5114 matches found
Security update for libtasn1
This update for libtasn1 fixes the following issues: CVE-2024-12133: Fixed potential DoS in handling of numerous SEQUENCE OF or SET OF elements bsc1236878 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for libxml2
This update for libxml2 fixes the following issues: CVE-2024-56171: Fixed use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c bsc1237363 CVE-2025-24928: Fixed stack-based buffer overflow in xmlSnprintfElements in valid.c bsc1237370 CVE-2025-27113: Fixed...
Security update for orc
This update for orc fixes the following issues: CVE-2024-40897: Fixed stack-based buffer overflow inside the orc compiler when formatting error messages for certain input files bsc1228184. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for govulncheck-vulndb
This update for govulncheck-vulndb fixes the following issues: Update to version 0.0.20250416T165455 2025-04-16T16:54:55Z. jscPED-11136: GO-2025-3595 Update to version 0.0.20250410T162706 2025-04-10T16:27:06Z. jscPED-11136: GO-2025-3601 GO-2025-3602 Patch Instructions: To install this SUSE update...
Security update for erlang
This update for erlang fixes the following issues: CVE-2025-32433: Fixed unauthenticated remote code execution in Erlang/OTP SSH bsc1241300 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can...
Security update for erlang26
This update for erlang26 fixes the following issues: CVE-2025-30211: Fixed KEX init error results with excessive memory usage bsc1240390 CVE-2025-32433: Fixed unauthenticated remote code execution in Erlang/OTP SSH bsc1241300 Patch Instructions: To install this SUSE update use the SUSE recommende...
Security update for GraphicsMagick
This update for GraphicsMagick fixes the following issues: CVE-2025-32460: Fixed a heap-based buffer over-read in ReadJXLImage. bsc1241150 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can...
Security update for containerd
This update for containerd fixes the following issues: CVE-2024-40635: Fixed integer overflow in User ID handling bsc1239749 Other fixes: - Update to containerd v1.7.27. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for containerd
This update for containerd fixes the following issues: CVE-2024-40635: Fixed integer overflow in User ID handling bsc1239749 Other fixes: - Update to containerd v1.7.27. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for docker-stable
This update for docker-stable fixes the following issues: CVE-2025-0495: buildx: Fixed credential leakage to telemetry endpoints when credentials allowed to be set as attribute values in cache-to/cache-from configuration bsc1239765 Other fixes: Update to docker-buildx v0.22.0. Disable transparent...
Security update for the Linux Kernel
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-52927: netfilter: allow exp not to be removed in nfctfindexpectation bsc1239644. CVE-2024-26708: mptcp: fix inconsistent state on fastopen race...
Security update for the Linux Kernel
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-52927: netfilter: allow exp not to be removed in nfctfindexpectation bsc1239644. CVE-2024-26708: mptcp: fix inconsistent state on fastopen race...
Security update for poppler
This update for poppler fixes the following issues: CVE-2025-32364: Fixed a floating point exception. bsc1240880 CVE-2025-32365: Fixed the isOk check in JBIG2Bitmap::combine function in JBIG2Stream.cc. bsc1240881 Adding -fpie compile flag to GCC for Position Independent Executable PIE support...
Security update for docker
This update for docker fixes the following issues: Update to docker-buildx v0.22.0 CVE-2025-0495: Fixed an integer overflow in User ID handling in containerd. bsc1239765 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for mozjs52
This update for mozjs52 fixes the following issues: CVE-2024-56431: Fixed a negative shift in huffdec.c bsc1234837. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed...
Security update for poppler
This update for poppler fixes the following issues: CVE-2025-32364: Fixed a floating point exception. bsc1240880 CVE-2025-32365: Fixed the isOk check in JBIG2Bitmap::combine function in JBIG2Stream.cc. bsc1240881 Patch Instructions: To install this SUSE update use the SUSE recommended installatio...
Security update for haproxy
This update for haproxy fixes the following issues: CVE-2025-32464: Fixed heap-based buffer overflow in sampleconvregsub. bsc1240971 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run th...
Security update for apache2-mod_auth_openidc
This update for apache2-modauthopenidc fixes the following issues: CVE-2025-31492: Fixed a bug where OIDCProviderAuthRequestMethod POSTs can leak protected data. bsc1240893 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: Update to version 2.48.1 CVE-2024-54551: improper memory handling may lead to a denial-of-service when processing certain web content bsc1240962 CVE-2025-24208: permissions issue may lead to a cross-site scripting attack when loading a...
Security update for the Linux Kernel
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-52927: netfilter: allow exp not to be removed in nfctfindexpectation bsc1239644. CVE-2024-26708: mptcp: fix inconsistent state on fastopen race...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_3
This update for kernel-livepatch-MICRO-6-0-RTUpdate3 fixes the following issues: CVE-2024-45016: Fixed netem: fix return value if duplicate enqueue fails bsc1230998 CVE-2024-47684: Fixed tcp: check skb is non-NULL in tcprtodeltaus bsc1231993 CVE-2024-50302: Fixed HID: core: zero-initialize the...
Security update for kernel-livepatch-MICRO-6-0_Update_2
This update for kernel-livepatch-MICRO-6-0Update2 fixes the following issues: CVE-2024-57882: Fixed mptcp: fix TCP options overflow. bsc1235916 CVE-2024-46818: Fixed drm/amd/display: check gpioid before used as array index bsc1231204 CVE-2024-46815: Fixed drm/amd/display: check numvalidsets befor...
Security update for kernel-livepatch-MICRO-6-0_Update_3
This update for kernel-livepatch-MICRO-6-0Update3 fixes the following issues: CVE-2024-57882: Fixed mptcp: fix TCP options overflow. bsc1235916 CVE-2024-56648: Fixed net: hsr: avoid potential out-of-bound access in fillframeinfo bsc1235452 CVE-2024-50302: Fixed HID: core: zero-initialize the repo...
Security update for the Linux Kernel
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-52927: netfilter: allow exp not to be removed in nfctfindexpectation bsc1239644. CVE-2024-26708: mptcp: fix inconsistent state on fastopen race...
Security update for kernel-livepatch-MICRO-6-0_Update_2
This update for kernel-livepatch-MICRO-6-0Update2 fixes the following issues: CVE-2024-57882: Fixed mptcp: fix TCP options overflow. bsc1235916 CVE-2024-46818: Fixed drm/amd/display: check gpioid before used as array index bsc1231204 CVE-2024-46815: Fixed drm/amd/display: check numvalidsets befor...
Security update for kernel-livepatch-MICRO-6-0_Update_4
This update for kernel-livepatch-MICRO-6-0Update4 fixes the following issues: CVE-2024-56600: net: inet6: Fixed dangling sk pointer in inet6create bsc1235218. CVE-2024-57882: mptcp: Fixed TCP options overflow bsc1235916. Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for kernel-livepatch-MICRO-6-0_Update_4
This update for kernel-livepatch-MICRO-6-0Update4 fixes the following issues: CVE-2024-56600: net: inet6: Fixed dangling sk pointer in inet6create bsc1235218. CVE-2024-57882: mptcp: Fixed TCP options overflow bsc1235916. Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_2
This update for kernel-livepatch-MICRO-6-0-RTUpdate2 fixes the following issues: CVE-2024-57882: Fixed mptcp: fix TCP options overflow. bsc1235916 CVE-2024-46818: Fixed drm/amd/display: check gpioid before used as array index bsc1231204 CVE-2024-46815: Fixed drm/amd/display: check numvalidsets...
Security update for pam
This update for pam fixes the following issues: CVE-2024-10041: sensitive data exposure while performing authentications. bsc1232234 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run th...
Security update for cosign
This update for cosign fixes the following issues: CVE-2024-6104: cosign: hashicorp/go-retryablehttp: Fixed sensitive information disclosure to log file bsc1227031 CVE-2024-51744: cosign: github.com/golang-jwt/jwt/v4: Fixed bad documentation of error handling in ParseWithClaims leading to...
Security update for rekor
This update for rekor fixes the following issues: CVE-2023-45288: rekor: golang.org/x/net/http2: Fixed close connections when receiving too many headers bsc1236519 CVE-2024-6104: rekor: hashicorp/go-retryablehttp: Fixed sensitive information disclosure inside log file bsc1227053 CVE-2025-22868:...
Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: Update to version 2.48.1 CVE-2024-54551: improper memory handling may lead to a denial-of-service when processing certain web content bsc1240962 CVE-2025-24208: permissions issue may lead to a cross-site scripting attack when loading a...
Security update for rsync
This update for rsync fixes the following issues: Fixed bwlimit=0 option broken by CVE-2024-12088 fix bsc1239649. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed fo...
Security update for pgadmin4
This update for pgadmin4 fixes the following issues: CVE-2025-27152: Fixed SSRF and creadential leakage due to requests sent to absolute URL even when baseURL is set bsc1239308 CVE-2023-1907: Fixed an issue which could result in users being authenticated in another user's session if two users...
Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: Update to version 2.48.1 CVE-2024-54551: improper memory handling may lead to a denial-of-service when processing certain web content bsc1240962 CVE-2025-24208: permissions issue may lead to a cross-site scripting attack when loading a...
Security update for apache2-mod_auth_openidc
This update for apache2-modauthopenidc fixes the following issues: CVE-2025-31492: Fixed a bug where OIDCProviderAuthRequestMethod POSTs can leak protected data. bsc1240893 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Maintenance update for Multi-Linux Manager 4.3: Server
This update fixes the following issues: spacewalk-java: Version 4.3.85-0: CVE-2025-23392: Filter user input in systems list page. bsc1239826 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you ca...
Security update for Multi-Linux Manager 5.0: Server, Proxy and Retail Server
Description: This update fixes the following issues: proxy-helm: Version 5.0.12: Image rebuilt to the newest version with updated dependencies proxy-httpd-image: Version 5.0.10: Fixed wrong IP address set on susemanager-tftpsync-recv.conf Image rebuilt to the newest version with updated...
Security update for expat
This update for expat fixes the following issues: - CVE-2024-8176: Fixed denial of service from chaining a large number of entities caused by stack overflow by resolving use of recursion bsc1239618 Other fixes: - version update to 2.7.1 jscPED-12500 Bug fixes: 980 989 Restore event pointer...
Security update for rubygem-bundler
This update for rubygem-bundler fixes the following issues: CVE-2020-36327: Fixed bundler choosing a dependency source based on the highest gem version number, which means that a rogue gem found at a public source may be chosen bsc1185842 Other fixes: - Updated to version 2.2.34 Patch...
Security update for the Linux Kernel
The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2021-46925: Fixed kernel panic caused by race of smcsock bsc1220466. CVE-2021-47645: media: staging: media: zoran: calculate the right buffer number for...
Security update for mozjs52
This update for mozjs52 fixes the following issues: CVE-2024-56431: Fixed a negative shift in huffdec.c bsc1234837. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed...
Security update for mozjs52
This update for mozjs52 fixes the following issues: CVE-2024-56431: Fixed a negative shift in huffdec.c bsc1234837. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed...
Security update for apache2-mod_auth_openidc
This update for apache2-modauthopenidc fixes the following issues: CVE-2025-31492: Fixed a bug where OIDCProviderAuthRequestMethod POSTs can leak protected data. bsc1240893 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for etcd
This update for etcd fixes the following issues: Update to version 3.5.21: CVE-2025-30204: Fixed a bug that could allow excessive memory allocation during header parsing in jwt-go. bsc1240515 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for the Linux Kernel (Live Patch 52 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059188 fixes several issues. The following security issues were fixed: CVE-2022-49563: crypto: qat - add param check for RSA bsc1238788. CVE-2022-49564: crypto: qat - add param check for DH bsc1238790. CVE-2024-56600: net: inet6: do not leave a danglin...
Security update for the Linux Kernel (Live Patch 61 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122231 fixes several issues. The following security issues were fixed: CVE-2022-49014: net: tun: Fix use-after-free in tundetach bsc1232818. CVE-2022-49563: crypto: qat - add param check for RSA bsc1238788. CVE-2022-49564: crypto: qat - add param check for...
Security update for the Linux Kernel (Live Patch 19 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005580 fixes one issue. The following security issue was fixed: CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in inet6create bsc1235218. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like...
Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: Update to version 2.48.1 CVE-2024-54551: improper memory handling may lead to a denial-of-service when processing certain web content bsc1240962 CVE-2025-24208: permissions issue may lead to a cross-site scripting attack when loading a...
Security update for haproxy
This update for haproxy fixes the following issues: CVE-2025-32464: Fixed heap-based buffer overflow in sampleconvregsub. bsc1240971 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run th...