5115 matches found
Security update for python-Django
This update for python-Django fixes the following issues: CVE-2025-13372: Fixed SQL Injection in FilteredRelation bsc1254437 CVE-2025-64460: Fixed denial of service via specially crafted XML input in django.core.serializers.xmlserializer.getInnerText bsc1254437 Patch Instructions: To install this...
Security update for libpng12
This update for libpng12 fixes the following issues: CVE-2025-64505: Fixed heap buffer over-read in pngdoquantize via malformed palette index bsc1254157 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for gegl
This update for gegl fixes the following issues: CVE-2025-10921: Fixed HDR file parsing heap-based buffer overflow that can lead to remote code execution. bsc1250496 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for kubernetes-client
This update for kubernetes client rebuilds it against current the go release to fix bugs and security issues in the go stdlib. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for kubernetes-client
This update for kubernetes client rebuilds it against current the go release to fix bugs and security issues in the go stdlib. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for container-suseconnect
This update for container-suseconnect rebuilds it against current go security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: Containers...
Security update for postgresql15
This update for postgresql15 fixes the following issues: Upgraded to 15.15: CVE-2025-12817: Fixed missing check for CREATE privileges on the schema in CREATE STATISTICS bsc1253332 CVE-2025-12818: Fixed integer overflow in allocation-size calculations within libpq bsc1253333 Other fixes: Use...
Security update for postgresql14
This update for postgresql14 fixes the following issues: Upgraded to 14.20: CVE-2025-12817: Fixed missing check for CREATE privileges on the schema in CREATE STATISTICS bsc1253332 CVE-2025-12818: Fixed integer overflow in allocation-size calculations within libpq bsc1253333 Other fixes: Use...
Security update for postgresql14
This update for postgresql14 fixes the following issues: Upgraded to 14.20: CVE-2025-12817: Fixed missing check for CREATE privileges on the schema in CREATE STATISTICS bsc1253332 CVE-2025-12818: Fixed integer overflow in allocation-size calculations within libpq bsc1253333 Other fixes: Use...
Security update for python3
This update for python3 fixes the following issues: CVE-2025-6075: quadratic complexity in os.path.expandvars can lead to performance degradation when values passed to it are user-controlled bsc1252974. CVE-2025-8291: lack of validity checks on the ZIP64 End of Central Directory EOCD record allow...
Security update for postgresql17, postgresql18
This update for postgresql17, postgresql18 fixes the following issues: Changes in postgresql18: Fix build with uring for post SLE15 code streams. Update to 18.1: https://www.postgresql.org/about/news/p-3171/ https://www.postgresql.org/docs/release/18.1/ bsc1253332, CVE-2025-12817: Missing check f...
Security update for postgresql17, postgresql18
This update for postgresql17, postgresql18 fixes the following issues: Changes in postgresql18: Fix build with uring for post SLE15 code streams. Update to 18.1: https://www.postgresql.org/about/news/p-3171/ https://www.postgresql.org/docs/release/18.1/ bsc1253332, CVE-2025-12817: Missing check f...
Security update for fontforge
This update for fontforge fixes the following issues: CVE-2025-50949: Fixed a memory leak in the DlgCreate8 function. bsc1252652 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for python310
This update for python310 fixes the following issues: Update to 3.10.19: CVE-2025-6075: Fixed simple quadratic complexity vulnerabilities of os.path.expandvars. bsc1252974 CVE-2025-8291: Check the validity the ZIP64 End of Central Directory EOCD. bsc1251305 Patch Instructions: To install this SUS...
Security update for glib2
This update for glib2 fixes the following issues: CVE-2025-7039: Fixed buffer under-read on glib through glib/gfileutils.c via gettmpfile bsc1249055 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternativel...
Security update for gnutls
This update for gnutls fixes the following issues: CVE-2025-9820: Fixed buffer overflow in gnutlspkcs11tokeninit. bsc1254132 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the comman...
Security update for python-Jinja2
This update for python-Jinja2 fixes the following issues: CVE-2025-27516: Fixed sandbox breakout through attr filter selecting format method bsc1238879 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for go1.24
This update for go1.24 fixes the following issues: go1.24.11 released 2025-12-02 includes two security fixes to the crypto/x509 package, as well as bug fixes to the runtime. bsc1236217 CVE-2025-61727 CVE-2025-61729: go76460 go76445 bsc1254431 security: fix CVE-2025-61729 crypto/x509: excessive...
Security update for go1.25
This update for go1.25 fixes the following issues: go1.25.5 released 2025-12-02 includes two security fixes to the crypto/x509 package, as well as bug fixes to the mime and os packages. bsc1244485 CVE-2025-61729 CVE-2025-61727: go76461 go76445 bsc1254431 security: fix CVE-2025-61729 crypto/x509:...
Security update for gegl
This update for gegl fixes the following issues: CVE-2025-10921: lack of proper validation of user-supplied data when parsing HDR files can lead to RCE bsc1250496. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch...
Security update for postgresql13
This update for postgresql13 fixes the following issues: Upgraded to 13.23: CVE-2025-12817: Fixed missing check for CREATE privileges on the schema in CREATE STATISTICS bsc1253332 CVE-2025-12818: Fixed integer overflow in allocation-size calculations within libpq bsc1253333 Other fixes: Use...
Security update for gegl
This update for gegl fixes the following issues: CVE-2025-10921: Fixed HDR file parsing heap-based buffer overflow that can lead to remote code execution. bsc1250496 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-t
This update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container fixes the following issues: Updated...
Security update for postgresql13
This update for postgresql13 fixes the following issues: Upgraded to 13.23: CVE-2025-12817: Fixed missing check for CREATE privileges on the schema in CREATE STATISTICS bsc1253332 CVE-2025-12818: Fixed integer overflow in allocation-size calculations within libpq bsc1253333 Other fixes: Use...
Security update for gimp
This update for gimp fixes the following issues: CVE-2025-10922: Fixed GIMP DCM file parsing heap-based buffer overflow remote code execution vulnerability. bsc1250497 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for gnutls
This update for gnutls fixes the following issues: CVE-2025-9820: Fixed buffer overflow in gnutlspkcs11tokeninit. bsc1254132 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the comman...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 kernel was updated to fix various security issues The following security issues were fixed: CVE-2022-50327: ACPI: processor: idle: Check acpifetchacpidev return value bsc1249859. CVE-2022-50334: hugetlbfs: fix null-ptr-deref in hugetlbfsparseparam bsc1249857...
Security update for cups
This update for cups fixes the following issues: The fix for CVE-2025-58436 causes a regression where GTK applications will hang. bsc1254353 See also https://github.com/OpenPrinting/cups/issues/1429 The fix has been temporary disabled. Patch Instructions: To install this SUSE update use the SUSE...
Security update for the Linux Kernel
The SUSE Linux Enterprise 11 SP4 kernel was updated to fix various security issues The following security issues were fixed: CVE-2022-50116: Update config files. Disable NGSM bsc1244824 jscPED-8240. CVE-2022-50252: igb: Do not free qvector unless new one was allocated bsc1249846. CVE-2022-50381:...
Security update for python
This update for python fixes the following issues: CVE-2025-8291: Check the validity the ZIP64 End of Central Directory EOCD. bsc1251305 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can ru...
Security update for the Linux Kernel (Live Patch 4 for SUSE Linux Enterprise 15 SP7)
This update for the SUSE Linux Enterprise kernel 6.4.0-150700.53.16 fixes one security issue The following security issue was fixed: CVE-2025-38616: tls: handle data disappearing from under the TLS ULP bsc1249537. Patch Instructions: To install this SUSE update use the SUSE recommended installati...
Security update for libcryptopp
This update for libcryptopp fixes the following issues: CVE-2023-50979: Fixed side-channel leakage during decryption with PKCS1v1.5 padding. bsc1218217 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for curl
This update for curl fixes the following issues: CVE-2025-11563: Fixed wcurl path traversal with percent-encoded slashes bsc1253757 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for glib2
This update for glib2 fixes the following issues: CVE-2025-7039: Fixed buffer under-read on glib through glib/gfileutils.c via gettmpfile bsc1249055 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternativel...
Security update for the Linux Kernel (Live Patch 3 for SUSE Linux Enterprise 15 SP7)
This update for the SUSE Linux Enterprise kernel 6.4.0-150700.53.11 fixes various security issues The following security issues were fixed: CVE-2025-38500: xfrm: interface: fix use-after-free after changing collectmd xfrm interface bsc1248672. CVE-2025-38616: tls: handle data disappearing from...
Security update for grub2
This update for grub2 fixes the following issues: CVE-2025-54771: Fixed rubfileclose does not properly controls the fs refcount bsc1252931 CVE-2025-54770: Fixed missing unregister call for netsetvlan command may lead to use-after-free bsc1252930 CVE-2025-61662: Fixed missing unregister call for...
Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 15 SP7)
This update for the SUSE Linux Enterprise kernel 6.4.0-150700.51 fixes various security issues The following security issues were fixed: CVE-2025-23145: mptcp: fix NULL pointer in canacceptnewsubflow bsc1242882. CVE-2025-38500: xfrm: interface: fix use-after-free after changing collectmd xfrm...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 RT kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-38008: mm/pagealloc: fix race condition in unaccepted memory handling bsc1244939. CVE-2025-38539: trace/fgraph: Fix the warning caused by missing unregister...
Security update for curl
This update for curl fixes the following issues: CVE-2025-11563: Fixed wcurl path traversal with percent-encoded slashes bsc1253757 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for python311
This update for python311 fixes the following issues: Update to 3.11.14: CVE-2025-6075: Fixed simple quadratic complexity vulnerabilities of os.path.expandvars bsc1252974 CVE-2025-8291: Fixed validity of the ZIP64 End of Central Directory EOCD not checked by the 'zipfile' module bsc1251305 Patch...
Security update for libmicrohttpd
This update for libmicrohttpd fixes the following issues: CVE-2025-59777: Fixed NULL pointer dereference via specially crafted packet sent by an attacker bsc1253177 CVE-2025-62689: Fixed heap-based buffer overflow via specially crafted packet sent by an attacker bsc1253178 Patch Instructions: To...
Security update for cups
This update for cups fixes the following issues: CVE-2025-61915: Fixed a local denial-of-service via cupsd.conf update and related issues. bsc1253783 CVE-2025-58436: Fixed an issue where a slow client communication leads to a possible DoS attack. bsc1244057 Patch Instructions: To install this SUS...
Security update for cups
This update for cups fixes the following issues: CVE-2025-61915: Fixed local denial-of-service via cupsd.conf update bsc1253783 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for containerd
This update for containerd fixes the following issues: Update to containerd v1.7.29 CVE-2024-25621: Fixed an overly broad default permission vulnerability. bsc1253126 CVE-2025-64329: Fixed a goroutine leaks which can lead to memory exhaustion on the host. bsc1253132 Patch Instructions: To install...
Security update for java-25-openjdk
This update for java-25-openjdk fixes the following issues: Update to upstream tag jdk-25.0.1+8 October 2025 CPU Security fixes: JDK-8360937, CVE-2025-53057, bsc1252414: Enhance certificate handling JDK-8356294, CVE-2025-53066, bsc1252417: Enhance Path Factories JDK-8359454, CVE-2025-61748,...
Security update for the Linux Kernel (Live Patch 62 for SUSE Linux Enterprise 15 SP3)
This update for the SUSE Linux Enterprise kernel 5.3.18-150300.59.221 fixes various security issues The following security issues were fixed: CVE-2022-50388: nvme: fix multipath crash caused by flush request when blktrace is enabled bsc1250295. CVE-2022-50432: kernfs: fix use-after-free in...
Security update for the Linux Kernel (Live Patch 26 for SUSE Linux Enterprise 15 SP5)
This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.103 fixes various security issues The following security issues were fixed: CVE-2024-53141: netfilter: ipset: add missing range check in bitmapipuadt bsc1245778. CVE-2025-23145: mptcp: fix NULL pointer in canacceptnewsubflow...
Security update for the Linux Kernel (Live Patch 11 for SUSE Linux Enterprise 15 SP6)
This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.50 fixes various security issues The following security issues were fixed: CVE-2025-38500: xfrm: interface: fix use-after-free after changing collectmd xfrm interface bsc1248672. CVE-2025-38616: tls: handle data disappearing from...
Security update for the Linux Kernel (Live Patch 43 for SUSE Linux Enterprise 15 SP4)
This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.173 fixes one security issue The following security issue was fixed: CVE-2023-53673: Bluetooth: hcievent: call disconnect callback before deleting conn bsc1251983. Patch Instructions: To install this SUSE update use the SUSE...
Security update for glib2
This update for glib2 fixes the following issues: CVE-2025-7039: Fixed buffer under-read on glib through glib/gfileutils.c via gettmpfile bsc1249055 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternativel...