Security update for ignition

This update for ignition fixes the following issues: CVE-2025-22868: golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2 bsc1239192. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate ...

Security update for nodejs20

This update for nodejs20 fixes the following issues: Update to 20.19.2: CVE-2025-23166: improper error handling in async cryptographic operations crashes process bsc1243218. CVE-2025-23167: improper HTTP header block termination in llhttp bsc1243220. CVE-2025-23165: add missing call to...

Security update for libblockdev

This update for libblockdev fixes the following issues: CVE-2025-6019: Suppress privilege escalation during xfs fs resize bsc1243285. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run t...

Security update for openssl-3

This update for openssl-3 fixes the following issues: CVE-2025-27587: timing side-channel vulnerability in the P-384 implementation when used with ECDSA bsc1243459. CVE-2024-12797: Fixed that RFC7250 handshakes with unauthenticated servers don't abort as expected. bsc1236599 CVE-2024-13176: Fixed...

Security update for nodejs20

This update for nodejs20 fixes the following issues: Update to 20.19.2: CVE-2025-23166: improper error handling in async cryptographic operations crashes process bsc1243218. CVE-2025-23167: improper HTTP header block termination in llhttp bsc1243220. CVE-2025-23165: add missing call to...

Security update for ghc-pandoc

This update for ghc-pandoc fixes the following issues: CVE-2024-38526: Fixed Polyfill Supply Chain Attack bsc1227690. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command liste...

Security update for ignition

This update for ignition fixes the following issues: CVE-2025-22868: golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2 bsc1239192. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate ...

Security update for apache2-mod_security2

This update for apache2-modsecurity2 fixes the following issues: CVE-2025-47947: Fixed denial of service through sanitiseMatchedBytes bsc1243978. CVE-2025-48866: Fixed denial of service via excessive number of arguments in sanitiseArg bsc1243976. Patch Instructions: To install this SUSE update us...

Security update for apache2-mod_security2

This update for apache2-modsecurity2 fixes the following issues: CVE-2025-47947: Fixed denial of service through sanitiseMatchedBytes bsc1243978. CVE-2025-48866: Fixed denial of service via excessive number of arguments in sanitiseArg bsc1243976. Patch Instructions: To install this SUSE update us...

Security update for pam

This update for pam fixes the following issues: CVE-2025-6020: pamnamespace: convert functions that may operate on a user-controlled path to operate on file descriptors instead of absolute path. And keep the bind-mount protection from protectmount as a defense in depthmeasure. bsc1244509 Patch...

Security update for gstreamer-plugins-base

This update for gstreamer-plugins-base fixes the following issues: CVE-2024-47538: Fixed stack-buffer overflow in vorbishandleidentificationpacket bnc1234415 CVE-2024-47600: Fixed out-of-bounds read in gst-discoverer-1.0 commandline tool bnc1234453 CVE-2024-47615: Fixed out-of-bounds write in Ogg...

Security update for s390-tools

This update for s390-tools fixes the following issues: Security issues fixed: CVE-2025-3416: Fixed Use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate. bsc1242622 Other issues: Added the new IBM z17 9175 processor type. Patch Instructions: To install this SUSE update use the SUSE...

Security update for gdm

This update for gdm fixes the following issues: CVE-2025-6018: pam.d: removes pamenv from auth stack for security reason bsc1243226. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run th...

Security update for pam

This update for pam fixes the following issues: CVE-2025-6018: pamenv: Change the default to not read the user .pamenvironment file bsc1243226. CVE-2025-6020: pamnamespace: convert functions that may operate on a user-controlled path to operate on file descriptors instead of absolute path...

Security update for redis

This update for redis fixes the following issues: CVE-2025-21605: output buffer denial of service bsc1241708. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for yo...

Security update for gdm

This update for gdm fixes the following issues: CVE-2025-6018: Removes pamenv from auth stack for security reason bsc1243226. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the comma...

Security update for gdm

This update for gdm fixes the following issues: CVE-2025-6018: Removes pamenv from auth stack for security reason bsc1243226. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the comma...

Security update for gdm

This update for gdm fixes the following issues: CVE-2025-6018: pam.d: removes pamenv from auth stack for security reason bsc1243226. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run th...

Security update for pam

This update for pam fixes the following issues: CVE-2025-6018: pamenv: Change the default to not read the user .pamenvironment file bsc1243226. pamnamespace: convert functions that may operate on a user-controlled path to operate on file descriptors instead of absolute path bsc1244509. Patch...

Security update for libblockdev

This update for libblockdev fixes the following issues: CVE-2025-6019: Suppress privilege escalation during xfs fs resize bsc1243226 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run th...

Security update for libblockdev

This update for libblockdev fixes the following issues: CVE-2025-6019: Suppress privilege escalation during xfs fs resize bsc1243226 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run th...

Security update for python3-requests

This update for python3-requests fixes the following issues: CVE-2024-47081: fixes netrc credential leak bsc1244039. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed...

Maintenance update for Multi-Linux Manager 4.3 Release Notes Release Notes

This update fixes the following issues: release-notes-susemanager: Update to SUSE Manager 4.3.15.2 SUSE Manager 4.3 will transition to LTS after June 2025 CVE Fixed CVE-2023-45288, CVE-2024-11741, CVE-2024-45337, CVE-2024-45339 CVE-2024-51744, CVE-2024-9264, CVE-2024-9476, CVE-2025-22870...

Security update for the Linux Kernel

This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE update use the SUSE...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-52927: netfilter: allow exp not to be removed in nfctfindexpectation bsc1239644. CVE-2024-28956: x86/ibt: Keep IBT disabled during alternative patching...

Security update for python-Django

This update for python-Django fixes the following issues: CVE-2025-48432: log injection or forgery due to unescaped control characters being added into logs bsc1244095. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

Security update for openssl-3

This update for openssl-3 fixes the following issues: CVE-2025-27587: Fixed Minerva side channel vulnerability in P-384 bsc1240366 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...

Security update for kubernetes1.23

This update for kubernetes1.23 fixes the following issues: CVE-2025-22872: Properly handle trailing solidus in unquoted attribute value in foreign content bsc1241865. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

Security update for libcryptopp

This update for libcryptopp fixes the following issues: CVE-2024-28285: Fixed potential leak of secret key of ElGamal encryption via fault injection bscbsc1224280. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch...

Security update for audiofile

This update for audiofile fixes the following issues: CVE-2019-13147: Fixed NULL pointer dereference in ulaw2linearbuf that could lead to DOS bsc1140031. CVE-2022-24599: unverified user input when processing audio files can lead to information leak bsc1196487. Patch Instructions: To install this...

Security update for systemd

This update for systemd fixes the following issues: coredump: use %d in kernel core pattern CVE-2025-4598 Revert "macro: terminate the temporary VAARGSFOREACH array with a sentinel" SUSE specific umount: do not move busy network mounts bsc1236177 man/pstore.conf: pstore.conf template is not alway...

Security update for wget

This update for wget fixes the following issues: CVE-2024-10524: Dropped support for shorthand URLs that enabled SSRF attacks bsc1233773. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can r...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 Confidential Computing kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-52927: netfilter: allow exp not to be removed in nfctfindexpectation bsc1239644. CVE-2024-28956: x86/ibt: Keep IBT disabled during...

Security update for the Linux Kernel (Live Patch 51 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059185 fixes several issues. The following security issues were fixed: CVE-2022-49080: mm/mempolicy: fix mpolnew leak in sharedpolicyreplace bsc1238324. CVE-2024-57996: netsched: schsfq: do not allow 1 packet limit bsc1239077. Patch Instructions: To...

Security update for augeas

This update for augeas fixes the following issues: CVE-2025-2588: Fixed NULL pointer dereference when calling recaseexpand in function faexpandnocase bsc1239909 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

Security update for perl-Crypt-OpenSSL-RSA

This update for perl-Crypt-OpenSSL-RSA fixes the following issues: CVE-2024-2467: Side-channel attack in PKCS1 v1.5 padding mode Marvin Attack bsc1221446 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

Security update for perl-YAML-LibYAML

This update for perl-YAML-LibYAML fixes the following issues: CVE-2025-40908: YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified bsc1243902 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

Security update for perl-Crypt-OpenSSL-RSA

This update for perl-Crypt-OpenSSL-RSA fixes the following issues: CVE-2024-2467: Side-channel attack in PKCS1 v1.5 padding mode Marvin Attack bsc1221446 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

Security update for python3

This update for python3 fixes the following issues: CVE-2025-4516: use-after-free in the unicode-escape decoder when using the error handler bsc1243273. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

Security update for the Linux Kernel (Live Patch 20 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005583 fixes several issues. The following security issues were fixed: CVE-2022-49080: mm/mempolicy: fix mpolnew leak in sharedpolicyreplace bsc1238324. CVE-2024-49855: nbd: fix race between timeout and normal completion bsc1232900. CVE-2024-58013:...

Security update for kernel-livepatch-MICRO-6-0_Update_2

This update for kernel-livepatch-MICRO-6-0Update2 fixes the following issues: CVE-2024-49855: nbd: fix race between timeout and normal completion bsc1232900 CVE-2025-21680: pktgen: avoid out-of-bounds access in getimixentries bsc1236701 CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free Rea...

Security update for kernel-livepatch-MICRO-6-0_Update_2

This update for kernel-livepatch-MICRO-6-0Update2 fixes the following issues: CVE-2024-49855: nbd: fix race between timeout and normal completion bsc1232900 CVE-2025-21680: pktgen: avoid out-of-bounds access in getimixentries bsc1236701 CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free Rea...

Security update for kernel-livepatch-MICRO-6-0-RT_Update_3

This update for kernel-livepatch-MICRO-6-0-RTUpdate3 fixes the following issues: CVE-2024-49855: nbd: fix race between timeout and normal completion bsc1232900 CVE-2025-21680: pktgen: avoid out-of-bounds access in getimixentries bsc1236701 CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free...

Security update for go1.23

This update for go1.23 fixes the following issues: go1.23.10 released 2025-06-05 includes security fixes to the /http and os packages, as well as bug fixes to the linker. bsc1229122 go1.23 release tracking CVE-2025-0913 CVE-2025-4673 CVE-2025-0913: os: inconsistent handling of OCREATE|OEXCL on Un...

Security update for the Linux Kernel (Live Patch 57 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122219 fixes several issues. The following security issues were fixed: CVE-2022-49080: mm/mempolicy: fix mpolnew leak in sharedpolicyreplace bsc1238324. CVE-2024-57996: netsched: schsfq: do not allow 1 packet limit bsc1239077. Patch Instructions: To instal...

Security update for the Linux Kernel RT (Live Patch 9 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506001029 fixes one issue. The following security issue was fixed: CVE-2024-57996: netsched: schsfq: do not allow 1 packet limit bsc1239077. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate...

Security update for the Linux Kernel RT (Live Patch 7 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506001023 fixes several issues. The following security issues were fixed: CVE-2025-21680: pktgen: Avoid out-of-bounds access in getimixentries bsc1236701. CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmtremoveadvmonitorsync bsc1239096...

Security update for iputils

This update for iputils fixes the following issues: CVE-2025-47268: Fixed integer overflow in RTT calculation can lead to undefined behavior bsc1242300 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

Security update for transfig

This update for transfig fixes the following issues: Update to fig2dev version 3.2.9a CVE-2025-31162: Fixed a floating point exception in fig2dev in getslope function bsc1240380. CVE-2025-31163: Fixed a segmentation fault in fig2dev in putpatternarc function bsc1240381. CVE-2025-31164: Fixed a he...

Security update for libraw

This update for libraw fixes the following issues: CVE-2025-43961: Fixed out-of-bounds read in the Fujifilm 0xf00c tag parser in metadata/tiff.cpp bsc1241643 CVE-2025-43962: Fixed out-of-bounds read when tag 0x412 processing in phaseonecorrect function bsc1241585 CVE-2025-43963: Fixed out-of-buff...