5373 matches found
Security update for perl-XML-Parser
This update for perl-XML-Parser fixes the following issues: CVE-2006-10002: heap buffer overflow in parsestream when processing UTF-8 input streams bsc1259901. CVE-2006-10003: off-by-one heap buffer overflow in stserialstack bsc1259902. Patch Instructions: To install this SUSE update use the SUSE...
Security update for perl-XML-Parser
This update for perl-XML-Parser fixes the following issues: CVE-2006-10002: heap buffer overflow in parsestream when processing UTF-8 input streams bsc1259901. CVE-2006-10003: off-by-one heap buffer overflow in stserialstack bsc1259902. Patch Instructions: To install this SUSE update use the SUSE...
Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: Update to version 2.52.0: CVE-2023-43010: processing maliciously crafted web content may lead to memory corruption bsc1259950. CVE-2025-31223: processing maliciously crafted web content may lead to memory corruption bsc1259949. CVE-2025-3127...
Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools
This update fixes the following issues: spacecmd: Version 5.2.6-0 Update translation strings venv-salt-minion: Fix the typo causing buiding EL9 bundle without binary dependencies Backport security patches for Salt vendored tornado: CVE-2025-67724: missing validation of supplied reason phrase...
Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools
This update fixes the following issues: golang-github-prometheus-prometheus: CVE-2026-27606: Fix arbitrary file write via path traversal in rollup bsc1258893 Bump rollup to version 4.59.0 Drop SLE 12 support jscPED-15474 CVE-2026-25547: Fix unbounded brace range expansion leading to excessive CPU...
Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools
This update fixes the following issues: mgr-push: Version 5.2.3-0 Disable build for SLES 16 rhnlib: Version 5.2.4-0 Disable build for SLES 16 spacecmd: Version 5.2.6-0 Update translation strings spacewalk-client-tools: Version 5.2.4-0 Disable build for SLES 16 uyuni-common-libs: Version 5.2.3-0...
Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools
This update fixes the following issues: spacecmd: Version 5.2.6-0 Update translation strings uyuni-tools: Version 5.2.5-0 Remove migrate command Remove template script from mgradm: use the one in the image Split the TFTP server into a separate container Explicitly start proxy pods after operation...
Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools
This update fixes the following issues: spacecmd: Version 5.2.6-0 Update translation strings uyuni-tools: Version 5.2.5-0 Remove migrate command Remove template script from mgradm: use the one in the image Split the TFTP server into a separate container Explicitly start proxy pods after operation...
Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools
This update fixes the following issues: spacecmd: Version 5.2.6-0 Update translation strings uyuni-tools: Version 5.2.5-0 Remove migrate command Remove template script from mgradm: use the one in the image Split the TFTP server into a separate container Explicitly start proxy pods after operation...
Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools
This update fixes the following issues: mgr-push: Version 5.2.3-0 Disable build for SLES 16 rhnlib: Version 5.2.4-0 Disable build for SLES 16 spacecmd: Version 5.2.6-0 Update translation strings spacewalk-client-tools: Version 5.2.4-0 Disable build for SLES 16 uyuni-common-libs: Version 5.2.3-0...
Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools
This update fixes the following issues: spacecmd: Version 5.2.6-0 Update translation strings uyuni-tools: Version 5.2.5-0 Remove migrate command Remove template script from mgradm: use the one in the image Split the TFTP server into a separate container Explicitly start proxy pods after operation...
Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools
This update fixes the following issues: spacecmd: Version 5.2.6-0 Update translation strings uyuni-tools: Version 5.2.5-0 Remove migrate command Remove template script from mgradm: use the one in the image Split the TFTP server into a separate container Explicitly start proxy pods after operation...
Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: Update to version 2.52.0: CVE-2023-43010: processing maliciously crafted web content may lead to memory corruption bsc1259950. CVE-2025-31223: processing maliciously crafted web content may lead to memory corruption bsc1259949. CVE-2025-3127...
Security update for the Linux Kernel
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2021-47110: Fixed possible memory corruption when restoring from hibernation in x86/kvm bsc1221532. CVE-2025-21738: ata: libata-sff: Ensure that we cannot write...
Security update for freerdp
This update for freerdp fixes the following issues: CVE-2026-26271: Buffer Overread in FreeRDP Icon Processing bsc1258979. CVE-2026-26955: Out-of-bounds Write in freerdp bsc1258982. CVE-2026-26965: Out-of-bounds Write in freerdp bsc1258985. CVE-2026-31806: improper validation of server messages c...
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Update to Firefox 140.9.0 ESR MFSA 2026-22, bsc1260083: CVE-2026-4684: Race condition, use-after-free in the Graphics: WebRender component CVE-2026-4685: Incorrect boundary conditions in the Graphics: Canvas2D component CVE-2026-4686:...
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Update to Firefox 140.9.0 ESR MFSA 2026-22, bsc1260083: CVE-2026-4684: Race condition, use-after-free in the Graphics: WebRender component CVE-2026-4685: Incorrect boundary conditions in the Graphics: Canvas2D component CVE-2026-4686:...
Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 15 SP7)
This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.51 fixes various security issues The following security issues were fixed: CVE-2025-38159: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds bsc1257629. CVE-2025-38488: smb: client: fix use-after-free in cryptmessa...
Security update for LibVNCServer
This update for LibVNCServer fixes the following issues: CVE-2026-32853: crafted FramebufferUpdate message can lead to information disclosure or denial of service bsc1260431. CVE-2026-32854: crafted HTTP requests can cause a denial of service bsc1260429. Patch Instructions: To install this SUSE...
Security update for redis
This update for redis fixes the following issue: a user can manipulate data read by a connection by injecting sequences into a Redis error reply bsc1258706. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for docker-stable
This update for docker-stable fixes the following issues: CVE-2025-58181: golang.org/x/crypto/ssh: invalidated number of mechanisms can cause unbounded memory consumption bsc1253904. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupda...
Security update for python311
This update for python311 fixes the following issues: Update to python 3.11.15: CVE-2025-6075: quadratic complexity in os.path.expandvars bsc1252974. CVE-2025-11468: header injection with carefully crafted inputs bsc1257029. CVE-2025-12084: quadratic complexity in xml.minidom node ID cache cleari...
Security update for the Linux Kernel (Live Patch 6 for SUSE Linux Enterprise 15 SP7)
This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.53.22 fixes various security issues The following security issues were fixed: CVE-2025-40258: mptcp: fix race condition in mptcpschedulework bsc1255053. CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed...
Security update for python312
This update for python312 fixes the following issues: Update to Python 3.12.13: CVE-2025-6075: quadratic complexity in os.path.expandvars bsc1252974. CVE-2025-11468: header injection with carefully crafted inputs bsc1257029. CVE-2025-12084: quadratic complexity in xml.minidom node ID cache cleari...
Security update for the Linux Kernel (Live Patch 8 for SUSE Linux Enterprise 15 SP7)
This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.53.28 fixes various security issues The following security issues were fixed: CVE-2025-68284: libceph: prevent potential out-of-bounds writes in handleauthsessionkey bsc1255378. CVE-2025-68285: libceph: fix potential use-after-free in...
Security update for containerd
This update for containerd rebuilds it against the current go 1.25 security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: Containers...
Security update for the Linux Kernel (Live Patch 4 for SUSE Linux Enterprise 15 SP7)
This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.53.16 fixes various security issues The following security issues were fixed: CVE-2025-38488: smb: client: fix use-after-free in cryptmessage when using async crypto bsc1247240. CVE-2025-40258: mptcp: fix race condition in...
Security update for the Linux Kernel (Live Patch 1 for SUSE Linux Enterprise 15 SP7)
This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.53.3 fixes various security issues The following security issues were fixed: CVE-2025-38159: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds bsc1257629. CVE-2025-38488: smb: client: fix use-after-free in...
Security update for the Linux Kernel (Live Patch 18 for SUSE Linux Enterprise 15 SP6)
This update for the SUSE Linux Enterprise Kernel 6.4.0-150600.23.81 fixes various security issues The following security issues were fixed: CVE-2025-40258: mptcp: fix race condition in mptcpschedulework bsc1255053. CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass...
Security update for cosign
This update for cosign rebuilds it against the current go 1.25 security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: openSUSE Leap 15....
Security update for vim
This update for vim fixes the following issues: Update Vim to version 9.2.0110: CVE-2025-53906: malicious zip archive may cause a path traversal in Vim's zip bsc1246602. CVE-2026-26269: Netbeans specialKeys stack buffer overflow bsc1258229. CVE-2026-28417: crafted URL parsed by netrw plugin can...
Security update for python-deepdiff
This update for python-deepdiff fixes the following issues: CVE-2026-33155: Fixed denial of service via builtins.bytes, builtins.list, builtins.range bsc1260064. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for xen
This update for xen fixes the following issues: CVE-2026-23554: xen: Use after free of paging structures in EPT bsc1259247, XSA-480 CVE-2026-23555: xen: Xenstored DoS by unprivileged domain bsc1259248, XSA-481 Patch Instructions: To install this SUSE update use the SUSE recommended installation...
Security update for xen
This update for xen fixes the following issues: CVE-2026-23554: xen: Use after free of paging structures in EPT bsc1259247, XSA-480 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for kea
This update for kea fixes the following issues: Update to release 2.6.3 bsc1243240: CVE-2025-32801: Fixed loading a malicious hook library can lead to local privilege escalation. CVE-2025-32802: Fixed insecure handling of file paths allows multiple local attacks. CVE-2025-32803: Fixed insecure fi...
Security update for python3
This update for python3 fixes the following issues: CVE-2026-1299: header injection when an email is serialized due to improper newline quoting in BytesGenerator bsc1257181. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for the Linux Kernel (Live Patch 14 for SUSE Linux Enterprise 15 SP6)
This update for the SUSE Linux Enterprise Kernel 6.4.0-150600.23.65 fixes various security issues The following security issues were fixed: CVE-2025-38488: smb: client: fix use-after-free in cryptmessage when using async crypto bsc1247240. CVE-2025-40258: mptcp: fix race condition in...
Security update for the Linux Kernel (Live Patch 67 for SUSE Linux Enterprise 12 SP5)
This update for the SUSE Linux Enterprise Kernel 4.12.14-122.255 fixes various security issues The following security issues were fixed: CVE-2022-50423: ACPICA: Fix use-after-free in acpiutcopyipackagetoipackage bsc1250785. CVE-2022-50697: mrp: introduce active flags to prevent UAF when applicant...
Security update for the Linux Kernel (Live Patch 13 for SUSE Linux Enterprise 15 SP6)
This update for the SUSE Linux Enterprise Kernel 6.4.0-150600.23.60 fixes various security issues The following security issues were fixed: CVE-2025-38488: smb: client: fix use-after-free in cryptmessage when using async crypto bsc1247240. CVE-2025-40258: mptcp: fix race condition in...
Security update for the Linux Kernel (Live Patch 9 for SUSE Linux Enterprise 15 SP6)
This update for the SUSE Linux Enterprise Kernel 6.4.0-150600.23.42 fixes various security issues The following security issues were fixed: CVE-2025-38159: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds bsc1257629. CVE-2025-38488: smb: client: fix use-after-free in...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP7 kernel was updated to fix various security issues The following security issues were fixed: CVE-2023-53817: crypto: lib/mpi - avoid null pointer deref in mpicmpui bsc1254992. CVE-2025-37861: scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue...
Security update for the Linux Kernel
The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-50453: gpiolib: cdev: fix NULL-pointer dereferences bsc1250887. CVE-2023-53794: cifs: fix session state check in reconnect to avoid use-after-free issue...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-21738: ata: libata-sff: Ensure that we cannot write outside the allocated buffer bsc1238917. CVE-2025-40242: gfs2: Fix unlikely race in gdlmputlock bsc1255075...
Security update for python-pyasn1
This update for python-pyasn1 fixes the following issues: CVE-2026-30922: Denial of Service via Unbounded Recursion bsc1259803. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for python-pyasn1
This update for python-pyasn1 fixes the following issues: CVE-2026-30922: Denial of Service via Unbounded Recursion bsc1259803. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for nghttp2
This update for nghttp2 fixes the following issues: CVE-2026-27135: Assertion failure due to missing state validation can lead to DoS bsc1259845. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively y...
Security update for pgvector
This update for pgvector fixes the following issue: Update to pgvector 0.8.2: CVE-2026-3172: Buffer overflow in parallel HNSW index build bsc1258945. Changelog: Fixed Index Searches in EXPLAIN output for Postgres 18 Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for python-urllib3
This update for python-urllib3 fixes the following issue: CVE-2025-66471: excessive resource consumption via decompression of highly compressed data in Streaming API bsc1254867. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for ruby2.5
This update for ruby2.5 fixes the following issues: CVE-2024-49761: ReDoS vulnerability in REXML gem bsc1232440 bsc1232441. CVE-2025-58767: denial of service when parsing XML containing multiple XML declarations bsc1250016. CVE-2026-27820: insufficient checks in zstreambufferungets can lead to a...
Security update for sqlite3
This update for sqlite3 fixes the following issues: Update sqlite3 to 3.51.3: CVE-2025-7709: Integer Overflow in FTS5 Extension bsc1254670. CVE-2025-70873: SQLite zipfile extension may disclose uninitialized heap memory during inflation bsc1259619. Changelog: Fix the WAL-reset database corruption...