5114 matches found
Security update for xz
This update for xz fixes the following issues: CVE-2025-31115: Fixed heap use after free and writing to an address based on the null pointer plus an offset bsc1240414 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for apparmor
This update for apparmor fixes the following issue: Allow dovecot-auth to execute unix check password from /sbin, not only from /usr/bin bsc1234452. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternativel...
Security update for apparmor
This update for apparmor fixes the following issue: Allow dovecot-auth to execute unix check password from /sbin, not only from /usr/bin bsc1234452. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternativel...
Security update for openvpn
This update for openvpn fixes the following issues: CVE-2024-5594: Fixed incorrect handling of null bytes and invalid characters in control messages bsc1235147 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for GraphicsMagick
This update for GraphicsMagick fixes the following issues: CVE-2025-27795: Fixed missing image dimension resource limits in JXL bsc1239044 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can...
Security update for ffmpeg-4
This update for ffmpeg-4 fixes the following issues: CVE-2020-22037: Fixed unchecked return value of the initvlc function bsc1186756 CVE-2024-12361: Fixed null pointer dereference bsc1237358 CVE-2024-35368: Fixed double free via the rkmppretrieveframe function within libavcodec/rkmppdec.c...
Security update for ghostscript
This update for ghostscript fixes the following issues: CVE-2025-27831: Fixed text buffer overflow in DOCXWRITE TXTWRITE device via long characters to devices/vector/doccommon.c bsc1240075 CVE-2025-27832: Fixed compression buffer overflow in NPDL device for contrib/japanese/gdevnpdl.c bsc1240077...
Security update for tomcat
This update for tomcat fixes the following issues: CVE-2025-24813: Fixed potential RCE and/or information disclosure/corruption with partial PUT bsc1239302 Update to Tomcat 9.0.102 Fixes: launch with java 17 bsc1239676 Catalina Fix: Weak etags in the If-Range header should not match as strong eta...
Security update for libxslt
This update for libxslt fixes the following issues: CVE-2023-40403: Fixed sensitive information disclosure during processing web content bsc1238591 CVE-2024-55549: Fixed use-after-free in xsltGetInheritedNsList bsc1239637 CVE-2025-24855: Fixed use-after-free in numbers.c bsc1239625 Patch...
Security update for the Linux Kernel (Live Patch 47 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059170 fixes several issues. The following security issues were fixed: CVE-2022-49025: net/mlx5e: Fix use-after-free when reverting termination table bsc1233023. CVE-2024-41062: Sync sock recv cb and release bsc1228578. CVE-2022-48791: Fix use-after-fr...
Security update for the Linux Kernel (Live Patch 49 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059179 fixes one issue. The following security issue was fixed: CVE-2022-49025: net/mlx5e: Fix use-after-free when reverting termination table bsc1233023. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods lik...
Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005573 fixes one issue. The following security issue was fixed: CVE-2024-41062: Sync sock recv cb and release bsc1228578. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for the Linux Kernel (Live Patch 46 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059167 fixes several issues. The following security issues were fixed: CVE-2022-49025: net/mlx5e: Fix use-after-free when reverting termination table bsc1233023. CVE-2024-41062: Sync sock recv cb and release bsc1228578. CVE-2022-48791: Fix use-after-fr...
Security update for ghostscript
This update for ghostscript fixes the following issues: CVE-2025-27831: Fixed text buffer overflow in DOCXWRITE TXTWRITE device via long characters to devices/vector/doccommon.c bsc1240075 CVE-2025-27832: Fixed compression buffer overflow in NPDL device for contrib/japanese/gdevnpdl.c bsc1240077...
Security update for the Linux Kernel (Live Patch 48 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059174 fixes one issue. The following security issue was fixed: CVE-2022-49025: net/mlx5e: Fix use-after-free when reverting termination table bsc1233023. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods lik...
Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005562 fixes one issue. The following security issue was fixed: CVE-2024-41062: Sync sock recv cb and release bsc1228578. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 128.9.0 ESR MFSA 2025-22 bsc1240083: CVE-2025-3028: Use-after-free triggered by XSLTProcessor CVE-2025-3029: URL Bar Spoofing via non-BMP Unicode characters CVE-2025-3030: Memory safety bugs fixed in Firef...
Security update for docker, docker-stable
This update for docker, docker-stable fixes the following issues: CVE-2025-22868: Fixed unexpected memory consumption during token parsing in golang.org/x/oauth2 bsc1239185. CVE-2025-22869: Fixed Denial of Service in the Key Exchange of golang.org/x/crypto/ssh bsc1239322. CVE-2024-29018: Fixed...
Security update for apparmor
This update for apparmor fixes the following issue: Allow dovecot-auth to execute unix check password from /sbin, not only from /usr/bin bsc1234452. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternativel...
Security update for govulncheck-vulndb
This update for govulncheck-vulndb fixes the following issues: Update to version 0.0.20250331T171002 2025-03-31T17:10:02Z jscPED-11136 GO-2025-3443 GO-2025-3548 GO-2025-3557 GO-2025-3558 GO-2025-3559 Update to version 0.0.20250327T184518 2025-03-27T18:45:18Z jscPED-11136 GO-2025-3526 Patch...
Security update for warewulf4
This update for warewulf4 fixes the following issues: warewulf4 was updated from version 4.5.8 to 4.6.0: Security issues fixed for version 4.6.0: CVE-2025-22869: Fixed Denial of Service vulnerability in the Key Exchange of golang.org/x/crypto/ssh bsc1239322 CVE-2025-22870: Fixed proxy bypass usin...
Security update for the Linux Kernel (Live Patch 60 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122228 fixes one issue. The following security issue was fixed: CVE-2022-48791: Fix use-after-free for aborted TMF sastask bsc1228002 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for the Linux Kernel (Live Patch 59 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122225 fixes several issues. The following security issues were fixed: CVE-2024-41062: Sync sock recv cb and release bsc1228578. CVE-2022-48791: Fix use-after-free for aborted TMF sastask bsc1228002 Patch Instructions: To install this SUSE update use the...
Security update for openvpn
This update for openvpn fixes the following issues: CVE-2024-5594: Fixed handling of null bytes and invalid characters in control messages bsc1235147. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for corosync
This update for corosync fixes the following issues: CVE-2025-30472: Fixed stack buffer overflow from 'orftokenendianconvert' bsc1239987 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can ru...
Security update for libtasn1
This update for libtasn1 fixes the following issues: CVE-2024-12133: Fixed potential DoS in handling of numerous SEQUENCE OF or SET OF elements bsc1236878. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for docker
This update for docker fixes the following issues: This update includes fixes for: CVE-2024-41110: Fixed Authz zero length regression bsc1228324 CVE-2023-47108: Fixed otelgrpc: DoS vulnerability in otelgrpc uncontrolled resource consumption due to unbound cardinality bsc1217070 bsc1229806...
Security update for the Linux Kernel (Live Patch 7 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506002333 fixes one issue. The following security issue was fixed: CVE-2024-57882: mptcp: fix TCP options overflow. bsc1235916. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506002317 fixes several issues. The following security issues were fixed: CVE-2024-57882: mptcp: fix TCP options overflow. bsc1235916. CVE-2024-41062: Sync sock recv cb and release bsc1228578. Patch Instructions: To install this SUSE update use the SUSE...
Security update for expat
This update for expat fixes the following issues: -CVE-2024-50602: Fixed DoS via XMLResumeParser bsc1232579. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for you...
Security update for libarchive
This update for libarchive fixes the following issues: CVE-2025-1632: Fixed null pointer dereference in bsdunzip.c bsc1237606 CVE-2025-25724: Fixed Buffer Overflow vulnerability in libarchive bsc1238610 CVE-2024-48958: Fixed out-of-bounds access in executefilterdelta bsc1231624 CVE-2024-20697:...
Security update for the Linux Kernel RT (Live Patch 5 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506001017 fixes one issue. The following security issue was fixed: CVE-2024-57882: mptcp: fix TCP options overflow. bsc1235916. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-150600105 fixes several issues. The following security issues were fixed: CVE-2024-57882: mptcp: fix TCP options overflow. bsc1235916. CVE-2024-41062: Sync sock recv cb and release bsc1228578. Patch Instructions: To install this SUSE update use the SUSE...
Security update for apparmor
This update for apparmor fixes the following issues: Allow dovecot-auth to execute unix check password from /sbin, not only from /usr/bin bsc1234452. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternative...
Security update for docker, docker-stable
This update for docker, docker-stable fixes the following issues: CVE-2025-22868: Fixed unexpected memory consumption during token parsing in golang.org/x/oauth2 bsc1239185. CVE-2025-22869: Fixed Denial of Service in the Key Exchange of golang.org/x/crypto/ssh bsc1239322. Other fixes: - Make...
Security update for the Linux Kernel RT (Live Patch 7 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506001023 fixes one issue. The following security issue was fixed: CVE-2024-57882: mptcp: fix TCP options overflow. bsc1235916. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506008 fixes several issues. The following security issues were fixed: CVE-2024-57882: mptcp: fix TCP options overflow. bsc1235916. CVE-2024-41062: Sync sock recv cb and release bsc1228578. Patch Instructions: To install this SUSE update use the SUSE...
Security update for python3
This update for python3 fixes the following issues: CVE-2024-11168: Fixed improper validation of IPv6 and IPvFuture addresses bsc1233307. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can r...
Security update for skopeo
This update for skopeo fixes the following issues: CVE-2025-22870: Fixed proxy bypass using IPv6 zone IDs bsc1238685. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command liste...
Security update for mercurial
This update for mercurial fixes the following issues: CVE-2025-2361: Fixed improper sanitization of user-controlled input passed via the cmd parameter in the Mercurial SCM Web Interface bsc1239685 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like...
Security update for openvpn
This update for openvpn fixes the following issues: CVE-2024-5594: Fixed handling of null bytes and invalid characters in control messages bsc1235147. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for govulncheck-vulndb
This update for govulncheck-vulndb fixes the following issues: Update to version 0.0.20250326T201520 2025-03-26T20:15:20Z jscPED-11136: GO-2025-3520 GO-2025-3521 GO-2025-3522 GO-2025-3533 GO-2025-3534 GO-2025-3536 GO-2025-3537 GO-2025-3538 GO-2025-3539 GO-2025-3540 GO-2025-3542 GO-2025-3543...
Security update for erlang26
This update for erlang26 fixes the following issues: CVE-2025-26618: Fixed incorrect verification of SSH SFTP packet size in Erlang OTP bsc1237467 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...
Security update for python-requests
This update for python-requests fixes the following issues: Add patch to inject the default CA bundles if they are not specified. bsc1226321, bsc1231500 Remove Requires on python-py. update to 2.32.3: Fixed bug breaking the ability to specify custom SSLContexts in sub-classes of HTTPAdapter. Fixe...
Security update for ucode-intel
This update for ucode-intel fixes the following issues: Intel CPU Microcode was updated to the 20250211 release bsc1237096 Security updates for INTEL-SA-01166 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01166.html CVE-2024-31068: Improper Finite State Machines FSMs i...
Security update for python-Jinja2
This update for python-Jinja2 fixes the following issues: CVE-2025-27516: Fixed Jinja sandbox breakout through attr filter selecting format method bsc1238879 CVE-2024-56201: Fixed sandbox breakout through malicious content and filename of a template bsc1234808 CVE-2024-56326: Fixed sandbox breako...
Security update for libsoup
This update for libsoup fixes the following issues: CVE-2024-52530: strictly don't allow NUL bytes in headers bsc1233285 glgoGNOME/libsoup377. CVE-2024-52532: websocket: Process the frame as soon as we read data bsc1233287 glgoGNOME/libsoup391. CVE-2024-52531: be more robust against invalid input...
Security update for the Linux Kernel
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-26924: scsi: lpfc: Release hbalock before calling lpfcworkerwakeup bsc1225820. CVE-2024-27397: netfilter: nftables: use timestamp to check for s...
Security update for the Linux Kernel
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-26924: scsi: lpfc: Release hbalock before calling lpfcworkerwakeup bsc1225820. CVE-2024-27397: netfilter: nftables: use timestamp to check for s...
Security update for python36
This update for python36 fixes the following issues: CVE-2024-11168: Fixed improper validation of IPv6 and IPvFuture addresses bsc1233307. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can...