5387 matches found
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-52778: mptcp: deal with large GSO size bsc1224948. CVE-2023-52920: bpf: support non-r10 register spill/fill to/from stack in precision tracking...
Security update for java-1_8_0-ibm
This update for java-180-ibm fixes the following issues: Updated to Java 8.0 Service Refresh 8 Fix Pack 35 with Oracle October 15 2024 CPU bsc1232064: - CVE-2024-21208: Fixed partial DoS in component Networking bsc1231702,JDK-8328286 - CVE-2024-21210: Fixed unauthorized update, insert or delete...
Security update for socat
This update for socat fixes the following issues: CVE-2024-54661: Fixed arbitrary file overwrite via predictable /tmp directory bsc1225462 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can...
Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: CVE-2024-44308: Fixed processing maliciously crafted web content that may lead to arbitrary code execution bsc1233631 CVE-2024-44309: Fixed data isolation bypass vulnerability bsc1233632 Patch Instructions: To install this SUSE update use th...
Security update for python312
This update for python312 fixes the following issues: CVE-2024-12254: Fixed unbounded memory buffering in SelectorSocketTransport.writelines bsc1234290 Other fixes: - Updated to version 3.12.8 - Remove -IVendor/ from python-config bsc1231795 Patch Instructions: To install this SUSE update use the...
Security update for python-Django
This update for python-Django fixes the following issues: CVE-2024-53907: Fixed denial-of-service in django.utils.html.striptags bsc1234232 CVE-2024-53908: Fixed SQL injection in HasKeylhs, rhs on Oracle bsc1234231 Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for the Linux Kernel (Live Patch 24 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024111 fixes several issues. The following security issues were fixed: CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. CVE-2024-35905: Fixed int overflow for stack...
Security update for the Linux Kernel (Live Patch 47 for SLE 15 SP2)
This update for the Linux Kernel 5.3.18-15020024188 fixes several issues. The following security issues were fixed: CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. CVE-2021-47600: dm btree remove: fix use afte...
Security update for the Linux Kernel (Live Patch 50 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122183 fixes several issues. The following security issues were fixed: CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks bsc1229273. Patch Instructions: To install thi...
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 128.5.1 ESR: - Fixed: Fixed an issue that prevented some websites from loading when using SSL Inspection. bmo1933747 Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for the Linux Kernel (Live Patch 48 for SLE 15 SP2)
This update for the Linux Kernel 5.3.18-15020024191 fixes several issues. The following security issues were fixed: CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. CVE-2021-47600: dm btree remove: fix use afte...
Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005573 fixes several issues. The following security issues were fixed: CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool bsc1225429. CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. Patch Instructions: To install this...
Security update for the Linux Kernel (Live Patch 25 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024116 fixes several issues. The following security issues were fixed: CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. CVE-2024-35905: Fixed int overflow for stack...
Security update for the Linux Kernel (Live Patch 49 for SLE 15 SP2)
This update for the Linux Kernel 5.3.18-15020024194 fixes several issues. The following security issues were fixed: CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. CVE-2021-47600: dm btree remove: fix use afte...
Security update for the Linux Kernel (Live Patch 54 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122201 fixes several issues. The following security issues were fixed: CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks bsc1229273. CVE-2024-35863: Fixed potential UA...
Security update for the Linux Kernel (Live Patch 7 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005536 fixes several issues. The following security issues were fixed: CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool bsc1225429. CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. CVE-2024-43861: Fix memor...
Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005549 fixes several issues. The following security issues were fixed: CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool bsc1225429. CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. CVE-2024-43861: Fix memor...
Security update for the Linux Kernel (Live Patch 44 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059161 fixes several issues. The following security issues were fixed: CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. CVE-2021-47598: schcake: do not call...
Security update for the Linux Kernel (Live Patch 52 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122189 fixes several issues. The following security issues were fixed: CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks bsc1229273. Patch Instructions: To install thi...
Security update for python36
This update for python36 fixes the following issues: CVE-2024-11168: improper validation of IPv6 and IPvFuture addresses. bsc1233307 Bug fixes: Remove -IVendor/ from python-config. bsc1231795 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for python3
This update for python3 fixes the following issues: CVE-2024-11168: Fixed improper validation of IPv6 and IPvFuture addresses bsc1233307 Other fixes: - Remove -IVendor/ from python-config bsc1231795 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like...
Security update for php7
This update for php7 fixes the following issues: CVE-2024-11233: Single byte overread with convert.quoted-printable-decode filter bsc1233702. CVE-2024-11234: Configuring a proxy in a stream context might allow for CRLF injection in URIs bsc1233703. CVE-2024-8929: Leak partial content of the heap...
Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-150600105 fixes several issues. The following security issues were fixed: CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks bsc1229273. CVE-2023-52752: smb: client: fix...
Security update for the Linux Kernel RT (Live Patch 17 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505001361 fixes several issues. The following security issues were fixed: CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool bsc1225429. CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. CVE-2021-47598: schcake: do not cal...
Security update for postgresql14
This update for postgresql14 fixes the following issues: CVE-2024-10976: Ensure cached plans are marked as dependent on the calling role when RLS applies to a non-top-level table reference bsc1233323. CVE-2024-10977: Make libpq discard error messages received during SSL or GSS protocol negotiatio...
Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: Update to version 2.46.3 bsc1232747, including fixes for: CVE-2024-44308: Fixed arbitrary code execution by not allocating DFG register after a slow path bsc1233631. CVE-2024-44309: Fixed a data isolation bypass vulnerability bsc1233632...
Security update for libuv
This update for libuv fixes the following issues: CVE-2024-24806: Fixed improper Domain Lookup that potentially leads to SSRF attacks bsc1219724 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively yo...
Security update for postgresql15
This update for postgresql15 fixes the following issues: CVE-2024-10976: Ensure cached plans are marked as dependent on the calling role when RLS applies to a non-top-level table reference bsc1233323. CVE-2024-10977: Make libpq discard error messages received during SSL or GSS protocol negotiatio...
Security update for postgresql12
This update for postgresql12 fixes the following issues: CVE-2024-10976: Ensure cached plans are marked as dependent on the calling role when RLS applies to a non-top-level table reference bsc1233323. CVE-2024-10977: Make libpq discard error messages received during SSL or GSS protocol negotiatio...
Security update for postgresql14
This update for postgresql14 fixes the following issues: CVE-2024-10976: Ensure cached plans are marked as dependent on the calling role when RLS applies to a non-top-level table reference bsc1233323. CVE-2024-10977: Make libpq discard error messages received during SSL or GSS protocol negotiatio...
Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: Update to version 2.46.3 bsc1232747: CVE-2024-44244: Processing maliciously crafted web content may lead to an unexpected process crash. CVE-2024-44296: Processing maliciously crafted web content may prevent Content Security Policy from bein...
Security update for glib2
This update for glib2 fixes the following issues: CVE-2024-52533: Fixed a single byte buffer overflow bsc1233282. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed fo...
Security update for the Linux Kernel
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2021-47589: igbvf: fix double free in igbvfprobe bsc1226557. CVE-2024-35937: wifi: cfg80211: check A-MSDU format more carefully bsc1224526. CVE-2024-47674: mm: avo...
Security update for bea-stax, xstream
This update for bea-stax, xstream fixes the following issues: CVE-2024-47072: Fixed possible remote denial-of-service via a stack overflow bsc1233085. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for SUSE Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Security fixes on Python 3.11 interpreter: CVE-2024-7592: Fixed quadratic complexity in parsing -quoted cookie values with backslashes bsc1229873, bsc1230059 CVE-2024-8088: Prevent malformed payload to cause infinite loops in zipfile.Path...
Security update for SUSE Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Security fixes on Python 3.11 interpreter: CVE-2024-7592: Fixed quadratic complexity in parsing -quoted cookie values with backslashes bsc1229873, bsc1230059 CVE-2024-8088: Prevent malformed payload to cause infinite loops in zipfile.Path...
Security update for SUSE Manager Client Tools
This update fixes the following issues: golang-github-lusitaniae-apacheexporter: Security issues fixed: CVE-2023-3978: Fixed security bug in x/net dependency bsc1213933 Other changes and issues fixed: Delete unpackaged debug files for RHEL Do not include source files in the package for RHEL 9...
Maintenance update for SUSE Manager 4.3: Server, Proxy and Retail Branch Server
Description: This update fixes the following issues: mgr-daemon: Version 4.3.11-0 Update translation strings spacecmd: Version 4.3.29-0 Speed up softwarechannelremovepackages bsc1227606 spacewalk-backend: Version 4.3.30-0 Make ISSv1 timezone independent bsc1221505 reposync: introduce timeout when...
Security update for apache2
This update for apache2 fixes the following issues: CVE-2023-45802: Fixed regression with previous fix bsc1233165. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed f...
Security update for buildah
This update for buildah fixes the following issues: CVE-2024-9676: Fixed github.com/containers/storage: symlink traversal vulnerability in the containers/storage library can cause Denial of Service DoS bsc1231698: CVE-2024-9675: VUL-0: CVE-2024-9675: buildah,podman: buildah: cache arbitrary...
Security update for java-1_8_0-openjdk
This update for java-180-openjdk fixes the following issues: Update to version jdk8u432 icedtea-3.33.0: CVE-2024-21208: Enhance HTTP client bsc1231702. CVE-2024-21210: Improve handling of vectorization bsc1231711. CVE-2024-21217: Improve deserialization support bsc1231716. CVE-2024-21235: Improve...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-48879: efi: fix NULL-deref in init error path bsc1229556. CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1231893. CVE-2022-48957: dpaa2-switc...
Security update for expat
This update for expat fixes the following issues: CVE-2024-50602: Fixed a denial of service via XMLResumeParser bsc1232579. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command...
Security update for govulncheck-vulndb
This update for govulncheck-vulndb fixes the following issues: Update to version 0.0.20241104T154416 2024-11-04T15:44:16Z. Refs jscPED-11136 Go CVE Numbering Authority IDs added or updated with aliases: GO-2024-3233 CVE-2024-46872 GHSA-762g-9p7f-mrww GO-2024-3234 CVE-2024-47401 GHSA-762v-rq7q-ff9...
Security update for libarchive
This update for libarchive fixes the following issues: CVE-2024-20697: Fixed Out of bounds Remote Code Execution Vulnerability bsc1225972. CVE-2024-48958: Fixed out-of-bounds access via a crafted archive file in executefilterdelta function bsc1231624. Patch Instructions: To install this SUSE upda...
Security update for curl
This update for curl fixes the following issues: CVE-2024-9681: Fixed HSTS subdomain overwrites parent cache entry bsc1232528 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the comma...
Security update for libgsf
This update for libgsf fixes the following issues: CVE-2024-42415, CVE-2024-36474: Fixed integer overflows affecting memory allocation bsc1231282, bsc1231283. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for libgsf
This update for libgsf fixes the following issues: CVE-2024-42415, CVE-2024-36474: Fixed integer overflows affecting memory allocation bsc1231282, bsc1231283. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-150600237 fixes several issues. The following security issues were fixed: CVE-2024-42133: Bluetooth: Ignore too large handle values in BIG bsc1231419 CVE-2023-52752: smb: client: fix use-after-free bug in cifsdebugdataprocshow bsc1225819. CVE-2024-36899:...
Security update for python3
This update for python3 fixes the following issues: Security fixes: CVE-2024-9287: properly quote path names provided when creating a virtual environment bsc1232241 Other fixes: Drop .pyc files from docdir for reproducible builds bsc1230906 Patch Instructions: To install this SUSE update use the...