5114 matches found
Security update for buildah
This update for buildah fixes the following issues: CVE-2023-45288: possible excessive CPU consumption due to no limit being set on the number of CONTINUATION frames read for an HTTP/2 request in golang.org/x/net/http2. bsc1236531 Patch Instructions: To install this SUSE update use the SUSE...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-45828: i3c: mipi-i3c-hci: Mask ring interrupts before ring stop request bsc1235705. CVE-2024-46858: mptcp: pm: Fix uaf in timerdeletesync bsc1231088...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-57897: drm/amdkfd: Correct the migration DMA map direction bsc1235969. CVE-2024-57893: ALSA: seq: oss: Fix races at processing SysEx messages bsc1235920...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-50199: mm/swapfile: skip HugeTLB pages for unusevma bsc1233112. CVE-2024-53104: media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseform...
Security update for python3
This update for python3 fixes the following issues: CVE-2025-0938: domain names containing square brackets are not identified as incorrect by urlparse. bsc1236705 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for python
This update for python fixes the following issues: CVE-2025-0938: functions urllib.parse.urlsplit and urlparse accept domain names including square brackets bsc1236705. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for python3
This update for python3 fixes the following issues: CVE-2025-0938: domain names containing square brackets are not identified as incorrect by urlparse. bsc1236705 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for python311
This update for python311 fixes the following issues: CVE-2025-0938: domain names containing square brackets are not identified as incorrect by urlparse. bsc1236705 Other fixes: Update to version 3.11.11. Remove -IVendor/ from python-config. bsc1231795 Patch Instructions: To install this SUSE...
Security update for libtasn1
This update for libtasn1 fixes the following issues: CVE-2024-12133: the processing of input DER data containing a large number of SEQUENCE OF or SET OF elements takes quadratic time to complete. bsc1236878 Patch Instructions: To install this SUSE update use the SUSE recommended installation...
Security update golang-github-prometheus-prometheus
golang-github-prometheus-prometheus was updated from version 2.45.6 to 2.53.3 jscPED-11649: Security issues fixed: CVE-2024-51744: Updated golang-jwt to version 5.0 to fix bad error handling bsc1232970 Highlights of other changes: Performance: Significant enhancements to PromQL execution speed,...
Security update for grafana
This update for grafana fixes the following issues: grafana was updated from version 9.5.18 to 10.4.13 jscPED-11591,jscPED-11649: Security issues fixed: CVE-2024-45337: Prevent possible misuse of ServerConfig.PublicKeyCallback by upgrading golang.org/x/crypto bsc1234554 CVE-2023-3128: Fixed...
Security update for SUSE Manager Client Tools
This update fixes the following issues: scap-security-guide was updated to version 0.1.75 jscECO-3319: Added Ism profile for OL8, OL9 Added new product kylinserver10 Created OL10 product Release SLMicro5 product Replaced two date injections by SOURCEDATEEPOCH to make reproducible bsc1230361 Updat...
Security update for SUSE Manager Client Tools MU 5.0.3
This update fixes the following issues: spacecmd was updated to version 5.0.11-0: Updated translation strings uyuni-tools was updated from version 0.1.23-0 to 0.1.27-0: Security issues fixed: CVE-2024-22037: Use podman secret to store the database credentials bsc1231497 Other changes and bugs...
Security update for SUSE Manager Client Tools
This update fixes the following issues: spacecmd was updated to version 5.0.11-0: Updated translation strings uyuni-tools was updated from version 0.1.23-0 to 0.1.27-0: Security issues fixed: CVE-2024-22037: Use podman secret to store the database credentials bsc1231497 Other changes and bugs...
Security update for SUSE Manager Client Tools
This update fixes the following issues: scap-security-guide was updated to version 0.1.75 jscECO-3319: Added Ism profile for OL8, OL9 Added new product kylinserver10 Created OL10 product Release SLMicro5 product Replaced two date injections by SOURCEDATEEPOCH to make reproducible bsc1230361 Updat...
Security update for SUSE Manager Client Tools
This update fixes the following issues: salt: Build all python bindings for all flavors Fixed the condition of alternatives for Tumbleweed and Leap 16 Handle logger exception when flushing already closed file Included passlib as a recommended dependency Make minion reconnecting on changing master...
Security update for SUSE Manager Client Tools
This update fixes the following issues: dracut-saltboot was updated to version 0.1.1728559936.c16d4fb: Added MAC based terminal naming option jscSUMA-314 golang-github-prometheus-prometheus was updated from version 2.45.6 to 2.53.3 jscPED-11649: Security issues fixed: CVE-2024-51744: Updated...
Security update for SUSE Manager Client Tools
This update fixes the following issues: golang-github-prometheus-prometheus was updated from version 2.45.6 to 2.53.3 jscPED-11649: Security issues fixed: CVE-2024-51744: Updated golang-jwt to version 5.0 to fix bad error handling bsc1232970 Highlights of other changes: Performance: Significant...
Security update for python312
This update for python312 fixes the following issues: CVE-2025-0938: Functions urllib.parse.urlsplit and urlparse accept domain names including square brackets bsc1236705. CVE-2024-12254: Unbounded memory buffering in SelectorSocketTransport.writelines bsc1234290. Other bugfixes: Position of SUSE...
Security update for unbound
This update for unbound fixes the following issues: Update to 1.22.0: Features: Add iter-scrub-ns, iter-scrub-cname and max-global-quota configuration options. Merge patch to fix for glue that is outside of zone, with harden-unverified-glue, from Karthik Umashankar Microsoft. Enabling this option...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-35863: Fixed potential UAF in isvalidoplockbreak bsc1224763. CVE-2024-50199: mm/swapfile: skip HugeTLB pages for unusevma bsc1233112. CVE-2024-53104: media:...
Security update for qemu
This update for qemu fixes the following issues: CVE-2023-42467: Disallow block sizes smaller than 512 bsc1215192. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed f...
Security update for python
This update for python fixes the following issues: CVE-2025-0938: functions urllib.parse.urlsplit and urlparse accept domain names including square brackets bsc1236705. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for libtasn1
This update for libtasn1 fixes the following issues: CVE-2024-12133: the processing of input DER data containing a large number of SEQUENCE OF or SET OF elements takes quadratic time to complete. bsc1236878 Patch Instructions: To install this SUSE update use the SUSE recommended installation...
Security update for glibc
This update for glibc fixes the following issue: CVE-2025-0395: Fix underallocation of abortmsgs struct bsc1236282, BZ 32582 s390x-wcsncmp patch: s390x: Fix segfault in wcsncmp bsc1228044. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for ovmf
This update for ovmf fixes the following issues: CVE-2024-1298: potential division-by-zero crash in edk2 due to UINT32 overflow in S3 ResumeCount. bsc1225889 CVE-2023-45229: out-of-bounds read in edk2 when processing IANA/IATA options in DHCPv6 Advertise messages. bsc1218879 CVE-2023-45230: buffe...
Security update for python3
This update for python3 fixes the following issues: CVE-2025-0938: domain names containing square brackets are not identified as incorrect by urlparse. bsc1236705 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for SUSE Manager Client Tools
This update fixes the following issues: salt: Revert setting SELinux context for minion service bsc1233667 Removed System V init support Fix the condition of alternatives for Tumbleweed and Leap 16 Build all python bindings for all flavors Make minion reconnecting on changing master IP bsc1228182...
Security update for SUSE Manager Client Tools
This update fixes the following issues: salt: Revert setting SELinux context for minion service bsc1233667 Removed System V init support Fix the condition of alternatives for Tumbleweed and Leap 16 Build all python bindings for all flavors Make minion reconnecting on changing master IP bsc1228182...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2025-21682: eth: bnxt: always recalculate features after XDP clearing, fix null-deref bsc1236703. CVE-2025-21678: gtp: Destroy device along with udp socket's netns...
Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005549 fixes several issues. The following security issues were fixed: CVE-2024-45016: netem: fix return value if duplicate enqueue fails bsc1230998. CVE-2022-48912: Fix use-after-free in nfregisternethook bsc1229641 CVE-2022-48923: btrfs: prevent...
Security update for the Linux Kernel (Live Patch 20 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005583 fixes several issues. The following security issues were fixed: CVE-2024-45016: netem: fix return value if duplicate enqueue fails bsc1230998. CVE-2024-47684: tcp: check skb is non-NULL in tcprtodeltaus bsc1231993. Patch Instructions: To install...
Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005573 fixes several issues. The following security issues were fixed: CVE-2024-45016: netem: fix return value if duplicate enqueue fails bsc1230998. CVE-2022-48912: Fix use-after-free in nfregisternethook bsc1229641 CVE-2024-47684: tcp: check skb is...
Security update for the Linux Kernel (Live Patch 31 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024133 fixes several issues. The following security issues were fixed: CVE-2024-45016: netem: fix return value if duplicate enqueue fails bsc1230998. CVE-2022-48923: btrfs: prevent copying too big compressed lzo segment bsc1229662 CVE-2024-47684: tcp:...
Security update for the Linux Kernel (Live Patch 14 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005565 fixes several issues. The following security issues were fixed: CVE-2024-45016: netem: fix return value if duplicate enqueue fails bsc1230998. CVE-2022-48912: Fix use-after-free in nfregisternethook bsc1229641 CVE-2022-48923: btrfs: prevent...
Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506002325 fixes several issues. The following security issues were fixed: CVE-2024-45016: netem: fix return value if duplicate enqueue fails bsc1230998. CVE-2024-47684: tcp: check skb is non-NULL in tcprtodeltaus bsc1231993. Patch Instructions: To install...
Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005568 fixes several issues. The following security issues were fixed: CVE-2024-45016: netem: fix return value if duplicate enqueue fails bsc1230998. CVE-2022-48912: Fix use-after-free in nfregisternethook bsc1229641 CVE-2024-47684: tcp: check skb is...
Security update for podman
This update for podman fixes the following issues: CVE-2024-6104: possible sensitive data exposure due to hashicorp/go-retryablehttp not sanitizing URLs when writing them to log files. bsc1227052 CVE-2023-45288: possible excessive CPU consumption due to no limit being set on the number of...
Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024119 fixes several issues. The following security issues were fixed: CVE-2024-45016: netem: fix return value if duplicate enqueue fails bsc1230998. CVE-2022-48912: Fix use-after-free in nfregisternethook bsc1229641 CVE-2022-48923: btrfs: prevent...
Security update for the Linux Kernel (Live Patch 49 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059179 fixes several issues. The following security issues were fixed: CVE-2024-45016: netem: fix return value if duplicate enqueue fails bsc1230998. CVE-2024-47684: tcp: check skb is non-NULL in tcprtodeltaus bsc1231993. Patch Instructions: To install...
Security update for the Linux Kernel (Live Patch 47 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059170 fixes several issues. The following security issues were fixed: CVE-2024-45016: netem: fix return value if duplicate enqueue fails bsc1230998. CVE-2022-48912: Fix use-after-free in nfregisternethook bsc1229641 CVE-2024-47684: tcp: check skb is...
Security update for the Linux Kernel (Live Patch 61 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122231 fixes several issues. The following security issues were fixed: CVE-2024-45016: netem: fix return value if duplicate enqueue fails bsc1230998. CVE-2024-47684: tcp: check skb is non-NULL in tcprtodeltaus bsc1231993. Patch Instructions: To install thi...
Security update for java-1_8_0-openj9
This update for java-180-openj9 fixes the following issues: Update to OpenJDK 8u442 build 06 with OpenJ9 0.49.0 virtual machine. CVE-2024-21235: unauthorized read/write access to data through the Hotspot component. bsc1231719 CVE-2024-21217: partial denial-of-service through the Serialization...
Security update for python36
This update for python36 fixes the following issues: CVE-2025-0938: domain names containing square brackets are not identified as incorrect by urlparse. bsc1236705 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch...
Security update for qemu
This update for qemu fixes the following issues: CVE-2021-3611: Fixed segmentation fault due to stack overflow bsc1193914. Other fixes: qemu.spec: mark bridge.conf as noreplace bsc1201944. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for go1.24
This update for go1.24 fixes the following issues: CVE-2025-22866: Fixed timing sidechannel for P-256 on ppc64le bsc1236801. CVE-2025-22867: Fixed arbitrary code execution during build on darwin bsc1236839. Other fixes: go1.2r42 release tracking bsc1236217 Patch Instructions: To install this SUSE...
Security update for openssl-3
This update for openssl-3 fixes the following issues: CVE-2024-13176: Fixed timing side-channel in ECDSA signature computation bsc1236136. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can...
Security update for govulncheck-vulndb
This update for govulncheck-vulndb fixes the following issues: Update to version 0.0.20250207T224745 2025-02-07T22:47:45Z. Refs jscPED-11136 Go CVE Numbering Authority IDs added or updated with aliases: GO-2025-3456 CVE-2025-24786 GHSA-9r4c-jwx3-3j76 GO-2025-3457 CVE-2025-24787 GHSA-c7w4-9wv8-7x7...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-52489: mm/sparsemem: fix race in accessing memorysection-usage bsc1221326. CVE-2024-45828: i3c: mipi-i3c-hci: Mask ring interrupts before ring stop...
Security update for bind
This update for bind fixes the following issues: CVE-2024-11187: Fixes CPU exhaustion caused by many records in the additional section bsc1236596 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively y...