Security update for nodejs20

This update for nodejs20 fixes the following issues: Update to 20.18.2: CVE-2025-23083: Fixed worker permission bypass via InternalWorker leak in diagnostics bsc1236251 CVE-2025-23085: Fixed HTTP2 memory leak on premature close and ERRPROTO bsc1236250 CVE-2025-22150: Fixed insufficiently random...

Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-48742: rtnetlink: make sure to refresh masterdev/mops in rtnlnewlink bsc1226694. CVE-2022-49033: btrfs: qgroup: fix sleep from invalid context bug in...

Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: Upgrade to upstream tag jdk-11.0.26+4 January 2025 CPU Security fixes: CVE-2025-21502: Enhance array handling JDK-8330045, bsc1236278 Other changes: JDK-8224624: Inefficiencies in CodeStrings::addcomment cause - timeouts JDK-8225045:...

Security update for nodejs18

This update for nodejs18 fixes the following issues: Update to 18.20.6: CVE-2025-23085: Fixed HTTP2 memory leak on premature close and ERRPROTO bsc1236250 CVE-2025-22150: Fixed insufficiently random values used when defining the boundary for a multipart/form-data request in undici bsc1236258 Patc...

Security update for nodejs18

This update for nodejs18 fixes the following issues: Update to 18.20.6: CVE-2025-23085: Fixed HTTP2 memory leak on premature close and ERRPROTO bsc1236250 CVE-2025-22150: Fixed insufficiently random values used when defining the boundary for a multipart/form-data request in undici bsc1236258 Patc...

Security update for nodejs20

This update for nodejs20 fixes the following issues: Update to 20.18.2: CVE-2025-23083: Fixed worker permission bypass via InternalWorker leak in diagnostics bsc1236251 CVE-2025-23085: Fixed HTTP2 memory leak on premature close and ERRPROTO bsc1236250 CVE-2025-22150: Fixed insufficiently random...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-53095: smb: client: Fix use-after-free of network namespace bsc1233642. CVE-2024-53146: NFSD: Prevent a potential integer overflow bsc1234853...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-49035: media: s5pcec: limit msg.len to CECMAXMSGSIZE bsc1215304. CVE-2024-53146: NFSD: Prevent a potential integer overflow bsc1234853. CVE-2024-53156: wif...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-36280: Fixed out-of-bounds memory access vulnerability found in vmwgfx driver bsc1203332. CVE-2022-48742: rtnetlink: make sure to refresh masterdev/mops in...

Security update for docker-stable

This update for docker-stable fixes the following issues: CVE-2024-29018: Fixed external DNS request handling from 'internal' networks that could have led to data exfiltration bsc1234089. CVE-2024-23650: Fixed possibile BuildKit daemon crash via malicious BuildKit client or frontend request...

Security update for cdi-apiserver-container, cdi-cloner-container, cdi-controller-container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy-container, cdi-uploadserver-container, cont

This update for cdi-apiserver-container, cdi-cloner-container, cdi-controller-container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy-container, cdi-uploadserver-container, containerized-data-importer fixes the following issues: Update to version 1.61.0: Release notes...

Security update for cdi-apiserver-container, cdi-cloner-container, cdi-controller-container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy-container, cdi-uploadserver-container, cont

This update for cdi-apiserver-container, cdi-cloner-container, cdi-controller-container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy-container, cdi-uploadserver-container, containerized-data-importer fixes the following issues: Install nbdkit-server to avoid pulling unneeded...

Security update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-t

This update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container fixes the following issues: Update ...

Security update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-t

This update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container fixes the following issues: Drop...

Security update for nvidia-open-driver-G06-signed

This update for nvidia-open-driver-G06-signed fixes the following issues: Update to 550.144.03 bsc1235461, bsc1235871 fixes CVE-2024-0131, CVE-2024-0147, CVE-2024-0149, CVE-2024-0150, CVE-2024-53869 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like...

Security update for nvidia-open-driver-G06-signed

This update for nvidia-open-driver-G06-signed fixes the following issues: Update to 550.144.03 bsc1235461, bsc1235871 fixes CVE-2024-0131, CVE-2024-0147, CVE-2024-0149, CVE-2024-0150, CVE-2024-53869 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-41087: Fix double free on error bsc1228466. CVE-2024-53095: smb: client: Fix use-after-free of network namespace bsc1233642. CVE-2024-53146: NFSD: Prevent a...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-49035: media: s5pcec: limit msg.len to CECMAXMSGSIZE bsc1215304. CVE-2024-53146: NFSD: Prevent a potential integer overflow bsc1234853. CVE-2024-53156: wifi:...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-36280: Fixed out-of-bounds memory access vulnerability found in vmwgfx driver bsc1203332. CVE-2022-48742: rtnetlink: make sure to refresh masterdev/mops in...

Security update for pam_u2f

This update for pamu2f fixes the following issues: CVE-2025-23013: Fixed problematic PAMIGNORE return values in pamsmauthenticate bsc1233517 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you ca...

Security update for pam_u2f

This update for pamu2f fixes the following issues: CVE-2025-23013: Fixed problematic PAMIGNORE return values in pamsmauthenticate bsc1233517 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you ca...

Security update for git

This update for git fixes the following issues: CVE-2024-32002: Fix recursive clones on case-insensitive filesystems that support symbolic links are susceptible to case confusion. bsc1224168 CVE-2024-32004: Fixed arbitrary code execution during local clones. bsc1224170 CVE-2024-32020: Fix file...

Security update for dhcp

This update for dhcp fixes the following issues: Fixed dhcp not starting in case group nogroup is missing bsc1192020 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed...

Security update for libqt5-qtwebkit

This update for libqt5-qtwebkit fixes the following issues: CVE-2024-40779: Fixed heap buffer overflow in computeSampleUsingLinearInterpolation bsc1228693 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

Security update for pam_u2f

This update for pamu2f fixes the following issues: CVE-2025-23013: Fixed problematic PAMIGNORE return values in pamsmauthenticate bsc1233517 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you ca...

Security update for amazon-ssm-agent

This update for amazon-ssm-agent fixes the following issues: Update to version 3.3.1611.0: CVE-2025-21613: Fixed argument injection via the URL field in github.com/go-git/go-git/v5 bsc1235575 Full changelog: https://github.com/aws/amazon-ssm-agent/compare/3.1.1260.0...3.3.1611.0 Patch Instruction...

Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002325 fixes one issue. The following security issue was fixed: CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. Patch Instructions: To install this SUSE update use the SUSE recommended installation...

Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002314 fixes several issues. The following security issues were fixed: CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. CVE-2024-42133:...

Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-150600237 fixes several issues. The following security issues were fixed: CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733...

Security update for the Linux Kernel (Live Patch 32 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024136 fixes several issues. The following security issues were fixed: CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1232637. Patch...

Security update for the Linux Kernel (Live Patch 49 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059179 fixes several issues. The following security issues were fixed: CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1232637. Patch...

Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005573 fixes several issues. The following security issues were fixed: CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1232637...

Security update for the Linux Kernel (Live Patch 4 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002322 fixes several issues. The following security issues were fixed: CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2023-52752: smb: client: fix use-after-free bug in cifsdebugdataprocshow...

Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-15060021 fixes one issue. The following security issue was fixed: CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. Patch Instructions: To install this SUSE update use the SUSE recommended installation...

Security update for the Linux Kernel (Live Patch 20 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005583 fixes several issues. The following security issues were fixed: CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1232637. Patch...

Security update for the Linux Kernel (Live Patch 29 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024128 fixes several issues. The following security issues were fixed: CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1232637...

Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002317 fixes several issues. The following security issues were fixed: CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. CVE-2024-35949:...

Security update for pam_u2f

This update for pamu2f fixes the following issues: CVE-2025-23013: Fixed problematic PAMIGNORE return values in pamsmauthenticate bsc1233517 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you ca...

Security update for rsync

This update for rsync fixes the following issues: CVE-2024-12085: leak of uninitialized stack data on the server leading to possible ASLR bypass. bsc1234101 CVE-2024-12086: leak of a client machine's file contents through the processing of checksum data. bsc1234102 CVE-2024-12087: arbitrary file...

Security update for rsync

This update for rsync fixes the following issues: CVE-2024-12085: leak of uninitialized stack data on the server leading to possible ASLR bypass. bsc1234101 CVE-2024-12086: leak of a client machine's file contents through the processing of checksum data. bsc1234102 CVE-2024-12087: arbitrary file...

Security update for the Linux Kernel (Live Patch 14 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005565 fixes several issues. The following security issues were fixed: CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1232637...

Security update for redis

This update for redis fixes the following issues: CVE-2024-51741: Fixed a bug where malformed ACL selectors can trigger a server panic when accessed. bsc1235386 CVE-2024-46981: Fixed a bug where lua scripts can be used to manipulate the garbage collector, leading to remote code execution...

Security update for redis

This update for redis fixes the following issues: CVE-2024-46981: Fixed a bug where lua scripts can be used to manipulate the garbage collector, leading to remote code execution. bsc1235387 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

Security update for redis7

This update for redis7 fixes the following issues: CVE-2024-51741: Fixed a bug where malformed ACL selectors can trigger a server panic when accessed. bsc1235386 CVE-2024-46981: Fixed a bug where lua scripts can be used to manipulate the garbage collector, leading to remote code execution...

Security update for redis7

This update for redis7 fixes the following issues: CVE-2024-51741: Fixed a bug where malformed ACL selectors can trigger a server panic when accessed. bsc1235386 CVE-2024-46981: Fixed a bug where lua scripts can be used to manipulate the garbage collector, leading to remote code execution...

Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005549 fixes several issues. The following security issues were fixed: CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1232637...

Security update for rsync

This update for rsync fixes the following issues: CVE-2024-12085: leak of uninitialized stack data on the server leading to possible ASLR bypass. bsc1234101 CVE-2024-12086: leak of a client machine's file contents through the processing of checksum data. bsc1234102 CVE-2024-12087: arbitrary file...

Security update for rsync

This update for rsync fixes the following issues: CVE-2024-12084: heap buffer overflow in checksum parsing. bsc1234100 CVE-2024-12085: leak of uninitialized stack data on the server leading to possible ASLR bypass. bsc1234101 CVE-2024-12086: leak of a client machine's file contents through the...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-26924: scsi: lpfc: Release hbalock before calling lpfcworkerwakeup bsc1225820. CVE-2024-27397: netfilter: nftables: use timestamp to check for set element...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-26924: scsi: lpfc: Release hbalock before calling lpfcworkerwakeup bsc1225820. CVE-2024-27397: netfilter: nftables: use timestamp to check for set element...