5387 matches found
Security update for rubygem-actionmailer-5_1
This update for rubygem-actionmailer-51 fixes the following issues: CVE-2024-47889: Fixed Possible ReDoS vulnerability in blockformat in Action Mailer bsc1231723. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for uwsgi
This update for uwsgi fixes the following issues: CVE-2024-24795: Fixed HTTP Response Splitting in multiple modules bsc1222332 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for the Linux Kernel (Live Patch 48 for SLE 15 SP2)
This update for the Linux Kernel 5.3.18-15020024191 fixes several issues. The following security issues were fixed: CVE-2021-47600: dm btree remove: fix use after free in rebalancechildren bsc1227472. CVE-2021-47598: schcake: do not call cakedestroy from cakeinit bsc1227471. CVE-2023-52752: smb:...
Security update for the Linux Kernel (Live Patch 45 for SLE 15 SP2)
This update for the Linux Kernel 5.3.18-15020024178 fixes several issues. The following security issues were fixed: CVE-2021-47600: dm btree remove: fix use after free in rebalancechildren bsc1227472. CVE-2021-47598: schcake: do not call cakedestroy from cakeinit bsc1227471. CVE-2023-52752: smb:...
Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005552 fixes several issues. The following security issues were fixed: CVE-2024-35905: Fixed int overflow for stack access size bsc1226327. CVE-2021-47598: schcake: do not call cakedestroy from cakeinit bsc1227471. CVE-2024-35863: Fixed potential UAF i...
Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-150600105 fixes several issues. The following security issues were fixed: CVE-2023-52752: smb: client: fix use-after-free bug in cifsdebugdataprocshow bsc1225819. CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails bsc1227808...
Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506008 fixes several issues. The following security issues were fixed: CVE-2024-35905: Fixed int overflow for stack access size bsc1226327. CVE-2024-42133: Bluetooth: Ignore too large handle values in BIG bsc1231419 CVE-2024-35863: Fixed potential UAF in...
Security update for the Linux Kernel RT (Live Patch 15 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505001355 fixes several issues. The following security issues were fixed: CVE-2024-35905: Fixed int overflow for stack access size bsc1226327. CVE-2021-47598: schcake: do not call cakedestroy from cakeinit bsc1227471. CVE-2024-35863: Fixed potential UAF i...
Security update for the Linux Kernel (Live Patch 56 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122216 fixes several issues. The following security issues were fixed: CVE-2024-35863: Fixed potential UAF in isvalidoplockbreak bsc1225011. CVE-2023-52752: smb: client: fix use-after-free bug in cifsdebugdataprocshow bsc1225819. CVE-2024-35862: Fixed...
Security update for the Linux Kernel (Live Patch 54 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122201 fixes several issues. The following security issues were fixed: CVE-2024-35863: Fixed potential UAF in isvalidoplockbreak bsc1225011. CVE-2023-52752: smb: client: fix use-after-free bug in cifsdebugdataprocshow bsc1225819. CVE-2024-35862: Fixed...
Security update for go1.21-openssl
This update for go1.21-openssl fixes the following issues: CVE-2024-34158: Fixed stack exhaustion in Parse in go/build/constraint bsc1230254. CVE-2024-34156: Fixed stack exhaustion in Decoder.Decode in encoding/gob bsc1230253. CVE-2024-34155: Fixed stack exhaustion in all Parse functions...
Security update for the Linux Kernel (Live Patch 46 for SLE 15 SP2)
This update for the Linux Kernel 5.3.18-15020024183 fixes several issues. The following security issues were fixed: CVE-2021-47600: dm btree remove: fix use after free in rebalancechildren bsc1227472. CVE-2021-47598: schcake: do not call cakedestroy from cakeinit bsc1227471. CVE-2023-52752: smb:...
Security update for the Linux Kernel (Live Patch 42 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059153 fixes several issues. The following security issues were fixed: CVE-2021-47598: schcake: do not call cakedestroy from cakeinit bsc1227471. CVE-2023-52752: smb: client: fix use-after-free bug in cifsdebugdataprocshow bsc1225819. CVE-2024-35862:...
Security update for the Linux Kernel (Live Patch 47 for SLE 15 SP2)
This update for the Linux Kernel 5.3.18-15020024188 fixes several issues. The following security issues were fixed: CVE-2021-47600: dm btree remove: fix use after free in rebalancechildren bsc1227472. CVE-2021-47598: schcake: do not call cakedestroy from cakeinit bsc1227471. CVE-2023-52752: smb:...
Security update for the Linux Kernel (Live Patch 41 for SLE 15 SP2)
This update for the Linux Kernel 5.3.18-15020024166 fixes several issues. The following security issues were fixed: CVE-2021-47600: dm btree remove: fix use after free in rebalancechildren bsc1227472. CVE-2021-47598: schcake: do not call cakedestroy from cakeinit bsc1227471. CVE-2023-52752: smb:...
Security update for the Linux Kernel (Live Patch 50 for SLE 15 SP2)
This update for the Linux Kernel 5.3.18-15020024197 fixes several issues. The following security issues were fixed: CVE-2021-47600: dm btree remove: fix use after free in rebalancechildren bsc1227472. CVE-2021-47598: schcake: do not call cakedestroy from cakeinit bsc1227471. CVE-2021-47291: ipv6:...
Security update for cups-filters
This update for cups-filters fixes the following issues: CVE-2024-47850: Fixed cups-browsed can be abused to initiate remote DDoS against third-party targets bsc1231294 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: Update to version 2.46.0 bsc1231039. CVE-2024-40866 CVE-2024-44187 Already fixed in version 2.44.3: CVE-2024-4558 CVE-2024-27838 CVE-2024-27851 Already fixed in version 2.44.2: CVE-2024-27834 CVE-2024-27808 CVE-2024-27820 CVE-2024-27833...
Security update for protobuf
This update for protobuf fixes the following issues: CVE-2024-7254: Fixed stack overflow vulnerability in Protocol Buffer bsc1230778 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run th...
Security update for qemu
This update for qemu fixes the following issues: Security fixes: CVE-2024-8354: Fixed assertion failure in usbepget bsc1230834 CVE-2024-8612: Fixed information leak in virtio devices bsc1230915 Update version to 8.2.7: Security fixes: CVE-2024-7409: Fixed denial of service via improper...
Security update for php7
This update for php7 fixes the following issues: CVE-2024-8925: Fixed erroneous parsing of multipart form data in HTTP POST requests leads to legitimate data not being processed bsc1231360 CVE-2024-8927: Fixed cgi.forceredirect configuration is bypassable due to an environment variable collision...
Security update for php74
This update for php74 fixes the following issues: CVE-2024-8925: Fixed erroneous parsing of multipart form data in HTTP POST requests leads to legitimate data not being processed bsc1231360 CVE-2024-8927: Fixed cgi.forceredirect configuration is bypassable due to an environment variable collision...
Security update for php8
This update for php8 fixes the following issues: Update to php 8.2.24: CVE-2024-8925: Fixed erroneous parsing of multipart form data in HTTP POST requests leads to legitimate data not being processed bsc1231360 CVE-2024-8927: Fixed cgi.forceredirect configuration is bypassable due to an environme...
Security update for buildah
This update for buildah fixes the following issues: CVE-2024-9675: Fixed arbitrary cache directory mount bsc1231499 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed...
Security update for jetty-minimal
This update for jetty-minimal fixes the following issues: CVE-2024-8184: Fixed remote denial-of-service in ThreadLimitHandler.getRemote bsc1231651. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...
Security update for OpenIPMI
This update for OpenIPMI fixes the following issues: CVE-2024-42934: Fixed missing check on the authorization type on incoming LAN messages in IPMI simulator bsc1229910 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for the Linux Kernel (Live Patch 28 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024125 fixes several issues. The following security issues were fixed: CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails bsc1227808 CVE-2024-41059: hfsplus: fix uninit-value in copyname bsc1228573. Patch Instructions:...
Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024119 fixes several issues. The following security issues were fixed: CVE-2024-35861: Fixed potential UAF in cifssignalcifsdforreconnect bsc1225312. CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfochangednotify bsc1225739. CVE-2024-40954...
Security update for the Linux Kernel (Live Patch 25 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024116 fixes several issues. The following security issues were fixed: CVE-2024-35861: Fixed potential UAF in cifssignalcifsdforreconnect bsc1225312. CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfochangednotify bsc1225739. CVE-2024-40954...
Security update for the Linux Kernel (Live Patch 12 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005559 fixes several issues. The following security issues were fixed: CVE-2024-35861: Fixed potential UAF in cifssignalcifsdforreconnect bsc1225312. CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfochangednotify bsc1225739. CVE-2024-40954:...
Security update for the Linux Kernel (Live Patch 49 for SLE 15 SP2)
This update for the Linux Kernel 5.3.18-15020024194 fixes several issues. The following security issues were fixed: CVE-2024-35861: Fixed potential UAF in cifssignalcifsdforreconnect bsc1225312. CVE-2021-47291: ipv6: fix another slab-out-of-bounds in fib6nhflushexceptions bsc1227651...
Security update for the Linux Kernel (Live Patch 56 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122216 fixes several issues. The following security issues were fixed: CVE-2024-41059: hfsplus: fix uninit-value in copyname bsc1228573. CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 bsc1226325. CVE-2021-47378: Destroy cm id before...
Security update for etcd
This update for etcd fixes the following issues: Update to version 3.5.12: Security fixes: CVE-2018-16873: Fixed remote command execution in cmd/go bsc1118897 CVE-2018-16874: Fixed directory traversal in cmd/go bsc1118898 CVE-2018-16875: Fixed CPU denial of service in crypto/x509 bsc1118899...
Security update for unbound
This update for unbound fixes the following issues: CVE-2024-8508: Fixed unbounded name compression that could lead to denial of service bsc1231284 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...
Security update for the Linux Kernel RT (Live Patch 13 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505001347 fixes several issues. The following security issues were fixed: CVE-2024-35861: Fixed potential UAF in cifssignalcifsdforreconnect bsc1225312. CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfochangednotify bsc1225739. CVE-2024-40954:...
Security update for keepalived
This update for keepalived fixes the following issues: CVE-2024-41184: Fixed integer overflow in vrrpipsetshandler bsc1228123 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the comma...
Security update for the Linux Kernel RT (Live Patch 14 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505001352 fixes several issues. The following security issues were fixed: CVE-2024-35861: Fixed potential UAF in cifssignalcifsdforreconnect bsc1225312. CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfochangednotify bsc1225739. CVE-2024-40954:...
Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issues: Update to Mozilla Thunderbird 128.3.1 MFSA 2024-51, bsc1231413: CVE-2024-9680: Use-after-free in Animation timeline Update to Mozilla Thunderbird 128.3 MFSA 2024-49, bsc1230979: CVE-2024-9392: Compromised content process can bypass si...
Security update for the Linux Kernel RT (Live Patch 11 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505001338 fixes several issues. The following security issues were fixed: CVE-2024-35861: Fixed potential UAF in cifssignalcifsdforreconnect bsc1225312. CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfochangednotify bsc1225739. CVE-2024-40954:...
Security update for the Linux Kernel
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-38538: net: bridge: xmit: make sure we have at least eth header len bytes bsc1226606. CVE-2024-40902: jfs: xattr: fix buffer overflow for invalid xattr...
Security update for wireshark
This update for wireshark fixes the following issues: Update to Wireshark 4.2.8: CVE-2024-9781: Fixed AppleTalk and RELOAD Framing dissector crash bsc1231476. Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-4.2.8.html Patch...
Security update for apache-commons-io
This update for apache-commons-io fixes the following issues: Upgrade to 2.17.0: CVE-2024-47554: Fixed untrusted input to XmlStreamReader can lead to uncontrolled resource consumption bsc1231298 Other changes: - https://commons.apache.org/proper/commons-io/changes-report.htmla2.17.0 Patch...
Security update for libreoffice
This update for libreofficefixes the following issues: libreoffice was updated to version 24.8.1.2 jscPED-10362: Release notes: https://wiki.documentfoundation.org/Releases/24.8.0/RC1 and https://wiki.documentfoundation.org/Releases/24.8.0/RC2 and...
Security update for libreoffice
This update for libreoffice fixes the following issues: libreoffice was updated to version 24.8.1.2 jscPED-10362: Release notes: https://wiki.documentfoundation.org/Releases/24.8.0/RC1 and https://wiki.documentfoundation.org/Releases/24.8.0/RC2 and...
Security update for cups-filters
This update for cups-filters fixes the following issues: CVE-2024-47176: cups-browsed binds on UDP port 631 and trusts packets that try to trigger a Get-Printer-Attributes IPP request. bsc1230939 CVE-2024-47850: cups-browsed can be abused to initiate remote DDoS against third-party targets...
Security update for the Linux Kernel
The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-46854: net: dpaa: Pad packets to ETHZLEN bsc1231084. CVE-2024-46770: ice: Add netifdeviceattach/detach into PF reset flow bsc1230763. CVE-2024-41073: nvme:...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-48911: kabi: add nfqueuegetrefs for kabi compliance. bsc1229633. CVE-2022-48923: btrfs: prevent copying too big compressed lzo segment bsc1229662...
Security update for mozjs78
This update for mozjs78 fixes the following issues: CVE-2024-45490: Fixed negative len for XMLParseBuffer in embedded expat bnc1230036 CVE-2024-45491: Fixed integer overflow in dtdCopy in embedded expat bnc1230037 CVE-2024-45492: Fixed integer overflow in function nextScaffoldPart in embedded exp...
Security update for podofo
This update for podofo fixes the following issues: CVE-2015-8981: Fixed heap overflow in the function ReadXRefSubsection bsc1023190 CVE-2017-6840: Fixed invalid memory read in ColorChanger::GetColorFromStack colorchanger.cpp bsc1027787 CVE-2017-6841: Fixed NULL pointer dereference in...
Security update for openvpn
This update for openvpn fixes the following issues: CVE-2024-28882: Fix multiple exit notifications from authenticated clients will extend the validity of a closing session bsc1227546 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...