5124 matches found
Security update for libavif
This update for libavif fixes the following issues: update to 1.3.0: CVE-2025-48175: Fixed an integer overflows in multiplications involving rgbRowBytes, yRowBytes, uRowBytes, and vRowBytes. bsc1243270 CVE-2025-48174: Fixed an integer overflow and resultant buffer overflow in stream-offset+size...
Security update for tiff
This update for tiff fixes the following issues: CVE-2025-8176: Fixed heap use-after-free in tools/tiffmedian.c bsc1247108 CVE-2025-8177: Fixed possible buffer overflow in tools/thumbnail.c:setrow when processing malformed TIFF files bsc1247106 Patch Instructions: To install this SUSE update use...
Security update for ruby2.5
This update for ruby2.5 fixes the following issues: CVE-2024-35221: Fixed remote denial of service via YAML manifest bsc1225905 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Recommended update for grub2
This update for grub2 fixes the following issues: CVE-2024-56738: Fixed side-channel attack due to not constant-time algorithm in grubcryptomemcmp bsc1234959 Other fixes: - Fix test -f and -s do not work properly over the network files served via tftp and http bsc1246157, bsc1246237 - Skip mount...
Security update for go1.23-openssl
This update for go1.23-openssl fixes the following issues: Updated to go1.23.12 released 2025-08-06 bsc1229122: - CVE-2025-4674: Fixed unexpected command execution in untrusted VCS repositories in cmd/go bsc1246118 - CVE-2025-47906: Fixed incorrect expansion of "", "." and ".." in some PATH...
Security update for rust-keylime
This update for rust-keylime fixes the following issues: Update to version 0.2.7+141: CVE-2025-58266: shlex: Fixed command injection bsc1247193 Update to version 0.2.7+117: CVE-2023-26964: rust-keylime: hyper,h2: stream stacking when H2 processing HTTP2 RSTSTREAM frames bsc1210344. CVE-2024-12224...
Security update for rust-keylime
This update for rust-keylime fixes the following issues: Update to version 0.2.7+141: CVE-2025-58266: shlex: Fixed command injection bsc1247193 Update to version 0.2.7+117: CVE-2023-26964: rust-keylime: hyper,h2: stream stacking when H2 processing HTTP2 RSTSTREAM frames bsc1210344. CVE-2024-12224...
Security update for rust-keylime
This update for rust-keylime fixes the following issues: Update to version 0.2.7+141: CVE-2025-58266: shlex: Fixed command injection bsc1247193 Update to version 0.2.7+117: CVE-2023-26964: rust-keylime: hyper,h2: stream stacking when H2 processing HTTP2 RSTSTREAM frames bsc1210344. CVE-2024-12224...
Security update for podman
This update for podman fixes the following issues: CVE-2025-6032: Fixed machine init command failing to verify TLS certificate bsc1245320 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can r...
Security update for podman
This update for podman fixes the following issues: CVE-2025-6032: Fixed machine init command failing to verify TLS certificate bsc1245320 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can r...
Security update for podman
This update for podman fixes the following issues: CVE-2025-6032: Fixed machine init command failing to verify TLS certificate bsc1245320 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can r...
Security update for Mesa
This update for Mesa fixes the following issues: CVE-2023-45913: Fixed NULL pointer dereference via dri2GetGlxDrawableFromXDrawableId bsc1222040 CVE-2023-45919: Fixed buffer over-read in glXQueryServerString bsc1222041 CVE-2023-45922: Fixed segmentation violation in glXGetDrawableAttribute...
Security update for python3
This update for python3 fixes the following issues: CVE-2025-6069: Fixed worst case quadratic complexity when processing certain crafted malformed inputs with HTMLParser bsc1244705 CVE-2025-8194: Fixed denial of service caused by tar archives with negative offsets bsc1247249 Other fixes: - Limit...
Security update for ImageMagick
This update for ImageMagick fixes the following issues: CVE-2025-53014: Fixed an off-by-one error may cause an out-of-bounds memory access bsc1246530 CVE-2025-53015: Fixed specific XMP file conversion may cause an infinite loop bsc1246531 CVE-2025-53019: Fixed format specifiers in a filename...
Security update for iputils
This update for iputils fixes the following issues: CVE-2025-48964: Fixed integer overflow in ping statistics via zero timestamp bsc1243772. Other bugfixes: Fixed ping on s390x that printed invalid ttl bsc1243284. Patch Instructions: To install this SUSE update use the SUSE recommended installati...
Security update for gstreamer-plugins-base
This update for gstreamer-plugins-base fixes the following issues: CVE-2025-47808: Fixed NULL-pointer dereference in TMPlayer subtitle parser bsc1244404. CVE-2025-47807: Fixed NULL-pointer dereference in SubRip subtitle parser bsc1244403. CVE-2025-47806: Fixed stack buffer overflow in SubRip...
Security update for cairo
This update for cairo fixes the following issues: CVE-2019-6462: Fixed a potentially infinite loop bsc1122321. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for...
Security update for pgadmin4
This update for pgadmin4 fixes the following issues: CVE-2025-27152: Fixed SSRF and creadential leakage due to requests sent to absolute URL even when baseURL is set bsc1239308 CVE-2023-1907: Fixed an issue which could result in users being authenticated in another user's session if two users...
Security update for kubernetes1.26
This update for kubernetes1.26 fixes the following issues: CVE-2025-22872: Properly handle trailing solidus in unquoted attribute value in foreign content bsc1241865. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for kubernetes1.23
This update for kubernetes1.23 fixes the following issues: CVE-2025-22872: Properly handle trailing solidus in unquoted attribute value in foreign content bsc1241865. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for libssh
This update for libssh fixes the following issues: CVE-2025-5372: sshkdf returns a success code on certain failures bsc1245314 CVE-2025-5987: Invalid return code for chacha20 poly1305 with OpenSSL backend bsc1245317 CVE-2025-4877: Write beyond bounds in binary to base64 conversion functions...
Security update for helm
This update for helm fixes the following issues: Update to version 3.18.4 bsc1246152, CVE-2025-53547: Disabling linter due to unknown issue f20a4ad Matt Farina builddeps: bump the k8s-io group with 7 updates 563b094 dependabotbot Updating link handling 00de613 Matt Farina Patch Instructions: To...
Security update for libarchive
This update for libarchive fixes the following issues: CVE-2025-5918: reading past EOF may be triggered for piped file streams bsc1244279 CVE-2025-5917: off by one error in buildustarentryname at archivewritesetformatpax.c bsc1244336 CVE-2025-5916: integer overflow while reading warc files at...
Security update for openssl-3
This update for openssl-3 fixes the following issues: CVE-2023-50782: Implicit rejection in PKCS1 v1.5 bsc1220262 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed fo...
Security update for python-urllib3
This update for python-urllib3 fixes the following issues: CVE-2025-50181: Pool managers now properly control redirects when retries is passed GHSA-pq67-6m6q-mj2v, bsc1244925 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for libssh
This update for libssh fixes the following issues: CVE-2025-5372: sshkdf returns a success code on certain failures bsc1245314 CVE-2025-5987: Invalid return code for chacha20 poly1305 with OpenSSL backend bsc1245317 CVE-2025-4877: Write beyond bounds in binary to base64 conversion functions...
Security update for libxslt
This update for libxslt fixes the following issues: CVE-2025-7424: Fixed type confusion in xmlNode.psvi between stylesheet and source nodes bsc1246360 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for poppler
This update for poppler fixes the following issues: CVE-2025-50420: Fixed Denial of Service in pdfseparate utility bsc1247590 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the comma...
Security update for poppler
This update for poppler fixes the following issues: CVE-2025-50420: Fixed Denial of Service in pdfseparate utility bsc1247590 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the comma...
Security update for poppler
This update for poppler fixes the following issues: CVE-2025-50420: Fixed Denial of Service in pdfseparate utility bsc1247590 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the comma...
Security update for poppler
This update for poppler fixes the following issues: CVE-2025-50420: Fixed Denial of Service in pdfseparate utility bsc1247590 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the comma...
Security update for python3
This update for python3 fixes the following issues: CVE-2025-8194: Fixed denial of service caused by tar archives with negative offsets bsc1247249. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...
Security update for apache-commons-lang3
This update for apache-commons-lang3 fixes the following issues: CVE-2025-48924: Fixed an uncontrolled recursion vulnerability that may lead to a DoS. bsc1246397 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for apache-commons-lang3
This update for apache-commons-lang3 fixes the following issues: CVE-2025-48924: Fixed an uncontrolled recursion vulnerability that may lead to a DoS. bsc1246397 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for icinga2
This update for icinga2 fixes the following issues: CVE-2025-48057: A certificate incorrectly treated as valid can allow an attacker to impersonate a trusted node bsc1243747. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for slurm
This update for slurm fixes the following issues: CVE-2025-43904: an issue with permission handling for Coordinators within the accounting system allowed Coordinators to promote a user to Administrator bsc1243666. Patch Instructions: To install this SUSE update use the SUSE recommended installati...
Security update for python3
This update for python3 fixes the following issues: CVE-2025-4516: use-after-free in the unicode-escape decoder when using the error handler bsc1243273. CVE-2024-12718: Fixed extraction filter bypass that allowed file metadata modification outside extraction directory bsc1244056 CVE-2025-4138:...
Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: Updated to version 2.48.5: - CVE-2025-31273: Fixed a vulnerability where processing maliciously crafted web content could lead to memory corruption. bsc1247564 - CVE-2025-31278: Fixed a vulnerability where processing maliciously crafted web...
Security update for kubernetes1.23
This update for kubernetes1.23 fixes the following issues: CVE-2021-25743: Escape terminal special characters in kubectl output bsc1194400. CVE-2023-2431: Prevent pods to bypass the seccomp profile enforcement bsc1212493. CVE-2024-0793: Advance autoscaling v2 as the preferred API version...
Security update for libgcrypt
This update for libgcrypt fixes the following issues: CVE-2024-2236: timing-based side-channel flaw in RSA implementation can lead to decryption of RSA ciphertexts bsc1221107. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Recommended update for grub2
This update for grub2 fixes the following issues: CVE-2024-56738: Fixed side-channel attack due to not constant-time algorithm in grubcryptomemcmp bsc1234959 Other fixes: - Fix test -f and -s do not work properly over the network files served via tftp and http bsc1246157, bsc1246237 - Skip mount...
Security update for systemd
This update for systemd fixes the following issues: Remove the script used to help migrating the language and locale settings located in /etc/sysconfig/language on old systems to the systemd default locations bsc1247074 The script was introduced more than 7 years ago and all systems running TW...
Security update for tiff
This update for tiff fixes the following issues: CVE-2025-8176: Fixed heap use-after-free in tools/tiffmedian.c bsc1247108 CVE-2025-8177: Fixed possible buffer overflow in tools/thumbnail.c:setrow when processing malformed TIFF files bsc1247106 Patch Instructions: To install this SUSE update use...
Security update for tiff
This update for tiff fixes the following issues: Updated TIFFMergeFieldInfo with readcount=writecount=0 for FIELDIGNORE bsc1243503 CVE-2025-8176: Fixed heap use-after-free in tools/tiffmedian.c bsc1247108 CVE-2025-8177: Fixed possible buffer overflow in tools/thumbnail.c:setrow when processing...
Security update for amber-cli
This update for amber-cli fixes the following issues: Update to version 1.13.1+git20250329.c2e3bb8: CVE-2025-30204: Fixed jwt-go excessive memory allocation during header parsing bsc1240511 jwt version upgrade 174 Update policy size limit to 20k 173 Update tenant user model with latest changes 17...
Security update for sccache
This update for sccache fixes the following issues: Update to version 0.4.24: CVE-2024-12224: Fixed improper validation of unsafe equivalence in punycode. bsc1243868 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for python313
This update for python313 fixes the following issues: CVE-2025-8194: Fixed denial of service caused by tar archives with negative offsets bsc1247249. CVE-2025-6069: Avoid worst case quadratic complexity when processing certain crafted malformed inputs with HTMLParser bsc1244705. CVE-2025-4435:...
Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: Updated to version 2.48.5: - CVE-2025-31273: Fixed a vulnerability where processing maliciously crafted web content could lead to memory corruption. bsc1247564 - CVE-2025-31278: Fixed a vulnerability where processing maliciously crafted web...
Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: Updated to version 2.48.5: - CVE-2025-31273: Fixed a vulnerability where processing maliciously crafted web content could lead to memory corruption. bsc1247564 - CVE-2025-31278: Fixed a vulnerability where processing maliciously crafted web...
Security update for govulncheck-vulndb
This update for govulncheck-vulndb fixes the following issues: Update to version 0.0.20250806T202249 2025-08-06T20:22:49Z jscPED-11136 GO-2022-0392 GHSA-m6gx-rhvj-fh52 GO-2022-0396 GHSA-g54h-m393-cpwq GO-2022-0452 GHSA-f3fp-gc8g-vw66 GO-2022-0456 GHSA-wjxw-gh3m-7pm5 GO-2022-0617 GHSA-qh36-44jv-c8...