5376 matches found
Security update for qemu
This update for qemu fixes the following issues: Security issue: CVE-2025-14876: qemu-kvm: Unbounded allocation in virtio-crypto bsc1255400. Non security issues: hw/virtio: Also include md stubs in case CONFIGVIRTIOPCI is not set jscPED-14271. s390x/pv: prepare for memory devices jscPED-14271...
Security update for openvpn
This update for openvpn fixes the following issues: Updated to version 2.6.10 that fixes: CVE-2025-13086: improper validation of IP addresses that can cause denial of service bsc1254486 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for ocaml
This update for ocaml fixes the following issues: CVE-2026-28364: missing bounds validation in readblock can lead to arbitrary code execution bsc1258992. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for gnutls
This update for gnutls fixes the following issues: Security issue: CVE-2025-14831: excessive resource consumption when verifying specially crafted malicious certificates containing a large number of name constraints and subject alternative names bsc1257960. Other updates and bugfixes: update...
Security update for python-Authlib
This update for python-Authlib fixes the following issues: CVE-2025-68158: Fixed 1-click account takeover in applications that use the Authlib library bsc1256414 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for glibc-livepatches
This update for glibc-livepatches fixes the following issues: CVE-2026-0861: Fixed inadequate size check in the memalign suite may result in an integer overflow bsc1256913 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypp...
Security update for expat
This update for expat fixes the following issues: CVE-2026-24515: Fixed a null dereference in XMLExternalEntityParserCreate. bsc1257144 CVE-2026-25210: Fixed an integer overflow in doContent. bsc1257496 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods...
Security update for php-composer2
This update for php-composer2 fixes the following issues: CVE-2025-67746: Fixed ANSI control characters injection in the terminal output of various Composer commands via attacker controlled remote sources. bsc1255768 Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for openCryptoki
This update for openCryptoki fixes the following issues: CVE-2026-23893: Fixed privilege escalation or data exposure via symlink following bsc1257116 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternative...
Security update for python-Django
This update for python-Django fixes the following issue: CVE-2026-25674: race condition can lead to potential incorrect permissions on newly created file system objects bsc1259142. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate...
Security update for virtiofsd
This update for virtiofsd fixes the following issue: CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion bsc1257912. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for wireshark
This update for wireshark fixes the following issues: CVE-2025-13946: MEGACO dissector infinite loop bsc1254472. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for...
Security update for virtiofsd
This update for virtiofsd fixes the following issue: CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion bsc1257912. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for mozilla-nss
This update for mozilla-nss fixes the following issues: Update to NSS 3.112.3: CVE-2026-2781: Avoid integer overflow in platform-independent ghash bsc1258568 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for mozilla-nss
This update for mozilla-nss fixes the following issues: Update to NSS 3.112.3: CVE-2026-2781: Avoid integer overflow in platform-independent ghash bsc1258568 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 140.8.0 ESR MFSA 2026-15 bsc1258568: CVE-2026-2757: Incorrect boundary conditions in the WebRTC: Audio/Video component CVE-2026-2758: Use-after-free in the JavaScript: GC component CVE-2026-2759:...
Security update for libsoup2
This update for libsoup2 fixes the following issues: CVE-2026-1467: lack of input sanitization can lead to unintended or unauthorized HTTP requests bsc1257398. CVE-2026-1539: proxy authentication credentials leaked via the Proxy-Authorization header when handling HTTP redirects bsc1257441...
Security update for wireshark
This update for wireshark fixes the following issue: CVE-2026-3201: USB HID protocol dissector memory exhaustion bsc1258907. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the comman...
Security update for wicked2nm,suse-migration-services,suse-migration-sle16-activation,SLES16-Migration,SLES16-SAP_Migration
This update for wicked2nm,suse-migration-services,suse-migration-sle16-activation,SLES16-Migration,SLES16-SAPMigration fixes the following issues: Changes for SLES16-SAPMigration: Bump version: 2.1.30 Changes for SLES16-Migration: Bump version: 2.1.30 Changes for suse-migration-sle16-activation:...
Security update for python-pip
This update for python-pip fixes the following issues: CVE-2026-1703: Fixed a potential path traversal in python-pip. bsc1257599 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for util-linux
This update for util-linux fixes the following issues: CVE-2026-3184: Fix full hostname usage for PAM to ensure correct access control for "login -h" bsc1258859. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for python
This update for python fixes the following issues: CVE-2024-7592: excess CPU resource consumption in http.cookies module bsc1229596 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for libxslt
This update for libxslt fixes the following issues: CVE-2025-10911: use-after-free will be fixed on libxml2 side instead bsc1250553. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run th...
Security update for ocaml
This update for ocaml fixes the following issues: CVE-2026-28364: missing bounds validation in readblock can lead to arbitrary code execution bsc1258992. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for libsoup
This update for libsoup fixes the following issues: CVE-2026-1467: lack of input sanitization can lead to unintended or unauthorized HTTP requests bsc1257398. CVE-2026-1539: proxy authentication credentials leaked via the Proxy-Authorization header when handling HTTP redirects bsc1257441...
Security update for libsoup
This update for libsoup fixes the following issues: CVE-2026-1467: lack of input sanitization can lead to unintended or unauthorized HTTP requests bsc1257398. CVE-2026-1539: proxy authentication credentials leaked via the Proxy-Authorization header when handling HTTP redirects bsc1257441...
Security update for go1.25-openssl
This update for go1.25-openssl fixes the following issues: Update to version 1.25.7. Security issues fixed: CVE-2025-61732: cmd/go: discrepancy between Go and C/C++ comment parsing allows for C code smuggling bsc1257692. CVE-2025-68121: crypto/tls: Config.Clone copies automatically generated...
Security update for go1.24-openssl
This update for go1.24-openssl fixes the following issues: Update to version 1.24.13 jscSLE-18320, bsc1236217. Security issues fixed: CVE-2025-61732: cmd/cgo: discrepancy between Go and C/C++ comment parsing allows for C code smuggling bsc1257692. CVE-2025-68119: cmd/go: unexpected code execution...
Security update for libsoup
This update for libsoup fixes the following issues: CVE-2026-1467: lack of input sanitization can lead to unintended or unauthorized HTTP requests bsc1257398. CVE-2026-1539: proxy authentication credentials leaked via the Proxy-Authorization header when handling HTTP redirects bsc1257441...
Security update for postgresql17
This update for postgresql17 fixes the following issue: Update to version 17.9 bsc1258754. Regression fixes: the substring function raises an error "invalid byte sequence for encoding" on non-ASCII text values if the source of that value is a database column caused by CVE-2026-2006 fix. a standby...
Security update for postgresql14
This update for postgresql14 fixes the following issues: Update to version 14.22 bsc1258754. Security issues fixed: CVE-2026-2003: improper validation of type "oidvector" may allow disclose a few bytes of server memory bsc1258008. CVE-2026-2004: intarray missing validation of type of input to...
Security update for postgresql18
This update for postgresql18 fixes the following issue: Update to version 18.3 bsc1258754. Regression fixes: the substring function raises an error "invalid byte sequence for encoding" on non-ASCII text values if the source of that value is a database column caused by CVE-2026-2006 fix. a standby...
Security update for postgresql16
This update for postgresql16 fixes the following issue: Update to version 16.13 bsc1258754. Regression fixes: the substring function raises an error "invalid byte sequence for encoding" on non-ASCII text values if the source of that value is a database column caused by CVE-2026-2006 fix. a standb...
Security update for zlib
This update for zlib fixes the following issue: CVE-2026-27171: Fixed infinite loop via the crc32combine64 and crc32combinegen64 functions due to missing checks for negative lengths bsc1258392. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for libxml2
This update for libxml2 fixes the following issues: CVE-2026-0990: Fixed a call stack overflow leading to application crash due to infinite recursion in xmlCatalogXMLResolveURI. bsc1256807, bsc1256811 CVE-2026-0992: Fixed an excessive resource consumption when processing XML catalogs due to...
Security update for patch
This update for patch fixes the following issues: CVE-2021-45261: Clear range of pointers before they are used/freed bsc1194037. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for tracker-miners
This update for tracker-miners fixes the following issues: CVE-2026-1764: heap buffer overflow leads to denial of service or information disclosure when parsing MP3 files bsc1257606. CVE-2026-1765: denial of Service and potential information disclosure via crafted MP3 files bsc1257607...
Security update for libssh
This update for libssh fixes the following issues: CVE-2026-0964: improper sanitation of paths received from SCP servers can cause path traversal bsc1258049. CVE-2026-0965: possible denial of service when parsing unexpected configuration files bsc1258045. CVE-2026-0966: buffer underflow in...
Security update for libssh
This update for libssh fixes the following issues: CVE-2026-0964: improper sanitation of paths received from SCP servers can cause path traversal bsc1258049. CVE-2026-0965: possible denial of service when parsing unexpected configuration files bsc1258045. CVE-2026-0966: buffer underflow in...
Security update for cosign
This update for cosign fixes the following issues: Update to version 3.0.5 jscSLE-23879. Security issues fixed: CVE-2025-11065: github.com/go-viper/mapstructure/v2: sensitive Information leak in logs bsc1250620. CVE-2025-58181: golang.org/x/crypto/ssh: invalidated number of mechanisms can cause...
Security update for evolution-data-server
This update for evolution-data-server fixes the following issue: CVE-2026-2604: arbitrary file deletion via inconsistent URI handling bsc1258307. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively y...
Security update for evolution-data-server
This update for evolution-data-server fixes the following issue: CVE-2026-2604: arbitrary file deletion via inconsistent URI handling bsc1258307. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively y...
Security update for python
This update for python fixes the following issue: CVE-2024-7592: uncontrolled CPU resource consumption when in http.cookies module bsc1229596. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you...
Security update for docker
This update for docker fixes the following issues: CVE-2025-58181: Fixed a bug in crypto/ssh where invalidated number of mechanisms can cause unbounded memory consumption. bsc1253904 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupda...
Security update for postgresql15
This update for postgresql15 fixes the following issues: Update to version 15.17 bsc1258754. Security issues fixed: CVE-2026-2003: improper validation of type "oidvector" may allow disclose a few bytes of server memory bsc1258008. CVE-2026-2004: intarray missing validation of type of input to...
Security update for postgresql15
This update for postgresql15 fixes the following issues: Update to version 15.17 bsc1258754. Security issues fixed: CVE-2026-2003: improper validation of type "oidvector" may allow disclose a few bytes of server memory bsc1258008. CVE-2026-2004: intarray missing validation of type of input to...
Security update for postgresql18
This update for postgresql18 fixes the following issue: Update to version 18.3 bsc1258754. Regression fixes: the substring function raises an error "invalid byte sequence for encoding" on non-ASCII text values if the source of that value is a database column caused by CVE-2026-2006 fix. a standby...
Security update for postgresql14
This update for postgresql14 fixes the following issues: Update to version 14.22 bsc1258754. Security issues fixed: CVE-2026-2003: improper validation of type "oidvector" may allow disclose a few bytes of server memory bsc1258008. CVE-2026-2004: intarray missing validation of type of input to...
Security update for python311
This update for python311 fixes the following issues: CVE-2025-11468: header injection when folding a long comment in an email header containing exclusively unfoldable characters bsc1257029. CVE-2025-12781: inadequate parameter check can cause data integrity issues bsc1257108. CVE-2025-15282:...
Security update for gnome-remote-desktop
This update for gnome-remote-desktop fixes the following issue: CVE-2025-5024: an unauthenticated attacker can exhaust system resources bsc1244053. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...