5411 matches found
Security update for gpg2
This update for gpg2 fixes the following issues: CVE-2025-30258: Fixed a verification DoS due to a malicious subkey in the keyring. bsc1239119 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you...
Security update for distribution
This update for distribution fixes the following issues: The package is rebuild with more recent go go1.24, fixing respective security issues bsc1244471 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for icu
This update for icu fixes the following issues: CVE-2025-5222: Stack buffer overflow in the SRBRoot:addTag function bsc1243721. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for gstreamer-plugins-good
This update for gstreamer-plugins-good fixes the following issues: CVE-2025-47183: Fixed out-of-bounds read in MOV/MP4 demuxer bsc1244406. CVE-2025-47219: Fixed out-of-bounds read in MOV/MP4 demuxer bsc1244405. CVE-2024-47540: Fixed uninitialized stack memory in Matroska/WebM demuxer bsc1234421...
Security update for python311
This update for python311 fixes the following issues: python311 was updated from version 3.11.10 to 3.11.13: Security issues fixed: CVE-2025-4516: Fixed blocking DecodeError handling vulnerability, which could lead to DoS bsc1243273. CVE-2024-12718, CVE-2025-4138, CVE-2025-4330, CVE-2025-4517:...
Security update for apache-commons-beanutils
This update for apache-commons-beanutils fixes the following issues: Update to 1.11.0: Fixed Bugs: BeanComparator.compareT, T now throws IllegalArgumentException instead of RuntimeException to wrap all cases of ReflectiveOperationException. MappedMethodReference.get now throws IllegalStateExcepti...
Security update for gstreamer-plugins-good
This update for gstreamer-plugins-good fixes the following issues: CVE-2024-47537: Fixed OOB-write in isomp4/qtdemux.c bsc1234414 CVE-2024-47539: Fixed OOB-write in converttos3341a bsc1234417 CVE-2024-47540: Fixed uninitialized stack memory in Matroska/WebM demuxer bsc1234421 CVE-2024-47543: Fixe...
Security update for iputils
This update for iputils fixes the following issues: CVE-2025-48964: Fixed integer overflow in ping statistics via zero timestamp bsc1243772 Fix ping on s390x printing invalid ttl bsc1243284 CVE-2025-47268: Fixed integer overflow in RTT calculation can lead to undefined behavior bsc1242300 Patch...
Security update for afterburn
This update for afterburn fixes the following issues: Update to version 5.8.2: cargo: Afterburn release 5.8.2 docs/release-notes: update for release 5.8.2 cargo: update dependencies cargo: Afterburn release 5.8.1 cargo: Afterburn release 5.8.0 docs/release-notes: update for release 5.8.0 cargo:...
Security update for gstreamer-plugins-good
This update for gstreamer-plugins-good fixes the following issues: CVE-2025-47183: Fixed out-of-bounds read in MOV/MP4 demuxer bsc1244406. CVE-2025-47219: Fixed out-of-bounds read in MOV/MP4 demuxer bsc1244405. CVE-2024-47540: Fixed uninitialized stack memory in Matroska/WebM demuxer bsc1234421...
Security update for apache2-mod_security2
This update for apache2-modsecurity2 fixes the following issues: CVE-2025-47947: Fixed denial of service through sanitiseMatchedBytes bsc1243978. CVE-2025-48866: Fixed denial of service via excessive number of arguments in sanitiseArg bsc1243976. Patch Instructions: To install this SUSE update us...
Security update for perl
This update for perl fixes the following issues: CVE-2025-40909: do not change the current directory when cloning an open directory handle bsc1244079 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternative...
Security update for python39
This update for python39 fixes the following issues: python39 was updated from version 3.9.21 to version 3.9.23: Security issues fixed: CVE-2025-4516: Fixed blocking DecodeError handling vulnerability, which could lead to DoS bsc1243273 CVE-2024-12718, CVE-2025-4138, CVE-2025-4330, CVE-2025-4517:...
Security update for python311
This update for python311 fixes the following issues: python311 was updated from version 3.11.10 to 3.11.13: Security issues fixed: CVE-2025-4516: Fixed blocking DecodeError handling vulnerability, which could lead to DoS bsc1243273. CVE-2024-12718, CVE-2025-4138, CVE-2025-4330, CVE-2025-4517:...
Security update for python312
This update for python312 fixes the following issues: python312 was updated from version 3.12.9 to 3.12.11: Security issues fixed: CVE-2025-4516: Fixed blocking DecodeError handling vulnerability, which could lead to DoS bsc1243273 CVE-2024-12718, CVE-2025-4138, CVE-2025-4330, CVE-2025-4517: Fixe...
Security update for python310
This update for python310 fixes the following issues: python310 was updated from version 3.10.16 to 3.10.18: Security issues fixed: CVE-2025-4516: Fixed blocking DecodeError handling vulnerability, which could lead to DoS bsc1243273 CVE-2024-12718, CVE-2025-4138, CVE-2025-4330, CVE-2025-4517: Fix...
Security update for ignition
This update for ignition fixes the following issues: CVE-2025-22868: golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2 bsc1239192. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate ...
Security update for nodejs20
This update for nodejs20 fixes the following issues: Update to 20.19.2: CVE-2025-23166: improper error handling in async cryptographic operations crashes process bsc1243218. CVE-2025-23167: improper HTTP header block termination in llhttp bsc1243220. CVE-2025-23165: add missing call to...
Security update for libblockdev
This update for libblockdev fixes the following issues: CVE-2025-6019: Suppress privilege escalation during xfs fs resize bsc1243285. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run t...
Security update for libblockdev
This update for libblockdev fixes the following issues: CVE-2025-6019: Suppress privilege escalation during xfs fs resize bsc1243285. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run t...
Security update for openssl-3
This update for openssl-3 fixes the following issues: CVE-2025-27587: timing side-channel vulnerability in the P-384 implementation when used with ECDSA bsc1243459. CVE-2024-12797: Fixed that RFC7250 handshakes with unauthenticated servers don't abort as expected. bsc1236599 CVE-2024-13176: Fixed...
Security update for ignition
This update for ignition fixes the following issues: CVE-2025-22868: golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2 bsc1239192. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate ...
Security update for ignition
This update for ignition fixes the following issues: CVE-2025-22868: golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2 bsc1239192. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate ...
Security update for nodejs20
This update for nodejs20 fixes the following issues: Update to 20.19.2: CVE-2025-23166: improper error handling in async cryptographic operations crashes process bsc1243218. CVE-2025-23167: improper HTTP header block termination in llhttp bsc1243220. CVE-2025-23165: add missing call to...
Security update for python3
This update for python3 fixes the following issues: CVE-2025-4516: CPython DecodeError Handling Vulnerability bsc1243273 Other fixes: - Add python36- provides/obsoletes to enable SLE-12 - SLE-15 migration bsc1233012 - Update vendored ipaddress module to 3.8 equivalent - Limit buffer size for...
Security update for ghc-pandoc
This update for ghc-pandoc fixes the following issues: CVE-2024-38526: Fixed Polyfill Supply Chain Attack bsc1227690. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command liste...
Security update for ignition
This update for ignition fixes the following issues: CVE-2025-22868: golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2 bsc1239192. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate ...
Security update for gstreamer
This update for gstreamer fixes the following issues: CVE-2024-47606: Fixed integer overflows in MP4/MOV demuxer and memory allocator that can lead to out-of-bounds writes bsc1234449 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupda...
Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: Update to version 2.48.2: CVE-2025-24223: Processing maliciously crafted web content may lead to memory corruption bsc1243424. CVE-2025-31204: Processing maliciously crafted web content may lead to memory corruption bsc1243286. CVE-2025-3120...
Security update for pam_pkcs11
This update for pampkcs11 fixes the following issues: CVE-2025-6018: Removes pamenv from auth stack for security reason bsc1243226. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for pam_pkcs11
This update for pampkcs11 fixes the following issues: CVE-2025-6018: Removes pamenv from auth stack for security reason bsc1243226. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for xen
This update for xen fixes the following issues: Security fixes: CVE-2024-28956: Fixed Intel CPU: Indirect Target Selection ITS XSA-469 bsc1243117 Other fixes: Upstream bug fixes bsc1027519 Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: T...
Security update for apache2-mod_security2
This update for apache2-modsecurity2 fixes the following issues: CVE-2025-47947: Fixed denial of service through sanitiseMatchedBytes bsc1243978. CVE-2025-48866: Fixed denial of service via excessive number of arguments in sanitiseArg bsc1243976. Patch Instructions: To install this SUSE update us...
Security update for apache2-mod_security2
This update for apache2-modsecurity2 fixes the following issues: CVE-2025-47947: Fixed denial of service through sanitiseMatchedBytes bsc1243978. CVE-2025-48866: Fixed denial of service via excessive number of arguments in sanitiseArg bsc1243976. Patch Instructions: To install this SUSE update us...
Security update for perl
This update for perl fixes the following issues: CVE-2025-40909: Do not change the current directory when cloning an open directory handle bsc1244079. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for pam_pkcs11
This update for pampkcs11 fixes the following issues: CVE-2025-6018: Removes pamenv from auth stack for security reason bsc1243226. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for pam
This update for pam fixes the following issues: CVE-2025-6020: pamnamespace: convert functions that may operate on a user-controlled path to operate on file descriptors instead of absolute path. And keep the bind-mount protection from protectmount as a defense in depthmeasure. bsc1244509 Patch...
Security update for pam
This update for pam fixes the following issues: CVE-2025-6020: pamnamespace: convert functions that may operate on a user-controlled path to operate on file descriptors instead of absolute path. And keep the bind-mount protection from protectmount as a defense in depthmeasure. bsc1244509 Patch...
Security update for gstreamer-plugins-base
This update for gstreamer-plugins-base fixes the following issues: CVE-2024-47538: Fixed stack-buffer overflow in vorbishandleidentificationpacket bnc1234415 CVE-2024-47600: Fixed out-of-bounds read in gst-discoverer-1.0 commandline tool bnc1234453 CVE-2024-47615: Fixed out-of-bounds write in Ogg...
Security update for systemd
This update for systemd fixes the following issues: CVE-2025-4598: Race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump bsc1243935. CVE-2023-26604: Privilege escalation via the less pager bsc1208958. CVE-2022-4415: systemd-coredump wa...
Security update for s390-tools
This update for s390-tools fixes the following issues: Security issues fixed: CVE-2025-3416: Fixed Use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate. bsc1242622 Other issues: Added the new IBM z17 9175 processor type. Patch Instructions: To install this SUSE update use the SUSE...
Security update for screen
This update for screen fixes the following issues: Security issues fixed: CVE-2025-46802: temporary chmod of a user's TTY to mode 0666 when attempting to attach to a multi-user session allows for TTY hijacking bsc1242269. Other issues fixed: Use TTY file descriptor passing after a suspend MSGCONT...
Security update for gdm
This update for gdm fixes the following issues: CVE-2025-6018: pam.d: removes pamenv from auth stack for security reason bsc1243226. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run th...
Security update for ignition
This update for ignition fixes the following issues: CVE-2025-22870: golang.org/x/net/http/httpproxy: proxy bypass using IPv6 zone IDs bsc1238681. CVE-2025-22868: golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2 bsc1239192. Patch Instructions: To...
Security update for pam
This update for pam fixes the following issues: CVE-2025-6018: pamenv: Change the default to not read the user .pamenvironment file bsc1243226. CVE-2025-6020: pamnamespace: convert functions that may operate on a user-controlled path to operate on file descriptors instead of absolute path...
Security update for xorg-x11-server
This update for xorg-x11-server fixes the following issues: CVE-2025-49175: Out-of-bounds access in X Rendering extension Animated cursors bsc1244082. CVE-2025-49176: Integer overflow in Big Requests Extension bsc1244084. CVE-2025-49178: Unprocessed client request via bytes to ignore bsc1244087...
Security update for redis
This update for redis fixes the following issues: CVE-2025-21605: output buffer denial of service bsc1241708. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for yo...
Security update for govulncheck-vulndb
This update for govulncheck-vulndb fixes the following issues: Update to version 0.0.20250612T141001 2025-06-11T17:46:02Z jscPED-11136 Go CVE Numbering Authority IDs added or updated with aliases: GO-2025-3570 GO-2025-3683 GO-2025-3755 Update to version 0.0.20250611T174602 2025-06-11T17:46:02Z...
Security update for gdm
This update for gdm fixes the following issues: CVE-2025-6018: Removes pamenv from auth stack for security reason bsc1243226. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the comma...
Security update for gdm
This update for gdm fixes the following issues: CVE-2025-6018: Removes pamenv from auth stack for security reason bsc1243226. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the comma...