5114 matches found
Security update for poppler
This update for poppler fixes the following issues: CVE-2024-56378: Fixed out-of-bounds read vulnerability within the JBIG2Bitmap::combine function in JBIG2Stream.cc bsc1234795 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for vhostmd
This update for vhostmd fixes the following issues: Updated to version 1.2 Fix actions using the 'free' command Fix buffer accounting when generating metric XML Change actions to retrieve vendor and product info Add a 'unit' attribute to the metrics element vif-stats.py: convert to Python3 conf:...
Security update for gdb
This update for gdb fixes the following issues: Mention changes in GDB 14: GDB now supports the AArch64 Scalable Matrix Extension 2 SME2, which includes a new 512 bit lookup table register named ZT0. GDB now supports the AArch64 Scalable Matrix Extension SME, which includes a new matrix register...
Security update for gdb
This update for gdb fixes the following issues: Mention changes in GDB 14: GDB now supports the AArch64 Scalable Matrix Extension 2 SME2, which includes a new 512 bit lookup table register named ZT0. GDB now supports the AArch64 Scalable Matrix Extension SME, which includes a new matrix register...
Security update for mozjs78
This update for mozjs78 fixes the following issues: CVE-2024-50602: Fixed DoS via XMLResumeParser bsc1232599 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for you...
Security update for mozjs115
This update for mozjs115 fixes the following issues: CVE-2024-11498: Fixed resource exhaustion via Stack overflow in libjxl bsc1233786 CVE-2024-11403: Fixed out of Bounds Memory Read/Write in libjxl bsc1233766 CVE-2024-50602: Fixed DoS via XMLResumeParser in libexpat bsc1232602 Patch Instructions...
Recommended update for vim
This update for vim fixes the following issues: CVE-2024-47814: Fixed use-after-free when closing buffers in Vim bsc1231373 CVE-2024-43374: Fixed use-after-free in alistadd bsc1229238 Other fixes: Remove patch that introduced a bug caused significantly more CPU usage bsc1220618 Updated to version...
Security update for aalto-xml, flatten-maven-plugin, jctools, moditect, netty, netty-tcnative
This update for aalto-xml, flatten-maven-plugin, jctools, moditect, netty, netty-tcnative fixes the following issues: CVE-2024-47535: Fixed unsafe reading of large environment files when Netty is loaded by a java application can lead to a crash due to the JVM memory limit being exceeded in netty...
Security update for grpc
This update for grpc fixes the following issues: CVE-2024-7246: HPACK table poisoning by gRPC clients communicating with a HTTP/2 proxy. bsc1228919 CVE-2024-11407: data corruption on servers with transmit zero copy enabled. bsc1233821 Patch Instructions: To install this SUSE update use the SUSE...
Security update for grpc
This update for grpc fixes the following issues: CVE-2024-7246: HPACK table poisoning by gRPC clients communicating with a HTTP/2 proxy. bsc1228919 CVE-2024-11407: data corruption on servers with transmit zero copy enabled. bsc1233821 Patch Instructions: To install this SUSE update use the SUSE...
Security update for the Linux Kernel
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-49995: tipc: guard against string buffer overrun bsc1232432. CVE-2024-50290: media: cx24116: prevent overflows on SNR calculus bsc1233479. CVE-2024-53063:...
Security update for python-aiohttp
This update for python-aiohttp fixes the following issues: CVE-2024-27306: filenames and paths not escaped when generating index pages for static file handling. bsc1223098 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypp...
Security update for python-grpcio
This update for python-grpcio fixes the following issues: CVE-2024-11407: data corruption on servers with transmit zero copy enabled. bsc1233821 CVE-2024-7246: HPACK table poisoning by gRPC clients communicating with a HTTP/2 proxy. bsc1228919 Patch Instructions: To install this SUSE update use t...
Security update for emacs
This update for emacs fixes the following issues: CVE-2024-53920: Fixed arbitrary code execution via Lisp macro expansion bsc1233894 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run th...
Security update for haproxy
This update for haproxy fixes the following issues: CVE-2024-53008: Fixed HTTP/3 request smuggling via malformed HTTP headers forwarded to a HTTP/1.1 non-compliant back-end server bsc1233973 Other fixes: Update to version 2.8.11 Patch Instructions: To install this SUSE update use the SUSE...
Security update for sudo
This update for sudo fixes the following issues: CVE-2021-3156: Fixed regression in CVE bsc1234371 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product:...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-52524: Fixed possible corruption in nfc/llcp bsc1220927. CVE-2024-49925: fbdev: efifb: Register sysfs groups through driver core bsc1232224 CVE-2024-50089:...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 Confidential Computing kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-52778: mptcp: deal with large GSO size bsc1224948. CVE-2023-52920: bpf: support non-r10 register spill/fill to/from stack in precision...
Security update for avahi
This update for avahi fixes the following issues: CVE-2024-52616: Fixed Avahi Wide-Area DNS Predictable Transaction IDs bsc1233420 Other fixes: - no longer supply bogus services to callbacks bsc1226586. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods...
Security update for curl
This update for curl fixes the following issues: CVE-2024-9681: Fixed HSTS subdomain overwrites parent cache entry bsc1232528 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the comma...
Security update for glib2
This update for glib2 fixes the following issues: CVE-2024-52533: Fixed a single byte buffer overflow bsc1233282. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed fo...
Security update for curl
This update for curl fixes the following issues: CVE-2024-11053: Fixed password leak in curl used for the first host to the followed-to host under certain circumstances bsc1234068 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate ...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2021-47594: mptcp: never allow the PM to close a listener subflow bsc1226560. CVE-2022-48983: iouring: Fix a null-ptr-deref in iotctxexitcb bsc1231959...
Security update for the Linux Kernel
The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-48853: swiotlb: fix info leak with DMAFROMDEVICE bsc1228015. CVE-2024-26801: Bluetooth: Avoid potential use-after-free in hcierrorreset bsc1222413...
Security update for subversion
This update for subversion fixes the following issues: CVE-2024-46901: Fixed denial-of-service via control characters in paths in moddavsvn bsc1234317 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for libsoup
This update for libsoup fixes the following issues: CVE-2024-52530: Fixed HTTP request smuggling via stripping null bytes from the ends of header names bsc1233285 CVE-2024-52531: Fixed buffer overflow via UTF-8 conversion in soupheaderparseparamliststrict bsc1233292 CVE-2024-52532: Fixed infinite...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2021-47594: mptcp: never allow the PM to close a listener subflow bsc1226560. CVE-2022-48879: efi: fix NULL-deref in init error path bsc1229556. CVE-2022-48956:...
Security update for docker
This update for docker fixes the following issues: Update docker-buildx to v0.19.2. See upstream changelog online at . Some notable changelogs from the last update: Add a new toggle file /etc/docker/suse-secrets-enable which allows users to disable the SUSEConnect integration with Docker which...
Security update for curl
This update for curl fixes the following issues: CVE-2024-11053: Fixed password leak in curl used for the first host to the followed-to host under certain circumstances bsc1234068 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate ...
Security update for python-urllib3_1
This update for python-urllib31 fixes the following issues: CVE-2024-37891: Fixed proxy-authorization request header not stripped during cross-origin redirects bsc1226469 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zyppe...
Security update for ovmf
This update for ovmf fixes the following issues: CVE-2024-1298: MdeModulePkg: Potential UINT32 overflow in S3 ResumeCount bsc1225889 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run th...
Security update for libsoup
This update for libsoup fixes the following issues: CVE-2024-52530: Fixed HTTP request smuggling via stripping null bytes from the ends of header names bsc1233285 CVE-2024-52531: Fixed buffer overflow via UTF-8 conversion in soupheaderparseparamliststrict bsc1233292 CVE-2024-52532: Fixed infinite...
Security update for libsoup
This update for libsoup fixes the following issues: CVE-2024-52530: Fixed HTTP request smuggling via stripping null bytes from the ends of header names bsc1233285 CVE-2024-52531: Fixed buffer overflow via UTF-8 conversion in soupheaderparseparamliststrict bsc1233292 CVE-2024-52532: Fixed infinite...
Security update for installation-images
This update updates installation-images and tftpboot images to contain the latest shim for secure boot. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your...
Security update for installation-images
This update updates installation-images and tftpboot images to contain the latest shim for secure boot. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your...
Security update for libsoup2
This update for libsoup2 fixes the following issues: CVE-2024-52530: Fixed HTTP request smuggling via stripping null bytes from the ends of header names bsc1233285 CVE-2024-52531: Fixed buffer overflow via UTF-8 conversion in soupheaderparseparamliststrict bsc1233292 CVE-2024-52532: Fixed infinit...
Security update for socat
This update for socat fixes the following issues: CVE-2024-54661: Fixed arbitrary file overwrite via predictable /tmp directory bsc1225462 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can...
Security update for installation-images
This update updates installation-images and tftpboot images to contain the latest shim for secure boot. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-26782: mptcp: fix double-free on socket dismantle bsc1222590. CVE-2024-44932: idpf: fix UAFs when destroying the queues bsc1229808. CVE-2024-44964: idpf: fix...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-26782: mptcp: fix double-free on socket dismantle bsc1222590. CVE-2024-43854: Initialize integrity buffer to zero before writing it to media bsc1229345...
Security update for libaom, libyuv
This update for libaom, libyuv fixes the following issues: libaom was updated to version 3.7.1: Bug Fixes: aomedia:3349: heap overflow when increasing resolution aomedia:3478: GCC 12.2.0 emits a -Wstringop-overflow warning on aom/av1/encoder/motionsearchfacade.c aomedia:3489: Detect encoder and...
Security update for vim
This update for vim fixes the following issues: CVE-2024-47814: Fixed use-after-free when closing buffers in Vim bsc1231373 CVE-2024-43374: Fixed use-after-free in alistadd bsc1229238 Other fixes: Updated to version 9.1.0836 Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for aws-iam-authenticator
This update for aws-iam-authenticator fixes the following issues: CVE-2022-1996: Fixed CORS bypass bsc1200528. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for...
Security update for python-aiohttp
This update for python-aiohttp fixes the following issues: CVE-2024-30251: Fixed infinite loop on specially crafted POST request bsc1223726. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you ca...
Security update for python-aiohttp
This update for python-aiohttp fixes the following issues: CVE-2024-30251: Fixed infinite loop on specially crafted POST request bsc1223726. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you ca...
Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issues: CVE-2024-50336: Fixed insufficient MXC URI validation which could allow client-side path traversal bsc1234413 Other fixes: - Updated to Mozilla Thunderbird 128.5.2i bsc1234413: fixed: Large virtual folders could be very slow fixed:...
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 128.5.1 ESR bsc1234326: - Fixed an issue that prevented some websites from loading when using SSL Inspection. bmo1933747 Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for docker
This update for docker fixes the following issues: Update docker-buildx to v0.19.2. See upstream changelog online at . Some notable changelogs from the last update: Add a new toggle file /etc/docker/suse-secrets-enable which allows users to disable the SUSEConnect integration with Docker which...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-53095: smb: client: Fix use-after-free of network namespace bsc1233642. CVE-2023-52778: mptcp: deal with large GSO size bsc1224948. CVE-2023-52920: bpf: suppo...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-52524: net: nfc: llcp: Add lock when modifying device list bsc1220927. CVE-2024-49925: fbdev: efifb: Register sysfs groups through driver core bsc1232224...