5440 matches found
Security update for postgresql16
This update for postgresql16 fixes the following issues: Upgraded to 16.10: CVE-2025-8713: Fixed optimizer statistics exposing sampled data within a view, partition, or child table bsc1248120 CVE-2025-8714: Fixed untrusted data inclusion in pgdump allows superuser of origin server to execute...
Security update for the Linux Kernel (Live Patch 59 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059211 fixes one issue. The following security issue was fixed: CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU bsc1246030. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate ...
Security update for the Linux Kernel (Live Patch 69 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122261 fixes several issues. The following security issues were fixed: CVE-2025-38000: schhfsc: Fix qlen accounting bug when using peek in hfscenqueue bsc1245775. CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU bsc1246030. Patch Instructions: To...
Security update for the Linux Kernel (Live Patch 66 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122250 fixes several issues. The following security issues were fixed: CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF bsc1237930. CVE-2025-38000: schhfsc: Fix qlen accounting bug when using peek in hfscenqueue bsc1245775. CVE-2025-38212: ipc: fi...
Security update for the Linux Kernel (Live Patch 61 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122231 fixes several issues. The following security issues were fixed: CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF bsc1237930. CVE-2025-38000: schhfsc: Fix qlen accounting bug when using peek in hfscenqueue bsc1245775. CVE-2024-47674: mm: avo...
Security update for ImageMagick
This update for ImageMagick fixes the following issues: CVE-2025-55004: Fixed heap buffer over-read in in ReadOneMNGIMage when processing images with separate alpha channels bsc1248076. CVE-2025-55005: Fixed heap buffer overflow when transforming from Log to sRGB colorspaces bsc1248077...
Security update for curl
This update for curl fixes the following issues: CVE-2025-5399: libcurl can possibly get trapped in an endless busy-loop when processing specially crafted packets bsc1243933. CVE-2025-5025: No QUIC certificate pinning with wolfSSL bsc1243706. CVE-2025-4947: QUIC certificate check skip with wolfSS...
Security update for sqlite3
This update for sqlite3 fixes the following issues: CVE-2025-6965: Fixed integer truncation bsc1246597. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your...
Security update for gstreamer
This update for gstreamer fixes the following issues: CVE-2024-47606: Avoid integer overflow when allocating sysmem bsc1234449. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for firebird
This update for firebird fixes the following issues: CVE-2017-11509: authenticated remote code execution via the definition external functions that don't match the original definition of the entry point bsc1087421. Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for libsoup2
This update for libsoup2 fixes the following issues: CVE-2025-4945: Fixed Integer Overflow in Cookie Expiration Date Handling in libsoup bsc1243314. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternativel...
Security update for aide
This update for aide fixes the following issues: CVE-2025-54389: Escape control characters in report and log output bsc1247884. CVE-2025-54409: Fix null pointer dereference after reading incorrectly encoded xattr attributes from database bsc1247885. Patch Instructions: To install this SUSE update...
Security update for opensc
This update for opensc fixes the following issues: CVE-2023-5992: Side-channel leaks while stripping encryption PKCS1 padding bsc1219386. CVE-2024-8443: Heap buffer overflow in OpenPGP driver when generating key bsc1230364. CVE-2024-45620: Incorrect handling of the length of buffers or files in...
Security update for rav1e
This update for rav1e fixes the following issues: CVE-2024-58266: shlex: Fixed certain bytes allowed to appear unquoted and unescaped in command arguments bsc1247207 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for gimp
This update for gimp fixes the following issues: CVE-2025-2760: lack of proper validation of user-supplied data in DDS parser can lead to integer overflow and remote code execution bsc1241690. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for nvidia-open-driver-G06-signed
This update for nvidia-open-driver-G06-signed fixes the following issues: Updated CUDA variant to 580.65.06: CVE-2025-23277: Fixed access memory outside bounds permitted under normal use cases in NVIDIA Display Driver bsc1247528 CVE-2025-23278: Fixed improper index validation by issuing a call wi...
Security update for python-aiohttp
This update for python-aiohttp fixes the following issues: CVE-2025-53643: Fixed request smuggling due to incorrect parsing of chunked trailer section bsc1246517 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for jetty-minimal
This update for jetty-minimal fixes the following issues: Upgraded to version 9.4.58.v20250814: - CVE-2025-5115: Fixed MadeYouReset DoS attack via HTTP/2 protocol including DNS over HTTPS bsc1244252 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like...
Security update for git
This update for git fixes the following issues: Updated to 2.43.7 jscPED-13447: CVE-2025-27613: Fixed arbitrary writable file creation and truncation in Gitk bsc1245938 CVE-2025-27614: Fixed arbitrary script execution via repo clonation in Gitk bsc1245939 CVE-2025-46835: Fixed arbitrary writable...
Security update for kernel-livepatch-MICRO-6-0_Update_2
This update for kernel-livepatch-MICRO-6-0Update2 fixes the following issues: CVE-2025-38079: crypto: algifhash - fix double free in hashaccept bsc1245218 CVE-2025-38083: netsched: prio: fix a race in priotune bsc1245350 CVE-2025-38494: HID: core: do not bypass hidhwrawrequest bsc1247350...
Security update for libarchive
This update for libarchive fixes the following issues: CVE-2025-5916, Fixed integer overflow while reading warc files at archivereadsupportformatwarc.c bsc1244270 CVE-2025-5914: Fixed double free due to an integer overflow in the archivereadformatrarseekdata function bsc1244272 Patch Instructions...
Security update for postgresql15
This update for postgresql15 fixes the following issues: Upgrade to 15.14: CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table bsc1248120. CVE-2025-8714: untrusted data inclusion in pgdump lets superuser of origin server execute arbitrary code in...
Security update for kernel-livepatch-MICRO-6-0_Update_6
This update for kernel-livepatch-MICRO-6-0Update6 fixes the following issues: CVE-2025-38079: crypto: algifhash - fix double free in hashaccept bsc1245218 CVE-2025-38083: netsched: prio: fix a race in priotune bsc1245350 CVE-2025-38494: HID: core: do not bypass hidhwrawrequest bsc1247350...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_5
This update for kernel-livepatch-MICRO-6-0-RTUpdate5 fixes the following issues: CVE-2025-38079: crypto: algifhash - fix double free in hashaccept bsc1245218 CVE-2025-38083: netsched: prio: fix a race in priotune bsc1245350 CVE-2025-38494: HID: core: do not bypass hidhwrawrequest bsc1247350...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_4
This update for kernel-livepatch-MICRO-6-0-RTUpdate4 fixes the following issues: CVE-2025-38079: crypto: algifhash - fix double free in hashaccept bsc1245218 CVE-2025-38083: netsched: prio: fix a race in priotune bsc1245350 CVE-2025-38494: HID: core: do not bypass hidhwrawrequest bsc1247350...
Security update for javamail
This update for javamail fixes the following issues: Update to version 1.6.2 CVE-2025-7962: Fixed an improper neutralization of \r and \n UTF-8 characters can lead to SMTP injection bsc1246873 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for tomcat
This update for tomcat fixes the following issues: Updated to 9.0.108: CVE-2025-52520: Fixed integer overflow can lead to DoS for some unlikely configurations of multipart upload bsc1246388 CVE-2025-53506: Fixed uncontrolled resource HTTP/2 client consumption vulnerability bsc1246318...
Security update for jbigkit
This update for jbigkit fixes the following issues: CVE-2022-1210: Malicious file leads to a denial of service in TIFF File Handler bsc1198146. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you...
Security update for postgresql14
This update for postgresql14 fixes the following issues: Upgrade to 14.19: CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table bsc1248120. CVE-2025-8714: untrusted data inclusion in pgdump lets superuser of origin server execute arbitrary code in...
Security update for postgresql15
This update for postgresql15 fixes the following issues: Upgrade to 15.14: CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table bsc1248120. CVE-2025-8714: untrusted data inclusion in pgdump lets superuser of origin server execute arbitrary code in...
Security update for udisks2
This update for udisks2 fixes the following issues: CVE-2025-8067: Fixed missing bounds check can lead to out-of-bounds read in udisks daemon bsc1248502 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for libxslt
This update for libxslt fixes the following issues: CVE-2025-7424: Type confusion in xmlNode.psvi between stylesheet and source nodes bsc1246360 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively yo...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP7 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2019-11135: enabled CONFIGX86INTELTSXMODEAUTO bsc1139073, bsc1246695. CVE-2024-36028: mm/hugetlb: fix DEBUGLOCKSWARNON1 when dissolvefreehugetlbfolio...
Security update for tomcat10
This update for tomcat10 fixes the following issues: Updated to Tomcat 10.1.44: CVE-2025-48989: Fixed "MadeYouReset" DoS in HTTP/2 due to client triggered stream reset bsc1243895 Other fixes: Catalina Fix: Fix bloom filter population for archive indexing when using a packed WAR containing one or...
Security update for postgresql16
This update for postgresql16 fixes the following issues: Upgraded to 16.10: CVE-2025-8713: Fixed optimizer statistics exposing sampled data within a view, partition, or child table bsc1248120 CVE-2025-8714: Fixed untrusted data inclusion in pgdump allows superuser of origin server to execute...
Security update for postgresql15
This update for postgresql15 fixes the following issues: Upgrade to 15.14: CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table bsc1248120. CVE-2025-8714: untrusted data inclusion in pgdump lets superuser of origin server execute arbitrary code in...
Security update for postgresql13
This update for postgresql13 fixes the following issues: Upgrade to 13.22: CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table bsc1248120. CVE-2025-8714: untrusted data inclusion in pgdump lets superuser of origin server execute arbitrary code in...
Security update for ignition
This update for ignition fixes the following issues: CVE-2022-28948: Fixed an issue during unmarshaling in Go-Yaml v3 can lead to DoS via invalid input bsc1248548 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for postgresql17
This update for postgresql17 fixes the following issues: Updated to 17.6: CVE-2025-8713: Fixed optimizer statistics exposing sampled data within a view, partition, or child table bsc1248120 CVE-2025-8714: Fixed untrusted data inclusion in pgdump allows superuser of origin server to execute...
Security update for libxml2
This update for libxml2 fixes the following issues: CVE-2025-6021: Integer Overflow in xmlBuildQName Leads to Stack Buffer Overflow in libxml2 bsc1244580 CVE-2025-6170: stack buffer overflow may lead to a crash bsc1244700 CVE-2025-7425: Heap Use-After-Free in libxslt caused by atype corruption in...
Security update for postgresql17
This update for postgresql17 fixes the following issues: Updated to 17.6: CVE-2025-8713: Fixed optimizer statistics exposing sampled data within a view, partition, or child table bsc1248120 CVE-2025-8714: Fixed untrusted data inclusion in pgdump allows superuser of origin server to execute...
Security update for python311
This update for python311 fixes the following issues: CVE-2025-8194: Fixed denial of service caused by tar archives with negative offsets bsc1247249. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternative...
Security update for python36
This update for python36 fixes the following issues: CVE-2025-8194: Fixed denial of service caused by tar archives with negative offsets bsc1247249. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternativel...
Security update for tomcat10
This update for tomcat10 fixes the following issues: Updated to Tomcat 10.1.43i: - CVE-2025-52520: Fixed integer overflow can lead to DoS for some unlikely configurations of multipart upload bsc1246388 - CVE-2025-53506: Fixed uncontrolled resource HTTP/2 client consumption vulnerability...
Security update for the Linux Kernel
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2019-11135: TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may CVE-2024-36028: mm/hugetlb: fix DEBUGLOCKSWARNON1 when...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_5
This update for kernel-livepatch-MICRO-6-0-RTUpdate5 fixes the following issues: CVE-2025-37752: netsched: schsfq: move the limit validation bsc1245776 CVE-2025-37797: netsched: hfsc: Fix a UAF vulnerability in class handling bsc1245793 CVE-2025-21702: pfifotailenqueue: Drop new packet when...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_3
This update for kernel-livepatch-MICRO-6-0-RTUpdate3 fixes the following issues: CVE-2024-56664: bpf, sockmap: fix race between element replace and close bsc1235250 CVE-2025-37752: netsched: schsfq: move the limit validation bsc1245776 CVE-2025-37797: netsched: hfsc: Fix a UAF vulnerability in...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_2
This update for kernel-livepatch-MICRO-6-0-RTUpdate2 fixes the following issues: CVE-2024-56664: bpf, sockmap: fix race between element replace and close bsc1235250 CVE-2025-37752: netsched: schsfq: move the limit validation bsc1245776 CVE-2025-37797: netsched: hfsc: Fix a UAF vulnerability in...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_4
This update for kernel-livepatch-MICRO-6-0-RTUpdate4 fixes the following issues: CVE-2024-56664: bpf, sockmap: fix race between element replace and close bsc1235250 CVE-2025-37752: netsched: schsfq: move the limit validation bsc1245776 CVE-2025-37797: netsched: hfsc: Fix a UAF vulnerability in...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_4
This update for kernel-livepatch-MICRO-6-0-RTUpdate4 fixes the following issues: CVE-2024-56664: bpf, sockmap: fix race between element replace and close bsc1235250 CVE-2025-37752: netsched: schsfq: move the limit validation bsc1245776 CVE-2025-37797: netsched: hfsc: Fix a UAF vulnerability in...