5387 matches found
Security update for the Linux Kernel RT (Live Patch 5 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506001017 fixes several issues. The following security issues were fixed: CVE-2024-53237: Bluetooth: fix use-after-free in deviceforeachchild bsc1235008. CVE-2024-53082: virtionet: Add hashkeylength check bsc1233677. CVE-2024-56650: netfilter: xtables: fix...
Security update for cifs-utils
This update for cifs-utils fixes the following issues: CVE-2025-2312: Fixed cifs.upcall making an upcall to the wrong namespace in containerized environments while trying to get Kerberos credentials bsc1239680 Patch Instructions: To install this SUSE update use the SUSE recommended installation...
Security update for libraw
This update for libraw fixes the following issues: CVE-2025-43962: Fixed out-of-bounds read when tag 0x412 processing in phaseonecorrect function bsc1241585 CVE-2025-43964: Fixed tag 0x412 processing in phaseonecorrect does not enforce minimum w0 and w1 values bsc1241584 Patch Instructions: To...
Security update for runc
This update for runc fixes the following issues: CVE-2024-45310: Fixed unintentional creation of empty files/directories on host bsc1230092 Other fixes: Update to runc v1.2.6. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for the Linux Kernel
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-27415: netfilter: brnetfilter: skip conntrack input hook for promisc packets bsc1224757. CVE-2024-50038: netfilter: xtables: fix typo causing so...
Security update for govulncheck-vulndb
This update for govulncheck-vulndb fixes the following issues: Update to version 0.0.20250422T181640 2025-04-22T18:16:40Z jscPED-11136 GO-2025-3603 GO-2025-3604 GO-2025-3607 GO-2025-3608 GO-2025-3609 GO-2025-3610 GO-2025-3611 GO-2025-3612 GO-2025-3615 GO-2025-3618 GO-2025-3619 GO-2025-3620...
Security update for the Linux Kernel
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-27415: netfilter: brnetfilter: skip conntrack input hook for promisc packets bsc1224757. CVE-2024-50038: netfilter: xtables: fix typo causing so...
Security update for ruby2.5
This update for ruby2.5 fixes the following issues: CVE-2025-27219: Fixed denial of service in CGI::Cookie.parse bsc1237804 CVE-2025-27220: Fixed ReDoS in CGI::UtilescapeElement bsc1237806 Other fixes: - Improved fix for CVE-2024-47220 bsc1230930, bsc1235773 Patch Instructions: To install this...
Security update for docker
This update for docker fixes the following issues: Updated to docker-buildx v0.22.0. Updated to Docker 27.5.1-ce. CVE-2025-0495: buildx: Fixed credential leakage to telemetry endpoints bsc1239765 CVE-2025-22868: Fixed golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in...
Security update for freetype2
This update for freetype2 fixes the following issues: Update to 2.13.2: Some fields in the FTOutline structure have been changed from signed to unsigned type, which better reflects the actual usage. It is also an additional means to protect against malformed input. Rare double-free crashes in the...
Security update for glib2
This update for glib2 fixes the following issues: CVE-2025-3360: Fixed integer overflow and buffer underread when parsing a very long and invalid ISO 8601 timestamp with gdatetimenewfromiso8601 bsc1240897 Patch Instructions: To install this SUSE update use the SUSE recommended installation method...
Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issues: Mozilla Thunderbird 128.9.2 bsc1241277 CVE-2025-3522: Leak of hashed Window credentials via crafted attachment URL CVE-2025-2830: Information Disclosure of /tmp directory listing CVE-2025-3523: User Interface UI Misrepresentation of...
Security update for mozjs60
This update for mozjs60 fixes the following issues: CVE-2024-56431: Fixed a negative shift in huffdec.c bsc1234837. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed...
Security update for libxslt
This update for libxslt fixes the following issues: CVE-2025-24855: Fix use-after-free of XPath context node bsc1239625 CVE-2024-55549: Fix UAF related to excluded namespaces bsc1239637 CVE-2023-40403: Make generate-id deterministic bsc1238591 Patch Instructions: To install this SUSE update use t...
Security update for podman
This update for podman fixes the following issues: CVE-2025-22869: Fixed Denial of Service in the Key Exchange of golang.org/x/crypto/ssh bsc1239330. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternative...
Security update for pam_pkcs11
This update for pampkcs11 fixes the following issues: CVE-2025-24031: Fixed segmentation fault on ctrl-c/ctrl-d when asked for PIN bsc1237058. CVE-2025-24032: Fixed authentication bypass with default value for certpolicy none bsc1237062. Patch Instructions: To install this SUSE update use the SUS...
Security update for iperf
This update for iperf fixes the following issues: Update to 3.18 bsc1234705, CVE-2024-53580: SECURITY NOTE: Thanks to Leonid Krolle Bi.Zone for discovering a JSON type security vulnerability that caused a segmentation fault in the server. CVE-2024-53580 This has now been fixed. PR1810 UDP packets...
Security update for helm
This update for helm fixes the following issues: Update to version 3.17.2 bsc1238688, CVE-2025-22870: Updating to 0.37.0 for x/net builddeps: bump the k8s-io group with 7 updates Update to version 3.17.1: merge null child chart objects builddeps: bump the k8s-io group with 7 updates fix: check...
Security update for git
This update for git fixes the following issues: CVE-2024-50349: Passwords for trusted sites could be sent to untrusted sites bsc1235600. CVE-2024-52006: Carriage Returns via the credential protocol to credential helpers bsc1235601. Patch Instructions: To install this SUSE update use the SUSE...
Security update for podman
This update for podman fixes the following issues: CVE-2023-45288: Fixed closing connection when receiving too many headers bsc1236507. CVE-2024-11218: Fixed container breakout by using --jobs=2 and a race condition when building a malicious Containerfile bsc1236270. CVE-2025-22869: Fixed Denial ...
Security update for helm
This update for helm fixes the following issues: Update to version 3.17.2 bsc1238688, CVE-2025-22870: Updating to 0.37.0 for x/net builddeps: bump the k8s-io group with 7 updates Update to version 3.17.1: merge null child chart objects builddeps: bump the k8s-io group with 7 updates fix: check...
Security update for iperf
This update for iperf fixes the following issues: CVE-2024-53580: Fixed segmentation violation via the iperfexchangeparameters function bsc1234705. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...
Security update for libxslt
This update for libxslt fixes the following issues: CVE-2025-24855: Fix use-after-free of XPath context node bsc1239625 CVE-2024-55549: Fix UAF related to excluded namespaces bsc1239637 CVE-2023-40403: Make generate-id deterministic bsc1238591 Patch Instructions: To install this SUSE update use t...
Security update for libtasn1
This update for libtasn1 fixes the following issues: CVE-2024-12133: Fixed potential DoS in handling of numerous SEQUENCE OF or SET OF elements bsc1236878 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for libxml2
This update for libxml2 fixes the following issues: CVE-2024-56171: Fixed use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c bsc1237363 CVE-2025-24928: Fixed stack-based buffer overflow in xmlSnprintfElements in valid.c bsc1237370 CVE-2025-27113: Fixed...
Security update for orc
This update for orc fixes the following issues: CVE-2024-40897: Fixed stack-based buffer overflow inside the orc compiler when formatting error messages for certain input files bsc1228184. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for govulncheck-vulndb
This update for govulncheck-vulndb fixes the following issues: Update to version 0.0.20250416T165455 2025-04-16T16:54:55Z. jscPED-11136: GO-2025-3595 Update to version 0.0.20250410T162706 2025-04-10T16:27:06Z. jscPED-11136: GO-2025-3601 GO-2025-3602 Patch Instructions: To install this SUSE update...
Security update for erlang
This update for erlang fixes the following issues: CVE-2025-32433: Fixed unauthenticated remote code execution in Erlang/OTP SSH bsc1241300 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can...
Security update for erlang26
This update for erlang26 fixes the following issues: CVE-2025-30211: Fixed KEX init error results with excessive memory usage bsc1240390 CVE-2025-32433: Fixed unauthenticated remote code execution in Erlang/OTP SSH bsc1241300 Patch Instructions: To install this SUSE update use the SUSE recommende...
Security update for GraphicsMagick
This update for GraphicsMagick fixes the following issues: CVE-2025-32460: Fixed a heap-based buffer over-read in ReadJXLImage. bsc1241150 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can...
Security update for containerd
This update for containerd fixes the following issues: CVE-2024-40635: Fixed integer overflow in User ID handling bsc1239749 Other fixes: - Update to containerd v1.7.27. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for containerd
This update for containerd fixes the following issues: CVE-2024-40635: Fixed integer overflow in User ID handling bsc1239749 Other fixes: - Update to containerd v1.7.27. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for docker-stable
This update for docker-stable fixes the following issues: CVE-2025-0495: buildx: Fixed credential leakage to telemetry endpoints when credentials allowed to be set as attribute values in cache-to/cache-from configuration bsc1239765 Other fixes: Update to docker-buildx v0.22.0. Disable transparent...
Security update for the Linux Kernel
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-52927: netfilter: allow exp not to be removed in nfctfindexpectation bsc1239644. CVE-2024-26708: mptcp: fix inconsistent state on fastopen race...
Security update for the Linux Kernel
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-52927: netfilter: allow exp not to be removed in nfctfindexpectation bsc1239644. CVE-2024-26708: mptcp: fix inconsistent state on fastopen race...
Security update for poppler
This update for poppler fixes the following issues: CVE-2025-32364: Fixed a floating point exception. bsc1240880 CVE-2025-32365: Fixed the isOk check in JBIG2Bitmap::combine function in JBIG2Stream.cc. bsc1240881 Adding -fpie compile flag to GCC for Position Independent Executable PIE support...
Security update for docker
This update for docker fixes the following issues: Update to docker-buildx v0.22.0 CVE-2025-0495: Fixed an integer overflow in User ID handling in containerd. bsc1239765 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for mozjs52
This update for mozjs52 fixes the following issues: CVE-2024-56431: Fixed a negative shift in huffdec.c bsc1234837. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed...
Security update for poppler
This update for poppler fixes the following issues: CVE-2025-32364: Fixed a floating point exception. bsc1240880 CVE-2025-32365: Fixed the isOk check in JBIG2Bitmap::combine function in JBIG2Stream.cc. bsc1240881 Patch Instructions: To install this SUSE update use the SUSE recommended installatio...
Security update for haproxy
This update for haproxy fixes the following issues: CVE-2025-32464: Fixed heap-based buffer overflow in sampleconvregsub. bsc1240971 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run th...
Security update for apache2-mod_auth_openidc
This update for apache2-modauthopenidc fixes the following issues: CVE-2025-31492: Fixed a bug where OIDCProviderAuthRequestMethod POSTs can leak protected data. bsc1240893 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: Update to version 2.48.1 CVE-2024-54551: improper memory handling may lead to a denial-of-service when processing certain web content bsc1240962 CVE-2025-24208: permissions issue may lead to a cross-site scripting attack when loading a...
Security update for the Linux Kernel
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-52927: netfilter: allow exp not to be removed in nfctfindexpectation bsc1239644. CVE-2024-26708: mptcp: fix inconsistent state on fastopen race...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_3
This update for kernel-livepatch-MICRO-6-0-RTUpdate3 fixes the following issues: CVE-2024-45016: Fixed netem: fix return value if duplicate enqueue fails bsc1230998 CVE-2024-47684: Fixed tcp: check skb is non-NULL in tcprtodeltaus bsc1231993 CVE-2024-50302: Fixed HID: core: zero-initialize the...
Security update for kernel-livepatch-MICRO-6-0_Update_2
This update for kernel-livepatch-MICRO-6-0Update2 fixes the following issues: CVE-2024-57882: Fixed mptcp: fix TCP options overflow. bsc1235916 CVE-2024-46818: Fixed drm/amd/display: check gpioid before used as array index bsc1231204 CVE-2024-46815: Fixed drm/amd/display: check numvalidsets befor...
Security update for the Linux Kernel
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-52927: netfilter: allow exp not to be removed in nfctfindexpectation bsc1239644. CVE-2024-26708: mptcp: fix inconsistent state on fastopen race...
Security update for kernel-livepatch-MICRO-6-0_Update_3
This update for kernel-livepatch-MICRO-6-0Update3 fixes the following issues: CVE-2024-57882: Fixed mptcp: fix TCP options overflow. bsc1235916 CVE-2024-56648: Fixed net: hsr: avoid potential out-of-bound access in fillframeinfo bsc1235452 CVE-2024-50302: Fixed HID: core: zero-initialize the repo...
Security update for kernel-livepatch-MICRO-6-0_Update_2
This update for kernel-livepatch-MICRO-6-0Update2 fixes the following issues: CVE-2024-57882: Fixed mptcp: fix TCP options overflow. bsc1235916 CVE-2024-46818: Fixed drm/amd/display: check gpioid before used as array index bsc1231204 CVE-2024-46815: Fixed drm/amd/display: check numvalidsets befor...
Security update for kernel-livepatch-MICRO-6-0_Update_4
This update for kernel-livepatch-MICRO-6-0Update4 fixes the following issues: CVE-2024-56600: net: inet6: Fixed dangling sk pointer in inet6create bsc1235218. CVE-2024-57882: mptcp: Fixed TCP options overflow bsc1235916. Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for kernel-livepatch-MICRO-6-0_Update_4
This update for kernel-livepatch-MICRO-6-0Update4 fixes the following issues: CVE-2024-56600: net: inet6: Fixed dangling sk pointer in inet6create bsc1235218. CVE-2024-57882: mptcp: Fixed TCP options overflow bsc1235916. Patch Instructions: To install this SUSE update use the SUSE recommended...