5387 matches found
Security update for openCryptoki
This update for openCryptoki fixes the following issues: CVE-2026-22791: Fixed supplying malformed compressed EC public key can lead to heap corruption or denial-of-service bsc1256673. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for openvswitch3
This update for openvswitch3 fixes the following issues: Update to v3.1.7: CVE-2023-3966: openvswitch, openvswitch3: Invalid memory access in Geneve with HW offload bsc1219465. CVE-2024-2182: openvswitch: ov: insufficient validation of incoming BFD packets may lead to denial of service bsc1255435...
Security update for qemu
This update for qemu fixes the following issues: Security issues fixed: CVE-2025-12464: stack-based buffer overflow in the e1000 network device operations can be exploited by a malicious guest user to crash the QEMU process on the host bsc1253002. CVE-2025-11234: use-after-free in WebSocket...
Security update for openvswitch
This update for openvswitch fixes the following issues: Update to v3.1.7: CVE-2023-3966: openvswitch, openvswitch3: Invalid memory access in Geneve with HW offload bsc1219465. CVE-2024-2182: openvswitch: ov: insufficient validation of incoming BFD packets may lead to denial of service bsc1255435...
Security update for libvirt
This update for libvirt fixes the following issues: CVE-2025-13193: Fixed umask for 'qemu-img' when creating external inactive snapshots bsc1253703 CVE-2025-12748: Fixed check ACLs before parsing the whole domain XML bsc1253278 Patch Instructions: To install this SUSE update use the SUSE...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP7 RT kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-38321: smb: Log an error when closeallcacheddirs fails bsc1246328. CVE-2025-38728: smb3: fix for slab out of bounds on mount to ksmbd bsc1249256. CVE-2025-39977...
Security update for the Linux Kernel (Live Patch 12 for SUSE Linux Enterprise 15 SP6)
This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.53 fixes various security issues The following security issues were fixed: CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in liotargetnaclinfoshow bsc1251787. CVE-2025-38476: rpl: Fix use-after-free in rpldosrhinline...
Security update for azure-cli-core
This update for azure-cli-core fixes the following issues: CVE-2025-24049: Fix improper neutralization of special elements used in a command which allows an unauthorized attacker to elevate privileges locally. bsc1239460 Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise 15 SP6)
This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.33 fixes various security issues The following security issues were fixed: CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in liotargetnaclinfoshow bsc1251787. CVE-2025-38476: rpl: Fix use-after-free in rpldosrhinline...
Security update for the Linux Kernel (Live Patch 6 for SUSE Linux Enterprise 15 SP6)
This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.30 fixes various security issues The following security issues were fixed: CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in liotargetnaclinfoshow bsc1251787. CVE-2024-57849: s390/cpumsf: handle CPU hotplug remove during...
Security update for python
This update for python fixes the following issues: CVE-2025-13836: Fixed reading an HTTP response from a server, if no read amount is specified, with using Content-Length per default as the length bsc1254400 CVE-2025-12084: Fixed Denial of Service due to quadratic algorithm in xml.dom.minidom...
Recommended update for kernel-firmware
This update for kernel-firmware fixes the following issues: Update AMD ucode to 20251203 bsc1256483 Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for glib2
This update for glib2 fixes the following issues: CVE-2026-0988: Fixed a potential integer overflow in gbufferedinputstreampeek bsc1257049. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can...
Security update for libsoup
This update for libsoup fixes the following issues: CVE-2026-0719: Fixed stack-based buffer overflow in NTLM authentication bsc1256399. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run...
Security update for glib2
This update for glib2 fixes the following issues: CVE-2026-0988: Fixed a potential integer overflow in gbufferedinputstreampeek bsc1257049. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues The following security issues were fixed: CVE-2022-50630: mm: hugetlb: fix UAF in hugetlbhandleuserfault bsc1254785. CVE-2022-50700: wifi: ath10k: Delay the unmapping of the buffer bsc1255576. CVE-2023-53254:...
Security update for the Linux Kernel (Live Patch 8 for SUSE Linux Enterprise 15 SP6)
This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.38 fixes various security issues The following security issues were fixed: CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in liotargetnaclinfoshow bsc1251787. CVE-2025-38476: rpl: Fix use-after-free in rpldosrhinline...
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 140.7.0 ESR bsc1256340. MFSA 2026-03 CVE-2026-0877: Mitigation bypass in the DOM: Security component CVE-2026-0878: Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebG...
Security update for avahi
This update for avahi fixes the following issues: CVE-2025-68276: Fixed refuse to create wide-area record browsers when wide-area is off bsc1256498 CVE-2025-68471: Fixed DoS bug by changing assert to return bsc1256500 CVE-2025-68468: Fixed DoS bug by removing incorrect assertion bsc1256499 Patch...
Security update for libsoup2
This update for libsoup2 fixes the following issues: CVE-2025-14523: Reject duplicated Host in headers and followed upstream update bsc1254876. CVE-2026-0719: Fixed overflow for password md4sum bsc1256399 Patch Instructions: To install this SUSE update use the SUSE recommended installation method...
Security update for libsoup
This update for libsoup fixes the following issues: CVE-2026-0716: Fixed out-of-bounds read for websocket bsc1256418 CVE-2026-0719: Fixed overflow for password md4sum bsc1256399 CVE-2025-14523: Reject duplicated Host in headers and followed upstream update bsc1254876. Patch Instructions: To insta...
Security update for openldap2_5
This update for openldap25 fixes the following issues: Security fixes: CVE-2026-22185: Fixed possible crash in malicious DB bsc1256297 Other fixes: Update to version 2.5.20+11: ITS10421 mdbload: check for malicious input Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for python-urllib3
This update for python-urllib3 fixes the following issues: CVE-2026-21441: Fixed excessive resource consumption during decompression of data in HTTP redirect responses bsc1256331 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate o...
Security update for log4j
This update for log4j fixes the following issues: Security fixes: CVE-2025-68161: Fixed absent TLS hostname verification that may allow a man-in-the-middle attack bsc1255427 Other fixes: Upgrade to 2.18.0 Added Add support for Jakarta Mail API in the SMTP appender. Add support for custom Log4j 1....
Security update for libsoup2
This update for libsoup2 fixes the following issues: CVE-2025-14523: Reject duplicated Host in headers and followed upstream update bsc1254876. CVE-2026-0719: Fixed overflow for password md4sum bsc1256399 Patch Instructions: To install this SUSE update use the SUSE recommended installation method...
Security update for python-pyasn1
This update for python-pyasn1 fixes the following issues: CVE-2026-23490: Fixed Denial-of-Service issue that may lead to memory exhaustion from malformed RELATIVE-OID with excessive continuation octets bsc1256902 Patch Instructions: To install this SUSE update use the SUSE recommended installatio...
Security update for the Linux Kernel (Live Patch 5 for SUSE Linux Enterprise 15 SP7)
This update for the SUSE Linux Enterprise kernel 6.4.0-150700.53.19 fixes various security issues The following security issues were fixed: CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in liotargetnaclinfoshow bsc1251787. CVE-2025-40204: sctp: Fix MAC comparison to be constant-time...
Security update for the Linux Kernel (Live Patch 22 for SUSE Linux Enterprise 15 SP5)
This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.91 fixes various security issues The following security issues were fixed: CVE-2022-50327: ACPI: processor: idle: Check acpifetchacpidev return value bsc1254451. CVE-2022-50409: net: If sock is dead don't access sock's skwq in...
Security update for php7
This update for php7 fixes the following issues: Security fixes: CVE-2025-14178: heap buffer overflow occurs in arraymerge when the total element count of packed arrays exceeds 32-bit limits or HTMAXSIZE bsc1255711. Other fixes: Add all php7 packages to PackageHUB unsupported, no source changes...
Security update for librsvg
This update for librsvg fixes the following issues: Update to version 2.57.4 - bsc1243867: CVE-2024-12224: RUSTSEC-2024-0421 - idna accepts Punycode labels that do not produce any non-ASCII when decoded. RUSTSEC-2024-0404 - Unsoundness in anstream. Patch Instructions: To install this SUSE update...
Security update for dpdk
This update for dpdk fixes the following issues: Update to version 24.11.4: CVE-2025-23259: Fixed an attacker on a VM in the system can cause information disclosure and denial of service bsc1254161. Changelog: https://doc.dpdk.org/guides-24.11/relnotes/release2411.htmlid10...
Security update for wireshark
This update for wireshark fixes the following issues: CVE-2026-0959: IEEE 802.11 dissector crash bsc1256734. CVE-2026-0960: HTTP3 dissector infinite loop bsc1256736. CVE-2026-0962: SOME/IP-SD dissector crash bsc1256739. Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for busybox
This update for busybox fixes the following issues: This update for busybox fixes the following issues: Security issues: CVE-2025-46394: Fixed tar hidden files via escape sequence CVE-2025-46394, bsc1241661 CVE-2025-60876: Fixed HTTP request header injection in wget CVE-2025-60876, bsc1253245 Oth...
Security update for busybox
This update for busybox fixes the following issues: Security issues: CVE-2025-46394: Fixed tar hidden files via escape sequence CVE-2025-46394, bsc1241661 CVE-2025-60876: Fixed HTTP request header injection in wget CVE-2025-60876, bsc1253245 Other issues: Set CONFIGFIRSTSYSTEMID to 201 to avoid...
Security update for libpng16
This update for libpng16 fixes the following issues: CVE-2026-22695: Fixed heap buffer over-read in pngimagefinishread bsc1256525 CVE-2026-22801: Fixed integer truncation causing heap buffer over-read in pngimagewrite bsc1256526. Patch Instructions: To install this SUSE update use the SUSE...
Security update for python-virtualenv
This update for python-virtualenv fixes the following issues: CVE-2026-22702: Fixed local attacker can redirect file operations via TOCTOU race condition bsc1256458. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for pgadmin4
This update for pgadmin4 fixes the following issues: CVE-2025-9636: Fixed Cross-Origin Opener Policy COOP vulnerability bsc1249151. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for exiv2-0_26
This update for exiv2-026 fixes the following issues: Add reference for previously fixed issue: CVE-2025-55304: Fixed quadratic performance algorithm in the ICC profile parsing code of JpegBase::readMetadata bsc1248963. Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for util-linux
This update for util-linux fixes the following issues: CVE-2025-14104: Fixed heap buffer overread in setpwnam when processing 256-byte usernames bsc1254666. lscpu: Add support for NVIDIA Olympus arm64 core jscPED-13682. Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for ffmpeg-4
This update for ffmpeg-4 fixes the following issues: CVE-2023-6601: Fixed HLS Unsafe File Extension Bypass bsc1220545. CVE-2025-63757: Fixed integer overflow in yuv2ya16Xctemplate bsc1255392. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for net-snmp
This update for net-snmp fixes the following issues: CVE-2025-68615: Fixed snmptrapd buffer overflow bsc1255491 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for...
Security update for net-snmp
This update for net-snmp fixes the following issues: CVE-2025-68615: Fixed snmptrapd buffer overflow bsc1255491 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for...
Security update for python-marshmallow
This update for python-marshmallow fixes the following issues: CVE-2025-68480: Fixed possible DoS when using Schema.loaddata, many=True bsc1255473. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...
Security update for net-snmp
This update for net-snmp fixes the following issues: CVE-2025-68615: Fixed snmptrapd buffer overflow bsc1255491. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for...
Security update for libtasn1
This update for libtasn1 fixes the following issues: CVE-2025-13151: stack-based buffer overflow in asn1expendoctetstring bsc1256341. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run t...
Security update for libsodium
This update for libsodium fixes the following issues: CVE-2025-15444: fixed cryptographic bypass via improper elliptic curve point validation bsc1256070. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for python-tornado
This update for python-tornado fixes the following issues: CVE-2025-67725: inefficient algorithm when parsing parameters for HTTP header values bsc1254905. CVE-2025-67726: Denial of Service DoS via maliciously crafted HTTP request caused by the HTTPHeaders.add method bsc1254904. Patch Instruction...
Security update for curl
This update for curl fixes the following issues: CVE-2025-14017: Fixed broken TLS options for threaded LDAPS bsc1256105. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command...
Security update for python-filelock
This update for python-filelock fixes the following issues: CVE-2025-68146: TOCTOU race condition may allow local attackers to corrupt or truncate arbitrary user files bsc1255244. CVE-2026-22701: TOCTOU race condition in the SoftFileLock implementation bsc1256457. Patch Instructions: To install...
Security update for go1.24
This update for go1.24 fixes the following issues: Update to go1.24.12 released 2026-01-15 bsc1236217 Security fixes: CVE-2025-61730: crypto/tls: handshake messages may be processed at the incorrect encryption level bsc1256821. CVE-2025-68119: cmd/go: unexpected code execution when invoking...