5373 matches found
Security update for kubernetes
This update for kubernetes rebuilds it against the current go 1.25 security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: openSUSE Leap...
Security update for kubernetes-old
This update for kubernetes-old rebuilds it against the current go 1.25 security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: openSUSE...
Security update for rekor
This update for rekor rebuilds it against the current go 1.25 security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: SUSE Linux...
Security update for runc
This update for runc rebuilds it against the current go 1.25 security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: SUSE Linux Enterpri...
Security update for cosign
This update for cosign rebuilds it against the current go 1.25 security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: SUSE Linux...
Security update for container-suseconnect
This update for container-suseconnect rebuilds it against the current go 1.25 security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product:...
Security update for helm
This update for helm fixes the following issues: CVE-2025-55199: crafted JSON Schema can lead to out of memory OOM termination bsc1248093. CVE-2026-35206: files written to unexpected directory via specially crafted Chartbsc1261938. Changes for helm: Update to version 3.20.2 Patch Instructions: To...
Security update for openvswitch
This update for openvswitch fixes the following issues: CVE-2026-34956: invalid memory access via crafted FTP payloads in userspace conntrack flows specifying the FTP alg handler bsc1261273. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for gegl
This update for gegl fixes the following issue: CVE-2026-2049: improper validation of the length of user-supplied data when parsing HDR files can lead to a heap buffer overflow bsc1259749. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for buildah
This update for buildah rebuilds it against the current go 1.25 security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: openSUSE Leap 15...
Security update for gegl
This update for gegl fixes the following issue: CVE-2026-2049: improper validation of the length of user-supplied data when parsing HDR files can lead to a heap buffer overflow bsc1259749. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for nodejs22
This update for nodejs22 fixes the following issues: Update to version 22.22.2. CVE-2026-21717: trivially predictable hash collisions due to flaw in V8's string hashing mechanism allows for performance degradation via a crafted request bsc1260494. CVE-2026-21716: incomplete fix for CVE-2024-36137...
Security update for opensc
This update for opensc fixes the following issues: CVE-2025-49010: specially crafted smart card or USB device can lead to a stack buffer overflow write in GET RESPONSE bsc1261214. CVE-2025-66037: specially crafted input processed by the fuzzpkcs15reader harness can lead to an out-of-bounds heap...
Security update for the Linux Kernel (Live Patch 9 for SUSE Linux Enterprise 15 SP7)
This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.53.31 fixes one security issue The following security issue was fixed: CVE-2026-23268: apparmor: fix unprivileged local user can do privileged policy management bsc1259859. Patch Instructions: To install this SUSE update use the SUSE...
Security update for the Linux Kernel (Live Patch 6 for SUSE Linux Enterprise 15 SP7)
This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.53.22 fixes various security issues The following security issues were fixed: CVE-2025-40309: Bluetooth: SCO: Fix UAF on scoconnfree bsc1255066. CVE-2026-23268: apparmor: fix unprivileged local user can do privileged policy management...
Security update for the Linux Kernel (Live Patch 35 for SUSE Linux Enterprise 15 SP5)
This update for the SUSE Linux Enterprise Kernel 5.14.21-150500.55.136 fixes various security issues The following security issues were fixed: CVE-2026-23191: ALSA: aloop: Fix racy access at PCM trigger bsc1258396. CVE-2026-23268: apparmor: fix unprivileged local user can do privileged policy...
Security update for the Linux Kernel (Live Patch 12 for SUSE Linux Enterprise 15 SP6)
This update for the SUSE Linux Enterprise Kernel 6.4.0-150600.23.53 fixes various security issues The following security issues were fixed: CVE-2025-40309: Bluetooth: SCO: Fix UAF on scoconnfree bsc1255066. CVE-2026-23268: apparmor: fix unprivileged local user can do privileged policy management...
Security update for jetty-minimal
This update for jetty-minimal fixes the following issues: CVE-2025-11143: Fixed different parsing of invalid URIs bsc1259242. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the comma...
Security update for the Linux Kernel (Live Patch 5 for SUSE Linux Enterprise 15 SP7)
This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.53.19 fixes various security issues The following security issues were fixed: CVE-2025-40309: Bluetooth: SCO: Fix UAF on scoconnfree bsc1255066. CVE-2026-23268: apparmor: fix unprivileged local user can do privileged policy management...
Security update for the Linux Kernel (Live Patch 2 for SUSE Linux Enterprise 15 SP7)
This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.53.6 fixes various security issues The following security issues were fixed: CVE-2025-40309: Bluetooth: SCO: Fix UAF on scoconnfree bsc1255066. CVE-2026-23268: apparmor: fix unprivileged local user can do privileged policy management...
Security update for NetworkManager
This update for NetworkManager fixes the following issue: Security fixes: CVE-2025-9615: Fixed non-admin user using others' certificates bsc1257359. Other fixes: Don't renew DHCP lease when software devices' MAC is empty bsc1225498. Patch Instructions: To install this SUSE update use the SUSE...
Security update for avahi
This update for avahi fixes the following issue: CVE-2026-24401: avahi-daemon can be crashed via a segmentation fault by sending an unsolicited mDNS response containing a recursive CNAME record bsc1257235. Patch Instructions: To install this SUSE update use the SUSE recommended installation metho...
Security update for avahi
This update for avahi fixes the following issue: CVE-2026-24401: avahi-daemon can be crashed via a segmentation fault by sending an unsolicited mDNS response containing a recursive CNAME record bsc1257235. Patch Instructions: To install this SUSE update use the SUSE recommended installation metho...
Security update for openvswitch3
This update for openvswitch3 fixes the following issues: CVE-2026-34956: invalid memory access via crafted FTP payloads in userspace conntrack flows specifying the FTP alg handler bsc1261273. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for openvswitch
This update for openvswitch fixes the following issue: Security updates: CVE-2026-34956: Invalid memory access in conntrack FTP alg bsc1261273. Other updates: Update openvswitch to 3.5.4 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for libraw
This update for libraw fixes the following issues: CVE-2026-20911: heap-based buffer overflow in HuffTable::initvalbsc1261673. CVE-2026-21413: heap-based buffer overflow in losslessjpegloadraw bsc1261674. CVE-2026-24660: heap-based buffer overflow in x3floadhuffman bsc1261676. Patch Instructions:...
Security update for python-ecdsa
This update for python-ecdsa fixes the following issues: CVE-2026-33936: issue in the low-level DER parsing functions can cause unexpected exceptions to be raised from the public API functions bsc1261009. Patch Instructions: To install this SUSE update use the SUSE recommended installation method...
Security update for libcap
This update for libcap fixes the following issue: CVE-2026-4878: Address a potential TOCTOU race condition in capsetfile bsc1261809. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run th...
Security update for libcap
This update for libcap fixes the following issue: CVE-2026-4878: Address a potential TOCTOU race condition in capsetfile bsc1261809. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run th...
Security update for gdk-pixbuf
This update for gdk-pixbuf fixes the following issue: CVE-2026-5201: Denial of Service via heap-based buffer overflow when processing a specially crafted JPEG image bsc1261210. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for gdk-pixbuf
This update for gdk-pixbuf fixes the following issue: CVE-2026-5201: Denial of Service via heap-based buffer overflow when processing a specially crafted JPEG image bsc1261210. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for openssl-3
This update for openssl-3 fixes the following issue: CVE-2026-28390: NULL pointer dereference during processing of a crafted CMS EnvelopedData message with KeyTransportRecipientInfo bsc1261678. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for bind
This update for bind fixes the following issues: CVE-2026-1519: high CPU load during insecure delegation validation due to excessive NSEC3 iterations bsc1260805. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for NetworkManager
This update for NetworkManager fixes the following issue: CVE-2025-9615: Fixed non-admin user using others' certificates bsc1257359. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run th...
Security update for polkit
This update for polkit fixes the following issue: CVE-2026-4897: Fixed possible OOM condition via specially crafted input to polkit-agent-helper-1 bsc1260859. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for polkit
This update for polkit fixes the following issue: CVE-2026-4897: Fixed possible OOM condition via specially crafted input to polkit-agent-helper-1 bsc1260859. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for podman
This update for podman rebuilds it against the current go 1.25 security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: openSUSE Leap 15....
Security update for smc-tools
This update for smc-tools fixes the following issue: Update to smc-tools v1.8.7: predictable /tmp file allows for local denial of service bsc1230052. Changelog: Update to v1.8.7: smcrnics: fix regression when PFT not available smcd/smcr: prevent DoS on statistics workfile present in /tmp/ Update ...
Security update for python-CairoSVG
This update for python-CairoSVG fixes the following issue: CVE-2026-31899: denial of service via recursive element amplification bsc1259690. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you ca...
Security update for NetworkManager
This update for NetworkManager fixes the following issues: CVE-2025-9615: non-admin users are allowed to use certificates from other users bsc1257359. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for NetworkManager
This update for NetworkManager fixes the following issues: CVE-2025-9615: non-admin users are allowed to use certificates from other users bsc1257359. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for iproute2
This update for iproute2 fixes the following issue: CVE-2024-58251: denial of service via terminal escape sequences bsc1254324. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for python
This update for python fixes the following issues: CVE-2025-13462: incorrect parsing of TarInfo header when GNU long name and type AREGTYPE are combined bsc1259611. CVE-2026-3479: improper resource argument validation can allow path traversal bsc1259989. CVE-2026-3644: incomplete control characte...
Security update for python-pyOpenSSL
This update for python-pyOpenSSL fixes the following issue: CVE-2026-27448: unhandled exception can result in connection not being cancelled bsc1259804. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for rust1.93
This update for rust1.93 fixes the following issues: Security issue: CVE-2026-31812: denial of service via crafted QUIC initial packet bsc1259623. Non security issue: Resolve missing gcc requirement that may affect some crate buildin bsc1253321. Patch Instructions: To install this SUSE update use...
Security update for shim
This update for shim fixes the following issues: shim is updated to version 16.1: shimstartimage: fix guid/handle pairing when uninstalling protocols Fix uncompressed ipv6 netboot fix test segfaults caused by uninitialized memory SbatLevelVariable.txt: minor typo fix. Realloc needs to allocate on...
Security update for ovmf
This update for ovmf fixes the following issue: CVE-2025-59438: mbedtls: padding oracle attack possible through timing of cipher error reporting bsc1252441. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for python-urllib3
This update for python-urllib3 fixes the following issues: Security issues: CVE-2025-66418: resource exhaustion via unbounded number of links in the decompression chain bsc1254866. CVE-2025-66471: excessive resource consumption via decompression of highly compressed data in Streaming API...
Security update for terraform-provider-local, terraform-provider-random, terraform-provider-tls
This update for terraform-provider-local, terraform-provider-random, terraform-provider-tls fixes the following issue: CVE-2026-25934: github.com/go-git/go-git/v5: improper verification of data integrity values for .pack and .idx files can lead to the consumption of corrupted files bsc1258097...
Security update for tiff
This update for tiff fixes the following issues: CVE-2025-61143: Fixed NULL pointer dereference bsc1258798. CVE-2025-61144: Fixed stack overflow in readSeparateStripsIntoBuffer bsc1258801. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...