5111 matches found
Security update for xen
This update for xen fixes the following issues: Security issues fixed: CVE-2024-45818: xen: Deadlock in x86 HVM standard VGA handling bsc1232622 CVE-2024-45819: xen: libxl leaks data to PVH guests via ACPI tables bsc1232624 CVE-2024-45817: xen: x86: Deadlock in vlapicerror bsc1230366 Non-security...
Security update for postgresql, postgresql16, postgresql17
This update for postgresql, postgresql16, postgresql17 fixes the following issues: This update ships postgresql17 , and fixes security issues with postgresql16: bsc1230423: Relax the dependency of extensions on the server version from exact major.minor to greater or equal, after Tom Lane confirme...
Security update for javapackages-tools, xmlgraphics-batik, xmlgraphics-commons, xmlgraphics-fop
This update for javapackages-tools, xmlgraphics-batik, xmlgraphics-commons, xmlgraphics-fop fixes the following issues: xmlgraphics-fop was updated from version 2.8 to 2.10: Security issues fixed: CVE-2024-28168: Fixed improper restriction of XML External Entity XXE reference bsc1231428 Upstream...
Security update for ucode-intel
This update for ucode-intel fixes the following issues: Intel CPU Microcode was updated to the 20241112 release bsc1233313 CVE-2024-21853: Faulty finite state machines FSMs in the hardware logic in some 4th and 5th Generation Intel Xeon Processors may allow an authorized user to potentially enabl...
Security update for postgresql, postgresql16, postgresql17
This update for postgresql, postgresql16, postgresql17 fixes the following issues: This update ships postgresql17 , and fixes security issues with postgresql16: bsc1230423: Relax the dependency of extensions on the server version from exact major.minor to greater or equal, after Tom Lane confirme...
Security update for glib2
This update for glib2 fixes the following issues: CVE-2024-52533: Fixed a single byte buffer overflow bsc1233282. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed fo...
Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issues: Mozilla Thunderbird 128.4.3 fixed: Folder corruption could cause Thunderbird to freeze and become unusable fixed: Message corruption could be propagated when reading mbox fixed: Folder compaction was not abandoned on shutdown fixed:...
Security update for govulncheck-vulndb
This update for govulncheck-vulndb fixes the following issues: Update to version 0.0.20241112T145010 2024-11-12T14:50:10Z. Refs jscPED-11136 Go CVE Numbering Authority IDs added or updated with aliases: GO-2024-3250 CVE-2024-51744 GHSA-29wx-vh33-7x7r Update to version 0.0.20241108T172500...
Security update for the Linux Kernel
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2021-47589: igbvf: fix double free in igbvfprobe bsc1226557. CVE-2024-35937: wifi: cfg80211: check A-MSDU format more carefully bsc1224526. CVE-2024-47674: mm: avo...
Security update for bea-stax, xstream
This update for bea-stax, xstream fixes the following issues: CVE-2024-47072: Fixed possible remote denial-of-service via a stack overflow bsc1233085. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for httpcomponents-client, httpcomponents-core
This update for httpcomponents-client, httpcomponents-core fixes the following issues: httpcomponents-client: - Update to version 4.5.14 HTTPCLIENT-2206: Corrected resource de-allocation by fluent response objects. HTTPCLIENT-2174: URIBuilder to return a new empty list instead of unmodifiable...
Security update for expat
This update for expat fixes the following issues: CVE-2024-50602: Fixed a denial of service via XMLResumeParser bsc1232579. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command...
Security update for SUSE Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Security fixes on Python 3.11 interpreter: CVE-2024-7592: Fixed quadratic complexity in parsing -quoted cookie values with backslashes bsc1229873, bsc1230059 CVE-2024-8088: Prevent malformed payload to cause infinite loops in zipfile.Path...
Security update for SUSE Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Security fixes on Python 3.11 interpreter: CVE-2024-7592: Fixed quadratic complexity in parsing -quoted cookie values with backslashes bsc1229873, bsc1230059 CVE-2024-8088: Prevent malformed payload to cause infinite loops in zipfile.Path...
Security update for SUSE Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Security fixes on Python 3.11 interpreter: CVE-2024-7592: Fixed quadratic complexity in parsing -quoted cookie values with backslashes bsc1229873, bsc1230059 CVE-2024-8088: Prevent malformed payload to cause infinite loops in zipfile.Path...
Security update for SUSE Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Security fixes on Python 3.11 interpreter: CVE-2024-7592: Fixed quadratic complexity in parsing -quoted cookie values with backslashes bsc1229873, bsc1230059 CVE-2024-8088: Prevent malformed payload to cause infinite loops in zipfile.Path...
Security update for SUSE Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Security fixes on Python 3.11 interpreter: CVE-2024-7592: Fixed quadratic complexity in parsing -quoted cookie values with backslashes bsc1229873, bsc1230059 CVE-2024-8088: Prevent malformed payload to cause infinite loops in zipfile.Path...
Security update for SUSE Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Security fixes on Python 3.11 interpreter: CVE-2024-7592: Fixed quadratic complexity in parsing -quoted cookie values with backslashes bsc1229873, bsc1230059 CVE-2024-8088: Prevent malformed payload to cause infinite loops in zipfile.Path...
Security update for SUSE Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Security fixes on Python 3.11 interpreter: CVE-2024-7592: Fixed quadratic complexity in parsing -quoted cookie values with backslashes bsc1229873, bsc1230059 CVE-2024-8088: Prevent malformed payload to cause infinite loops in zipfile.Path...
Security update for SUSE Manager Client Tools
This update fixes the following issues: golang-github-lusitaniae-apacheexporter was updated from version 1.0.1 to 1.0.8: Security issues fixed: CVE-2023-3978: Fixed security bug in x/net dependency in version 1.0.2 bsc1213933 Bugs fixed: Require Go 1.20 when building for RedHat derivatives Versio...
Security update for SUSE Manager Client Tools
This update fixes the following issues: golang-github-lusitaniae-apacheexporter: Security issues fixed: CVE-2023-3978: Fixed security bug in x/net dependency bsc1213933 Other changes and issues fixed: Delete unpackaged debug files for RHEL Do not include source files in the package for RHEL 9...
Security update for SUSE Manager Client Tools
This update fixes the following issues: golang-github-lusitaniae-apacheexporter: Security issues fixed: CVE-2023-3978: Fixed security bug in x/net dependency bsc1213933 Other changes and issues fixed: Delete unpackaged debug files for RHEL Do not include source files in the package for RHEL 9...
Maintenance update for SUSE Manager 5.0: Server, Proxy and Retail Branch Server
Description: This update fixes the following issues: proxy-httpd-image: Version 5.0.8 Store Proxy FQDN in rhn.conf for auth token use bsc1230255 proxy-salt-broker-image: Version 5.0.8 Update for next release proxy-squid-image: Version 5.0.8 Update for next release proxy-ssh-image: Version 5.0.8...
Maintenance update for SUSE Manager 4.3 Release Notes
Description: This update fixes the following issues: release-notes-susemanager-proxy: Update to SUSE Manager 4.3.14 Bugs mentioned: bsc1217003, bsc1221505, bsc1225619, bsc1225960, bsc1226917 bsc1227606, bsc1228036, bsc1228345, bsc1228851, bsc1229079 bsc1229260, bsc1229339 Security update for SUSE...
Maintenance update for SUSE Manager 4.3: Server, Proxy and Retail Branch Server
Description: This update fixes the following issues: mgr-daemon: Version 4.3.11-0 Update translation strings spacecmd: Version 4.3.29-0 Speed up softwarechannelremovepackages bsc1227606 spacewalk-backend: Version 4.3.30-0 Make ISSv1 timezone independent bsc1221505 reposync: introduce timeout when...
Security update for apache2
This update for apache2 fixes the following issues: CVE-2023-45802: Fixed regression with previous fix bsc1233165. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed f...
Security update for glib2
This update for glib2 fixes the following issues: CVE-2024-52533: Fixed a single byte buffer overflow bsc1233282. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed fo...
Security update for python3-wxPython
This update for python3-wxPython fixes the following issues: CVE-2024-50602: Fixed a denial of service in the vendored libexpat's XMLResumeParser function bsc1232590. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for ucode-intel
This update for ucode-intel fixes the following issues: Intel CPU Microcode was updated to the 20241112 release bsc1233313 CVE-2024-21853: Faulty finite state machines FSMs in the hardware logic in some 4th and 5th Generation Intel Xeon Processors may allow an authorized user to potentially enabl...
Security update for buildah
This update for buildah fixes the following issues: CVE-2024-9676: Fixed github.com/containers/storage: symlink traversal vulnerability in the containers/storage library can cause Denial of Service DoS bsc1231698: CVE-2024-9675: VUL-0: CVE-2024-9675: buildah,podman: buildah: cache arbitrary...
Security update for java-1_8_0-openjdk
This update for java-180-openjdk fixes the following issues: Update to version jdk8u432 icedtea-3.33.0: CVE-2024-21208: Enhance HTTP client bsc1231702. CVE-2024-21210: Improve handling of vectorization bsc1231711. CVE-2024-21217: Improve deserialization support bsc1231716. CVE-2024-21235: Improve...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-36244: net/sched: taprio: extend minimum interval restriction to entire cycle too bsc1226797. CVE-2024-41031: mm/filemap: skip to create PMD-sized page cac...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-48879: efi: fix NULL-deref in init error path bsc1229556. CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1231893. CVE-2022-48957: dpaa2-switc...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-36244: net/sched: taprio: extend minimum interval restriction to entire cycle too bsc1226797. CVE-2024-41031: mm/filemap: skip to create PMD-sized page...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-48879: efi: fix NULL-deref in init error path bsc1229556. CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1231893. CVE-2022-48957:...
Security update for xen
This update for xen fixes the following issues: Security issues fixed: CVE-2024-45818: xen: Deadlock in x86 HVM standard VGA handling bsc1232622 CVE-2024-45819: xen: libxl leaks data to PVH guests via ACPI tables bsc1232624 CVE-2024-45817: xen: x86: Deadlock in vlapicerror bsc1230366 Non-security...
Security update for xen
This update for xen fixes the following issues: Security issues fixed: CVE-2024-45818: xen: Deadlock in x86 HVM standard VGA handling bsc1232622 CVE-2024-45819: xen: libxl leaks data to PVH guests via ACPI tables bsc1232624 Non-security issue fixed: Xen host hung at boot up with repeated "XEN API...
Security update for xen
This update for xen fixes the following issues: CVE-2024-45818: Fixed deadlock in x86 HVM standard VGA handling XSA-463 bsc1232622. CVE-2024-45819: Fixed libxl data leaks to PVH guests via ACPI tables XSA-464 bsc1232624. Bug fixes: Remove usage of net-tools-deprecated from supportconfig plugin...
Security update for pcp
This update for pcp fixes the following issues: pcp was updated from version 3.11.9 to version 6.2.0 jscPED-8192, jscPED-8389: Security issues fixed: CVE-2024-45770: Fixed a symlink attack that allows escalating from the pcp to the root user bsc1230552 CVE-2024-45769: Fixed a heap corruption...
Security update for expat
This update for expat fixes the following issues: CVE-2024-50602: Fixed a denial of service via XMLResumeParser bsc1232579. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command...
Security update for expat
This update for expat fixes the following issues: CVE-2024-50602: Fixed a denial of service via XMLResumeParser bsc1232579. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command...
Security update for python-wxPython
This update for python-wxPython fixes the following issues: Security issue fixed: CVE-2024-50602: Fixed a denial of service in the vendored libexpat's XMLResumeParser function bsc1232590. Non-security issues fixed: rebuilt for python 3.11 bsc1228252. add repack script, do not include packaging/ d...
Security update for java-17-openjdk
This update for java-17-openjdk fixes the following issues: Update to upstream tag jdk-17.0.13+11 October 2024 CPU Security fixes JDK-8307383: Enhance DTLS connections JDK-8290367, JDK-8332643: Update default value and extend the scope of com.sun.jndi.ldap.object.trustSerialData system property...
Security update for apache2
This update for apache2 fixes the following issues: CVE-2023-45802: HTTP/2 stream memory not reclaimed right away on RST bsc1216423. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run th...
Security update for apache2
This update for apache2 fixes the following issues: CVE-2023-45802: HTTP/2 stream memory not reclaimed right away on RST bsc1216423. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run th...
Security update for libheif
This update for libheif fixes the following issues: CVE-2024-41311: Fixed out-of-bounds read and write in ImageOverlay:parse due to decoding a heif file containing an overlay image with forged offsets bsc1231714. Patch Instructions: To install this SUSE update use the SUSE recommended installatio...
Security update for python312
This update for python312 fixes the following issues: CVE-2024-9287: Fixed quoted path names provided when creating a virtual environment bsc1232241. Bug fixes: Drop .pyc files from docdir for reproducible builds bsc1230906. Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for python311
This update for python311 fixes the following issues: CVE-2024-9287: Fixed quoted path names provided when creating a virtual environment bsc1232241. Bug fixes: Drop .pyc files from docdir for reproducible builds bsc1230906. Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for python311
This update for python311 fixes the following issues: CVE-2024-9287: Fixed quoted path names provided when creating a virtual environment bsc1232241. Bug fixes: Drop .pyc files from docdir for reproducible builds bsc1230906. Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for java-21-openjdk
This update for java-21-openjdk fixes the following issues: Update to upstream tag jdk-21.0.5+13 October 2024 CPU Security fixes JDK-8307383: Enhance DTLS connections JDK-8311208: Improve CDS Support JDK-8328286, CVE-2024-21208, bsc1231702: Enhance HTTP client JDK-8328544, CVE-2024-21210,...