5387 matches found
Security update for gnutls
This update for gnutls fixes the following issues: CVE-2024-12243: quadratic complexity of DER input decoding in libtasn1 can lead to a DoS bsc1236974. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for gnutls
This update for gnutls fixes the following issues: CVE-2024-12243: quadratic complexity of DER input decoding in libtasn1 can lead to a DoS bsc1236974. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for u-boot
This update for u-boot fixes the following issues: CVE-2024-57256: integer overflow in U-Boot's ext4 symlink resolution function bsc1237284. CVE-2024-57258: multiple integer overflows in U-Boot's memory allocator bsc1237287. Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for libxkbfile
This update for libxkbfile fixes the following issues: CVE-2025-26595: Fixed buffer overflow in XkbVModMaskText bsc1237429. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command...
Security update for libX11
This update for libX11 fixes the following issues: CVE-2025-26597: improper resizing of key actions when nGroups is 0 can lead to buffer overflows in XkbChangeTypesOfKey bsc1237431. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdat...
Security update for python
This update for python fixes the following issues: Reference to no longer used 'bracketedhost' variable in the fix for CVE-2025-0938 bsc1236705, bsc1223694. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for u-boot
This update for u-boot fixes the following issues: CVE-2024-57256: integer overflow in U-Boot's ext4 symlink resolution function bsc1237284. CVE-2024-57258: multiple integer overflows in U-Boot's memory allocator bsc1237287. Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for wireshark
This update for wireshark fixes the following issues: Update to version 4.2.11: CVE-2025-1492: uncontrolled recursion leading to a stack buffer overflow can cause Bundle Protocol and CBOR dissector to crash bsc1237414. Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for tiff
This update for tiff fixes the following issues: CVE-2023-25435: Heap-buffer-overflow in extractContigSamplesShifted8bits in tiffcrop.c bsc1212607. CVE-2023-52356: Segment fault in libtiff in TIFFReadRGBATileExt leading to denial of service bsc1219213. Other bugfixes: Fixed tiff build issue on...
Security update for ovmf
This update for ovmf fixes the following issues: CVE-2023-45229: out-of-bounds read in edk2 when processing IANA/IATA options in DHCPv6 Advertise messages. bsc1218879 CVE-2023-45230: buffer overflow in the DHCPv6 client in edk2 via a long Server ID option. bsc1218880 CVE-2023-45231: out-of-bounds...
Security update for azure-cli
This update for azure-cli fixes the following issues: CVE-2024-43591: improper neutralization of special elements could allow users to run Azure CLI commands that result in certain service management operations being performed with System level permissions in Azure Defender for Cloud bsc1231971...
Security update for python-azure-identity
This update for python-azure-identity fixes the following issues: CVE-2024-35255: race condition leading to privilege escalation and unauthorized access to sensitive information in Azure Identity libraries bsc1230100. Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for libxml2
This update for libxml2 fixes the following issues: CVE-2024-56171: use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c bsc1237363. CVE-2025-24928: stack-based buffer overflow in xmlSnprintfElements in valid.c bsc1237370. CVE-2025-27113: NULL pointer...
Security update for libxml2
This update for libxml2 fixes the following issues: CVE-2024-56171: use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c bsc1237363. CVE-2025-24928: stack-based buffer overflow in xmlSnprintfElements in valid.c bsc1237370. CVE-2025-27113: NULL pointer...
Security update for libxml2
This update for libxml2 fixes the following issues: CVE-2024-56171: use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c bsc1237363. CVE-2025-24928: stack-based buffer overflow in xmlSnprintfElements in valid.c bsc1237370. CVE-2025-27113: NULL pointer...
Security update for openssh8.4
This update for openssh8.4 fixes the following issues: CVE-2025-26465: Fixed a MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client bsc1237040. Other bugfixes: Fix usage of local accelerator cards via openssl-ibmca bsc1216474, bsc1218871. Add patches from upstream to change the default...
Security update for sssd
This update for sssd fixes the following issues: CVE-2023-3758: Fixed race condition during authorization leading to GPO policies functioning inconsistently bsc1223100. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for openvswitch3
This update for openvswitch3 fixes the following issues: CVE-2025-0650: Fixed egress ACLs that may be bypassed via specially crafted UDP packet bsc1236353. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for procps
This update for procps fixes the following issues: Integer overflow due to incomplete fix for CVE-2023-4016 can lead to segmentation fault in ps command when pid argument has a leading space bsc1236842, bsc1214290. Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for libX11
This update for libX11 fixes the following issues: CVE-2025-26597: improper resizing of key actions when nGroups is 0 can lead to buffer overflows in XkbChangeTypesOfKey bsc1237431. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdat...
Security update for libX11
This update for libX11 fixes the following issues: CVE-2025-26597: improper resizing of key actions when nGroups is 0 can lead to buffer overflows in XkbChangeTypesOfKey bsc1237431. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdat...
Security update for postgresql13
This update for postgresql13 fixes the following issues: Upgrade to 13.20: CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-encoded input strings bsc1237093. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for ruby2.5
This update for ruby2.5 fixes the following issues: CVE-2024-47220: Fixed a HTTP request smuggling attack in WEBrick bsc1230930 CVE-2024-49761: Fixed a ReDoS vulnerability in ruby rexml bsc1232440 Other fixes: ruby/uri Fix quadratic backtracking on invalid relative URI ruby/time Make RFC2822 rege...
Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: Update to version 2.46.6 bsc1236946, bsc1234851: CVE-2025-24143: A maliciously crafted webpage may be able to fingerprint the user. CVE-2025-24150: Copying a URL from Web Inspector may lead to command injection. CVE-2025-24158: Processing we...
Security update for xorg-x11-server
This update for xorg-x11-server fixes the following issues: CVE-2025-26594: Use-after-free of the root cursor bsc1237427. CVE-2025-26595: Buffer overflow in XkbVModMaskText bsc1237429. CVE-2025-26596: Heap overflow in XkbWriteKeySyms bsc1237430. CVE-2025-26597: Buffer overflow in...
Security update for xorg-x11-server
This update for xorg-x11-server fixes the following issues: CVE-2025-26594: Use-after-free of the root cursor bsc1237427. CVE-2025-26595: Buffer overflow in XkbVModMaskText bsc1237429. CVE-2025-26596: Heap overflow in XkbWriteKeySyms bsc1237430. CVE-2025-26597: Buffer overflow in...
Security update for xorg-x11-server
This update for xorg-x11-server fixes the following issues: CVE-2025-26594: Use-after-free of the root cursor bsc1237427. CVE-2025-26595: Buffer overflow in XkbVModMaskText bsc1237429. CVE-2025-26596: Heap overflow in XkbWriteKeySyms bsc1237430. CVE-2025-26597: Buffer overflow in...
Security update for xorg-x11-server
This update for xorg-x11-server fixes the following issues: CVE-2025-26594: Use-after-free of the root cursor bsc1237427. CVE-2025-26595: Buffer overflow in XkbVModMaskText bsc1237429. CVE-2025-26596: Heap overflow in XkbWriteKeySyms bsc1237430. CVE-2025-26597: Buffer overflow in...
Security update for xorg-x11-server
This update for xorg-x11-server fixes the following issues: CVE-2025-26594: Use-after-free of the root cursor bsc1237427. CVE-2025-26595: Buffer overflow in XkbVModMaskText bsc1237429. CVE-2025-26596: Heap overflow in XkbWriteKeySyms bsc1237430. CVE-2025-26597: Buffer overflow in...
Security update for xwayland
This update for xwayland fixes the following issues: CVE-2025-26594: Use-after-free of the root cursor bsc1237427. CVE-2025-26595: Buffer overflow in XkbVModMaskText bsc1237429. CVE-2025-26596: Heap overflow in XkbWriteKeySyms bsc1237430. CVE-2025-26597: Buffer overflow in XkbChangeTypesOfKey...
Security update for gnutls
This update for gnutls fixes the following issues: CVE-2024-12243: quadratic complexity of DER input decoding in libtasn1 can lead to a DoS bsc1236974. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for gnutls
This update for gnutls fixes the following issues: CVE-2024-12243: quadratic complexity of DER input decoding in libtasn1 can lead to a DoS bsc1236974. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for kernel-firmware
This update for kernel-firmware fixes the following issues: Update to version 20241128 git commit ea71da6f0690: i915: Update Xe2LPD DMC to v2.24 cirrus: cs35l56: Add firmware for Cirrus CS35L56 for various Dell laptops iwlwifi: add Bz-gf FW for core89-91 release amdgpu: update smu 13.0.10 firmwar...
Security update for openssh
This update for openssh fixes the following issues: Security issues fixed: CVE-2025-26465: Fixed a MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client bsc1237040 CVE-2025-26466: Fixed a DoS attack against OpenSSH's client and server bsc1237041 Other issues fixed: Fix ssh client segfault...
Security update for socat
This update for socat fixes the following issues: CVE-2015-1379: lack of async-signal-safe signal handlers can lead to crashes or freezing of socat processes bsc922903. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for procps
This update for procps fixes the following issues: Integer overflow due to incomplete fix for CVE-2023-4016 can lead to segmentation fault in ps command when pid argument has a leading space bsc1236842, bsc1214290. Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for pam_pkcs11
This update for pampkcs11 fixes the following issues: CVE-2025-24531: Fixed regression in version 0.6.12 returning PAMIGNORE in many situations with possible authentication bypass bsc1236314. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for vim
This update for vim fixes the following issues: Update to version 9.1.1101: CVE-2024-43790: possible out-of-bounds read when performing a search command bsc1229685. CVE-2024-43802: heap buffer overflow due to incorrect flushing of the typeahead buffer bsc1229822. CVE-2024-45306: heap buffer...
Security update for vim
This update for vim fixes the following issues: Update to version 9.1.1101: CVE-2024-43790: possible out-of-bounds read when performing a search command bsc1229685. CVE-2024-43802: heap buffer overflow due to incorrect flushing of the typeahead buffer bsc1229822. CVE-2024-45306: heap buffer...
Security update for vim
This update for vim fixes the following issues: Update to version 9.1.1101: CVE-2024-43790: possible out-of-bounds read when performing a search command bsc1229685. CVE-2024-43802: heap buffer overflow due to incorrect flushing of the typeahead buffer bsc1229822. CVE-2024-45306: heap buffer...
Security update for pam_pkcs11
This update for pampkcs11 fixes the following issues: CVE-2025-24531: Fixed regression in version 0.6.12 returning PAMIGNORE in many situations with possible authentication bypass bsc1236314. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Recommended update for Maven
This update for Maven fixes the following issues: maven-dependency-analyzer was updated from version 1.13.2 to 1.15.1: Key changes across versions: Bug fixes and improved support of dynamic types Dependency upgrades ASM, Maven core, and notably the removal of commons-io Improved error handling by...
Security update for the Linux Kernel (Live Patch 35 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024147 fixes one issue. The following security issue was fixed: CVE-2024-53104: media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseformat bsc1236783. Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for kernel-firmware
This update for kernel-firmware fixes the following issues: Update to version 20241128 git commit ea71da6f0690: i915: Update Xe2LPD DMC to v2.24 cirrus: cs35l56: Add firmware for Cirrus CS35L56 for various Dell laptops iwlwifi: add Bz-gf FW for core89-91 release amdgpu: update smu 13.0.10 firmwar...
Security update for vim
This update for vim fixes the following issues: vim was updated to 9.1.1101: CVE-2024-43374: Fixed use-after-free in alistadd bsc1229238 CVE-2024-43790: Fixed Out of bounds read when performing a search command bsc1229685 CVE-2024-43802: Fixed heap-buffer-overflow in instypebuf bsc1229822...
Security update for pam_pkcs11
This update for pampkcs11 fixes the following issues: CVE-2025-24032: default value for certpolicy none allows for authentication bypass bsc1237062. CVE-2025-24031: uninitialized pointer dereference caused by user pressing ctrl-c/ctrl-d when asked for PIN leads to crash bsc1237058. Patch...
Security update for the Linux Kernel (Live Patch 23 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024108 fixes several issues. The following security issues were fixed: CVE-2024-35789: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes bsc1227320. CVE-2024-40956: dmaengine: idxd: Fix possible Use-After-Free in irqprocessworklist...
Security update for the Linux Kernel (Live Patch 45 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059164 fixes several issues. The following security issues were fixed: CVE-2024-35789: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes bsc1227320. CVE-2024-40956: dmaengine: idxd: Fix possible Use-After-Free in irqprocessworklist...
Security update for the Linux Kernel (Live Patch 48 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059174 fixes one issue. The following security issue was fixed: CVE-2024-53104: media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseformat bsc1236783. Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005562 fixes several issues. The following security issues were fixed: CVE-2024-40956: dmaengine: idxd: Fix possible Use-After-Free in irqprocessworklist bsc1228585. CVE-2024-36974: net/sched: taprio: always validate TCATAPRIOATTRPRIOMAP bsc1227371...