5115 matches found
Security update for apache2-mod_auth_openidc
This update for apache2-modauthopenidc fixes the following issues: CVE-2025-3891: denial of service via POST requests with an empty Content-Type header and with OIDCPreservePost On bsc1242015. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for brltty
This update for brltty fixes the following issues: Avoid having brlapi.key temporarily world-readable during creation bsc1235438. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for brltty
This update for brltty fixes the following issues: Avoid having brlapi.key temporarily world-readable during creation bsc1235438. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for brltty
This update for brltty fixes the following issues: Avoid having brlapi.key temporarily world-readable during creation bsc1235438. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for openssh
This update for openssh fixes the following issues: Security issues fixed: CVE-2025-32728: Fixed a logic error in DisableForwarding option bsc1241012 Other bugs fixed: Allow KEX hashes greater than 256 bits bsc1241045 Fixed hostname being left out of the audit output bsc1228634 Fixed failures wit...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2025-21726: padata: avoid UAF for reorderwork bsc1238865. CVE-2025-21785: arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array bsc1238747...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2025-21726: padata: avoid UAF for reorderwork bsc1238865. CVE-2025-21785: arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array bsc1238747...
Security update for libraw
This update for libraw fixes the following issues: CVE-2025-43961: Fixed out-of-bounds read in the Fujifilm 0xf00c tag parser in metadata/tiff.cpp bsc1241643 CVE-2025-43962: Fixed out-of-bounds read when tag 0x412 processing in phaseonecorrect function bsc1241585 CVE-2025-43963: Fixed out-of-buff...
Security update for gimp
This update for gimp fixes the following issues: CVE-2025-2761: unvalidated user input in FLI file parsing may lead to an out-of-bounds write bsc1241691. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for cargo-c
This update for cargo-c fixes the following issues: CVE-2025-3416: use-after-free in Md::fetch and Cipher::fetch of rust-openssl crate bsc1242675. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...
Security update for libraw
This update for libraw fixes the following issues: CVE-2025-43961: Fixed out-of-bounds read in the Fujifilm 0xf00c tag parser in metadata/tiff.cpp bsc1241643 CVE-2025-43962: Fixed out-of-bounds read when tag 0x412 processing in phaseonecorrect function bsc1241585 CVE-2025-43963: Fixed out-of-buff...
Security update for libraw
This update for libraw fixes the following issues: CVE-2025-43961: Fixed out-of-bounds read in the Fujifilm 0xf00c tag parser in metadata/tiff.cpp bsc1241643 CVE-2025-43962: Fixed out-of-bounds read when tag 0x412 processing in phaseonecorrect function bsc1241585 CVE-2025-43963: Fixed out-of-buff...
Security update for microcode_ctl
This update for microcodectl fixes the following issues: Intel CPU Microcode was updated to the 20250512 release bsc1243123 CVE-2024-28956: Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel Processors may allow an authenticated use...
Security update for sqlite3
This update for sqlite3 fixes the following issues: Update to release 3.49.1: Improve portability of makefiles and configure scripts. CVE-2025-29087, bsc1241020: Fix a bug in the concatws function, introduced in version 3.44.0, that could lead to a memory error if the separator string is very lar...
Security update for valkey
This update for valkey fixes the following issues: CVE-2025-21605: Fixed output buffer denial of service bsc1241708 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed...
Security update for open-vm-tools
This update for open-vm-tools fixes the following issues: Update to 12.5.2: Security fixes: CVE-2025-22247: Fixed Insecure file handling bsc1243106 Other fixes: Fixed GCC 15 compile time error bsc1241938 Fix building with containerd 1.7.25+ bsc1237147 Full changelog:...
Security update for elemental-operator
This update for elemental-operator fixes the following issues: Updated to v1.7.2: Updated header year CVE-2025-22870: golang.org/x/net/proxy: Fixed proxy bypass using IPv6 zone IDs bsc1238700 CVE-2025-22869: golang.org/x/crypto/ssh: Fixed Denial of Service in the Key Exchange of...
Security update for nvidia-open-driver-G06-signed
This update for nvidia-open-driver-G06-signed fixes the following issues: Update CUDA variant to 570.133.20 Update non-CUDA variant to 570.144 bsc1241231 Update non-CUDA variant to 570.133.07 bsc1239653 removed obsolete kernel-firmware-nvidia-gspx-G06-cuda; firmware has moved to nvidia-common-G06...
Security update for nvidia-open-driver-G06-signed
This update for nvidia-open-driver-G06-signed fixes the following issues: Update CUDA variant to 570.133.20 Update non-CUDA variant to 570.144 bsc1241231 Update non-CUDA variant to 570.133.07 bsc1239653 removed obsolete kernel-firmware-nvidia-gspx-G06-cuda; firmware has moved to nvidia-common-G06...
Security update for rustup
This update for rustup fixes the following issues: CVE-2025-3416: Fixed use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate bsc1242617 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for audiofile
This update for audiofile fixes the following issues: CVE-2019-13147: Fixed NULL pointer dereference in ulaw2linearbuf that could lead to DOS bsc1140031. CVE-2022-24599: unverified user input when processing audio files can lead to information leak bsc1196487. Patch Instructions: To install this...
Security update for wget
This update for wget fixes the following issues: CVE-2024-10524: Drop support for shorthand URLs bsc1233773. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for you...
Security update for openssl-1_1
This update for openssl-11 fixes the following issues: CVE-2024-13176: Fixed timing side-channel in the ECDSA signature computation bsc1236136. Other bugfixes: Non approved PBKDF parameters wrongly resulting as approved bsc1236771. Patch Instructions: To install this SUSE update use the SUSE...
Security update for go1.22-openssl
This update for go1.22-openssl fixes the following issues: Update to version 1.22.12 bsc1218424: Security fixes: CVE-2024-45336: net/http: sensitive headers incorrectly sent after cross-domain redirect bsc1236046 CVE-2024-45341: crypto/x509: usage of IPv6 zone IDs can bypass URI name constraints...
Security update for go1.24
This update for go1.24 fixes the following issues: Update to go1.24.3 bsc1236217: Security fixes: CVE-2025-22873: Fixed os.Root permits access to parent directory bsc1242715 Changelog: go73556 go73555 security: fix CVE-2025-22873 os: Root permits access to parent directory go73082 os: Root.Open...
Security update for openssl-3
This update for openssl-3 fixes the following issues: Security: CVE-2025-27587: Timing side channel vulnerability in the P-384 implementation when used with ECDSA in the PPC architecture bsc1240366. Missing null pointer check before accessing handshakefunc in ssllib.c bsc1240607. FIPS: Disabling...
Security update for apparmor
This update for apparmor fixes the following issues: Add dacreadsearch capability for unixchkpwd to allow it to read the shadow file even if it has 000 permissions. This is needed after the CVE-2024-10041 fix in PAM. bsc1241678 Patch Instructions: To install this SUSE update use the SUSE...
Security update for rabbitmq-server313
This update for rabbitmq-server313 fixes the following issues: CVE-2025-30219: incorrectly escaped virtual hostname present in error message could lead to XSS attack. bsc1240071 Non-security fixes: Require rabbitmq-server313-plugins rather then rabbitmq-server-plugins. bsc1231656, bsc1234763 Patc...
Security update for expat
This update for expat fixes the following issues: Version update to 2.7.1: Bug fixes: 980 989 Restore event pointer behavior from Expat 2.6.4 that the fix to CVE-2024-8176 changed in 2.7.0; affected API functions are: - XMLGetCurrentByteCount - XMLGetCurrentByteIndex - XMLGetCurrentColumnNumber -...
Security update for freetype2
This update for freetype2 fixes the following issues: Update to 2.13.2: Some fields in the FTOutline structure have been changed from signed to unsigned type, which better reflects the actual usage. It is also an additional means to protect against malformed input. Rare double-free crashes in the...
Security update for gimp
This update for gimp fixes the following issues: CVE-2025-2761: unvalidated user input in FLI file parsing may lead to an out-of-bounds write bsc1241691. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for transfig
This update for transfig fixes the following issues: CVE-2025-31164: Fixed heap-buffer overflow in fig2dev createlinewithspline function bsc1240379 CVE-2025-31162: Fixed floating point exception in fig2dev getslope function bsc1240380 CVE-2025-31163: Fixed segmentation fault in fig2dev...
Security update for tomcat10
This update for tomcat10 fixes the following issues: Update to Tomcat 10.1.40 CVE-2025-31650: invalid priority field values should be ignored bsc1242008 CVE-2025-31651: Better handling of URLs with literal ';' and '?' bsc1242009 Full changelog:...
Security update for augeas
This update for augeas fixes the following issues: CVE-2025-2588: Check for NULL pointers when calling recaseexpand in function faexpandnocase. bsc1239909 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for avahi
This update for avahi fixes the following issues: CVE-2024-52616: Fixed predictable transaction IDs for Wide-Area DNS bsc1233420 Drop rcFOO symlinks jscPED-266. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for glib2
This update for glib2 fixes the following issues: CVE-2025-3360: Fixed integer overflow and buffer underread when parsing a very long and invalid ISO 8601 timestamp with gdatetimenewfromiso8601 bsc1240897. Patch Instructions: To install this SUSE update use the SUSE recommended installation metho...
Security update for ca-certificates-mozilla
This update for ca-certificates-mozilla fixes the following issues: Update to 2.74 state of Mozilla SSL root CAs: Removed: SwissSign Silver CA - G2 Added: D-TRUST BR Root CA 2 2023 D-TRUST EV Root CA 2 2023 Updated to 2.72 state of Mozilla SSL root CAs bsc1234798: Removed: SecureSign RootCA11...
Security update for freetype2
This update for freetype2 fixes the following issues: CVE-2025-23022: signed integer overflow in cf2doFlex in cff/cf2intrp.c. bsc1235670 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can ru...
Security update for java-1_8_0-openjdk
This update for java-180-openjdk fixes the following issues: Update to version jdk8u452 icedtea-3.35.0 Security issues fixed: CVE-2025-21587: unauthorized creation, deletion or modification of critical data through the JSSE component. bsc1241274 CVE-2025-30691: unauthorized update, insert or dele...
Security update for java-1_8_0-openjdk
This update for java-180-openjdk fixes the following issues: Update to version jdk8u452 icedtea-3.35.0 Security issues fixed: CVE-2025-21587: unauthorized creation, deletion or modification of critical data through the JSSE component. bsc1241274 CVE-2025-30691: unauthorized update, insert or dele...
Security update for python-Django
This update for python-Django fixes the following issues: CVE-2025-32873: Fixed denial-of-service possibility in striptags bsc1242210 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run t...
Security update for wireshark
This update for wireshark fixes the following issues: CVE-2024-4853: Fixed denial of service in editcap caused by crafted capture file bsc1224259 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively y...
Security update for tomcat
This update for tomcat fixes the following issues: Update to Tomcat 9.0.104 CVE-2025-31650: invalid priority field values should be ignored bsc1242008 CVE-2025-31651: Better handling of URLs with literal ';' and '?' bsc1242009 Full changelog: https://tomcat.apache.org/tomcat-9.0-doc/changelog.htm...
Security update for govulncheck-vulndb
This update for govulncheck-vulndb fixes the following issues: Update to version 0.0.20250506T153719 2025-05-06T15:37:19Z jscPED-11136 GO-2025-3656 GO-2025-3661 GO-2025-3662 GO-2025-3663 GO-2025-3665 Update to version 0.0.20250505T161433 2025-05-05T16:14:33Z jscPED-11136 GO-2025-3645 GO-2025-3646...
Security update for libsoup
This update for libsoup fixes the following issues: CVE-2025-2784: Fixed heap buffer over-read in skipinsignificantspace when sniffing content bsc1240750 CVE-2025-32050: Fixed Integer overflow in appendparamquoted bsc1240752 CVE-2025-32052: Fixed heap buffer overflow in sniffunknown bsc1240756...
Security update for libsoup
This update for libsoup fixes the following issues: CVE-2024-52530: Fixed HTTP request smuggling via stripping null bytes from the ends of header names bsc1233285 CVE-2024-52531: Fixed buffer overflow via UTF-8 conversion in soupheaderparseparamliststrict bsc1233292 CVE-2024-52532: Fixed infinite...
Security update for apparmor
This update for apparmor fixes the following issues: Add dacreadsearch capability for unixchkpwd to allow it to read the shadow file even if it has 000 permissions. This is needed after the CVE-2024-10041 fix in PAM. bsc1241678 Patch Instructions: To install this SUSE update use the SUSE...
Security update for openssl-1_1
This update for openssl-11 fixes the following issues: CVE-2024-13176: Fixed timing side-channel in the ECDSA signature computation bsc1236136. Other bugfixes: Non approved PBKDF parameters wrongly resulting as approved bsc1236771. Patch Instructions: To install this SUSE update use the SUSE...
Security update for openssl-3
This update for openssl-3 fixes the following issues: CVE-2024-6119: Fixed denial of service in X.509 name checks bsc1229465 Other fixes: FIPS: Deny SHA-1 signature verification in FIPS provider bsc1221365. FIPS: RSA keygen PCT requirements. FIPS: Check that the fips provider is available before...
Security update for util-linux
This update for util-linux fixes the following issues: Updated to version 2.40.4: agetty: Prevent cursor escape bsc1194818 chcpu8: Document CPU deconfiguring behavior fdisk: SGI fixes hardlink: fix memory corruption hardlink.1 directory|file is mandatory lib/env: fix envlistsetenv for strings...