5114 matches found
Security update for the Linux Kernel (Live Patch 1 for SUSE Linux Enterprise 15 SP7)
This update for the SUSE Linux Enterprise kernel 6.4.0-150700.53.3 fixes one security issue The following security issue was fixed: CVE-2025-38129: pagepool: fix use-after-free in pagepoolrecycleinring bsc1258139. Patch Instructions: To install this SUSE update use the SUSE recommended installati...
Security update for the Linux Kernel (Live Patch 34 for SUSE Linux Enterprise 15 SP5)
This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.133 fixes various security issues The following security issues were fixed: CVE-2023-54142: gtp: Fix use-after-free in gtpencapdestroy bsc1256097. CVE-2025-38129: pagepool: fix use-after-free in pagepoolrecycleinring bsc1258139...
Security update for the Linux Kernel (Live Patch 33 for SUSE Linux Enterprise 15 SP5)
This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.130 fixes various security issues The following security issues were fixed: CVE-2022-50700: wifi: ath10k: Delay the unmapping of the buffer bsc1255577. CVE-2023-54142: gtp: Fix use-after-free in gtpencapdestroy bsc1256097...
Security update for the Linux Kernel (Live Patch 30 for SUSE Linux Enterprise 15 SP5)
This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.121 fixes various security issues The following security issues were fixed: CVE-2022-50700: wifi: ath10k: Delay the unmapping of the buffer bsc1255577. CVE-2023-54142: gtp: Fix use-after-free in gtpencapdestroy bsc1256097...
Security update for the Linux Kernel (Live Patch 26 for SUSE Linux Enterprise 15 SP5)
This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.103 fixes various security issues The following security issues were fixed: CVE-2022-50700: wifi: ath10k: Delay the unmapping of the buffer bsc1255577. CVE-2023-54142: gtp: Fix use-after-free in gtpencapdestroy bsc1256097...
Security update for gpg2
This update for gpg2 fixes the following issues: Security fix: Fixed GnuPG accepting Path Separators and Path Traversals in Literal Data bsc1256389 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...
Security update for python311
This update for python311 fixes the following issues: CVE-2025-11468: header injection when folding a long comment in an email header containing exclusively unfoldable characters bsc1257029. CVE-2025-12781: inadequate parameter check can cause data integrity issues bsc1257108. CVE-2025-15282:...
Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issues: Update to Thunderbird 140.7.2 CVE-2026-2447: Fixed a heap buffer overflow in libvpx. bsc1258231 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for libsoup
This update for libsoup fixes the following issues: CVE-2025-32049: denial of Service attack to websocket server bsc1240751. CVE-2026-2369: buffer overread due to integer underflow when handling zero-length resources bsc1258120. CVE-2026-2443: out-of-bounds read when processing specially crafted...
Security update for libsoup
This update for libsoup fixes the following issues: CVE-2025-32049: denial of Service attack to websocket server bsc1240751. CVE-2026-2369: buffer overread due to integer underflow when handling zero-length resources bsc1258120. CVE-2026-2443: out-of-bounds read when processing specially crafted...
Security update for the Linux Kernel
The SUSE Linux Enterprise 11 SP4 kernel was updated to fix various security issues The following security issues were fixed: CVE-2021-0920: net: split out functions related to registering inflight socket files bsc1193731. CVE-2025-38177: schhfsc: make hfscqlennotify idempotent bsc1245986. Special...
Security update for go1
This update for go1 fixes the following issues: Update to version 1.24.13 jscSLE-18320, bsc1236217. Security issues fixed: CVE-2025-61732: cmd/cgo: discrepancy between Go and C/C++ comment parsing allows for C code smuggling bsc1257692. CVE-2025-68119: cmd/go: unexpected code execution when...
Security update for valkey
This update for valkey fixes the following issues: Update to version 8.0.7. Security issues fixed: CVE-2025-67733: data tampering and denial of service via improper null character handling in Lua scripts bsc1258746. CVE-2026-21863: denial of service via invalid clusterbus packet bsc1258788. Other...
Security update for gimp
This update for gimp fixes the following issues: CVE-2026-2044: lack of proper initialization of memory can allow remote attackers to execute arbitrary code bsc1258532. CVE-2026-2045: check offset in the colormap is valid before using it bsc1258533. CVE-2026-2048: lack of proper validation of...
Security update for freerdp2
This update for freerdp2 fixes the following issues: CVE-2026-22855: heap-buffer-overflow in smartcardunpacksetattribcall bsc1256721. CVE-2026-22857: heap-use-after-free in irpthreadfunc bsc1256723. CVE-2026-23533: improper validation can lead to heap buffer overflow in cleardecompressresidualdat...
Security update for glibc
This update for glibc fixes the following issues: CVE-2026-0915: resolv: Fix NSS DNS backend for getnetbyaddr bsc1256822, BZ 33802 CVE-2025-15281: posix: Reset wordexpt fields with WRDEREUSE bsc1257005, BZ 33814 CVE-2025-8058: posix: Fix double-free after allocation failure in regcomp bsc1246965,...
Security update for the Linux Kernel RT (Live Patch 1 for SUSE Linux Enterprise 15 SP7)
This update for the SUSE Linux Enterprise kernel 6.4.0-150700.7.3 fixes one security issue The following security issue was fixed: CVE-2025-38129: pagepool: fix use-after-free in pagepoolrecycleinring bsc1258139. Patch Instructions: To install this SUSE update use the SUSE recommended installatio...
Security update for ucode-intel
This update for ucode-intel fixes the following issues: Intel CPU Microcode was updated to the 20260210 release bsc1258046 CVE-2024-24853: Updated fix for incorrect behavior order in transition between executive monitor and SMI transfer monitor STM in some IntelR Processor may allow a privileged...
Security update for ucode-intel
This update for ucode-intel fixes the following issues: Intel CPU Microcode was updated to the 20260210 release bsc1258046 CVE-2024-24853: Updated fix for incorrect behavior order in transition between executive monitor and SMI transfer monitor STM in some IntelR Processor may allow a privileged...
Security update for ucode-intel
This update for ucode-intel fixes the following issues: Intel CPU Microcode was updated to the 20260210 release bsc1258046 CVE-2024-24853: Updated fix for incorrect behavior order in transition between executive monitor and SMI transfer monitor STM in some IntelR Processor may allow a privileged...
Security update for redis7
This update for redis7 fixes the following issue: a user can manipulate data read by a connection by injecting sequences into a Redis error reply bsc1258706. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for docker
This update for docker fixes the following issues: CVE-2025-58181: Fixed a bug in crypto/ssh where invalidated number of mechanisms can cause unbounded memory consumption. bsc1253904 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupda...
Security update for frr
This update for frr fixes the following issues: CVE-2025-61099: Fixed a NULL pointer dereference, which may lead to a DoS vulnerability. bsc1252838 CVE-2025-61100: Fixed a NULL pointer dereference, which may lead to a DoS vulnerability. bsc1252829 CVE-2025-61101: Fixed a NULL pointer dereference,...
Security update for python3
This update for python3 fixes the following issues: CVE-2025-11468: header injection when folding a long comment in an email header containing exclusively unfoldable characters bsc1257029. CVE-2026-0672: HTTP header injection via user-controlled cookie values and parameters when using...
Security update for python
This update for python fixes the following issues: CVE-2025-6075: Fixed performance degradation when using os.path.expandvars bsc1252974. CVE-2026-0672: Fixed a HTTP header injection via user-controlled cookie values and parameters when using http.cookies.Morsel. bsc1257031 CVE-2026-0865: Fixed a...
Security update for qemu
This update for qemu fixes the following issues: CVE-2025-14876: qemu-kvm: Unbounded allocation in virtio-crypto bsc1255400. CVE-2026-0665: out-of-bounds heap access can lead to a denial of service or potential memory corruption bsc1256484. Patch Instructions: To install this SUSE update use the...
Security update for erlang
This update for erlang fixes the following issues: CVE-2025-48039:Fixed an excessive use of system resources. bsc1249469 CVE-2025-48038:Fixed an excessive use of system resources. bsc1249470 CVE-2025-48040:Fixed an excessive resource consumption. bsc1249472 Patch Instructions: To install this SUS...
Security update for openvswitch
This update for openvswitch fixes the following issues: CVE-2024-2182: Fixed insufficient validation of incoming BFD packets may lead to denial of service bsc1255435 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for docker-stable
This update for docker-stable fixes the following issues: CVE-2025-30204: Fixed a vulnerability in jwt-go which allowed excessive memory allocation during header parsing. bsc1240513 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdat...
Security update for libsoup
This update for libsoup fixes the following issues: CVE-2025-32049: denial of Service attack to websocket server bsc1240751. CVE-2026-2369: buffer overread due to integer underflow when handling zero-length resources bsc1258120. CVE-2026-2443: out-of-bounds read when processing specially crafted...
Security update for libsoup2
This update for libsoup2 fixes the following issues: CVE-2025-32049: denial of Service attack to websocket server bsc1240751. CVE-2026-2369: buffer overread due to integer underflow when handling zero-length resources bsc1258120. CVE-2026-2443: out-of-bounds read when processing specially crafted...
Security update for freerdp
This update for freerdp fixes the following issues: CVE-2026-22855: heap-buffer-overflow in smartcardunpacksetattribcall bsc1256721. CVE-2026-22857: heap-use-after-free in irpthreadfunc bsc1256723. CVE-2026-23533: improper validation can lead to heap buffer overflow in cleardecompressresidualdata...
Security update for redis
This update for redis fixes the following issue: a user can manipulate data read by a connection by injecting sequences into a Redis error reply bsc1258706. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for freerdp
This update for freerdp fixes the following issues: CVE-2026-24491: heap-use-after-free in videotimer bsc1257981. CVE-2026-24675: heap-use-after-free in urbselectinterface bsc1257982. CVE-2026-24676: heap-use-after-free in audioformatcompatible bsc1257983. CVE-2026-24679: heap-buffer-overflow in...
Security update for libjxl
This update for libjxl fixes the following issues: CVE-2025-12474: a specially crafted file can cause the decoder to read pixel data from uninitialized allocated memory bsc1258090. CVE-2026-1837: a specially crafted file can cause the decoder to write pixel data to uninitialized unallocated memor...
Security update for expat
This update for expat fixes the following issues: CVE-2026-24515: Fixed a null dereference in XMLExternalEntityParserCreate. bsc1257144 CVE-2026-25210: Fixed an integer overflow in doContent. bsc1257496 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods...
Security update for expat
This update for expat fixes the following issues: CVE-2026-24515: Fixed a null dereference in XMLExternalEntityParserCreate. bsc1257144 CVE-2026-25210: Fixed an integer overflow in doContent. bsc1257496 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods...
Security update for python3
This update for python3 fixes the following issues: CVE-2025-11468: header injection when folding a long comment in an email header containing exclusively unfoldable characters bsc1257029. CVE-2026-0672: HTTP header injection via user-controlled cookie values and parameters when using...
Security update for python312
This update for python312 fixes the following issues: CVE-2025-11468: header injection when folding a long comment in an email header containing exclusively unfoldable characters bsc1257029. CVE-2026-0672: HTTP header injection via user-controlled cookie values and parameters when using...
Security update for python39
This update for python39 fixes the following issues: CVE-2025-11468: Fixed a header injection when folding a long comment in an email header containing exclusively unfoldable characters. bsc1257029 CVE-2026-0672: Fixed a HTTP header injection via user-controlled cookie values and parameters when...
Security update for python313
This update for python313 fixes the following issues: Update to Python 3.13.12 CVE-2026-0672: Fixed a HTTP header injection via user-controlled cookie values and parameters when using http.cookies.Morsel. bsc1257031 CVE-2026-0865: Fixed a bug where a user-controlled header containing newlines can...
Security update for docker-stable
This update for docker-stable fixes the following issues: CVE-2025-30204: Fixed a vulnerability in jwt-go which allowed excessive memory allocation during header parsing. bsc1240513 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdat...
Security update for python-urllib3_1
This update for python-urllib31 fixes the following issues: CVE-2025-66471: excessive resource consumption via decompression of highly compressed data in Streaming API bsc1254867. CVE-2025-66418: resource exhaustion via unbounded number of links in the decompression chain bsc1254866...
Security update 5.1.2 for Multi-Linux Manager Client Tools
This update fixes the following issues: spacecmd: Version 5.1.12-0 Fix spacecmd binary file upload bsc1253659 Fix typo in spacecmd help ca-cert flag bsc1253174 Convert cached IDs to int bsc1251995 Fix methods in api namespace in spacecmd bsc1249532 Make caching code Py 2.7 compatible Use JSON...
Security update 5.1.2 for Multi-Linux Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Backported security patches for Salt vendored tornado: CVE-2025-67724: Fixed missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: Fixed DoS via malicious HTTP request bsc1254905 CVE-2025-67726: Fixed HTTP header paramete...
Security update 5.1.2 for Multi-Linux Manager Client Tools
This update fixes the following issues: dracut-saltboot: Update to version 1.1.0 Retry DHCP requests up to 3 times bsc1253004 golang-github-QubitProducts-exporterexporter: Non-customer-facing optimization around source building golang-github-boynux-squidexporter: Update to version 1.13.0...
Security update 5.1.2 for Multi-Linux Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Backport security patches for Salt vendored tornado: CVE-2025-67724: missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: fix DoS via malicious HTTP request bsc1254905 CVE-2025-67726: fix HTTP header parameter parsing...
Security update 5.1.2 for Multi-Linux Manager Client Tools
This update fixes the following issues: golang-github-QubitProducts-exporterexporter: Non-customer-facing optimization around source building golang-github-boynux-squidexporter: Update to version 1.13.0 jscPED-14971 Add support for squid-internal-mgr path for metrics. Update to version 1.12.0 Add...
Security update 5.1.2 for Multi-Linux Manager Client Tools
This update fixes the following issues: golang-github-QubitProducts-exporterexporter: Non-customer-facing optimization around source building golang-github-lusitaniae-apacheexporter: Build without apparmor for openSUSE Leap 16, SLES 16 or newer Require Go 1.23 for building Update to version 1.0.1...
Security update 5.1.2 for Multi-Linux Manager Client Tools
This update fixes the following issues: golang-github-QubitProducts-exporterexporter: Non-customer-facing optimization around source building golang-github-lusitaniae-apacheexporter: Build without apparmor for openSUSE Leap 16, SLES 16 or newer Require Go 1.23 for building Update to version 1.0.1...