5114 matches found
Security update 5.1.2 for Multi-Linux Manager Client Tools
This update fixes the following issues: golang-github-QubitProducts-exporterexporter: Non-customer-facing optimization around source building golang-github-lusitaniae-apacheexporter: Build without apparmor for openSUSE Leap 16, SLES 16 or newer Require Go 1.23 for building Update to version 1.0.1...
Security update for python-tornado
This update for python-tornado fixes the following issues: CVE-2025-67725: inefficient algorithm when parsing parameters for HTTP header values bsc1254905. CVE-2025-67726: Denial of Service DoS via maliciously crafted HTTP request caused by the HTTPHeaders.add method bsc1254904. Patch Instruction...
Security update for freerdp
This update for freerdp fixes the following issues: CVE-2026-24491: heap-use-after-free in videotimer bsc1257981. CVE-2026-24675: heap-use-after-free in urbselectinterface bsc1257982. CVE-2026-24676: heap-use-after-free in audioformatcompatible bsc1257983. CVE-2026-24679: heap-buffer-overflow in...
Security update for snpguest
This update for snpguest fixes the following issues: Update to version 0.10.0. Security issues fixed: CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion bsc1257927. CVE-2025-3416: openssl: Use-After-Free in Md::fetch and Cipher::fetch in...
Security update for openvswitch
This update for openvswitch fixes the following issues: CVE-2024-2182: Fixed insufficient validation of incoming BFD packets may lead to denial of service bsc1255435 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for protobuf
This update for protobuf fixes the following issues:i CVE-2026-0994: Fixed google.protobuf.Any recursion depth bypass in Python jsonformat.ParseDict bsc1257173. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP4 kernel was updated to fix various security issues The following security issues were fixed: CVE-2022-50630: mm: hugetlb: fix UAF in hugetlbhandleuserfault bsc1254785. CVE-2022-50697: mrp: introduce active flags to prevent UAF when applicant uninit bsc1255594...
Security update for postgresql14
This update for postgresql14 fixes the following issues: Update to version 14.21. Security issues fixed: CVE-2026-2003: improper validation of type "oidvector" may allow disclose a few bytes of server memory bsc1258008. CVE-2026-2004: intarray missing validation of type of input to selectivity...
Security update for postgresql15
This update for postgresql15 fixes the following issues: Update to version 15.16. Security issues fixed: CVE-2026-2003: improper validation of type "oidvector" may allow disclose a few bytes of server memory bsc1258008. CVE-2026-2004: intarray missing validation of type of input to selectivity...
Security update for postgresql16
This update for postgresql16 fixes the following issues: Update to version 16.12. Security issues fixed: CVE-2026-2003: improper validation of type "oidvector" may allow disclose a few bytes of server memory bsc1258008. CVE-2026-2004: intarray missing validation of type of input to selectivity...
Security update for python310
This update for python310 fixes the following issues: CVE-2025-11468: header injection when folding a long comment in an email header containing exclusively unfoldable characters bsc1257029. CVE-2026-0672: HTTP header injection via user-controlled cookie values and parameters when using...
Security update for python36
This update for python36 fixes the following issues: CVE-2025-11468: header injection when folding a long comment in an email header containing exclusively unfoldable characters bsc1257029. CVE-2026-0672: HTTP header injection via user-controlled cookie values and parameters when using...
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Update to Firefox 140.7.1 ESR CVE-2026-2447: Fixed a heap buffer overflow in libvpx. bsc1258231 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for libxml2
This update for libxml2 fixes the following issues: CVE-2026-0990: Fixed a call stack overflow leading to application crash due to infinite recursion in xmlCatalogXMLResolveURI. bsc1256807, bsc1256811 CVE-2026-0992: Fixed an excessive resource consumption when processing XML catalogs due to...
Security update for libxml2
This update for libxml2 fixes the following issues: CVE-2026-0990: Fixed a call stack overflow leading to application crash due to infinite recursion in xmlCatalogXMLResolveURI. bsc1256807, bsc1256811 CVE-2026-0992: Fixed an excessive resource consumption when processing XML catalogs due to...
Security update for gimp
This update for gimp fixes the following issues: CVE-2026-2272: integer overflow in ICO file handling can lead to a heap buffer overflow bsc1258000. CVE-2026-2271: integer overflow in the PSP file parser can lead to a heap buffer overflow bsc1257999. CVE-2026-2239: missing null terminator when...
Security update for libxslt
This update for libxslt fixes the following issues: CVE-2025-11731: fixed a type confusion in exsltFuncResultComp function leading to denial of service bsc1251979 CVE-2025-10911: last fix caused a regression, patch was temporary disabled bsc1250553 Patch Instructions: To install this SUSE update...
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Update to Firefox 140.7.1 ESR CVE-2026-2447: Fixed a heap buffer overflow in libvpx. bsc1258231 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for libpng12
This update for libpng12 fixes the following issues: CVE-2026-25646: heap buffer overflow vulnerability in pngsetdither/pngsetquantize bsc1258020. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...
Security update for libpng12
This update for libpng12 fixes the following issues: CVE-2026-25646: heap buffer overflow vulnerability in pngsetdither/pngsetquantize bsc1258020. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...
Security update for libpng16
This update for libpng16 fixes the following issues: CVE-2026-25646: heap buffer overflow vulnerability in pngsetdither/pngsetquantize bsc1258020. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...
Security update for libpng16
This update for libpng16 fixes the following issues: CVE-2025-28162: memory leaks when running pngimage bsc1257364. CVE-2025-28164: memory leaks when running pngimage bsc1257365. CVE-2026-22695: heap buffer over-read in pngimagefinishread bsc1256525. CVE-2026-22801: integer truncation causing hea...
Security update for vexctl
This update for vexctl fixes the following issues: Update to version 0.4.1+git78.f951e3a: CVE-2025-22868: Unexpected memory consumption during token parsing in golang.org/x/oauth2. bsc1239186 CVE-2024-45337: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in...
Security update for python
This update for python fixes the following issues: CVE-2026-0672: Fixed a HTTP header injection via user-controlled cookie values and parameters when using http.cookies.Morsel. bsc1257031 CVE-2026-0865: Fixed a bug where a user-controlled header containing newlines can allow injecting HTTP header...
Security update for xen
This update for xen fixes the following issues: CVE-2025-58150: buffer overrun with shadow paging + tracing XSA-477 bsc1256745. CVE-2026-23553: incomplete IBPB for vCPU isolation XSA-479 bsc1256747. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like...
Security update for postgresql16
This update for postgresql16 fixes the following issues: Update to version 16.12. Security issues fixed: CVE-2026-2003: improper validation of type "oidvector" may allow disclose a few bytes of server memory bsc1258008. CVE-2026-2004: intarray missing validation of type of input to selectivity...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP7 RT kernel was updated to fix various security issues The following security issues were fixed: CVE-2023-54013: interconnect: Fix locking for runpm vs reclaim bsc1256280. CVE-2025-39880: libceph: fix invalid accesses to cephconnectionv1info bsc1250388...
Security update for postgresql17
This update for postgresql17 fixes the following issues: Update to version 17.8. Security issues fixed: CVE-2026-2003: improper validation of type "oidvector" may allow disclose a few bytes of server memory bsc1258008. CVE-2026-2004: intarray missing validation of type of input to selectivity...
Security update for postgresql18
This update for postgresql18 fixes the following issues: Update to version 18.2. Security issues fixed: CVE-2026-2003: improper validation of type "oidvector" may allow disclose a few bytes of server memory bsc1258008. CVE-2026-2004: intarray missing validation of type of input to selectivity...
Security update for postgresql18
This update for postgresql18 fixes the following issues: Update to version 18.2. Security issues fixed: CVE-2026-2003: improper validation of type "oidvector" may allow disclose a few bytes of server memory bsc1258008. CVE-2026-2004: intarray missing validation of type of input to selectivity...
Security update for libpng16
This update for libpng16 fixes the following issues: CVE-2026-25646: heap buffer overflow vulnerability in pngsetdither/pngsetquantize bsc1258020. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...
Security update for snpguest
This update for snpguest fixes the following issues: CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion bsc1257927. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for openCryptoki
This update for openCryptoki fixes the following issues: CVE-2026-23893: Privilege Escalation or Data Exposure via Symlink Following bsc1257116. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively yo...
Security update for apptainer
This update for apptainer fixes the following issues: CVE-2025-58190: Fixed a HTML parser misimplementation of a part of the HTML specification for table related tags. bsc1258048. CVE-2025-47911: Fixed an issue where the HTML parser takes a very long time or even never returns. bsc1258047. Patch...
Security update for libsoup
This update for libsoup fixes the following issues: CVE-2026-1536: Always validate the headers value when coming from untrusted source to avoid HTTP header injection bsc1257440. CVE-2026-1761: Check length of bytes read in soupfilterinputstreamreaduntil to avoid a stack-based buffer overflow...
Security update for avahi
This update for avahi fixes the following issues: CVE-2025-68276: Fixed refuse to create wide-area record browsers when wide-area is off bsc1256498 CVE-2025-68471: Fixed DoS bug by changing assert to return bsc1256500 CVE-2025-68468: Fixed DoS bug by removing incorrect assertion bsc1256499 Patch...
Security update for abseil-cpp
This update for abseil-cpp fixes the following issues: Update to version 20230802.3 CVE-2025-0838: Fixed potential integer overflow in hash container create/resize bsc1237543. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for libpcap
This update for libpcap fixes the following issues: CVE-2025-11961: missing validation of provided MAC-48 address string in pcapetheraton can lead to out-of-bounds read and write bsc1255765. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for libsoup2
This update for libsoup2 fixes the following issues: CVE-2026-1761: incorrect length calculation when parsing of multipart HTTP responses can lead to a stack-based buffer overflow bsc1257598. CVE-2026-0716: improper bounds handling may allow out-of-bounds read bsc1256418. CVE-2025-4476: null...
Security update for kubernetes-old
This update for kubernetes-old rebuilds it against the current GO security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: openSUSE Leap...
Security update for kubernetes
This update for kubernetes rebuilds it against the current GO security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: openSUSE Leap 15.6...
Security update for cdi-apiserver-container, cdi-cloner-container, cdi-controller-container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy-container, cdi-uploadserver-container, cont
This update for cdi-apiserver-container, cdi-cloner-container, cdi-controller-container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy-container, cdi-uploadserver-container, containerized-data-importer fixes the following issues: Update to version 1.64.0 Release notes...
Security update for libxml2
This update for libxml2 fixes the following issues: CVE-2026-0990: Fixed a call stack overflow leading to application crash due to infinite recursion in xmlCatalogXMLResolveURI. bsc1256807, bsc1256811 CVE-2026-0992: Fixed an excessive resource consumption when processing XML catalogs due to...
Security update for openCryptoki
This update for openCryptoki fixes the following issues: Security fixes: CVE-2026-23893: Fixed privilege escalation or data exposure via symlink following bsc1257116 Other fixes: Fixed FIPS mode bsc1248002 Patch Instructions: To install this SUSE update use the SUSE recommended installation metho...
Security update for libxml2
This update for libxml2 fixes the following issues: CVE-2026-0990: Fixed a call stack overflow leading to application crash due to infinite recursion in xmlCatalogXMLResolveURI. bsc1256807, bsc1256811 CVE-2026-0992: Fixed an excessive resource consumption when processing XML catalogs due to...
Security update for libssh
This update for libssh fixes the following issues: CVE-2026-0964: improper sanitation of paths received from SCP servers can cause path traversal bsc1258049. CVE-2026-0965: possible denial of service when parsing unexpected configuration files bsc1258045. CVE-2026-0966: buffer underflow in...
Security update for the Linux Kernel (Live Patch 44 for SUSE Linux Enterprise 15 SP4)
This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.176 fixes various security issues The following security issues were fixed: CVE-2023-53321: wifi: mac80211hwsim: drop short frames bsc1250314. CVE-2025-38111: net/mdiobus: Fix potential out-of-bounds read/write access bsc1249455...
Security update for the Linux Kernel (Live Patch 43 for SUSE Linux Enterprise 15 SP4)
This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.173 fixes various security issues The following security issues were fixed: CVE-2023-53321: wifi: mac80211hwsim: drop short frames bsc1250314. CVE-2025-38111: net/mdiobus: Fix potential out-of-bounds read/write access bsc1249455...
Security update for protobuf
This update for protobuf fixes the following issues: CVE-2026-0994: Fixed google.protobuf.Any recursion depth bypass in Python jsonformat.ParseDict bsc1257173. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for the Linux Kernel (Live Patch 5 for SUSE Linux Enterprise 15 SP7)
This update for the SUSE Linux Enterprise kernel 6.4.0-150700.53.19 fixes various security issues The following security issues were fixed: CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum bsc1253473. CVE-2025-40186: tcp: Don't call reqskfastopenremove in tcpconnreques...