5387 matches found
Security update for SUSE Manager Client Tools
This update fixes the following issues: salt: Revert setting SELinux context for minion service bsc1233667 Removed System V init support Fix the condition of alternatives for Tumbleweed and Leap 16 Build all python bindings for all flavors Make minion reconnecting on changing master IP bsc1228182...
Security update for SUSE Manager Client Tools
This update fixes the following issues: salt: Revert setting SELinux context for minion service bsc1233667 Removed System V init support Fix the condition of alternatives for Tumbleweed and Leap 16 Build all python bindings for all flavors Make minion reconnecting on changing master IP bsc1228182...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2025-21682: eth: bnxt: always recalculate features after XDP clearing, fix null-deref bsc1236703. CVE-2025-21678: gtp: Destroy device along with udp socket's netns...
Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005549 fixes several issues. The following security issues were fixed: CVE-2024-45016: netem: fix return value if duplicate enqueue fails bsc1230998. CVE-2022-48912: Fix use-after-free in nfregisternethook bsc1229641 CVE-2022-48923: btrfs: prevent...
Security update for the Linux Kernel (Live Patch 20 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005583 fixes several issues. The following security issues were fixed: CVE-2024-45016: netem: fix return value if duplicate enqueue fails bsc1230998. CVE-2024-47684: tcp: check skb is non-NULL in tcprtodeltaus bsc1231993. Patch Instructions: To install...
Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005573 fixes several issues. The following security issues were fixed: CVE-2024-45016: netem: fix return value if duplicate enqueue fails bsc1230998. CVE-2022-48912: Fix use-after-free in nfregisternethook bsc1229641 CVE-2024-47684: tcp: check skb is...
Security update for the Linux Kernel (Live Patch 31 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024133 fixes several issues. The following security issues were fixed: CVE-2024-45016: netem: fix return value if duplicate enqueue fails bsc1230998. CVE-2022-48923: btrfs: prevent copying too big compressed lzo segment bsc1229662 CVE-2024-47684: tcp:...
Security update for the Linux Kernel (Live Patch 14 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005565 fixes several issues. The following security issues were fixed: CVE-2024-45016: netem: fix return value if duplicate enqueue fails bsc1230998. CVE-2022-48912: Fix use-after-free in nfregisternethook bsc1229641 CVE-2022-48923: btrfs: prevent...
Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506002325 fixes several issues. The following security issues were fixed: CVE-2024-45016: netem: fix return value if duplicate enqueue fails bsc1230998. CVE-2024-47684: tcp: check skb is non-NULL in tcprtodeltaus bsc1231993. Patch Instructions: To install...
Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005568 fixes several issues. The following security issues were fixed: CVE-2024-45016: netem: fix return value if duplicate enqueue fails bsc1230998. CVE-2022-48912: Fix use-after-free in nfregisternethook bsc1229641 CVE-2024-47684: tcp: check skb is...
Security update for podman
This update for podman fixes the following issues: CVE-2024-6104: possible sensitive data exposure due to hashicorp/go-retryablehttp not sanitizing URLs when writing them to log files. bsc1227052 CVE-2023-45288: possible excessive CPU consumption due to no limit being set on the number of...
Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024119 fixes several issues. The following security issues were fixed: CVE-2024-45016: netem: fix return value if duplicate enqueue fails bsc1230998. CVE-2022-48912: Fix use-after-free in nfregisternethook bsc1229641 CVE-2022-48923: btrfs: prevent...
Security update for the Linux Kernel (Live Patch 49 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059179 fixes several issues. The following security issues were fixed: CVE-2024-45016: netem: fix return value if duplicate enqueue fails bsc1230998. CVE-2024-47684: tcp: check skb is non-NULL in tcprtodeltaus bsc1231993. Patch Instructions: To install...
Security update for the Linux Kernel (Live Patch 47 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059170 fixes several issues. The following security issues were fixed: CVE-2024-45016: netem: fix return value if duplicate enqueue fails bsc1230998. CVE-2022-48912: Fix use-after-free in nfregisternethook bsc1229641 CVE-2024-47684: tcp: check skb is...
Security update for the Linux Kernel (Live Patch 61 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122231 fixes several issues. The following security issues were fixed: CVE-2024-45016: netem: fix return value if duplicate enqueue fails bsc1230998. CVE-2024-47684: tcp: check skb is non-NULL in tcprtodeltaus bsc1231993. Patch Instructions: To install thi...
Security update for java-1_8_0-openj9
This update for java-180-openj9 fixes the following issues: Update to OpenJDK 8u442 build 06 with OpenJ9 0.49.0 virtual machine. CVE-2024-21235: unauthorized read/write access to data through the Hotspot component. bsc1231719 CVE-2024-21217: partial denial-of-service through the Serialization...
Security update for python36
This update for python36 fixes the following issues: CVE-2025-0938: domain names containing square brackets are not identified as incorrect by urlparse. bsc1236705 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch...
Security update for qemu
This update for qemu fixes the following issues: CVE-2021-3611: Fixed segmentation fault due to stack overflow bsc1193914. Other fixes: qemu.spec: mark bridge.conf as noreplace bsc1201944. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for go1.24
This update for go1.24 fixes the following issues: CVE-2025-22866: Fixed timing sidechannel for P-256 on ppc64le bsc1236801. CVE-2025-22867: Fixed arbitrary code execution during build on darwin bsc1236839. Other fixes: go1.2r42 release tracking bsc1236217 Patch Instructions: To install this SUSE...
Security update for openssl-3
This update for openssl-3 fixes the following issues: CVE-2024-13176: Fixed timing side-channel in ECDSA signature computation bsc1236136. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can...
Security update for govulncheck-vulndb
This update for govulncheck-vulndb fixes the following issues: Update to version 0.0.20250207T224745 2025-02-07T22:47:45Z. Refs jscPED-11136 Go CVE Numbering Authority IDs added or updated with aliases: GO-2025-3456 CVE-2025-24786 GHSA-9r4c-jwx3-3j76 GO-2025-3457 CVE-2025-24787 GHSA-c7w4-9wv8-7x7...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-52489: mm/sparsemem: fix race in accessing memorysection-usage bsc1221326. CVE-2024-45828: i3c: mipi-i3c-hci: Mask ring interrupts before ring stop...
Security update for bind
This update for bind fixes the following issues: CVE-2024-11187: Fixes CPU exhaustion caused by many records in the additional section bsc1236596 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively y...
Security update for the Linux Kernel RT (Live Patch 2 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-150600108 fixes several issues. The following security issues were fixed: CVE-2024-45016: netem: fix return value if duplicate enqueue fails bsc1230998. CVE-2024-47684: tcp: check skb is non-NULL in tcprtodeltaus bsc1231993. Patch Instructions: To install th...
Security update for wget
This update for wget fixes the following issues: CVE-2021-31879: Authorization header disclosed upon redirects to different origins. bsc1185551 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you...
Security update for python3-numpy
This update for python3-numpy fixes the following issues: CVE-2021-41495: missing return value validation can lead to null pointer dereference. bsc1193911 Other bug fixes: Correction of advance in PCG with emulated int128. Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for ovmf
This update for ovmf fixes the following issues: CVE-2023-45229: out-of-bounds read in edk2 when processing IANA/IATA options in DHCPv6 Advertise messages. bsc1218879 CVE-2023-45230: buffer overflow in the DHCPv6 client in edk2 via a long Server ID option. bsc1218880 CVE-2023-45231: out-of-bounds...
Security update for skopeo
This update for skopeo fixes the following issues: CVE-2024-6104: possible sensitive data exposure due to hashicorp/go-retryablehttp not sanitizing URLs when writing them to log files. bsc1227056 CVE-2023-45288: possible excessive CPU consumption due to no limit being set on the number of...
Security update for python311
This update for python311 fixes the following issues: CVE-2025-0938: domain names containing square brackets are not identified as incorrect by urlparse. bsc1236705 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for the Linux Kernel (Live Patch 62 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122234 fixes one issue. The following security issue was fixed: CVE-2024-45016: netem: fix return value if duplicate enqueue fails bsc1230998. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for cloud-regionsrv-client
This update for cloud-regionsrv-client contains the following fixes: Update to 10.3.11 bsc1234050 Send registration code for the extensions, not only base product Update to 10.3.9: bsc1234050 Send registration code for the extensions, not only base product Update to 10.3.8: bsc1233333 Fix the...
Security update for the Linux Kernel RT (Live Patch 4 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506001014 fixes several issues. The following security issues were fixed: CVE-2024-45016: netem: fix return value if duplicate enqueue fails bsc1230998. CVE-2024-47684: tcp: check skb is non-NULL in tcprtodeltaus bsc1231993. Patch Instructions: To install...
Security update for ovmf
This update for ovmf fixes the following issues: CVE-2023-45229: out-of-bounds read in edk2 when processing IANA/IATA options in DHCPv6 Advertise messages. bsc1218879 CVE-2023-45230: buffer overflow in the DHCPv6 client in edk2 via a long Server ID option. bsc1218880 CVE-2023-45231: out-of-bounds...
Security update for python310
This update for python310 fixes the following issues: CVE-2025-0938: domain names containing square brackets are not identified as incorrect by urlparse. bsc1236705 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issues: Update to Mozilla Thunderbird 128.7 MFSA 2025-10, bsc1236539. Security fixes: CVE-2025-1009: use-after-free in XSLT. CVE-2025-1010: use-after-free in Custom Highlight. CVE-2025-1011: a bug in WebAssembly code generation could result i...
Security update for rsync
This update for rsync fixes the following issues: Bump rsync protocol version to 32 to show server is patched against recent vulnerabilities. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you c...
Security update for crypto-policies, krb5
This update for crypto-policies and krb5 fixes the following issues: Security issue fixed: CVE-2025-24528: Fixed out-of-bounds write caused by overflow when calculating ulog block size can lead to process crash bsc1236619. Feature addition: Add crypto-policies support; jscPED-12018 The default...
Security update for tomcat
This update for tomcat fixes the following issues: CVE-2024-50379: Fixed remote code execution RCE due to TOCTOU issue in JSP compilation bsc1234663. CVE-2024-54677: Fixed denial-of-service DoS attack in examples web application bsc1234664. Patch Instructions: To install this SUSE update use the...
Security update for go1.23
This update for go1.23 fixes the following issues: CVE-2025-22866: Fixed timing sidechannel for P-256 on ppc64le bsc1236801. Bug fixes: go1.23 release tracking bsc1229122 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zyppe...
Security update for go1.22
This update for go1.22 fixes the following issues: CVE-2025-22866: Fixed timing sidechannel for P-256 on ppc64le bsc1236801. Bug fixes: go1.22 release tracking bsc1218424 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zyppe...
Security update for MozillaFirefox
This update for MozillaFirefox to 128.7esr fixes the following issues: MFSA 2025-09 CVE-2025-1009 bmo1936613 Use-after-free in XSLT CVE-2025-1010 bmo1936982 Use-after-free in Custom Highlight CVE-2025-1011 bmo1936454 A bug in WebAssembly code generation could result in a crash CVE-2025-1012...
Security update for openssl-1_1
This update for openssl-11 fixes the following issues: CVE-2024-13176: Fixed timing side-channel in the ECDSA signature computation bsc1236136 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you...
Security update for bind
This update for bind fixes the following issues: CVE-2024-11187: Fixes CPU exhaustion caused by many records in the additional section bsc1236596 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively y...
Security update for openssl-3
This update for openssl-3 fixes the following issues: CVE-2024-13176: Fixed timing side-channel in ECDSA signature computation bsc1236136. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can...
Security update for openssl-3
This update for openssl-3 fixes the following issues: CVE-2024-13176: Fixed timing side-channel in ECDSA signature computation bsc1236136. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can...
Security update for python39
This update for python39 fixes the following issues: CVE-2025-0938: domain names containing square brackets are not identified as incorrect by urlparse. bsc1236705 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch...
Security update for bind
This update for bind fixes the following issues: CVE-2024-11187: Fixes CPU exhaustion caused by many records in the additional section bsc1236596 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively y...
Security update for rsync
This update for rsync fixes the following issues: Bump protocol version to 32 - make it easier to show server is patched. Fix FLAGGOTDIRFLIST collission with FLAGHLINKED Security update,CVE-2024-12747, bsc1235475 race condition in handling symbolic links Security update, fix multiple...
Security update for podman
This update for podman fixes the following issues: CVE-2024-11218: Fixed a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. bsc1236270 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for wget
This update for wget fixes the following issues: CVE-2021-31879: Authorization header disclosed upon redirects to different origins. bsc1185551 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you...