5411 matches found
Security update for libsoup
This update for libsoup fixes the following issues: CVE-2025-14523: Reject duplicated Host in headers bsc1254876. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed fo...
Security update for curl
This update for curl fixes the following issues: CVE-2025-14017: Fixed broken TLS options for threaded LDAPS bsc1256105 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command...
Security update for python-filelock
This update for python-filelock fixes the following issues: CVE-2025-68146: TOCTOU race condition may allow local attackers to corrupt or truncate arbitrary user files bsc1255244. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate ...
Security update for libvirt
This update for libvirt fixes the following issues: Security fixes: CVE-2025-13193: Fixed umask for 'qemu-img' when creating external inactive snapshots bsc1253703 CVE-2025-12748: Fixed check ACLs before parsing the whole domain XML bsc1253278 Other fixes: libvirt-supportconfig: Add support for...
Security update for libvirt
This update for libvirt fixes the following issues: Security fixes: CVE-2025-13193: Fixed umask for 'qemu-img' when creating external inactive snapshots bsc1253703 CVE-2025-12748: Fixed check ACLs before parsing the whole domain XML bsc1253278 Other fixes: libvirt-supportconfig: Add support for...
Security update for curl
This update for curl fixes the following issues: CVE-2025-14524: Fixed bearer token leak on cross-protocol redirect bsc1255731 CVE-2025-15079: Fixed unknown host connection acceptance when set in the global knownhostsfile bsc1255733 CVE-2025-14819: Fixed issue where alteration of...
Security update for libpcap
This update for libpcap fixes the following issues: CVE-2025-11961: missing validation of provided MAC-48 address string in pcapetheraton can lead to out-of-bounds read and write bsc1255765. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for mozjs60
This update for mozjs60 fixes the following issues: CVE-2024-50602: embedded expat: make XMLStopParser refuse to stop/suspend an unstarted parser and be explicit about XMLPARSING in XMLStopParser bsc1232602 CVE-2024-45492: embedded expat: detect integer overflow in function nextScaffoldPart...
Security update for qemu
This update for qemu fixes the following issues: Security issues fixed: CVE-2023-1544: out-of-bounds read in VMWare's paravirtual RDMA device operations can be exploited through a malicious guest driver to crash the QEMU process on the host bsc1209554. CVE-2024-6505: heap-based buffer overflow in...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-50280: pnode: terminate at peers of source bsc1249806. CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in liotargetnaclinfoshow bsc1251786...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-50280: pnode: terminate at peers of source bsc1249806. CVE-2023-53659: iavf: Fix out-of-bounds when setting channels on remove bsc1251247. CVE-2023-53676:...
Security update for python313
This update for python313 fixes the following issues: Update to version 3.13.11. Security issues fixed: CVE-2025-12084: quadratic complexity when building nested elements using xml.dom.minidom methods that depend on clearidcache can lead to availability issues when building excessively nested...
Security update for salt
This update for salt fixes the following issues: Security issues fixed: CVE-2025-62349: Added minimumauthversion to enforce security bsc1254257 CVE-2025-62348: Fixed Junos module yaml loader bsc1254256 Backport security fixes for vendored tornado BDSA-2024-3438 BDSA-2024-3439 BDSA-2024-9026 Other...
Security update for salt
This update for salt fixes the following issues: Security issues fixed: CVE-2025-62349: Added minimumauthversion to enforce security bsc1254257 CVE-2025-62348: Fixed Junos module yaml loader bsc1254256 Backport security fixes for vendored tornado BDSA-2024-3438 BDSA-2024-3439 BDSA-2024-9026 Other...
Security update 5.1.1.1 for Multi-Linux Manager Client Tools
This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2025-62349: Added minimumauthversion to enforce security bsc1254257 CVE-2025-62348: Fixed Junos module yaml loader bsc1254256 Backport security fixes for vendored tornado BDSA-2024-3438 BDSA-2024-3439...
Security update 5.1.1.1 for Multi-Linux Manager Client Tools
This update fixes the following issues: grafana was updated from version 11.5.7 to 11.5.10: Security issues fixed: CVE-2025-64751: Drop experimental implementation of authorization Zanzana server/client version 11.5.10 bsc1254113 CVE-2025-47911: Fix parsing HTML documents version 11.5.10 bsc12514...
Security update for glib2
This update for glib2 fixes the following issues: CVE-2025-14512: integer overflow in the GIO escapebytestring function when processing malicious files or remote filesystem attribute values can lead to denial-of-service bsc1254878. CVE-2025-14087: buffer underflow in the GVariant parser...
Security update for glib2
This update for glib2 fixes the following issues: CVE-2025-14512: integer overflow in the GIO escapebytestring function when processing malicious files or remote filesystem attribute values can lead to denial-of-service bsc1254878. CVE-2025-14087: buffer underflow in the GVariant parser...
Security update for usbmuxd
This update for usbmuxd fixes the following issues: CVE-2025-66004: Fixed LPE from nobody to usbmux bsc1254302 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for...
Security update for poppler
This update for poppler fixes the following issues: CVE-2025-11896: Fixed infinite recursion leading to stack overflow due to object loop in PDF CMap bsc1252337 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for poppler
This update for poppler fixes the following issues: CVE-2025-11896: Fixed infinite recursion leading to stack overflow due to object loop in PDF CMap bsc1252337 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for postgresql15
This update for postgresql15 fixes the following issues: Upgraded to 15.15: CVE-2025-12817: Fixed missing check for CREATE privileges on the schema in CREATE STATISTICS bsc1253332 CVE-2025-12818: Fixed integer overflow in allocation-size calculations within libpq bsc1253333 Other fixes: Use...
Security update for postgresql14
This update for postgresql14 fixes the following issues: Upgraded to 14.20: CVE-2025-12817: Fixed missing check for CREATE privileges on the schema in CREATE STATISTICS bsc1253332 CVE-2025-12818: Fixed integer overflow in allocation-size calculations within libpq bsc1253333 Other fixes: Use...
Security update for python3
This update for python3 fixes the following issues: CVE-2025-6075: quadratic complexity in os.path.expandvars can lead to performance degradation when values passed to it are user-controlled bsc1252974. CVE-2025-8291: lack of validity checks on the ZIP64 End of Central Directory EOCD record allow...
Security update for fontforge
This update for fontforge fixes the following issues: CVE-2025-50949: Fixed a memory leak in the DlgCreate8 function. bsc1252652 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-t
This update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container fixes the following issues: Updated...
Security update for the Linux Kernel (Live Patch 62 for SUSE Linux Enterprise 15 SP3)
This update for the SUSE Linux Enterprise kernel 5.3.18-150300.59.221 fixes various security issues The following security issues were fixed: CVE-2022-50388: nvme: fix multipath crash caused by flush request when blktrace is enabled bsc1250295. CVE-2022-50432: kernfs: fix use-after-free in...
Security update for the Linux Kernel (Live Patch 43 for SUSE Linux Enterprise 15 SP4)
This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.173 fixes one security issue The following security issue was fixed: CVE-2023-53673: Bluetooth: hcievent: call disconnect callback before deleting conn bsc1251983. Patch Instructions: To install this SUSE update use the SUSE...
Security update for sssd
This update for sssd fixes the following issues: CVE-2025-11561: Fixed privilege escalation on AD-joined Linux systems due to default Kerberos configuration disabling localauth an2ln plugin bsc1251827 Other fixes: Install file in krb5.conf.d to include sssd krb5 config snippets bsc1244325 Patch...
Security update for sssd
This update for sssd fixes the following issues: CVE-2025-11561: Fixed privilege escalation on AD-joined Linux systems due to default Kerberos configuration disabling localauth an2ln plugin bsc1251827 Other fixes: Install file in krb5.conf.d to include sssd krb5 config snippets bsc1244325 Patch...
Security update for the Linux Kernel (Live Patch 63 for SUSE Linux Enterprise 12 SP5)
This update for the SUSE Linux Enterprise kernel 4.12.14-122.237 fixes one security issue The following security issue was fixed: CVE-2024-53141: netfilter: ipset: add missing range check in bitmapipuadt bsc1245778. Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for the Linux Kernel (Live Patch 61 for SUSE Linux Enterprise 12 SP5)
This update for the SUSE Linux Enterprise kernel 4.12.14-122.231 fixes various security issues The following security issues were fixed: CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1232637. CVE-2022-49014: net: tun: Fix use-after-free in tundetach bsc1232818. CVE-2022-49053: scsi...
Security update for libxml2
This update for libxml2 fixes the following issues: CVE-2025-9714: Fixed inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c bsc1249076 CVE-2025-8732: Fixed infinite recursion in catalog parsing functions when processing malformed SGML catalog files bsc1247850 Patch...
Security update for libxml2
This update for libxml2 fixes the following issues: CVE-2025-9714: Fixed inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c bsc1249076 CVE-2025-8732: Fixed infinite recursion in catalog parsing functions when processing malformed SGML catalog files bsc1247850 Patch...
Security update for openssh
This update for openssh fixes the following issues: CVE-2025-61984: Fixed code execution via control characters in usernames when a ProxyCommand is used bsc1251198 CVE-2025-61985: Fixed code execution via '\0' character in ssh:// URI when a ProxyCommand is used bsc1251199 Patch Instructions: To...
Security update for binutils
This update for binutils fixes the following issues: Do not enable '-z gcs=implicit' on aarch64 for old codestreams. Update to version 2.45: New versioned release of libsframe.so.2 s390: tools now support SFrame format 2; recognize "z17" as CPU name bsc1247105, jscIBM-1485 sframe sections are now...
Security update for lasso
This update for lasso fixes the following issues: CVE-2025-46784: Fixed memory exhaustion in Entr'ouvert Lasso bsc1253094 CVE-2025-46404: Fixed denial of service in Entr'ouvert Lasso bsc1253092 CVE-2025-46705: Fixed denial of service in Entr'ouvert Lasso bsc1253093 CVE-2025-47151: Fixed type...
Security update for lasso
This update for lasso fixes the following issues: CVE-2025-46404: Fixed denial of service in Entr'ouvert Lasso bsc1253092 CVE-2025-46705: Fixed denial of service in Entr'ouvert Lasso bsc1253093 CVE-2025-47151: Fixed type confusion vulnerability in the lassonodeimplinitfromxml functionality...
Security update for the Linux Kernel (Live Patch 28 for SUSE Linux Enterprise 15 SP5)
This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.113 fixes various security issues The following security issues were fixed: CVE-2022-50252: igb: Do not free qvector unless new one was allocated bsc1249847. CVE-2024-53164: net: sched: fix ordering of qlen adjustment bsc1246019...
Security update for ongres-scram
This update for ongres-scram fixes the following issues: CVE-2025-59432: Fixed timing attack vulnerability in SCRAM Authentication bsc1250399 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you c...
Security update for squid
This update for squid fixes the following issues: CVE-2025-62168: Fixed failure to redact HTTP authentication credentials in error handling leading to information disclosure bsc1252281 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for the Linux Kernel (Live Patch 4 for SLE 15 SP7)
This update for the Linux Kernel 6.4.0-1507005316 fixes one issue. The following security issue was fixed: CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for tiff
This update for tiff fixes the following issues: CVE-2025-8851: Fixed stack-based buffer overflow vulnerability in tools/tiffcrop.c function readSeparateStripsIntoBuffer by implementing additional error handling bsc1248278. Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for ImageMagick
This update for ImageMagick fixes the following issues: CVE-2025-62594: Fixed unsigned underflow and division-by-zero that can lead to OOB pointer arithmetic and process crash. bsc1252749 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for kernel-livepatch-MICRO-6-0_Update_8
This update for kernel-livepatch-MICRO-6-0Update8 fixes the following issues: CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631 CVE-2025-38618: vsock: Do not allow binding to VMADDRPORTANY bsc1249207 CVE-2025-38617: net/packet: fix a race in packetsetring and...
Security update for kernel-livepatch-MICRO-6-0_Update_9
This update for kernel-livepatch-MICRO-6-0Update9 fixes the following issues: CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631 CVE-2025-38618: vsock: Do not allow binding to VMADDRPORTANY bsc1249207 CVE-2025-38617: net/packet: fix a race in packetsetring and...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_12
This update for kernel-livepatch-MICRO-6-0-RTUpdate12 fixes the following issues: CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for kernel-livepatch-MICRO-6-0_Update_5
This update for kernel-livepatch-MICRO-6-0Update5 fixes the following issues: CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631 CVE-2025-38618: vsock: Do not allow binding to VMADDRPORTANY bsc1249207 CVE-2025-38617: net/packet: fix a race in packetsetring and...
Security update for kernel-livepatch-MICRO-6-0_Update_11
This update for kernel-livepatch-MICRO-6-0Update11 fixes the following issues: CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631 CVE-2025-38678: nftables: reject duplicate device on updates bsc1249534 Patch Instructions: To install this SUSE update use the SUSE...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_10
This update for kernel-livepatch-MICRO-6-0-RTUpdate10 fixes the following issues: CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631 CVE-2025-38618: vsock: Do not allow binding to VMADDRPORTANY bsc1249207 CVE-2025-38617: net/packet: fix a race in packetsetring and...