Security update for ImageMagick

This update for ImageMagick fixes the following issues: CVE-2025-43965: Fixed mishandling of image depth after SetQuantumFormat is used in MIFF image processing. bsc1241659 CVE-2025-46393: Fixed mishandling of packetsize leads to rendering of channels in arbitrary order in multispectral MIFF imag...

Security update for glib2

This update for glib2 fixes the following issues: CVE-2025-3360: Fixed integer overflow and buffer underread when parsing a very long and invalid ISO 8601 timestamp with gdatetimenewfromiso8601 bsc1240897 Patch Instructions: To install this SUSE update use the SUSE recommended installation method...

Security update for sqlite3

This update for sqlite3 fixes the following issues: CVE-2025-29087: Fixed integer overflow in sqlite concat function bsc1241020 CVE-2025-29088: Fixed integer overflow through the SQLITEDBCONFIGLOOKASIDE component bsc1241078 Other fixes: Updated to version 3.49.1 from Factory jscSLE-16032 Patch...

Security update for sqlite3

This update for sqlite3 fixes the following issues: CVE-2025-29087: Fixed integer overflow in sqlite concat function bsc1241020 CVE-2025-29088: Fixed integer overflow through the SQLITEDBCONFIGLOOKASIDE component bsc1241078 Other fixes: Updated to version 3.49.1 from Factory jscSLE-16032 Patch...

Security update for libva

This update for libva fixes the following issues: Update to libva version 2.20.0, which includes security fix for: CVE-2023-39929: uncontrolled search path may allow an authenticated user to escalate privilege via local access bsc1224413, jscPED-11066 This includes latest version of one of the...

Security update for libva

This update for libva fixes the following issues: Update to libva version 2.20.0, which includes security fix for: CVE-2023-39929: Uncontrolled search path may allow an authenticated user to escalate privilege via local access bsc1224413, jscPED-11066 This includes latest version of one of the...

Security update for libva

This update for libva fixes the following issues: Update to libva version 2.20.0, which includes security fix for: uncontrolled search path may allow an authenticated user to escalate privilege via local access CVE-2023-39929, bsc1224413, jscPED-11066 This includes latest version of one of the...

Security update for ffmpeg

This update for ffmpeg fixes the following issues: CVE-2025-22921: Clear array length when freeing it. bsc1237382 CVE-2025-0518: Fix memory data leak when use sscanf. bsc1236007 CVE-2025-22919: Check for valid sample rate, to fix the invalid sample rate = 0. bsc1237371 CVE-2024-12361: Add check f...

Security update for the Linux Kernel (Live Patch 34 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024144 fixes several issues. The following security issues were fixed: CVE-2024-8805: Bluetooth: hcievent: Align BR/EDR JUSTWORKS paring with LE bsc1240840. CVE-2024-56650: netfilter: xtables: fix LED ID check in ledtgcheck bsc1235431. Patch...

Security update for the Linux Kernel (Live Patch 45 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059164 fixes several issues. The following security issues were fixed: CVE-2024-8805: Bluetooth: hcievent: Align BR/EDR JUSTWORKS paring with LE bsc1240840. CVE-2023-52885: SUNRPC: Fix UAF in svctcplistendataready bsc1227753. CVE-2024-50205: ALSA:...

Security update for the Linux Kernel (Live Patch 33 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024141 fixes several issues. The following security issues were fixed: CVE-2024-8805: Bluetooth: hcievent: Align BR/EDR JUSTWORKS paring with LE bsc1240840. CVE-2024-50205: ALSA: firewire-lib: Avoid division by zero in applyconstrainttosize bsc1233294...

Security update for the Linux Kernel (Live Patch 35 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024147 fixes one issue. The following security issue was fixed: CVE-2024-56650: netfilter: xtables: fix LED ID check in ledtgcheck bsc1235431. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

Security update for libxml2

This update for libxml2 fixes the following issues: CVE-2025-32414: Fixed an out-of-bounds read when parsing text via the Python API. bsc1241551 CVE-2025-32415: Fixed a crafted XML document may lead to a heap-based buffer under-read. bsc1241453 Patch Instructions: To install this SUSE update use...

Security update for libxml2

This update for libxml2 fixes the following issues: CVE-2025-32414: Fixed an out-of-bounds read when parsing text via the Python API. bsc1241551 CVE-2025-32415: Fixed a crafted XML document may lead to a heap-based buffer under-read. bsc1241453 Patch Instructions: To install this SUSE update use...

Security update for libxml2

This update for libxml2 fixes the following issues: CVE-2025-32414: Fixed an out-of-bounds read when parsing text via the Python API. bsc1241551 CVE-2025-32415: Fixed a crafted XML document may lead to a heap-based buffer under-read. bsc1241453 Patch Instructions: To install this SUSE update use...

Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 128.10.0 ESR MFSA 2025-29 bsc1241621: CVE-2025-2817: Potential privilege escalation in Firefox Updater CVE-2025-4082: WebGL shader attribute memory corruption in Firefox for macOS CVE-2025-4083: Process...

Security update for libxml2

This update for libxml2 fixes the following issues: CVE-2025-32414: Fixed an out-of-bounds read when parsing text via the Python API. bsc1241551 CVE-2025-32415: Fixed a crafted XML document may lead to a heap-based buffer under-read. bsc1241453 Patch Instructions: To install this SUSE update use...

Security update for poppler

This update for poppler fixes the following issues: CVE-2025-43903: improper verification of adbe.pkcs7.sha1 signatures allows for signature forgeries. bsc1241620 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

Security update for redis

This update for redis fixes the following issues: CVE-2025-21605: Fixed an output buffer denial of service. bsc1241708 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command list...

Security update for redis

This update for redis fixes the following issues: CVE-2025-21605: Fixed an output buffer denial of service. bsc1241708 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command list...

Security update for govulncheck-vulndb

This update for govulncheck-vulndb fixes the following issues: Update to version 0.0.20250424T181457 jscPED-11136 GO-2025-3603 GO-2025-3604 GO-2025-3607 GO-2025-3608 GO-2025-3609 GO-2025-3610 GO-2025-3611 GO-2025-3612 GO-2025-3615 GO-2025-3618 GO-2025-3619 GO-2025-3620 GO-2025-3621 GO-2025-3622...

Security update for python-h11

This update for python-h11 fixes the following issues: CVE-2025-43859: leniency when parsing of line terminators in chunked-coding message bodies can lead to request smuggling. bsc1241872 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

Security update for java-21-openjdk

This update for java-21-openjdk fixes the following issues: Update to upstream tag jdk-21.0.7+6 April 2025 CPU CVEs fixed: CVE-2025-21587: Fixed JSSE unauthorized access, deletion or modification of critical data bsc1241274 CVE-2025-30691: Fixed Oracle Java SE Compiler Unauthorized Data Access...

Security update for the Linux Kernel (Live Patch 32 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024136 fixes several issues. The following security issues were fixed: CVE-2024-8805: Bluetooth: hcievent: Align BR/EDR JUSTWORKS paring with LE bsc1240840. CVE-2024-50205: ALSA: firewire-lib: Avoid division by zero in applyconstrainttosize bsc1233294...

Security update for the Linux Kernel (Live Patch 46 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059167 fixes several issues. The following security issues were fixed: CVE-2023-52885: SUNRPC: Fix UAF in svctcplistendataready bsc1227753. CVE-2024-50205: ALSA: firewire-lib: Avoid division by zero in applyconstrainttosize bsc1233294. CVE-2024-56650:...

Security update for the Linux Kernel (Live Patch 44 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059161 fixes several issues. The following security issues were fixed: CVE-2024-8805: Bluetooth: hcievent: Align BR/EDR JUSTWORKS paring with LE bsc1240840. CVE-2023-52885: SUNRPC: Fix UAF in svctcplistendataready bsc1227753. CVE-2024-50205: ALSA:...

Security update for redis

This update for redis fixes the following issues: CVE-2025-21605: Fixed an output buffer denial of service. bsc1241708 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command list...

Security update for redis

This update for redis fixes the following issues: CVE-2025-21605: Fixed an output buffer denial of service. bsc1241708 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command list...

Security update for the Linux Kernel (Live Patch 52 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059188 fixes one issue. The following security issue was fixed: CVE-2024-56650: netfilter: xtables: fix LED ID check in ledtgcheck bsc1235431. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

Security update for containerd

This update for containerd fixes the following issues: Updated containerd to v1.7.27. CVE-2024-40635: Fixed integer overflow in User ID handling bsc1239749. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

Security update for the Linux Kernel (Live Patch 50 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059182 fixes several issues. The following security issues were fixed: CVE-2024-50205: ALSA: firewire-lib: Avoid division by zero in applyconstrainttosize bsc1233294. CVE-2024-56650: netfilter: xtables: fix LED ID check in ledtgcheck bsc1235431. Patch...

Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 128.10.0 ESR MFSA 2025-29 bsc1241621: CVE-2025-2817: Potential privilege escalation in Firefox Updater MFSA-RESERVE-2025-193709: WebGL shader attribute memory corruption in Firefox for macOS...

Security update for augeas

This update for augeas fixes the following issues: CVE-2025-2588: Check for NULL pointers when calling recaseexpand in function faexpandnocase. bsc1239909 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

Security update for the Linux Kernel (Live Patch 63 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122237 fixes several issues. The following security issues were fixed: CVE-2024-8805: Bluetooth: hcievent: Align BR/EDR JUSTWORKS paring with LE bsc1240840. CVE-2024-56650: netfilter: xtables: fix LED ID check in ledtgcheck bsc1235431. Patch Instructions: ...

Security update for the Linux Kernel (Live Patch 64 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122244 fixes one issue. The following security issue was fixed: CVE-2024-56650: netfilter: xtables: fix LED ID check in ledtgcheck bsc1235431. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

Security update for the Linux Kernel (Live Patch 60 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122228 fixes several issues. The following security issues were fixed: CVE-2024-8805: Bluetooth: hcievent: Align BR/EDR JUSTWORKS paring with LE bsc1240840. CVE-2024-56650: netfilter: xtables: fix LED ID check in ledtgcheck bsc1235431. Patch Instructions: ...

Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: Upgrade to upstream tag jdk-11.0.27+6 April 2025 CPU CVEs: CVE-2025-21587: Fixed JSSE unauthorized access, deletion or modification of critical data bsc1241274 CVE-2025-30691: Fixed Oracle Java SE Compiler Unauthorized Data Access...

Security update for kernel-livepatch-MICRO-6-0-RT_Update_2

This update for kernel-livepatch-MICRO-6-0-RTUpdate2 fixes the following issues: CVE-2024-53237: Fixed bluetooth: fix use-after-free in deviceforeachchild bsc1235008 CVE-2024-53082: Fixed virtionet: Add hashkeylength check bsc1233677 CVE-2024-8805: Fixed BlueZ HID over GATT Profile Improper Acces...

Security update for kernel-livepatch-MICRO-6-0_Update_3

This update for kernel-livepatch-MICRO-6-0Update3 fixes the following issues: CVE-2024-53237: Fixed bluetooth: fix use-after-free in deviceforeachchild bsc1235008 CVE-2024-53082: Fixed virtionet: Add hashkeylength check bsc1233677 CVE-2024-8805: Fixed BlueZ HID over GATT Profile Improper Access...

Security update for kernel-livepatch-MICRO-6-0-RT_Update_3

This update for kernel-livepatch-MICRO-6-0-RTUpdate3 fixes the following issues: CVE-2024-53237: Fixed bluetooth: fix use-after-free in deviceforeachchild bsc1235008 CVE-2024-53082: Fixed virtionet: Add hashkeylength check bsc1233677 CVE-2024-8805: Fixed BlueZ HID over GATT Profile Improper Acces...

Security update for kernel-livepatch-MICRO-6-0_Update_2

This update for kernel-livepatch-MICRO-6-0Update2 fixes the following issues: CVE-2024-53237: Fixed bluetooth: fix use-after-free in deviceforeachchild bsc1235008 CVE-2024-53082: Fixed virtionet: Add hashkeylength check bsc1233677 CVE-2024-8805: Fixed BlueZ HID over GATT Profile Improper Access...

Security update for kernel-livepatch-MICRO-6-0_Update_4

This update for kernel-livepatch-MICRO-6-0Update4 fixes the following issues: CVE-2024-53237: Fixed bluetooth: fix use-after-free in deviceforeachchild bsc1235008 CVE-2024-56650: Fixed netfilter: xtables: fix LED ID check in ledtgcheck bsc1235431 Patch Instructions: To install this SUSE update us...

Security update for kernel-livepatch-MICRO-6-0_Update_4

This update for kernel-livepatch-MICRO-6-0Update4 fixes the following issues: CVE-2024-53237: Fixed bluetooth: fix use-after-free in deviceforeachchild bsc1235008 CVE-2024-56650: Fixed netfilter: xtables: fix LED ID check in ledtgcheck bsc1235431 Patch Instructions: To install this SUSE update us...

Security update for kernel-livepatch-MICRO-6-0_Update_2

This update for kernel-livepatch-MICRO-6-0Update2 fixes the following issues: CVE-2024-53237: Fixed bluetooth: fix use-after-free in deviceforeachchild bsc1235008 CVE-2024-53082: Fixed virtionet: Add hashkeylength check bsc1233677 CVE-2024-8805: Fixed BlueZ HID over GATT Profile Improper Access...

Security update for elemental-toolkit

This update for elemental-toolkit fixes the following issues: Updated to version 2.1.3: Simplify podman calls in CI steup Switched GHA runners to Ubuntu 24.04 Updated year in headers Updated to go1.23, required by the new x/crypto module CVE-2025-22870: Fixed proxy bypass using IPv6 zone IDs...

Security update for gpg2

This update for gpg2 fixes the following issues: CVE-2025-30258: Fixed DoS due to a malicious subkey in the keyring bsc1239119 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...

Security update for u-boot

This update for u-boot fixes the following issues: CVE-2024-57256: Fixed integer overflow in U-Boot's ext4 symlink resolution function bsc1237284 CVE-2024-57258: Fixed multiple integer overflows in U-Boot's memory allocator bsc1237287 Patch Instructions: To install this SUSE update use the SUSE...

Security update for expat

This update for expat fixes the following issues: Version update to 2.7.1: Bug fixes: Restore event pointer behavior from Expat 2.6.4 that the fix to CVE-2024-8176 changed in 2.7.0; affected API functions are: XMLGetCurrentByteCount XMLGetCurrentByteIndex XMLGetCurrentColumnNumber...

Security update for gnutls

This update for gnutls fixes the following issues: CVE-2024-12243: Fixed inefficient DER Decoding in libtasn1 which could lead to remote DoS bsc1236974. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

Security update for the Linux Kernel RT (Live Patch 7 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506001023 fixes one issue. The following security issue was fixed: CVE-2024-56650: netfilter: xtables: fix LED ID check in ledtgcheck bsc1235431. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...