5454 matches found
Security update for sqlite3
This update for sqlite3 fixes the following issues: CVE-2025-29087: Fixed integer overflow in sqlite concat function bsc1241020 CVE-2025-29088: Fixed integer overflow through the SQLITEDBCONFIGLOOKASIDE component bsc1241078 Other fixes: Updated to version 3.49.1 from Factory jscSLE-16032 Patch...
Security update for sqlite3
This update for sqlite3 fixes the following issues: CVE-2025-29087: Fixed integer overflow in sqlite concat function bsc1241020 CVE-2025-29088: Fixed integer overflow through the SQLITEDBCONFIGLOOKASIDE component bsc1241078 Other fixes: Updated to version 3.49.1 from Factory jscSLE-16032 Patch...
Security update for the Linux Kernel (Live Patch 45 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059164 fixes several issues. The following security issues were fixed: CVE-2024-8805: Bluetooth: hcievent: Align BR/EDR JUSTWORKS paring with LE bsc1240840. CVE-2023-52885: SUNRPC: Fix UAF in svctcplistendataready bsc1227753. CVE-2024-50205: ALSA:...
Security update for the Linux Kernel (Live Patch 35 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024147 fixes one issue. The following security issue was fixed: CVE-2024-56650: netfilter: xtables: fix LED ID check in ledtgcheck bsc1235431. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for libxml2
This update for libxml2 fixes the following issues: CVE-2025-32414: Fixed an out-of-bounds read when parsing text via the Python API. bsc1241551 CVE-2025-32415: Fixed a crafted XML document may lead to a heap-based buffer under-read. bsc1241453 Patch Instructions: To install this SUSE update use...
Security update for the Linux Kernel (Live Patch 46 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059167 fixes several issues. The following security issues were fixed: CVE-2023-52885: SUNRPC: Fix UAF in svctcplistendataready bsc1227753. CVE-2024-50205: ALSA: firewire-lib: Avoid division by zero in applyconstrainttosize bsc1233294. CVE-2024-56650:...
Security update for the Linux Kernel (Live Patch 50 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059182 fixes several issues. The following security issues were fixed: CVE-2024-50205: ALSA: firewire-lib: Avoid division by zero in applyconstrainttosize bsc1233294. CVE-2024-56650: netfilter: xtables: fix LED ID check in ledtgcheck bsc1235431. Patch...
Security update for the Linux Kernel (Live Patch 63 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122237 fixes several issues. The following security issues were fixed: CVE-2024-8805: Bluetooth: hcievent: Align BR/EDR JUSTWORKS paring with LE bsc1240840. CVE-2024-56650: netfilter: xtables: fix LED ID check in ledtgcheck bsc1235431. Patch Instructions: ...
Security update for the Linux Kernel (Live Patch 64 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122244 fixes one issue. The following security issue was fixed: CVE-2024-56650: netfilter: xtables: fix LED ID check in ledtgcheck bsc1235431. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for kernel-livepatch-MICRO-6-0_Update_4
This update for kernel-livepatch-MICRO-6-0Update4 fixes the following issues: CVE-2024-53237: Fixed bluetooth: fix use-after-free in deviceforeachchild bsc1235008 CVE-2024-56650: Fixed netfilter: xtables: fix LED ID check in ledtgcheck bsc1235431 Patch Instructions: To install this SUSE update us...
Security update for the Linux Kernel RT (Live Patch 5 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506001017 fixes several issues. The following security issues were fixed: CVE-2024-53237: Bluetooth: fix use-after-free in deviceforeachchild bsc1235008. CVE-2024-53082: virtionet: Add hashkeylength check bsc1233677. CVE-2024-56650: netfilter: xtables: fix...
Security update for libraw
This update for libraw fixes the following issues: CVE-2025-43962: Fixed out-of-bounds read when tag 0x412 processing in phaseonecorrect function bsc1241585 CVE-2025-43964: Fixed tag 0x412 processing in phaseonecorrect does not enforce minimum w0 and w1 values bsc1241584 Patch Instructions: To...
Security update for govulncheck-vulndb
This update for govulncheck-vulndb fixes the following issues: Update to version 0.0.20250422T181640 2025-04-22T18:16:40Z jscPED-11136 GO-2025-3603 GO-2025-3604 GO-2025-3607 GO-2025-3608 GO-2025-3609 GO-2025-3610 GO-2025-3611 GO-2025-3612 GO-2025-3615 GO-2025-3618 GO-2025-3619 GO-2025-3620...
Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issues: Mozilla Thunderbird 128.9.2 bsc1241277 CVE-2025-3522: Leak of hashed Window credentials via crafted attachment URL CVE-2025-2830: Information Disclosure of /tmp directory listing CVE-2025-3523: User Interface UI Misrepresentation of...
Security update for libxslt
This update for libxslt fixes the following issues: CVE-2025-24855: Fix use-after-free of XPath context node bsc1239625 CVE-2024-55549: Fix UAF related to excluded namespaces bsc1239637 CVE-2023-40403: Make generate-id deterministic bsc1238591 Patch Instructions: To install this SUSE update use t...
Security update for git
This update for git fixes the following issues: CVE-2024-50349: Passwords for trusted sites could be sent to untrusted sites bsc1235600. CVE-2024-52006: Carriage Returns via the credential protocol to credential helpers bsc1235601. Patch Instructions: To install this SUSE update use the SUSE...
Security update for libxml2
This update for libxml2 fixes the following issues: CVE-2024-56171: Fixed use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c bsc1237363 CVE-2025-24928: Fixed stack-based buffer overflow in xmlSnprintfElements in valid.c bsc1237370 CVE-2025-27113: Fixed...
Security update for erlang
This update for erlang fixes the following issues: CVE-2025-32433: Fixed unauthenticated remote code execution in Erlang/OTP SSH bsc1241300 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can...
Security update for docker-stable
This update for docker-stable fixes the following issues: CVE-2025-0495: buildx: Fixed credential leakage to telemetry endpoints when credentials allowed to be set as attribute values in cache-to/cache-from configuration bsc1239765 Other fixes: Update to docker-buildx v0.22.0. Disable transparent...
Security update for haproxy
This update for haproxy fixes the following issues: CVE-2025-32464: Fixed heap-based buffer overflow in sampleconvregsub. bsc1240971 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run th...
Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: Update to version 2.48.1 CVE-2024-54551: improper memory handling may lead to a denial-of-service when processing certain web content bsc1240962 CVE-2025-24208: permissions issue may lead to a cross-site scripting attack when loading a...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_3
This update for kernel-livepatch-MICRO-6-0-RTUpdate3 fixes the following issues: CVE-2024-45016: Fixed netem: fix return value if duplicate enqueue fails bsc1230998 CVE-2024-47684: Fixed tcp: check skb is non-NULL in tcprtodeltaus bsc1231993 CVE-2024-50302: Fixed HID: core: zero-initialize the...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_2
This update for kernel-livepatch-MICRO-6-0-RTUpdate2 fixes the following issues: CVE-2024-57882: Fixed mptcp: fix TCP options overflow. bsc1235916 CVE-2024-46818: Fixed drm/amd/display: check gpioid before used as array index bsc1231204 CVE-2024-46815: Fixed drm/amd/display: check numvalidsets...
Security update for mozjs52
This update for mozjs52 fixes the following issues: CVE-2024-56431: Fixed a negative shift in huffdec.c bsc1234837. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed...
Security update for mozjs52
This update for mozjs52 fixes the following issues: CVE-2024-56431: Fixed a negative shift in huffdec.c bsc1234837. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed...
Security update for the Linux Kernel (Live Patch 52 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059188 fixes several issues. The following security issues were fixed: CVE-2022-49563: crypto: qat - add param check for RSA bsc1238788. CVE-2022-49564: crypto: qat - add param check for DH bsc1238790. CVE-2024-56600: net: inet6: do not leave a danglin...
Security update for the Linux Kernel (Live Patch 61 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122231 fixes several issues. The following security issues were fixed: CVE-2022-49014: net: tun: Fix use-after-free in tundetach bsc1232818. CVE-2022-49563: crypto: qat - add param check for RSA bsc1238788. CVE-2022-49564: crypto: qat - add param check for...
Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: Update to version 2.48.1 CVE-2024-54551: improper memory handling may lead to a denial-of-service when processing certain web content bsc1240962 CVE-2025-24208: permissions issue may lead to a cross-site scripting attack when loading a...
Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024119 fixes several issues. The following security issues were fixed: CVE-2024-41090: tap: add missing verification for short frame bsc1228714. CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in inet6create bsc1235218. Patch...
Security update for the Linux Kernel (Live Patch 56 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122216 fixes several issues. The following security issues were fixed: CVE-2022-49014: net: tun: Fix use-after-free in tundetach bsc1232818. CVE-2022-49563: crypto: qat - add param check for RSA bsc1238788. CVE-2022-49564: crypto: qat - add param check for...
Security update for pgadmin4
This update for pgadmin4 fixes the following issues: CVE-2025-27152: axios: Fixed SSRF and creadential leakage due to requests sent to absolute URL even when baseURL is set bsc1239308 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for govulncheck-vulndb
This update for govulncheck-vulndb fixes the following issues: Update to version 0.0.20250409T170536 2025-04-09T17:05:36Z jscPED-11136 GO-2025-3591 GO-2025-3594 GO-2025-3598 GO-2025-3599 Update to version 0.0.20250408T210408 2025-04-08T21:04:08Z jscPED-11136 GO-2025-3553 GO-2025-3563 Patch...
Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506002314 fixes several issues. The following security issues were fixed: CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in inet6create bsc1235218. CVE-2024-41090: tap: add missing verification for short frame bsc1228714. Patch Instructions:...
Security update for expat
This update for expat fixes the following issues: CVE-2024-8176: Fixed denial of service from chaining a large number of entities caused by stack overflow by resolving use of recursion bsc1239618 Other fixes: - version update to 2.7.1 jscPED-12500 Bug fixes: 980 989 Restore event pointer behavior...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-52927: netfilter: allow exp not to be removed in nfctfindexpectation bsc1239644. CVE-2024-35910: tcp: properly terminate timers for kernel sockets bsc1224489...
Security update for go1.24
This update for go1.24 fixes the following issues: Update to go1.24.2 CVE-2025-22871: Fix an issue with request smuggling through invalid chunked data. bsc1240550 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: CVE-2024-44192: Fixed unexpected process crash due to processing maliciously crafted web content bsc1239863 CVE-2024-54467: Fixed information disclosure via data cross-origin exfiltration due to a cookie management issue bsc1239864 Other...
Security update for apparmor
This update for apparmor fixes the following issue: Allow dovecot-auth to execute unix check password from /sbin, not only from /usr/bin bsc1234452. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternativel...
Security update for openvpn
This update for openvpn fixes the following issues: CVE-2024-5594: Fixed incorrect handling of null bytes and invalid characters in control messages bsc1235147 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for ghostscript
This update for ghostscript fixes the following issues: CVE-2025-27831: Fixed text buffer overflow in DOCXWRITE TXTWRITE device via long characters to devices/vector/doccommon.c bsc1240075 CVE-2025-27832: Fixed compression buffer overflow in NPDL device for contrib/japanese/gdevnpdl.c bsc1240077...
Security update for the Linux Kernel (Live Patch 47 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059170 fixes several issues. The following security issues were fixed: CVE-2022-49025: net/mlx5e: Fix use-after-free when reverting termination table bsc1233023. CVE-2024-41062: Sync sock recv cb and release bsc1228578. CVE-2022-48791: Fix use-after-fr...
Security update for the Linux Kernel (Live Patch 49 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059179 fixes one issue. The following security issue was fixed: CVE-2022-49025: net/mlx5e: Fix use-after-free when reverting termination table bsc1233023. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods lik...
Security update for ghostscript
This update for ghostscript fixes the following issues: CVE-2025-27831: Fixed text buffer overflow in DOCXWRITE TXTWRITE device via long characters to devices/vector/doccommon.c bsc1240075 CVE-2025-27832: Fixed compression buffer overflow in NPDL device for contrib/japanese/gdevnpdl.c bsc1240077...
Security update for openvpn
This update for openvpn fixes the following issues: CVE-2024-5594: Fixed handling of null bytes and invalid characters in control messages bsc1235147. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for apparmor
This update for apparmor fixes the following issues: Allow dovecot-auth to execute unix check password from /sbin, not only from /usr/bin bsc1234452. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternative...
Security update for the Linux Kernel RT (Live Patch 7 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506001023 fixes one issue. The following security issue was fixed: CVE-2024-57882: mptcp: fix TCP options overflow. bsc1235916. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506008 fixes several issues. The following security issues were fixed: CVE-2024-57882: mptcp: fix TCP options overflow. bsc1235916. CVE-2024-41062: Sync sock recv cb and release bsc1228578. Patch Instructions: To install this SUSE update use the SUSE...
Security update for ucode-intel
This update for ucode-intel fixes the following issues: Intel CPU Microcode was updated to the 20250211 release bsc1237096 Security updates for INTEL-SA-01166 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01166.html CVE-2024-31068: Improper Finite State Machines FSMs i...
Security update for libsoup
This update for libsoup fixes the following issues: CVE-2024-52530: strictly don't allow NUL bytes in headers bsc1233285 glgoGNOME/libsoup377. CVE-2024-52532: websocket: Process the frame as soon as we read data bsc1233287 glgoGNOME/libsoup391. CVE-2024-52531: be more robust against invalid input...
Security update for python3
This update for python3 fixes the following issues: CVE-2024-11168: Fixed improper validation of IPv6 and IPvFuture addresses bsc1233307. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can r...