5115 matches found
Security update for helm
This update for helm fixes the following issues: Update to version 3.19.1 CVE-2025-53547: Fixed local code execution in Helm Chart. bsc1246152 CVE-2025-58190: Fixed excessive memory consumption by html.ParseFragment when processing specially crafted input. bsc1251649 CVE-2025-47911: Fixed various...
Security update for the Linux Kernel
The SUSE Linux Enterprise 12 SP5 kernel was updated to fix various security issues The following security issues were fixed: CVE-2021-4460: drm/amdkfd: Fix UBSAN shift-out-of-bounds warning bsc1250764. CVE-2022-48631: ext4: fix bug in extents parsing when ehentries == 0 and ehdepth 0 bsc1223475...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP3 kernel was updated to fix various security issues The following security issues were fixed: CVE-2022-50327: ACPI: processor: idle: Check acpifetchacpidev return value bsc1249859. CVE-2022-50334: hugetlbfs: fix null-ptr-deref in hugetlbfsparseparam bsc1249857...
Security update for elfutils
This update for elfutils fixes the following issues: Fixing build/testsuite for more recent glibc and kernels. Fixing denial of service and general buffer overflow errors bsc1237236, bsc1237240, bsc1237241, bsc1237242: CVE-2025-1376: Fixed denial of service in function elfstrptr in the library...
Security update for nvidia-container-toolkit
This update for nvidia-container-toolkit fixes the following issues: Update to version 1.18.0: This is a major release and includes the following high-level changes: The default mode of the NVIDIA Container Runtime has been updated to make use of a just-in-time-generated CDI specification instead...
Security update for glib2
This update for glib2 fixes the following issues: CVE-2025-7039: Fixed buffer under-read on glib through glib/gfileutils.c via gettmpfile bsc1249055 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternativel...
Security update for podman
This update for podman fixes the following issues: CVE-2025-47913: golang.org/x/crypto/ssh/agent: Fixed client process termination when receiving an unexpected message type in response to a key listing or signing request bsc1253542 Patch Instructions: To install this SUSE update use the SUSE...
Security update for tomcat
This update for tomcat fixes the following issues: CVE-2025-55752: Fixed directory traversal via rewrite with possible RCE if PUT is enabled bsc1252753 CVE-2025-55754: Fixed improper neutralization of escape, meta, or control sequences vulnerability bsc1252905 CVE-2025-61795: Fixed denial of...
Security update for sssd
This update for sssd fixes the following issues: CVE-2025-11561: Fixed privilege escalation on AD-joined Linux systems due to default Kerberos configuration disabling localauth an2ln plugin bsc1251827 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods li...
Security update for sssd
This update for sssd fixes the following issues: CVE-2025-11561: Fixed privilege escalation on AD-joined Linux systems due to default Kerberos configuration disabling localauth an2ln plugin bsc1251827 Other fixes: Install file in krb5.conf.d to include sssd krb5 config snippets bsc1244325 Patch...
Security update for sssd
This update for sssd fixes the following issues: CVE-2025-11561: Fixed privilege escalation on AD-joined Linux systems due to default Kerberos configuration disabling localauth an2ln plugin bsc1251827 Other fixes: Install file in krb5.conf.d to include sssd krb5 config snippets bsc1244325 Patch...
Security update for curl
This update for curl fixes the following issues: CVE-2025-11563: Fixed wcurl path traversal with percent-encoded slashes bsc1253757 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 140.5.0 ESR bsc1253188 CVE-2025-13012: Race condition in the Graphics component. CVE-2025-13016: Incorrect boundary conditions in the JavaScript: WebAssembly component. CVE-2025-13017: Same-origi...
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 140.5.0 ESR bsc1253188 CVE-2025-13012: Race condition in the Graphics component. CVE-2025-13016: Incorrect boundary conditions in the JavaScript: WebAssembly component. CVE-2025-13017: Same-origi...
Security update for runc
This update for runc fixes the following issues: Update to runc v1.3.3. Upstream changelog is available from . bsc1252232 CVE-2025-31133 CVE-2025-52565 CVE-2025-52881 Update to runc v1.3.2. Upstream changelog is available from bsc1252110 Includes an important fix for the CPUSet translation for...
Security update for the Linux Kernel (Live Patch 60 for SUSE Linux Enterprise 15 SP3)
This update for the SUSE Linux Enterprise kernel 5.3.18-150300.59.215 fixes various security issues The following security issues were fixed: CVE-2022-50388: nvme: fix multipath crash caused by flush request when blktrace is enabled bsc1250295. CVE-2022-50432: kernfs: fix use-after-free in...
Security update for the Linux Kernel (Live Patch 51 for SUSE Linux Enterprise 15 SP3)
This update for the SUSE Linux Enterprise kernel 5.3.18-150300.59.185 fixes various security issues The following security issues were fixed: CVE-2022-50388: nvme: fix multipath crash caused by flush request when blktrace is enabled bsc1250295. CVE-2022-50432: kernfs: fix use-after-free in...
Security update for the Linux Kernel (Live Patch 63 for SUSE Linux Enterprise 12 SP5)
This update for the SUSE Linux Enterprise kernel 4.12.14-122.237 fixes one security issue The following security issue was fixed: CVE-2024-53141: netfilter: ipset: add missing range check in bitmapipuadt bsc1245778. Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for tomcat
This update for tomcat fixes the following issues: Update to Tomcat 9.0.111: CVE-2025-55752: Fixed directory traversal via rewrite with possible RCE if PUT is enabled bsc1252753 CVE-2025-55754: Fixed improper neutralization of escape, meta, or control sequences vulnerability bsc1252905...
Security update for cups-filters
This update for cups-filters fixes the following issues: CVE-2025-64503: Fixed out-of-bounds write in pdftoraster tool bsc1253374 CVE-2025-57812: Fixed multiple TIFF-related issues in libcupsfilters bsc1253373 CVE-2025-64524: Fixed out-of-bounds write de to use of unvalidated length parameter in...
Security update for podman
This update for podman fixes the following issues: CVE-2025-47913: golang.org/x/crypto/ssh/agent: Fixed client process termination when receiving an unexpected message type in response to a key listing or signing request bsc1253542 Patch Instructions: To install this SUSE update use the SUSE...
Security update for podman
This update for podman fixes the following issues: CVE-2025-47913: golang.org/x/crypto/ssh/agent: Fixed client process termination when receiving an unexpected message type in response to a key listing or signing request bsc1253542 Patch Instructions: To install this SUSE update use the SUSE...
Security update for grub2
This update for grub2 fixes the following issues: CVE-2025-54771: Fixed rubfileclose does not properly controls the fs refcount bsc1252931 CVE-2025-61662: Fixed missing unregister call for gettext command may lead to use-after-free bsc1252933 CVE-2025-61663: Fixed missing unregister call for norm...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues The following security issues were fixed: CVE-2022-50327: ACPI: processor: idle: Check acpifetchacpidev return value bsc1249859. CVE-2022-50334: hugetlbfs: fix null-ptr-deref in hugetlbfsparseparam bsc1249857...
Security update for ghostscript
This update for ghostscript fixes the following issues: CVE-2025-59798: Fixed stack-based buffer overflow in pdfwritecmap in devices/vector/gdevpdtw.c. bsc1250353 CVE-2025-59799: Fixed stack-based buffer overflow in pdfmarkcoercedest in devices/vector/gdevpdfm.c via a large size value. bsc1250354...
Security update for grub2
This update for grub2 fixes the following issues: CVE-2025-54771: Fixed rubfileclose does not properly controls the fs refcount bsc1252931 CVE-2025-61661: Fixed out-of-bounds write in grubusbgetstring function bsc1252932 CVE-2025-61662: Fixed missing unregister call for gettext command may lead t...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP7 RT kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-38008: mm/pagealloc: fix race condition in unaccepted memory handling bsc1244939. CVE-2025-38539: trace/fgraph: Fix the warning caused by missing unregister...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-38008: mm/pagealloc: fix race condition in unaccepted memory handling bsc1244939. CVE-2025-38539: trace/fgraph: Fix the warning caused by missing unregister notifi...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP4 RT kernel was updated to fix various security issues The following security issues were fixed: CVE-2022-50327: ACPI: processor: idle: Check acpifetchacpidev return value bsc1249859. CVE-2022-50334: hugetlbfs: fix null-ptr-deref in hugetlbfsparseparam bsc1249857...
Security update for gimp
This update for gimp fixes the following issues: CVE-2025-10934: Fixed XWD file parsing heap-based buffer overflow vulnerability bsc1252886 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can...
Security update for the Linux Kernel
The SUSE Linux Enterprise FIXME kernel was updated to fix various security issues The following security issues were fixed: CVE-2022-50327: ACPI: processor: idle: Check acpifetchacpidev return value bsc1249859. CVE-2022-50334: hugetlbfs: fix null-ptr-deref in hugetlbfsparseparam bsc1249857...
Security update for unbound
This update for unbound fixes the following issues: CVE-2025-11411: Fixed possible domain hijacking attack. bsc1252525 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command list...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP7 Azure kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-38008: mm/pagealloc: fix race condition in unaccepted memory handling bsc1244939. CVE-2025-38539: trace/fgraph: Fix the warning caused by missing unregister...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-38008: mm/pagealloc: fix race condition in unaccepted memory handling bsc1244939. CVE-2025-38539: trace/fgraph: Fix the warning caused by missing unregister...
Security update for openssl-1_0_0
This update for openssl-100 fixes the following issues: CVE-2025-9230: Fixed out-of-bounds read & write in RFC 3211 KEK unwrap bsc1250232. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can...
Security update for ghostscript
This update for ghostscript fixes the following issues: CVE-2025-59798: Fixed stack-based buffer overflow in pdfwritecmap in devices/vector/gdevpdtw.c. bsc1250353 CVE-2025-59799: Fixed stack-based buffer overflow in pdfmarkcoercedest in devices/vector/gdevpdfm.c via a large size value. bsc1250354...
Security update for the Linux Kernel (Live Patch 61 for SUSE Linux Enterprise 12 SP5)
This update for the SUSE Linux Enterprise kernel 4.12.14-122.231 fixes various security issues The following security issues were fixed: CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1232637. CVE-2022-49014: net: tun: Fix use-after-free in tundetach bsc1232818. CVE-2022-49053: scsi...
Security update for alloy
This update for alloy fixes the following issues: update to 1.11.3: CVE-2025-58058: Fixed memory leaks in xz. bsc1248960 CVE-2025-11065: Fixed sensitive Information leak in logs. bsc1250621 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for libxml2
This update for libxml2 fixes the following issues: CVE-2025-9714: Fixed inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c bsc1249076 CVE-2025-8732: Fixed infinite recursion in catalog parsing functions when processing malformed SGML catalog files bsc1247850 Patch...
Security update for libxml2
This update for libxml2 fixes the following issues: CVE-2025-9714: Fixed inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c bsc1249076 CVE-2025-8732: Fixed infinite recursion in catalog parsing functions when processing malformed SGML catalog files bsc1247850 Patch...
Security update for openssh
This update for openssh fixes the following issues: CVE-2025-61984: Fixed code execution via control characters in usernames when a ProxyCommand is used bsc1251198 CVE-2025-61985: Fixed code execution via '\0' character in ssh:// URI when a ProxyCommand is used bsc1251199 Patch Instructions: To...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP4 kernel was updated to fix various security issues The following security issues were fixed: CVE-2022-50327: ACPI: processor: idle: Check acpifetchacpidev return value bsc1249859. CVE-2022-50334: hugetlbfs: fix null-ptr-deref in hugetlbfsparseparam bsc1249857...
Security update for bind
This update for bind fixes the following issues: CVE-2025-8677: DNSSEC validation fails if matching but invalid DNSKEY is found bsc1252378. CVE-2025-40778: Address various spoofing attacks bsc1252379. CVE-2025-40780: Cache-poisoning due to weak pseudo-random number generator bsc1252380. Patch...
Security update for bind
This update for bind fixes the following issues: CVE-2025-40778: Address various spoofing attacks bsc1252379. CVE-2025-40780: Cache-poisoning due to weak pseudo-random number generator bsc1252380. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like...
Security update for bind
This update for bind fixes the following issues: CVE-2025-40778: Address various spoofing attacks bsc1252379. CVE-2025-40780: Cache-poisoning due to weak pseudo-random number generator bsc1252380. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like...
Security update for bind
This update for bind fixes the following issues: CVE-2025-40778: Address various spoofing attacks bsc1252379. CVE-2025-40780: Cache-poisoning due to weak pseudo-random number generator bsc1252380. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like...
Security update for libxml2
This update for libxml2 fixes the following issues: CVE-2025-9714: Fixed infinite recursion at exsltDynMapFunction function in libexslt/dynamic.c bsc1249076 CVE-2025-8732: Fixed infinite recursion in catalog parsing functions when processing malformed SGML catalog files bsc1247850 Patch...
Security update for tomcat10
This update for tomcat10 fixes the following issues: Update to Tomcat 10.1.48 CVE-2025-55752: Fixed directory traversal via rewrite with possible RCE if PUT is enabled bsc1252753 CVE-2025-55754: Fixed improper neutralization of escape, meta, or control sequences vulnerability bsc1252905...
Security update for python-Django
This update for python-Django fixes the following issues: CVE-2025-64459: Fixed a potential SQL injection via the 'connector' keyword bsc1252926 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively yo...
Security update for squid
This update for squid fixes the following issues: CVE-2025-62168: Fixed failure to redact HTTP authentication credentials in error handling leading to information disclosure bsc1252281 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...