unicode-escape decoder when using the error handler bsc1243273. CVE-2024-12718: Fixed extraction filter bypass that allowed file metadata modification outside extraction directory bsc1244056 CVE-2025-4138:...

Security update for python311

This update for python311 fixes the following issues: CVE-2025-8194: Fixed denial of service caused by tar archives with negative offsets bsc1247249. CVE-2025-6069: Avoid worst case quadratic complexity when processing certain crafted malformed inputs with HTMLParser bsc1244705. CVE-2025-4435:...

Security update for kernel-livepatch-MICRO-6-0_Update_4

This update for kernel-livepatch-MICRO-6-0Update4 fixes the following issues: CVE-2024-53146: NFSD: prevent a potential integer overflow bsc1234854 CVE-2024-53166: block, bfq: fix bfqq uaf in bfqlimitdepth bsc1234885 CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open...

Security update for python-starlette

This update for python-starlette fixes the following issues: CVE-2025-54121: Correctly parse multi-part form with large files to avoid DoS. bsc1246855 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

Security update for the Linux Kernel (Live Patch 22 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005591 fixes several issues. The following security issues were fixed: CVE-2024-57893: ALSA: seq: oss: Fix races at processing SysEx messages bsc1235921. CVE-2025-21772: partitions: mac: fix handling of bogus partition table bsc1238912. CVE-2024-53166:...

Security update for the Linux Kernel (Live Patch 34 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024144 fixes several issues. The following security issues were fixed: CVE-2024-53146: NFSD: Prevent a potential integer overflow bsc1234854. CVE-2022-49465: blk-throttle: Set BIOTHROTTLED when bio has been throttled bsc1238920. CVE-2024-53214:...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-52888: media: mediatek: vcodec: Only free buffer VA that is not NULL bsc1228557. CVE-2024-49568: net/smc: check v2extoffset/eidcnt/ismgidcnt when receiving...

Security update for tomcat

This update for tomcat fixes the following issues: CVE-2025-31651: Better handling of URLs with literal ';' and '?' bsc1242009. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...

Security update for xen

This update for xen fixes the following issues: CVE-2024-28956: Fixed Intel CPU: Indirect Target Selection ITS XSA-469 bsc1243117 CVE-2024-53241: Fixed Xen hypercall page unsafe against speculative attacks XSA-466 bsc1234282 CVE-2025-1713: Fixed deadlock potential with VT-d and legacy PCI device...

Security update for tomcat10

This update for tomcat10 fixes the following issues: Update to Tomcat 10.1.40 CVE-2025-31650: invalid priority field values should be ignored bsc1242008 CVE-2025-31651: Better handling of URLs with literal ';' and '?' bsc1242009 Full changelog:...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF bsc1237918. CVE-2022-49465: blk-throttle: Set BIOTHROTTLED when bio has been throttled bsc1238919...

Security update for warewulf4

This update for warewulf4 fixes the following issues: warewulf4 was updated from version 4.5.8 to 4.6.0: Security issues fixed for version 4.6.0: CVE-2025-22869: Fixed Denial of Service vulnerability in the Key Exchange of golang.org/x/crypto/ssh bsc1239322 CVE-2025-22870: Fixed proxy bypass usin...

Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-26924: scsi: lpfc: Release hbalock before calling lpfcworkerwakeup bsc1225820. CVE-2024-27397: netfilter: nftables: use timestamp to check for set...

Security update for SUSE Manager Client Tools and Salt Bundle

This update for SUSE Manager Client Tools and Salt Bundle the following issues: uyuni-tools: venv-salt-minion: Security fixes on Python 3.11 interpreter: CVE-2024-7592: Fixed quadratic complexity in parsing -quoted cookie values with backslashes bsc1229873, bsc1230059 CVE-2024-8088: Prevent...

Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005568 fixes several issues. The following security issues were fixed: CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1232637...

Security update for tomcat10

This update for tomcat10 fixes the following issues: Update to Tomcat 10.1.33 Fixed CVEs: CVE-2024-52316: If the Jakarta Authentication fails with an exception, set a 500 status bsc1233434 Catalina Add: Add support for the new Servlet API method HttpServletResponse.sendEarlyHints. markt Add: 5547...

Security update for SUSE Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: Security fixes on Python 3.11 interpreter: CVE-2024-7592: Fixed quadratic complexity in parsing -quoted cookie values with backslashes bsc1229873, bsc1230059 CVE-2024-8088: Prevent malformed payload to cause infinite loops in zipfile.Path...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-52610: net/sched: actct: fix skb leak and crash on ooo frags bsc1221610. CVE-2023-52752: smb: client: fix use-after-free bug in cifsdebugdataprocshow...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs bsc1266290. CVE-2025-68324: scsi: imm: Fix use-after-free bug caused by unfinished delayed work...

Security update for amazon-ssm-agent

This update for amazon-ssm-agent fixes the following issues Update to version 3.3.4624.0: CVE-2025-22869: golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh bsc1239342. CVE-2025-22870: golang.org/x/net/proxy: proxy bypass using IPv6 zone IDs bsc1238702...

Security update for dnsmasq

This update for dnsmasq fixes the following issues CVE-2026-2291: VU471747: dnsmasq can be abused to record false cached data enabling DoS or attacker redirect bsc1258251. CVE-2026-4890: DoS vulnerability in the DNSSEC validation bsc1265001. CVE-2026-4891: heap-based out-of-bounds read...

Security update for frr

This update for frr fixes the following issue: CVE-2026-5107: Fixed an improper access controls in EVPN Type-2 Route Handler bsc1261013. CVE-2026-28532: Harden TE/SR TLV iteration against malformed lengths bsc1263859. CVE-2026-37457: Fix off-by-one error in FlowSpec operator array bounds check...

Security update for perl-HTTP-Daemon

This update for perl-HTTP-Daemon fixes the following issues: CVE-2026-8450: Fixed OS command injection via sendfile bsc1266370. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...