5412 matches found
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP7 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-52888: media: mediatek: vcodec: Only free buffer VA that is not NULL bsc1228557. CVE-2024-49568: net/smc: check v2extoffset/eidcnt/ismgidcnt when...
Security update for helm-mirror
This update for helm-mirror fixes the following issues: CVE-2025-32386: Fixed denial of service due to memory exhaustion after loading a specially crafter chart bsc1241028 CVE-2025-32387: Fixed stack overflow due to parser recursion that can exceed the stack size limit bsc1241031 Patch...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-52888: media: mediatek: vcodec: Only free buffer VA that is not NULL bsc1228557. CVE-2024-49568: net/smc: check v2extoffset/eidcnt/ismgidcnt when...
Security update for python-Django
This update for python-Django fixes the following issues: CVE-2025-48432: Add an additional hardening for CVE-2025-48432 bsc1244095 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for systemd
This update for systemd fixes the following issues: CVE-2025-4598: Fixed race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump bsc1243935. Other bugfixes: logs-show: get timestamp and boot ID only when necessary bsc1242827. Patch...
Security update for systemd
This update for systemd fixes the following issues: CVE-2025-4598: Fixed race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump bsc1243935. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods li...
Security update for apache2
This update for apache2 fixes the following issues: CVE-2024-38477: Fixed null pointer dereference in modproxy bsc1227270. CVE-2024-39573: Fixed source code disclosure with handlers configured via AddType bsc1227271. CVE-2024-39884: Fixed source code disclosure of local content bsc1227353...
Security update for openssl-3
This update for openssl-3 fixes the following issues: CVE-2025-27587: Fixed Minerva side channel vulnerability in P-384 bsc1240366. Backport mdless cms signing support jscPED-12895 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate...
Security update for glib2
This update for glib2 fixes the following issues: Security issues: CVE-2025-4373: Fixed handling gssize parameters bsc1242844. CVE-2025-3360: Fixed integer overflow and buffer underread when parsing a very long and invalid ISO 8601 timestamp with gdatetimenewfromiso8601 bsc1240897 Non security...
Security update for glib2
This update for glib2 fixes the following issues: CVE-2025-4373: integer overflow in the gstringinsertunichar function can lead to buffer underwrite and memory corruption bsc1242844. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupda...
Security update for python39
This update for python39 fixes the following issues: CVE-2025-6069: Avoid worst case quadratic complexity when processing certain crafted malformed inputs with HTMLParser bsc1244705. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupda...
Security update for valkey
This update for valkey fixes the following issues: CVE-2025-27151: Absence of filename size check may cause a stack overflow bsc1243804. CVE-2025-49112: setDeferredReply integer underflow bsc1243913. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods lik...
Security update for samba
This update for samba fixes the following issues: CVE-2025-0620: smbd doesn't pick up group membership changes when re-authenticating an expired SMB session bsc1244136. Other bugfixes: net ad join fails with "Failed to join domain: failed to create kerberos keytab" bsc1238063. Patch Instructions:...
Security update for libssh
This update for libssh fixes the following issues: CVE-2025-5318: Fixed likely read beyond bounds in sftp server handle management bsc1245311. CVE-2025-4877: Fixed write beyond bounds in binary to base64 conversion functions bsc1245309. CVE-2025-4878: Fixed use of uninitialized variable in...
Security update for vim
This update for vim fixes the following issues: CVE-2024-41965: Fixed improper neutralization of argument delimiters in zip.vim that could have led to data loss bsc1228776. CVE-2025-29768: Fixed double-free in dialogchanged bsc1239602. Patch Instructions: To install this SUSE update use the SUSE...
Security update for vim
This update for vim fixes the following issues: CVE-2024-41965: Fixed improper neutralization of argument delimiters in zip.vim that could have led to data loss bsc1228776. CVE-2025-29768: Fixed double-free in dialogchanged bsc1239602. Patch Instructions: To install this SUSE update use the SUSE...
Security update for vim
This update for vim fixes the following issues: CVE-2024-41965: Fixed improper neutralization of argument delimiters in zip.vim that could have led to data loss bsc1228776. CVE-2025-29768: Fixed double-free in dialogchanged bsc1239602. Patch Instructions: To install this SUSE update use the SUSE...
Security update for xorg-x11-server
This update for xorg-x11-server fixes the following issues: CVE-2025-49176: Fixed the integer overflow in Big Requests Extension bsc1244084. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you ca...
Security update for xorg-x11-server
This update for xorg-x11-server fixes the following issues: CVE-2025-49176: Fixed the integer overflow in Big Requests Extension bsc1244084. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you ca...
Security update for stalld
This update for stalld fixes the following issues: Update to 1.19.8. Check https://gitlab.com/rt-linux-tools/stalld/-/releases for the full list of changes. Changes since 1.19.6: Address CVE-2024-54159, which is a DoS issue with the way throttlectl.sh uses temp files bsc1230327 Fix a compilation...
Security update for gpg2
This update for gpg2 fixes the following issues: gpg: Allow the use of an ADSK subkey as ADSK subkey. bsc1239119 CVE-2025-30258 Don't install expired sks certificate bsc1243069 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for libgepub
This update for libgepub fixes the following issues: CVE-2025-6196: Fixed an integer overflow in the EPUB archive handling code that can leads to massive memory allocation and application crash. bsc1244704 Patch Instructions: To install this SUSE update use the SUSE recommended installation metho...
Security update for openssl-3
This update for openssl-3 fixes the following issues: CVE-2024-13176: Fixed timing side-channel in the ECDSA signature computation bsc1236136 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you c...
Security update for icu
This update for icu fixes the following issues: CVE-2025-5222: Fixed stack buffer overflow in the SRBRoot:addTag function bsc1243721 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run th...
Security update for tomcat
This update for tomcat fixes the following issues: CVE-2025-46701: Refactored CGI servlet to access resources via WebResources bsc1243815. CVE-2025-48988: Limited the total number of parts in a multi-part request and limits the size of the headers provided with each part bsc1244656. CVE-2025-4912...
Security update for libgepub
This update for libgepub fixes the following issues: CVE-2025-6196: Fixed an integer overflow in the EPUB archive handling code that can leads to massive memory allocation and application crash. bsc1244704 Patch Instructions: To install this SUSE update use the SUSE recommended installation metho...
Security update for libsoup
This update for libsoup fixes the following issues: CVE-2025-4945: Add value checks for date/time parsing bsc1243314. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command liste...
Security update for xorg-x11-server
This update for xorg-x11-server fixes the following issues: CVE-2025-49176: Fixed the integer overflow in Big Requests Extension bsc1244084. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you ca...
Security update for xorg-x11-server
This update for xorg-x11-server fixes the following issues: CVE-2025-49176: Fixed the integer overflow in Big Requests Extension bsc1244084. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you ca...
Security update for xorg-x11-server
This update for xorg-x11-server fixes the following issues: CVE-2025-49176: Fixed the integer overflow in Big Requests Extension bsc1244084. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you ca...
Security update for python-requests
This update for python-requests fixes the following issues: CVE-2024-47081: fixes netrc credential leak bsc1244039. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed...
Security update for clamav
This update for clamav fixes the following issues: ClamAV version 1.4.3: CVE-2025-20260: PDF Scanning Buffer Overflow Vulnerability bsc1245054. CVE-2025-20234: Vulnerability in Universal Disk Format UDF processing bsc1245055. Other bugfixes: Fix a race condition between the mockup servers started...
Security update for clamav
This update for clamav fixes the following issues: ClamAV version 1.4.3: CVE-2025-20260: PDF Scanning Buffer Overflow Vulnerability bsc1245054. CVE-2025-20234: Vulnerability in Universal Disk Format UDF processing bsc1245055. Patch Instructions: To install this SUSE update use the SUSE recommende...
Security update for runc
This update for runc fixes the following issues: CVE-2024-45310: Fixed unintentional creation of empty files/directories on host bsc1230092 Other fixes: Update to runc v1.2.6. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for python-cryptography
This update for python-cryptography fixes the following issues: CVE-2025-3416: openssl: Fixed Use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate bsc1242631 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for python-setuptools
This update for python-setuptools fixes the following issues: CVE-2025-47273: Fixed path traversal vulnerability in PackageIndex bsc1243313 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can...
Security update for xorg-x11-server
This update for xorg-x11-server fixes the following issues: CVE-2025-49176: Fixed the integer overflow in Big Requests Extension bsc1244084. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you ca...
Security update for xwayland
This update for xwayland fixes the following issues: CVE-2025-49176: Fixed the integer overflow in Big Requests Extension bsc1244084. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run t...
Security update for redis
This update for redis fixes the following issues: CVE-2025-27151: Absence of filename size check may cause a stack overflow bsc1243804 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run...
Security update for ImageMagick
This update for ImageMagick fixes the following issues: Restore SUSE specific hardening config policies that got lost in refactoring bsc1243622. Fix issues leading to magick -gamma not producing expected image results bsc1235113. Patch Instructions: To install this SUSE update use the SUSE...
Security update for ImageMagick
This update for ImageMagick fixes the following issues: Security issues fixed: CVE-2025-43965: mishandling of image depth after SetQuantumFormat is used in MIFF image processing bsc1241659. CVE-2025-46393: mishandling of packetsize and rendering of channels in arbitrary order in multispectral MIF...
Security update for xwayland
This update for xwayland fixes the following issues: CVE-2025-49176: Fixed the integer overflow in Big Requests Extension bsc1244084. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run t...
Security update for screen
This update for screen fixes the following issues: Security issues fixed: CVE-2025-46802: temporary chmod of a user's TTY to mode 0666 when attempting to attach to a multi-user session allows for TTY hijacking bsc1242269. Other issues fixed: Use TTY file descriptor passing after a suspend MSGCONT...
Security update for perl
This update for perl fixes the following issues: CVE-2025-40909: Fixed a working directory race condition causing file operations to target unintended paths bsc1244079 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for containerd
This update for containerd fixes the following issues: Updated to version 1.7.27: CVE-2024-40635: Fixed integer overflow in User ID handling bsc1239749 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for jakarta-commons-fileupload
This update for jakarta-commons-fileupload fixes the following issues: Upgrade to upstream version 1.6.0 CVE-2025-48976: Fixed allocation of resources for multipart headers with insufficient limits can lead to a DoS bsc1244657. Full changelog:...
Security update for sudo
This update for sudo fixes the following issues: CVE-2025-32462: Fixed a possible local privilege escalation via the --host option bsc1245274. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you...
Security update for sudo
This update for sudo fixes the following issues: CVE-2025-32462: Fixed a possible local privilege escalation via the --host option bsc1245274. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you...
Security update for sudo
This update for sudo fixes the following issues: CVE-2025-32462: Fixed a possible local privilege escalation via the --host option bsc1245274. CVE-2025-32463: Fixed a possible local privilege Escalation via chroot option bsc1245275. Patch Instructions: To install this SUSE update use the SUSE...
Security update for sudo
This update for sudo fixes the following issues: CVE-2025-32462: Fixed a possible local privilege escalation via the --host option bsc1245274. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you...