Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-150600105 fixes several issues. The following security issues were fixed: CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inetcreate bsc1235231. CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing bsc1233708...

Security update for the Linux Kernel (Live Patch 59 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122225 fixes several issues. The following security issues were fixed: CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inetcreate bsc1235231. CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing bsc1233708...

Security update for python-tornado6

This update for python-tornado6 fixes the following issues: CVE-2024-52804: Fixed excessive CPU consumption by the algorithm used for parsing HTTP cookies bsc1233668 CVE-2025-47287: Fixed denial-of-service via generation of an extremely high volume of logs due to multipart/form-data parser...

Security update for python313

This update for python313 fixes the following issues: Update to version 3.13.5. Security issues fixed: CVE-2025-4517: arbitrary filesystem writes outside the extraction directory during extraction with filter="data" bsc1244032 CVE-2025-4516: use-after-free in the unicode-escape decoder when using...

Security update for the Linux Kernel RT (Live Patch 7 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506001023 fixes one issue. The following security issue was fixed: CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inetcreate bsc1235231. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaS...

Security update for the Linux Kernel RT (Live Patch 6 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506001020 fixes several issues. The following security issues were fixed: CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inetcreate bsc1235231. CVE-2024-56582: btrfs: fix use-after-free in btrfsencodedreadendio bsc1235129. CVE-2024-56605:...

Security update for the Linux Kernel RT (Live Patch 5 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506001017 fixes several issues. The following security issues were fixed: CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inetcreate bsc1235231. CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing bsc1233708...

Security update for the Linux Kernel RT (Live Patch 2 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-150600108 fixes several issues. The following security issues were fixed: CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inetcreate bsc1235231. CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing bsc1233708...

Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506008 fixes several issues. The following security issues were fixed: CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inetcreate bsc1235231. CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing bsc1233708...

Security update for kernel-livepatch-MICRO-6-0-RT_Update_2

This update for kernel-livepatch-MICRO-6-0-RTUpdate2 fixes the following issues: CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inetcreate bsc1235231 CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing bsc1233708 CVE-2024-50301: security/keys: fi...

Security update for kernel-livepatch-MICRO-6-0-RT_Update_2

This update for kernel-livepatch-MICRO-6-0-RTUpdate2 fixes the following issues: CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inetcreate bsc1235231 CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing bsc1233708 CVE-2024-50301: security/keys: fi...

Security update for python-tornado6

This update for python-tornado6 fixes the following issues: CVE-2025-47287: Fixed denial of service via generation of an extremely high volume of logs due to multipart/form-data parser bsc1243268. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like...

Security update for screen

This update for screen fixes the following issues: CVE-2025-46802: Fixed temporary chown of users' TTY to mode 0666 allowing PTY hijacking bsc1242269 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternative...

Security update for gpg2

This update for gpg2 fixes the following issues: CVE-2025-30258: Fixed a verification DoS due to a malicious subkey in the keyring. bsc1239119 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you...

Security update for distribution

This update for distribution fixes the following issues: The package is rebuild with more recent go go1.24, fixing respective security issues bsc1244471 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

Security update for icu

This update for icu fixes the following issues: CVE-2025-5222: Stack buffer overflow in the SRBRoot:addTag function bsc1243721. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...

Security update for gstreamer-plugins-good

This update for gstreamer-plugins-good fixes the following issues: CVE-2025-47183: Fixed out-of-bounds read in MOV/MP4 demuxer bsc1244406. CVE-2025-47219: Fixed out-of-bounds read in MOV/MP4 demuxer bsc1244405. CVE-2024-47540: Fixed uninitialized stack memory in Matroska/WebM demuxer bsc1234421...

Security update for python311

This update for python311 fixes the following issues: python311 was updated from version 3.11.10 to 3.11.13: Security issues fixed: CVE-2025-4516: Fixed blocking DecodeError handling vulnerability, which could lead to DoS bsc1243273. CVE-2024-12718, CVE-2025-4138, CVE-2025-4330, CVE-2025-4517:...

Security update for apache-commons-beanutils

This update for apache-commons-beanutils fixes the following issues: Update to 1.11.0: Fixed Bugs: BeanComparator.compareT, T now throws IllegalArgumentException instead of RuntimeException to wrap all cases of ReflectiveOperationException. MappedMethodReference.get now throws IllegalStateExcepti...

Security update for gstreamer-plugins-good

This update for gstreamer-plugins-good fixes the following issues: CVE-2024-47537: Fixed OOB-write in isomp4/qtdemux.c bsc1234414 CVE-2024-47539: Fixed OOB-write in converttos3341a bsc1234417 CVE-2024-47540: Fixed uninitialized stack memory in Matroska/WebM demuxer bsc1234421 CVE-2024-47543: Fixe...

Security update for iputils

This update for iputils fixes the following issues: CVE-2025-48964: Fixed integer overflow in ping statistics via zero timestamp bsc1243772 Fix ping on s390x printing invalid ttl bsc1243284 CVE-2025-47268: Fixed integer overflow in RTT calculation can lead to undefined behavior bsc1242300 Patch...

Security update for afterburn

This update for afterburn fixes the following issues: Update to version 5.8.2: cargo: Afterburn release 5.8.2 docs/release-notes: update for release 5.8.2 cargo: update dependencies cargo: Afterburn release 5.8.1 cargo: Afterburn release 5.8.0 docs/release-notes: update for release 5.8.0 cargo:...

Security update for gstreamer-plugins-good

This update for gstreamer-plugins-good fixes the following issues: CVE-2025-47183: Fixed out-of-bounds read in MOV/MP4 demuxer bsc1244406. CVE-2025-47219: Fixed out-of-bounds read in MOV/MP4 demuxer bsc1244405. CVE-2024-47540: Fixed uninitialized stack memory in Matroska/WebM demuxer bsc1234421...

Security update for apache2-mod_security2

This update for apache2-modsecurity2 fixes the following issues: CVE-2025-47947: Fixed denial of service through sanitiseMatchedBytes bsc1243978. CVE-2025-48866: Fixed denial of service via excessive number of arguments in sanitiseArg bsc1243976. Patch Instructions: To install this SUSE update us...

Security update for perl

This update for perl fixes the following issues: CVE-2025-40909: do not change the current directory when cloning an open directory handle bsc1244079 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternative...

Security update for python39

This update for python39 fixes the following issues: python39 was updated from version 3.9.21 to version 3.9.23: Security issues fixed: CVE-2025-4516: Fixed blocking DecodeError handling vulnerability, which could lead to DoS bsc1243273 CVE-2024-12718, CVE-2025-4138, CVE-2025-4330, CVE-2025-4517:...

Security update for python311

This update for python311 fixes the following issues: python311 was updated from version 3.11.10 to 3.11.13: Security issues fixed: CVE-2025-4516: Fixed blocking DecodeError handling vulnerability, which could lead to DoS bsc1243273. CVE-2024-12718, CVE-2025-4138, CVE-2025-4330, CVE-2025-4517:...

Security update for python312

This update for python312 fixes the following issues: python312 was updated from version 3.12.9 to 3.12.11: Security issues fixed: CVE-2025-4516: Fixed blocking DecodeError handling vulnerability, which could lead to DoS bsc1243273 CVE-2024-12718, CVE-2025-4138, CVE-2025-4330, CVE-2025-4517: Fixe...

Security update for python310

This update for python310 fixes the following issues: python310 was updated from version 3.10.16 to 3.10.18: Security issues fixed: CVE-2025-4516: Fixed blocking DecodeError handling vulnerability, which could lead to DoS bsc1243273 CVE-2024-12718, CVE-2025-4138, CVE-2025-4330, CVE-2025-4517: Fix...

Security update for ignition

This update for ignition fixes the following issues: CVE-2025-22868: golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2 bsc1239192. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate ...

Security update for nodejs20

This update for nodejs20 fixes the following issues: Update to 20.19.2: CVE-2025-23166: improper error handling in async cryptographic operations crashes process bsc1243218. CVE-2025-23167: improper HTTP header block termination in llhttp bsc1243220. CVE-2025-23165: add missing call to...

Security update for libblockdev

This update for libblockdev fixes the following issues: CVE-2025-6019: Suppress privilege escalation during xfs fs resize bsc1243285. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run t...

Security update for libblockdev

This update for libblockdev fixes the following issues: CVE-2025-6019: Suppress privilege escalation during xfs fs resize bsc1243285. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run t...

Security update for openssl-3

This update for openssl-3 fixes the following issues: CVE-2025-27587: timing side-channel vulnerability in the P-384 implementation when used with ECDSA bsc1243459. CVE-2024-12797: Fixed that RFC7250 handshakes with unauthenticated servers don't abort as expected. bsc1236599 CVE-2024-13176: Fixed...

Security update for ignition

This update for ignition fixes the following issues: CVE-2025-22868: golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2 bsc1239192. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate ...

Security update for ignition

This update for ignition fixes the following issues: CVE-2025-22868: golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2 bsc1239192. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate ...

Security update for nodejs20

This update for nodejs20 fixes the following issues: Update to 20.19.2: CVE-2025-23166: improper error handling in async cryptographic operations crashes process bsc1243218. CVE-2025-23167: improper HTTP header block termination in llhttp bsc1243220. CVE-2025-23165: add missing call to...

Security update for python3

This update for python3 fixes the following issues: CVE-2025-4516: CPython DecodeError Handling Vulnerability bsc1243273 Other fixes: - Add python36- provides/obsoletes to enable SLE-12 - SLE-15 migration bsc1233012 - Update vendored ipaddress module to 3.8 equivalent - Limit buffer size for...

Security update for ghc-pandoc

This update for ghc-pandoc fixes the following issues: CVE-2024-38526: Fixed Polyfill Supply Chain Attack bsc1227690. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command liste...

Security update for ignition

This update for ignition fixes the following issues: CVE-2025-22868: golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2 bsc1239192. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate ...

Security update for gstreamer

This update for gstreamer fixes the following issues: CVE-2024-47606: Fixed integer overflows in MP4/MOV demuxer and memory allocator that can lead to out-of-bounds writes bsc1234449 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupda...

Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: Update to version 2.48.2: CVE-2025-24223: Processing maliciously crafted web content may lead to memory corruption bsc1243424. CVE-2025-31204: Processing maliciously crafted web content may lead to memory corruption bsc1243286. CVE-2025-3120...

Security update for pam_pkcs11

This update for pampkcs11 fixes the following issues: CVE-2025-6018: Removes pamenv from auth stack for security reason bsc1243226. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...

Security update for pam_pkcs11

This update for pampkcs11 fixes the following issues: CVE-2025-6018: Removes pamenv from auth stack for security reason bsc1243226. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...

Security update for xen

This update for xen fixes the following issues: Security fixes: CVE-2024-28956: Fixed Intel CPU: Indirect Target Selection ITS XSA-469 bsc1243117 Other fixes: Upstream bug fixes bsc1027519 Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: T...

Security update for apache2-mod_security2

This update for apache2-modsecurity2 fixes the following issues: CVE-2025-47947: Fixed denial of service through sanitiseMatchedBytes bsc1243978. CVE-2025-48866: Fixed denial of service via excessive number of arguments in sanitiseArg bsc1243976. Patch Instructions: To install this SUSE update us...

Security update for apache2-mod_security2

This update for apache2-modsecurity2 fixes the following issues: CVE-2025-47947: Fixed denial of service through sanitiseMatchedBytes bsc1243978. CVE-2025-48866: Fixed denial of service via excessive number of arguments in sanitiseArg bsc1243976. Patch Instructions: To install this SUSE update us...

Security update for perl

This update for perl fixes the following issues: CVE-2025-40909: Do not change the current directory when cloning an open directory handle bsc1244079. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

Security update for pam_pkcs11

This update for pampkcs11 fixes the following issues: CVE-2025-6018: Removes pamenv from auth stack for security reason bsc1243226. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...

Security update for pam

This update for pam fixes the following issues: CVE-2025-6020: pamnamespace: convert functions that may operate on a user-controlled path to operate on file descriptors instead of absolute path. And keep the bind-mount protection from protectmount as a defense in depthmeasure. bsc1244509 Patch...