5280 matches found
Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-150600105 fixes several issues. The following security issues were fixed: CVE-2024-40921: net: bridge: mst: pass vlan group directly to brmstvlansetstate bsc1227784. CVE-2024-40920: net: bridge: mst: fix suspicious rcu usage in brmstsetstate bsc1227781...
Security update for the Linux Kernel (Live Patch 23 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024108 fixes several issues. The following security issues were fixed: CVE-2024-36971: Fixed dstnegativeadvice race bsc1226324. CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956: ipv...
Security update for the Linux Kernel (Live Patch 25 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024116 fixes several issues. The following security issues were fixed: CVE-2024-36971: Fixed dstnegativeadvice race bsc1226324. CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956: ipv...
Security update for the Linux Kernel (Live Patch 43 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059158 fixes several issues. The following security issues were fixed: CVE-2024-36971: Fixed dstnegativeadvice race bsc1226324. CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956: ipv6...
Security update for the Linux Kernel (Live Patch 44 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059161 fixes several issues. The following security issues were fixed: CVE-2024-36971: Fixed dstnegativeadvice race bsc1226324. CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956: ipv6...
Security update for nodejs20
This update for nodejs20 fixes the following issues: Update to 20.18.2: CVE-2025-23083: Fixed worker permission bypass via InternalWorker leak in diagnostics bsc1236251 CVE-2025-23085: Fixed HTTP2 memory leak on premature close and ERRPROTO bsc1236250 CVE-2025-22150: Fixed insufficiently random...
Security update for nodejs20
This update for nodejs20 fixes the following issues: Update to 20.18.2: CVE-2025-23083: Fixed worker permission bypass via InternalWorker leak in diagnostics bsc1236251 CVE-2025-23085: Fixed HTTP2 memory leak on premature close and ERRPROTO bsc1236250 CVE-2025-22150: Fixed insufficiently random...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-49035: media: s5pcec: limit msg.len to CECMAXMSGSIZE bsc1215304. CVE-2024-53146: NFSD: Prevent a potential integer overflow bsc1234853. CVE-2024-53156: wif...
Security update for docker-stable
This update for docker-stable fixes the following issues: CVE-2024-29018: Fixed external DNS request handling from 'internal' networks that could have led to data exfiltration bsc1234089. CVE-2024-23650: Fixed possibile BuildKit daemon crash via malicious BuildKit client or frontend request...
Security update for redis7
This update for redis7 fixes the following issues: CVE-2024-51741: Fixed a bug where malformed ACL selectors can trigger a server panic when accessed. bsc1235386 CVE-2024-46981: Fixed a bug where lua scripts can be used to manipulate the garbage collector, leading to remote code execution...
Security update for rsync
This update for rsync fixes the following issues: CVE-2024-12085: leak of uninitialized stack data on the server leading to possible ASLR bypass. bsc1234101 CVE-2024-12086: leak of a client machine's file contents through the processing of checksum data. bsc1234102 CVE-2024-12087: arbitrary file...
Security update for rsync
This update for rsync fixes the following issues: CVE-2024-12084: heap buffer overflow in checksum parsing. bsc1234100 CVE-2024-12085: leak of uninitialized stack data on the server leading to possible ASLR bypass. bsc1234101 CVE-2024-12086: leak of a client machine's file contents through the...
Security update for the Linux Kernel
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2017-14051: scsi/qla2xxx: Fix an integer overflow in sysfs code. bsc1056588 CVE-2024-53146: NFSD: Prevent a potential integer overflow bsc1234853. CVE-2024-53156:...
Security update for apache2-mod_jk
This update for apache2-modjk fixes the following issues: Update to version 1.2.50: CVE-2024-46544: Fixed incorrect default permissions vulnerabilitymay that could lead to information disclosure and/or denial of service. bsc1230916 Patch Instructions: To install this SUSE update use the SUSE...
Security update for rsync
This update for rsync fixes the following issues: NOTE: This update was retracted due to a buggy security fix. A followup update will be provided. CVE-2024-12085: leak of uninitialized stack data on the server leading to possible ASLR bypass. bsc1234101 CVE-2024-12086: leak of a client machine's...
Security update for rsync
This update for rsync fixes the following issues: NOTE: This update was retracted as one of the fixes was broken. A new update will be issued. CVE-2024-12085: leak of uninitialized stack data on the server leading to possible ASLR bypass. bsc1234101 CVE-2024-12086: leak of a client machine's file...
Security update for rsync
This update for rsync fixes the following issues: NOTE: this update is broken and was retracted. New update will be published as followup update. CVE-2024-12084: heap buffer overflow in checksum parsing. bsc1234100 CVE-2024-12085: leak of uninitialized stack data on the server leading to possible...
Security update for dnsmasq
This update for dnsmasq fixes the following issues: Version update to 2.90: CVE-2023-50387: Fixed a Denial Of Service while trying to validate specially crafted DNSSEC responses. bsc1219823 CVE-2023-50868: Fixed a Denial Of Service while trying to validate specially crafted DNSSEC responses...
Security update for rsync
This update for rsync fixes the following issues: CVE-2024-12085: leak of uninitialized stack data on the server leading to possible ASLR bypass. bsc1234101 CVE-2024-12086: leak of a client machine's file contents through the processing of checksum data. bsc1234102 CVE-2024-12087: arbitrary file...
Security update for rsync
This update for rsync fixes the following issues: CVE-2024-12085: leak of uninitialized stack data on the server leading to possible ASLR bypass. bsc1234101 CVE-2024-12086: leak of a client machine's file contents through the processing of checksum data. bsc1234102 CVE-2024-12087: arbitrary file...
Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: Update to version 2.46.5 bsc1234851: Security fixes: CVE-2024-54479: Processing maliciously crafted web content may lead to an unexpected process crash CVE-2024-54502: Processing maliciously crafted web content may lead to an unexpected...
Security update for the Linux Kernel (Live Patch 54 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122201 fixes several issues. The following security issues were fixed: CVE-2022-48686: Fixed UAF when detecting digest errors bsc1226337. CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956...
Security update for the Linux Kernel (Live Patch 59 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122225 fixes several issues. The following security issues were fixed: CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1232637...
Security update for redis
This update for redis fixes the following issues: CVE-2024-31228: Prevent unbounded recursive pattern matching. bsc1231265 CVE-2024-31449: Fixed an integer overflow bug in Lua bittohex. bsc1231264 CVE-2024-46981: Fixed a bug where lua scripts can be used to manipulate the garbage collector, leadi...
Security update for dnsmasq
This update for dnsmasq fixes the following issues: Version update to 2.90: CVE-2023-50387: Fixed a Denial Of Service while trying to validate specially crafted DNSSEC responses. bsc1219823 CVE-2023-50868: Fixed a Denial Of Service while trying to validate specially crafted DNSSEC responses...
Security update for apptainer
This update for apptainer fixes the following issues: Update to version 1.3.6 CVE-2024-28180: Fixed an improper handling of highly compressed data in go-jose. bsc1235211 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: Update to version 2.46.5 bsc1234851: Security fixes: CVE-2024-54479: Processing maliciously crafted web content may lead to an unexpected process crash CVE-2024-54502: Processing maliciously crafted web content may lead to an unexpected...
Security update for openjpeg2
This update for openjpeg2 fixes the following issues: CVE-2024-56826: Fixed heap buffer overflow in bin/common/color.c bsc1235029 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for the Linux Kernel
The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The Linux Enterprise 12 SP5 kernel turned LTSS Extended Security The following security bugs were fixed: CVE-2021-46936: Fixed use-after-free in twtimerhandler bsc1220439. CVE-2021-47163: kABI fix for tipc:...
Security update for sysstat
This update for sysstat fixes the following issues: CVE-2023-33204: Fixed a multiplication integer overflow in checkoverflow in common.c bsc1211507 CVE-2022-39377: Fixed arithmetic overflow in allocatestructures bsc1205224 Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for pcp
This update for pcp fixes the following issues: Upgrade to 6.2.0 bsc1217826 / PED8192: CVE-2024-45770: Fixed symlink race bsc1230552. CVE-2024-45769: Fixed pmstore corruption bsc1230551 CVE-2023-6917: Fixed local privilege escalation from pcp user to root bsc1217826. Bug fixes: Reintroduce libuv...
Security update for grpc
This update for grpc fixes the following issues: CVE-2024-7246: HPACK table poisoning by gRPC clients communicating with a HTTP/2 proxy. bsc1228919 CVE-2024-11407: data corruption on servers with transmit zero copy enabled. bsc1233821 Patch Instructions: To install this SUSE update use the SUSE...
Security update for poppler
This update for poppler fixes the following issues: CVE-2024-56378: out-of-bounds read within JBIG2Bitmap::combine, which can lead to an application crash. bsc1234795 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for python-grpcio
This update for python-grpcio fixes the following issues: CVE-2024-11407: data corruption on servers with transmit zero copy enabled. bsc1233821 CVE-2024-7246: HPACK table poisoning by gRPC clients communicating with a HTTP/2 proxy. bsc1228919 Patch Instructions: To install this SUSE update use t...
Security update for gdb
This update for gdb fixes the following issues: Mention changes in GDB 14: GDB now supports the AArch64 Scalable Matrix Extension 2 SME2, which includes a new 512 bit lookup table register named ZT0. GDB now supports the AArch64 Scalable Matrix Extension SME, which includes a new matrix register...
Security update for mozjs78
This update for mozjs78 fixes the following issues: CVE-2024-50602: Fixed DoS via XMLResumeParser bsc1232599 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for you...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 Confidential Computing kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-52778: mptcp: deal with large GSO size bsc1224948. CVE-2023-52920: bpf: support non-r10 register spill/fill to/from stack in precision...
Security update for curl
This update for curl fixes the following issues: CVE-2024-11053: Fixed password leak in curl used for the first host to the followed-to host under certain circumstances bsc1234068 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate ...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2021-47594: mptcp: never allow the PM to close a listener subflow bsc1226560. CVE-2022-48983: iouring: Fix a null-ptr-deref in iotctxexitcb bsc1231959...
Security update for the Linux Kernel
The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-48853: swiotlb: fix info leak with DMAFROMDEVICE bsc1228015. CVE-2024-26801: Bluetooth: Avoid potential use-after-free in hcierrorreset bsc1222413...
Security update for installation-images
This update updates installation-images and tftpboot images to contain the latest shim for secure boot. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your...
Security update for installation-images
This update updates installation-images and tftpboot images to contain the latest shim for secure boot. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your...
Security update for libaom, libyuv
This update for libaom, libyuv fixes the following issues: libaom was updated to version 3.7.1: Bug Fixes: aomedia:3349: heap overflow when increasing resolution aomedia:3478: GCC 12.2.0 emits a -Wstringop-overflow warning on aom/av1/encoder/motionsearchfacade.c aomedia:3489: Detect encoder and...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-52524: net: nfc: llcp: Add lock when modifying device list bsc1220927. CVE-2024-49925: fbdev: efifb: Register sysfs groups through driver core bsc1232224...
Security update for java-1_8_0-ibm
This update for java-180-ibm fixes the following issues: Updated to Java 8.0 Service Refresh 8 Fix Pack 35 with Oracle October 15 2024 CPU bsc1232064: - CVE-2024-21208: Fixed partial DoS in component Networking bsc1231702,JDK-8328286 - CVE-2024-21210: Fixed unauthorized update, insert or delete...
Security update for socat
This update for socat fixes the following issues: CVE-2024-54661: Fixed arbitrary file overwrite via predictable /tmp directory bsc1225462 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can...
Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: CVE-2024-44308: Fixed processing maliciously crafted web content that may lead to arbitrary code execution bsc1233631 CVE-2024-44309: Fixed data isolation bypass vulnerability bsc1233632 Patch Instructions: To install this SUSE update use th...
Security update for python312
This update for python312 fixes the following issues: CVE-2024-12254: Fixed unbounded memory buffering in SelectorSocketTransport.writelines bsc1234290 Other fixes: - Updated to version 3.12.8 - Remove -IVendor/ from python-config bsc1231795 Patch Instructions: To install this SUSE update use the...
Security update for python-Django
This update for python-Django fixes the following issues: CVE-2024-53907: Fixed denial-of-service in django.utils.html.striptags bsc1234232 CVE-2024-53908: Fixed SQL injection in HasKeylhs, rhs on Oracle bsc1234231 Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for the Linux Kernel (Live Patch 47 for SLE 15 SP2)
This update for the Linux Kernel 5.3.18-15020024188 fixes several issues. The following security issues were fixed: CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. CVE-2021-47600: dm btree remove: fix use afte...