5381 matches found
Security update for postgresql15
This update for postgresql15 fixes the following issues: Update to version 15.17 bsc1258754. Security issues fixed: CVE-2026-2003: improper validation of type "oidvector" may allow disclose a few bytes of server memory bsc1258008. CVE-2026-2004: intarray missing validation of type of input to...
Security update for postgresql18
This update for postgresql18 fixes the following issue: Update to version 18.3 bsc1258754. Regression fixes: the substring function raises an error "invalid byte sequence for encoding" on non-ASCII text values if the source of that value is a database column caused by CVE-2026-2006 fix. a standby...
Security update for postgresql14
This update for postgresql14 fixes the following issues: Update to version 14.22 bsc1258754. Security issues fixed: CVE-2026-2003: improper validation of type "oidvector" may allow disclose a few bytes of server memory bsc1258008. CVE-2026-2004: intarray missing validation of type of input to...
Security update for python311
This update for python311 fixes the following issues: CVE-2025-11468: header injection when folding a long comment in an email header containing exclusively unfoldable characters bsc1257029. CVE-2025-12781: inadequate parameter check can cause data integrity issues bsc1257108. CVE-2025-15282:...
Security update for gnome-remote-desktop
This update for gnome-remote-desktop fixes the following issue: CVE-2025-5024: an unauthenticated attacker can exhaust system resources bsc1244053. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...
Security update for smc-tools
This update for smc-tools fixes the following issues: Update to version 1.8.7 jscPED-14601. Security issues fixed: VUL-1: smc-tools: predictable /tmp file allows for local denial of service bsc1230052, bsc1258495. Other updates and bugfixes: smcrnics: fix regression when PFT not available...
Security update for freerdp
This update for freerdp fixes the following issues: CVE-2026-24491: heap-use-after-free in videotimer bsc1257981. CVE-2026-24675: heap-use-after-free in urbselectinterface bsc1257982. CVE-2026-24676: heap-use-after-free in audioformatcompatible bsc1257983. CVE-2026-24677: heap-buffer-overflow in...
Security update for freerdp
This update for freerdp fixes the following issues: CVE-2026-22855: heap-buffer-overflow in smartcardunpacksetattribcall bsc1256721. CVE-2026-22857: heap-use-after-free in irpthreadfunc bsc1256723. CVE-2026-23533: improper validation can lead to heap buffer overflow in cleardecompressresidualdata...
Security update for freerdp
This update for freerdp fixes the following issues: CVE-2026-22855: heap-buffer-overflow in smartcardunpacksetattribcall bsc1256721. CVE-2026-22857: heap-use-after-free in irpthreadfunc bsc1256723. CVE-2026-23533: improper validation can lead to heap buffer overflow in cleardecompressresidualdata...
Security update for go1.25-openssl
This update for go1.25-openssl fixes the following issues: Update to version 1.25.7. Security issues fixed: CVE-2025-61732: cmd/go: discrepancy between Go and C/C++ comment parsing allows for C code smuggling bsc1257692. CVE-2025-68121: crypto/tls: Config.Clone copies automatically generated...
Security update for busybox
This update for busybox fixes the following issues: CVE-2026-26157: Arbitrary file overwrite and potential code execution via incomplete path sanitization bsc1258163. CVE-2026-26158: Arbitrary file modification and privilege escalation via unvalidated tar archive entries bsc1258167. Patch...
Security update for busybox
This update for busybox fixes the following issues: CVE-2026-26157: Arbitrary file overwrite and potential code execution via incomplete path sanitization bsc1258163. CVE-2026-26158: Arbitrary file modification and privilege escalation via unvalidated tar archive entries bsc1258167. Patch...
Security update for govulncheck-vulndb
This update for govulncheck-vulndb fixes the following issues: Update to version 0.0.20260226T182644 2026-02-26T18:26:44Z jscPED-11136 Go CVE Numbering Authority IDs added or updated with aliases: GO-2025-4259 CVE-2025-13767 GHSA-fmqf-pmcm-8cx9 GO-2025-4260 CVE-2025-64641 GHSA-vww6-79rv-3j4x...
Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 15 SP7)
This update for the SUSE Linux Enterprise kernel 6.4.0-150700.51 fixes one security issue The following security issue was fixed: CVE-2025-38129: pagepool: fix use-after-free in pagepoolrecycleinring bsc1258139. Patch Instructions: To install this SUSE update use the SUSE recommended installation...
Security update for the Linux Kernel (Live Patch 9 for SUSE Linux Enterprise 15 SP6)
This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.42 fixes one security issue The following security issue was fixed: CVE-2025-38129: pagepool: fix use-after-free in pagepoolrecycleinring bsc1258139. Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for shim
This update for shim fixes the following issues: shim is updated to version 16.1: shimstartimage: fix guid/handle pairing when uninstalling protocols Fix uncompressed ipv6 netboot fix test segfaults caused by uninitialized memory SbatLevelVariable.txt: minor typo fix. Realloc needs to allocate on...
Security update for mozilla-nss
This update for mozilla-nss fixes the following issues: update to NSS 3.112.3: CVE-2026-2781: Avoid integer overflow in platform-independent ghash bsc1258568 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for the Linux Kernel (Live Patch 1 for SUSE Linux Enterprise 15 SP7)
This update for the SUSE Linux Enterprise kernel 6.4.0-150700.53.3 fixes one security issue The following security issue was fixed: CVE-2025-38129: pagepool: fix use-after-free in pagepoolrecycleinring bsc1258139. Patch Instructions: To install this SUSE update use the SUSE recommended installati...
Security update for the Linux Kernel (Live Patch 34 for SUSE Linux Enterprise 15 SP5)
This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.133 fixes various security issues The following security issues were fixed: CVE-2023-54142: gtp: Fix use-after-free in gtpencapdestroy bsc1256097. CVE-2025-38129: pagepool: fix use-after-free in pagepoolrecycleinring bsc1258139...
Security update for the Linux Kernel (Live Patch 33 for SUSE Linux Enterprise 15 SP5)
This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.130 fixes various security issues The following security issues were fixed: CVE-2022-50700: wifi: ath10k: Delay the unmapping of the buffer bsc1255577. CVE-2023-54142: gtp: Fix use-after-free in gtpencapdestroy bsc1256097...
Security update for the Linux Kernel (Live Patch 30 for SUSE Linux Enterprise 15 SP5)
This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.121 fixes various security issues The following security issues were fixed: CVE-2022-50700: wifi: ath10k: Delay the unmapping of the buffer bsc1255577. CVE-2023-54142: gtp: Fix use-after-free in gtpencapdestroy bsc1256097...
Security update for the Linux Kernel (Live Patch 26 for SUSE Linux Enterprise 15 SP5)
This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.103 fixes various security issues The following security issues were fixed: CVE-2022-50700: wifi: ath10k: Delay the unmapping of the buffer bsc1255577. CVE-2023-54142: gtp: Fix use-after-free in gtpencapdestroy bsc1256097...
Security update for gpg2
This update for gpg2 fixes the following issues: Security fix: Fixed GnuPG accepting Path Separators and Path Traversals in Literal Data bsc1256389 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...
Security update for python311
This update for python311 fixes the following issues: CVE-2025-11468: header injection when folding a long comment in an email header containing exclusively unfoldable characters bsc1257029. CVE-2025-12781: inadequate parameter check can cause data integrity issues bsc1257108. CVE-2025-15282:...
Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issues: Update to Thunderbird 140.7.2 CVE-2026-2447: Fixed a heap buffer overflow in libvpx. bsc1258231 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for libsoup
This update for libsoup fixes the following issues: CVE-2025-32049: denial of Service attack to websocket server bsc1240751. CVE-2026-2369: buffer overread due to integer underflow when handling zero-length resources bsc1258120. CVE-2026-2443: out-of-bounds read when processing specially crafted...
Security update for libsoup
This update for libsoup fixes the following issues: CVE-2025-32049: denial of Service attack to websocket server bsc1240751. CVE-2026-2369: buffer overread due to integer underflow when handling zero-length resources bsc1258120. CVE-2026-2443: out-of-bounds read when processing specially crafted...
Security update for the Linux Kernel
The SUSE Linux Enterprise 11 SP4 kernel was updated to fix various security issues The following security issues were fixed: CVE-2021-0920: net: split out functions related to registering inflight socket files bsc1193731. CVE-2025-38177: schhfsc: make hfscqlennotify idempotent bsc1245986. Special...
Security update for go1
This update for go1 fixes the following issues: Update to version 1.24.13 jscSLE-18320, bsc1236217. Security issues fixed: CVE-2025-61732: cmd/cgo: discrepancy between Go and C/C++ comment parsing allows for C code smuggling bsc1257692. CVE-2025-68119: cmd/go: unexpected code execution when...
Security update for valkey
This update for valkey fixes the following issues: Update to version 8.0.7. Security issues fixed: CVE-2025-67733: data tampering and denial of service via improper null character handling in Lua scripts bsc1258746. CVE-2026-21863: denial of service via invalid clusterbus packet bsc1258788. Other...
Security update for gimp
This update for gimp fixes the following issues: CVE-2026-2044: lack of proper initialization of memory can allow remote attackers to execute arbitrary code bsc1258532. CVE-2026-2045: check offset in the colormap is valid before using it bsc1258533. CVE-2026-2048: lack of proper validation of...
Security update for freerdp2
This update for freerdp2 fixes the following issues: CVE-2026-22855: heap-buffer-overflow in smartcardunpacksetattribcall bsc1256721. CVE-2026-22857: heap-use-after-free in irpthreadfunc bsc1256723. CVE-2026-23533: improper validation can lead to heap buffer overflow in cleardecompressresidualdat...
Security update for glibc
This update for glibc fixes the following issues: CVE-2026-0915: resolv: Fix NSS DNS backend for getnetbyaddr bsc1256822, BZ 33802 CVE-2025-15281: posix: Reset wordexpt fields with WRDEREUSE bsc1257005, BZ 33814 CVE-2025-8058: posix: Fix double-free after allocation failure in regcomp bsc1246965,...
Security update for the Linux Kernel RT (Live Patch 1 for SUSE Linux Enterprise 15 SP7)
This update for the SUSE Linux Enterprise kernel 6.4.0-150700.7.3 fixes one security issue The following security issue was fixed: CVE-2025-38129: pagepool: fix use-after-free in pagepoolrecycleinring bsc1258139. Patch Instructions: To install this SUSE update use the SUSE recommended installatio...
Security update for ucode-intel
This update for ucode-intel fixes the following issues: Intel CPU Microcode was updated to the 20260210 release bsc1258046 CVE-2024-24853: Updated fix for incorrect behavior order in transition between executive monitor and SMI transfer monitor STM in some IntelR Processor may allow a privileged...
Security update for ucode-intel
This update for ucode-intel fixes the following issues: Intel CPU Microcode was updated to the 20260210 release bsc1258046 CVE-2024-24853: Updated fix for incorrect behavior order in transition between executive monitor and SMI transfer monitor STM in some IntelR Processor may allow a privileged...
Security update for ucode-intel
This update for ucode-intel fixes the following issues: Intel CPU Microcode was updated to the 20260210 release bsc1258046 CVE-2024-24853: Updated fix for incorrect behavior order in transition between executive monitor and SMI transfer monitor STM in some IntelR Processor may allow a privileged...
Security update for redis7
This update for redis7 fixes the following issue: a user can manipulate data read by a connection by injecting sequences into a Redis error reply bsc1258706. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for docker
This update for docker fixes the following issues: CVE-2025-58181: Fixed a bug in crypto/ssh where invalidated number of mechanisms can cause unbounded memory consumption. bsc1253904 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupda...
Security update for frr
This update for frr fixes the following issues: CVE-2025-61099: Fixed a NULL pointer dereference, which may lead to a DoS vulnerability. bsc1252838 CVE-2025-61100: Fixed a NULL pointer dereference, which may lead to a DoS vulnerability. bsc1252829 CVE-2025-61101: Fixed a NULL pointer dereference,...
Security update for python3
This update for python3 fixes the following issues: CVE-2025-11468: header injection when folding a long comment in an email header containing exclusively unfoldable characters bsc1257029. CVE-2026-0672: HTTP header injection via user-controlled cookie values and parameters when using...
Security update for python
This update for python fixes the following issues: CVE-2025-6075: Fixed performance degradation when using os.path.expandvars bsc1252974. CVE-2026-0672: Fixed a HTTP header injection via user-controlled cookie values and parameters when using http.cookies.Morsel. bsc1257031 CVE-2026-0865: Fixed a...
Security update for qemu
This update for qemu fixes the following issues: CVE-2025-14876: qemu-kvm: Unbounded allocation in virtio-crypto bsc1255400. CVE-2026-0665: out-of-bounds heap access can lead to a denial of service or potential memory corruption bsc1256484. Patch Instructions: To install this SUSE update use the...
Security update for erlang
This update for erlang fixes the following issues: CVE-2025-48039:Fixed an excessive use of system resources. bsc1249469 CVE-2025-48038:Fixed an excessive use of system resources. bsc1249470 CVE-2025-48040:Fixed an excessive resource consumption. bsc1249472 Patch Instructions: To install this SUS...
Security update for openvswitch
This update for openvswitch fixes the following issues: CVE-2024-2182: Fixed insufficient validation of incoming BFD packets may lead to denial of service bsc1255435 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for docker-stable
This update for docker-stable fixes the following issues: CVE-2025-30204: Fixed a vulnerability in jwt-go which allowed excessive memory allocation during header parsing. bsc1240513 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdat...
Security update for libsoup
This update for libsoup fixes the following issues: CVE-2025-32049: denial of Service attack to websocket server bsc1240751. CVE-2026-2369: buffer overread due to integer underflow when handling zero-length resources bsc1258120. CVE-2026-2443: out-of-bounds read when processing specially crafted...
Security update for libsoup2
This update for libsoup2 fixes the following issues: CVE-2025-32049: denial of Service attack to websocket server bsc1240751. CVE-2026-2369: buffer overread due to integer underflow when handling zero-length resources bsc1258120. CVE-2026-2443: out-of-bounds read when processing specially crafted...
Security update for freerdp
This update for freerdp fixes the following issues: CVE-2026-22855: heap-buffer-overflow in smartcardunpacksetattribcall bsc1256721. CVE-2026-22857: heap-use-after-free in irpthreadfunc bsc1256723. CVE-2026-23533: improper validation can lead to heap buffer overflow in cleardecompressresidualdata...
Security update for redis
This update for redis fixes the following issue: a user can manipulate data read by a connection by injecting sequences into a Redis error reply bsc1258706. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...