5415 matches found
Security update for salt
This update for salt fixes the following issues: Security issues fixed: CVE-2024-38822: Fixed Minion token validation bsc1244561 CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 CVE-2024-38824: Fixed directory traversal vulnerability...
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 140.1.0 ESR MFSA-RESERVE-2025-1968423 bmo1968423 JavaScript engine only wrote partial return value to stack MFSA-RESERVE-2025-1971581 bmo1971581 Large branch table could lead to truncated instruction...
Security update for qemu
This update for qemu fixes the following issues: CVE-2024-7409: Fixed denial of service via improper synchronization in QEMU NBD Server during socket closure bsc1229007 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for MozillaFirefox, MozillaFirefox-branding-SLE
This update for MozillaFirefox, MozillaFirefox-branding-SLE fixes the following issues: MozillaFirefox is updated to the 140ESR series. Firefox Extended Support Release 140.0esr ESR: General Reader View now has an enhanced Text and Layout menu with new options for character spacing, word spacing,...
Security update for polkit
This update for polkit fixes the following issues: CVE-2025-7519: Fixed a XML policy file with a large number of nested elements that may lead to out-of-bounds write. bsc1246472 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for polkit
This update for polkit fixes the following issues: CVE-2025-7519: Fixed a XML policy file with a large number of nested elements that may lead to out-of-bounds write. bsc1246472 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for polkit
This update for polkit fixes the following issues: CVE-2025-7519: Fixed a XML policy file with a large number of nested elements that may lead to out-of-bounds write. bsc1246472 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for python
This update for python fixes the following issues: CVE-2025-6069: Fixed worst case quadratic complexity that can lead to amplified DoS. bsc1244705 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...
Security update for libarchive
This update for libarchive fixes the following issues: CVE-2025-5916, Fixed integer overflow while reading warc files at archivereadsupportformatwarc.c bsc1244270 CVE-2025-5914: Fixed double free due to an integer overflow in the archivereadformatrarseekdata function bsc1244272 Patch Instructions...
Security update for gnutls
This update for gnutls fixes the following issues: CVE-2025-32990: Fix 1-byte heap buffer overflow when parsing templates with certtool bsc1246267 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...
Security update for gnutls
This update for gnutls fixes the following issues: CVE-2025-32990: Fix 1-byte heap buffer overflow when parsing templates with certtool bsc1246267 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...
Security update for kubernetes1.18
This update of kubernetes1.18 fixes the following issues: This update was retracted due to non working kubectl. CVE-2025-22872: Fixed golang.org/x/net/html: incorrectly interpreted tags can cause content to be placed wrong scope during DOM construction bsc1241865 rebuild the package with the...
Security update for ovmf
This update for ovmf fixes the following issues: CVE-2024-1298: Fixed potential UINT32 overflow in S3 ResumeCount bsc1225889. Other fixes: Fixed Kubevirt GPU passthrough failure bsc1245542 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for kubernetes1.18
This update of kubernetes1.18 fixes the following issues: CVE-2025-22872: Fixed golang.org/x/net/html: incorrectly interpreted tags can cause content to be placed wrong scope during DOM construction bsc1241865 rebuild the package with the current go 1.23 security release bsc1229122. Patch...
Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506002347 fixes several issues. The following security issue was fixed: CVE-2025-22115: btrfs: fix block group refcount race in btrfscreatependingblockgroups bsc1241579. Patch Instructions: To install this SUSE update use the SUSE recommended installation...
Security update for glib2
This update for glib2 fixes the following issues: CVE-2025-4373: Fixed buffer underflow through glib/gstring.c via function gstringinsertunichar bsc1242844 CVE-2025-6052: Fixed integer overflow in gstringmaybeexpand leads to potential buffer overflow in GString bsc1244596 Patch Instructions: To...
Security update for gstreamer-plugins-base
This update for gstreamer-plugins-base fixes the following issues: CVE-2025-47807: Fixed NULL-pointer dereference in SubRip subtitle parser bsc1244403 CVE-2025-47808: Fixed NULL-pointer dereference in TMPlayer subtitle parser bsc1244404 CVE-2025-47806: Fixed Stack buffer overflow in SubRip subtit...
Security update for jq
This update for jq fixes the following issues: CVE-2024-23337: Fixed signed integer overflow in jv.c:jvparraywrite bsc1243450 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the comma...
Security update for python-requests
This update for python-requests fixes the following issues: Avoid problems with certificate caching in sslcontext. bsc1246104, ghpsf/requests6767 Update to 2.32.4: CVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted environment will retrieve credentials for the wrong...
Security update for ImageMagick
This update for ImageMagick fixes the following issues: CVE-2025-53014: Fixed an off-by-one error may cause an out-of-bounds memory access bsc1246530 CVE-2025-53015: Fixed specific XMP file conversion may cause an infinite loop bsc1246531 CVE-2025-53019: Fixed format specifiers in a filename...
Security update for ImageMagick
This update for ImageMagick fixes the following issues: CVE-2025-53014: Fixed an off-by-one error may cause an out-of-bounds memory access bsc1246530 CVE-2025-53019: Fixed format specifiers in a filename template may cause a memory leak bsc1246534 CVE-2025-53101: Fixed input manipulation may lead...
Security update for the Linux Kernel (Live Patch 60 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122228 fixes several issues. The following security issues were fixed: CVE-2024-53146: NFSD: Prevent a potential integer overflow bsc1234854. CVE-2022-49465: blk-throttle: Set BIOTHROTTLED when bio has been throttled bsc1238920. CVE-2024-53214: vfio/pci:...
Security update 5.0.5 for Multi-Linux Manager Client Tools, Salt and Salt Bundle
This update fixes the following issues: golang-github-prometheus-nodeexporter: Security issues fixed: CVE-2025-22870: Prevent a matching of hosts against proxy patterns to improperly treat an IPv6 zone ID as a hostname component bsc1238686 Other bugs fixed: Fixed Darwin memory leak pressure: Fix...
Security update for salt
This update for salt fixes the following issues: Security issues fixed: CVE-2024-38822: Fixed Minion token validation bsc1244561 CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 CVE-2024-38824: Fixed directory traversal vulnerability...
Security update 5.0.5 for Multi-Linux Manager Client Tools, Salt and Salt Bundle
This update fixes the following issues: golang-github-prometheus-nodeexporter: Security issues fixed: CVE-2025-22870: Prevent a matching of hosts against proxy patterns to improperly treat an IPv6 zone ID as a hostname component bsc1238686 Other bugs fixed: Fixed Darwin memory leak pressure: Fix...
Security update for salt
This update for salt fixes the following issues: Security issues fixed: CVE-2024-38822: Fixed Minion token validation bsc1244561 CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 CVE-2024-38824: Fixed directory traversal vulnerability...
Security update for salt
This update for salt fixes the following issues: Security issues fixed: CVE-2024-38822: Fixed Minion token validation bsc1244561 CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 CVE-2024-38824: Fixed directory traversal vulnerability...
Security update for salt
This update for salt fixes the following issues: Security issues fixed: CVE-2024-38822: Fixed Minion token validation bsc1244561 CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 CVE-2024-38824: Fixed directory traversal vulnerability...
Security update 5.0.5 for Multi-Linux Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2024-38822: Fixed Minion token validation bsc1244561 CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 CVE-2024-38824: Fixed directory traversal...
Security update 5.0.5 for Multi-Linux Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2024-38822: Fixed Minion token validation bsc1244561 CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 CVE-2024-38824: Fixed directory traversal...
Security update 5.0.5 for Multi-Linux Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2024-38822: Fixed Minion token validation bsc1244561 CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 CVE-2024-38824: Fixed directory traversal...
Security update 5.0.5 for Multi-Linux Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2024-38822: Fixed Minion token validation bsc1244561 CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 CVE-2024-38824: Fixed directory traversal...
Security update 5.0.5 for Multi-Linux Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2024-38822: Fixed Minion token validation bsc1244561 CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 CVE-2024-38824: Fixed directory traversal...
Security update 5.0.5 for Multi-Linux Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2024-38822: Fixed Minion token validation bsc1244561 CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 CVE-2024-38824: Fixed directory traversal...
Security update 5.0.5 for Multi-Linux Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2024-38822: Fixed Minion token validation bsc1244561 CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 CVE-2024-38824: Fixed directory traversal...
Security update 5.0.5 for Multi-Linux Manager Client Tools
This update fixes the following issues: salt: Security issues fixed: CVE-2024-38822: Fixed Minion token validation bsc1244561 CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 CVE-2024-38824: Fixed directory traversal vulnerability in...
Security update for Multi-Linux Manager 5.0: Server, Proxy and Retail Server
Description: This update fixes the following issues: proxy-helm: Version 5.0.15: Image rebuilt to the newest version with updated dependencies proxy-httpd-image: Version 5.0.13: Add redirect of API calls from proxy to the server bsc1241880 proxy-salt-broker-image: Version 5.0.13: Image rebuilt to...
Maintenance update for Multi-Linux Manager 4.3 Release Notes Release Notes
Description: This update fixes the following issues: release-notes-susemanager-proxy: Update to SUSE Manager 4.3.16 CVE Fixed CVE-2025-23392, CVE-2025-23393, CVE-2025-46809 Bugs mentioned: bsc1236601, bsc1236635, bsc1236779, bsc1237294, bsc1238922 bsc1239826, bsc1240386, bsc1242004, bsc1243460,...
Maintenance update for Multi-Linux Manager 4.3: Server, Proxy and Retail Branch Server
Description: This update fixes the following issues: mgr-daemon: Version 4.3.12-0: Updated translation strings proxy-helm: Version 4.3.17: Chart rebuilt to the newest version with updated dependencies for SUSE Manager 4.3.16 proxy-httpd-image: Version 4.3.18: Image rebuilt to the newest version...
Security update for php8
This update for php8 fixes the following issues: Version update to 8.2.29: CVE-2025-1220: Fixed null byte termination in hostnames bsc1246167 CVE-2025-1735: Fixed pgsql extension does not check for errors during escaping bsc1246146 CVE-2025-6491: Fixed NULL Pointer Dereference in PHP SOAP Extensi...
Security update for php7
This update for php7 fixes the following issues: CVE-2025-1220: Fixed null byte termination in hostnames bsc1246167 CVE-2025-1735: Fixed pgsql extension does not check for errors during escaping bsc1246146 CVE-2025-6491: Fixed NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace...
Security update for gstreamer-plugins-base
This update for gstreamer-plugins-base fixes the following issues: CVE-2025-47808: Fixed NULL-pointer dereference in TMPlayer subtitle parser bsc1244404. CVE-2025-47807: Fixed NULL-pointer dereference in SubRip subtitle parser bsc1244403. CVE-2025-47806: Fixed stack buffer overflow in SubRip...
Security update for xen
This update for xen fixes the following issues: CVE-2025-27465: Fixed incorrect stubs exception handling for flags recovery XSA-470 bsc1244644 Fixed more AMD transient execution attacks XSA-471 bsc1246112 Patch Instructions: To install this SUSE update use the SUSE recommended installation method...
Security update for the Linux Kernel (Live Patch 40 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024164 fixes one issue. The following security issue was fixed: CVE-2024-56558: nfsd: make sure exp active before svcexportshow bsc1243648. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for the Linux Kernel (Live Patch 39 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024161 fixes one issue. The following security issue was fixed: CVE-2024-56558: nfsd: make sure exp active before svcexportshow bsc1243648. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for the Linux Kernel (Live Patch 38 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024158 fixes several issues. The following security issues were fixed: CVE-2022-49465: blk-throttle: Set BIOTHROTTLED when bio has been throttled bsc1238920. CVE-2025-21772: partitions: mac: fix handling of bogus partition table bsc1238912...
Security update for the Linux Kernel (Live Patch 57 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059204 fixes one issue. The following security issue was fixed: CVE-2024-56558: nfsd: make sure exp active before svcexportshow bsc1243648. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for libgcrypt
This update for libgcrypt fixes the following issues: CVE-2024-2236: timing-based side-channel flaw in RSA implementation can lead to decryption of RSA ciphertexts bsc1221107. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for php8
This update for php8 fixes the following issues: CVE-2025-1220: Fixed null byte termination in hostnames bsc1246167 CVE-2025-1735: Fixed pgsql extension does not check for errors during escaping bsc1246146 CVE-2025-6491: Fixed NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace...
Security update for php8
This update for php8 fixes the following issues: Version update to 8.3.23: CVE-2025-1220: Fixed null byte termination in hostnames bsc1246167 CVE-2025-1735: Fixed pgsql extension does not check for errors during escaping bsc1246146 CVE-2025-6491: Fixed NULL Pointer Dereference in PHP SOAP Extensi...