5115 matches found
Security update for krb5
This update for krb5 fixes the following issues: CVE-2025-24528: Prevent overflow when calculating ulog block size. An authenticated attacker can cause kadmind to write beyond the end of the mapped region for the iprop log file, likely causing a process crash; bsc1236619. Patch Instructions: To...
Security update for apparmor
This update for apparmor fixes the following issues: Add dacreadsearch capability for unixchkpwd to allow it to read the shadow file even if it has 000 permissions. This is needed after the CVE-2024-10041 fix in PAM. bsc1241678 Patch Instructions: To install this SUSE update use the SUSE...
Security update for apparmor
This update for apparmor fixes the following issues: Add dacreadsearch capability for unixchkpwd to allow it to read the shadow file even if it has 000 permissions. This is needed after the CVE-2024-10041 fix in PAM. bsc1241678 Patch Instructions: To install this SUSE update use the SUSE...
Security update for libsoup
This update for libsoup fixes the following issues: CVE-2025-2784: Fixed heap buffer over-read in skipinsignificantspace when sniffing conten bsc1240750 CVE-2025-32050: Fixed integer overflow in appendparamquoted bsc1240752 CVE-2025-32051: Fixed segmentation fault when parsing malformed data URI...
Security update for libsoup2
This update for libsoup2 fixes the following issues: CVE-2025-2784: Fixed heap buffer over-read in skipinsignificantspace when sniffing conten bsc1240750 CVE-2025-32050: Fixed integer overflow in appendparamquoted bsc1240752 CVE-2025-32052: Fixed heap buffer overflow in sniffunknown bsc1240756...
Security update for openvpn
This update for openvpn fixes the following issues: CVE-2025-2704: Fixed remote DoS due to possible ASSERT on OpenVPN servers using --tls-crypt-v2 bsc1240392 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issues: Mozilla Thunderbird ESR 128.10 update bsc1241621: CVE-2025-4082: WebGL shader attribute memory corruption in Thunderbird for macOS. CVE-2025-4087: Unsafe attribute access during XPath parsing. CVE-2025-4093: Memory safety bug fixed in...
Security update for apparmor
This update for apparmor fixes the following issues: Add dacreadsearch capability for unixchkpwd to allow it to read the shadow file even if it has 000 permissions. This is needed after the CVE-2024-10041 fix in PAM. bsc1241678 Patch Instructions: To install this SUSE update use the SUSE...
Security update for libsoup
This update for libsoup fixes the following issues: CVE-2025-2784: Fixed heap buffer over-read in skipinsignificantspace when sniffing conten bsc1240750 CVE-2025-32050: Fixed integer overflow in appendparamquoted bsc1240752 CVE-2025-32051: Fixed segmentation fault when parsing malformed data URI...
Security update for libsoup2
This update for libsoup2 fixes the following issues: CVE-2025-2784: Fixed heap buffer over-read in skipinsignificantspace when sniffing conten bsc1240750 CVE-2025-32050: Fixed integer overflow in appendparamquoted bsc1240752 CVE-2025-32052: Fixed heap buffer overflow in sniffunknown bsc1240756...
Security update for opensaml
This update for opensaml fixes the following issues: CVE-2025-31335: Fixed parameter manipulation allowing forging signed SAML messages bsc1239889 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...
Security update for opensaml
This update for opensaml fixes the following issues: CVE-2025-31335: Fixed a bug where parameter manipulation allows the forging of signed SAML messages. bsc1239889 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for libxslt
This update for libxslt fixes the following issues: CVE-2025-24855: Fixed use-after-free of XPath context node bsc1239625 CVE-2024-55549: Fixed use-after-free related to excluded namespaces bsc1239637 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods li...
Security update for the Linux Kernel (Live Patch 21 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005588 fixes one issue. The following security issue was fixed: CVE-2024-56650: netfilter: xtables: fix LED ID check in ledtgcheck bsc1235431. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for rubygem-rack-1_6
This update for rubygem-rack-16 fixes the following issues: CVE-2025-27111: Fixed Escape Sequence Injection vulnerability bsc1238607 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run th...
Security update for the Linux Kernel (Live Patch 49 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059179 fixes several issues. The following security issues were fixed: CVE-2024-50205: ALSA: firewire-lib: Avoid division by zero in applyconstrainttosize bsc1233294. CVE-2024-56650: netfilter: xtables: fix LED ID check in ledtgcheck bsc1235431. Patch...
Security update for java-17-openjdk
This update for java-17-openjdk fixes the following issues: Update to upstream tag jdk-17.0.15+6 April 2025 CPU CVEs: CVE-2025-21587: Fixed JSSE unauthorized access, deletion or modification of critical data bsc1241274 CVE-2025-30691: Fixed Oracle Java SE Compiler Unauthorized Data Access...
Security update for ImageMagick
This update for ImageMagick fixes the following issues: CVE-2025-43965: mishandling of image depth after SetQuantumFormat is used in MIFF image processing. bsc1241659 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for ImageMagick
This update for ImageMagick fixes the following issues: CVE-2025-43965: mishandling of image depth after SetQuantumFormat is used in MIFF image processing. bsc1241659 CVE-2025-46393: mishandling of packetsize leads to rendering of channels in arbitrary order in multispectral MIFF image processing...
Security update for gdk-pixbuf
This update for gdk-pixbuf fixes the following issues: Update to version 2.42.12: Fix a build failure, Fix occasional build failures, ani: Reject files with multiple INA or IART chunks, ani: Reject files with multiple anih chunks CVE-2022-48622 bsc1219276, ani: validate chunk size, Updated...
Security update for libX11
This update for libX11 fixes the following issues: CVE-2025-26597: Fixed Buffer overflow in XkbChangeTypesOfKey bsc1237431. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command...
Security update for java-11-openjdk
This update for java-11-openjdk fixes the following issues: Upgrade to upstream tag jdk-11.0.27+6 April 2025 CPU CVEs: CVE-2025-21587: Fixed JSSE unauthorized access, deletion or modification of critical data bsc1241274 CVE-2025-30691: Fixed Oracle Java SE Compiler Unauthorized Data Access...
Security update for the Linux Kernel (Live Patch 20 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005583 fixes several issues. The following security issues were fixed: CVE-2024-8805: Bluetooth: hcievent: Align BR/EDR JUSTWORKS paring with LE bsc1240840. CVE-2024-50205: ALSA: firewire-lib: Avoid division by zero in applyconstrainttosize bsc1233294...
Security update for libva
This update for libva fixes the following issues: Update to libva version 2.20.0, which includes security fix for: uncontrolled search path may allow an authenticated user to escalate privilege via local access CVE-2023-39929, bsc1224413, jscPED-11066 This includes latest version of one of the...
Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506002325 fixes several issues. The following security issues were fixed: CVE-2024-53237: Bluetooth: fix use-after-free in deviceforeachchild bsc1235008. CVE-2024-53082: virtionet: Add hashkeylength check bsc1233677. CVE-2024-8805: Bluetooth: hcievent: Alig...
Security update for rabbitmq-server
This update for rabbitmq-server fixes the following issues: CVE-2025-30219: Fixed XSS in an error message in Management UI bsc1240071 Other fixes: - Disable parallel make, this causes build failures Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like...
Security update for apache2-mod_auth_openidc
This update for apache2-modauthopenidc fixes the following issues: CVE-2025-31492: Fixed a bug where OIDCProviderAuthRequestMethod POSTs can leak protected data. bsc1240893 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for ImageMagick
This update for ImageMagick fixes the following issues: CVE-2025-43965: Fixed mishandling of image depth after SetQuantumFormat is used in MIFF image processing. bsc1241659 CVE-2025-46393: Fixed mishandling of packetsize leads to rendering of channels in arbitrary order in multispectral MIFF imag...
Security update for glib2
This update for glib2 fixes the following issues: CVE-2025-3360: Fixed integer overflow and buffer underread when parsing a very long and invalid ISO 8601 timestamp with gdatetimenewfromiso8601 bsc1240897 Patch Instructions: To install this SUSE update use the SUSE recommended installation method...
Security update for sqlite3
This update for sqlite3 fixes the following issues: CVE-2025-29087: Fixed integer overflow in sqlite concat function bsc1241020 CVE-2025-29088: Fixed integer overflow through the SQLITEDBCONFIGLOOKASIDE component bsc1241078 Other fixes: Updated to version 3.49.1 from Factory jscSLE-16032 Patch...
Security update for sqlite3
This update for sqlite3 fixes the following issues: CVE-2025-29087: Fixed integer overflow in sqlite concat function bsc1241020 CVE-2025-29088: Fixed integer overflow through the SQLITEDBCONFIGLOOKASIDE component bsc1241078 Other fixes: Updated to version 3.49.1 from Factory jscSLE-16032 Patch...
Security update for libva
This update for libva fixes the following issues: Update to libva version 2.20.0, which includes security fix for: CVE-2023-39929: uncontrolled search path may allow an authenticated user to escalate privilege via local access bsc1224413, jscPED-11066 This includes latest version of one of the...
Security update for libva
This update for libva fixes the following issues: Update to libva version 2.20.0, which includes security fix for: CVE-2023-39929: Uncontrolled search path may allow an authenticated user to escalate privilege via local access bsc1224413, jscPED-11066 This includes latest version of one of the...
Security update for libva
This update for libva fixes the following issues: Update to libva version 2.20.0, which includes security fix for: uncontrolled search path may allow an authenticated user to escalate privilege via local access CVE-2023-39929, bsc1224413, jscPED-11066 This includes latest version of one of the...
Security update for ffmpeg
This update for ffmpeg fixes the following issues: CVE-2025-22921: Clear array length when freeing it. bsc1237382 CVE-2025-0518: Fix memory data leak when use sscanf. bsc1236007 CVE-2025-22919: Check for valid sample rate, to fix the invalid sample rate = 0. bsc1237371 CVE-2024-12361: Add check f...
Security update for the Linux Kernel (Live Patch 34 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024144 fixes several issues. The following security issues were fixed: CVE-2024-8805: Bluetooth: hcievent: Align BR/EDR JUSTWORKS paring with LE bsc1240840. CVE-2024-56650: netfilter: xtables: fix LED ID check in ledtgcheck bsc1235431. Patch...
Security update for the Linux Kernel (Live Patch 45 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059164 fixes several issues. The following security issues were fixed: CVE-2024-8805: Bluetooth: hcievent: Align BR/EDR JUSTWORKS paring with LE bsc1240840. CVE-2023-52885: SUNRPC: Fix UAF in svctcplistendataready bsc1227753. CVE-2024-50205: ALSA:...
Security update for the Linux Kernel (Live Patch 33 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024141 fixes several issues. The following security issues were fixed: CVE-2024-8805: Bluetooth: hcievent: Align BR/EDR JUSTWORKS paring with LE bsc1240840. CVE-2024-50205: ALSA: firewire-lib: Avoid division by zero in applyconstrainttosize bsc1233294...
Security update for the Linux Kernel (Live Patch 35 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024147 fixes one issue. The following security issue was fixed: CVE-2024-56650: netfilter: xtables: fix LED ID check in ledtgcheck bsc1235431. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for libxml2
This update for libxml2 fixes the following issues: CVE-2025-32414: Fixed an out-of-bounds read when parsing text via the Python API. bsc1241551 CVE-2025-32415: Fixed a crafted XML document may lead to a heap-based buffer under-read. bsc1241453 Patch Instructions: To install this SUSE update use...
Security update for libxml2
This update for libxml2 fixes the following issues: CVE-2025-32414: Fixed an out-of-bounds read when parsing text via the Python API. bsc1241551 CVE-2025-32415: Fixed a crafted XML document may lead to a heap-based buffer under-read. bsc1241453 Patch Instructions: To install this SUSE update use...
Security update for libxml2
This update for libxml2 fixes the following issues: CVE-2025-32414: Fixed an out-of-bounds read when parsing text via the Python API. bsc1241551 CVE-2025-32415: Fixed a crafted XML document may lead to a heap-based buffer under-read. bsc1241453 Patch Instructions: To install this SUSE update use...
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 128.10.0 ESR MFSA 2025-29 bsc1241621: CVE-2025-2817: Potential privilege escalation in Firefox Updater CVE-2025-4082: WebGL shader attribute memory corruption in Firefox for macOS CVE-2025-4083: Process...
Security update for libxml2
This update for libxml2 fixes the following issues: CVE-2025-32414: Fixed an out-of-bounds read when parsing text via the Python API. bsc1241551 CVE-2025-32415: Fixed a crafted XML document may lead to a heap-based buffer under-read. bsc1241453 Patch Instructions: To install this SUSE update use...
Security update for poppler
This update for poppler fixes the following issues: CVE-2025-43903: improper verification of adbe.pkcs7.sha1 signatures allows for signature forgeries. bsc1241620 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for redis
This update for redis fixes the following issues: CVE-2025-21605: Fixed an output buffer denial of service. bsc1241708 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command list...
Security update for redis
This update for redis fixes the following issues: CVE-2025-21605: Fixed an output buffer denial of service. bsc1241708 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command list...
Security update for govulncheck-vulndb
This update for govulncheck-vulndb fixes the following issues: Update to version 0.0.20250424T181457 jscPED-11136 GO-2025-3603 GO-2025-3604 GO-2025-3607 GO-2025-3608 GO-2025-3609 GO-2025-3610 GO-2025-3611 GO-2025-3612 GO-2025-3615 GO-2025-3618 GO-2025-3619 GO-2025-3620 GO-2025-3621 GO-2025-3622...
Security update for python-h11
This update for python-h11 fixes the following issues: CVE-2025-43859: leniency when parsing of line terminators in chunked-coding message bodies can lead to request smuggling. bsc1241872 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for java-21-openjdk
This update for java-21-openjdk fixes the following issues: Update to upstream tag jdk-21.0.7+6 April 2025 CPU CVEs fixed: CVE-2025-21587: Fixed JSSE unauthorized access, deletion or modification of critical data bsc1241274 CVE-2025-30691: Fixed Oracle Java SE Compiler Unauthorized Data Access...