5124 matches found
Security update for kernel-livepatch-MICRO-6-0_Update_6
This update for kernel-livepatch-MICRO-6-0Update6 fixes the following issues: CVE-2025-38089: sunrpc: handle SVCGARBAGE during svc auth processing as auth error bsc1245509 CVE-2025-38477: net/sched: schqfq: Fix race condition on qfqaggregate bsc1247315 Patch Instructions: To install this SUSE...
Security update for the Linux Kernel RT (Live Patch 9 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506001029 fixes several issues. The following security issues were fixed: CVE-2025-38477: net/sched: schqfq: Fix race condition on qfqaggregate bsc1247315. CVE-2025-21791: vrf: use RCU protection in l3mdevl3out bsc1240744. CVE-2025-38089: sunrpc: handle...
Security update for the Linux Kernel (Live Patch 63 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122237 fixes several issues. The following security issues were fixed: CVE-2024-53168: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket bsc1243650. CVE-2025-38477: net/sched: schqfq: Fix race condition on qfqaggregate bsc1247315. CVE-2025-21791...
Security update for the Linux Kernel RT (Live Patch 8 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506001026 fixes several issues. The following security issues were fixed: CVE-2025-38477: net/sched: schqfq: Fix race condition on qfqaggregate bsc1247315. CVE-2025-21791: vrf: use RCU protection in l3mdevl3out bsc1240744. CVE-2025-38089: sunrpc: handle...
Security update for the Linux Kernel RT (Live Patch 13 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506001044 fixes one issue. The following security issue was fixed: CVE-2025-38477: net/sched: schqfq: Fix race condition on qfqaggregate bsc1247315. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for the Linux Kernel RT (Live Patch 5 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506001017 fixes several issues. The following security issues were fixed: CVE-2025-38477: net/sched: schqfq: Fix race condition on qfqaggregate bsc1247315. CVE-2024-53168: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket bsc1243650...
Security update for the Linux Kernel RT (Live Patch 11 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506001039 fixes several issues. The following security issues were fixed: CVE-2025-38477: net/sched: schqfq: Fix race condition on qfqaggregate bsc1247315. CVE-2025-38089: sunrpc: handle SVCGARBAGE during svc auth processing as auth error bsc1245509. Patch...
Security update for the Linux Kernel RT (Live Patch 6 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506001020 fixes several issues. The following security issues were fixed: CVE-2025-38477: net/sched: schqfq: Fix race condition on qfqaggregate bsc1247315. CVE-2024-53168: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket bsc1243650...
Security update for rubygem-puma
This update for rubygem-puma fixes the following issues: Update to version 5.6.9. CVE-2024-45614: improper header normalization allows for clients to clobber proxy set headers, which can lead to information leaks bsc1230848, fixed in an earlier update. CVE-2024-21647: unbounded resource consumpti...
Security update for rubygem-puma
This update for rubygem-puma fixes the following issues: Update to version 5.6.9. CVE-2024-45614: improper header normalization allows for clients to clobber proxy set headers, which can lead to information leaks bsc1230848, fixed in an earlier update. CVE-2024-21647: unbounded resource consumpti...
Security update for the Linux Kernel RT (Live Patch 2 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-150600108 fixes several issues. The following security issues were fixed: CVE-2025-38477: net/sched: schqfq: Fix race condition on qfqaggregate bsc1247315. CVE-2024-53168: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket bsc1243650. CVE-2024-5015...
Security update for openssl-1_0_0
This update for openssl-100 fixes the following issues: CVE-2025-9230 incorrect check of key size can lead to out-of-bounds read and write in RFC 3211 KEK unwrap bsc1250232. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for openssl-1_1
This update for openssl-11 fixes the following issues: CVE-2025-9230: incorrect check of key size can lead to out-of-bounds read and write in RFC 3211 KEK unwrap bsc1250232. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 140.3.1 ESR bsc1250452. Improved reliability when HTTP/3 connections fail: Firefox no longer forces HTTP/2 during fallback, allowing the server to choose the protocol and preventing stalls on som...
Security update for ghostscript
This update for ghostscript fixes the following issues: CVE-2025-48708: Fixed password disclosure due to lacks of argument sanitization bsc1243701 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...
Security update for ghostscript
This update for ghostscript fixes the following issues: CVE-2025-48708: Fixed password disclosure due to lacks of argument sanitization bsc1243701 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...
Security update for gstreamer-plugins-rs
This update for gstreamer-plugins-rs fixes the following issues: Update crate shlex to 1.3.0: RUSTSEC-2024-0006: Fixed multiple issues involving quote API bsc1230028 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for python-xmltodict
This update for python-xmltodict fixes the following issues: CVE-2025-9375: XML injection vulnerability in xmltodict allows input data manipulation bsc1249036. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for logback
This update for logback fixes the following issues: CVE-2025-11226: fixed the ACE vulnerability in conditional configuration file processing bsc1250715 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for frr
This update for frr fixes the following issues: CVE-2024-55553: excessive resource consumption may lead to denial of service due to repeated RIB revalidation when processing several RPKI updates bsc1235237. Patch Instructions: To install this SUSE update use the SUSE recommended installation...
Security update for cairo
This update for cairo fixes the following issues: CVE-2019-6461: Avoid assert when drawing arcs with NaN angles. bsc1122338 CVE-2025-50422: Fix NULL pointer access in activeedgestotraps leading to crash in Poppler. bsc1247589 Patch Instructions: To install this SUSE update use the SUSE recommende...
Security update for cairo
This update for cairo fixes the following issues: CVE-2025-50422: Fixed Poppler crash on malformed input bsc1247589 Update to version 1.18.4: The dependency on LZO has been made optional through a build time configuration toggle. You can build Cairo against a Freetype installation that does not...
Security update for warewulf4
This update for warewulf4 fixes the following issues: Update to version 4.6.4. Security issues fixed: CVE-2025-58058: xz: excessive memory consuption when unpacking a large number of corrupted LZMA archives bsc1248906. Other issues fixed: Convert disk booleans from wwbool to bool which allows boo...
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 140.3.1 ESR bsc1250452. Improved reliability when HTTP/3 connections fail: Firefox no longer forces HTTP/2 during fallback, allowing the server to choose the protocol and preventing stalls on som...
Security update for python-Django
This update for python-Django fixes the following issues: CVE-2025-59681: SQL injection via the QuerySet annotate,alias,aggregate, orextra methods when processing a specially crafted dictionary with dictionary expansion bsc1250485. CVE-2025-59682: directory traversal via the...
Security update for podman
This update for podman fixes the following issues: CVE-2025-6032: Fixed machine init command failing to verify TLS certificate bsc1245320 Fix conditional Requires remove deprecated sleversion macro Update to version 5.4.2: Add release notes for v5.4.2 Fix a potential deadlock during podman cp...
Security update for bluez
This update for bluez fixes the following issues: CVE-2023-45866: Fixed unauthorized HID device connections allowing keystroke injection and arbitrary commands execution bsc1217877 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate...
Security update for python-xmltodict
This update for python-xmltodict fixes the following issues: CVE-2025-9375: Fixed XML Injection vulnerability in xmltodict bsc1249036 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run t...
Security update for snpguest
This update for snpguest fixes the following issues: CVE-2024-12224: idna: acceptance of Punycode labels that do not produce any non-ASCII output may lead to incorrect hostname comparisons and incorrect URL parsing bsc1243869. CVE-2025-3416: openssl: use-after-free in Md::fetch and Cipher::fetch...
Security update for nginx
This update for nginx fixes the following issues: CVE-2025-53859:Â the server side may leak arbitrary bytes during the NGINX SMTP authentication process bsc1248070. CVE-2025-23419: session resumption can bypass client certificate authentication requirements using TLSv1.3 bsc1236851. Patch...
Security update for openssl-1_1
This update for openssl-11 fixes the following issues: CVE-2025-9230: incorrect check of key size can lead to out-of-bounds read and write in RFC 3211 KEK unwrap bsc1250232. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for openssl-3
This update for openssl-3 fixes the following issues: CVE-2025-9230: incorrect check of key size can lead to out-of-bounds read and write in RFC 3211 KEK unwrap bsc1250232. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for openssl-3
This update for openssl-3 fixes the following issues: CVE-2025-9230: incorrect check of key size can lead to out-of-bounds read and write in RFC 3211 KEK unwrap bsc1250232. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for openssl-1_1
This update for openssl-11 fixes the following issues: CVE-2025-9230: incorrect check of key size can lead to out-of-bounds read and write in RFC 3211 KEK unwrap bsc1250232. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for openssl-3
This update for openssl-3 fixes the following issues: CVE-2025-9230: incorrect check of key size can lead to out-of-bounds read and write in RFC 3211 KEK unwrap bsc1250232. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for openssl-1_1
This update for openssl-11 fixes the following issues: CVE-2025-9230: incorrect check of key size can lead to out-of-bounds read and write in RFC 3211 KEK unwrap bsc1250232. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for openssl-1_1
This update for openssl-11 fixes the following issues: CVE-2025-9230: incorrect check of key size can lead to out-of-bounds read and write in RFC 3211 KEK unwrap bsc1250232. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for open-vm-tools
This update for open-vm-tools fixes the following issues: CVE-2025-41244: local privilege escalation via the Service Discovery Plugin bsc1250373. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively y...
Security update for open-vm-tools
This update for open-vm-tools fixes the following issues: CVE-2025-41244: local privilege escalation via the Service Discovery Plugin bsc1250373. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively y...
Security update for open-vm-tools
This update for open-vm-tools fixes the following issues: CVE-2025-41244: local privilege escalation via the Service Discovery Plugin bsc1250373. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively y...
Security update for nvidia-open-driver-G06-signed
This update for nvidia-open-driver-G06-signed fixes the following issues: Updated CUDA variant to 580.82.07: CVE-2025-23277: Fixed access memory outside bounds permitted under normal use cases in NVIDIA Display Driver bsc1247528. CVE-2025-23278: Fixed improper index validation by issuing a call...
Security update for apache2-mod_security2
This update for apache2-modsecurity2 fixes the following issues: CVE-2025-54571: Fixed insufficient return value handling on modsecurity leads to xss and source code disclosure bsc1247674 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for apache2-mod_security2
This update for apache2-modsecurity2 fixes the following issues: CVE-2025-54571: Fixed insufficient return value handling on modsecurity leads to xss and source code disclosure bsc1247674 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for the Linux Kernel (Live Patch 12 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506002353 fixes several issues. The following security issues were fixed: CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow bsc1245685. CVE-2025-38181: calipso: Fix null-ptr-deref in calipsoreqset,delattr bsc1246001. CVE-2025-38498:...
Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506002350 fixes several issues. The following security issues were fixed: CVE-2025-38177: schhfsc: make hfscqlennotify idempotent bsc1246356. CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow bsc1245685. CVE-2025-38181: calipso: Fix...
Security update for the Linux Kernel (Live Patch 60 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059215 fixes one issue. The following security issue was fixed: CVE-2025-38498: dochangetype: refuse to operate on unmounted/not ours mounts bsc1247499. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like...
Security update for the Linux Kernel (Live Patch 56 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059201 fixes several issues. The following security issues were fixed: CVE-2025-38177: schhfsc: make hfscqlennotify idempotent bsc1246356. CVE-2025-38181: calipso: Fix null-ptr-deref in calipsoreqset,delattr bsc1246001. CVE-2025-38498: dochangetype:...
Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP7)
This update for the Linux Kernel 6.4.0-150700536 fixes several issues. The following security issues were fixed: CVE-2025-38498: dochangetype: refuse to operate on unmounted/not ours mounts bsc1247499. CVE-2025-38555: usb: gadget : fix use-after-free in compositedevcleanup bsc1248298. Patch...
Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP7)
This update for the Linux Kernel 6.4.0-150700533 fixes several issues. The following security issues were fixed: CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow bsc1245685. CVE-2025-38181: calipso: Fix null-ptr-deref in calipsoreqset,delattr bsc1246001. CVE-2025-38498:...
Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506002360 fixes several issues. The following security issues were fixed: CVE-2025-38498: dochangetype: refuse to operate on unmounted/not ours mounts bsc1247499. CVE-2025-38555: usb: gadget : fix use-after-free in compositedevcleanup bsc1248298. Patch...