5387 matches found
Security update for rabbitmq-server313
This update for rabbitmq-server313 fixes the following issues: CVE-2025-30219: incorrectly escaped virtual hostname present in error message could lead to XSS attack. bsc1240071 Non-security fixes: Require rabbitmq-server313-plugins rather then rabbitmq-server-plugins. bsc1231656, bsc1234763 Patc...
Security update for the Linux Kernel (Live Patch 23 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005594 fixes several issues. The following security issues were fixed: CVE-2022-49080: mm/mempolicy: fix mpolnew leak in sharedpolicyreplace bsc1238324. CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmtremoveadvmonitorsync bsc123909...
Security update for libjxl
This update for libjxl fixes the following issues: CVE-2024-11403: Fix out of bounds memory read/write in libjxl bsc1233768. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the comman...
Security update for glib2
This update for glib2 fixes the following issues: CVE-2025-4373: integer overflow in the gstringinsertunichar function can lead to buffer underwrite and memory corruption bsc1242844. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupda...
Security update for nodejs22
This update for nodejs22 fixes the following issues: Update to version 22.15.1. Security issues fixed: CVE-2025-23166: remotely triggerable process crash due to improper error handling in async cryptographic operations bsc1243218. CVE-2025-23165: memory leak and unbounded memory growth due to...
Security update for the Linux Kernel (Live Patch 22 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005591 fixes several issues. The following security issues were fixed: CVE-2022-49080: mm/mempolicy: fix mpolnew leak in sharedpolicyreplace bsc1238324. CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmtremoveadvmonitorsync bsc123909...
Security update for the Linux Kernel (Live Patch 49 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059179 fixes several issues. The following security issues were fixed: CVE-2022-49080: mm/mempolicy: fix mpolnew leak in sharedpolicyreplace bsc1238324. CVE-2024-57996: netsched: schsfq: do not allow 1 packet limit bsc1239077. Patch Instructions: To...
Security update for kernel-livepatch-MICRO-6-0_Update_5
This update for kernel-livepatch-MICRO-6-0Update5 fixes the following issues: CVE-2025-21680: pktgen: avoid out-of-bounds access in getimixentries bsc1236701 CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmtremoveadvmonitorsync bsc1239096 CVE-2024-57996: netsched: schsfq: don'...
Security update for kernel-livepatch-MICRO-6-0_Update_3
This update for kernel-livepatch-MICRO-6-0Update3 fixes the following issues: CVE-2024-49855: nbd: fix race between timeout and normal completion bsc1232900 CVE-2025-21680: pktgen: avoid out-of-bounds access in getimixentries bsc1236701 CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free Rea...
Security update for kernel-livepatch-MICRO-6-0_Update_4
This update for kernel-livepatch-MICRO-6-0Update4 fixes the following issues: CVE-2025-21680: pktgen: avoid out-of-bounds access in getimixentries bsc1236701 CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmtremoveadvmonitorsync bsc1239096 CVE-2024-57996: netsched: schsfq: don'...
Security update for kernel-livepatch-MICRO-6-0_Update_4
This update for kernel-livepatch-MICRO-6-0Update4 fixes the following issues: CVE-2025-21680: pktgen: avoid out-of-bounds access in getimixentries bsc1236701 CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmtremoveadvmonitorsync bsc1239096 CVE-2024-57996: netsched: schsfq: don'...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_5
This update for kernel-livepatch-MICRO-6-0-RTUpdate5 fixes the following issues: CVE-2025-21680: pktgen: avoid out-of-bounds access in getimixentries bsc1236701 CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmtremoveadvmonitorsync bsc1239096 CVE-2024-57996: netsched: schsfq:...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_4
This update for kernel-livepatch-MICRO-6-0-RTUpdate4 fixes the following issues: CVE-2025-21680: pktgen: avoid out-of-bounds access in getimixentries bsc1236701 CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmtremoveadvmonitorsync bsc1239096 CVE-2024-57996: netsched: schsfq:...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_4
This update for kernel-livepatch-MICRO-6-0-RTUpdate4 fixes the following issues: CVE-2025-21680: pktgen: avoid out-of-bounds access in getimixentries bsc1236701 CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmtremoveadvmonitorsync bsc1239096 CVE-2024-57996: netsched: schsfq:...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_2
This update for kernel-livepatch-MICRO-6-0-RTUpdate2 fixes the following issues: CVE-2024-49855: nbd: fix race between timeout and normal completion bsc1232900 CVE-2025-21680: pktgen: avoid out-of-bounds access in getimixentries bsc1236701 CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free...
Security update for the Linux Kernel RT (Live Patch 4 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506001014 fixes several issues. The following security issues were fixed: CVE-2024-49855: nbd: fix race between timeout and normal completion bsc1232900. CVE-2025-21680: pktgen: Avoid out-of-bounds access in getimixentries bsc1236701. CVE-2024-58013:...
Security update for the Linux Kernel (Live Patch 60 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122228 fixes several issues. The following security issues were fixed: CVE-2022-49080: mm/mempolicy: fix mpolnew leak in sharedpolicyreplace bsc1238324. CVE-2024-57996: netsched: schsfq: do not allow 1 packet limit bsc1239077. Patch Instructions: To instal...
Security update for the Linux Kernel RT (Live Patch 3 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506001011 fixes several issues. The following security issues were fixed: CVE-2024-49855: nbd: fix race between timeout and normal completion bsc1232900. CVE-2025-21680: pktgen: Avoid out-of-bounds access in getimixentries bsc1236701. CVE-2024-58013:...
Security update for augeas
This update for augeas fixes the following issues: CVE-2025-2588: Check for NULL pointers when calling recaseexpand in function faexpandnocase. bsc1239909 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for less
This update for less fixes the following issues: Updated to version 668 Fixed crash when using --header on command line Fixed possible crash when scrolling left/right or toggling -S Fixed bug when using stop in a lesskey file Fixed bug when using --shift or --match-shift on command line with a...
Security update for iputils
This update for iputils fixes the following issues: CVE-2025-47268: Fixed integer overflow in RTT calculation leading to undefined behavior bsc1242300 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for iputils
This update for iputils fixes the following issues: Security fixes: CVE-2025-47268: Fixed integer overflow in RTT calculation can lead to undefined behavior bsc1242300. Other bug fixes: Fixed incorrect IPV4 TTL value when using SOCKDGRAM on big endian systems bsc1243284. Patch Instructions: To...
Security update for gnutls
This update for gnutls fixes the following issues: CVE-2024-12243: quadratic complexity of DER input decoding in libtasn1 can lead to a DoS bsc1236974. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for gimp
This update for gimp fixes the following issues: CVE-2025-2761: unvalidated user input in FLI file parsing may lead to an out-of-bounds write bsc1241691. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for python-cryptography
This update for python-cryptography fixes the following issues: CVE-2025-3416: openssl: use-after-free in Md::fetch and Cipher::fetch when Some... value passed as properties argument to either function bsc1242631. Patch Instructions: To install this SUSE update use the SUSE recommended installati...
Security update for opensaml
This update for opensaml fixes the following issues: CVE-2025-31335: Fixed a bug where parameter manipulation allows the forging of signed SAML messages. bsc1239889 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for docker
This update for docker fixes the following issues: Always clear SUSEConnect suse secrets when starting containers regardless of whether the daemon was built with SUSEConnect support. Not doing this causes containers from SUSEConnect-enabled daemons to fail to start when running with...
Security update for docker
This update for docker fixes the following issues: Always clear SUSEConnect suse secrets when starting containers regardless of whether the daemon was built with SUSEConnect support. Not doing this causes containers from SUSEConnect-enabled daemons to fail to start when running with...
Security update for libsoup
This update for libsoup fixes the following issues: CVE-2025-4969: Fixed off-by-one out-of-bounds read may lead to infoleak bsc1243423 CVE-2025-4948: Fixed integer underflow in soupmultipartnewfrommessage leading to denial of service bsc1243332 CVE-2025-4476: Fixed NULL pointer dereference may le...
Security update for libcryptopp
This update for libcryptopp fixes the following issues: CVE-2024-28285: Fixed potential leak of secret key of ElGamal encryption via fault injection bsc1224280 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for 389-ds
This update for 389-ds fixes the following issues: Security fixes: CVE-2025-3416: Fixed use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate bsc1242666 Other fixes: Enable memory accounting as SUSE disables it by default bsc1241016. Fix dsidm service getdn option failing bsc1241988...
Security update for libsoup2
This update for libsoup2 fixes the following issues: CVE-2025-4948: Fixed integer underflow in soupmultipartnewfrommessage leading to denial of service bsc1243332 CVE-2025-4969: Fixed off-by-one out-of-bounds read may lead to infoleak bsc1243423 CVE-2025-32906: Fixed out of bounds reads in...
Security update for dnsdist
This update for dnsdist fixes the following issues: CVE-2025-30193: stack exhaustion when processing too many queries on incoming TCP connections leads to a denial-of-service bsc1243378. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for poppler
This update for poppler fixes the following issues: CVE-2025-32364: integer overflow due to INTMIN negation in the PSStack::roll function of Function.cc leads to floating point exception crash in pdftotext bsc1240880. CVE-2025-32365: misplaced isOk check in the JBIG2Bitmap::combine function of...
Security update for iputils
This update for iputils fixes the following issues: CVE-2025-47268: Fixed integer overflow in RTT calculation can lead to undefined behavior bsc1242300 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for iputils
This update for iputils fixes the following issues: Security fixes: CVE-2025-47268: Fixed integer overflow in RTT calculation can lead to undefined behavior bsc1242300. Other bug fixes: Fixed incorrect IPV4 TTL value when using SOCKDGRAM on big endian systems bsc1243284. Patch Instructions: To...
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Update to Mozilla Firefox ESR 128.11 MFSA 2025-44, bsc1243353: MFSA-TMP-2025-0001: Double-free in libvpx encoder bmo1962421 CVE-2025-5263: Error handling for script execution was incorrectly isolated from web content bmo1960745...
Security update for postgresql17
This update for postgresql17 fixes the following issues: Upgrade to 17.5: CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation bsc1242931 Changelog: https://www.postgresql.org/docs/release/17.5/ Patch Instructions: To...
Security update for slurm
This update for slurm fixes the following issues: CVE-2025-43904: an issue with permission handling for Coordinators within the accounting system allowed Coordinators to promote a user to Administrator bsc1243666. Patch Instructions: To install this SUSE update use the SUSE recommended installati...
Security update for slurm_24_11
This update for slurm2411 fixes the following issues: Update to version 24.11.5. Security issues fixed: CVE-2025-43904: an issue with permission handling for Coordinators within the accounting system allowed Coordinators to promote a user to Administrator bsc1243666. Other changes and issues fixe...
Security update for augeas
This update for augeas fixes the following issues: CVE-2025-2588: Check for NULL pointers when calling recaseexpand in function faexpandnocase. bsc1239909 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for brltty
This update for brltty fixes the following issues: Avoid having brlapi.key temporarily world-readable during creation bsc1235438. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for libsoup
This update for libsoup fixes the following issues: CVE-2025-2784: Fixed heap buffer over-read in skipinsignificantspace when sniffing conten bsc1240750 CVE-2025-32050: Fixed integer overflow in appendparamquoted bsc1240752 CVE-2025-32051: Fixed segmentation fault when parsing malformed data URI...
Security update for libsoup2
This update for libsoup2 fixes the following issues: CVE-2025-2784: Fixed heap buffer over-read in skipinsignificantspace when sniffing conten bsc1240750 CVE-2025-32050: Fixed integer overflow in appendparamquoted bsc1240752 CVE-2025-32052: Fixed heap buffer overflow in sniffunknown bsc1240756...
Security update for postgresql17
This update for postgresql17 fixes the following issues: Upgrade to 17.5: CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation bsc1242931 Changelog: https://www.postgresql.org/docs/release/17.5/ Patch Instructions: To...
Security update for slurm_20_11
This update for slurm2011 fixes the following issues: CVE-2025-43904: an issue with permission handling for Coordinators within the accounting system allowed Coordinators to promote a user to Administrator bsc1243666. Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for slurm_23_02
This update for slurm2302 fixes the following issues: CVE-2025-43904: an issue with permission handling for Coordinators within the accounting system allowed Coordinators to promote a user to Administrator bsc1243666. Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for postgresql13
This update for postgresql13 fixes the following issues: Upgrade to 13.21: CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation bsc1242931 Changelog: https://www.postgresql.org/docs/release/13.21/ Patch Instructions: T...
Security update for grub2
This update for grub2 fixes the following issues: Security fixes: CVE-2025-4382: exposure of data from encrypted device through CLI once the root device is successfully unlocked via TPM bsc1242971. Other bug fixes: Fix incorrect nvme disks and boot order in bootlist output bsc1237174. Special...
Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: Update to version 2.48.2. Security issues fixed: CVE-2025-31205: lack of checks may lead to cross-origin data exfiltration through a malicious website bsc1243282. CVE-2025-31204: improper memory handling when processing certain web content m...