5124 matches found
Security update for nginx
This update for nginx fixes the following issues: Security hardening: - Drop root priviledges while running logrotatei. bsc1246090 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for grub2
This update for grub2 fixes the following issues: CVE-2025-4382: Fixed TPM auto-decryption data exposure bsc1242971 Filter out the non-subvolume btrfs mount points when creating the relative path bsc1239674 CVE-2024-45781: Fixed ufs strcpy overflow bsc1233617 CVE-2024-56737: Fixed heap-based buff...
Security update for the Linux Kernel
This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE update use the SUSE...
Security update for the Linux Kernel
This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE update use the SUSE...
Security update for pam-config
This update for pam-config fixes the following issues: CVE-2025-6018: Stop adding pamenv in AUTH stack, and be sure to put this module at the really end of the SESSION stack. bsc1243226 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for perl
This update for perl fixes the following issues: CVE-2024-56406: Fixed heap buffer overflow when transliterating non-ASCII bytes bsc1241083 CVE-2025-40909: Fixed a working directory race condition causing file operations to target unintended paths bsc1244079 Patch Instructions: To install this SU...
Security update for docker
This update for docker fixes the following issues: Update to Go 1.24 for builds, to match upstream. Update to Docker 28.3.2-ce. See upstream changelog online at Update to Docker 28.3.1-ce. See upstream changelog online at Update to Docker 28.3.0-ce. See upstream changelog online at bsc1246556...
Security update for jbigkit
This update for jbigkit fixes the following issues: Updated to version 2.1: CVE-2022-1210: Fixed denial of service in TIFF File Handler bsc1198146 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...
Security update for boost
This update for boost fixes the following issues: CVE-2016-9840: Fixed out-of-bounds pointer arithmetic in zlib in beast bsc1245936 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for salt
This update for salt fixes the following issues: Security issues fixed: CVE-2024-38822: Fixed Minion token validation bsc1244561 CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 CVE-2024-38824: Fixed directory traversal vulnerability...
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 140.1.0 ESR MFSA-RESERVE-2025-1968423 bmo1968423 JavaScript engine only wrote partial return value to stack MFSA-RESERVE-2025-1971581 bmo1971581 Large branch table could lead to truncated instruction...
Security update for qemu
This update for qemu fixes the following issues: CVE-2024-7409: Fixed denial of service via improper synchronization in QEMU NBD Server during socket closure bsc1229007 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for MozillaFirefox, MozillaFirefox-branding-SLE
This update for MozillaFirefox, MozillaFirefox-branding-SLE fixes the following issues: MozillaFirefox is updated to the 140ESR series. Firefox Extended Support Release 140.0esr ESR: General Reader View now has an enhanced Text and Layout menu with new options for character spacing, word spacing,...
Security update for polkit
This update for polkit fixes the following issues: CVE-2025-7519: Fixed a XML policy file with a large number of nested elements that may lead to out-of-bounds write. bsc1246472 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for polkit
This update for polkit fixes the following issues: CVE-2025-7519: Fixed a XML policy file with a large number of nested elements that may lead to out-of-bounds write. bsc1246472 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for polkit
This update for polkit fixes the following issues: CVE-2025-7519: Fixed a XML policy file with a large number of nested elements that may lead to out-of-bounds write. bsc1246472 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for python
This update for python fixes the following issues: CVE-2025-6069: Fixed worst case quadratic complexity that can lead to amplified DoS. bsc1244705 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...
Security update for libarchive
This update for libarchive fixes the following issues: CVE-2025-5916, Fixed integer overflow while reading warc files at archivereadsupportformatwarc.c bsc1244270 CVE-2025-5914: Fixed double free due to an integer overflow in the archivereadformatrarseekdata function bsc1244272 Patch Instructions...
Security update for gnutls
This update for gnutls fixes the following issues: CVE-2025-32990: Fix 1-byte heap buffer overflow when parsing templates with certtool bsc1246267 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...
Security update for gnutls
This update for gnutls fixes the following issues: CVE-2025-32990: Fix 1-byte heap buffer overflow when parsing templates with certtool bsc1246267 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...
Security update for kubernetes1.18
This update of kubernetes1.18 fixes the following issues: This update was retracted due to non working kubectl. CVE-2025-22872: Fixed golang.org/x/net/html: incorrectly interpreted tags can cause content to be placed wrong scope during DOM construction bsc1241865 rebuild the package with the...
Security update for ovmf
This update for ovmf fixes the following issues: CVE-2024-1298: Fixed potential UINT32 overflow in S3 ResumeCount bsc1225889. Other fixes: Fixed Kubevirt GPU passthrough failure bsc1245542 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for kubernetes1.18
This update of kubernetes1.18 fixes the following issues: CVE-2025-22872: Fixed golang.org/x/net/html: incorrectly interpreted tags can cause content to be placed wrong scope during DOM construction bsc1241865 rebuild the package with the current go 1.23 security release bsc1229122. Patch...
Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506002347 fixes several issues. The following security issue was fixed: CVE-2025-22115: btrfs: fix block group refcount race in btrfscreatependingblockgroups bsc1241579. Patch Instructions: To install this SUSE update use the SUSE recommended installation...
Security update for glib2
This update for glib2 fixes the following issues: CVE-2025-4373: Fixed buffer underflow through glib/gstring.c via function gstringinsertunichar bsc1242844 CVE-2025-6052: Fixed integer overflow in gstringmaybeexpand leads to potential buffer overflow in GString bsc1244596 Patch Instructions: To...
Security update for gstreamer-plugins-base
This update for gstreamer-plugins-base fixes the following issues: CVE-2025-47807: Fixed NULL-pointer dereference in SubRip subtitle parser bsc1244403 CVE-2025-47808: Fixed NULL-pointer dereference in TMPlayer subtitle parser bsc1244404 CVE-2025-47806: Fixed Stack buffer overflow in SubRip subtit...
Security update for jq
This update for jq fixes the following issues: CVE-2024-23337: Fixed signed integer overflow in jv.c:jvparraywrite bsc1243450 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the comma...
Security update for python-requests
This update for python-requests fixes the following issues: Avoid problems with certificate caching in sslcontext. bsc1246104, ghpsf/requests6767 Update to 2.32.4: CVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted environment will retrieve credentials for the wrong...
Security update for ImageMagick
This update for ImageMagick fixes the following issues: CVE-2025-53014: Fixed an off-by-one error may cause an out-of-bounds memory access bsc1246530 CVE-2025-53015: Fixed specific XMP file conversion may cause an infinite loop bsc1246531 CVE-2025-53019: Fixed format specifiers in a filename...
Security update for ImageMagick
This update for ImageMagick fixes the following issues: CVE-2025-53014: Fixed an off-by-one error may cause an out-of-bounds memory access bsc1246530 CVE-2025-53019: Fixed format specifiers in a filename template may cause a memory leak bsc1246534 CVE-2025-53101: Fixed input manipulation may lead...
Security update for the Linux Kernel (Live Patch 60 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122228 fixes several issues. The following security issues were fixed: CVE-2024-53146: NFSD: Prevent a potential integer overflow bsc1234854. CVE-2022-49465: blk-throttle: Set BIOTHROTTLED when bio has been throttled bsc1238920. CVE-2024-53214: vfio/pci:...
Security update 5.0.5 for Multi-Linux Manager Client Tools, Salt and Salt Bundle
This update fixes the following issues: golang-github-prometheus-nodeexporter: Security issues fixed: CVE-2025-22870: Prevent a matching of hosts against proxy patterns to improperly treat an IPv6 zone ID as a hostname component bsc1238686 Other bugs fixed: Fixed Darwin memory leak pressure: Fix...
Security update for salt
This update for salt fixes the following issues: Security issues fixed: CVE-2024-38822: Fixed Minion token validation bsc1244561 CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 CVE-2024-38824: Fixed directory traversal vulnerability...
Security update 5.0.5 for Multi-Linux Manager Client Tools, Salt and Salt Bundle
This update fixes the following issues: golang-github-prometheus-nodeexporter: Security issues fixed: CVE-2025-22870: Prevent a matching of hosts against proxy patterns to improperly treat an IPv6 zone ID as a hostname component bsc1238686 Other bugs fixed: Fixed Darwin memory leak pressure: Fix...
Security update for salt
This update for salt fixes the following issues: Security issues fixed: CVE-2024-38822: Fixed Minion token validation bsc1244561 CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 CVE-2024-38824: Fixed directory traversal vulnerability...
Security update for salt
This update for salt fixes the following issues: Security issues fixed: CVE-2024-38822: Fixed Minion token validation bsc1244561 CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 CVE-2024-38824: Fixed directory traversal vulnerability...
Security update for salt
This update for salt fixes the following issues: Security issues fixed: CVE-2024-38822: Fixed Minion token validation bsc1244561 CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 CVE-2024-38824: Fixed directory traversal vulnerability...
Security update 5.0.5 for Multi-Linux Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2024-38822: Fixed Minion token validation bsc1244561 CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 CVE-2024-38824: Fixed directory traversal...
Security update 5.0.5 for Multi-Linux Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2024-38822: Fixed Minion token validation bsc1244561 CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 CVE-2024-38824: Fixed directory traversal...
Security update 5.0.5 for Multi-Linux Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2024-38822: Fixed Minion token validation bsc1244561 CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 CVE-2024-38824: Fixed directory traversal...
Security update 5.0.5 for Multi-Linux Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2024-38822: Fixed Minion token validation bsc1244561 CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 CVE-2024-38824: Fixed directory traversal...
Security update 5.0.5 for Multi-Linux Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2024-38822: Fixed Minion token validation bsc1244561 CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 CVE-2024-38824: Fixed directory traversal...
Security update 5.0.5 for Multi-Linux Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2024-38822: Fixed Minion token validation bsc1244561 CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 CVE-2024-38824: Fixed directory traversal...
Security update 5.0.5 for Multi-Linux Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2024-38822: Fixed Minion token validation bsc1244561 CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 CVE-2024-38824: Fixed directory traversal...
Security update 5.0.5 for Multi-Linux Manager Client Tools
This update fixes the following issues: salt: Security issues fixed: CVE-2024-38822: Fixed Minion token validation bsc1244561 CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 CVE-2024-38824: Fixed directory traversal vulnerability in...
Security update for Multi-Linux Manager 5.0: Server, Proxy and Retail Server
Description: This update fixes the following issues: proxy-helm: Version 5.0.15: Image rebuilt to the newest version with updated dependencies proxy-httpd-image: Version 5.0.13: Add redirect of API calls from proxy to the server bsc1241880 proxy-salt-broker-image: Version 5.0.13: Image rebuilt to...
Maintenance update for Multi-Linux Manager 4.3 Release Notes Release Notes
Description: This update fixes the following issues: release-notes-susemanager-proxy: Update to SUSE Manager 4.3.16 CVE Fixed CVE-2025-23392, CVE-2025-23393, CVE-2025-46809 Bugs mentioned: bsc1236601, bsc1236635, bsc1236779, bsc1237294, bsc1238922 bsc1239826, bsc1240386, bsc1242004, bsc1243460,...
Maintenance update for Multi-Linux Manager 4.3: Server, Proxy and Retail Branch Server
Description: This update fixes the following issues: mgr-daemon: Version 4.3.12-0: Updated translation strings proxy-helm: Version 4.3.17: Chart rebuilt to the newest version with updated dependencies for SUSE Manager 4.3.16 proxy-httpd-image: Version 4.3.18: Image rebuilt to the newest version...
Security update for php8
This update for php8 fixes the following issues: Version update to 8.2.29: CVE-2025-1220: Fixed null byte termination in hostnames bsc1246167 CVE-2025-1735: Fixed pgsql extension does not check for errors during escaping bsc1246146 CVE-2025-6491: Fixed NULL Pointer Dereference in PHP SOAP Extensi...
Security update for php7
This update for php7 fixes the following issues: CVE-2025-1220: Fixed null byte termination in hostnames bsc1246167 CVE-2025-1735: Fixed pgsql extension does not check for errors during escaping bsc1246146 CVE-2025-6491: Fixed NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace...