5387 matches found
Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: CVE-2025-24201: Fixed out-of-bounds write vulnerability due to that WebGL context primitive restart can be toggled from WebContent process bsc1239547. Patch Instructions: To install this SUSE update use the SUSE recommended installation...
Security update for gstreamer-plugins-base
This update for gstreamer-plugins-base fixes the following issues: CVE-2024-47538: Fixed a stack-buffer overflow in vorbishandleidentificationpacket bsc1234415. CVE-2024-47835: Fixed NULL-pointer dereference in LRC subtitle parser bsc1234450. CVE-2024-47600: Fixed Out-of-bounds read in...
Security update for the Linux Kernel (Live Patch 34 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024144 fixes one issue. The following security issue was fixed: CVE-2024-56648: net: hsr: avoid potential out-of-bound access in fillframeinfo bsc1235452. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods li...
Security update for the Linux Kernel (Live Patch 33 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024141 fixes several issues. The following security issues were fixed: CVE-2024-56648: net: hsr: avoid potential out-of-bound access in fillframeinfo bsc1235452. CVE-2024-50302: HID: core: zero-initialize the report buffer bsc1233679. Patch...
Security update for erlang
This update for erlang fixes the following issues: CVE-2025-26618: Fixed SSH SFTP packet size not verified properly in Erlang OTP bsc1237467. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you c...
Security update for the Linux Kernel (Live Patch 58 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122222 fixes several issues. The following security issues were fixed: CVE-2024-46818: drm/amd/display: Check gpioid before used as array index bsc1231204. CVE-2024-50302: HID: core: zero-initialize the report buffer bsc1233679. CVE-2022-48792: scsi: pm800...
Security update for the Linux Kernel RT (Live Patch 7 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506001023 fixes one issue. The following security issue was fixed: CVE-2024-56648: net: hsr: avoid potential out-of-bound access in fillframeinfo bsc1235452. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like...
Security update for python312
This update for python312 fixes the following issues: CVE-2025-1795: Fixed mishandling of comma during folding and unicode-encoding of email headers bsc1238450. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for google-cloud-sap-agent
This update for google-cloud-sap-agent fixes the following issues: CVE-2025-22868: golang.org/x/oauth2/jws: Fixed unexpected memory consumption during token parsing bsc1239197 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for google-cloud-sap-agent
This update for google-cloud-sap-agent fixes the following issues: CVE-2025-22868: golang.org/x/oauth2/jws: Fixed unexpected memory consumption during token parsing bsc1239197 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for amazon-ssm-agent
This update for amazon-ssm-agent fixes the following issues: CVE-2025-22870: golang.org/x/net/proxy: Fixed proxy bypass using IPv6 zone IDs bsc1238702 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for google-guest-agent
This update for google-guest-agent fixes the following issues: CVE-2025-22868: golang.org/x/oauth2/jws: Fixed unexpected memory consumption during token parsing bsc1239197 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypp...
Security update for subversion
This update for subversion fixes the following issues: CVE-2024-46901: Fixed moddavsvn denial-of-service via control characters in paths bsc1234317 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...
Security update for python
This update for python fixes the following issues: CVE-2024-11168: Fixed improper validation of IPv6 and IPvFuture addresses bsc1233307. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can ru...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2021-47633: ath5k: fix OOB in ath5keepromreadpcalinfo5111 bsc1237768. CVE-2022-49080: mm/mempolicy: fix mpolnew leak in sharedpolicyreplace bsc1238033...
Security update for ffmpeg-4
This update for ffmpeg-4 fixes the following issues: CVE-2025-22921: Fixed segmentation violation in NULL pointer dereference via the component /libavcodec/jpeg2000dec.c bsc1237382. CVE-2025-25473: Fixed memory leak in avformatfreecontext bsc1237351. CVE-2025-0518: Fixed unchecked sscanf return...
Security update for google-osconfig-agent
This update for google-osconfig-agent fixes the following issues: CVE-2025-22868: golang.org/x/oauth2/jws: Fixed unexpected memory consumption during token parsing bsc1239197 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issues: Updated to Mozilla Thunderbird 128.8 MFSA 2025-18 bsc1237683: CVE-2024-43097: Overflow when growing an SkRegion's RunArray CVE-2025-1930: AudioIPC StreamData could trigger a use-after-free in the Browser process CVE-2025-1931:...
Security update for podman
This update for podman fixes the following issues: CVE-2025-27144: Fixed gopkg.in/square/go-jose.v2,gopkg.in/go-jose/go-jose.v2,github.com/go-jose/go-jose/v4,github.com/go-jose/go-jose/v3: Go JOSE's Parsing Vulnerable to Denial of Service bsc1237641: CVE-2024-11218: Fixed...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-49080: mm/mempolicy: fix mpolnew leak in sharedpolicyreplace bsc1238033. CVE-2024-53135: KVM: VMX: Bury Intel PT virtualization guest/host mode behind...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-36280: Fixed out-of-bounds memory access vulnerability found in vmwgfx driver bsc1203332. CVE-2022-48742: rtnetlink: make sure to refresh masterdev/mops in...
Security update for libxkbfile
This update for libxkbfile fixes the following issues: CVE-2025-26595: Fixed buffer overflow in XkbVModMaskText bsc1237429. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command...
Security update for python
This update for python fixes the following issues: Reference to no longer used 'bracketedhost' variable in the fix for CVE-2025-0938 bsc1236705, bsc1223694. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for buildah
This update for buildah fixes the following issues: CVE-2025-27144: Fixed denial of service in parsing function of embedded library Go JOSE bsc1237681 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for openssl-3
This update for openssl-3 fixes the following issues: CVE-2024-13176: Fixed timing side-channel in the ECDSA signature computationbsc1236136. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you c...
Security update for gstreamer-plugins-base
This update for gstreamer-plugins-base fixes the following issues: CVE-2024-47538: Fixed stack-buffer overflow in vorbishandleidentificationpacket bsc1234415. CVE-2024-47835: Fixed NULL-pointer dereference in LRC subtitle parser bsc1234450. CVE-2024-47600: Fixed Out-of-bounds read in...
Security update for podman
This update for podman fixes the following issues: CVE-2025-27144: Fixed denial of service in parsing function of embedded library Go JOSE bsc1237641 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternative...
Security update for podman
This update for podman fixes the following issues: CVE-2025-27144: Fixed denial of service in parsing function of embedded library Go JOSE bsc1237641 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternative...
Security update for docker
This update for docker fixes the following issues: Update to Docker 27.5.1-ce bsc1237335: CVE-2024-29018: External DNS requests from 'internal' networks could lead to data exfiltration bsc1234089. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like...
Security update for gnutls
This update for gnutls fixes the following issues: CVE-2024-12243: quadratic complexity of DER input decoding in libtasn1 can lead to a DoS bsc1236974. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for libX11
This update for libX11 fixes the following issues: CVE-2025-26597: improper resizing of key actions when nGroups is 0 can lead to buffer overflows in XkbChangeTypesOfKey bsc1237431. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdat...
Security update for libxml2
This update for libxml2 fixes the following issues: CVE-2024-56171: use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c bsc1237363. CVE-2025-24928: stack-based buffer overflow in xmlSnprintfElements in valid.c bsc1237370. CVE-2025-27113: NULL pointer...
Security update for libxml2
This update for libxml2 fixes the following issues: CVE-2024-56171: use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c bsc1237363. CVE-2025-24928: stack-based buffer overflow in xmlSnprintfElements in valid.c bsc1237370. CVE-2025-27113: NULL pointer...
Security update for procps
This update for procps fixes the following issues: Integer overflow due to incomplete fix for CVE-2023-4016 can lead to segmentation fault in ps command when pid argument has a leading space bsc1236842, bsc1214290. Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for xwayland
This update for xwayland fixes the following issues: CVE-2025-26594: Use-after-free of the root cursor bsc1237427. CVE-2025-26595: Buffer overflow in XkbVModMaskText bsc1237429. CVE-2025-26596: Heap overflow in XkbWriteKeySyms bsc1237430. CVE-2025-26597: Buffer overflow in XkbChangeTypesOfKey...
Security update for gnutls
This update for gnutls fixes the following issues: CVE-2024-12243: quadratic complexity of DER input decoding in libtasn1 can lead to a DoS bsc1236974. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for gnutls
This update for gnutls fixes the following issues: CVE-2024-12243: quadratic complexity of DER input decoding in libtasn1 can lead to a DoS bsc1236974. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for kernel-firmware
This update for kernel-firmware fixes the following issues: Update to version 20241128 git commit ea71da6f0690: i915: Update Xe2LPD DMC to v2.24 cirrus: cs35l56: Add firmware for Cirrus CS35L56 for various Dell laptops iwlwifi: add Bz-gf FW for core89-91 release amdgpu: update smu 13.0.10 firmwar...
Security update for procps
This update for procps fixes the following issues: Integer overflow due to incomplete fix for CVE-2023-4016 can lead to segmentation fault in ps command when pid argument has a leading space bsc1236842, bsc1214290. Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for vim
This update for vim fixes the following issues: Update to version 9.1.1101: CVE-2024-43790: possible out-of-bounds read when performing a search command bsc1229685. CVE-2024-43802: heap buffer overflow due to incorrect flushing of the typeahead buffer bsc1229822. CVE-2024-45306: heap buffer...
Security update for pam_pkcs11
This update for pampkcs11 fixes the following issues: CVE-2025-24531: Fixed regression in version 0.6.12 returning PAMIGNORE in many situations with possible authentication bypass bsc1236314. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for kernel-firmware
This update for kernel-firmware fixes the following issues: Update to version 20241128 git commit ea71da6f0690: i915: Update Xe2LPD DMC to v2.24 cirrus: cs35l56: Add firmware for Cirrus CS35L56 for various Dell laptops iwlwifi: add Bz-gf FW for core89-91 release amdgpu: update smu 13.0.10 firmwar...
Security update for pam_pkcs11
This update for pampkcs11 fixes the following issues: CVE-2025-24032: default value for certpolicy none allows for authentication bypass bsc1237062. CVE-2025-24031: uninitialized pointer dereference caused by user pressing ctrl-c/ctrl-d when asked for PIN leads to crash bsc1237058. Patch...
Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024119 fixes several issues. The following security issues were fixed: CVE-2024-35789: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes bsc1227320. CVE-2024-40956: dmaengine: idxd: Fix possible Use-After-Free in irqprocessworklist...
Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: Update to version 2.46.6 bsc1236946: CVE-2025-24143: A maliciously crafted webpage may be able to fingerprint the user. CVE-2025-24150: Copying a URL from Web Inspector may lead to command injection. CVE-2025-24158: Processing web content ma...
Security update for pam_pkcs11
This update for pampkcs11 fixes the following issues: CVE-2025-24032: default value for certpolicy none allows for authentication bypass bsc1237062. CVE-2025-24031: uninitialized pointer dereference caused by user pressing ctrl-c/ctrl-d when asked for PIN leads to crash bsc1237058. Patch...
Security update for the Linux Kernel (Live Patch 56 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122216 fixes several issues. The following security issues were fixed: CVE-2024-35789: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes bsc1227320. CVE-2021-47511: ALSA: pcm: oss: fix negative period/buffer sizes bsc1227700. CVE-2024-5310...
Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506008 fixes several issues. The following security issues were fixed: CVE-2024-35789: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes bsc1227320. CVE-2024-40956: dmaengine: idxd: Fix possible Use-After-Free in irqprocessworklist...
Security update for grafana
This update for grafana fixes the following issues: grafana was updated from version 10.4.13 to 10.4.15: Security issues fixed: CVE-2024-45339: Fixed vulnerability when creating log files bsc1236559 CVE-2024-11741: Fixed the Grafana Alerting VictorOps integration bsc1236734 CVE-2025-21613: Remove...
Security update for openssl-1_1
This update for openssl-11 fixes the following issues: CVE-2024-13176: Fixed timing side-channel in the ECDSA signature computation bsc1236136. Other bugfixes: Non approved PBKDF parameters wrongly resulting as approved bsc1236771. Patch Instructions: To install this SUSE update use the SUSE...