5124 matches found
Security update for rabbitmq-server
This update for rabbitmq-server fixes the following issues: CVE-2025-50200: prevented logging of Basic Auth header from HTTP requests bsc1245105 fixed a bad logrotate configuration that allowed escalation from rabbitmq to root, /var/log/rabbitmq ownership is now 750 bsc1246091 Patch Instructions:...
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 140.4.0 ESR bsc1251263. CVE-2025-11708: Use-after-free in MediaTrackGraphImpl::GetInstance CVE-2025-11709: Out of bounds read/write in a privileged process triggered by WebGL textures...
Security update for erlang
This update for erlang fixes the following issues: CVE-2025-48041: fixed erlang exhaustion of file handles in SSH bsc1249473 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the comman...
Security update for mozilla-nss
This update for mozilla-nss fixes the following issues: Move NSS DB password hash away from SHA-1 Update to NSS 3.112.2: Prevent leaks during pkcs12 decoding. SECASN1Decode should ensure it has read as many bytes as each length field indicates Update to NSS 3.112.1: restore support for finding...
Security update for govulncheck-vulndb
This update for govulncheck-vulndb fixes the following issues: Update to version 0.0.20251023T162509 2025-10-23T16:25:09Z jscPED-11136. Go CVE Numbering Authority IDs added or updated with aliases: GO-2025-3979 CVE-2025-59824 GHSA-hqrf-67pm-wgfq GO-2025-3981 CVE-2025-59823 GHSA-227x-7mh8-3cf6...
Security update for xen
This update for xen fixes the following issues: CVE-2025-58147, CVE-2025-58148: Fixed incorrect input sanitisation in Viridian hypercalls bsc1251271, XSA-475 CVE-2025-27466, CVE-2025-58142, CVE-2025-58143: Fixed mutiple vulnerabilities in the Viridian interface bsc1248807, XSA-472 Patch...
Security update for xen
This update for xen fixes the following issues: CVE-2025-58147, CVE-2025-58148: Fixed incorrect input sanitisation in Viridian hypercalls bsc1251271, XSA-475 CVE-2025-27466, CVE-2025-58142, CVE-2025-58143: Fixed mutiple vulnerabilities in the Viridian interface bsc1248807, XSA-472 Patch...
Security update for ImageMagick
This update for ImageMagick fixes the following issues: CVE-2025-62171: Fixed incomplete fix for integer overflow in BMP Decoder bsc1252282. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you ca...
Security update for chrony
This update for chrony fixes the following issues: Race condition during socket creation by chronyc allows privilege escalation from user chrony to root bsc1246544. This update also ships chrony-pool-empty to SLE Micro 5.x jscSMO-587 Patch Instructions: To install this SUSE update use the SUSE...
Security update for xen
This update for xen fixes the following issues: CVE-2025-58147, CVE-2025-58148: fixed input sanitisation in Viridian hypercalls XSA-475, bsc1251271 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...
Security update for p7zip
This update for p7zip fixes the following issues: CVE-2022-47069: heap buffer overflow in ZipIn.cpp file bsc1209648. CVE-2025-53817: null pointer dereference may lead to denial of service bsc1246707. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods lik...
Security update for libssh
This update for libssh fixes the following issues: CVE-2025-8277: memory exhaustion leading to client-side DoS due to improper memory management when KEX process is repeated with incorrect guesses bsc1249375. CVE-2025-8114: NULL pointer dereference when an allocation error happens during the...
Security update for libssh
This update for libssh fixes the following issues: CVE-2025-8277: memory exhaustion leading to client-side DoS due to improper memory management when KEX process is repeated with incorrect guesses bsc1249375. CVE-2025-8114: NULL pointer dereference when an allocation error happens during the...
Security update for afterburn
This update for afterburn fixes the following issues: Update to version 5.9.0.git21.a73f509. Security issues fixed: CVE-2022-24713: regex: no proper complexity limitation when parsing untrusted regular expressions with large repetitions on empty sub-expressions can lead to excessive resource...
Security update for afterburn
This update for afterburn fixes the following issues: Update to version 5.9.0.git21.a73f509. Security issues fixed: CVE-2022-24713: regex: no proper complexity limitation when parsing untrusted regular expressions with large repetitions on empty sub-expressions can lead to excessive resource...
Security update for afterburn
This update for afterburn fixes the following issues: Update to version 5.9.0.git21.a73f509. Security issues fixed: CVE-2022-24713: regex: no proper complexity limitation when parsing untrusted regular expressions with large repetitions on empty sub-expressions can lead to excessive resource...
Security update for afterburn
This update for afterburn fixes the following issues: Update to version 5.9.0.git21.a73f509. Security issues fixed: CVE-2022-24713: regex: no proper complexity limitation when parsing untrusted regular expressions with large repetitions on empty sub-expressions can lead to excessive resource...
Security update for podman
This update for podman fixes the following issues: CVE-2025-9566: fixed a case when kube play command could overwrite host files bsc1249154. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you ca...
Security update for python-python-socketio
This update for python-python-socketio fixes the following issues: CVE-2025-61765: fixed by using json, rather than pickle for serialization bsc1251193 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for poppler
This update for poppler fixes the following issues: CVE-2025-43718: fixed uncontrolled recursion in the regex-based metadata parser when processing specially crafted PDF files bsc1250908 CVE-2025-52885: improved pointer handling that could have led to dangling pointers when the vector is resized...
Security update for libxslt
This update for libxslt fixes the following issues: CVE-2025-11731: fixed a type confusion in exsltFuncResultComp function that could cause a denial of service bsc1251979 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zyppe...
Security update for wireshark
This update for wireshark fixes the following issues: CVE-2025-11626: fixed MONGO dissector infinite loop bsc1251933. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command liste...
Security update for ruby2.5
This update for ruby2.5 fixes the following issues: CVE-2025-24294: resolv: insufficient checks on the length of a decompressed domain name when processing a DNS packet can lead to a denial of service due to excessive resource consumption bsc1246430. Patch Instructions: To install this SUSE updat...
Security update for libxslt
This update for libxslt fixes the following issues: CVE-2025-11731: type confusion in exsltFuncResultCompfunction leading to denial of service bsc1251979 CVE-2025-10911: use-after-free with key data stored cross-RVT bsc1250553 Patch Instructions: To install this SUSE update use the SUSE recommend...
Security update for haproxy
This update for haproxy fixes the following issues: CVE-2025-11230: Fixed mjson JSON decoder excessive resource consumption bsc1250983 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run...
Security update for podman
This update for podman fixes the following issues: CVE-2025-9566: Fixed kube play command overwriting host files bsc1249154 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command...
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 140.4.0 ESR bsc1251263. CVE-2025-11708: Use-after-free in MediaTrackGraphImpl::GetInstance CVE-2025-11709: Out of bounds read/write in a privileged process triggered by WebGL textures...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_3
This update for kernel-livepatch-MICRO-6-0-RTUpdate3 fixes the following issues: CVE-2024-49974: NFSD: limit the number of concurrent async COPY operations bsc1232384 CVE-2025-21971: netsched: Prevent creation of classes with TCHROOT bsc1245794 CVE-2025-38206: exfat: fix double free in delayedfre...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_2
This update for kernel-livepatch-MICRO-6-0-RTUpdate2 fixes the following issues: CVE-2024-49974: NFSD: limit the number of concurrent async COPY operations bsc1232384 CVE-2025-21971: netsched: Prevent creation of classes with TCHROOT bsc1245794 CVE-2025-38206: exfat: fix double free in delayedfre...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_2
This update for kernel-livepatch-MICRO-6-0-RTUpdate2 fixes the following issues: CVE-2024-49974: NFSD: limit the number of concurrent async COPY operations bsc1232384 CVE-2025-21971: netsched: Prevent creation of classes with TCHROOT bsc1245794 CVE-2025-38206: exfat: fix double free in delayedfre...
Security update for kernel-livepatch-MICRO-6-0_Update_2
This update for kernel-livepatch-MICRO-6-0Update2 fixes the following issues: CVE-2024-49974: NFSD: limit the number of concurrent async COPY operations bsc1232384 CVE-2025-21971: netsched: Prevent creation of classes with TCHROOT bsc1245794 CVE-2025-38206: exfat: fix double free in delayedfree...
Security update for kernel-livepatch-MICRO-6-0_Update_10
This update for kernel-livepatch-MICRO-6-0Update10 fixes the following issues: CVE-2025-38566: sunrpc: fix handling of server side tls alerts bsc1248376 CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns bsc1248673 CVE-2025-38678: netfilter: nftables: rejec...
Security update for kernel-livepatch-MICRO-6-0_Update_4
This update for kernel-livepatch-MICRO-6-0Update4 fixes the following issues: CVE-2025-21971: netsched: Prevent creation of classes with TCHROOT bsc1245794 CVE-2025-38206: exfat: fix double free in delayedfree bsc1246075 CVE-2025-38396: fs: export anoninodemakesecureinode and fix secretmem LSM...
Security update for kernel-livepatch-MICRO-6-0_Update_10
This update for kernel-livepatch-MICRO-6-0Update10 fixes the following issues: CVE-2025-38566: sunrpc: fix handling of server side tls alerts bsc1248376 CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns bsc1248673 CVE-2025-38678: netfilter: nftables: rejec...
Security update for kernel-livepatch-MICRO-6-0_Update_9
This update for kernel-livepatch-MICRO-6-0Update9 fixes the following issues: CVE-2025-38206: exfat: fix double free in delayedfree bsc1246075 CVE-2025-38396: fs: export anoninodemakesecureinode and fix secretmem LSM bypass bsc1247158 CVE-2025-38471: kernel: tls: always refresh the queue when...
Security update for kernel-livepatch-MICRO-6-0_Update_6
This update for kernel-livepatch-MICRO-6-0Update6 fixes the following issues: CVE-2025-38206: exfat: fix double free in delayedfree bsc1246075 CVE-2025-38396: fs: export anoninodemakesecureinode and fix secretmem LSM bypass bsc1247158 CVE-2025-38471: kernel: tls: always refresh the queue when...
Security update for kernel-livepatch-MICRO-6-0_Update_6
This update for kernel-livepatch-MICRO-6-0Update6 fixes the following issues: CVE-2025-38206: exfat: fix double free in delayedfree bsc1246075 CVE-2025-38396: fs: export anoninodemakesecureinode and fix secretmem LSM bypass bsc1247158 CVE-2025-38471: kernel: tls: always refresh the queue when...
Security update for kernel-livepatch-MICRO-6-0_Update_9
This update for kernel-livepatch-MICRO-6-0Update9 fixes the following issues: CVE-2025-38206: exfat: fix double free in delayedfree bsc1246075 CVE-2025-38396: fs: export anoninodemakesecureinode and fix secretmem LSM bypass bsc1247158 CVE-2025-38471: kernel: tls: always refresh the queue when...
Security update for kernel-livepatch-MICRO-6-0_Update_2
This update for kernel-livepatch-MICRO-6-0Update2 fixes the following issues: CVE-2024-49974: NFSD: limit the number of concurrent async COPY operations bsc1232384 CVE-2025-21971: netsched: Prevent creation of classes with TCHROOT bsc1245794 CVE-2025-38206: exfat: fix double free in delayedfree...
Security update for kernel-livepatch-MICRO-6-0_Update_8
This update for kernel-livepatch-MICRO-6-0Update8 fixes the following issues: CVE-2025-38206: exfat: fix double free in delayedfree bsc1246075 CVE-2025-38396: fs: export anoninodemakesecureinode and fix secretmem LSM bypass bsc1247158 CVE-2025-38471: kernel: tls: always refresh the queue when...
Security update for kernel-livepatch-MICRO-6-0_Update_5
This update for kernel-livepatch-MICRO-6-0Update5 fixes the following issues: CVE-2025-21971: netsched: Prevent creation of classes with TCHROOT bsc1245794 CVE-2025-38206: exfat: fix double free in delayedfree bsc1246075 CVE-2025-38396: fs: export anoninodemakesecureinode and fix secretmem LSM...
Security update for kernel-livepatch-MICRO-6-0_Update_3
This update for kernel-livepatch-MICRO-6-0Update3 fixes the following issues: CVE-2024-49974: NFSD: limit the number of concurrent async COPY operations bsc1232384 CVE-2025-21971: netsched: Prevent creation of classes with TCHROOT bsc1245794 CVE-2025-38206: exfat: fix double free in delayedfree...
Security update for kernel-livepatch-MICRO-6-0_Update_4
This update for kernel-livepatch-MICRO-6-0Update4 fixes the following issues: CVE-2025-21971: netsched: Prevent creation of classes with TCHROOT bsc1245794 CVE-2025-38206: exfat: fix double free in delayedfree bsc1246075 CVE-2025-38396: fs: export anoninodemakesecureinode and fix secretmem LSM...
Security update for kernel-livepatch-MICRO-6-0_Update_7
This update for kernel-livepatch-MICRO-6-0Update7 fixes the following issues: CVE-2025-38206: exfat: fix double free in delayedfree bsc1246075 CVE-2025-38396: fs: export anoninodemakesecureinode and fix secretmem LSM bypass bsc1247158 CVE-2025-38471: kernel: tls: always refresh the queue when...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_7
This update for kernel-livepatch-MICRO-6-0-RTUpdate7 fixes the following issues: CVE-2025-38206: exfat: fix double free in delayedfree bsc1246075 CVE-2025-38396: fs: export anoninodemakesecureinode and fix secretmem LSM bypass bsc1247158 CVE-2025-38471: kernel: tls: always refresh the queue when...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_8
This update for kernel-livepatch-MICRO-6-0-RTUpdate8 fixes the following issues: CVE-2025-38206: exfat: fix double free in delayedfree bsc1246075 CVE-2025-38396: fs: export anoninodemakesecureinode and fix secretmem LSM bypass bsc1247158 CVE-2025-38471: kernel: tls: always refresh the queue when...
Security update for kernel-livepatch-MICRO-6-0_Update_7
This update for kernel-livepatch-MICRO-6-0Update7 fixes the following issues: CVE-2025-38206: exfat: fix double free in delayedfree bsc1246075 CVE-2025-38396: fs: export anoninodemakesecureinode and fix secretmem LSM bypass bsc1247158 CVE-2025-38471: kernel: tls: always refresh the queue when...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_9
This update for kernel-livepatch-MICRO-6-0-RTUpdate9 fixes the following issues: CVE-2025-38206: exfat: fix double free in delayedfree bsc1246075 CVE-2025-38396: fs: export anoninodemakesecureinode and fix secretmem LSM bypass bsc1247158 CVE-2025-38471: kernel: tls: always refresh the queue when...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_9
This update for kernel-livepatch-MICRO-6-0-RTUpdate9 fixes the following issues: CVE-2025-38206: exfat: fix double free in delayedfree bsc1246075 CVE-2025-38396: fs: export anoninodemakesecureinode and fix secretmem LSM bypass bsc1247158 CVE-2025-38471: kernel: tls: always refresh the queue when...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_11
This update for kernel-livepatch-MICRO-6-0-RTUpdate11 fixes the following issues: CVE-2025-38566: sunrpc: fix handling of server side tls alerts bsc1248376 CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns bsc1248673 CVE-2025-38678: netfilter: nftables:...