5115 matches found
Security update for python312-setuptools
This update for python312-setuptools fixes the following issues: CVE-2025-47273: path traversal in PackageIndex.download may lead to an arbitrary file write bsc1243313. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for postgresql14
This update for postgresql14 fixes the following issues: Upgrade to 14.18: CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation bsc1242931 Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for iputils
This update for iputils fixes the following issues: Security fixes: CVE-2025-47268: Fixed integer overflow in RTT calculation can lead to undefined behavior bsc1242300. Other bug fixes: Fixed incorrect IPV4 TTL value when using SOCKDGRAM on big endian systems bsc1243284. Patch Instructions: To...
Security update for java-1_8_0-ibm
This update for java-180-ibm fixes the following issues: Update to Java 8.0 Service Refresh 8 Fix Pack 45. Security issues fixed: Oracle April 15 2025 CPU bsc1242208 CVE-2025-21587: unauthorized access, deletion and modification of critical data via the JSSE component bsc1241274. CVE-2025-30691:...
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Update to Mozilla Firefox ESR 128.11 MFSA 2025-44, bsc1243353: MFSA-TMP-2025-0001: Double-free in libvpx encoder bmo1962421 CVE-2025-5263: Error handling for script execution was incorrectly isolated from web content bmo1960745...
Security update for postgresql16
This update for postgresql16 fixes the following issues: Upgrade to 16.9: CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation bsc1242931 Changelog: https://www.postgresql.org/docs/release/16.9/ Patch Instructions: To...
Security update for postgresql16
This update for postgresql16 fixes the following issues: Upgrade to 16.9: CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation bsc1242931 Changelog: https://www.postgresql.org/docs/release/16.9/ Patch Instructions: To...
Security update for postgresql17
This update for postgresql17 fixes the following issues: Upgrade to 17.5: CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation bsc1242931 Changelog: https://www.postgresql.org/docs/release/17.5/ Patch Instructions: To...
Security update for augeas
This update for augeas fixes the following issues: CVE-2025-2588: Check for NULL pointers when calling recaseexpand in function faexpandnocase. bsc1239909 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for brotli
This update for brotli fixes the following issues: CVE-2020-8927: Fixed integer overflow when input chunk is larger than 2GiB bsc1175825. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can r...
Security update for slurm_24_11
This update for slurm2411 fixes the following issues: Update to version 24.11.5. Security issues fixed: CVE-2025-43904: an issue with permission handling for Coordinators within the accounting system allowed Coordinators to promote a user to Administrator bsc1243666. Other changes and issues fixe...
Security update for open-vm-tools
This update for open-vm-tools fixes the following issues: Update to 12.5.2: Security fixes: CVE-2025-22247: Fixed Insecure file handling bsc1243106 Other fixes: Fixed GCC 15 compile time error bsc1241938 Fix building with containerd 1.7.25+ bsc1237147 Full changelog:...
Security update for slurm
This update for slurm fixes the following issues: CVE-2025-43904: an issue with permission handling for Coordinators within the accounting system allowed Coordinators to promote a user to Administrator bsc1243666. Patch Instructions: To install this SUSE update use the SUSE recommended installati...
Security update for slurm
This update for slurm fixes the following issues: CVE-2025-43904: an issue with permission handling for Coordinators within the accounting system allowed Coordinators to promote a user to Administrator bsc1243666. Patch Instructions: To install this SUSE update use the SUSE recommended installati...
Security update for slurm_23_02
This update for slurm2302 fixes the following issues: CVE-2025-43904: an issue with permission handling for Coordinators within the accounting system allowed Coordinators to promote a user to Administrator bsc1243666. Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for slurm_24_11
This update for slurm2411 fixes the following issues: Update to version 24.11.5. Security issues fixed: CVE-2025-43904: an issue with permission handling for Coordinators within the accounting system allowed Coordinators to promote a user to Administrator bsc1243666. Other changes and issues fixe...
Security update for slurm_22_05
This update for slurm2205 fixes the following issues: CVE-2025-43904: an issue with permission handling for Coordinators within the accounting system allowed Coordinators to promote a user to Administrator bsc1243666. Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for slurm_22_05
This update for slurm2205 fixes the following issues: CVE-2025-43904: an issue with permission handling for Coordinators within the accounting system allowed Coordinators to promote a user to Administrator bsc1243666. Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for augeas
This update for augeas fixes the following issues: CVE-2025-2588: Check for NULL pointers when calling recaseexpand in function faexpandnocase. bsc1239909 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for tomcat
This update for tomcat fixes the following issues: Update to Tomcat 9.0.104 CVE-2025-31650: invalid priority field values should be ignored bsc1242008 CVE-2025-31651: Better handling of URLs with literal ';' and '?' bsc1242009 Full changelog: https://tomcat.apache.org/tomcat-9.0-doc/changelog.htm...
Security update for brltty
This update for brltty fixes the following issues: Avoid having brlapi.key temporarily world-readable during creation bsc1235438. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for libsoup
This update for libsoup fixes the following issues: CVE-2025-2784: Fixed heap buffer over-read in skipinsignificantspace when sniffing conten bsc1240750 CVE-2025-32050: Fixed integer overflow in appendparamquoted bsc1240752 CVE-2025-32051: Fixed segmentation fault when parsing malformed data URI...
Security update for libsoup2
This update for libsoup2 fixes the following issues: CVE-2025-2784: Fixed heap buffer over-read in skipinsignificantspace when sniffing conten bsc1240750 CVE-2025-32050: Fixed integer overflow in appendparamquoted bsc1240752 CVE-2025-32052: Fixed heap buffer overflow in sniffunknown bsc1240756...
Security update for python-cryptography
This update for python-cryptography fixes the following issues: CVE-2025-3416: openssl: use-after-free in Md::fetch and Cipher::fetch when Some... value passed as properties argument to either function bsc1242631. Patch Instructions: To install this SUSE update use the SUSE recommended installati...
Security update for postgresql17
This update for postgresql17 fixes the following issues: Upgrade to 17.5: CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation bsc1242931 Changelog: https://www.postgresql.org/docs/release/17.5/ Patch Instructions: To...
Security update for slurm_20_11
This update for slurm2011 fixes the following issues: CVE-2025-43904: an issue with permission handling for Coordinators within the accounting system allowed Coordinators to promote a user to Administrator bsc1243666. Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for slurm_23_02
This update for slurm2302 fixes the following issues: CVE-2025-43904: an issue with permission handling for Coordinators within the accounting system allowed Coordinators to promote a user to Administrator bsc1243666. Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for slurm
This update for slurm fixes the following issues: Update to version 24.11.5. Security issues fixed: CVE-2025-43904: an issue with permission handling for Coordinators within the accounting system allowed Coordinators to promote a user to Administrator bsc1243666. Other changes and issues fixed:...
Security update for postgresql13
This update for postgresql13 fixes the following issues: Upgrade to 13.21: CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation bsc1242931 Changelog: https://www.postgresql.org/docs/release/13.21/ Patch Instructions: T...
Security update for postgresql15
This update for postgresql15 fixes the following issues: Upgrade to 15.13: CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation bsc1242931 Changelog: https://www.postgresql.org/docs/release/15.13/ Patch Instructions: T...
Security update for postgresql15
This update for postgresql15 fixes the following issues: Upgrade to 15.13: CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation bsc1242931 Changelog: https://www.postgresql.org/docs/release/15.13/ Patch Instructions: T...
Security update for grub2
This update for grub2 fixes the following issues: Security fixes: CVE-2025-4382: exposure of data from encrypted device through CLI once the root device is successfully unlocked via TPM bsc1242971. Other bug fixes: Fix incorrect nvme disks and boot order in bootlist output bsc1237174. Special...
Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: Update to version 2.48.2. Security issues fixed: CVE-2025-31205: lack of checks may lead to cross-origin data exfiltration through a malicious website bsc1243282. CVE-2025-31204: improper memory handling when processing certain web content m...
Security update for dnsdist
This update for dnsdist fixes the following issues: CVE-2025-30193: stack exhaustion when processing too many queries on incoming TCP connections leads to a denial-of-service bsc1243378. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for python313-setuptools
This update for python313-setuptools fixes the following issues: CVE-2025-47273: path traversal in PackageIndex.download may lead to an arbitrary file write bsc1243313. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for dnsdist
This update for dnsdist fixes the following issues: Update to version 1.9.10. CVE-2025-30194: illegal memory access double-free when processing specially crafted DoH exchanges leads to a denial-of-service bsc1242028. CVE-2025-30193: stack exhaustion when processing too many queries on incoming TC...
Security update for ucode-intel
This update for ucode-intel fixes the following issues: Intel CPU Microcode was updated to the 20250512 release bsc1243123 CVE-2024-28956: Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel Processors may allow an authenticated user...
Security update for apparmor
This update for apparmor fixes the following issues: Add dacreadsearch capability for unixchkpwd to allow it to read the shadow file even if it has 000 permissions. This is needed after the CVE-2024-10041 fix in PAM. bsc1241678 Patch Instructions: To install this SUSE update use the SUSE...
Security update for jetty-minimal
This update for jetty-minimal fixes the following issues: Upgrade to version 9.4.57.v20241219 CVE-2024-6763: the HttpURI class does insufficient validation on the authority segment of a URI bsc1231652 CVE-2024-13009: Gzip Request Body Buffer bsc1243271 Patch Instructions: To install this SUSE...
Security update for gstreamer-plugins-bad
This update for gstreamer-plugins-bad fixes the following issues: CVE-2025-3887: Fixed possible RCE vulnerability via buffer overflow in H265 Codec Parsing bsc1242809. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issues: Update to Mozilla Thunderbird 128.10.1. Security fixes: MFSA 2025-34 bsc1243216 CVE-2025-3875: Sender Spoofing via Malformed From Header in Thunderbird. CVE-2025-3877: Unsolicited File Download, Disk Space Exhaustion, and Credential...
Security update for ImageMagick
This update for ImageMagick fixes the following issues: CVE-2025-43965: Fixed mishandling of image depth after SetQuantumFormat is used in MIFF image processing. bsc1241659 CVE-2025-46393: Fixed mishandling of packetsize leads to rendering of channels in arbitrary order in multispectral MIFF imag...
Security update for go1.24
This update for go1.24 fixes the following issues: Update to go1.24.3 bsc1236217: Security fixes: CVE-2025-22873: Fixed os.Root permits access to parent directory bsc1242715 Changelog: go73556 go73555 security: fix CVE-2025-22873 os: Root permits access to parent directory go73082 os: Root.Open...
Security update for libsoup
This update for libsoup fixes the following issues: CVE-2025-2784: Fixed Heap buffer over-read in skipinsignificantspace when sniffing content bsc1240750 CVE-2025-32050: Fixed Integer overflow in appendparamquoted bsc1240752 CVE-2025-32051: Fixed Segmentation fault when parsing malformed data URI...
Security update for tomcat10
This update for tomcat10 fixes the following issues: Update to Tomcat 10.1.40 CVE-2025-31650: invalid priority field values should be ignored bsc1242008 CVE-2025-31651: Better handling of URLs with literal ';' and '?' bsc1242009 Full changelog:...
Security update for wxWidgets-3_2
This update for wxWidgets-32 fixes the following issues: CVE-2024-58249: Fixed crash when connection is refused in wxWebRequestCURL bsc1239902 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you...
Security update for python-tornado
This update for python-tornado fixes the following issues: CVE-2025-47287: excessive logging when parsing malformed multipart/form-data can lead to a denial-of-service bsc1243268. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate ...
Security update for go1.23-openssl
This update for go1.23-openssl fixes the following issues: Update to version 1.23.9 bsc1229122: Security fixes: CVE-2024-45336: net/http: sensitive headers incorrectly sent after cross-domain redirect bsc1236046 CVE-2024-45341: crypto/x509: usage of IPv6 zone IDs can bypass URI name constraints...
Security update for gstreamer-plugins-bad
This update for gstreamer-plugins-bad fixes the following issues: CVE-2025-3887: Fixed possible RCE vulnerability via buffer overflow in H265 Codec Parsing bsc1242809. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for python-tornado
This update for python-tornado fixes the following issues: CVE-2025-47287: excessive logging when parsing malformed multipart/form-data can lead to a denial-of-service bsc1243268. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate ...