5124 matches found
Security update for kernel-livepatch-MICRO-6-0_Update_5
This update for kernel-livepatch-MICRO-6-0Update5 fixes the following issues: CVE-2025-38177: kernel: schhfsc: make hfscqlennotify idempotent bsc1246356 CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow bsc1245685 CVE-2025-38181: calipso: fix null-ptr-deref in calipsoreqset,delatt...
Security update for kernel-livepatch-MICRO-6-0_Update_4
This update for kernel-livepatch-MICRO-6-0Update4 fixes the following issues: CVE-2025-38177: kernel: schhfsc: make hfscqlennotify idempotent bsc1246356 CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow bsc1245685 CVE-2025-38181: calipso: fix null-ptr-deref in calipsoreqset,delatt...
Security update for kernel-livepatch-MICRO-6-0_Update_2
This update for kernel-livepatch-MICRO-6-0Update2 fixes the following issues: CVE-2024-49860: ACPI: sysfs: validate return type of STR method bsc1231862 CVE-2025-38177: kernel: schhfsc: make hfscqlennotify idempotent bsc1246356 CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow...
Security update for kernel-livepatch-MICRO-6-0_Update_5
This update for kernel-livepatch-MICRO-6-0Update5 fixes the following issues: CVE-2025-38177: kernel: schhfsc: make hfscqlennotify idempotent bsc1246356 CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow bsc1245685 CVE-2025-38181: calipso: fix null-ptr-deref in calipsoreqset,delatt...
Security update for kernel-livepatch-MICRO-6-0_Update_4
This update for kernel-livepatch-MICRO-6-0Update4 fixes the following issues: CVE-2025-38177: kernel: schhfsc: make hfscqlennotify idempotent bsc1246356 CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow bsc1245685 CVE-2025-38181: calipso: fix null-ptr-deref in calipsoreqset,delatt...
Security update for kernel-livepatch-MICRO-6-0_Update_2
This update for kernel-livepatch-MICRO-6-0Update2 fixes the following issues: CVE-2024-49860: ACPI: sysfs: validate return type of STR method bsc1231862 CVE-2025-38177: kernel: schhfsc: make hfscqlennotify idempotent bsc1246356 CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_2
This update for kernel-livepatch-MICRO-6-0-RTUpdate2 fixes the following issues: CVE-2024-49860: ACPI: sysfs: validate return type of STR method bsc1231862 CVE-2025-38177: kernel: schhfsc: make hfscqlennotify idempotent bsc1246356 CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_2
This update for kernel-livepatch-MICRO-6-0-RTUpdate2 fixes the following issues: CVE-2024-49860: ACPI: sysfs: validate return type of STR method bsc1231862 CVE-2025-38177: kernel: schhfsc: make hfscqlennotify idempotent bsc1246356 CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow...
Security update for wireshark
This update for wireshark fixes the following issues: Update to version 4.2.13. Security issues fixed: CVE-2025-9817: SSH dissector crash due to NULL pointer dereference when processing malformed packet traces bsc1249090. Other issues fixed: Bug in UDS dissector with Service...
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 140.3.0 ESR bsc1249391. MFSA 2025-75: CVE-2025-10527 bmo1984825 Sandbox escape due to use-after-free in the Graphics: Canvas2D component CVE-2025-10528 bmo1986185 Sandbox escape due to undefined behavior,...
Security update for the Linux Kernel
This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE update use the SUSE...
Security update for aide
This update for aide fixes the following issues: CVE-2025-54389: Fixed improper output neutralization bsc1247884 CVE-2025-54409: Fixed null pointer dereference after reading incorrectly encoded xattr attributes from database bsc1247885 Patch Instructions: To install this SUSE update use the SUSE...
Security update for govulncheck-vulndb
This update for govulncheck-vulndb fixes the following issues: Update to version 0.0.20250918T182144 2025-09-18T18:21:44Z jscPED-11136. Go CVE Numbering Authority IDs added or updated with aliases: GO-2025-3915 CVE-2025-5187 GHSA-4x4m-3c2p-qppc GO-2025-3956 CVE-2025-47906 CVE-2025-47906 Update to...
Security update for git
This update for git fixes the following issues: Update to 2.51.0 UI, Workflows & Features Userdiff patterns for the R language have been added. Documentation for "git send-email" has been updated with a bit more credential helper and OAuth information. "git cat-file --batch" learns to understand...
Security update for krb5
This update for krb5 fixes the following issues: CVE-2025-3576: Fixed Kerberos RC4-HMAC-MD5 Checksum Vulnerability bsc1241219 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the comma...
Security update for gstreamer-plugins-base
This update for gstreamer-plugins-base fixes the following issues: CVE-2025-47806: Fixed stack buffer overflow in SubRip subtitle parser bsc1244407. CVE-2025-47807: Fixed NULL-pointer dereference in SubRip subtitle parser bsc1244403. CVE-2025-47808: Fixed NULL-pointer dereference in TMPlayer...
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 140.3.0 ESR bsc1249391. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed...
Security update for mybatis, ognl
This update for mybatis, ognl fixes the following issues: Version update to 3.5.7: Bug fixes: Improved performance under JDK 8. 2223 Version update to 3.5.8: List of changes: Avoid NullPointerException when mapping an empty string to java.lang.Character. 2368 Fixed an incorrect argument when...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-49980: USB: gadget: fix use-after-free read in usbudcuevent bsc1245110. CVE-2022-50116: tty: ngsm: fix deadlock and link starvation in outgoing data path...
Security update for cmake
This update for cmake fixes the following issues: CVE-2025-9301: Fixed assertion failure due to improper validation bsc1248461 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for cairo
This update for cairo fixes the following issues: CVE-2025-50422: NULL pointer access in activeedgestotraps can lead to crash in Poppler bsc1247589. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternativel...
Security update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-t
This update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container fixes the following issues: This...
Security update for bluez
This update for bluez fixes the following issues: CVE-2023-45866: keystroke injection and arbitrary command execution via HID device connections bsc1217877. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for mariadb
This update for mariadb fixes the following issues: Update to version 10.6.23. Security issues fixed: CVE-2025-21490: InnoDB issue allows high privileged attacker with network access to cause a hang or frequently repeatable crash of MySQL Server bsc1243356. CVE-2025-30693: InnoDB issue allows hig...
Security update for mariadb
This update for mariadb fixes the following issues: Update to version 10.11.14. Security issues fixed: CVE-2025-30693: InnoDB issue allows high privileged attacker with network access to gain unauthorized update, insert or delete access to data and cause repeatable crash in MySQL server bsc124921...
Security update for frr
This update for frr fixes the following issues: CVE-2024-55553: excessive resource consumption may lead to denial of service due to repeated RIB revalidation when processing several RPKI updates bsc1235237. Patch Instructions: To install this SUSE update use the SUSE recommended installation...
Security update for python-h2
This update for python-h2 fixes the following issues: CVE-2025-57804: Fixed HTTP Request Smuggling due to illegal characters in headers bsc1248737 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...
Security update for iperf
This update for iperf fixes the following issues: updated to 3.19.1: CVE-2025-54349: Fixed off-by-one error heap based buffer overflow in iperfauth.c bsc1247519 CVE-2025-54350: Fixed Base64Decode assertion failure in iperfauth.c bsc1247520 CVE-2025-54351: Fixed buffer overflow when --skip-rx-copy...
Security update for udisks2
This update for udisks2 fixes the following issues: CVE-2025-8067: Fixed missing bounds check leading to out-of-bounds read bsc1248502 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-46733: btrfs: fix qgroup reserve leaks in cowfilerange bsc1230708. CVE-2024-49996: cifs: Fix buffer overflow when parsing NFS reparse points bsc1232089...
Security update for busybox, busybox-links
This update for busybox, busybox-links fixes the following issues: Updated to version 1.37.0 jscPED-13039: CVE-2023-42363: Fixed use-after-free vulnerability in xasprintf function in xfuncsprintf.c bsc1217580 CVE-2023-42364: Fixed use-after-free in the awk.c evaluate function bsc1217584...
Security update for the Linux Kernel
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-50211: md-raid10: fix KASAN warning bsc1245140. CVE-2023-53117: fs: prevent out-of-bounds array speculation when closing a file descriptor bsc1242780...
Security update for krb5
This update for krb5 fixes the following issues: CVE-2025-3576: weakness in the MD5 checksum design allows for spoofing of GSSAPI-protected messages that are using RC4-HMAC-MD5 bsc1241219. Krb5, as a very old protocol, supported quite a number of ciphers that are not longer up to current...
Security update for bluez
This update for bluez fixes the following issues: CVE-2023-45866: keystroke injection and arbitrary command execution via HID device connections bsc1217877. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for curl
This update for curl fixes the following issues: Security issues fixed: CVE-2025-9086: bug in patch comparison logic when processing cookies can lead to out-of-bounds read in heap buffer bsc1249191. CVE-2025-10148: predictable websocket mask can lead to proxy cache poisoning by malicious server...
Security update for curl
This update for curl fixes the following issues: Security issues fixed: CVE-2025-9086: bug in patch comparison logic when processing cookies can lead to out-of-bounds read in heap buffer bsc1249191. CVE-2025-10148: predictable websocket mask can lead to proxy cache poisoning by malicious server...
Security update for avahi
This update for avahi fixes the following issues: CVE-2024-52615: wide-area DNS uses constant source port for queries and can expose the Avahi-daemon to DNS spoofing attacks bsc1233421. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for java-1_8_0-ibm
This update for java-180-ibm fixes the following issues: Update to Java 8.0 Service Refresh 8 Fix Pack 50. Security issues fixed: Oracle July 15 2025 CPU bsc1247754. CVE-2025-30749: heap corruption allows unauthenticated attacker with network access to compromise and takeover Java applications th...
Security update for cups
This update for cups fixes the following issues: CVE-2024-47175: no validation of IPP attributes in ppdCreatePPDFromIPP2 when writing to a temporary PPD file allows for the injection of attacker-controlled data to the resulting PPD bsc1230932. CVE-2025-58060: no password check when AuthType is se...
Security update for net-tools
This update for net-tools fixes the following issues: Security issues fixed: CVE-2025-46836: missing bounds check in getname may lead to a stack buffer overflow bsc1243581. Avoid unsafe use of memcpy in ifconfig bsc1248687. Prevent overflow in ax25 and netrom bsc1248687. Fix stack buffer overflow...
Security update for raptor
This update for raptor fixes the following issues: CVE-2024-57823: Fixed integer underflow when normalizing a URI with the turtle parser bsc1235673. CVE-2024-57822: Fixed heap buffer overread when parsing triples with the nquads parser bsc1235674. Patch Instructions: To install this SUSE update u...
Security update for sevctl
This update for sevctl fixes the following issues: CVE-2025-3416: openssl: Fixed Use-After-Free in Md::fetch and Cipher::fetch bsc1242618 CVE-2024-12224: idna: Fixed Punycode improper validation bsc1243860 Patch Instructions: To install this SUSE update use the SUSE recommended installation metho...
Security update for pam
This update for pam fixes the following issues: CVE-2024-10041: Fixed hashed password leak bsc1232234 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your...
Security update for nvidia-open-driver-G06-signed
This update for nvidia-open-driver-G06-signed fixes the following issues: Updated CUDA variant to 580.82.07: CVE-2025-23277: Fixed access to memory outside bounds permitted under normal use cases in NVIDIA Display Driver bsc1247528. CVE-2025-23278: Fixed improper index validation by issuing a cal...
Security update for nvidia-open-driver-G06-signed
This update for nvidia-open-driver-G06-signed fixes the following issues: Updated CUDA variant to 580.82.07: CVE-2025-23277: Fixed access to memory outside bounds permitted under normal use cases in NVIDIA Display Driver bsc1247528. CVE-2025-23278: Fixed improper index validation by issuing a cal...
Security update for net-tools
This update for net-tools fixes the following issues: Security issues fixed: Avoid unsafe use of memcpy in ifconfig bsc1248687. Prevent overflow in ax25 and netrom bsc1248687. Fix stack buffer overflow in parsehex bsc1248687. Fix stack buffer overflow in procgenfmt bsc1248687. Other issues fixed:...
Security update for raptor
This update for raptor fixes the following issues: CVE-2024-57823: Fixed integer underflow when normalizing a URI with the turtle parser bsc1235673 CVE-2024-57822: Fixed heap buffer overread when parsing triples with the nquads parser bsc1235674 Patch Instructions: To install this SUSE update use...
Security update for nginx
This update for nginx fixes the following issues: CVE-2025-53859: the server side may leak arbitrary bytes during the NGINX SMTP authentication process bsc1248070. CVE-2025-23419: session resumption can bypass client certificate authentication requirements using TLSv1.3 bsc1236851. Patch...
Security update for vim
This update for vim fixes the following issues: Update to version 9.1.1629. CVE-2025-53905: Fixed a path traversal issue in tar.vim plugin that may allow for file overwriting when opening specially crafted tar files bsc1246604. CVE-2025-53906: Fixed a path traversal issue in zip.vim plugin that m...
Security update for expat
This update for expat fixes the following issues: expat was updated to version 2.7.1: Bug fixes: Restore event pointer behavior from Expat 2.6.4 that the fix to CVE-2024-8176 changed in 2.7.0; affected API functions are: - XMLGetCurrentByteCount - XMLGetCurrentByteIndex - XMLGetCurrentColumnNumbe...