5124 matches found
Security update for pam
This update for pam fixes the following issues: CVE-2025-6020: pamnamespace: convert functions that may operate on a user-controlled path to operate on file descriptors instead of absolute path. And keep the bind-mount protection from protectmount as a defense in depthmeasure. bsc1244509 Patch...
Security update for gstreamer-plugins-base
This update for gstreamer-plugins-base fixes the following issues: CVE-2024-47538: Fixed stack-buffer overflow in vorbishandleidentificationpacket bnc1234415 CVE-2024-47600: Fixed out-of-bounds read in gst-discoverer-1.0 commandline tool bnc1234453 CVE-2024-47615: Fixed out-of-bounds write in Ogg...
Security update for systemd
This update for systemd fixes the following issues: CVE-2025-4598: Race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump bsc1243935. CVE-2023-26604: Privilege escalation via the less pager bsc1208958. CVE-2022-4415: systemd-coredump wa...
Security update for s390-tools
This update for s390-tools fixes the following issues: Security issues fixed: CVE-2025-3416: Fixed Use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate. bsc1242622 Other issues: Added the new IBM z17 9175 processor type. Patch Instructions: To install this SUSE update use the SUSE...
Security update for screen
This update for screen fixes the following issues: Security issues fixed: CVE-2025-46802: temporary chmod of a user's TTY to mode 0666 when attempting to attach to a multi-user session allows for TTY hijacking bsc1242269. Other issues fixed: Use TTY file descriptor passing after a suspend MSGCONT...
Security update for gdm
This update for gdm fixes the following issues: CVE-2025-6018: pam.d: removes pamenv from auth stack for security reason bsc1243226. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run th...
Security update for ignition
This update for ignition fixes the following issues: CVE-2025-22870: golang.org/x/net/http/httpproxy: proxy bypass using IPv6 zone IDs bsc1238681. CVE-2025-22868: golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2 bsc1239192. Patch Instructions: To...
Security update for pam
This update for pam fixes the following issues: CVE-2025-6018: pamenv: Change the default to not read the user .pamenvironment file bsc1243226. CVE-2025-6020: pamnamespace: convert functions that may operate on a user-controlled path to operate on file descriptors instead of absolute path...
Security update for xorg-x11-server
This update for xorg-x11-server fixes the following issues: CVE-2025-49175: Out-of-bounds access in X Rendering extension Animated cursors bsc1244082. CVE-2025-49176: Integer overflow in Big Requests Extension bsc1244084. CVE-2025-49178: Unprocessed client request via bytes to ignore bsc1244087...
Security update for redis
This update for redis fixes the following issues: CVE-2025-21605: output buffer denial of service bsc1241708. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for yo...
Security update for govulncheck-vulndb
This update for govulncheck-vulndb fixes the following issues: Update to version 0.0.20250612T141001 2025-06-11T17:46:02Z jscPED-11136 Go CVE Numbering Authority IDs added or updated with aliases: GO-2025-3570 GO-2025-3683 GO-2025-3755 Update to version 0.0.20250611T174602 2025-06-11T17:46:02Z...
Security update for gdm
This update for gdm fixes the following issues: CVE-2025-6018: Removes pamenv from auth stack for security reason bsc1243226. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the comma...
Security update for gdm
This update for gdm fixes the following issues: CVE-2025-6018: Removes pamenv from auth stack for security reason bsc1243226. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the comma...
Security update for gdm
This update for gdm fixes the following issues: CVE-2025-6018: Removes pamenv from auth stack for security reason bsc1243226. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the comma...
Security update for gdm
This update for gdm fixes the following issues: CVE-2025-6018: pam.d: removes pamenv from auth stack for security reason bsc1243226. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run th...
Security update for pam
This update for pam fixes the following issues: CVE-2025-6018: pamenv: Change the default to not read the user .pamenvironment file bsc1243226. pamnamespace: convert functions that may operate on a user-controlled path to operate on file descriptors instead of absolute path bsc1244509. Patch...
Security update for the Linux Kernel
This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE update use the SUSE...
Security update for libblockdev
This update for libblockdev fixes the following issues: CVE-2025-6019: Suppress privilege escalation during xfs fs resize bsc1243226 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run th...
Security update for libblockdev
This update for libblockdev fixes the following issues: CVE-2025-6019: Suppress privilege escalation during xfs fs resize bsc1243226 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run th...
Security update for python-requests
This update for python-requests fixes the following issues: CVE-2024-47081: fixed netrc credential leak bsc1244039. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed...
Security update for python-requests
This update for python-requests fixes the following issues: CVE-2024-47081: fixed netrc credential leak bsc1244039. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed...
Security update for python3-requests
This update for python3-requests fixes the following issues: CVE-2024-47081: fixes netrc credential leak bsc1244039. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-49110: netfilter: conntrack: revisit gc autotuning bsc1237981. CVE-2022-49139: Bluetooth: fix null ptr deref on hcisyncconncompleteevt bsc1238032...
Security update 4.3.15.2 SUSE Manager Server 4.3
This update fixes the following issues: netty: Security issues fixed: CVE-2024-47535: Decorate InputStream to throw an exception once the data read limit is reached bsc1233297 Other changes: Replace AlgorithmId.sha256WithRSAEncryptionoid usage with specify the OID directly susemanager-sync-data:...
Security update for golang-github-prometheus-alertmanager
This update for golang-github-prometheus-alertmanager fixes the following issues: Security: CVE-2025-22870: Fix proxy bypassing using IPv6 zone IDs bsc1238686 CVE-2023-45288: Fix HTTP/2 CONTINUATION flood in net/http bsc1236516 Patch Instructions: To install this SUSE update use the SUSE...
Security update for grafana
This update for grafana fixes the following issues: grafana was updated from version 10.4.15 to 11.5.5 jscPED-12918: Security issues fixed: CVE-2025-4123: Fix cross-site scripting vulnerability bsc1243714. CVE-2025-22872: Bump golang.org/x/net/html bsc1241809 CVE-2025-3580: Prevent unauthorized...
Security update for golang-github-prometheus-prometheus
This update for golang-github-prometheus-prometheus fixes the following issues: Security issues fixed: CVE-2023-45288: Require Go = 1.23 for building bsc1236516 CVE-2025-22870: Bump golang.org/x/net to version 0.39.0 bsc1238686 Version was updated to 2.53.4 with the following bug fixes: Runtime:...
Security update for Multi-Linux Manager Client Tools
This update fixes the following issues: golang-github-prometheus-prometheus was updated to version 2.53.4: Security issues fixed: CVE-2023-45288: Require Go = 1.23 for building bsc1236516 CVE-2025-22870: Bumped golang.org/x/net to version 0.39.0 bsc1238686 Other bugs fixes from version 2.53.4:...
Security update for golang-github-prometheus-node_exporter
This update for golang-github-prometheus-nodeexporter fixes the following issues: golang-github-prometheus-nodeexporter was updated to version 1.9.1: Security issues fixed: CVE-2025-22870: Bumped golang.org/x/net to version 0.37.0 bsc1238686 Other bugs fixed: pressure: Fixed missing IRQ on older...
Security update for Multi-Linux Manager Client Tools
This update fixes the following issues: golang-github-prometheus-prometheus was updated to version 2.53.4: Security issues fixed: CVE-2023-45288: Require Go = 1.23 for building bsc1236516 CVE-2025-22870: Bumped golang.org/x/net to version 0.39.0 bsc1238686 Other bugs fixes from version 2.53.4:...
Maintenance update for Multi-Linux Manager 4.3 Release Notes Release Notes
This update fixes the following issues: release-notes-susemanager: Update to SUSE Manager 4.3.15.2 SUSE Manager 4.3 will transition to LTS after June 2025 CVE Fixed CVE-2023-45288, CVE-2024-11741, CVE-2024-45337, CVE-2024-45339 CVE-2024-51744, CVE-2024-9264, CVE-2024-9476, CVE-2025-22870...
Security update for the Linux Kernel
This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE update use the SUSE...
Security update for the Linux Kernel
This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE update use the SUSE...
Security update for xorg-x11-server
This update for xorg-x11-server fixes the following issues: CVE-2025-49175: Out-of-bounds access in X Rendering extension Animated cursors bsc1244082. CVE-2025-49176: Integer overflow in Big Requests Extension bsc1244084. CVE-2025-49177: Data leak in XFIXES Extension 6 XFixesSetClientDisconnectMo...
Security update for xorg-x11-server
This update for xorg-x11-server fixes the following issues: CVE-2025-49175: Out-of-bounds access in X Rendering extension Animated cursors bsc1244082. CVE-2025-49176: Integer overflow in Big Requests Extension bsc1244084. CVE-2025-49177: Data leak in XFIXES Extension 6 XFixesSetClientDisconnectMo...
Security update for xorg-x11-server
This update for xorg-x11-server fixes the following issues: CVE-2025-49175: Out-of-bounds access in X Rendering extension Animated cursors bsc1244082. CVE-2025-49176: Integer overflow in Big Requests Extension bsc1244084. CVE-2025-49177: Data leak in XFIXES Extension 6 XFixesSetClientDisconnectMo...
Security update for xorg-x11-server
This update for xorg-x11-server fixes the following issues: CVE-2025-49175: Out-of-bounds access in X Rendering extension Animated cursors bsc1244082. CVE-2025-49176: Integer overflow in Big Requests Extension bsc1244084. CVE-2025-49178: Unprocessed client request via bytes to ignore bsc1244087...
Security update for xorg-x11-server
This update for xorg-x11-server fixes the following issues: CVE-2025-49175: Out-of-bounds access in X Rendering extension Animated cursors bsc1244082. CVE-2025-49176: Integer overflow in Big Requests Extension bsc1244084. CVE-2025-49178: Unprocessed client request via bytes to ignore bsc1244087...
Security update for xwayland
This update for xwayland fixes the following issues: CVE-2025-49175: Out-of-bounds access in X Rendering extension Animated cursors bsc1244082 CVE-2025-49176: Integer overflow in Big Requests Extension bsc1244084 CVE-2025-49177: Data leak in XFIXES Extension 6 XFixesSetClientDisconnectMode...
Security update for xwayland
This update for xwayland fixes the following issues: CVE-2025-49175: Out-of-bounds access in X Rendering extension Animated cursors bsc1244082. CVE-2025-49176: Integer overflow in Big Requests Extension bsc1244084. CVE-2025-49177: Data leak in XFIXES Extension 6 XFixesSetClientDisconnectMode...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP7 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-28956: x86/ibt: Keep IBT disabled during alternative patching bsc1242006. CVE-2024-35840: mptcp: use OPTIONMPTCPMPJSYNACK in subflowfinishconnect bsc122459...
Security update for the Linux Kernel
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-52888: media: mediatek: vcodec: Only free buffer VA that is not NULL bsc1228557. CVE-2024-46713: kabi fix for perf/aux: Fix AUX buffer...
Security update for wireshark
This update for wireshark fixes the following issues: CVE-2025-5601: Dissection engine crash bsc1244081. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP7 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-52927: netfilter: allow exp not to be removed in nfctfindexpectation bsc1239644. CVE-2024-28956: x86/ibt: Keep IBT disabled during alternative patching...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-49775: tcp: cdg: allow tcpcdgrelease to be called multiple times bsc1242245. CVE-2024-53168: net: make sockinuseadd available bsc1234887. CVE-2024-56558:...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-28956: x86/ibt: Keep IBT disabled during alternative patching bsc1242006. CVE-2024-46713: kabi fix for perf/aux: Fix AUX buffer serialization bsc1230581...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-28956: x86/ibt: Keep IBT disabled during alternative patching bsc1242006. CVE-2024-35840: mptcp: use OPTIONMPTCPMPJSYNACK in subflowfinishconnect bsc122459...
Security update for the Linux Kernel
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-52888: media: mediatek: vcodec: Only free buffer VA that is not NULL bsc1228557. CVE-2024-46713: kabi fix for perf/aux: Fix AUX buffer...
Security update for java-11-openjdk
This update for java-11-openjdk fixes the following issues: Upgrade to upstream tag jdk-11.0.27+6 April 2025 CPU CVEs: CVE-2025-21587: Fixed JSSE unauthorized access, deletion or modification of critical data bsc1241274 CVE-2025-30691: Fixed Oracle Java SE Compiler Unauthorized Data Access...
Security update for python-setuptools
This update for python-setuptools fixes the following issues: CVE-2025-47273: Fixed a path traversal vulnerability. bsc1243313, ghpypa/setuptools@250a6d17978f Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...