5373 matches found
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 kernel was updated to fix the following issue: Security issues fixed: CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264449. CVE-2026-43500: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present bsc1264450. CVE-2025-5451...
Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise 15 SP7)
This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.53.34 fixes one security issue The following security issue was fixed: CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264459. Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for the Linux Kernel
The SUSE Linux Enterprise 12 SP5 kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-54518: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache bsc1264013. CVE-2026-46300: net: skbuff: propagate shared-frag marker through...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP4 RT kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-54518: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache bsc1264013. CVE-2026-46300: net: skbuff: propagate shared-frag marker...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-54518: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache bsc1264013. CVE-2026-46300: net: skbuff: propagate shared-frag marker...
Security update for the Linux Kernel (Live Patch 5 for SUSE Linux Enterprise 15 SP7)
This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.53.19 fixes one security issue The following security issue was fixed: CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264459. Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for the Linux Kernel (Live Patch 12 for SUSE Linux Enterprise 15 SP7)
This update for the SUSE Linux Enterprise Kernel 6.4.0-53.40 fixes one security issue The following security issue was fixed: CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264459. Patch Instructions: To install this SUSE update use the SUSE recommended installation...
Security update for firewalld
This update for firewalld fixes the following issue: CVE-2026-4948: local unprivileged users can modify the runtime firewall state without proper authentication due to D-Bus setter mis-authorizations bsc1260903. Patch Instructions: To install this SUSE update use the SUSE recommended installation...
Security update for openvswitch
This update for openvswitch fixes the following issue: CVE-2026-34956: Invalid memory access in conntrack FTP alg bsc1261273. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the comma...
Security update for mozjs115
This update for mozjs115 fixes the following issues CVE-2026-32776: libexpat: NULL pointer dereference when processing empty external parameter entities inside an entity declaration value bsc1259728. CVE-2026-32777: libexpat: denial of service due to infinite loop in DTD content parsing bsc125971...
Security update for firebird
This update for firebird fixes the following issues CVE-2025-65104: Information leak vulnerability in firebird3 client when used with newer = 4 server bsc1262330. CVE-2026-27890: Pre-Auth DOS bsc1262328. CVE-2026-28212: One packet DoS bsc1262329. CVE-2026-28214: Server hangs when using specific...
Security update for go1.25
This update for go1.25 fixes the following issues Security issues: CVE-2026-33811: net: crash when handling long CNAME response bsc1264508. CVE-2026-33814: net/http: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1264506. CVE-2026-39817: cmd/go: "go tool pack" does not...
Security update for go1.26
This update for go1.26 fixes the following issues Security issues: CVE-2026-33811: net: crash when handling long CNAME response bsc1264508. CVE-2026-33814: net/http: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1264506. CVE-2026-39817: cmd/go: "go tool pack" does not...
Security update for the Linux Kernel RT (Live Patch 12 for SUSE Linux Enterprise 15 SP7)
This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.7.40 fixes one security issue The following security issue was fixed: CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264459. Patch Instructions: To install this SUSE update use the SUSE recommended installati...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP4 kernel was updated to fix one issue CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264449. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE update use the SUS...
Security update for Mesa
This update for Mesa fixes the following issue: CVE-2026-40393: out-of-bounds memory access can occur in WebGPU because the amount of to-be-allocated data depends on an untrusted party bsc1261998. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like...
Security update for Mesa
This update for Mesa fixes the following issue: CVE-2026-40393: out-of-bounds memory access can occur in WebGPU because the amount of to-be-allocated data depends on an untrusted party bsc1261998. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like...
Security update for log4j
This update for log4j fixes the following issues: CVE-2026-34477: TLS connections vulnerable to interception due to incomplete hostname verification configuration checks bsc1262050. CVE-2026-34479: silent log event loss due to improper XML escaping in Log4j1XmlLayout bsc1262091. CVE-2026-34480:...
Security update for python-Pillow
This update for python-Pillow fixes the following issue CVE-2026-42310: infinite loop and resource exhaustion when processing specially crafted PDFs bsc1265154. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 kernel was updated to fix the following issue: CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264449. CVE-2026-43500: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present bsc1264450. Special Instructions and Notes: Plea...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 kernel was updated to fix the following issue: CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264449. CVE-2026-43500: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present bsc1264450. Special Instructions and Notes: Plea...
Security update for Mesa
This update for Mesa fixes the following issue: CVE-2026-40393: out-of-bounds memory access can occur in WebGPU because the amount of to-be-allocated data depends on an untrusted party bsc1261998. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like...
Security update for the Linux Kernel (Live Patch 76 for SUSE Linux Enterprise 12 SP5)
This update for the SUSE Linux Enterprise kernel 4.12.14-122.290 fixes various security issues The following security issues were fixed: CVE-2026-23004: dst: fix races in rt6uncachedlistdel and rtdeluncachedlist bsc1258655. CVE-2026-23204: net/sched: clsu32: use skbheaderpointercareful bsc1259126...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP7 RT kernel was updated to fix the following issue: This fixes the DirtyFrag issues: CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264449. CVE-2026-43500: rxrpc and afs modules are disabled bsc1264450 Special Instructions and Notes: Pleas...
Security update for the Linux Kernel
The SUSE Linux Enterprise 11 SP4 kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-38234: sched/rt: Fix race in pushrttask bsc1246057. CVE-2026-23243: RDMA/umad: Reject negative datalen in ibumadwrite bsc1259797. Special Instructions and Notes:...
Security update for the Linux Kernel (Live Patch 11 for SUSE Linux Enterprise 15 SP6)
This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.50 fixes various security issues The following security issues were fixed: CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size bsc1258073. CVE-2025-39977: futex: Prevent use-after-free during...
Security update for the Linux Kernel (Live Patch 11 for SUSE Linux Enterprise 15 SP7)
This update for the SUSE Linux Enterprise kernel 6.4.0-150700.53.37 fixes one security issue The following security issue was fixed: CVE-2026-31431: crypto: algifaead - Revert to operating out-of-place bsc1263689. Patch Instructions: To install this SUSE update use the SUSE recommended installati...
Security update for the Linux Kernel (Live Patch 12 for SUSE Linux Enterprise 15 SP6)
This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.53 fixes various security issues The following security issues were fixed: CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size bsc1258073. CVE-2025-39977: futex: Prevent use-after-free during...
Security update for the Linux Kernel (Live Patch 34 for SUSE Linux Enterprise 15 SP5)
This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.133 fixes various security issues The following security issues were fixed: CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size bsc1258073. CVE-2025-71066: net/sched: ets: Always remove class from...
Security update for the Linux Kernel (Live Patch 41 for SUSE Linux Enterprise 15 SP4)
This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.167 fixes various security issues The following security issues were fixed: CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size bsc1258073. CVE-2025-39977: futex: Prevent use-after-free during...
Security update for the Linux Kernel (Live Patch 71 for SUSE Linux Enterprise 12 SP5)
This update for the SUSE Linux Enterprise kernel 4.12.14-122.269 fixes various security issues The following security issues were fixed: CVE-2026-23004: dst: fix races in rt6uncachedlistdel and rtdeluncachedlist bsc1258655. CVE-2026-23204: net/sched: clsu32: use skbheaderpointercareful bsc1259126...
Security update for the Linux Kernel (Live Patch 69 for SUSE Linux Enterprise 12 SP5)
This update for the SUSE Linux Enterprise kernel 4.12.14-122.261 fixes various security issues The following security issues were fixed: CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size bsc1258073. CVE-2026-23004: dst: fix races in rt6uncachedlistdel and...
Security update for vim
This update for vim fixes the following issue: Security fixes: CVE-2026-39881: command injection in NetBeans interface can lead to arbitrary file reads and writes bsc1261833. Other fixes: Update to 9.2.0398. 9.2.0398: MS-Windows: missing strptime support 9.2.0397: tabpanel: double-click opens a n...
Security update for terraform-provider-aws, terraform-provider-azurerm, terraform-provider-external, terraform-provider-google, terraform-provider-helm, terraform-provider-kubernetes, terraform-provid
This update for terraform-provider-aws, terraform-provider-azurerm, terraform-provider-external, terraform-provider-google, terraform-provider-helm, terraform-provider-kubernetes, terraform-provider-local, terraform-provider-random, terraform-provider-tls fixes the following issues: CVE-2025-2286...
Security update for strongswan
This update for strongswan fixes the following issues: CVE-2026-35329: NULL pointer dereference when processing padding in PKCS7 bsc1261717. CVE-2026-35330: integer underflow when handling EAP-SIM/AKA attributes bsc1261705. CVE-2026-35331: acceptance of certificates violating X.509 name constrain...
Security update for nginx
This update for nginx fixes the following issues: CVE-2026-1642: plain text data injection into the response from an upstream proxied server via MITM attack bsc1257675. CVE-2026-27654: buffer overflow in the NGINX worker process via the ngxhttpdavmodule module bsc1260416. CVE-2026-27784: NGINX...
Security update for freeipmi
This update for freeipmi fixes the following issue: CVE-2026-33554: improper memory handling and data validation can lead to stack buffer overflows and acceptance of malformed payloads/responses bsc1260414. Patch Instructions: To install this SUSE update use the SUSE recommended installation...
Security update for freeipmi
This update for freeipmi fixes the following issue: CVE-2026-33554: improper memory handling and data validation can lead to stack buffer overflows and acceptance of malformed payloads/responses bsc1260414. Patch Instructions: To install this SUSE update use the SUSE recommended installation...
Security update for 389-ds
This update for 389-ds fixes the following issues: Update to version 2.0.20git89.937b1f291. Security issues fixed: CVE-2025-14905: heap buffer overflow due to improper size calculation in schemaattrenumcallback callback bsc1258727. Other updates and bugfixes: Issue 7224 - CI Test - Simplify...
Security update for jetty-minimal
This update for jetty-minimal fixes the following issues: CVE-2026-2332: In Eclipse Jetty, the HTTP/1.1 parser is vulnerable to request smuggling when chunk extensions are used, similar to the "funky chunks" techniques bsc1262115. CVE-2026-5795: Fixed JaspiAuthenticator broken access control...
Security update for librsvg
This update for librsvg fixes the following issue: CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion bsc1257922. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: Update to version 2.52.1. Security issues fixed: CVE-2026-20643: processing maliciously crafted web content may bypass Same Origin Policy bsc1261172. CVE-2026-20664: processing maliciously crafted web content may lead to an unexpected proces...
Security update for the Linux Kernel (Live Patch 30 for SUSE Linux Enterprise 15 SP5)
This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.121 fixes various security issues The following security issues were fixed: CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size bsc1258073. CVE-2025-39977: futex: Prevent use-after-free during...
Security update for rmt-server
This update for rmt-server fixes the following issues: Update to version 2.27. Security issues fixed: CVE-2026-26961: rack: greedy multipart boundary parsing can lead to parser differentials and WAF bypass bsc1261398. CVE-2026-26962: rack: improper unfolding of folded multipart headers can lead t...
Security update for python-pytest
This update for python-pytest fixes the following issue CVE-2025-71176: a TOCTOU race condition can cause a denial of service or possibly gain privileges bsc1257090. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for xen
This update for xen fixes the following issues: Update to Xen 4.20.3 bug fix release bsc1027519 jscPED-8907. CVE-2025-54505: Floating Point Divider State Sampling on AMD CPUs AMD-SN-7053 bsc1262428. CVE-2026-23557: Xenstored DoS via XSRESETWATCHES command bsc1262178. CVE-2026-23558: grant table v...
Security update for mozjs52
This update for mozjs52 fixes the following issues CVE-2026-32776: libexpat: NULL pointer dereference when processing empty external parameter entities inside an entity declaration value bsc1259728. CVE-2026-32777: libexpat: denial of service due to infinite loop in DTD content parsing bsc1259713...
Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issues Updated to Mozilla Thunderbird 140.10.1: MFSA 2026-34 bsc1262230: CVE-2026-6746: Use-after-free in the DOM: Core & HTML component. CVE-2026-6747: Use-after-free in the WebRTC component. CVE-2026-6748: Uninitialized memory in the...
Security update for python-Django
This update for python-Django fixes the following issues CVE-2026-3902: headers spoofing by exploiting an ambiguous mapping of two header variants in ASGIRequest requests bsc1261729. CVE-2026-4277: permissions on inline model instances were not validated on submission of forged POST data in...
Security update for the Linux Kernel (Live Patch 22 for SUSE Linux Enterprise 15 SP6)
This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.95 fixes one security issue The following security issue was fixed: CVE-2026-31431: crypto: algifaead - Revert to operating out-of-place bsc1263689. Patch Instructions: To install this SUSE update use the SUSE recommended installati...