5387 matches found
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-49080: mm/mempolicy: fix mpolnew leak in sharedpolicyreplace bsc1238033. CVE-2024-53135: KVM: VMX: Bury Intel PT virtualization guest/host mode behind...
Security update for curl
This update for curl fixes the following issues: Update to 8.12.1: Bugfixes: asyn-thread: fix build with 'CURLDISABLESOCKETPAIR' asyn-thread: fix HTTPS RR crash asyn-thread: fix the returned bitmask from Curlresolvergetsock asyn-thread: survive a c-ares channel set to NULL cmake: always reference...
Security update for google-osconfig-agent
This update for google-osconfig-agent fixes the following issues: CVE-2025-22868: golang.org/x/oauth2/jws: Fixed unexpected memory consumption during token parsing bsc1239197 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issues: Updated to Mozilla Thunderbird 128.8 MFSA 2025-18 bsc1237683: CVE-2024-43097: Overflow when growing an SkRegion's RunArray CVE-2025-1930: AudioIPC StreamData could trigger a use-after-free in the Browser process CVE-2025-1931:...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-26708: mptcp: fix inconsistent state on fastopen race bsc1222672. CVE-2024-40980: dropmonitor: replace spinlock by rawspinlock bsc1227937. CVE-2024-4497...
Security update for curl
This update for curl fixes the following issues: Security issues fixed: CVE-2025-0725: Fixed gzip integer overflow bsc1236590 CVE-2025-0167: Fixed netrc and default credential leak bsc1236588 Other issues fixed: Make sure the TLS handshake after a successful STARTTLS command is fully done before...
Security update for podman
This update for podman fixes the following issues: CVE-2025-27144: Fixed gopkg.in/square/go-jose.v2,gopkg.in/go-jose/go-jose.v2,github.com/go-jose/go-jose/v4,github.com/go-jose/go-jose/v3: Go JOSE's Parsing Vulnerable to Denial of Service bsc1237641: CVE-2024-11218: Fixed...
Security update for iniparser
This update for iniparser fixes the following issues: CVE-2025-0633: string copy into buffer without previous size validation leads to heap buffer overflow in iniparserdumpsectionini of iniparser bsc1237377. Patch Instructions: To install this SUSE update use the SUSE recommended installation...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-49080: mm/mempolicy: fix mpolnew leak in sharedpolicyreplace bsc1238033. CVE-2024-53135: KVM: VMX: Bury Intel PT virtualization guest/host mode behind...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-36898: gpiolib: cdev: fix uninitialised kfifo bsc1225736. CVE-2024-46858: mptcp: pm: Fix uaf in timerdeletesync bsc1231088. CVE-2024-50142: xfrm: validate new...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-36280: Fixed out-of-bounds memory access vulnerability found in vmwgfx driver bsc1203332. CVE-2022-48742: rtnetlink: make sure to refresh masterdev/mops in...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-49080: mm/mempolicy: fix mpolnew leak in sharedpolicyreplace bsc1238033. CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks bsc122470...
Security update for the Linux Kernel
The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2021-22543: Fixed improper handling of VMIO|VMPFNMAP vmas in KVM bsc1186482. CVE-2021-47634: ubi: Fix race condition between ctrlcdevioctl and ubicdevioctl...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-49080: mm/mempolicy: fix mpolnew leak in sharedpolicyreplace bsc1238033. CVE-2024-53135: KVM: VMX: Bury Intel PT virtualization guest/host mode behind...
Security update for krb5
This update for krb5 fixes the following issues: CVE-2025-24528: Fixed out-of-bounds write caused by overflow when calculating ulog block size can lead to process crash bsc1236619. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate...
Security update for iniparser
This update for iniparser fixes the following issues: CVE-2025-0633: string copy into buffer without previous size validation leads to heap buffer overflow in iniparserdumpsectionini of iniparser bsc1237377. Patch Instructions: To install this SUSE update use the SUSE recommended installation...
Security update for libxkbfile
This update for libxkbfile fixes the following issues: CVE-2025-26595: Fixed buffer overflow in XkbVModMaskText bsc1237429. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command...
Security update for u-boot
This update for u-boot fixes the following issues: CVE-2024-57256: integer overflow in U-Boot's ext4 symlink resolution function bsc1237284. CVE-2024-57258: multiple integer overflows in U-Boot's memory allocator bsc1237287. Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for python
This update for python fixes the following issues: Reference to no longer used 'bracketedhost' variable in the fix for CVE-2025-0938 bsc1236705, bsc1223694. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for buildah
This update for buildah fixes the following issues: CVE-2023-45288: possible excessive CPU consumption due to no limit being set on the number of CONTINUATION frames read for an HTTP/2 request in golang.org/x/net/http2. bsc1236531 CVE-2025-27144: Fixed denial of service in parsing function of...
Security update for buildah
This update for buildah fixes the following issues: CVE-2025-27144: Fixed denial of service in parsing function of embedded library Go JOSE bsc1237681 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for buildah
This update for buildah fixes the following issues: CVE-2025-27144: Fixed denial of service in parsing function of embedded library Go JOSE bsc1237681 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for glibc
This update for glibc fixes the following issues: CVE-2025-0395: Fixed buffer overflow in the assert function bsc1236282. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command...
Security update for pcp
This update for pcp fixes the following issues: CVE-2024-45769: Fixed pmcd heap corruption through metric pmstore operations bsc1230551. CVE-2024-45770: Fixed pmpost symlink attack allowing escalating pcp to root user bsc1230552. Patch Instructions: To install this SUSE update use the SUSE...
Security update for openssl-3
This update for openssl-3 fixes the following issues: CVE-2024-13176: Fixed timing side-channel in the ECDSA signature computationbsc1236136. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you c...
Security update for pcr-oracle, shim
This update for pcr-oracle, shim fixes the following issues: pcr-oracle: predict SbatLevelRT for the next boot bsc1230316 shim was updated to version 15.8: Update shim-install to use the 'removable' way for encrypted SL-Micro images bsc1230316 Always use the removable way for SL-Micro Limit the...
Security update for go1.23
This update for go1.23 fixes the following issues: CVE-2025-22870: golang.org/x/net/proxy, golang.org/x/net/http/httpproxy: Fixed proxy bypass using IPv6 zone IDs bsc1238572 Other fixes: Updated go version to go1.23.7 bsc1229122: go71985 go71984 bsc1238572 security: fix CVE-2025-22870 net/http,...
Security update for go1.24
This update for go1.24 fixes the following issues: CVE-2025-22870: golang.org/x/net/proxy, golang.org/x/net/http/httpproxy: Fixed proxy bypass using IPv6 zone IDs bsc1238572 Other fixes: Updated go version to go1.24.1 bsc1236217: go71986 go71984 bsc1238572 security: fix CVE-2025-22870 net/http,...
Security update for pcp
This update for pcp fixes the following issues: Version upgrade 6.2.0 bsc1217826, PED8192, CVE-2023-6917. Performance CoPilot 6 is not starting due to missing pmloggerdaily.timer bsc1222815. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for emacs
This update for emacs fixes the following issues: CVE-2024-53920: Fixed arbitrary code execution via Lisp macro expansion bsc1233894. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run t...
Security update for glibc
This update for glibc fixes the following issues: CVE-2025-0395: Fixed buffer overflow in the assert function bsc1236282. Other fixes: - Fix underallocation of abortmsgs struct - Correctly determine livepatching support - Remove nss-systemd from default nsswitch.conf bsc1233699 Patch...
Security update for gstreamer-plugins-base
This update for gstreamer-plugins-base fixes the following issues: CVE-2024-47538: Fixed stack-buffer overflow in vorbishandleidentificationpacket bsc1234415. CVE-2024-47835: Fixed NULL-pointer dereference in LRC subtitle parser bsc1234450. CVE-2024-47600: Fixed Out-of-bounds read in...
Security update for pcp
This update for pcp fixes the following issues: CVE-2024-45770: Fixed pmpost symlink attack allowing escalating pcp to root user bsc1230552. CVE-2024-45769: Fixed pmcd heap corruption through metric pmstore operations bsc1230551. CVE-2024-3019: Fixed exposure of the redis backend server allowing...
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Security Vulnerabilities fixed in Firefox ESR 128.8 MFSA 2025-16 bsc1237683 - CVE-2024-43097: Overflow when growing an SkRegion's RunArray - CVE-2025-1930: AudioIPC StreamData could trigger a use-after-free in the Browser process -...
Security update for glib2
This update for glib2 fixes the following issues: CVE-2024-52533: Fixed a single byte buffer overflow in setconnectmsg bsc1233282 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for pam_u2f
This update for pamu2f fixes the following issues: CVE-2025-23013: Fixed problematic PAMIGNORE return values in pamsmauthenticatebsc1233517. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you ca...
Security update for haproxy
This update for haproxy fixes the following issues: Update to version 2.8.11+git0.01c1056a4: VUL-0: CVE-2024-53008: haproxy: HTTP/3 request smuggling via malformed HTTP headers forwarded to a HTTP/1.1 non-compliant back-end server bsc1233973 BUG/MINOR: cfgparse-listen: fix option httpslog overrid...
Security update for pam
This update for pam fixes the following issues: CVE-2024-10963: Fixed improper hostname interpretation inpamaccess that could lead to access control bypass bsc1233078 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for podman
This update for podman fixes the following issues: CVE-2025-27144: Fixed denial of service in parsing function of embedded library Go JOSE bsc1237641 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternative...
Security update for podman
This update for podman fixes the following issues: CVE-2025-27144: Fixed denial of service in parsing function of embedded library Go JOSE bsc1237641 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternative...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 Confidential Computing kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-26708: mptcp: fastopen and PM-trigger subflow shutdown can race bsc1222672. CVE-2024-44974: mptcp: pm: avoid possible UaF when selectin...
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Security Vulnerabilities fixed in Firefox ESR 128.8 MFSA 2025-16 bsc1237683 - CVE-2024-43097: Overflow when growing an SkRegion's RunArray - CVE-2025-1930: AudioIPC StreamData could trigger a use-after-free in the Browser process -...
Security update for docker
This update for docker fixes the following issues: Update to Docker 27.5.1-ce bsc1237335: CVE-2024-29018: External DNS requests from 'internal' networks could lead to data exfiltration bsc1234089. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like...
Security update for podman
This update for podman fixes the following issues: CVE-2025-27144: Fixed denial of service in parsing function of embedded library Go JOSE bsc1237641 CVE-2024-9676: github.com/containers/storage: Fixed symlink traversal vulnerability in the containers/storage library can cause Denial of Service D...
Security update for pam_u2f
This update for pamu2f fixes the following issues: update to 1.3.2: Relax authfile permission check to a warning instead of an error to prevent a breaking change locking existing users out of their systems. update to 1.3.1: CVE-2025-23013: Fixed problematic PAMIGNORE return values in...
Security update for skopeo
This update for skopeo fixes the following issues: CVE-2025-27144: excessive memory consumption by Go JOSE when parsing compact JWS or JWE input containing a large number of '.' characters bsc1237613. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods li...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-35863: Fixed potential UAF in isvalidoplockbreak bsc1224763. CVE-2024-50199: mm/swapfile: skip HugeTLB pages for unusevma bsc1233112. CVE-2024-53104: media:...
Security update for govulncheck-vulndb
This update for govulncheck-vulndb fixes the following issues: Update to version 0.0.20250226T025151 2025-02-26T02:51:51Z. jscPED-11136 GO-2025-3487 CVE-2025-22869 GO-2025-3488 CVE-2025-22868 Update to version 0.0.20250218T203201 2025-02-18T20:32:01Z. jscPED-11136 GO-2024-3321 CVE-2024-45337...
Security update for gnutls
This update for gnutls fixes the following issues: CVE-2024-12243: quadratic complexity of DER input decoding in libtasn1 can lead to a DoS bsc1236974. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for gnutls
This update for gnutls fixes the following issues: CVE-2024-12243: quadratic complexity of DER input decoding in libtasn1 can lead to a DoS bsc1236974. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...