5381 matches found
Security update for munge
This update for munge fixes the following issues: CVE-2026-25506: buffer overflow in message unpacking bsc1257651. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed f...
Security update for zabbix
This update for zabbix fixes the following issues: CVE-2024-36469: Introduced clamping for mitigation of timing attacks. bsc1240676 CVE-2024-42325: Restricted access to user fields using user.get API method for users of User and Admin type, and restricted access to alert entities using alert.get...
Security update for libsodium
This update for libsodium fixes the following issues: CVE-2025-15444: Fixed cryptographic bypass via improper elliptic curve point validation bsc1256070. CVE-2025-69277: Fixed incorrect validation of elliptic curve points in cryptocoreed25519isvalidpoint function bsc1255764. Patch Instructions: T...
Security update for openCryptoki
This update for openCryptoki fixes the following issues: CVE-2026-23893: Privilege Escalation or Data Exposure via Symlink Following bsc1257116. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively yo...
Security update for helm
This update for helm rebuilds it against the current GO security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: SUSE Linux Enterprise...
Security update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-t
This update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container,...
Security update for xrdp
This update for xrdp fixes the following issues: CVE-2025-68670: Fix a potential overflow when processing user domain information. bsc1257362 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you c...
Security update for python-azure-core
This update for python-azure-core fixes the following issues: CVE-2026-21226: Fixed deserialization of untrusted data which may allow an authorized attacker to execute code over a network. bsc1257703 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods lik...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP3 kernel was updated to fix various security issues The following security issues were fixed: CVE-2022-50697: mrp: introduce active flags to prevent UAF when applicant uninit bsc1255594. CVE-2025-38129: pagepool: fix inconsistency for pagepoolringlock bsc1245723...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 kernel was updated to fix various security issues The following security issues were fixed: CVE-2022-50697: mrp: introduce active flags to prevent UAF when applicant uninit bsc1255594. CVE-2023-54142: gtp: Fix use-after-free in gtpencapdestroy bsc1256095...
Security update for the Linux Kernel
The SUSE Linux Enterprise 12 SP5 kernel was updated to fix various security issues The following security issues were fixed: CVE-2022-50347: mmc: rtsxusbsdmmc: fix return value check of mmcaddhost bsc1249928. CVE-2022-50580: blk-throttle: prevent overflow while calculating wait time bsc1252542...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP7 Azure kernel was updated to fix various security issues The following security issues were fixed: CVE-2023-54013: interconnect: Fix locking for runpm vs reclaim bsc1256280. CVE-2025-39880: libceph: fix invalid accesses to cephconnectionv1info bsc1250388...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-40257: mptcp: fix a race in mptcppmdeladdtimer bsc1254842. CVE-2025-40259: scsi: sg: Do not sleep in atomic context bsc1254845. CVE-2025-68284: libceph: prevent...
Security update for rust-keylime
This update for rust-keylime fixes the following issues: Update to version 0.2.8+116. Security issues fixed: CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion bsc1257908. Other updates and bugfixes: Update vendored crates time to version...
Security update for libsoup
This update for libsoup fixes the following issues: CVE-2025-4476: null pointer dereference may lead to denial of service bsc1243422. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run t...
Security update for python-wheel
This update for python-wheel fixes the following issues: CVE-2026-24049: Fixed absent path sanitization can cause arbitrary file permission modification bsc1257100. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for nvidia-modprobe.cuda, nvidia-open-driver-G06-signed, nvidia-persistenced.cuda
This update for nvidia-modprobe.cuda, nvidia-open-driver-G06-signed, nvidia-persistenced.cuda fixes the following issues: Changes in nvidia-open-driver-G06-signed: updated CUDA variant to version 580.126.09 update non-CUDA variant to version 580.126.09 bsc1255858 update non-CUDA variant to versio...
Security update for glib2
This update for glib2 fixes the following issues: CVE-2026-1485: Fixed buffer underflow and out-of-bounds access due to integer wraparound in content type parsing bsc1257354. CVE-2026-1484: Fixed buffer underflow and out-of-bounds access due to miscalculated buffer boundaries in the Base64 encodi...
Security update for nodejs20
This update for nodejs20 fixes the following issues: Update to 20.20.0: CVE-2026-22036: Updated undici to 6.23.0 bsc1256848 CVE-2025-59465: Add TLSSocket default error handler bsc1256573 CVE-2025-55132: Disable futimes when permission model is enabled bsc1256571 CVE-2025-55130: Require full read...
Security update for nvidia-modprobe.cuda, nvidia-open-driver-G06-signed, nvidia-persistenced.cuda
This update for nvidia-modprobe.cuda, nvidia-open-driver-G06-signed, nvidia-persistenced.cuda fixes the following issues: Changes in nvidia-open-driver-G06-signed: updated CUDA variant to version 580.126.09 update non-CUDA variant to version 580.126.09 bsc1255858 update non-CUDA variant to versio...
Security update for rust-keylime
This update for rust-keylime fixes the following issues: Update to version 0.2.8+116. Security issues fixed: CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion bsc1257908. Other updates and bugfixes: Update vendored crates time to version...
Security update for rust-keylime
This update for rust-keylime fixes the following issues: Update to version 0.2.8+116. Security issues fixed: CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion bsc1257908. Other updates and bugfixes: Update vendored crates time to version...
Security update for munge
This update for munge fixes the following issues: CVE-2026-25506: buffer overflow in message unpacking bsc1257651. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed f...
Security update for munge
This update for munge fixes the following issues: CVE-2026-25506: buffer overflow in message unpacking bsc1257651. Make logrotate work on munge log as user munge. This prevents a local privilege escalation bsc1246088. Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for freerdp2
This update for freerdp2 fixes the following issues: CVE-2026-22852: a malicious RDP server can trigger a heap-buffer-overflow in audinprocessformats bsc1256718. CVE-2026-22854: server-controlled read length is used to read file data into an IRP output can cause heap-buffer-overflow in...
Security update for munge
This update for munge fixes the following issues: CVE-2026-25506: buffer overflow in message unpacking bsc1257651. Make logrotate work on log as user munge to prevent local privilege escalation bsc1246088. Patch Instructions: To install this SUSE update use the SUSE recommended installation metho...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP7 kernel was updated to fix various security issues The following security issues were fixed: CVE-2023-54013: interconnect: Fix locking for runpm vs reclaim bsc1256280. CVE-2025-39880: libceph: fix invalid accesses to cephconnectionv1info bsc1250388. CVE-2025-40238:...
Security update for qemu
This update for qemu fixes the following issues: CVE-2026-0665: Added PIRQ bounds check in xenphysdevmappirq to avoid an out-of-bounds heap. bsc1256484 Other fixes: Fixed that QEMU migration fails if a qemu-vdagent channel is present in the VM bsc1257474 Patch Instructions: To install this SUSE...
Security update for uriparser
This update for uriparser fixes the following issues: CVE-2025-67899: large input containing many commas can cause unbounded recursion and stack consumption bsc1255000. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for python-urllib3
This update for python-urllib31 fixes the following issues: CVE-2025-66471: excessive resource consumption via decompression of highly compressed data in Streaming API bsc1254867. CVE-2025-66418: resource exhaustion via unbounded number of links in the decompression chain bsc1254866...
Security update for gimp
This update for gimp fixes the following issues: CVE-2026-0797: Fixed a heap-based buffer overflow in the parsing of ICO files. bsc1257549 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can...
Security update for java-1_8_0-openjdk
This update for java-180-openjdk fixes the following issues: CVE-2026-21925: Fixed a vulnerability in the Oracle Java SE component RMI. bsc1257034 CVE-2026-21932: Fixed a vulnerability in the Oracle Java SE component AWT and JavaFX. bsc1257036 CVE-2026-21933: Fixed a vulnerability in the Oracle...
Security update for python-Django
This update for python-Django fixes the following issues: CVE-2025-14550: Fixed potential denial-of-service via repeated headers when using ASGIbsc1257403 CVE-2026-1312: Fixed potential SQL injection via QuerySet.orderby and FilteredRelation bsc1257408 CVE-2026-1287: Fixed potential SQL injection...
Security update for apptainer
This update for apptainer fixes the following issues: Security fixes: CVE-2024-45310: Fixed runc being tricked into creating empty files/directories on host bsc1257432 CVE-2025-65105: Fixed security bypass due to disabling security options bsc1255462 CVE-2025-47914: Fixed malformed constraint may...
Security update for ImageMagick
This update for ImageMagick fixes the following issues: CVE-2026-22770: improper pointer initialization can cause denial of service bsc1256969. CVE-2026-23874: manipulation of digital images can lead to stack overflow bsc1256976. CVE-2026-23876: maliciously crafted image can lead to heap buffer...
Security update for ImageMagick
This update for ImageMagick fixes the following issues: CVE-2026-22770: improper pointer initialization can cause denial of service bsc1256969. CVE-2026-23874: manipulation of digital images can lead to stack overflow bsc1256976. CVE-2026-23876: maliciously crafted image can lead to heap buffer...
Security update for qemu
This update for qemu fixes the following issues: CVE-2025-11234: Fixed use-after-free in websocket handshake code can lead to denial of service bsc1250984. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for nodejs20
This update for nodejs20 fixes the following issues: Update to 20.20.0: CVE-2026-22036: Updated undici to 6.23.0 bsc1256848 CVE-2025-59465: Add TLSSocket default error handler bsc1256573 CVE-2025-55132: Disable futimes when permission model is enabled bsc1256571 CVE-2025-55130: Require full read...
Security update for gpg2
This update for gpg2 fixes the following issues: Security fixes: CVE-2026-24882: Fixed stack-based buffer overflow in TPM2 PKDECRYPT for TPM-backed RSA and ECC keys bsc1257396 Fixed GnuPG accepting Path Separators and Path Traversals in Literal Data "Filename" Field bsc1256389 Patch Instructions:...
Security update for xrdp
This update for xrdp fixes the following issues: CVE-2025-68670: Fix a potential overflow when processing user domain information. bsc1257362 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you c...
Security update for sqlite3
This update for sqlite3 fixes the following issues: Update to v3.51.2: CVE-2025-7709: Fixed an integer overflow in the FTS5 extension. bsc1254670 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively y...
Security update for libsoup
This update for libsoup fixes the following issues: CVE-2026-1536: Always validate the headers value when coming from untrusted source to avoid HTTP header injection. bsc1257440 CVE-2026-1761: Check length of bytes read in soupfilterinputstreamreaduntil to avoid a stack-based buffer overflow...
Security update for python-pyasn1
This update for python-pyasn1 fixes the following issues: CVE-2026-23490: Fixed malformed RELATIVE-OID with excessive continuation octets leading to Denial of Service bsc1256902 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for go1.25
This update for go1.25 fixes the following issues: Update to version 1.25.7. Security issues fixed: CVE-2025-61732: cmd/go: discrepancy between Go and C/C++ comment parsing allows for C code smuggling bsc1257692. CVE-2025-68121: crypto/tls: Config.Clone copies automatically generated session tick...
Security update for go1.24
This update for go1.24 fixes the following issues: Update to version 1.24.13. Security issues fixed: CVE-2025-61732: cmd/go: discrepancy between Go and C/C++ comment parsing allows for C code smuggling bsc1257692. CVE-2025-68121: crypto/tls: Config.Clone copies automatically generated session...
Security update for python313-wheel
This update for python313-wheel fixes the following issues: CVE-2026-24049: Fixed absent path sanitization can cause arbitrary file permission modification bsc1257100. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for python-wheel
This update for python-wheel fixes the following issues: CVE-2026-24049: Fixed absent path sanitization can cause arbitrary file permission modification bsc1257100. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for python-brotlipy
This update for python-brotlipy fixes the following issues: Add max length decompression bsc1254867, bsc1256017 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for...
Security update for avahi
This update for avahi fixes the following issues: CVE-2025-68276: avahi: reachable assertion in avahiwideareascancache can lead to crash of avahi-daemon bsc1256498. CVE-2025-68468: avahi: reachable assertion in lookupmulticastcallback can lead to crash of avahi-daemon bsc1256499. CVE-2025-68471:...
Security update for freerdp
This update for freerdp fixes the following issues: CVE-2026-22852: a malicious RDP server can trigger a heap-buffer-overflow in audinprocessformats bsc1256718. CVE-2026-22854: server-controlled read length is used to read file data into an IRP output can cause heap-buffer-overflow in...