5387 matches found
Security update for azure-cli-core
This update for azure-cli-core fixes the following issues: CVE-2025-24049: Fixed improper neutralization of special elements used in a command allows an unauthorized attacker to elevate privileges locally bsc1239460 Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-52927: netfilter: allow exp not to be removed in nfctfindexpectation bsc1239644. CVE-2024-35910: tcp: properly terminate timers for kernel sockets bsc1224489...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-52927: netfilter: allow exp not to be removed in nfctfindexpectation bsc1239644. CVE-2024-35910: tcp: properly terminate timers for kernel sockets...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-52927: netfilter: allow exp not to be removed in nfctfindexpectation bsc1239644. CVE-2024-35910: tcp: properly terminate timers for kernel sockets...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF bsc1237918. CVE-2022-49465: blk-throttle: Set BIOTHROTTLED when bio has been throttled bsc1238919...
Security update for poppler
This update for poppler fixes the following issues: CVE-2025-32364: Fixed a floating point exception. bsc1240880 CVE-2025-32365: Fixed the isOk check in JBIG2Bitmap::combine function in JBIG2Stream.cc. bsc1240881 Patch Instructions: To install this SUSE update use the SUSE recommended installatio...
Security update for poppler
This update for poppler fixes the following issues: CVE-2025-32364: Fixed a floating point exception. bsc1240880 CVE-2025-32365: Fixed the isOk check in JBIG2Bitmap::combine function in JBIG2Stream.cc. bsc1240881 Patch Instructions: To install this SUSE update use the SUSE recommended installatio...
Security update for procps
This update for procps fixes the following issues: Fixed regression introduced with the CVE-2023-4016 fix. The ps command segfaults when pid argument has a leading space bsc1236842. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdat...
Security update for giflib
This update for giflib fixes the following issues: CVE-2025-31344: Fixed a buffer overflow in function DumpScreen2RGB bsc1240416 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for giflib
This update for giflib fixes the following issues: CVE-2025-31344: Fixed a buffer overflow in function DumpScreen2RGB bsc1240416 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for xen
This update for xen fixes the following issues: CVE-2025-1713: Fixed potential deadlock with VT-d and legacy PCI device pass-through bsc1238043 Other fixes: Xen channels and domU console bsc1219354 Fixed attempting to start guest vm's libxl fills disk with errors bsc1237692 Xen call trace and API...
Security update for pam
This update for pam fixes the following issues: CVE-2024-10041: sensitive data exposure while performing authentications. bsc1232234 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run th...
Security update for skopeo
This update for skopeo fixes the following issues: CVE-2025-22870: golang.org/x/net/proxy: proxy bypass using IPv6 zone IDs bsc1238685 CVE-2025-27144: gopkg.in/square/go-jose.v2,gopkg.in/go-jose/go-jose.v2,github.com/go-jose/go-jose/v4,github.com/go-jose/go-jose/v3: Go JOSE's Parsing Vulnerable t...
Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issues: Mozilla Thunderbird ESR 128.9 MFSA 2025-24 bsc1240083 CVE-2025-3028: Use-after-free triggered by XSLTProcessor CVE-2025-3029: URL Bar Spoofing via non-BMP Unicode characters CVE-2025-3030: Memory safety bugs fixed in Firefox 137,...
Security update for govulncheck-vulndb
This update for govulncheck-vulndb fixes the following issues: Update to version 0.0.20250402T160203 2025-04-02T16:02:03Z jscPED-11136 GO-2025-3443 GO-2025-3581 GO-2025-3582 GO-2025-3583 GO-2025-3584 GO-2025-3585 GO-2025-3586 GO-2025-3587 GO-2025-3588 Patch Instructions: To install this SUSE upda...
Security update for go1.24
This update for go1.24 fixes the following issues: Update to go1.24.2 CVE-2025-22871: Fix an issue with request smuggling through invalid chunked data. bsc1240550 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: CVE-2024-44192: Fixed unexpected process crash due to processing maliciously crafted web content bsc1239863 CVE-2024-54467: Fixed information disclosure via data cross-origin exfiltration due to a cookie management issue bsc1239864 Other...
Security update for google-guest-agent
This update for google-guest-agent fixes the following issues: CVE-2024-45337: golang.org/x/crypto/ssh: Fixed misuse of ServerConfig.PublicKeyCallback leading to authorization bypass bsc1234563. Other fixes: - Updated to version 20250327.01 bsc1239763, bsc1239866 Remove error messages from...
Security update for google-guest-agent
This update for google-guest-agent fixes the following issues: CVE-2024-45337: golang.org/x/crypto/ssh: Fixed misuse of ServerConfig.PublicKeyCallback leading to authorization bypass bsc1234563. Other fixes: - Updated to version 20250327.01 bsc1239763, bsc1239866 Remove error messages from...
Security update for libxml2
This update for libxml2 fixes the following issues: CVE-2024-56171: Fixed use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c bsc1237363. CVE-2025-24928: Fixed stack-based buffer overflow in xmlSnprintfElements in valid.c bsc1237370. CVE-2025-27113: Fixed...
Security update for go1.23
This update for go1.23 fixes the following issues: Update to go1.23.8 CVE-2025-22871: Fix an issue with request smuggling through invalid chunked data. bsc1240550 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for the Linux Kernel (Live Patch 44 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059161 fixes several issues. The following security issues were fixed: CVE-2022-49025: net/mlx5e: Fix use-after-free when reverting termination table bsc1233023. CVE-2024-41062: Sync sock recv cb and release bsc1228578. CVE-2022-48791: Fix use-after-fr...
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 128.9.0 ESR MFSA 2025-22 bsc1240083: CVE-2025-3028: Use-after-free triggered by XSLTProcessor CVE-2025-3029: URL Bar Spoofing via non-BMP Unicode characters CVE-2025-3030: Memory safety bugs fixed in Firef...
Security update for xz
This update for xz fixes the following issues: CVE-2025-31115: Fixed heap use after free and writing to an address based on the null pointer plus an offset bsc1240414 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for apparmor
This update for apparmor fixes the following issue: Allow dovecot-auth to execute unix check password from /sbin, not only from /usr/bin bsc1234452. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternativel...
Security update for apparmor
This update for apparmor fixes the following issue: Allow dovecot-auth to execute unix check password from /sbin, not only from /usr/bin bsc1234452. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternativel...
Security update for openvpn
This update for openvpn fixes the following issues: CVE-2024-5594: Fixed incorrect handling of null bytes and invalid characters in control messages bsc1235147 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for GraphicsMagick
This update for GraphicsMagick fixes the following issues: CVE-2025-27795: Fixed missing image dimension resource limits in JXL bsc1239044 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can...
Security update for ffmpeg-4
This update for ffmpeg-4 fixes the following issues: CVE-2020-22037: Fixed unchecked return value of the initvlc function bsc1186756 CVE-2024-12361: Fixed null pointer dereference bsc1237358 CVE-2024-35368: Fixed double free via the rkmppretrieveframe function within libavcodec/rkmppdec.c...
Security update for ghostscript
This update for ghostscript fixes the following issues: CVE-2025-27831: Fixed text buffer overflow in DOCXWRITE TXTWRITE device via long characters to devices/vector/doccommon.c bsc1240075 CVE-2025-27832: Fixed compression buffer overflow in NPDL device for contrib/japanese/gdevnpdl.c bsc1240077...
Security update for tomcat
This update for tomcat fixes the following issues: CVE-2025-24813: Fixed potential RCE and/or information disclosure/corruption with partial PUT bsc1239302 Update to Tomcat 9.0.102 Fixes: launch with java 17 bsc1239676 Catalina Fix: Weak etags in the If-Range header should not match as strong eta...
Security update for libxslt
This update for libxslt fixes the following issues: CVE-2023-40403: Fixed sensitive information disclosure during processing web content bsc1238591 CVE-2024-55549: Fixed use-after-free in xsltGetInheritedNsList bsc1239637 CVE-2025-24855: Fixed use-after-free in numbers.c bsc1239625 Patch...
Security update for the Linux Kernel (Live Patch 47 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059170 fixes several issues. The following security issues were fixed: CVE-2022-49025: net/mlx5e: Fix use-after-free when reverting termination table bsc1233023. CVE-2024-41062: Sync sock recv cb and release bsc1228578. CVE-2022-48791: Fix use-after-fr...
Security update for the Linux Kernel (Live Patch 49 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059179 fixes one issue. The following security issue was fixed: CVE-2022-49025: net/mlx5e: Fix use-after-free when reverting termination table bsc1233023. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods lik...
Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005573 fixes one issue. The following security issue was fixed: CVE-2024-41062: Sync sock recv cb and release bsc1228578. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for the Linux Kernel (Live Patch 46 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059167 fixes several issues. The following security issues were fixed: CVE-2022-49025: net/mlx5e: Fix use-after-free when reverting termination table bsc1233023. CVE-2024-41062: Sync sock recv cb and release bsc1228578. CVE-2022-48791: Fix use-after-fr...
Security update for ghostscript
This update for ghostscript fixes the following issues: CVE-2025-27831: Fixed text buffer overflow in DOCXWRITE TXTWRITE device via long characters to devices/vector/doccommon.c bsc1240075 CVE-2025-27832: Fixed compression buffer overflow in NPDL device for contrib/japanese/gdevnpdl.c bsc1240077...
Security update for the Linux Kernel (Live Patch 48 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059174 fixes one issue. The following security issue was fixed: CVE-2022-49025: net/mlx5e: Fix use-after-free when reverting termination table bsc1233023. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods lik...
Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005562 fixes one issue. The following security issue was fixed: CVE-2024-41062: Sync sock recv cb and release bsc1228578. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 128.9.0 ESR MFSA 2025-22 bsc1240083: CVE-2025-3028: Use-after-free triggered by XSLTProcessor CVE-2025-3029: URL Bar Spoofing via non-BMP Unicode characters CVE-2025-3030: Memory safety bugs fixed in Firef...
Security update for docker, docker-stable
This update for docker, docker-stable fixes the following issues: CVE-2025-22868: Fixed unexpected memory consumption during token parsing in golang.org/x/oauth2 bsc1239185. CVE-2025-22869: Fixed Denial of Service in the Key Exchange of golang.org/x/crypto/ssh bsc1239322. CVE-2024-29018: Fixed...
Security update for apparmor
This update for apparmor fixes the following issue: Allow dovecot-auth to execute unix check password from /sbin, not only from /usr/bin bsc1234452. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternativel...
Security update for govulncheck-vulndb
This update for govulncheck-vulndb fixes the following issues: Update to version 0.0.20250331T171002 2025-03-31T17:10:02Z jscPED-11136 GO-2025-3443 GO-2025-3548 GO-2025-3557 GO-2025-3558 GO-2025-3559 Update to version 0.0.20250327T184518 2025-03-27T18:45:18Z jscPED-11136 GO-2025-3526 Patch...
Security update for warewulf4
This update for warewulf4 fixes the following issues: warewulf4 was updated from version 4.5.8 to 4.6.0: Security issues fixed for version 4.6.0: CVE-2025-22869: Fixed Denial of Service vulnerability in the Key Exchange of golang.org/x/crypto/ssh bsc1239322 CVE-2025-22870: Fixed proxy bypass usin...
Security update for the Linux Kernel (Live Patch 60 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122228 fixes one issue. The following security issue was fixed: CVE-2022-48791: Fix use-after-free for aborted TMF sastask bsc1228002 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for the Linux Kernel (Live Patch 59 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122225 fixes several issues. The following security issues were fixed: CVE-2024-41062: Sync sock recv cb and release bsc1228578. CVE-2022-48791: Fix use-after-free for aborted TMF sastask bsc1228002 Patch Instructions: To install this SUSE update use the...
Security update for openvpn
This update for openvpn fixes the following issues: CVE-2024-5594: Fixed handling of null bytes and invalid characters in control messages bsc1235147. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for corosync
This update for corosync fixes the following issues: CVE-2025-30472: Fixed stack buffer overflow from 'orftokenendianconvert' bsc1239987 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can ru...
Security update for libtasn1
This update for libtasn1 fixes the following issues: CVE-2024-12133: Fixed potential DoS in handling of numerous SEQUENCE OF or SET OF elements bsc1236878. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for docker
This update for docker fixes the following issues: This update includes fixes for: CVE-2024-41110: Fixed Authz zero length regression bsc1228324 CVE-2023-47108: Fixed otelgrpc: DoS vulnerability in otelgrpc uncontrolled resource consumption due to unbound cardinality bsc1217070 bsc1229806...