Security update for cloud-regionsrv-client, python-toml

This update for cloud-regionsrv-client, python-toml contains the following fixes: cloud-regionsrv-client: - Update to 10.3.11 bsc1234050 + Send registration code for the extensions, not only base product Update to 10.3.9: bsc1234050 Send registration code for the extensions, not only base product...

Security update for the Linux Kernel

The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-35863: smb: client: fix potential UAF in isvalidoplockbreak bsc1224763. CVE-2024-53104: media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in...

Security update for brise

This update for brise fixes the following issues: CVE-2025-21613: Fixed argument injection via the URL field bsc1235573. CVE-2024-45337: Fixed authorization bypass in golang.org/x/crypto via the ServerConfig.PublicKeyCallback callback bsc1234597. Patch Instructions: To install this SUSE update us...

Security update for emacs

This update for emacs fixes the following issues: CVE-2025-1244: improper handling of custom "man" URI schemes allow for shell command injections. bsc1237091 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

Security update for emacs

This update for emacs fixes the following issues: CVE-2025-1244: improper handling of custom "man" URI schemes allow for shell command injections. bsc1237091 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

Security update for buildah

This update for buildah fixes the following issues: CVE-2023-45288: possible excessive CPU consumption due to no limit being set on the number of CONTINUATION frames read for an HTTP/2 request in golang.org/x/net/http2. bsc1236531 Patch Instructions: To install this SUSE update use the SUSE...

Security update for google-osconfig-agent

This update for google-osconfig-agent fixes the following issues: CVE-2024-45339: github.com/golang/glog: a privileged process' log file path can be easily predicted and used to overwrite other sensitive files in a system. bsc1236560 Patch Instructions: To install this SUSE update use the SUSE...

Security update for podman

This update for podman fixes the following issues: CVE-2024-6104: possible sensitive data exposure due to hashicorp/go-retryablehttp not sanitizing URLs when writing them to log files. bsc1227052 CVE-2023-45288: possible excessive CPU consumption due to no limit being set on the number of...

Security update for emacs

This update for emacs fixes the following issues: CVE-2025-1244: improper handling of custom "man" URI schemes allow for shell command injections. bsc1237091 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

Security update for ucode-intel

This update for ucode-intel fixes the following issues: Intel CPU Microcode was updated to the 20250211 release bsc1237096 CVE-2024-31068: Improper Finite State Machines FSMs in Hardware Logic for some Intel Processors may allow privileged user to potentially enable denial of service via local...

Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2021-47222: net: bridge: fix vlan tunnel dst refcnt when egressing bsc1224857. CVE-2021-47223: net: bridge: fix vlan tunnel dst null pointer dereference bsc1224856...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 Confidential Computing kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-40980: dropmonitor: replace spinlock by rawspinlock bsc1227937. CVE-2024-46858: mptcp: pm: Fix uaf in timerdeletesync bsc1231088...

Security update for SUSE Manager Client Tools

This update fixes the following issues: spacecmd was updated to version 5.0.11-0: Updated translation strings uyuni-tools was updated from version 0.1.23-0 to 0.1.27-0: Security issues fixed: CVE-2024-22037: Use podman secret to store the database credentials bsc1231497 Other changes and bugs...

Security update for unbound

This update for unbound fixes the following issues: Update to 1.22.0: Features: Add iter-scrub-ns, iter-scrub-cname and max-global-quota configuration options. Merge patch to fix for glue that is outside of zone, with harden-unverified-glue, from Karthik Umashankar Microsoft. Enabling this option...

Security update for libtasn1

This update for libtasn1 fixes the following issues: CVE-2024-12133: the processing of input DER data containing a large number of SEQUENCE OF or SET OF elements takes quadratic time to complete. bsc1236878 Patch Instructions: To install this SUSE update use the SUSE recommended installation...

Security update for SUSE Manager Client Tools

This update fixes the following issues: salt: Revert setting SELinux context for minion service bsc1233667 Removed System V init support Fix the condition of alternatives for Tumbleweed and Leap 16 Build all python bindings for all flavors Make minion reconnecting on changing master IP bsc1228182...

Security update for SUSE Manager Client Tools

This update fixes the following issues: salt: Revert setting SELinux context for minion service bsc1233667 Removed System V init support Fix the condition of alternatives for Tumbleweed and Leap 16 Build all python bindings for all flavors Make minion reconnecting on changing master IP bsc1228182...

Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005573 fixes several issues. The following security issues were fixed: CVE-2024-45016: netem: fix return value if duplicate enqueue fails bsc1230998. CVE-2022-48912: Fix use-after-free in nfregisternethook bsc1229641 CVE-2024-47684: tcp: check skb is...

Security update for podman

This update for podman fixes the following issues: CVE-2024-6104: possible sensitive data exposure due to hashicorp/go-retryablehttp not sanitizing URLs when writing them to log files. bsc1227052 CVE-2023-45288: possible excessive CPU consumption due to no limit being set on the number of...

Security update for go1.24

This update for go1.24 fixes the following issues: CVE-2025-22866: Fixed timing sidechannel for P-256 on ppc64le bsc1236801. CVE-2025-22867: Fixed arbitrary code execution during build on darwin bsc1236839. Other fixes: go1.2r42 release tracking bsc1236217 Patch Instructions: To install this SUSE...

Security update for skopeo

This update for skopeo fixes the following issues: CVE-2024-6104: possible sensitive data exposure due to hashicorp/go-retryablehttp not sanitizing URLs when writing them to log files. bsc1227056 CVE-2023-45288: possible excessive CPU consumption due to no limit being set on the number of...

Security update for python311

This update for python311 fixes the following issues: CVE-2025-0938: domain names containing square brackets are not identified as incorrect by urlparse. bsc1236705 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

Security update for cloud-regionsrv-client

This update for cloud-regionsrv-client contains the following fixes: Update to 10.3.11 bsc1234050 Send registration code for the extensions, not only base product Update to 10.3.9: bsc1234050 Send registration code for the extensions, not only base product Update to 10.3.8: bsc1233333 Fix the...

Security update for the Linux Kernel RT (Live Patch 4 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506001014 fixes several issues. The following security issues were fixed: CVE-2024-45016: netem: fix return value if duplicate enqueue fails bsc1230998. CVE-2024-47684: tcp: check skb is non-NULL in tcprtodeltaus bsc1231993. Patch Instructions: To install...

Security update for python310

This update for python310 fixes the following issues: CVE-2025-0938: domain names containing square brackets are not identified as incorrect by urlparse. bsc1236705 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: Update to Mozilla Thunderbird 128.7 MFSA 2025-10, bsc1236539. Security fixes: CVE-2025-1009: use-after-free in XSLT. CVE-2025-1010: use-after-free in Custom Highlight. CVE-2025-1011: a bug in WebAssembly code generation could result i...

Security update for go1.23

This update for go1.23 fixes the following issues: CVE-2025-22866: Fixed timing sidechannel for P-256 on ppc64le bsc1236801. Bug fixes: go1.23 release tracking bsc1229122 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zyppe...

Security update for MozillaFirefox

This update for MozillaFirefox to 128.7esr fixes the following issues: MFSA 2025-09 CVE-2025-1009 bmo1936613 Use-after-free in XSLT CVE-2025-1010 bmo1936982 Use-after-free in Custom Highlight CVE-2025-1011 bmo1936454 A bug in WebAssembly code generation could result in a crash CVE-2025-1012...

Security update for wget

This update for wget fixes the following issues: CVE-2021-31879: Authorization header disclosed upon redirects to different origins. bsc1185551 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you...

Security update for bind

This update for bind fixes the following issues: CVE-2024-11187: Fixes CPU exhaustion caused by many records in the additional section bsc1236596 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively y...

Security update for ignition

This update for ignition fixes the following issues: CVE-2023-45288: Fixed unclosed connections when receiving too many headers in golang.org/x/net/http2 bsc1236518 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

Security update for krb5

This update for krb5 fixes the following issues: CVE-2025-24528: Fixed out-of-bounds write caused by overflow when calculating ulog block size can lead to process crash bsc1236619. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate...

Security update for ignition

This update for ignition fixes the following issues: CVE-2023-45288: Fixed unclosed connections when receiving too many headers in golang.org/x/net/http2 bsc1236518 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

Security update for xrdp

This update for xrdp fixes the following issues: CVE-2024-39917: Enforce no login screen if requirecredentials is set bsc1227769 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...

Security update for nvidia-open-driver-G06-signed

This update for nvidia-open-driver-G06-signed fixes the following issues: Make sure the correct FW package is installed on non-CUDA. only obsolete 555 CUDA driver/firmware packages For CUDA: update version to 565.57.01 Add 'dummy' firmware package on SLE to work around update issues. On SLE, the...

Security update for curl

This update for curl fixes the following issues: CVE-2024-11053: Fixed password leak used for the first host to the followed-to host under certain circumstances bsc1234068 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypp...

Security update for avahi

This update for avahi fixes the following issues: CVE-2024-52616: Properly randomize query id of DNS packets bsc1233420. Bug fixes: No longer supply bogus services to callbacks bsc1226586. Tag hardening patches as PATCH-FEATURE-OPENSUSE Remove dependency on /usr/bin/python3 using %python3fixsheba...

Security update for python-requests

This update for python-requests contains the following fixes: Add patch to fix to inject the default CA bundles if they are not specified. bsc1226321, bsc1231500 Remove Requires on python-py, it should have been removed earlier. update to 2.32.3: Fixed bug breaking the ability to specify custom...

Security update for libndp

This update for libndp fixes the following issues: CVE-2024-5564: Fixed buffer overflow in route information length field bsc1225771. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run t...

Security update for Mesa

This update for Mesa fixes the following issues: CVE-2023-45913: Fixed NULL pointer dereference via dri2GetGlxDrawableFromXDrawableId bsc1222040. CVE-2023-45919: Fixed buffer over-read in glXQueryServerString bsc1222041. CVE-2023-45922: Fixed segmentation violation in glXGetDrawableAttribute...

Security update for podman

This update for podman fixes the following issues: CVE-2024-9676: Fixed a denial of service via a symlink traversal in the containers/storage library bsc1231698 CVE-2024-9341: Fixed FIPS Crypto-Policy Directory Mounting Issue in containers/common Go Library bsc1231230 CVE-2024-9675: Fixed caching...

Security update for tiff

This update for tiff fixes the following issues: CVE-2024-7006: Fix pointer deref in tifdirinfo.c bsc1228924 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for you...

Security update for libdb-4_8

This update for libdb-48 fixes the following issues: CVE-2019-2708: Fixed data store execution leading to partial DoS bsc1174414 Changes: libdb: Data store execution leads to partial DoS Backport the upsteam commits: Fixed several possible crashes when running dbverify on a corrupted database...

Security update for python311

This update for python311 fixes the following issues: CVE-2024-8088: Fixed a denial of service in zipfile bsc1229704 CVE-2024-6232: Fixed a ReDos via excessive backtracking while parsing header values bsc1230227 CVE-2024-7592: Fixed a denial of service in the http.cookies module bsc1229596 Patch...

Security update for orc

This update for orc fixes the following issues: CVE-2024-40897: Fixed a stack-based buffer overflow when formatting error messages bsc1228184 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you c...

Security update for containerized-data-importer

This update for containerized-data-importer fixes the following issues: Update to version 1.60.1 Release notes https://github.com/kubevirt/containerized-data-importer/releases/tag/v1.60.1 Add registry path for SLE15 SP7 Bump to the latest tag 1.60.1-150600.3.9.1 Use the images based on SLE15 SP6...

Security update for kubevirt

This update for kubevirt fixes the following issues: Update to version 1.3.1 Release notes https://github.com/kubevirt/kubevirt/releases/tag/v1.3.1 Release notes https://github.com/kubevirt/kubevirt/releases/tag/v1.3.0 Fix DV error report via VM printable status Fix permission error in storage...

Security update for krb5

This update for krb5 fixes the following issues: CVE-2024-37370: Confidential GSS krb5 wrap tokens with invalid plaintext Extra Count fields were erroneously accepted during unwrap bsc1227186 CVE-2024-37371: Fixed invalid memory read when processing message tokens with invalid length fields...

Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 kernel was updated to receive various security bugfixes. This release includes the first live patch. The following security bugs were fixed: CVE-2023-52489: mm/sparsemem: fix race in accessing memorysection-usage bsc1221326. CVE-2023-52581: netfilter: nftables:...

Security update for libxml2

This update for libxml2 fixes the following issues: CVE-2024-34459: Fixed buffer over-read in bsc1224282 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your...