5387 matches found
Security update for openCryptoki
This update for openCryptoki fixes the following issues: CVE-2026-23893: Fixed privilege escalation or data exposure via symlink following bsc1257116 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternative...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP3 RT kernel was updated to fix various security issues The following security issues were fixed: CVE-2022-50282: chardev: fix error handling in cdevdeviceadd bsc1249739. CVE-2022-50630: mm: hugetlb: fix UAF in hugetlbhandleuserfault bsc1254785. CVE-2022-50700: wifi:...
Security update for bind
This update for bind fixes the following issues: Upgrade to release 9.20.18: CVE-2025-13878: Fixed incorrect length checks for BRID and HHIT records bsc1256997 Feature Changes: Add more information to the rndc recursing output about fetches. Reduce the number of outgoing queries. Provide more...
Security update for glibc-livepatches
This update for glibc-livepatches fixes the following issues: CVE-2026-0861: Fixed that inadequate size check in the memalign suite may result in an integer overflow bsc1256913 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for openssl-1_1
This update for openssl-11 fixes the following issues: CVE-2026-22795: Missing ASN1TYPE validation in PKCS12 parsing bsc1256839. CVE-2025-69420: Missing ASN1TYPE validation in TSRESPverifyresponse function bsc1256837. CVE-2025-69421: NULL Pointer Dereference in PKCS12itemdecryptd2iex function...
Security update for freerdp
This update for freerdp fixes the following issues: CVE-2025-4478: Fixed initialization of function pointers after resource allocations bsc1243109 CVE-2026-22851: Fixed RDPGFX ResetGraphics race leading to use-after-free in SDL client sdl-primary bsc1256717 CVE-2026-22852: Fixed...
Security update for assertj-core
This update for assertj-core fixes the following issues: Upgrade to version 3.27.7: CVE-2026-24400: Fix XXE vulnerability in isXmlEqualTo assertion bsc1257293. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for openssl-1_1
This update for openssl-11 fixes the following issues: CVE-2026-22795: Missing ASN1TYPE validation in PKCS12 parsing bsc1256839. CVE-2025-69420: Missing ASN1TYPE validation in TSRESPverifyresponse function bsc1256837. CVE-2025-69421: NULL Pointer Dereference in PKCS12itemdecryptd2iex function...
Security update for java-25-openjdk
This update for java-25-openjdk fixes the following issues: Update to upstream tag jdk-25.0.2+10 January 2026 CPU Security fixes: CVE-2026-21925: Fixed Oracle Java SE component RMI bsc1257034. CVE-2026-21932: Fixed Oracle Java SE component AWT and JavaFX bsc1257036. CVE-2026-21933: Fixed Oracle...
Security update for java-11-openjdk
This update for java-11-openjdk fixes the following issues: Upgrade to upstream tag jdk-11.0.30+7 January 2026 CPU Security fixes: CVE-2026-21925: Fixed Oracle Java SE component RMI bsc1257034. CVE-2026-21932: Fixed Oracle Java SE component AWT and JavaFX bsc1257036. CVE-2026-21933: Fixed Oracle...
Security update for abseil-cpp
This update for abseil-cpp fixes the following issues: CVE-2025-0838: Fixed heap buffer overflow in sized constructors, reserve, and rehash methods of absl:flat,nodehashset,map bsc1237543. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for python
This update for python fixes the following issues: Modified CVE-2025-6075 fix to not use re.ASCII flag not available in Python 2.7 bsc1257064. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you...
Security update for libxml2
This update for libxml2 fixes the following issues: CVE-2026-0989: Fixed call stack exhaustion leading to application crash due to RelaxNG parser not limiting the recursion depth when resolving include directives bsc1256805. Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for python-filelock
This update for python-filelock fixes the following issues: CVE-2026-22701: Fixed TOCTOU race condition in SoftFileLock implementation of he filelock package bsc1256457 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for libxml2
This update for libxml2 fixes the following issues: CVE-2026-0989: Fixed call stack exhaustion leading to application crash due to RelaxNG parser not limiting the recursion depth when resolving include directives bsc1256805 Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for openssl-1_0_0
This update for openssl-100 fixes the following issues: CVE-2025-68160: Heap out-of-bounds write in BIOflinebuffer on short writes bsc1256834. CVE-2025-69420: Missing ASN1TYPE validation in TSRESPverifyresponse function bsc1256837. CVE-2025-69421: NULL Pointer Dereference in PKCS12itemdecryptd2ie...
Security update for openssl-1_0_0
This update for openssl-100 fixes the following issues: CVE-2025-68160: Heap out-of-bounds write in BIOflinebuffer on short writes bsc1256834. CVE-2025-69420: Missing ASN1TYPE validation in TSRESPverifyresponse function bsc1256837. CVE-2025-69421: NULL Pointer Dereference in PKCS12itemdecryptd2ie...
Security update for openssl-1_1
This update for openssl-11 fixes the following issues: CVE-2026-22795: Missing ASN1TYPE validation in PKCS12 parsing bsc1256839. CVE-2025-69420: Missing ASN1TYPE validation in TSRESPverifyresponse function bsc1256837. CVE-2025-69421: NULL Pointer Dereference in PKCS12itemdecryptd2iex function...
Security update for openjpeg2
This update for openjpeg2 fixes the following issues: CVE-2023-39327: Fixed malicious files can cause a large loop that continuously prints warning messages on the terminal bsc1227412. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for xen
This update for xen fixes the following issues: CVE-2025-58150: Fixed buffer overrun with shadow paging and tracing XSA-477 bsc1256745 CVE-2026-23553: Fixed incomplete IBPB for vCPU isolation XSA-479 bsc1256747 Special Instructions and Notes: Please reboot the system after installing this update...
Security update for xen
This update for xen fixes the following issues: Security fixes: CVE-2025-58150: Fixed buffer overrun with shadow paging and tracing XSA-477 bsc1256745 CVE-2026-23553: Fixed incomplete IBPB for vCPU isolation XSA-479 bsc1256747 CVE-2025-58149: Fixed incorrect removal od permissions on PCI device...
Security update for alloy
This update for alloy fixes the following issues: Update to 1.12.2: Security fixes: CVE-2025-68156: github.com/expr-lang/expr/builtin: Fixed potential DoS via unbounded recursion bsc1255333: CVE-2025-31133, CVE-2025-52565, CVE-2025-52881: github.com/opencontainers/runc: Fixed container breakouts ...
Security update for helm
This update for helm rebuilds it against the current GO security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: openSUSE Leap 15.6 zyppe...
Security update for kubernetes
This update for kubernetes rebuilds it against the current GO security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: Containers Module...
Security update for openjpeg2
This update for openjpeg2 fixes the following issues: CVE-2023-39327: Fixed malicious files can cause a large loop that continuously prints warning messages on the terminal bsc1227412. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for container-suseconnect
This update for container-suseconnect rebuilds it against the current GO security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product:...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 kernel was updated to fix various security issues The following security issues were fixed: CVE-2022-50630: mm: hugetlb: fix UAF in hugetlbhandleuserfault bsc1254785. CVE-2022-50700: wifi: ath10k: Delay the unmapping of the buffer bsc1255576. CVE-2023-53254:...
Security update for the Linux Kernel
The SUSE Linux Enterprise 12 SP5 kernel was updated to fix various security issues The following security issues were fixed: CVE-2022-49604,CVE-2025-40074: ip: Fix data-races around sysctlipfwdusepmtu bsc1238414 bsc1252794. CVE-2022-50527: drm/amdgpu: Fix size validation for non-exclusive domains...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP7 kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-38321: smb: Log an error when closeallcacheddirs fails bsc1246328. CVE-2025-38728: smb3: fix for slab out of bounds on mount to ksmbd bsc1249256. CVE-2025-39977:...
Security update for python311
This update for python311 fixes the following issues: CVE-2025-12084: prevent quadratic behavior in node ID cache clearing bsc1254997. CVE-2025-13836: prevent reading an HTTP response from a server, if no read amount is specified, with using Content-Length per default as the length bsc1254400...
Security update for gimp
This update for gimp fixes the following issues: CVE-2025-14422: Fixed RCE vulnerability due to PNM file parsing integer overflow bsc1255293 CVE-2025-14425: Fixed RCE vulnerability due to JP2 file parsing heap-based buffer overflow bsc1255296 Patch Instructions: To install this SUSE update use th...
Security update for openssl-3
This update for openssl-3 fixes the following issues: CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing bsc1256830. CVE-2025-68160: Heap out-of-bounds write in BIOflinebuffer on short writes bsc1256834. CVE-2025-69418: Unauthenticated/unencrypted trailing bytes with low-level...
Security update for openssl-3
This update for openssl-3 fixes the following issues: CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing bsc1256830. CVE-2025-68160: Heap out-of-bounds write in BIOflinebuffer on short writes bsc1256834. CVE-2025-69418: Unauthenticated/unencrypted trailing bytes with low-level...
Security update for openssl-3
This update for openssl-3 fixes the following issues: CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing bsc1256830. CVE-2025-68160: Heap out-of-bounds write in BIOflinebuffer on short writes bsc1256834. CVE-2025-69418: Unauthenticated/unencrypted trailing bytes with low-level...
Security update for openssl-3
This update for openssl-3 fixes the following issues: CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing bsc1256830. CVE-2025-68160: Heap out-of-bounds write in BIOflinebuffer on short writes bsc1256834. CVE-2025-69418: Unauthenticated/unencrypted trailing bytes with low-level...
Security update for go1.24-openssl
This update for go1.24-openssl fixes the following issues: Update to version 1.24.12 released 2026-01-15 jscSLE-18320, bsc1236217: Security fixes: CVE-2025-47912: net/url: insufficient validation of bracketed IPv6 hostnames bsc1251257. CVE-2025-58183: archive/tar: unbounded allocation when parsin...
Security update for python-python-multipart
This update for python-python-multipart fixes the following issues: CVE-2026-24486: Fixed non-default configuration options can lead to path traversal bsc1257301. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for xen
This update for xen fixes the following issues: CVE-2025-58150: Fixed buffer overrun with shadow paging and tracing XSA-477 bsc1256745 CVE-2026-23553: Fixed incomplete IBPB for vCPU isolation XSA-479 bsc1256747 Special Instructions and Notes: Please reboot the system after installing this update...
Recommended update for kernel-firmware
This update for kernel-firmware fixes the following issues: Update AMD ucode to 20251203 bsc1256483 Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for xen
This update for xen fixes the following issues: CVE-2025-58150: Fixed buffer overrun with shadow paging and tracing XSA-477 bsc1256745 CVE-2026-23553: Fixed incomplete IBPB for vCPU isolation XSA-479 bsc1256747 Special Instructions and Notes: Please reboot the system after installing this update...
Security update for xen
This update for xen fixes the following issues: Security fixes: CVE-2025-58150: Fixed buffer overrun with shadow paging and tracing XSA-477 bsc1256745 CVE-2026-23553: Fixed incomplete IBPB for vCPU isolation XSA-479 bsc1256747 CVE-2025-58149: Fixed incorrect removal od permissions on PCI device...
Security update for nodejs22
This update for nodejs22 fixes the following issues: Security fixes: CVE-2026-22036: Fixed unbounded decompression chain in HTTP response leading to resource exhaustion bsc1256848 CVE-2026-21637: Fixed synchronous exceptions thrown during callbacks that bypass TLS error handling and causing denia...
Security update for python-pyasn1
This update for python-pyasn1 fixes the following issues: CVE-2026-23490: Fixed malformed RELATIVE-OID with excessive continuation octets leading to Denial of Service bsc1256902 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for python311
This update for python311 fixes the following issues: CVE-2025-12084: prevent quadratic behavior in node ID cache clearing bsc1254997. CVE-2025-13836: prevent reading an HTTP response from a server, if no read amount is specified, with using Content-Length per default as the length bsc1254400...
Security update for go1.25-openssl
This update for go1.25-openssl fixes the following issues: Update to version 1.25.6 released 2026-01-15 jscSLE-18320, bsc1244485: Security fixes: CVE-2025-4674 cmd/go: disable support for multiple vcs in one module bsc1246118. CVE-2025-47906 os/exec: LookPath bug: incorrect expansion of "", "." a...
Security update for go1.25-openssl
This update for go1.25-openssl fixes the following issues: Update to version 1.25.6 released 2026-01-15 jscSLE-18320, bsc1244485: Security fixes: CVE-2025-4674 cmd/go: disable support for multiple vcs in one module bsc1246118. CVE-2025-47906 os/exec: LookPath bug: incorrect expansion of "", "." a...
Security update for go1.24-openssl
This update for go1.24-openssl fixes the following issues: Update to version 1.24.12 released 2026-01-15 jscSLE-18320, bsc1236217: Security fixes: CVE-2025-47912: net/url: insufficient validation of bracketed IPv6 hostnames bsc1251257. CVE-2025-58183: archive/tar: unbounded allocation when parsin...
Security update for nodejs22
This update for nodejs22 fixes the following issues: Security fixes: CVE-2026-22036: Fixed unbounded decompression chain in HTTP response leading to resource exhaustion bsc1256848 CVE-2026-21637: Fixed synchronous exceptions thrown during callbacks that bypass TLS error handling and causing denia...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-38321: smb: Log an error when closeallcacheddirs fails bsc1246328. CVE-2025-38728: smb3: fix for slab out of bounds on mount to ksmbd bsc1249256. CVE-2025-39890:...
Security update for govulncheck-vulndb
This update for govulncheck-vulndb fixes the following issues: Update to version 0.0.20260123T022811 2026-01-23T02:28:11Z jscPED-11136. Go CVE Numbering Authority IDs added or updated with aliases: GO-2025-3764 CVE-2024-44905 GHSA-6xp3-p59p-q4fj GO-2025-4188 CVE-2025-65637 GHSA-4f99-4q7p-p3gh...