5373 matches found
Security update for liboqs, oqs-provider
This update for liboqs, oqs-provider fixes the following issues: This update supplies the new FIPS standardized ML-KEM, ML-DSA, SHL-DSA algorithms. This update liboqs to 0.12.0: This release updates the ML-DSA implementation to the final FIPS 204 version. This release still includes the NIST Roun...
Security update for grpc
This update for grpc fixes the following issues: CVE-2024-7246: HPACK table poisoning by gRPC clients communicating with a HTTP/2 proxy. bsc1228919 CVE-2024-11407: data corruption on servers with transmit zero copy enabled. bsc1233821 Patch Instructions: To install this SUSE update use the SUSE...
Security update for poppler
This update for poppler fixes the following issues: CVE-2024-56378: out-of-bounds read within JBIG2Bitmap::combine, which can lead to an application crash. bsc1234795 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for govulncheck-vulndb
This update for govulncheck-vulndb fixes the following issues: Update to version 0.0.20241218T202206 2024-12-18T20:22:06Z. jscPED-11136 Go CVE Numbering Authority IDs added or updated with aliases: GO-2024-3333 Update to version 0.0.20241218T163557 2024-12-18T16:35:57Z. jscPED-11136 Go CVE...
Security update for poppler
This update for poppler fixes the following issues: CVE-2024-56378: Fixed out-of-bounds read vulnerability within the JBIG2Bitmap::combine function in JBIG2Stream.cc bsc1234795 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for python-grpcio
This update for python-grpcio fixes the following issues: CVE-2024-11407: data corruption on servers with transmit zero copy enabled. bsc1233821 CVE-2024-7246: HPACK table poisoning by gRPC clients communicating with a HTTP/2 proxy. bsc1228919 Patch Instructions: To install this SUSE update use t...
Security update for python-grpcio
This update for python-grpcio fixes the following issues: CVE-2024-11407: data corruption on servers with transmit zero copy enabled. bsc1233821 CVE-2024-7246: HPACK table poisoning by gRPC clients communicating with a HTTP/2 proxy. bsc1228919 Patch Instructions: To install this SUSE update use t...
Security update for poppler
This update for poppler fixes the following issues: CVE-2024-56378: Fixed out-of-bounds read vulnerability within the JBIG2Bitmap::combine function in JBIG2Stream.cc bsc1234795 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for poppler
This update for poppler fixes the following issues: CVE-2024-56378: out-of-bounds read within JBIG2Bitmap::combine, which can lead to an application crash. bsc1234795 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for poppler
This update for poppler fixes the following issues: CVE-2024-56378: Fixed out-of-bounds read vulnerability within the JBIG2Bitmap::combine function in JBIG2Stream.cc bsc1234795 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for vhostmd
This update for vhostmd fixes the following issues: Updated to version 1.2 Fix actions using the 'free' command Fix buffer accounting when generating metric XML Change actions to retrieve vendor and product info Add a 'unit' attribute to the metrics element vif-stats.py: convert to Python3 conf:...
Security update for gdb
This update for gdb fixes the following issues: Mention changes in GDB 14: GDB now supports the AArch64 Scalable Matrix Extension 2 SME2, which includes a new 512 bit lookup table register named ZT0. GDB now supports the AArch64 Scalable Matrix Extension SME, which includes a new matrix register...
Security update for gdb
This update for gdb fixes the following issues: Mention changes in GDB 14: GDB now supports the AArch64 Scalable Matrix Extension 2 SME2, which includes a new 512 bit lookup table register named ZT0. GDB now supports the AArch64 Scalable Matrix Extension SME, which includes a new matrix register...
Security update for mozjs78
This update for mozjs78 fixes the following issues: CVE-2024-50602: Fixed DoS via XMLResumeParser bsc1232599 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for you...
Security update for mozjs115
This update for mozjs115 fixes the following issues: CVE-2024-11498: Fixed resource exhaustion via Stack overflow in libjxl bsc1233786 CVE-2024-11403: Fixed out of Bounds Memory Read/Write in libjxl bsc1233766 CVE-2024-50602: Fixed DoS via XMLResumeParser in libexpat bsc1232602 Patch Instructions...
Recommended update for vim
This update for vim fixes the following issues: CVE-2024-47814: Fixed use-after-free when closing buffers in Vim bsc1231373 CVE-2024-43374: Fixed use-after-free in alistadd bsc1229238 Other fixes: Remove patch that introduced a bug caused significantly more CPU usage bsc1220618 Updated to version...
Security update for aalto-xml, flatten-maven-plugin, jctools, moditect, netty, netty-tcnative
This update for aalto-xml, flatten-maven-plugin, jctools, moditect, netty, netty-tcnative fixes the following issues: CVE-2024-47535: Fixed unsafe reading of large environment files when Netty is loaded by a java application can lead to a crash due to the JVM memory limit being exceeded in netty...
Security update for grpc
This update for grpc fixes the following issues: CVE-2024-7246: HPACK table poisoning by gRPC clients communicating with a HTTP/2 proxy. bsc1228919 CVE-2024-11407: data corruption on servers with transmit zero copy enabled. bsc1233821 Patch Instructions: To install this SUSE update use the SUSE...
Security update for grpc
This update for grpc fixes the following issues: CVE-2024-7246: HPACK table poisoning by gRPC clients communicating with a HTTP/2 proxy. bsc1228919 CVE-2024-11407: data corruption on servers with transmit zero copy enabled. bsc1233821 Patch Instructions: To install this SUSE update use the SUSE...
Security update for the Linux Kernel
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-49995: tipc: guard against string buffer overrun bsc1232432. CVE-2024-50290: media: cx24116: prevent overflows on SNR calculus bsc1233479. CVE-2024-53063:...
Security update for python-aiohttp
This update for python-aiohttp fixes the following issues: CVE-2024-27306: filenames and paths not escaped when generating index pages for static file handling. bsc1223098 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypp...
Security update for python-grpcio
This update for python-grpcio fixes the following issues: CVE-2024-11407: data corruption on servers with transmit zero copy enabled. bsc1233821 CVE-2024-7246: HPACK table poisoning by gRPC clients communicating with a HTTP/2 proxy. bsc1228919 Patch Instructions: To install this SUSE update use t...
Security update for emacs
This update for emacs fixes the following issues: CVE-2024-53920: Fixed arbitrary code execution via Lisp macro expansion bsc1233894 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run th...
Security update for haproxy
This update for haproxy fixes the following issues: CVE-2024-53008: Fixed HTTP/3 request smuggling via malformed HTTP headers forwarded to a HTTP/1.1 non-compliant back-end server bsc1233973 Other fixes: Update to version 2.8.11 Patch Instructions: To install this SUSE update use the SUSE...
Security update for sudo
This update for sudo fixes the following issues: CVE-2021-3156: Fixed regression in CVE bsc1234371 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product:...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-52524: Fixed possible corruption in nfc/llcp bsc1220927. CVE-2024-49925: fbdev: efifb: Register sysfs groups through driver core bsc1232224 CVE-2024-50089:...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 Confidential Computing kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-52778: mptcp: deal with large GSO size bsc1224948. CVE-2023-52920: bpf: support non-r10 register spill/fill to/from stack in precision...
Security update for avahi
This update for avahi fixes the following issues: CVE-2024-52616: Fixed Avahi Wide-Area DNS Predictable Transaction IDs bsc1233420 Other fixes: - no longer supply bogus services to callbacks bsc1226586. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods...
Security update for curl
This update for curl fixes the following issues: CVE-2024-9681: Fixed HSTS subdomain overwrites parent cache entry bsc1232528 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the comma...
Security update for glib2
This update for glib2 fixes the following issues: CVE-2024-52533: Fixed a single byte buffer overflow bsc1233282. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed fo...
Security update for curl
This update for curl fixes the following issues: CVE-2024-11053: Fixed password leak in curl used for the first host to the followed-to host under certain circumstances bsc1234068 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate ...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2021-47594: mptcp: never allow the PM to close a listener subflow bsc1226560. CVE-2022-48983: iouring: Fix a null-ptr-deref in iotctxexitcb bsc1231959...
Security update for the Linux Kernel
The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-48853: swiotlb: fix info leak with DMAFROMDEVICE bsc1228015. CVE-2024-26801: Bluetooth: Avoid potential use-after-free in hcierrorreset bsc1222413...
Security update for subversion
This update for subversion fixes the following issues: CVE-2024-46901: Fixed denial-of-service via control characters in paths in moddavsvn bsc1234317 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for libsoup
This update for libsoup fixes the following issues: CVE-2024-52530: Fixed HTTP request smuggling via stripping null bytes from the ends of header names bsc1233285 CVE-2024-52531: Fixed buffer overflow via UTF-8 conversion in soupheaderparseparamliststrict bsc1233292 CVE-2024-52532: Fixed infinite...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2021-47594: mptcp: never allow the PM to close a listener subflow bsc1226560. CVE-2022-48879: efi: fix NULL-deref in init error path bsc1229556. CVE-2022-48956:...
Security update for docker
This update for docker fixes the following issues: Update docker-buildx to v0.19.2. See upstream changelog online at . Some notable changelogs from the last update: Add a new toggle file /etc/docker/suse-secrets-enable which allows users to disable the SUSEConnect integration with Docker which...
Security update for curl
This update for curl fixes the following issues: CVE-2024-11053: Fixed password leak in curl used for the first host to the followed-to host under certain circumstances bsc1234068 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate ...
Security update for python-urllib3_1
This update for python-urllib31 fixes the following issues: CVE-2024-37891: Fixed proxy-authorization request header not stripped during cross-origin redirects bsc1226469 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zyppe...
Security update for ovmf
This update for ovmf fixes the following issues: CVE-2024-1298: MdeModulePkg: Potential UINT32 overflow in S3 ResumeCount bsc1225889 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run th...
Security update for libsoup
This update for libsoup fixes the following issues: CVE-2024-52530: Fixed HTTP request smuggling via stripping null bytes from the ends of header names bsc1233285 CVE-2024-52531: Fixed buffer overflow via UTF-8 conversion in soupheaderparseparamliststrict bsc1233292 CVE-2024-52532: Fixed infinite...
Security update for libsoup
This update for libsoup fixes the following issues: CVE-2024-52530: Fixed HTTP request smuggling via stripping null bytes from the ends of header names bsc1233285 CVE-2024-52531: Fixed buffer overflow via UTF-8 conversion in soupheaderparseparamliststrict bsc1233292 CVE-2024-52532: Fixed infinite...
Security update for installation-images
This update updates installation-images and tftpboot images to contain the latest shim for secure boot. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your...
Security update for installation-images
This update updates installation-images and tftpboot images to contain the latest shim for secure boot. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your...
Security update for libsoup2
This update for libsoup2 fixes the following issues: CVE-2024-52530: Fixed HTTP request smuggling via stripping null bytes from the ends of header names bsc1233285 CVE-2024-52531: Fixed buffer overflow via UTF-8 conversion in soupheaderparseparamliststrict bsc1233292 CVE-2024-52532: Fixed infinit...
Security update for socat
This update for socat fixes the following issues: CVE-2024-54661: Fixed arbitrary file overwrite via predictable /tmp directory bsc1225462 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can...
Security update for installation-images
This update updates installation-images and tftpboot images to contain the latest shim for secure boot. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-26782: mptcp: fix double-free on socket dismantle bsc1222590. CVE-2024-44932: idpf: fix UAFs when destroying the queues bsc1229808. CVE-2024-44964: idpf: fix...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-26782: mptcp: fix double-free on socket dismantle bsc1222590. CVE-2024-43854: Initialize integrity buffer to zero before writing it to media bsc1229345...
Security update for libaom, libyuv
This update for libaom, libyuv fixes the following issues: libaom was updated to version 3.7.1: Bug Fixes: aomedia:3349: heap overflow when increasing resolution aomedia:3478: GCC 12.2.0 emits a -Wstringop-overflow warning on aom/av1/encoder/motionsearchfacade.c aomedia:3489: Detect encoder and...