5440 matches found
Security update for bind
This update for bind fixes the following issues: CVE-2026-1519: high CPU load during insecure delegation validation due to excessive NSEC3 iterations bsc1260805. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for nfs-utils
This update for nfs-utils fixes the following issue: Security fixes: CVE-2025-12801: rpc.mountd allows a NFSv3 client to escalate their privileges and access subdirectories and subtrees of an exported directory bsc1259204. Other fixes: Split from nfs-utils into its own spec and changelog file...
Security update for rubygem-bundler
This update for rubygem-bundler fixes the following issues: Updated to version 2.2.34. CVE-2020-36327: Bundler chooses a dependency source based on the highest gem version number, which means that a rogue gem found at a public source may be chosen bsc1185842 CVE-2021-43809: rubygem-bundler: remot...
Security update for tigervnc
This update for tigervnc fixes the following issues: CVE-2026-34352: Fixed permissions to prevent other users from observing the screen, or modifying what is sent to the client. bsc1260871 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for tigervnc
This update for tigervnc fixes the following issues: CVE-2026-34352: Fixed permissions to prevent other users from observing the screen, or modifying what is sent to the client. bsc1260871 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for the Linux Kernel (Live Patch 68 for SUSE Linux Enterprise 12 SP5)
This update for the SUSE Linux Enterprise Kernel 4.12.14-122.258 fixes various security issues The following security issues were fixed: CVE-2023-53794: cifs: fix session state check in reconnect to avoid use-after-free issue bsc1255235. CVE-2025-39973: i40e: add validation for ringlen param...
Security update for the Linux Kernel (Live Patch 47 for SUSE Linux Enterprise 15 SP4)
This update for the SUSE Linux Enterprise Kernel 5.14.21-150400.24.187 fixes various security issues The following security issues were fixed: CVE-2025-71120: SUNRPC: svcauthgss: avoid NULL deref on zero length gsstoken in gssreadproxyverf bsc1256780. CVE-2026-22999: net/sched: schqfq: do not fre...
Security update for the Linux Kernel (Live Patch 48 for SUSE Linux Enterprise 15 SP4)
This update for the SUSE Linux Enterprise Kernel 5.14.21-150400.24.194 fixes one security issue The following security issue was fixed: CVE-2026-23209: macvlan: fix error recovery in macvlancommonnewlink bsc1258784. Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for the Linux Kernel (Live Patch 40 for SUSE Linux Enterprise 15 SP4)
This update for the SUSE Linux Enterprise Kernel 5.14.21-150400.24.164 fixes various security issues The following security issues were fixed: CVE-2025-39973: i40e: add validation for ringlen param bsc1252036. CVE-2025-40018: ipvs: Defer ipvsftp unregister during netns cleanup bsc1252689...
Security update for the Linux Kernel (Live Patch 15 for SUSE Linux Enterprise 15 SP6)
This update for the SUSE Linux Enterprise Kernel 6.4.0-150600.23.70 fixes various security issues The following security issues were fixed: CVE-2025-39973: i40e: add validation for ringlen param bsc1252036. CVE-2025-40018: ipvs: Defer ipvsftp unregister during netns cleanup bsc1252689...
Security update for bind
This update for bind fixes the following issues: CVE-2026-1519: high CPU load during insecure delegation validation due to excessive NSEC3 iterations bsc1260805. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for python-pyOpenSSL
This update for python-pyOpenSSL fixes the following issues: CVE-2026-27448: unhandled exception can result in connection not being cancelled bsc1259804. CVE-2026-27459: large cookie value can lead to a buffer overflow bsc1259808. Patch Instructions: To install this SUSE update use the SUSE...
Security update for libsoup2
This update for libsoup2 fixes the following issue: CVE-2026-0716: improper bounds handling may allow out-of-bounds read bsc1256418. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run th...
Security update for python-tornado
This update for python-tornado fixes the following issues: CVE-2026-31958: parsing large multipart bodies with many parts can cause a denial of service bsc1259553. incomplete validation of cookie attributes allows for injection of user-controlled values in other cookie attributes bsc1259630. Patc...
Security update for wireshark
This update for wireshark fixes the following issues: Update Wireshark to version 4.6.4 jscPED-15400. CVE-2024-9780: ITS dissector crash bsc1231475. CVE-2024-9781: AppleTalk and RELOAD Framing dissector crash bsc1231476. CVE-2024-11595: Loop with Unreachable Exit Condition 'Infinite Loop' in...
Security update for python-tornado
This update for python-tornado fixes the following issues: CVE-2025-67724: missing validation of the supplied reason phrase bsc1254903. CVE-2025-67725: Denial of Service DoS via maliciously crafted HTTP request caused by the HTTPHeaders.add method bsc1254905. CVE-2026-31958: parsing large multipa...
Security update for redis
This update for redis fixes the following issue: a user can manipulate data read by a connection by injecting sequences into a Redis error reply bsc1258706. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for the Linux Kernel (Live Patch 1 for SUSE Linux Enterprise 15 SP7)
This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.53.3 fixes various security issues The following security issues were fixed: CVE-2025-38159: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds bsc1257629. CVE-2025-38488: smb: client: fix use-after-free in...
Security update for python-deepdiff
This update for python-deepdiff fixes the following issues: CVE-2026-33155: Fixed denial of service via builtins.bytes, builtins.list, builtins.range bsc1260064. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for xen
This update for xen fixes the following issues: CVE-2026-23554: xen: Use after free of paging structures in EPT bsc1259247, XSA-480 CVE-2026-23555: xen: Xenstored DoS by unprivileged domain bsc1259248, XSA-481 Patch Instructions: To install this SUSE update use the SUSE recommended installation...
Security update for xen
This update for xen fixes the following issues: CVE-2026-23554: xen: Use after free of paging structures in EPT bsc1259247, XSA-480 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for the Linux Kernel (Live Patch 14 for SUSE Linux Enterprise 15 SP6)
This update for the SUSE Linux Enterprise Kernel 6.4.0-150600.23.65 fixes various security issues The following security issues were fixed: CVE-2025-38488: smb: client: fix use-after-free in cryptmessage when using async crypto bsc1247240. CVE-2025-40258: mptcp: fix race condition in...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-21738: ata: libata-sff: Ensure that we cannot write outside the allocated buffer bsc1238917. CVE-2025-40242: gfs2: Fix unlikely race in gdlmputlock bsc1255075...
Security update for nghttp2
This update for nghttp2 fixes the following issues: CVE-2026-27135: Assertion failure due to missing state validation can lead to DoS bsc1259845. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively y...
Security update for the Linux Kernel (Live Patch 33 for SUSE Linux Enterprise 15 SP5)
This update for the SUSE Linux Enterprise Kernel 5.14.21-150500.55.130 fixes various security issues The following security issues were fixed: CVE-2022-50697: mrp: introduce active flags to prevent UAF when applicant uninit bsc1255595. CVE-2023-53781: smc: Fix use-after-free in tcpwritetimerhandl...
Security update for the Linux Kernel (Live Patch 29 for SUSE Linux Enterprise 15 SP5)
This update for the SUSE Linux Enterprise Kernel 5.14.21-150500.55.116 fixes various security issues The following security issues were fixed: CVE-2022-50697: mrp: introduce active flags to prevent UAF when applicant uninit bsc1255595. CVE-2023-53257: wifi: mac80211: check S1G action frame size...
Security update for
This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.7.13 fixes various security issues The following security issues were fixed: CVE-2025-38488: smb: client: fix use-after-free in cryptmessage when using async crypto bsc1247240. CVE-2025-40258: mptcp: fix race condition in...
Security update for util-linux
This update for util-linux fixes the following issues: CVE-2026-3184: Fix full hostname usage for PAM to ensure correct access control for "login -h" bsc1258859. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for ImageMagick
This update for ImageMagick fixes the following issues: CVE-2026-24481: Possible Heap Information Disclosure in PSD ZIP Decompression bsc1258743. CVE-2026-24484: denial of service vulnerability via multi-layer nested MVG to SVG conversion bsc1258790. CVE-2026-24485: denial of service via malforme...
Security update for libsoup
This update for libsoup fixes the following issues: CVE-2026-1467: lack of input sanitization can lead to unintended or unauthorized HTTP requests bsc1257398. CVE-2026-1539: proxy authentication credentials leaked via the Proxy-Authorization header when handling HTTP redirects bsc1257441...
Security update for postgresql14
This update for postgresql14 fixes the following issues: Update to version 14.22 bsc1258754. Security issues fixed: CVE-2026-2003: improper validation of type "oidvector" may allow disclose a few bytes of server memory bsc1258008. CVE-2026-2004: intarray missing validation of type of input to...
Security update for the Linux Kernel (Live Patch 34 for SUSE Linux Enterprise 15 SP5)
This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.133 fixes various security issues The following security issues were fixed: CVE-2023-54142: gtp: Fix use-after-free in gtpencapdestroy bsc1256097. CVE-2025-38129: pagepool: fix use-after-free in pagepoolrecycleinring bsc1258139...
Security update for the Linux Kernel (Live Patch 3 for SUSE Linux Enterprise 15 SP7)
This update for the SUSE Linux Enterprise kernel 6.4.0-150700.53.11 fixes various security issues The following security issues were fixed: CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in findhwthreadmask bsc1249480. CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length...
Security update for munge
This update for munge fixes the following issues: CVE-2026-25506: buffer overflow in message unpacking bsc1257651. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed f...
Security update for python313-wheel
This update for python313-wheel fixes the following issues: CVE-2026-24049: Fixed absent path sanitization can cause arbitrary file permission modification bsc1257100. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for python-brotlipy
This update for python-brotlipy fixes the following issues: Add max length decompression bsc1254867, bsc1256017 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for...
Security update for python-urllib3
This update for python-urllib3 fixes the following issues: CVE-2025-66471: excessive resource consumption via decompression of highly compressed data in Streaming API bsc1254867. CVE-2025-66418: resource exhaustion via unbounded number of links in the decompression chain bsc1254866. Patch...
Security update for net-snmp
This update for net-snmp fixes the following issues: CVE-2025-68615: Fixed snmptrapd buffer overflow bsc1255491 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for...
Security update for the Linux Kernel (Live Patch 29 for SUSE Linux Enterprise 15 SP5)
This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.116 fixes various security issues The following security issues were fixed: CVE-2022-50327: ACPI: processor: idle: Check acpifetchacpidev return value bsc1254451. CVE-2022-50409: net: If sock is dead don't access sock's skwq in...
Security update for the Linux Kernel (Live Patch 21 for SUSE Linux Enterprise 15 SP5)
This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.88 fixes various security issues The following security issues were fixed: CVE-2022-50327: ACPI: processor: idle: Check acpifetchacpidev return value bsc1254451. CVE-2022-50409: net: If sock is dead don't access sock's skwq in...
Security update for libsoup
This update for libsoup fixes the following issues: CVE-2025-14523: Reject duplicated Host in headers bsc1254876. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed fo...
Security update for curl
This update for curl fixes the following issues: CVE-2025-14017: Fixed broken TLS options for threaded LDAPS bsc1256105 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command...
Security update for python-filelock
This update for python-filelock fixes the following issues: CVE-2025-68146: TOCTOU race condition may allow local attackers to corrupt or truncate arbitrary user files bsc1255244. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate ...
Security update for libvirt
This update for libvirt fixes the following issues: Security fixes: CVE-2025-13193: Fixed umask for 'qemu-img' when creating external inactive snapshots bsc1253703 CVE-2025-12748: Fixed check ACLs before parsing the whole domain XML bsc1253278 Other fixes: libvirt-supportconfig: Add support for...
Security update for libvirt
This update for libvirt fixes the following issues: Security fixes: CVE-2025-13193: Fixed umask for 'qemu-img' when creating external inactive snapshots bsc1253703 CVE-2025-12748: Fixed check ACLs before parsing the whole domain XML bsc1253278 Other fixes: libvirt-supportconfig: Add support for...
Security update for curl
This update for curl fixes the following issues: CVE-2025-14524: Fixed bearer token leak on cross-protocol redirect bsc1255731 CVE-2025-15079: Fixed unknown host connection acceptance when set in the global knownhostsfile bsc1255733 CVE-2025-14819: Fixed issue where alteration of...
Security update for libpcap
This update for libpcap fixes the following issues: CVE-2025-11961: missing validation of provided MAC-48 address string in pcapetheraton can lead to out-of-bounds read and write bsc1255765. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for mozjs60
This update for mozjs60 fixes the following issues: CVE-2024-50602: embedded expat: make XMLStopParser refuse to stop/suspend an unstarted parser and be explicit about XMLPARSING in XMLStopParser bsc1232602 CVE-2024-45492: embedded expat: detect integer overflow in function nextScaffoldPart...
Security update for qemu
This update for qemu fixes the following issues: Security issues fixed: CVE-2023-1544: out-of-bounds read in VMWare's paravirtual RDMA device operations can be exploited through a malicious guest driver to crash the QEMU process on the host bsc1209554. CVE-2024-6505: heap-based buffer overflow in...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-50280: pnode: terminate at peers of source bsc1249806. CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in liotargetnaclinfoshow bsc1251786...