Security update for giflib

This update for giflib fixes the following issue CVE-2026-26740: heap out-of-bounds read when processing a specially crafted GIF file containing a GCE block with a truncated extension byte count bsc1259836. Patch Instructions: To install this SUSE update use the SUSE recommended installation...

Security update for giflib

This update for giflib fixes the following issue CVE-2026-26740: heap out-of-bounds read when processing a specially crafted GIF file containing a GCE block with a truncated extension byte count bsc1259836. Patch Instructions: To install this SUSE update use the SUSE recommended installation...

Security update for google-osconfig-agent

This update for google-osconfig-agent fixes the following issues: CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2: path pseudo- header bsc1260264. CVE-2026-39821: Update golang.org/x/net/idna dependency bsc1266603. CVE-2026-39827: Update...

Security update for python, python-base, python-doc

This update for python, python-base, python-doc fixes the following issues Security fixes: CVE-2026-1703: files may be extracted outside the installation directory when installing and extracting maliciously crafted wheel archives bsc1257599. CVE-2026-3219: pip doesn't reject concatenated ZIP...

Security update for exiv2

This update for exiv2 fixes the following issues CVE-2025-54080: out-of-bounds read in Exiv2::EpsImage::writeMetadata when writing metadata into a crafted image file bsc1248962. CVE-2026-25884: out-of-bounds read in CrwMap::decode0x0805 bsc1259083. CVE-2026-27596: integer overflow in...

Security update for openssl-3-livepatches

This update for openssl-3-livepatches fixes the following issues CVE-2025-11187: Improper validation of PBMAC1 parameters in PKCS12 MAC verification bsc1256878. CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing bsc1256876. CVE-2025-15468: NULL dereference in SSLCIPHERfind...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs bsc1266290. CVE-2025-68324: scsi: imm: Fix use-after-free bug caused by unfinished delayed work...

Security update for clamav

This update for clamav fixes the following issues: Update to clamav 1.5.2: Security issue: CVE-2026-20031: improper error handling in the HTML CSS module when splitting UTF-8 strings can lead to denial of service conditions via a crafted HTML file bsc1259207. Non security issue: Support...

Security update for opensc

This update for opensc fixes the following issues CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device responses bsc1261214. CVE-2025-66037: crafted input can cause an out-of-bounds read bsc1261218. CVE-2025-66038: improper compact-TLV length validation can lead to crash or...

Security update for python36

This update for python36 fixes the following issues: CVE-2026-3446: Base64 decoding stops at first padded quad by default bsc1261970. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run t...

Security update for libsoup2

This update for libsoup2 fixes the following issue CVE-2026-1801: HTTP Request Smuggling in soupfilterinputstreamreadline bsc1257649. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run t...

Security update for util-linux

This update for util-linux fixes the following issue CVE-2026-27456: TOCTOU in the mount program when setting up loop devices bsc1261606. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can r...

Security update for haproxy

This update for haproxy fixes the following issues CVE-2026-55203: integer overflow vulnerability in the fcgiconn structure's drl field that allows buffer misparse as new FCGI record headers bsc1268557. CVE-2026-55204: null pointer dereference vulnerability in hpackdhtinsert within src/hpack-tbl....

Security update for haproxy

This update for haproxy fixes the following issues CVE-2026-55203: integer overflow vulnerability in the fcgiconn structure's drl field that allows buffer misparse as new FCGI record headers bsc1268557. CVE-2026-55204: null pointer dereference vulnerability in hpackdhtinsert within src/hpack-tbl....

Security update for openssl-3

This update for openssl-3 fixes the following issues CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion bsc1266340. CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption bsc1266341. CVE-2026-34180: Heap Buffer Over-read in ASN.1 Content Parsing...

Security update for nodejs22

This update for nodejs22 fixes the following issues Update to 22.23.0: CVE-2026-6733: undici: Undici: Response queue poisoning on reused keep-alive sockets can lead to incorrect response delivery bsc1268479. CVE-2026-9496: pacote: excessive CPU consumption in addGitSha when processing a specially...

Security update for dovecot22

This update for dovecot22 fixes the following issues CVE-2026-33603: login: base64 input can contain tabs that bypass IPC protection bsc1265147. CVE-2026-40020: IMAP folders can be shared-spammed to everyone bsc1265149. CVE-2026-42006: imap-login: uncontrolled memory usage with excessive bracing...

Security update for frr

This update for frr fixes the following issues CVE-2026-28532: Denial of Service due to integer overflow in OSPF TLV parser functions bsc1263859. CVE-2026-37457: An off-by-one out-of-bounds write vulnerability in the bgpflowspecopdecode function bgpd/bgpflowspecutil.c of FRRouting FRR stable/10.0...

Security update for aws-iam-authenticator

This update for aws-iam-authenticator fixes the following issues CVE-2022-1996: CORS bypass bsc1200528. CVE-2022-2385: aws-iam-authenticator AccessKeyID validation bypass bsc1201395. CVE-2024-39689: remove root certificates from GLOBALTRUST from the root store. CVE-2025-47910: net/http:...

Security update for apache-commons-configuration2, apache-commons-text

This update for apache-commons-configuration2, apache-commons-text fixes the following issues CVE-2026-45205: uncontrolled recursion leads to StackOverflowError when processing specially crafted configuration files bsc1265299. Changes for apache-commons-configuration2: Upgrade to version 2.15.0:...

Security update for apache2

This update for apache2 fixes the following issues Update to 2.4.66 jscPED-16334: Security issues: CVE-2026-23918: http2: double free and possible RCE on early reset bsc1263957. CVE-2026-24072: modrewrite elevation of privileges via apexpr bsc1263935. CVE-2026-28780: heap buffer overflow in...

Security update for containerd

This update for containerd fixes the following issues CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2 :path pseudo- header bsc1260296. CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZ...

Security update for containerd

This update for containerd fixes the following issues CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2 :path pseudo- header bsc1260296. CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZ...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs bsc1266290. CVE-2025-68324: scsi: imm: Fix use-after-free bug caused by unfinished delayed work...

Security update for podman

This update for podman fixes the following issues CVE-2026-34986: github.com/go-jose/go-jose/v4,github.com/go-jose/go-jose/v3: crafted JWE input with a missing encrypted key can lead to a denial of service bsc1262856. CVE-2026-39829,CVE-2026-39830,CVE-2026-42508,CVE-2026-46598:...

Security update for python-pip

This update for python-pip fixes the following issues CVE-2026-3219: pip doesn't reject concatenated ZIP bsc1262429. CVE-2026-6357: pip self-update functionality can import newly installed modules after wheel installation bsc1263442. CVE-2026-8643: path traversal via malicious entry point name in...

Security update for nodejs24

This update for nodejs24 fixes the following issues Update to 24.17.0: CVE-2026-2581: undici: Undici: Denial of Service due to uncontrolled resource consumption bsc1268480. CVE-2026-6733: undici: Undici: Response queue poisoning on reused keep-alive sockets can lead to incorrect response delivery...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs bsc1266290. CVE-2025-68324: scsi: imm: Fix use-after-free bug caused by unfinished delayed work...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs bsc1266290. CVE-2025-68324: scsi: imm: Fix use-after-free bug caused by unfinished delayed work...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs bsc1266290. CVE-2025-68324: scsi: imm: Fix use-after-free bug caused by unfinished delayed work...

Security update for libzypp

This update for libzypp fixes the following issue CVE-2026-25707: Handcrafted repo metadata may cause arbitrary local files to be overwritten bsc1259802. CVE-2026-44942: Fixed possible path traversal attacks via .repo files 'path=' entries bsc1267874. Special Instructions and Notes: Patch...

Security update for python-PyJWT

This update for python-PyJWT fixes the following issues CVE-2026-48522: PyJWKClient passes URI arguments directly to urllib.request.urlopen and allows for SSRF and token forgery bsc1266798. CVE-2026-48523: verifier-side algorithm allow-list bypass when jwt.decode or jwt.decodecomplete are called...

Security update for python-PyJWT

This update for python-PyJWT fixes the following issues CVE-2026-48522: PyJWKClient passes URI arguments directly to urllib.request.urlopen and allows for SSRF and token forgery bsc1266798. CVE-2026-48523: verifier-side algorithm allow-list bypass when jwt.decode or jwt.decodecomplete are called...

Security update for GraphicsMagick

This update for GraphicsMagick fixes the following issue CVE-2026-46523: heap-use-after-free via a crafted MSL image bsc1268125. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...

Security update for java-1_8_0-openjdk

This update for java-180-openjdk fixes the following issues Update to version jdk8u492: Security issues: CVE-2026-22007: APIs in the specified component can lead to an unauthorized read access bsc1262490. CVE-2026-22013: unauthenticated attacker with network access can access to critical data...

Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues Update to version 2.52.4: CVE-2026-28847: processing maliciously crafted web content may lead to an unexpected process crash or arbitrary code execution due to a heap buffer overflow bsc1267506. CVE-2026-28883: processing maliciously crafted...

Security update for libheif

This update for libheif fixes the following issues Update to 1.23.0: CVE-2025-68431: heap buffer over-read in HeifPixelImage: overlay via crafted HEIF that exercises the overlay image item bsc1255735. CVE-2026-3950: manipulation of the component stsz/stts can lead to out-of-bounds read bsc1259544...

Security update for openssl-1_1-livepatches

This update for openssl-11-livepatches fixes the following issues CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7verify bsc1266357. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can ru...

Security update for iproute2

This update for iproute2 fixes the following issue CVE-2024-58251: denial of service via terminal escape sequences bsc1254324. Other updates: support display of bound but unconnected sockets bsc1204562 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods...

Security update for libpng15

This update for libpng15 fixes the following issues Security issues: CVE-2025-64720: buffer overflow in pngimagereadcomposite via incorrect palette premultiplication bsc1254159. Non security issue: version update to 1.5.30 jscPED-16191. Changes for libpng15: Replaced "unexpected" with an integer ...

Security update for bind

This update for bind fixes the following issues: CVE-2026-3592: Amplification vulnerabilities via self-pointed glue records bsc1265592. CVE-2026-3039: BIND 9 server memory exhaustion during GSS-API TKEY negotiation bsc1265591. CVE-2026-5946: Invalid handling of CLASS != IN bsc1265594. Patch...

Security update for bind

This update for bind fixes the following issues: CVE-2026-3592: Amplification vulnerabilities via self-pointed glue records bsc1265592. CVE-2026-3039: BIND 9 server memory exhaustion during GSS-API TKEY negotiation bsc1265591. CVE-2026-5946: Invalid handling of CLASS != IN bsc1265594. Patch...

Security update for tar

This update for tar fixes the following issues: Upgrade tar to version 1.34 jscPED-16073. Security issues fixed: CVE-2025-45582: file overwrite via directory traversal in crafted TAR archives bsc1246399. Other updates and bugfixes: Changes from 1.28: New --one-top-level option: extract all files...

Security update for openssl-1_1

This update for openssl-11 fixes the following issues: CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7verify bsc1266357. CVE-2026-42766: Possible NULL Dereference in Password-Based CMS Decryption bsc1266349. CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption bsc1266341...

Security update for xen

This update for xen fixes the following issues CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264066. CVE-2026-42487: x86 HVM I/O port list traversal bsc1266952. CVE-2026-42488: x86: mismatched mapcache metadata bsc1266955. CVE-2026-42489,CVE-2026-42490: domctl lock open to abuse...

Security update for google-guest-agent

This update for google-guest-agent fixes the following issues Security issues: CVE-2026-39821: Update golang.org/x/net/idna dependency bsc1266603. CVE-2026-39827: Update golang.org/x/crypto dependency bsc1266171. CVE-2026-39828: Update golang.org/x/crypto dependency bsc1266171. CVE-2026-39829:...

Security update for google-osconfig-agent

This update for google-osconfig-agent fixes the following issue CVE-2026-33186: Update google.golang.org/grpc dependency bsc1260264. CVE-2026-39821: Update golang.org/x/net/idna dependency bsc1266603. CVE-2026-39827: Update golang.org/x/crypto dependency bsc1266171. CVE-2026-39828: Update...

Security update for the Linux Kernel (Live Patch 11 for SUSE Linux Enterprise 15 SP6)

This update for the SUSE Linux Enterprise Kernel 6.4.0-150600.23.50 fixes various security issues The following security issues were fixed: CVE-2026-23278: netfilter: nftables: always walk all pending catchall elements bsc1260907. CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cac...

Security update for apptainer

This update for apptainer fixes the following issues CVE-2026-24137: github.com/sigstore/sigstore/pkg/tuf: legacy TUF client allows for arbitrary file writes with target cache path traversal bsc1264177. CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the...

Security update for the Linux Kernel (Live Patch 24 for SUSE Linux Enterprise 15 SP6)

This update for the SUSE Linux Enterprise Kernel 6.4.0-150600.23.103 fixes various security issues The following security issues were fixed: CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache bsc1261640. CVE-2026-31504: net: fix fanout UAF in packetrelease via NETDEVUP race...