5114 matches found
Security update for postgresql16
This update for postgresql16 fixes the following issues: Upgrade to 16.8: CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-encoded input strings bsc1237093. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for postgresql16
This update for postgresql16 fixes the following issues: Upgrade to 16.8: CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-encoded input strings bsc1237093. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for postgresql16
This update for postgresql16 fixes the following issues: Upgrade to 16.8: CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-encoded input strings bsc1237093. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for postgresql15
This update for postgresql15 fixes the following issues: Upgrade to 15.12: CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-encoded input strings bsc1237093. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for postgresql15
This update for postgresql15 fixes the following issues: Upgrade to 15.12: CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-encoded input strings bsc1237093. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for postgresql14
This update for postgresql14 fixes the following issues: Upgrade to 14.17: CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-encoded input strings bsc1237093. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for postgresql14
This update for postgresql14 fixes the following issues: Upgrade to 14.17: CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-encoded input strings bsc1237093. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for grub2
This update for grub2 fixes the following issues: CVE-2024-45781: Fixed strcpy overflow in ufs. bsc1233617 CVE-2024-56737: Fixed a heap-based buffer overflow in hfs. bsc1234958 CVE-2024-45782: Fixed strcpy overflow in hfs. bsc1233615 CVE-2024-45780: Fixed an overflow in tar/cpio. bsc1233614...
Security update for grafana
This update for grafana fixes the following issues: grafana was updated from version 10.4.13 to 10.4.15: Security issues fixed: CVE-2024-45339: Fixed vulnerability when creating log files bsc1236559 CVE-2024-11741: Fixed the Grafana Alerting VictorOps integration bsc1236734 CVE-2025-21613: Remove...
Security update for grafana
This update for grafana fixes the following issues: grafana was updated from version 10.4.13 to 10.4.15: Security issues fixed: CVE-2024-45339: Fixed vulnerability when creating log files bsc1236559 CVE-2024-11741: Fixed the Grafana Alerting VictorOps integration bsc1236734 CVE-2025-21613: Remove...
Security update for grafana
This update for grafana fixes the following issues: grafana was updated from version 10.4.13 to 10.4.15: Security issues fixed: CVE-2024-45339: Fixed vulnerability when creating log files bsc1236559 CVE-2024-11741: Fixed the Grafana Alerting VictorOps integration bsc1236734 CVE-2025-21613: Remove...
Security update for postgresql13
This update for postgresql13 fixes the following issues: Upgrade to 13.20: CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-encoded input strings bsc1237093. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for postgresql17
This update for postgresql17 fixes the following issues: Upgrade to 17.4: CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-encoded input strings bsc1237093. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for postgresql17
This update for postgresql17 fixes the following issues: Upgrade to 17.4: CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-encoded input strings bsc1237093. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for postgresql14
This update for postgresql14 fixes the following issues: Upgrade to 14.17: CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-encoded input strings bsc1237093. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for postgresql15
This update for postgresql15 fixes the following issues: Upgrade to 15.12: CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-encoded input strings bsc1237093. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for openssl-1_1
This update for openssl-11 fixes the following issues: CVE-2024-13176: Fixed timing side-channel in the ECDSA signature computation bsc1236136. Other bugfixes: Non approved PBKDF parameters wrongly resulting as approved bsc1236771. Patch Instructions: To install this SUSE update use the SUSE...
Security update for google-osconfig-agent
This update for google-osconfig-agent fixes the following issues: CVE-2024-45339: github.com/golang/glog: a privileged process' log file path can be easily predicted and used to overwrite other sensitive files in a system. bsc1236560 Patch Instructions: To install this SUSE update use the SUSE...
Security update for ovmf
This update for ovmf fixes the following issues: PXE boot is failing due to patches applied to fix CVE-2023-45236 and CVE-2023-45237 bsc1237084. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively yo...
Security update for ovmf
This update for ovmf fixes the following issues: PXE boot is failing due to patches applied to fix CVE-2023-45236 and CVE-2023-45237 bsc1237084. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively yo...
Security update for grub2
This update for grub2 fixes the following issues: CVE-2024-45781: Fixed strcpy overflow in ufs. bsc1233617 CVE-2024-56737: Fixed a heap-based buffer overflow in hfs. bsc1234958 CVE-2024-45782: Fixed strcpy overflow in hfs. bsc1233615 CVE-2024-45780: Fixed an overflow in tar/cpio. bsc1233614...
Security update for postgresql13
This update for postgresql13 fixes the following issues: Upgrade to 13.20: CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-encoded input strings bsc1237093. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for openssh
This update for openssh fixes the following issues: CVE-2025-26465: Fixed MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client bsc1237040. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...
Security update for cloud-regionsrv-client, python-toml
This update for cloud-regionsrv-client, python-toml contains the following fixes: cloud-regionsrv-client: - Update to 10.3.11 bsc1234050 + Send registration code for the extensions, not only base product Update to 10.3.9: bsc1234050 Send registration code for the extensions, not only base product...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. NOTE: This update was retracted due to a regression in NFS. The following security bugs were fixed: CVE-2024-35863: Fixed potential UAF in isvalidoplockbreak bsc1224763. CVE-2024-50199: mm/swapfile: skip...
Security update for the Linux Kernel
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-35863: smb: client: fix potential UAF in isvalidoplockbreak bsc1224763. CVE-2024-53104: media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in...
Security update for helm
This update for helm fixes the following issues: Update to version 3.17.1: CVE-2024-45338: Fixed denial of service due to non-linear parsing of case-insensitive content bsc1235318. CVE-2024-45337: Fixed misuse of ServerConfig.PublicKeyCallback to prevent authorization bypass in golang.org/x/crypt...
Security update for brise
This update for brise fixes the following issues: CVE-2025-21613: Fixed argument injection via the URL field bsc1235573. CVE-2024-45337: Fixed authorization bypass in golang.org/x/crypto via the ServerConfig.PublicKeyCallback callback bsc1234597. Patch Instructions: To install this SUSE update us...
Security update for emacs
This update for emacs fixes the following issues: CVE-2025-1244: improper handling of custom "man" URI schemes allow for shell command injections. bsc1237091 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for ucode-intel
This update for ucode-intel fixes the following issues: Intel CPU Microcode was updated to the 20250211 release bsc1237096 CVE-2024-31068: Improper Finite State Machines FSMs in Hardware Logic for some Intel Processors may allow privileged user to potentially enable denial of service via local...
Security update for netty, netty-tcnative
This update for netty, netty-tcnative fixes the following issues: CVE-2025-24970: incorrect validation of packets by SslHandler can lead to a native crash. bsc1237037 CVE-2025-25193: unsafe reading of environment files can lead to an application crash. bsc1237038 Update to netty version 4.1.118 a...
Security update for emacs
This update for emacs fixes the following issues: CVE-2025-1244: improper handling of custom "man" URI schemes allow for shell command injections. bsc1237091 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for grub2
This update for grub2 fixes the following issues: CVE-2024-45781: Fixed strcpy overflow in ufs. bsc1233617 CVE-2024-56737: Fixed a heap-based buffer overflow in hfs. bsc1234958 CVE-2024-45782: Fixed strcpy overflow in hfs. bsc1233615 CVE-2024-45780: Fixed an overflow in tar/cpio. bsc1233614...
Security update for grub2
This update for grub2 fixes the following issues: CVE-2024-45781: Fixed strcpy overflow in ufs. bsc1233617 CVE-2024-56737: Fixed a heap-based buffer overflow in hfs. bsc1234958 CVE-2024-45782: Fixed strcpy overflow in hfs. bsc1233615 CVE-2024-45780: Fixed an overflow in tar/cpio. bsc1233614...
Security update for grub2
This update for grub2 fixes the following issues: CVE-2024-45781: Fixed strcpy overflow in ufs. bsc1233617 CVE-2024-56737: Fixed a heap-based buffer overflow in hfs. bsc1234958 CVE-2024-45782: Fixed strcpy overflow in hfs. bsc1233615 CVE-2024-45780: Fixed an overflow in tar/cpio. bsc1233614...
Security update for openssh
This update for openssh fixes the following issues: CVE-2025-26465: Fixed MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client bsc1237040. CVE-2025-26466: Fixed DoS attack against OpenSSH's client and server bsc1237041. Patch Instructions: To install this SUSE update use the SUSE...
Security update for openvswitch
This update for openvswitch fixes the following issues: CVE-2025-0650: ovn: egress ACLs may be bypassed via specially crafted UDP packet bsc1236353. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternativel...
Security update for glibc
This update for glibc fixes the following issues: CVE-2025-0395: Fix underallocation of abortmsgs struct bsc1236282 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed...
Security update for buildah
This update for buildah fixes the following issues: CVE-2023-45288: possible excessive CPU consumption due to no limit being set on the number of CONTINUATION frames read for an HTTP/2 request in golang.org/x/net/http2. bsc1236531 Patch Instructions: To install this SUSE update use the SUSE...
Security update for google-osconfig-agent
This update for google-osconfig-agent fixes the following issues: CVE-2024-45339: github.com/golang/glog: a privileged process' log file path can be easily predicted and used to overwrite other sensitive files in a system. bsc1236560 Patch Instructions: To install this SUSE update use the SUSE...
Security update for podman
This update for podman fixes the following issues: CVE-2024-6104: possible sensitive data exposure due to hashicorp/go-retryablehttp not sanitizing URLs when writing them to log files. bsc1227052 CVE-2023-45288: possible excessive CPU consumption due to no limit being set on the number of...
Security update for openvswitch
This update for openvswitch fixes the following issues: CVE-2025-0650: ovn: egress ACLs may be bypassed via specially crafted UDP packet bsc1236353. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternativel...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-36898: gpiolib: cdev: fix uninitialised kfifo bsc1225736. CVE-2024-46858: mptcp: pm: Fix uaf in timerdeletesync bsc1231088. CVE-2024-50142: xfrm: validate new...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-50199: mm/swapfile: skip HugeTLB pages for unusevma bsc1233112. CVE-2024-53104: media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseformat...
Security update for emacs
This update for emacs fixes the following issues: CVE-2025-1244: improper handling of custom "man" URI schemes allow for shell command injections. bsc1237091 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for ucode-intel
This update for ucode-intel fixes the following issues: Intel CPU Microcode was updated to the 20250211 release bsc1237096 CVE-2024-31068: Improper Finite State Machines FSMs in Hardware Logic for some Intel Processors may allow privileged user to potentially enable denial of service via local...
Security update for the Linux Kernel
The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2021-47222: net: bridge: fix vlan tunnel dst refcnt when egressing bsc1224857. CVE-2021-47223: net: bridge: fix vlan tunnel dst null pointer dereference bsc1224856...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 Confidential Computing kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-40980: dropmonitor: replace spinlock by rawspinlock bsc1227937. CVE-2024-46858: mptcp: pm: Fix uaf in timerdeletesync bsc1231088...
Security update for glibc
This update for glibc fixes the following issues: CVE-2025-0395: Fix underallocation of abortmsgs struct bsc1236282 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed...
Security update for openvswitch
This update for openvswitch fixes the following issues: CVE-2025-0650: ovn: egress ACLs may be bypassed via specially crafted UDP packet. bsc1236353 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternativel...