5111 matches found
Security update for pcp
This update for pcp fixes the following issues: pcp was updated from version 5.2.5 to version 6.2.0 jscPED-8192, jscPED-8389: Security issues fixed: CVE-2024-45770: Fixed a symlink attack that allows escalating from the pcp to the root user bsc1230552 CVE-2024-45769: Fixed a heap corruption throu...
Security update for the Linux Kernel (Live Patch 41 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059150 fixes several issues. The following security issues were fixed: CVE-2021-47598: schcake: do not call cakedestroy from cakeinit bsc1227471. CVE-2023-52752: smb: client: fix use-after-free bug in cifsdebugdataprocshow bsc1225819. CVE-2024-35862:...
Security update for the Linux Kernel (Live Patch 41 for SLE 15 SP2)
This update for the Linux Kernel 5.3.18-15020024166 fixes several issues. The following security issues were fixed: CVE-2021-47600: dm btree remove: fix use after free in rebalancechildren bsc1227472. CVE-2021-47598: schcake: do not call cakedestroy from cakeinit bsc1227471. CVE-2023-52752: smb:...
Security update for the Linux Kernel (Live Patch 27 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024122 fixes several issues. The following security issues were fixed: CVE-2021-47598: schcake: do not call cakedestroy from cakeinit bsc1227471. CVE-2023-52752: smb: client: fix use-after-free bug in cifsdebugdataprocshow bsc1225819. CVE-2024-35862:...
Security update for the Linux Kernel (Live Patch 46 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059167 fixes several issues. The following security issues were fixed: CVE-2021-47598: schcake: do not call cakedestroy from cakeinit bsc1227471. CVE-2021-47291: ipv6: fix another slab-out-of-bounds in fib6nhflushexceptions bsc1227651. CVE-2024-41059:...
Security update for the Linux Kernel (Live Patch 21 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024100 fixes several issues. The following security issues were fixed: CVE-2021-47598: schcake: do not call cakedestroy from cakeinit bsc1227471. CVE-2024-35863: Fixed potential UAF in isvalidoplockbreak bsc1225011. CVE-2023-52752: smb: client: fix...
Security update for the Linux Kernel RT (Live Patch 2 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-150600108 fixes one issue. The following security issue was fixed: CVE-2023-52752: smb: client: fix use-after-free bug in cifsdebugdataprocshow bsc1225819. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaS...
Security update for the Linux Kernel (Live Patch 45 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059164 fixes several issues. The following security issues were fixed: CVE-2021-47598: schcake: do not call cakedestroy from cakeinit bsc1227471. CVE-2023-52752: smb: client: fix use-after-free bug in cifsdebugdataprocshow bsc1225819. CVE-2024-35862:...
Security update for go1.23-openssl
This update for go1.23-openssl fixes the following issues: This update ships go1.23-openssl version 1.23.2.2. jscSLE-18320 go1.23.2 released 2024-10-01 includes fixes to the compiler, cgo, the runtime, and the maps, os, os/exec, time, and unique packages. go69119 os: double close pidfd if caller...
Security update for go1.22-openssl
This update for go1.22-openssl fixes the following issues: This update ships go1.22-openssl 1.22.7.1 jscSLE-18320 Update to version 1.22.7.1 cut from the go1.22-fips-release branch at the revision tagged go1.22.7-1-openssl-fips. Update to Go 1.22.7 229 go1.22.7 released 2024-09-05 includes securi...
Security update for pgadmin4
This update for pgadmin4 fixes the following issues: CVE-2024-38355: Fixed socket.io: unhandled 'error' event bsc1226967 CVE-2024-38998: Fixed requirejs: prototype pollution via function config bsc1227248 CVE-2024-38999: Fixed requirejs: prototype pollution via function s.contexts..configure...
Security update for libgsf
This update for libgsf fixes the following issues: CVE-2016-9888: Fixed null pointer dereference with corrupted tar files bsc1014609 CVE-2024-36474: Fixed out-of-bounds index when processing a directory via an integer overflow in the compound document binary file format parser bsc1231282...
Security update for the Linux Kernel (Live Patch 50 for SLE 15 SP2)
This update for the Linux Kernel 5.3.18-15020024197 fixes several issues. The following security issues were fixed: CVE-2021-47600: dm btree remove: fix use after free in rebalancechildren bsc1227472. CVE-2021-47598: schcake: do not call cakedestroy from cakeinit bsc1227471. CVE-2021-47291: ipv6:...
Security update for the Linux Kernel (Live Patch 44 for SLE 15 SP2)
This update for the Linux Kernel 5.3.18-15020024175 fixes several issues. The following security issues were fixed: CVE-2021-47600: dm btree remove: fix use after free in rebalancechildren bsc1227472. CVE-2021-47598: schcake: do not call cakedestroy from cakeinit bsc1227471. CVE-2023-52752: smb:...
Security update for openssl-3
This update for openssl-3 fixes the following issues: CVE-2023-50782: Implicit rejection in PKCS1 v1.5 bsc1220262 CVE-2024-41996: Avoid expensive public key validation for known safe-prime groups DHEATATTACK bsc1230698 Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for openssl-1_1
This update for openssl-11 fixes the following issues: CVE-2023-50782: Implicit rejection in PKCS1 v1.5 bsc1220262 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed f...
Security update for the Linux Kernel RT (Live Patch 3 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506001011 fixes one issue. The following security issue was fixed: CVE-2023-52752: smb: client: fix use-after-free bug in cifsdebugdataprocshow bsc1225819. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like Ya...
Security update for python3
This update for python3 fixes the following issues: Security fixes: CVE-2024-9287: properly quote path names provided when creating a virtual environment bsc1232241 Other fixes: Drop .pyc files from docdir for reproducible builds bsc1230906 Patch Instructions: To install this SUSE update use the...
Security update for openssl-1_1
This update for openssl-11 fixes the following issues: CVE-2023-50782: Implicit rejection in PKCS1 v1.5 bsc1220262 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed f...
Security update for postgresql16
This update for postgresql16 fixes the following issues: Upgrade to 16.4 bsc1229013 CVE-2024-7348: PostgreSQL relation replacement during pgdump executes arbitrary SQL. bsc1229013 CVE-2024-4317: Restrict visibility of pgstatsext and pgstatsextexprs entries to the table owner. See the release note...
Security update for cups-filters
This update for cups-filters fixes the following issues: CVE-2024-47850: Fixed cups-browsed can be abused to initiate remote DDoS against third-party targets bsc1231294 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for go1.21-openssl
This update for go1.21-openssl fixes the following issues: CVE-2024-24791: Fixed denial of service due to improper 100-continue handling bsc1227314 CVE-2024-24789: Fixed mishandling of corrupt central directory record in archive/zip bsc1225973 CVE-2024-24790: Fixed unexpected behavior from Is...
Security update for buildah
This update for buildah fixes the following issues: CVE-2024-9676: Fixed symlink traversal vulnerability in the containers/storage library that could cause Denial of Service DoS bsc1231698 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for podman
This update for podman fixes the following issues: CVE-2024-9676: Fixed symlink traversal vulnerability in the containers/storage library that could cause Denial of Service DoS bsc1231698 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: Update to version 2.46.0 bsc1231039. CVE-2024-40866 CVE-2024-44187 Already fixed in version 2.44.3: CVE-2024-27838 CVE-2024-27851 Already fixed in version 2.44.2: CVE-2024-27834 CVE-2024-27808 CVE-2024-27820 CVE-2024-27833 Already fixed in...
Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: Update to version 2.46.0 bsc1231039. CVE-2024-40866 CVE-2024-44187 Already fixed in version 2.44.3: CVE-2024-4558 CVE-2024-27838 CVE-2024-27851 Already fixed in version 2.44.2: CVE-2024-27834 CVE-2024-27808 CVE-2024-27820 CVE-2024-27833...
Security update for apache2
This update for apache2 fixes the following issues: CVE-2024-40725: Fixed source code disclosure of local content bsc1228097 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the comman...
Security update for python-pyOpenSSL
This update for python-pyOpenSSL fixes the following issues: Fixed error caused by a regression in fix for CVE-2018-1000807 bsc1231700 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run...
Security update for cargo-c
This update for cargo-c fixes the following issues: Security fixes: CVE-2024-45405: Fixed gix-path improper path resolution bsc1230683 Other fixes: Update to version 0.10.3git0.ee7d7ef: Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for protobuf
This update for protobuf fixes the following issues: CVE-2024-7254: Fixed stack overflow vulnerability in Protocol Buffer bsc1230778 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run th...
Security update for protobuf
This update for protobuf fixes the following issues: CVE-2024-7254: Fixed stack overflow vulnerability in Protocol Buffer bsc1230778 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run th...
Security update for protobuf
This update for protobuf fixes the following issues: CVE-2024-7254: Fixed stack overflow vulnerability in Protocol Buffer bsc1230778 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run th...
Security update for qemu
This update for qemu fixes the following issues: Security fixes: CVE-2024-8354: Fixed assertion failure in usbepget bsc1230834 CVE-2024-8612: Fixed information leak in virtio devices bsc1230915 Update version to 8.2.7: Security fixes: CVE-2024-7409: Fixed denial of service via improper...
Security update for apache2
This update for apache2 fixes the following issues: CVE-2024-40725: Fixed source code disclosure of local content bsc1228097 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the comman...
Security update for podman
This update for podman fixes the following issues: CVE-2024-9675: Fixed cache arbitrary directory mount bsc1231499. CVE-2024-9407: Fixed improper Input Validation in bind-propagation Option of Dockerfile RUN --mount Instruction bsc1231208. The following non-security bug was fixed: rootless ipv6...
Security update for php7
This update for php7 fixes the following issues: CVE-2024-8925: Fixed erroneous parsing of multipart form data in HTTP POST requests leads to legitimate data not being processed bsc1231360 CVE-2024-8927: Fixed cgi.forceredirect configuration is bypassable due to an environment variable collision...
Security update for php74
This update for php74 fixes the following issues: CVE-2024-8925: Fixed erroneous parsing of multipart form data in HTTP POST requests leads to legitimate data not being processed bsc1231360 CVE-2024-8927: Fixed cgi.forceredirect configuration is bypassable due to an environment variable collision...
Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issues: Update to Mozilla Thunderbird 128.3.1 MFSA 2024-52, bsc1231413: CVE-2024-9680: Fixed use-after-free in Animation timeline bmo1923344 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like Ya...
Security update for php8
This update for php8 fixes the following issues: Update to php 8.2.24: CVE-2024-8925: Fixed erroneous parsing of multipart form data in HTTP POST requests leads to legitimate data not being processed bsc1231360 CVE-2024-8927: Fixed cgi.forceredirect configuration is bypassable due to an environme...
Security update for buildah
This update for buildah fixes the following issues: CVE-2024-9675: Fixed arbitrary cache directory mount bsc1231499 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed...
Security update for jetty-minimal
This update for jetty-minimal fixes the following issues: CVE-2024-8184: Fixed remote denial-of-service in ThreadLimitHandler.getRemote bsc1231651. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...
Security update for python-starlette
This update for python-starlette fixes the following issues: CVE-2024-47874: Fixed possible DoS via parts size in multipart/form-data requests bsc1231689 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for OpenIPMI
This update for OpenIPMI fixes the following issues: CVE-2024-42934: Fixed missing check on the authorization type on incoming LAN messages in IPMI simulator bsc1229910 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for cups-filters
This update for cups-filters fixes the following issues: cups-browsed would bind on UDP INADDRANY:631 and trust any packet from any source to trigger a Get-Printer-Attributes IPP request to an attacker controlled URL. This patch removes support for the legacy CUPS and LDAP protocols, the previous...
Security update for the Linux Kernel (Live Patch 14 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005565 fixes several issues. The following security issues were fixed: CVE-2024-35861: Fixed potential UAF in cifssignalcifsdforreconnect bsc1225312. CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfochangednotify bsc1225739. CVE-2024-40954:...
Security update for the Linux Kernel (Live Patch 7 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005536 fixes several issues. The following security issues were fixed: CVE-2024-35861: Fixed potential UAF in cifssignalcifsdforreconnect bsc1225312. CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfochangednotify bsc1225739. CVE-2024-40954:...
Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506002317 fixes several issues. The following security issues were fixed: CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails bsc1227808 CVE-2024-40909: bpf: Fix a potential use-after-free in bpflinkfree bsc1228349. Patch...
Security update for the Linux Kernel (Live Patch 28 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024125 fixes several issues. The following security issues were fixed: CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails bsc1227808 CVE-2024-41059: hfsplus: fix uninit-value in copyname bsc1228573. Patch Instructions:...
Security update for the Linux Kernel (Live Patch 46 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059167 fixes several issues. The following security issues were fixed: CVE-2021-47291: ipv6: fix another slab-out-of-bounds in fib6nhflushexceptions bsc1227651. CVE-2024-41059: hfsplus: fix uninit-value in copyname bsc1228573. Patch Instructions: To...
Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005568 fixes several issues. The following security issues were fixed: CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfochangednotify bsc1225739. CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails bsc1227808...