SUSE-IU-2026:3239-1: Security update of sles-15-sp5-chost-byos-v20260507-arm64
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Sat May 9 07:05:38 UTC 2026
SUSE Image Update Advisory: sles-15-sp5-chost-byos-v20260507-arm64
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2026:3239-1
Image Tags : sles-15-sp5-chost-byos-v20260507-arm64:20260507
Image Release :
Severity : important
Type : security
References : 1001888 1006827 1027519 1029961 1065729 1065729 1098094 1098228
1170554 1192862 1193629 1194869 1196823 1198323 1204957 1205128
1205567 1206451 1206798 1206843 1206843 1206889 1206893 1207051
1207088 1207315 1207611 1207612 1207619 1207620 1207622 1207636
1207644 1207646 1207652 1207653 1208570 1208758 1209799 1209980
1210644 1210763 1210817 1210943 1211162 1211690 1211692 1213025
1213032 1213093 1213098 1213105 1213110 1213111 1213114 1213653
1213747 1213747 1213867 1214635 1214754 1214940 1214954 1214962
1214986 1214990 1214992 1215148 1215492 1216062 1217366 1220137
1220144 1222323 1222465 1223007 1224138 1224573 1225049 1225832
1226797 1226846 1228015 1229003 1229655 1229750 1230861 1232351
1232526 1233038 1233640 1233640 1233655 1234736 1235038 1235905
1236104 1236104 1236208 1237236 1237240 1237241 1237242 1237563
1237885 1237906 1238414 1238491 1238754 1238763 1238917 1239119
1239439 1239566 1239938 1240788 1240871 1241002 1241284 1242960
1243794 1243991 1244003 1244011 1244050 1244550 1244758 1244904
1244937 1245110 1245199 1245210 1245498 1245499 1245667 1245723
1245751 1246011 1246025 1246057 1246211 1246399 1246544 1246602
1246965 1246974 1247177 1247317 1247432 1247483 1247850 1247858
1248306 1248377 1248586 1248600 1248754 1248807 1248816 1249055
1249156 1249158 1249375 1249479 1249608 1249657 1249806 1249827
1249857 1249859 1249871 1249988 1250224 1250237 1250553 1250593
1250742 1250816 1250946 1251027 1251032 1251034 1251035 1251037
1251040 1251043 1251045 1251046 1251047 1251052 1251054 1251057
1251059 1251060 1251061 1251063 1251065 1251066 1251068 1251072
1251079 1251080 1251082 1251086 1251087 1251088 1251091 1251092
1251093 1251097 1251099 1251101 1251104 1251105 1251106 1251110
1251113 1251115 1251123 1251128 1251129 1251133 1251136 1251147
1251149 1251153 1251154 1251159 1251162 1251164 1251166 1251167
1251169 1251170 1251173 1251174 1251178 1251180 1251182 1251197
1251198 1251199 1251200 1251201 1251202 1251208 1251210 1251215
1251218 1251221 1251222 1251223 1251230 1251247 1251268 1251271
1251281 1251282 1251283 1251284 1251285 1251286 1251292 1251294
1251295 1251296 1251298 1251299 1251300 1251301 1251302 1251303
1251305 1251306 1251307 1251310 1251312 1251315 1251322 1251324
1251325 1251326 1251327 1251329 1251330 1251331 1251519 1251521
1251522 1251527 1251529 1251550 1251723 1251725 1251728 1251730
1251736 1251737 1251738 1251741 1251743 1251750 1251753 1251759
1251761 1251762 1251763 1251764 1251767 1251769 1251772 1251775
1251777 1251785 1251786 1251823 1251930 1251967 1252033 1252033
1252035 1252046 1252047 1252060 1252069 1252110 1252148 1252232
1252232 1252265 1252267 1252318 1252338 1252379 1252380 1252473
1252474 1252475 1252476 1252480 1252484 1252486 1252489 1252490
1252492 1252494 1252495 1252497 1252499 1252501 1252508 1252509
1252513 1252515 1252516 1252519 1252521 1252522 1252523 1252526
1252528 1252529 1252532 1252534 1252535 1252536 1252537 1252538
1252539 1252542 1252545 1252549 1252554 1252560 1252564 1252565
1252568 1252632 1252634 1252678 1252688 1252692 1252780 1252785
1252785 1252862 1252893 1252931 1252932 1252933 1252934 1252935
1252974 1253028 1253043 1253087 1253126 1253132 1253223 1253367
1253409 1253409 1253431 1253436 1253702 1253741 1253757 1254132
1254157 1254158 1254159 1254160 1254180 1254297 1254362 1254392
1254400 1254401 1254425 1254447 1254462 1254463 1254464 1254465
1254480 1254520 1254559 1254562 1254572 1254578 1254580 1254592
1254601 1254608 1254609 1254614 1254615 1254617 1254623 1254625
1254626 1254631 1254632 1254634 1254644 1254645 1254649 1254651
1254653 1254656 1254658 1254660 1254662 1254664 1254666 1254670
1254670 1254671 1254674 1254676 1254677 1254681 1254684 1254685
1254686 1254690 1254692 1254694 1254696 1254698 1254699 1254704
1254706 1254709 1254710 1254711 1254712 1254713 1254714 1254716
1254723 1254725 1254728 1254729 1254743 1254745 1254751 1254753
1254754 1254756 1254759 1254763 1254767 1254775 1254780 1254781
1254782 1254783 1254785 1254786 1254788 1254789 1254792 1254813
1254842 1254843 1254847 1254851 1254878 1254894 1254902 1254910
1254911 1254915 1254916 1254917 1254920 1254922 1254958 1254959
1254974 1254979 1254986 1254994 1254997 1255002 1255005 1255007
1255049 1255060 1255075 1255107 1255163 1255165 1255171 1255245
1255251 1255377 1255401 1255467 1255469 1255521 1255528 1255532
1255546 1255549 1255554 1255555 1255558 1255560 1255561 1255562
1255565 1255574 1255576 1255578 1255582 1255594 1255596 1255600
1255605 1255607 1255608 1255609 1255618 1255619 1255620 1255623
1255624 1255626 1255627 1255628 1255635 1255636 1255688 1255690
1255697 1255702 1255704 1255715 1255731 1255732 1255733 1255734
1255745 1255747 1255749 1255750 1255757 1255758 1255760 1255761
1255762 1255763 1255765 1255769 1255771 1255773 1255780 1255786
1255787 1255789 1255790 1255791 1255792 1255796 1255797 1255800
1255801 1255802 1255803 1255804 1255806 1255808 1255819 1255839
1255841 1255843 1255844 1255872 1255875 1255876 1255877 1255878
1255880 1255881 1255888 1255889 1255890 1255899 1255901 1255902
1255905 1255906 1255908 1255909 1255910 1255912 1255916 1255919
1255920 1255922 1255924 1255925 1255939 1255946 1255950 1255953
1255954 1255955 1255962 1255964 1255968 1255969 1255970 1255971
1255974 1255978 1255979 1255983 1255985 1255990 1255993 1255994
1255996 1255998 1256034 1256040 1256042 1256045 1256046 1256048
1256049 1256050 1256053 1256056 1256057 1256062 1256063 1256064
1256065 1256071 1256074 1256081 1256084 1256086 1256088 1256091
1256093 1256095 1256099 1256101 1256103 1256105 1256106 1256111
1256112 1256114 1256115 1256118 1256119 1256121 1256122 1256124
1256125 1256126 1256127 1256128 1256130 1256131 1256132 1256133
1256136 1256137 1256140 1256141 1256142 1256143 1256144 1256145
1256149 1256150 1256152 1256154 1256155 1256157 1256158 1256162
1256164 1256165 1256166 1256167 1256172 1256173 1256174 1256177
1256178 1256179 1256182 1256184 1256185 1256186 1256188 1256189
1256191 1256192 1256193 1256194 1256196 1256198 1256199 1256200
1256202 1256203 1256204 1256205 1256206 1256207 1256208 1256211
1256214 1256215 1256216 1256218 1256219 1256220 1256221 1256223
1256228 1256230 1256231 1256235 1256239 1256241 1256242 1256244
1256245 1256246 1256248 1256250 1256254 1256260 1256265 1256269
1256271 1256274 1256282 1256285 1256291 1256294 1256295 1256300
1256302 1256306 1256309 1256317 1256320 1256323 1256326 1256328
1256333 1256334 1256335 1256337 1256338 1256341 1256344 1256346
1256349 1256352 1256353 1256355 1256358 1256359 1256363 1256364
1256368 1256370 1256375 1256381 1256382 1256383 1256384 1256386
1256388 1256389 1256390 1256391 1256394 1256395 1256396 1256397
1256398 1256423 1256426 1256432 1256498 1256499 1256500 1256525
1256526 1256582 1256612 1256623 1256641 1256645 1256675 1256709
1256726 1256744 1256745 1256747 1256766 1256779 1256792 1256805
1256807 1256808 1256809 1256811 1256812 1256822 1256834 1256835
1256836 1256837 1256838 1256839 1256840 1256906 1257005 1257029
1257031 1257041 1257042 1257044 1257046 1257049 1257144 1257181
1257231 1257232 1257236 1257296 1257364 1257365 1257463 1257473
1257473 1257496 1257593 1257594 1257595 1257667 1257732 1257735
1257749 1257773 1257790 1257825 1257960 1258002 1258020 1258022
1258045 1258049 1258054 1258080 1258081 1258229 1258340 1258392
1258395 1258406 1258518 1258730 1258849 1258850 1258859 1259051
1259247 1259362 1259362 1259363 1259364 1259365 1259377 1259418
1259543 1259611 1259619 1259650 1259697 1259711 1259726 1259729
1259734 1259735 1259797 1259845 1259857 1259924 1259985 1259989
1260005 1260009 1260026 1260347 1260441 1260442 1260443 1260444
1260562 1260754 1260805 1261155 1261191 1261271 1261274 1261420
1261678 1261809 1261969 1261970 1262098 1262144 1262178 1262180
1262319 1262428 1262573 1262631 1262632 1262635 1262636 1262638
1262654 510058 529469 837347 CVE-2022-0854 CVE-2022-43945 CVE-2022-48853
CVE-2022-49604 CVE-2022-49943 CVE-2022-49980 CVE-2022-50232 CVE-2022-50280
CVE-2022-50327 CVE-2022-50334 CVE-2022-50470 CVE-2022-50471 CVE-2022-50472
CVE-2022-50475 CVE-2022-50478 CVE-2022-50479 CVE-2022-50480 CVE-2022-50482
CVE-2022-50484 CVE-2022-50485 CVE-2022-50487 CVE-2022-50488 CVE-2022-50489
CVE-2022-50490 CVE-2022-50492 CVE-2022-50493 CVE-2022-50494 CVE-2022-50496
CVE-2022-50497 CVE-2022-50498 CVE-2022-50499 CVE-2022-50501 CVE-2022-50503
CVE-2022-50504 CVE-2022-50505 CVE-2022-50509 CVE-2022-50511 CVE-2022-50512
CVE-2022-50513 CVE-2022-50514 CVE-2022-50515 CVE-2022-50516 CVE-2022-50519
CVE-2022-50520 CVE-2022-50521 CVE-2022-50523 CVE-2022-50524 CVE-2022-50525
CVE-2022-50526 CVE-2022-50527 CVE-2022-50528 CVE-2022-50529 CVE-2022-50530
CVE-2022-50532 CVE-2022-50534 CVE-2022-50535 CVE-2022-50537 CVE-2022-50541
CVE-2022-50542 CVE-2022-50543 CVE-2022-50544 CVE-2022-50545 CVE-2022-50546
CVE-2022-50549 CVE-2022-50551 CVE-2022-50553 CVE-2022-50556 CVE-2022-50559
CVE-2022-50560 CVE-2022-50561 CVE-2022-50562 CVE-2022-50563 CVE-2022-50564
CVE-2022-50566 CVE-2022-50567 CVE-2022-50568 CVE-2022-50570 CVE-2022-50572
CVE-2022-50574 CVE-2022-50575 CVE-2022-50576 CVE-2022-50577 CVE-2022-50578
CVE-2022-50579 CVE-2022-50580 CVE-2022-50581 CVE-2022-50582 CVE-2022-50614
CVE-2022-50615 CVE-2022-50617 CVE-2022-50618 CVE-2022-50619 CVE-2022-50621
CVE-2022-50622 CVE-2022-50623 CVE-2022-50625 CVE-2022-50626 CVE-2022-50629
CVE-2022-50630 CVE-2022-50633 CVE-2022-50635 CVE-2022-50636 CVE-2022-50638
CVE-2022-50640 CVE-2022-50641 CVE-2022-50643 CVE-2022-50644 CVE-2022-50646
CVE-2022-50649 CVE-2022-50652 CVE-2022-50653 CVE-2022-50656 CVE-2022-50658
CVE-2022-50660 CVE-2022-50661 CVE-2022-50662 CVE-2022-50664 CVE-2022-50665
CVE-2022-50666 CVE-2022-50667 CVE-2022-50668 CVE-2022-50669 CVE-2022-50670
CVE-2022-50671 CVE-2022-50672 CVE-2022-50673 CVE-2022-50675 CVE-2022-50677
CVE-2022-50678 CVE-2022-50679 CVE-2022-50697 CVE-2022-50698 CVE-2022-50699
CVE-2022-50700 CVE-2022-50701 CVE-2022-50702 CVE-2022-50703 CVE-2022-50704
CVE-2022-50705 CVE-2022-50709 CVE-2022-50710 CVE-2022-50712 CVE-2022-50714
CVE-2022-50715 CVE-2022-50716 CVE-2022-50717 CVE-2022-50718 CVE-2022-50719
CVE-2022-50722 CVE-2022-50723 CVE-2022-50724 CVE-2022-50726 CVE-2022-50727
CVE-2022-50728 CVE-2022-50730 CVE-2022-50731 CVE-2022-50732 CVE-2022-50733
CVE-2022-50735 CVE-2022-50736 CVE-2022-50738 CVE-2022-50740 CVE-2022-50742
CVE-2022-50744 CVE-2022-50745 CVE-2022-50747 CVE-2022-50749 CVE-2022-50750
CVE-2022-50751 CVE-2022-50752 CVE-2022-50754 CVE-2022-50755 CVE-2022-50756
CVE-2022-50757 CVE-2022-50758 CVE-2022-50760 CVE-2022-50761 CVE-2022-50763
CVE-2022-50767 CVE-2022-50768 CVE-2022-50769 CVE-2022-50770 CVE-2022-50773
CVE-2022-50774 CVE-2022-50776 CVE-2022-50777 CVE-2022-50779 CVE-2022-50781
CVE-2022-50782 CVE-2022-50809 CVE-2022-50814 CVE-2022-50818 CVE-2022-50819
CVE-2022-50821 CVE-2022-50822 CVE-2022-50823 CVE-2022-50824 CVE-2022-50826
CVE-2022-50827 CVE-2022-50828 CVE-2022-50829 CVE-2022-50830 CVE-2022-50832
CVE-2022-50833 CVE-2022-50834 CVE-2022-50835 CVE-2022-50836 CVE-2022-50838
CVE-2022-50839 CVE-2022-50840 CVE-2022-50842 CVE-2022-50843 CVE-2022-50844
CVE-2022-50845 CVE-2022-50846 CVE-2022-50847 CVE-2022-50848 CVE-2022-50849
CVE-2022-50850 CVE-2022-50851 CVE-2022-50853 CVE-2022-50856 CVE-2022-50858
CVE-2022-50859 CVE-2022-50860 CVE-2022-50861 CVE-2022-50862 CVE-2022-50864
CVE-2022-50866 CVE-2022-50867 CVE-2022-50868 CVE-2022-50870 CVE-2022-50872
CVE-2022-50873 CVE-2022-50876 CVE-2022-50878 CVE-2022-50880 CVE-2022-50881
CVE-2022-50882 CVE-2022-50883 CVE-2022-50884 CVE-2022-50885 CVE-2022-50886
CVE-2022-50887 CVE-2022-50888 CVE-2022-50889 CVE-2023-23559 CVE-2023-52433
CVE-2023-52874 CVE-2023-52923 CVE-2023-52923 CVE-2023-53178 CVE-2023-53254
CVE-2023-53365 CVE-2023-53407 CVE-2023-53412 CVE-2023-53417 CVE-2023-53418
CVE-2023-53500 CVE-2023-53533 CVE-2023-53534 CVE-2023-53539 CVE-2023-53541
CVE-2023-53542 CVE-2023-53546 CVE-2023-53547 CVE-2023-53548 CVE-2023-53551
CVE-2023-53552 CVE-2023-53553 CVE-2023-53554 CVE-2023-53556 CVE-2023-53557
CVE-2023-53559 CVE-2023-53560 CVE-2023-53562 CVE-2023-53564 CVE-2023-53566
CVE-2023-53567 CVE-2023-53568 CVE-2023-53571 CVE-2023-53572 CVE-2023-53574
CVE-2023-53578 CVE-2023-53579 CVE-2023-53580 CVE-2023-53581 CVE-2023-53582
CVE-2023-53587 CVE-2023-53589 CVE-2023-53591 CVE-2023-53592 CVE-2023-53594
CVE-2023-53597 CVE-2023-53598 CVE-2023-53601 CVE-2023-53603 CVE-2023-53604
CVE-2023-53605 CVE-2023-53607 CVE-2023-53608 CVE-2023-53611 CVE-2023-53612
CVE-2023-53615 CVE-2023-53616 CVE-2023-53617 CVE-2023-53619 CVE-2023-53622
CVE-2023-53625 CVE-2023-53626 CVE-2023-53631 CVE-2023-53637 CVE-2023-53639
CVE-2023-53640 CVE-2023-53641 CVE-2023-53644 CVE-2023-53648 CVE-2023-53650
CVE-2023-53651 CVE-2023-53658 CVE-2023-53659 CVE-2023-53662 CVE-2023-53667
CVE-2023-53668 CVE-2023-53670 CVE-2023-53673 CVE-2023-53674 CVE-2023-53675
CVE-2023-53676 CVE-2023-53679 CVE-2023-53680 CVE-2023-53681 CVE-2023-53683
CVE-2023-53687 CVE-2023-53692 CVE-2023-53693 CVE-2023-53695 CVE-2023-53696
CVE-2023-53697 CVE-2023-53700 CVE-2023-53704 CVE-2023-53705 CVE-2023-53707
CVE-2023-53708 CVE-2023-53709 CVE-2023-53711 CVE-2023-53714 CVE-2023-53715
CVE-2023-53716 CVE-2023-53717 CVE-2023-53718 CVE-2023-53719 CVE-2023-53722
CVE-2023-53723 CVE-2023-53724 CVE-2023-53725 CVE-2023-53726 CVE-2023-53730
CVE-2023-53743 CVE-2023-53744 CVE-2023-53746 CVE-2023-53747 CVE-2023-53751
CVE-2023-53753 CVE-2023-53754 CVE-2023-53755 CVE-2023-53761 CVE-2023-53766
CVE-2023-53769 CVE-2023-53780 CVE-2023-53781 CVE-2023-53783 CVE-2023-53786
CVE-2023-53788 CVE-2023-53792 CVE-2023-53794 CVE-2023-53801 CVE-2023-53802
CVE-2023-53803 CVE-2023-53804 CVE-2023-53806 CVE-2023-53808 CVE-2023-53811
CVE-2023-53814 CVE-2023-53816 CVE-2023-53818 CVE-2023-53819 CVE-2023-53820
CVE-2023-53827 CVE-2023-53828 CVE-2023-53830 CVE-2023-53832 CVE-2023-53833
CVE-2023-53834 CVE-2023-53837 CVE-2023-53840 CVE-2023-53842 CVE-2023-53844
CVE-2023-53845 CVE-2023-53847 CVE-2023-53848 CVE-2023-53849 CVE-2023-53850
CVE-2023-53852 CVE-2023-53858 CVE-2023-53860 CVE-2023-53862 CVE-2023-53864
CVE-2023-53866 CVE-2023-53989 CVE-2023-53990 CVE-2023-53991 CVE-2023-53996
CVE-2023-53998 CVE-2023-54001 CVE-2023-54003 CVE-2023-54007 CVE-2023-54009
CVE-2023-54010 CVE-2023-54014 CVE-2023-54015 CVE-2023-54017 CVE-2023-54018
CVE-2023-54019 CVE-2023-54020 CVE-2023-54021 CVE-2023-54024 CVE-2023-54025
CVE-2023-54026 CVE-2023-54028 CVE-2023-54036 CVE-2023-54039 CVE-2023-54040
CVE-2023-54041 CVE-2023-54042 CVE-2023-54044 CVE-2023-54045 CVE-2023-54046
CVE-2023-54047 CVE-2023-54048 CVE-2023-54049 CVE-2023-54050 CVE-2023-54051
CVE-2023-54053 CVE-2023-54055 CVE-2023-54057 CVE-2023-54058 CVE-2023-54064
CVE-2023-54070 CVE-2023-54072 CVE-2023-54074 CVE-2023-54076 CVE-2023-54078
CVE-2023-54079 CVE-2023-54083 CVE-2023-54084 CVE-2023-54090 CVE-2023-54091
CVE-2023-54092 CVE-2023-54095 CVE-2023-54096 CVE-2023-54097 CVE-2023-54098
CVE-2023-54100 CVE-2023-54102 CVE-2023-54104 CVE-2023-54106 CVE-2023-54107
CVE-2023-54108 CVE-2023-54110 CVE-2023-54111 CVE-2023-54114 CVE-2023-54115
CVE-2023-54116 CVE-2023-54118 CVE-2023-54119 CVE-2023-54120 CVE-2023-54122
CVE-2023-54123 CVE-2023-54126 CVE-2023-54127 CVE-2023-54128 CVE-2023-54130
CVE-2023-54131 CVE-2023-54132 CVE-2023-54134 CVE-2023-54136 CVE-2023-54138
CVE-2023-54140 CVE-2023-54142 CVE-2023-54144 CVE-2023-54146 CVE-2023-54148
CVE-2023-54150 CVE-2023-54153 CVE-2023-54156 CVE-2023-54159 CVE-2023-54164
CVE-2023-54166 CVE-2023-54168 CVE-2023-54169 CVE-2023-54170 CVE-2023-54171
CVE-2023-54173 CVE-2023-54175 CVE-2023-54177 CVE-2023-54179 CVE-2023-54183
CVE-2023-54186 CVE-2023-54189 CVE-2023-54190 CVE-2023-54194 CVE-2023-54197
CVE-2023-54198 CVE-2023-54199 CVE-2023-54201 CVE-2023-54202 CVE-2023-54205
CVE-2023-54208 CVE-2023-54210 CVE-2023-54211 CVE-2023-54213 CVE-2023-54214
CVE-2023-54219 CVE-2023-54226 CVE-2023-54229 CVE-2023-54230 CVE-2023-54234
CVE-2023-54236 CVE-2023-54238 CVE-2023-54242 CVE-2023-54243 CVE-2023-54244
CVE-2023-54245 CVE-2023-54251 CVE-2023-54252 CVE-2023-54254 CVE-2023-54260
CVE-2023-54262 CVE-2023-54264 CVE-2023-54266 CVE-2023-54267 CVE-2023-54269
CVE-2023-54270 CVE-2023-54271 CVE-2023-54274 CVE-2023-54275 CVE-2023-54277
CVE-2023-54280 CVE-2023-54284 CVE-2023-54286 CVE-2023-54287 CVE-2023-54289
CVE-2023-54292 CVE-2023-54293 CVE-2023-54294 CVE-2023-54295 CVE-2023-54298
CVE-2023-54299 CVE-2023-54300 CVE-2023-54301 CVE-2023-54302 CVE-2023-54304
CVE-2023-54305 CVE-2023-54309 CVE-2023-54311 CVE-2023-54315 CVE-2023-54317
CVE-2023-54319 CVE-2023-54320 CVE-2023-54321 CVE-2023-54322 CVE-2023-54325
CVE-2023-54326 CVE-2023-7324 CVE-2024-2312 CVE-2024-25621 CVE-2024-26581
CVE-2024-26661 CVE-2024-26832 CVE-2024-36933 CVE-2024-50143 CVE-2024-53093
CVE-2024-53093 CVE-2024-54031 CVE-2024-56590 CVE-2025-10911 CVE-2025-11468
CVE-2025-11563 CVE-2025-11961 CVE-2025-12084 CVE-2025-13151 CVE-2025-13462
CVE-2025-1352 CVE-2025-13601 CVE-2025-1372 CVE-2025-1376 CVE-2025-1377
CVE-2025-13836 CVE-2025-13837 CVE-2025-14017 CVE-2025-14087 CVE-2025-14104
CVE-2025-14512 CVE-2025-14524 CVE-2025-14819 CVE-2025-14831 CVE-2025-15079
CVE-2025-15224 CVE-2025-15281 CVE-2025-15282 CVE-2025-15366 CVE-2025-15367
CVE-2025-21658 CVE-2025-21738 CVE-2025-21760 CVE-2025-21764 CVE-2025-21765
CVE-2025-21766 CVE-2025-27466 CVE-2025-28162 CVE-2025-28164 CVE-2025-30258
CVE-2025-31133 CVE-2025-31133 CVE-2025-37885 CVE-2025-38068 CVE-2025-38084
CVE-2025-38085 CVE-2025-38129 CVE-2025-38159 CVE-2025-38234 CVE-2025-38375
CVE-2025-38476 CVE-2025-38563 CVE-2025-38565 CVE-2025-38684 CVE-2025-39742
CVE-2025-39797 CVE-2025-39945 CVE-2025-39965 CVE-2025-39967 CVE-2025-39968
CVE-2025-39973 CVE-2025-39977 CVE-2025-39978 CVE-2025-39981 CVE-2025-40018
CVE-2025-40019 CVE-2025-40040 CVE-2025-40044 CVE-2025-40044 CVE-2025-40048
CVE-2025-40121 CVE-2025-40139 CVE-2025-40139 CVE-2025-40154 CVE-2025-40204
CVE-2025-40215 CVE-2025-40220 CVE-2025-40233 CVE-2025-40242 CVE-2025-40256
CVE-2025-40257 CVE-2025-40258 CVE-2025-40277 CVE-2025-40280 CVE-2025-40300
CVE-2025-40331 CVE-2025-40778 CVE-2025-40780 CVE-2025-45582 CVE-2025-52565
CVE-2025-52565 CVE-2025-52881 CVE-2025-52881 CVE-2025-53906 CVE-2025-54505
CVE-2025-54771 CVE-2025-58142 CVE-2025-58143 CVE-2025-58147 CVE-2025-58148
CVE-2025-58149 CVE-2025-58150 CVE-2025-6075 CVE-2025-61661 CVE-2025-61662
CVE-2025-61663 CVE-2025-61664 CVE-2025-61984 CVE-2025-61985 CVE-2025-64329
CVE-2025-64505 CVE-2025-64506 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293
CVE-2025-68160 CVE-2025-68183 CVE-2025-68218 CVE-2025-68276 CVE-2025-68284
CVE-2025-68285 CVE-2025-68312 CVE-2025-68468 CVE-2025-68471 CVE-2025-68732
CVE-2025-68771 CVE-2025-68813 CVE-2025-68818 CVE-2025-68973 CVE-2025-69418
CVE-2025-69419 CVE-2025-69420 CVE-2025-69421 CVE-2025-69720 CVE-2025-7039
CVE-2025-70873 CVE-2025-71066 CVE-2025-71085 CVE-2025-71089 CVE-2025-71112
CVE-2025-71116 CVE-2025-71120 CVE-2025-7709 CVE-2025-7709 CVE-2025-8058
CVE-2025-8114 CVE-2025-8277 CVE-2025-8291 CVE-2025-8732 CVE-2025-9403
CVE-2025-9820 CVE-2026-0672 CVE-2026-0861 CVE-2026-0865 CVE-2026-0915
CVE-2026-0964 CVE-2026-0965 CVE-2026-0966 CVE-2026-0967 CVE-2026-0968
CVE-2026-0988 CVE-2026-0989 CVE-2026-0990 CVE-2026-0992 CVE-2026-1299
CVE-2026-1502 CVE-2026-1519 CVE-2026-1757 CVE-2026-1965 CVE-2026-1965
CVE-2026-22695 CVE-2026-22795 CVE-2026-22796 CVE-2026-22801 CVE-2026-22999
CVE-2026-23001 CVE-2026-23004 CVE-2026-23054 CVE-2026-23060 CVE-2026-23074
CVE-2026-23089 CVE-2026-23103 CVE-2026-23191 CVE-2026-23204 CVE-2026-23209
CVE-2026-23243 CVE-2026-23268 CVE-2026-23269 CVE-2026-23272 CVE-2026-23274
CVE-2026-23317 CVE-2026-23553 CVE-2026-23554 CVE-2026-23557 CVE-2026-23558
CVE-2026-24515 CVE-2026-25210 CVE-2026-25646 CVE-2026-26269 CVE-2026-27135
CVE-2026-27171 CVE-2026-28387 CVE-2026-28388 CVE-2026-28389 CVE-2026-28390
CVE-2026-28417 CVE-2026-29111 CVE-2026-31431 CVE-2026-31789 CVE-2026-3184
CVE-2026-32776 CVE-2026-32777 CVE-2026-32778 CVE-2026-33412 CVE-2026-33416
CVE-2026-3446 CVE-2026-34714 CVE-2026-3479 CVE-2026-34982 CVE-2026-35535
CVE-2026-3644 CVE-2026-3731 CVE-2026-3783 CVE-2026-3784 CVE-2026-3805
CVE-2026-4105 CVE-2026-4224 CVE-2026-4519 CVE-2026-4786 CVE-2026-4873
CVE-2026-4878 CVE-2026-5545 CVE-2026-5958 CVE-2026-6019 CVE-2026-6100
CVE-2026-6253 CVE-2026-6276 CVE-2026-6429
-----------------------------------------------------------------
The container sles-15-sp5-chost-byos-v20260507-arm64 was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:3788-1
Released: Fri Oct 24 15:28:50 2025
Summary: Security update for libssh
Type: security
Severity: moderate
References: 1246974,1249375,CVE-2025-8114,CVE-2025-8277
This update for libssh fixes the following issues:
- CVE-2025-8277: memory exhaustion leading to client-side DoS due to improper memory management when KEX process is
repeated with incorrect guesses (bsc#1249375).
- CVE-2025-8114: NULL pointer dereference when an allocation error happens during the calculation of the KEX session ID
(bsc#1246974).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:3794-1
Released: Fri Oct 24 17:36:29 2025
Summary: Security update for chrony
Type: security
Severity: moderate
References: 1246544
This update for chrony fixes the following issues:
- Race condition during socket creation by chronyc allows privilege escalation from user chrony to root (bsc#1246544).
This update also ships chrony-pool-empty to SLE Micro 5.x (jsc#SMO-587)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:3797-1
Released: Mon Oct 27 08:58:05 2025
Summary: Security update for xen
Type: security
Severity: important
References: 1248807,1251271,CVE-2025-27466,CVE-2025-58142,CVE-2025-58143,CVE-2025-58147,CVE-2025-58148
This update for xen fixes the following issues:
- CVE-2025-58147, CVE-2025-58148: Fixed incorrect input sanitisation in Viridian hypercalls (bsc#1251271, XSA-475)
- CVE-2025-27466, CVE-2025-58142, CVE-2025-58143: Fixed mutiple vulnerabilities in the Viridian interface (bsc#1248807, XSA-472)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:3836-1
Released: Tue Oct 28 11:38:00 2025
Summary: Recommended update for bash
Type: recommended
Severity: important
References: 1245199
This update for bash fixes the following issues:
- Fix histfile missing timestamp for the oldest record (bsc#1245199)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:3851-1
Released: Wed Oct 29 15:04:32 2025
Summary: Recommended update for vim
Type: recommended
Severity: moderate
References: 1229750,1250593
This update for vim fixes the following issues:
- Fix regression in vim: xxd -a shows no output (bsc#1250593).
Backported from 9.1.1683 (xxd: Avoid null dereference in autoskip colorless).
- Fix vim compatible mode is not switched off earlier (bsc#1229750).
Nocompatible must be set before the syntax highlighting is turned on.
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:3854-1
Released: Wed Oct 29 15:10:39 2025
Summary: Recommended update for cifs-utils
Type: recommended
Severity: moderate
References: 1248816
This update for cifs-utils fixes the following issues:
- Fix: cifs.upcall program in the cifs-utils package fails to use a valid service ticket
from the credential cache if the TGT is expired or not exist (bsc#1248816)
* cifs-utils: Skip TGT check if there is a valid service ticket
* cifs-utils: avoid using mktemp when updating mtab
* cifs-utils: add documentation for upcall_target
* setcifsacl: fix memory allocation for struct cifs_ace
* cifs.upcall: fix UAF in get_cachename_from_process_en
* cifs.upcall: fix memory leaks in check_service_ticket
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:3930-1
Released: Tue Nov 4 09:26:22 2025
Summary: Recommended update for gcc15
Type: recommended
Severity: moderate
References: 1232526,1238491,1239566,1239938,1240788,1243794,1243991,1244050
This update for gcc15 fixes the following issues:
This update ships the GNU Compiler Collection GCC 15.2. (jsc#PED-12029)
The compiler runtime libraries are provided for all SUSE Linux Enterprise 15
versions and replace the same named GCC 14 ones.
The new compilers for C, C++, and Fortran are provided for SUSE Linux
Enterprise 15 SP6 and SP7, and provided in the 'Development Tools' module.
The Go, D, Ada and Modula 2 language compiler parts are available
unsupported via the PackageHub repositories.
To use gcc15 compilers use:
- install 'gcc15' or 'gcc15-c++' or one of the other 'gcc15-COMPILER' frontend packages.
- override your Makefile to use CC=gcc15, CXX=g++15 and similar overrides for the other languages.
For a full changelog with all new GCC15 features, check out
https://gcc.gnu.org/gcc-15/changes.html
Update to GCC 15.2 release:
* the GCC 15.2 release contains regression fixes accumulated since
the GCC 15.1 release
- Prune the use of update-alternatives from openSUSE Factory and
SLFO.
- Adjust crosses to conflict consistently where they did not
already and make them use unsuffixed binaries.
- Tune for power10 for SLES 16. [jsc#PED-12029]
- Tune for z15 for SLES 16. [jsc#PED-253]
- Fix PR120827, ICE due to splitter emitting constant loads directly
- Exclude shared objects present for link editing in the GCC specific
subdirectory from provides processing via __provides_exclude_from.
[bsc#1244050][bsc#1243991]
- Make cross-*-gcc15-bootstrap package conflict with the non-bootstrap
variant conflict with the unversioned cross-*-gcc package.
- Enable C++ for offload compilers. [bsc#1243794]
- Add libgcobol and libquadmath-devel dependence to the cobol frontend
package.
Update to GCC 15 branch head, 15.1.1+git9595
* includes GCC 15.1 release
- Enable gfx9-generic, gfx10-3-generic and gfx11-generic multilibs
for the AMD GCN offload compiler when llvm is new enough.
- Make sure link editing is done against our own shared library
copy rather than the installed system runtime. [bsc#1240788]
- Fix newlib libm miscompilation for GCN offloading.
Update to GCC trunk head, 15.0.1+git9001
* includes -msplit-patch-nops required for user-space livepatching
on powerpc
* includes fix for Ada build with --enable-host-pie
- Build GCC executables PIE on SLE. [bsc#1239938]
- Includes change to also record -D_FORTIFY_SOURCE=2 in the DWARF
debug info DW_AT_producer string. [bsc#1239566]
- Package GCC COBOL compiler for openSUSE Factory for supported
targets which are x86_64, aarch64 and ppc64le.
- Disable profiling during build when %want_reproducible_builds is set
[bsc#1238491]
- Includes fix for emacs JIT use
- Bumps libgo SONAME to libgo24 which should fix go1.9 build
- Adjust cross compiler requirements to use %requires_ge
- For cross compilers require the same or newer binutils, newlib
or cross-glibc that was used at build time. [bsc#1232526]
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:3950-1
Released: Wed Nov 5 11:22:31 2025
Summary: Security update for runc
Type: security
Severity: important
References: 1252232,CVE-2025-31133,CVE-2025-52565,CVE-2025-52881
This update for runc fixes the following issues:
- CVE-2025-31133: Fixed container escape via 'masked path' abuse due to mount race conditions (bsc#1252232).
- CVE-2025-52565: Fixed container escape with malicious config due to /dev/console mount and related races (bsc#1252232).
- CVE-2025-52881: Fixed container escape and denial of service due to arbitrary write gadgets and procfs write redirects (bsc#1252232).
Update to runc v1.2.7.
- Upstream changelog is available from <https://github.com/opencontainers/runc/releases/tag/v1.2.7>
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:3986-1
Released: Fri Nov 7 11:31:03 2025
Summary: Security update for gpg2
Type: security
Severity: low
References: 1239119,CVE-2025-30258
This update for gpg2 fixes the following issues:
- CVE-2025-30258: fixed a verification denial of service due to a malicious subkey in the keyring (bsc#1239119)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:4073-1
Released: Wed Nov 12 11:34:27 2025
Summary: Security update for runc
Type: security
Severity: important
References: 1252110,1252232,CVE-2025-31133,CVE-2025-52565,CVE-2025-52881
This update for runc fixes the following issues:
Update to runc v1.3.3. Upstream changelog is available from
<https://github.com/opencontainers/runc/releases/tag/v1.3.3>. bsc#1252232
* CVE-2025-31133
* CVE-2025-52565
* CVE-2025-52881
Update to runc v1.3.2. Upstream changelog is available from
<https://github.com/opencontainers/runc/releases/tag/v1.3.2> bsc#1252110
- Includes an important fix for the CPUSet translation for cgroupv2.
Update to runc v1.3.1. Upstream changelog is available from
<https://github.com/opencontainers/runc/releases/tag/v1.3.1>
Update to runc v1.3.0. Upstream changelog is available from
<https://github.com/opencontainers/runc/releases/tag/v1.3.0>
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:4108-1
Released: Fri Nov 14 16:54:51 2025
Summary: Security update for bind
Type: security
Severity: important
References: 1252379,1252380,CVE-2025-40778,CVE-2025-40780
This update for bind fixes the following issues:
- CVE-2025-40778: Address various spoofing attacks (bsc#1252379).
- CVE-2025-40780: Cache-poisoning due to weak pseudo-random number generator (bsc#1252380).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:4112-1
Released: Sat Nov 15 23:38:15 2025
Summary: Security update for openssh
Type: security
Severity: moderate
References: 1251198,1251199,CVE-2025-61984,CVE-2025-61985
This update for openssh fixes the following issues:
- CVE-2025-61984: Fixed code execution via control characters in usernames when a ProxyCommand is used (bsc#1251198)
- CVE-2025-61985: Fixed code execution via '\0' character in ssh:// URI when a ProxyCommand is used (bsc#1251199)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:4118-1
Released: Mon Nov 17 09:06:55 2025
Summary: Recommended update for freetype2
Type: recommended
Severity: important
References: 1252148
This update for freetype2 fixes the following issues:
- Fix the %licence tag (bsc#1252148)
* package FTL.TXT and GPLv2.TXT as %license
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:4152-1
Released: Fri Nov 21 10:10:35 2025
Summary: Security update for grub2
Type: security
Severity: moderate
References: 1252931,1252932,1252933,1252934,1252935,CVE-2025-54771,CVE-2025-61661,CVE-2025-61662,CVE-2025-61663,CVE-2025-61664
This update for grub2 fixes the following issues:
- CVE-2025-54771: Fixed rub_file_close() does not properly controls the fs refcount (bsc#1252931)
- CVE-2025-61662: Fixed missing unregister call for gettext command may lead to use-after-free (bsc#1252933)
- CVE-2025-61663: Fixed missing unregister call for normal commands may lead to use-after-free (bsc#1252934)
- CVE-2025-61664: Fixed missing unregister call for normal_exit command may lead to use-after-free (bsc#1252935)
- CVE-2025-61661: Fixed out-of-bounds write in grub_usb_get_string() function (bsc#1252932)
Other fixes:
- Bump upstream SBAT generation to 6
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:4092-1
Released: Mon Nov 24 10:08:22 2025
Summary: Security update for elfutils
Type: security
Severity: moderate
References: 1237236,1237240,1237241,1237242,CVE-2025-1352,CVE-2025-1372,CVE-2025-1376,CVE-2025-1377
This update for elfutils fixes the following issues:
- Fixing build/testsuite for more recent glibc and kernels.
- Fixing denial of service and general buffer overflow errors
(bsc#1237236, bsc#1237240, bsc#1237241, bsc#1237242):
- CVE-2025-1376: Fixed denial of service in function elf_strptr in the library /libelf/elf_strptr.c of the component eu-strip
- CVE-2025-1377: Fixed denial of service in function gelf_getsymshndx of the file strip.c of the component eu-strip
- CVE-2025-1372: Fixed buffer overflow in function dump_data_section/print_string_section of the file readelf.c of the component eu-readelf
- CVE-2025-1352: Fixed SEGV (illegal read access) in function __libdw_thread_tail in the library libdw_alloc.c of the component eu-readelf
- Fixing testsuite race conditions in run-debuginfod-find.sh.
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:4288-1
Released: Fri Nov 28 09:25:32 2025
Summary: Security update for containerd
Type: security
Severity: important
References: 1253126,1253132,CVE-2024-25621,CVE-2025-64329
This update for containerd fixes the following issues:
- Update to containerd v1.7.29
- CVE-2024-25621: Fixed an overly broad default permission vulnerability. (bsc#1253126)
- CVE-2025-64329: Fixed a goroutine leaks which can lead to memory exhaustion on the host. (bsc#1253132)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:4309-1
Released: Fri Nov 28 16:39:38 2025
Summary: Security update for curl
Type: security
Severity: moderate
References: 1253757,CVE-2025-11563
This update for curl fixes the following issues:
- CVE-2025-11563: Fixed wcurl path traversal with percent-encoded slashes (bsc#1253757)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:4320-1
Released: Thu Dec 4 11:04:15 2025
Summary: Security update for the Linux Kernel
Type: security
Severity: important
References: 1065729,1205128,1206843,1206893,1207612,1207619,1210763,1211162,1211692,1213098,1213114,1213747,1214754,1214954,1214992,1215148,1217366,1236104,1242960,1245498,1245499,1246211,1247317,1248754,1249479,1249608,1249857,1249859,1249988,1250237,1250742,1250816,1250946,1251027,1251032,1251034,1251035,1251037,1251040,1251043,1251045,1251046,1251047,1251052,1251054,1251057,1251059,1251060,1251061,1251063,1251065,1251066,1251068,1251072,1251079,1251080,1251082,1251086,1251087,1251088,1251091,1251092,1251093,1251097,1251099,1251101,1251104,1251105,1251106,1251110,1251113,1251115,1251123,1251128,1251129,1251133,1251136,1251147,1251149,1251153,1251154,1251159,1251162,1251164,1251166,1251167,1251169,1251170,1251173,1251174,1251178,1251180,1251182,1251197,1251200,1251201,1251202,1251208,1251210,1251215,1251218,1251221,1251222,1251223,1251230,1251247,1251268,1251281,1251282,1251283,1251284,1251285,1251286,1251292,1251294,1251295,1251296,1251298,1251299,1251300,1251301,1251302,1251303,1
251306,1251307,1251310,1251312,1251315,1251322,1251324,1251325,1251326,1251327,1251329,1251330,1251331,1251519,1251521,1251522,1251527,1251529,1251550,1251723,1251725,1251728,1251730,1251736,1251737,1251738,1251741,1251743,1251750,1251753,1251759,1251761,1251762,1251763,1251764,1251767,1251769,1251772,1251775,1251777,1251785,1251823,1251930,1251967,1252033,1252035,1252047,1252060,1252069,1252265,1252473,1252474,1252475,1252476,1252480,1252484,1252486,1252489,1252490,1252492,1252494,1252495,1252497,1252499,1252501,1252508,1252509,1252513,1252515,1252516,1252519,1252521,1252522,1252523,1252526,1252528,1252529,1252532,1252534,1252535,1252536,1252537,1252538,1252539,1252542,1252545,1252549,1252554,1252560,1252564,1252565,1252568,1252632,1252634,1252688,1252785,1252893,CVE-2022-43945,CVE-2022-50327,CVE-2022-50334,CVE-2022-50470,CVE-2022-50471,CVE-2022-50472,CVE-2022-50475,CVE-2022-50478,CVE-2022-50479,CVE-2022-50480,CVE-2022-50482,CVE-2022-50484,CVE-2022-50485,CVE-2022-50487,CVE-2022-504
88,CVE-2022-50489,CVE-2022-50490,CVE-2022-50492,CVE-2022-50493,CVE-2022-50494,CVE-2022-50496,CVE-2022-50497,CVE-2022-50498,CVE-2022-50499,CVE-2022-50501,CVE-2022-50503,CVE-2022-50504,CVE-2022-50505,CVE-2022-50509,CVE-2022-50511,CVE-2022-50512,CVE-2022-50513,CVE-2022-50514,CVE-2022-50515,CVE-2022-50516,CVE-2022-50519,CVE-2022-50520,CVE-2022-50521,CVE-2022-50523,CVE-2022-50524,CVE-2022-50525,CVE-2022-50526,CVE-2022-50527,CVE-2022-50528,CVE-2022-50529,CVE-2022-50530,CVE-2022-50532,CVE-2022-50534,CVE-2022-50535,CVE-2022-50537,CVE-2022-50541,CVE-2022-50542,CVE-2022-50543,CVE-2022-50544,CVE-2022-50545,CVE-2022-50546,CVE-2022-50549,CVE-2022-50551,CVE-2022-50553,CVE-2022-50556,CVE-2022-50559,CVE-2022-50560,CVE-2022-50561,CVE-2022-50562,CVE-2022-50563,CVE-2022-50564,CVE-2022-50566,CVE-2022-50567,CVE-2022-50568,CVE-2022-50570,CVE-2022-50572,CVE-2022-50574,CVE-2022-50575,CVE-2022-50576,CVE-2022-50577,CVE-2022-50578,CVE-2022-50579,CVE-2022-50580,CVE-2022-50581,CVE-2022-50582,CVE-2023-52923,CVE-
2023-53365,CVE-2023-53500,CVE-2023-53533,CVE-2023-53534,CVE-2023-53539,CVE-2023-53541,CVE-2023-53542,CVE-2023-53546,CVE-2023-53547,CVE-2023-53548,CVE-2023-53551,CVE-2023-53552,CVE-2023-53553,CVE-2023-53554,CVE-2023-53556,CVE-2023-53557,CVE-2023-53559,CVE-2023-53560,CVE-2023-53562,CVE-2023-53564,CVE-2023-53566,CVE-2023-53567,CVE-2023-53568,CVE-2023-53571,CVE-2023-53572,CVE-2023-53574,CVE-2023-53578,CVE-2023-53579,CVE-2023-53580,CVE-2023-53581,CVE-2023-53582,CVE-2023-53587,CVE-2023-53589,CVE-2023-53591,CVE-2023-53592,CVE-2023-53594,CVE-2023-53597,CVE-2023-53598,CVE-2023-53601,CVE-2023-53603,CVE-2023-53604,CVE-2023-53605,CVE-2023-53607,CVE-2023-53608,CVE-2023-53611,CVE-2023-53612,CVE-2023-53615,CVE-2023-53616,CVE-2023-53617,CVE-2023-53619,CVE-2023-53622,CVE-2023-53625,CVE-2023-53626,CVE-2023-53631,CVE-2023-53637,CVE-2023-53639,CVE-2023-53640,CVE-2023-53641,CVE-2023-53644,CVE-2023-53648,CVE-2023-53650,CVE-2023-53651,CVE-2023-53658,CVE-2023-53659,CVE-2023-53662,CVE-2023-53667,CVE-2023-53
668,CVE-2023-53670,CVE-2023-53673,CVE-2023-53674,CVE-2023-53675,CVE-2023-53679,CVE-2023-53680,CVE-2023-53681,CVE-2023-53683,CVE-2023-53687,CVE-2023-53692,CVE-2023-53693,CVE-2023-53695,CVE-2023-53696,CVE-2023-53697,CVE-2023-53700,CVE-2023-53704,CVE-2023-53705,CVE-2023-53707,CVE-2023-53708,CVE-2023-53709,CVE-2023-53711,CVE-2023-53715,CVE-2023-53716,CVE-2023-53717,CVE-2023-53718,CVE-2023-53719,CVE-2023-53722,CVE-2023-53723,CVE-2023-53724,CVE-2023-53725,CVE-2023-53726,CVE-2023-53730,CVE-2023-7324,CVE-2025-37885,CVE-2025-38084,CVE-2025-38085,CVE-2025-38476,CVE-2025-39742,CVE-2025-39797,CVE-2025-39945,CVE-2025-39965,CVE-2025-39967,CVE-2025-39968,CVE-2025-39973,CVE-2025-39978,CVE-2025-39981,CVE-2025-40018,CVE-2025-40044
The SUSE Linux Enterprise 15 SP5 kernel was updated to fix various security issues
The following security issues were fixed:
- CVE-2022-50327: ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value (bsc#1249859).
- CVE-2022-50334: hugetlbfs: fix null-ptr-deref in hugetlbfs_parse_param() (bsc#1249857).
- CVE-2022-50490: bpf: Propagate error from htab_lock_bucket() to userspace (bsc#1251164).
- CVE-2022-50516: fs: dlm: fix invalid derefence of sb_lvbptr (bsc#1251741).
- CVE-2023-53365: ip6mr: Fix skb_under_panic in ip6mr_cache_report() (bsc#1249988).
- CVE-2023-53500: xfrm: fix slab-use-after-free in decode_session6 (bsc#1250816).
- CVE-2023-53559: ip_vti: fix potential slab-use-after-free in decode_session6 (bsc#1251052).
- CVE-2023-53574: wifi: rtw88: delete timer and free skb queue when unloading (bsc#1251222).
- CVE-2023-53619: netfilter: conntrack: Avoid nf_ct_helper_hash uses after free (bsc#1251743).
- CVE-2023-53673: Bluetooth: hci_event: call disconnect callback before deleting conn (bsc#1251763).
- CVE-2023-53705: ipv6: Fix out-of-bounds access in ipv6_find_tlv() (bsc#1252554).
- CVE-2025-37885: KVM: x86: Reset IRTE to host control if *new* route isn't postable (bsc#1242960).
- CVE-2025-38084: hugetlb: unshare some PMDs when splitting VMAs (bsc#1245498).
- CVE-2025-38085: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (bsc#1245499).
- CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline() (bsc#1247317).
- CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (bsc#1249479).
- CVE-2025-39797: xfrm: Duplicate SPI Handling (bsc#1249608).
- CVE-2025-39945: cnic: Fix use-after-free bugs in cnic_delete_task (bsc#1251230).
- CVE-2025-39967: fbcon: fix integer overflow in fbcon_do_set_font (bsc#1252033).
- CVE-2025-39968: i40e: add max boundary check for VF filters (bsc#1252047).
- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252035).
- CVE-2025-39978: octeontx2-pf: Fix potential use after free in otx2_tc_add_flow() (bsc#1252069).
- CVE-2025-39981: Bluetooth: MGMT: Fix possible UAFs (bsc#1252060).
- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252688).
- CVE-2025-40044: fs: udf: fix OOB read in lengthAllocDescs handling (bsc#1252785).
The following non security issues were fixed:
- NFS: remove revoked delegation from server's delegation list (bsc#1246211).
- NFSv4: Allow FREE_STATEID to clean up delegations (bsc#1246211).
- fbcon: Fix OOB access in font allocation (bsc#1252033)
- kabi fix for NFSv4: Allow FREE_STATEID to clean up delegations (bsc#1246211).
- kernel-subpackage-spec: Do not doubly-sign modules (bsc#1251930).
- mm: avoid unnecessary page fault retires on shared memory types (bsc#1251823).
- net: hv_netvsc: fix loss of early receive events from host during channel open (bsc#1252265).
- net: mana: Switch to page pool for jumbo frames (bsc#1248754).
- net: mana: Use page pool fragments for RX buffers instead of full pages to improve memory efficiency (bsc#1248754).
- netfilter: nft_objref: validate objref and objrefmap expressions (bsc#1250237).
- rpm/check-for-config-changes: ignore CONFIG_SCHED_PROXY_EXEC, too (bsc#1250946)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:4321-1
Released: Fri Dec 5 08:07:53 2025
Summary: Recommended update for pciutils
Type: recommended
Severity: moderate
References: 1001888,1006827,1029961,1098094,1098228,1170554,1192862,1206798,1224138,529469,837347
This update for pciutils fixes the following issues:
pciutils was updated from version 3.5.6 to 3.13.0 (jsc#PED-8402, jsc#PED-8393, bsc#1224138):
- Highlights of issues fixed:
* Fixed LnkCap speed recognition in `lspci` for multi PCIe ports such as
the ML110 Gen11 (bsc#1192862)
* Included several non-standard extensions to VPD decoder (bsc#1170554, bsc#1098228)
* Fixed the display of the gen4 speed for GEN 4 cards like Mellanox CX5 (bsc#1098094)
* Replaced dependency on pciutil-ids with hwdata
* Potentially disruptive change of PCI IDs Cache:
+ The local cache of PCI IDs (.pci-ids) was moved to the XDG standard location: `$XDG_CACHE_HOME/pci-ids` (v3.11.0)
This could be a disruptive change if users or scripts are relying on the old path.
- Key New Features and Utilities:
* New `pcilmr` Utility: A new tool, `pcilmr`, was added for 'PCIe lane margining,' which is a low-level
diagnostic feature (v3.11.0)
* New `lspci` Path Flag: You can now use `lspci -P` (or -PP) to see the path of bridges leading to a specific device
(v3.6.2)
* ECAM Support: Added support for the ECAM (Enhanced Configuration Access Mechanism), a standard way to access PCIe
configuration space (v3.10.0)
* IOMMU Group Display: lspci can now display IOMMU groups on Linux (v3.7.0)
- New Hardware and Protocol Decoding:
* Added support for decoding CXL capabilities (v3.9.0)
* Decoding for Advanced Error Reporting (AER) (v3.13.0)
* Decoding for IDE (Integrity and Data Encryption) and TEE-IO extended capabilities (v3.12.0)
* Decoding for Data Object Exchange (DOE) (v3.8.0)
* Decoding for standard and VF (Virtual Function) Resizable BARs (v3.7.0)
* Decoding for Multicast capabilities (v3.6.3)
- Improved Output Clarity:
* PCIe link speeds running below their maximum are now clearly marked as 'downgraded' (v3.6.0)
* BARs (Base Address Registers) reported by the OS but not actually set on the device are marked as
'[virtual]' (v3.6.0)
- Command Behavior and System Changes:
* `lspci` Tree View (-t):
+ Can now be combined with `-s` to show only a specific sub-tree (v3.6.3)
+ Improved filtering options (v3.9.0)
+ Improved support of multi-domain systems (v3.10.0)
* `setpci`:
+ Can now check if a named register exists for that device's header type (v3.9.0)
* `update-pciids`:
+ Now supports XZ compression when downloading new ID lists (v3.11.0)
* Database Update:
+ The pci.ids device database was continuously updated across all versions.
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:4326-1
Released: Tue Dec 9 11:31:28 2025
Summary: Recommended update for runc
Type: recommended
Severity: moderate
References: 1254362
This update for runc fixes the following issues:
- Update to runc v1.3.4 (bsc#1254362)
- libct: fix mips compilation:
* When configuring a tmpfs mount, only set the mode= argument if the
target path already existed.
* Fix various file descriptor leaks and add additional tests to detect them as
comprehensively as possible.
- Downgrade github.com/cyphar/filepath-securejoin dependency to v0.5.2,
which should make it easier for some downstreams to import runc without
pulling in too many extra packages.
- The runc binary distributed with this release are statically linked with the following
GNU LGPL-2.1 licensed libraries, with runc acting as a 'work that uses the Library':
* libseccomp: The versions of these libraries were not modified from their upstream versions
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:4331-1
Released: Tue Dec 9 12:55:17 2025
Summary: Recommended update for kmod
Type: recommended
Severity: important
References: 1253741
This update for kmod fixes the following issues:
- Fix modprobe.d confusion on man page (bsc#1253741):
* document the config file order handling
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:4347-1
Released: Wed Dec 10 14:02:26 2025
Summary: Security update for glib2
Type: security
Severity: moderate
References: 1249055,CVE-2025-7039
This update for glib2 fixes the following issues:
- CVE-2025-7039: Fixed buffer under-read on glib through glib/gfileutils.c via get_tmp_file() (bsc#1249055)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:4362-1
Released: Thu Dec 11 11:08:27 2025
Summary: Recommended update for gcc15
Type: recommended
Severity: moderate
References: 1253043
This update for gcc15 fixes the following issues:
- Enable the use of _dl_find_object even when not available at build time. [bsc#1253043]
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:4368-1
Released: Thu Dec 11 16:12:16 2025
Summary: Security update for python3
Type: security
Severity: low
References: 1251305,1252974,CVE-2025-6075,CVE-2025-8291
This update for python3 fixes the following issues:
- CVE-2025-6075: quadratic complexity in `os.path.expandvars()` can lead to performance degradation when values passed
to it are user-controlled (bsc#1252974).
- CVE-2025-8291: lack of validity checks on the ZIP64 End of Central Directory (EOCD) record allows for the creation of
ZIP archives that are processed inconsistently by the `zipfile` module (bsc#1251305).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:4377-1
Released: Fri Dec 12 10:37:09 2025
Summary: Recommended update for lvm2
Type: recommended
Severity: moderate
References: 1233655,510058
This update for lvm2 fixes the following issues:
- Maintenance update attempt seems to be stuck at mkinitrd (bsc#510058).
- Fix for 'systemctl start lvmlockd.service' time out (bsc#1233655).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:4436-1
Released: Wed Dec 17 14:55:46 2025
Summary: Security update for libpng16
Type: security
Severity: important
References: 1254157,1254158,1254159,1254160,1254480,CVE-2025-64505,CVE-2025-64506,CVE-2025-64720,CVE-2025-65018,CVE-2025-66293
This update for libpng16 fixes the following issues:
- CVE-2025-65018: Fixed heap buffer overflow in `png_combine_row` triggered via `png_image_finish_read` (bsc#1254160)
- CVE-2025-66293: Fixed LIBPNG out-of-bounds read in `png_image_read_composite` (bsc#1254480)
- CVE-2025-64506: Fixed heap buffer over-read in `png_write_image_8bit` with 8-bit input and `convert_to_8bit` enabled (bsc#1254158)
- CVE-2025-64720: Fixed buffer overflow in `png_image_read_composite` via incorrect palette premultiplication (bsc#1254159)
- CVE-2025-64505: Fixed heap buffer over-read in `png_do_quantize` via malformed palette index (bsc#1254157)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:4490-1
Released: Fri Dec 19 12:17:11 2025
Summary: Security update for xen
Type: security
Severity: moderate
References: 1027519,1252692,1254180,CVE-2025-58149
This update for xen fixes the following issues:
Update to Xen 4.17.6.
Security issues fixed:
- CVE-2025-58149: incorrect removal of permissions on PCI device unplug allows PV guests to access memory of devices no
longer assigned to them (bsc#1252692).
Other issues fixed:
- Several upstream bug fixes (bsc#1027519).
- Failure to restart xenstored (bsc#1254180).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:4504-1
Released: Mon Dec 22 17:29:14 2025
Summary: Security update for glib2
Type: security
Severity: important
References: 1254297,1254662,1254878,CVE-2025-13601,CVE-2025-14087,CVE-2025-14512
This update for glib2 fixes the following issues:
- CVE-2025-14512: integer overflow in the GIO `escape_byte_string()` function when processing malicious files or remote
filesystem attribute values can lead to denial-of-service (bsc#1254878).
- CVE-2025-14087: buffer underflow in the GVariant parser `bytestring_parse()` and `string_parse()` functions when
processing attacker-influenced data may lead to crash or code execution (bsc#1254662).
- CVE-2025-13601: heap-based buffer overflow in the `g_escape_uri_string()` function when processing strings with a
large number of unacceptable characters may lead to crash or code execution (bsc#1254297).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:4506-1
Released: Mon Dec 22 17:38:35 2025
Summary: Security update for the Linux Kernel
Type: security
Severity: important
References: 1233640,1249806,1251786,1252033,1252267,1252780,1252862,1253367,1253431,1253436,CVE-2022-50280,CVE-2023-53676,CVE-2024-53093,CVE-2025-40040,CVE-2025-40048,CVE-2025-40121,CVE-2025-40154,CVE-2025-40204
The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2022-50280: pnode: terminate at peers of source (bsc#1249806).
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251786).
- CVE-2024-53093: nvme-multipath: defer partition scanning (bsc#1233640).
- CVE-2025-40040: mm/ksm: fix flag-dropping behavior in ksm_madvise (bsc#1252780).
- CVE-2025-40048: uio_hv_generic: Let userspace take care of interrupt mask (bsc#1252862).
- CVE-2025-40121: ASoC: Intel: bytcr_rt5651: Fix invalid quirk input mapping (bsc#1253367).
- CVE-2025-40154: ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping (bsc#1253431).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253436).
The following non-security bugs were fixed:
- Fix type signess in fbcon_set_font() (bsc#1252033).
- scsi: storvsc: Prefer returning channel with the same CPU as on the I/O issuing CPU (bsc#1252267).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:4525-1
Released: Fri Dec 26 13:19:00 2025
Summary: Security update for gnutls
Type: security
Severity: moderate
References: 1254132,CVE-2025-9820
This update for gnutls fixes the following issues:
- CVE-2025-9820: Fixed buffer overflow in gnutls_pkcs11_token_init. (bsc#1254132)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:27-1
Released: Mon Jan 5 13:45:08 2026
Summary: Security update for python3
Type: security
Severity: moderate
References: 1254400,1254401,1254997,CVE-2025-12084,CVE-2025-13836,CVE-2025-13837
This update for python3 fixes the following issues:
- CVE-2025-12084: cpython: Fixed quadratic algorithm in xml.dom.minidom leading to denial of service (bsc#1254997)
- CVE-2025-13836: Fixed default Content-Lenght read amount from HTTP response (bsc#1254400)
- CVE-2025-13837: Fixed plistlib module denial of service (bsc#1254401)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2026:48-1
Released: Wed Jan 7 09:08:18 2026
Summary: Recommended update for pciutils
Type: recommended
Severity: moderate
References: 1252338
This update for pciutils fixes the following issues:
- Add a strict dependency to libpci to prevent possible segfault (bsc#1252338)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:117-1
Released: Tue Jan 13 05:33:38 2026
Summary: Security update for util-linux
Type: security
Severity: moderate
References: 1254666,CVE-2025-14104
This update for util-linux fixes the following issues:
- CVE-2025-14104: Fixed heap buffer overread in setpwnam() when processing 256-byte usernames (bsc#1254666).
- lscpu: Add support for NVIDIA Olympus arm64 core (jsc#PED-13682).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:214-1
Released: Thu Jan 22 13:09:26 2026
Summary: Security update for gpg2
Type: security
Severity: important
References: 1255715,1256244,1256246,1256390,CVE-2025-68973
This update for gpg2 fixes the following issues:
- CVE-2025-68973: Fix possible memory corruption in the armor parser (gpg.fail/memcpy)(bsc#1255715).
- Avoid potential downgrade to SHA1 in 3rd party key signatures (gpg.fail/sha1) (bsc#1256246).
- Error out on unverified output for non-detached signatures (gpg.fail/detached) (bsc#1256244).
- Fix Cleartext Signature Forgery in the NotDashEscaped header implementation in GnuPG (gpg.fail/notdash) (bsc#1256390).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:224-1
Released: Thu Jan 22 13:18:20 2026
Summary: Security update for libtasn1
Type: security
Severity: moderate
References: 1256341,CVE-2025-13151
This update for libtasn1 fixes the following issues:
- CVE-2025-13151: stack-based buffer overflow in `asn1_expend_octet_string` (bsc#1256341).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:304-1
Released: Tue Jan 27 17:14:50 2026
Summary: Security update for xen
Type: security
Severity: moderate
References: 1256745,1256747,CVE-2025-58150,CVE-2026-23553
This update for xen fixes the following issues:
- CVE-2025-58150: Fixed buffer overrun with shadow paging and
tracing (XSA-477) (bsc#1256745)
- CVE-2026-23553: Fixed incomplete IBPB for vCPU isolation
(XSA-479) (bsc#1256747)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:317-1
Released: Wed Jan 28 15:36:48 2026
Summary: Security update for the Linux Kernel
Type: security
Severity: important
References: 1065729,1193629,1194869,1196823,1204957,1205567,1206451,1206843,1206889,1207051,1207088,1207315,1207611,1207620,1207622,1207636,1207644,1207646,1207652,1207653,1208570,1208758,1209799,1209980,1210644,1210817,1210943,1211690,1213025,1213032,1213093,1213105,1213110,1213111,1213653,1213747,1213867,1214635,1214940,1214962,1214986,1214990,1216062,1224573,1225832,1226797,1226846,1228015,1233640,1235038,1237563,1249871,1252046,1252678,1253409,1254392,1254520,1254559,1254562,1254572,1254578,1254580,1254592,1254601,1254608,1254609,1254614,1254615,1254617,1254623,1254625,1254626,1254631,1254632,1254634,1254644,1254645,1254649,1254651,1254653,1254656,1254658,1254660,1254664,1254671,1254674,1254676,1254677,1254681,1254684,1254685,1254686,1254690,1254692,1254694,1254696,1254698,1254699,1254704,1254706,1254709,1254710,1254711,1254712,1254713,1254714,1254716,1254723,1254725,1254728,1254729,1254743,1254745,1254751,1254753,1254754,1254756,1254759,1254763,1254775,1254780,1254781,1254782,1
254783,1254785,1254786,1254788,1254789,1254792,1254813,1254843,1254847,1254851,1254894,1254902,1254910,1254911,1254915,1254916,1254917,1254920,1254922,1254958,1254959,1254974,1254979,1254986,1254994,1255002,1255005,1255007,1255049,1255060,1255107,1255163,1255165,1255245,1255467,1255469,1255521,1255528,1255532,1255546,1255549,1255554,1255555,1255558,1255560,1255561,1255562,1255565,1255574,1255576,1255578,1255582,1255596,1255600,1255605,1255607,1255608,1255609,1255618,1255619,1255620,1255623,1255624,1255626,1255627,1255628,1255635,1255636,1255688,1255690,1255697,1255702,1255704,1255745,1255747,1255749,1255750,1255757,1255758,1255760,1255761,1255762,1255763,1255769,1255771,1255773,1255780,1255786,1255787,1255789,1255790,1255791,1255792,1255796,1255797,1255800,1255801,1255802,1255803,1255804,1255806,1255808,1255819,1255839,1255841,1255843,1255844,1255872,1255875,1255876,1255877,1255878,1255880,1255881,1255888,1255889,1255890,1255899,1255901,1255902,1255905,1255906,1255909,1255910,125591
2,1255916,1255919,1255920,1255922,1255924,1255925,1255939,1255946,1255950,1255953,1255954,1255955,1255962,1255964,1255968,1255969,1255970,1255971,1255974,1255978,1255979,1255983,1255985,1255990,1255993,1255994,1255996,1255998,1256034,1256040,1256042,1256045,1256046,1256048,1256049,1256050,1256053,1256056,1256057,1256062,1256063,1256064,1256065,1256071,1256074,1256081,1256084,1256086,1256088,1256091,1256093,1256099,1256101,1256103,1256106,1256111,1256112,1256114,1256115,1256118,1256119,1256121,1256122,1256124,1256125,1256126,1256127,1256128,1256130,1256131,1256132,1256133,1256136,1256137,1256140,1256141,1256142,1256143,1256144,1256145,1256149,1256150,1256152,1256154,1256155,1256157,1256158,1256162,1256164,1256165,1256166,1256167,1256172,1256173,1256174,1256177,1256178,1256179,1256182,1256184,1256185,1256186,1256188,1256189,1256191,1256192,1256193,1256194,1256196,1256198,1256199,1256200,1256202,1256203,1256204,1256205,1256206,1256207,1256208,1256211,1256214,1256215,1256216,1256218,125
6219,1256220,1256221,1256223,1256228,1256230,1256231,1256235,1256239,1256241,1256242,1256245,1256248,1256250,1256254,1256260,1256265,1256269,1256271,1256274,1256282,1256285,1256291,1256294,1256295,1256300,1256302,1256306,1256309,1256317,1256320,1256323,1256326,1256328,1256333,1256334,1256335,1256337,1256338,1256344,1256346,1256349,1256352,1256353,1256355,1256358,1256359,1256363,1256364,1256368,1256370,1256375,1256381,1256382,1256383,1256384,1256386,1256388,1256391,1256394,1256395,1256396,1256397,1256398,1256423,1256426,1256432,CVE-2022-0854,CVE-2022-48853,CVE-2022-50614,CVE-2022-50615,CVE-2022-50617,CVE-2022-50618,CVE-2022-50619,CVE-2022-50621,CVE-2022-50622,CVE-2022-50623,CVE-2022-50625,CVE-2022-50626,CVE-2022-50629,CVE-2022-50630,CVE-2022-50633,CVE-2022-50635,CVE-2022-50636,CVE-2022-50638,CVE-2022-50640,CVE-2022-50641,CVE-2022-50643,CVE-2022-50644,CVE-2022-50646,CVE-2022-50649,CVE-2022-50652,CVE-2022-50653,CVE-2022-50656,CVE-2022-50658,CVE-2022-50660,CVE-2022-50661,CVE-2022-50662,
CVE-2022-50664,CVE-2022-50665,CVE-2022-50666,CVE-2022-50667,CVE-2022-50668,CVE-2022-50669,CVE-2022-50670,CVE-2022-50671,CVE-2022-50672,CVE-2022-50673,CVE-2022-50675,CVE-2022-50677,CVE-2022-50678,CVE-2022-50679,CVE-2022-50698,CVE-2022-50699,CVE-2022-50700,CVE-2022-50701,CVE-2022-50702,CVE-2022-50703,CVE-2022-50704,CVE-2022-50705,CVE-2022-50709,CVE-2022-50710,CVE-2022-50712,CVE-2022-50714,CVE-2022-50715,CVE-2022-50716,CVE-2022-50717,CVE-2022-50718,CVE-2022-50719,CVE-2022-50722,CVE-2022-50723,CVE-2022-50724,CVE-2022-50726,CVE-2022-50727,CVE-2022-50728,CVE-2022-50730,CVE-2022-50731,CVE-2022-50732,CVE-2022-50733,CVE-2022-50735,CVE-2022-50736,CVE-2022-50738,CVE-2022-50740,CVE-2022-50742,CVE-2022-50744,CVE-2022-50745,CVE-2022-50747,CVE-2022-50749,CVE-2022-50750,CVE-2022-50751,CVE-2022-50752,CVE-2022-50754,CVE-2022-50755,CVE-2022-50756,CVE-2022-50757,CVE-2022-50758,CVE-2022-50760,CVE-2022-50761,CVE-2022-50763,CVE-2022-50767,CVE-2022-50768,CVE-2022-50769,CVE-2022-50770,CVE-2022-50773,CVE-202
2-50774,CVE-2022-50776,CVE-2022-50777,CVE-2022-50779,CVE-2022-50781,CVE-2022-50782,CVE-2022-50809,CVE-2022-50814,CVE-2022-50818,CVE-2022-50819,CVE-2022-50821,CVE-2022-50822,CVE-2022-50823,CVE-2022-50824,CVE-2022-50826,CVE-2022-50827,CVE-2022-50828,CVE-2022-50829,CVE-2022-50830,CVE-2022-50832,CVE-2022-50833,CVE-2022-50834,CVE-2022-50835,CVE-2022-50836,CVE-2022-50838,CVE-2022-50839,CVE-2022-50840,CVE-2022-50842,CVE-2022-50843,CVE-2022-50844,CVE-2022-50845,CVE-2022-50846,CVE-2022-50847,CVE-2022-50848,CVE-2022-50849,CVE-2022-50850,CVE-2022-50851,CVE-2022-50853,CVE-2022-50856,CVE-2022-50858,CVE-2022-50859,CVE-2022-50860,CVE-2022-50861,CVE-2022-50862,CVE-2022-50864,CVE-2022-50866,CVE-2022-50867,CVE-2022-50868,CVE-2022-50870,CVE-2022-50872,CVE-2022-50873,CVE-2022-50876,CVE-2022-50878,CVE-2022-50880,CVE-2022-50881,CVE-2022-50882,CVE-2022-50883,CVE-2022-50884,CVE-2022-50885,CVE-2022-50886,CVE-2022-50887,CVE-2022-50888,CVE-2022-50889,CVE-2023-23559,CVE-2023-53254,CVE-2023-53743,CVE-2023-53744
,CVE-2023-53746,CVE-2023-53747,CVE-2023-53751,CVE-2023-53753,CVE-2023-53754,CVE-2023-53755,CVE-2023-53761,CVE-2023-53766,CVE-2023-53769,CVE-2023-53780,CVE-2023-53781,CVE-2023-53783,CVE-2023-53786,CVE-2023-53788,CVE-2023-53792,CVE-2023-53794,CVE-2023-53801,CVE-2023-53802,CVE-2023-53803,CVE-2023-53804,CVE-2023-53806,CVE-2023-53808,CVE-2023-53811,CVE-2023-53814,CVE-2023-53816,CVE-2023-53818,CVE-2023-53819,CVE-2023-53820,CVE-2023-53827,CVE-2023-53828,CVE-2023-53830,CVE-2023-53832,CVE-2023-53833,CVE-2023-53834,CVE-2023-53837,CVE-2023-53840,CVE-2023-53842,CVE-2023-53844,CVE-2023-53845,CVE-2023-53847,CVE-2023-53848,CVE-2023-53849,CVE-2023-53850,CVE-2023-53852,CVE-2023-53858,CVE-2023-53860,CVE-2023-53862,CVE-2023-53864,CVE-2023-53866,CVE-2023-53989,CVE-2023-53990,CVE-2023-53991,CVE-2023-53996,CVE-2023-53998,CVE-2023-54001,CVE-2023-54003,CVE-2023-54007,CVE-2023-54009,CVE-2023-54010,CVE-2023-54014,CVE-2023-54015,CVE-2023-54017,CVE-2023-54018,CVE-2023-54019,CVE-2023-54020,CVE-2023-54021,CVE-20
23-54024,CVE-2023-54025,CVE-2023-54026,CVE-2023-54028,CVE-2023-54036,CVE-2023-54039,CVE-2023-54040,CVE-2023-54041,CVE-2023-54042,CVE-2023-54044,CVE-2023-54045,CVE-2023-54046,CVE-2023-54047,CVE-2023-54048,CVE-2023-54049,CVE-2023-54050,CVE-2023-54051,CVE-2023-54053,CVE-2023-54055,CVE-2023-54057,CVE-2023-54058,CVE-2023-54064,CVE-2023-54070,CVE-2023-54072,CVE-2023-54074,CVE-2023-54076,CVE-2023-54078,CVE-2023-54079,CVE-2023-54083,CVE-2023-54084,CVE-2023-54090,CVE-2023-54091,CVE-2023-54092,CVE-2023-54095,CVE-2023-54096,CVE-2023-54097,CVE-2023-54098,CVE-2023-54100,CVE-2023-54102,CVE-2023-54104,CVE-2023-54106,CVE-2023-54107,CVE-2023-54108,CVE-2023-54110,CVE-2023-54111,CVE-2023-54114,CVE-2023-54115,CVE-2023-54116,CVE-2023-54118,CVE-2023-54119,CVE-2023-54120,CVE-2023-54122,CVE-2023-54123,CVE-2023-54126,CVE-2023-54127,CVE-2023-54128,CVE-2023-54130,CVE-2023-54131,CVE-2023-54132,CVE-2023-54134,CVE-2023-54136,CVE-2023-54138,CVE-2023-54140,CVE-2023-54144,CVE-2023-54146,CVE-2023-54148,CVE-2023-5415
0,CVE-2023-54153,CVE-2023-54156,CVE-2023-54159,CVE-2023-54164,CVE-2023-54166,CVE-2023-54168,CVE-2023-54169,CVE-2023-54170,CVE-2023-54171,CVE-2023-54173,CVE-2023-54175,CVE-2023-54177,CVE-2023-54179,CVE-2023-54183,CVE-2023-54186,CVE-2023-54189,CVE-2023-54190,CVE-2023-54194,CVE-2023-54197,CVE-2023-54198,CVE-2023-54199,CVE-2023-54201,CVE-2023-54202,CVE-2023-54205,CVE-2023-54208,CVE-2023-54210,CVE-2023-54211,CVE-2023-54213,CVE-2023-54214,CVE-2023-54219,CVE-2023-54226,CVE-2023-54229,CVE-2023-54230,CVE-2023-54234,CVE-2023-54236,CVE-2023-54238,CVE-2023-54242,CVE-2023-54244,CVE-2023-54245,CVE-2023-54251,CVE-2023-54252,CVE-2023-54254,CVE-2023-54260,CVE-2023-54262,CVE-2023-54264,CVE-2023-54266,CVE-2023-54267,CVE-2023-54269,CVE-2023-54270,CVE-2023-54271,CVE-2023-54274,CVE-2023-54275,CVE-2023-54277,CVE-2023-54280,CVE-2023-54284,CVE-2023-54286,CVE-2023-54287,CVE-2023-54289,CVE-2023-54292,CVE-2023-54293,CVE-2023-54294,CVE-2023-54295,CVE-2023-54298,CVE-2023-54299,CVE-2023-54300,CVE-2023-54301,CVE-2
023-54302,CVE-2023-54304,CVE-2023-54305,CVE-2023-54309,CVE-2023-54311,CVE-2023-54315,CVE-2023-54317,CVE-2023-54319,CVE-2023-54320,CVE-2023-54321,CVE-2023-54322,CVE-2023-54325,CVE-2023-54326,CVE-2024-36933,CVE-2024-53093,CVE-2024-56590,CVE-2025-39977,CVE-2025-40019,CVE-2025-40139,CVE-2025-40215,CVE-2025-40220,CVE-2025-40233,CVE-2025-40256,CVE-2025-40258,CVE-2025-40277,CVE-2025-40280,CVE-2025-40331,CVE-2025-68218,CVE-2025-68732
The SUSE Linux Enterprise 15 SP5 kernel was updated to fix various security issues
The following security issues were fixed:
- CVE-2022-50630: mm: hugetlb: fix UAF in hugetlb_handle_userfault (bsc#1254785).
- CVE-2022-50700: wifi: ath10k: Delay the unmapping of the buffer (bsc#1255576).
- CVE-2023-53254: cacheinfo: Fix shared_cpu_map to handle shared caches at different levels (bsc#1249871).
- CVE-2023-53781: smc: Fix use-after-free in tcp_write_timer_handler() (bsc#1254751).
- CVE-2024-56590: Bluetooth: hci_core: Fix not checking skb length on hci_acldata_packet (bsc#1235038).
- CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252046).
- CVE-2025-40019: crypto: essiv - Check ssize for decryption and in-place encryption (bsc#1252678).
- CVE-2025-40139: smc: Use __sk_dst_get() and dst_dev_rcu() in in smc_clc_prfx_set() (bsc#1253409).
- CVE-2025-40215: kABI: xfrm: delete x->tunnel as we delete x (bsc#1254959).
- CVE-2025-40220: fuse: fix livelock in synchronous file put from fuseblk workers (bsc#1254520).
- CVE-2025-40233: ocfs2: clear extent cache after moving/defragmenting extents (bsc#1254813).
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1254843).
- CVE-2025-40277: drm/vmwgfx: Validate command header size against (bsc#1254894).
- CVE-2025-40280: tipc: Fix use-after-free in tipc_mon_reinit_self() (bsc#1254847).
- CVE-2025-40331: sctp: Prevent TOCTOU out-of-bounds write (bsc#1254615).
- CVE-2025-68732: gpu: host1x: Fix race in syncpt alloc/free (bsc#1255688).
The following non security issues were fixed:
- ACPI/IORT: Fix memory leak in iort_rmr_alloc_sids() (git-fixes).
- ACPI: PRM: Remove unnecessary strict handler address checks (git-fixes).
- ACPI: property: Do not pass NULL handles to acpi_attach_data() (git-fixes).
- ACPI: property: Fix buffer properties extraction for subnodes (git-fixes).
- KVM: SVM: Fix TSC_AUX virtualization setup (git-fixes).
- RDMA/cm: Rate limit destroy CM ID timeout error message (git-fixes).
- RDMA/counter: Check CAP_NET_RAW check in user namespace for RDMA counters (git-fixes).
- RDMA/hns: Fix the modification of max_send_sge (git-fixes).
- RDMA/mlx5: Check CAP_NET_RAW in user namespace for anchor create (git-fixes).
- RDMA/mlx5: Check CAP_NET_RAW in user namespace for devx create (git-fixes).
- RDMA/mlx5: Check CAP_NET_RAW in user namespace for flow create (git-fixes).
- RDMA/mlx5: Fix compilation warning when USER_ACCESS isn't set (git-fixes).
- RDMA/nldev: Check CAP_NET_RAW in user namespace for QP modify (git-fixes).
- RDMA/uverbs: Add empty rdma_uattrs_has_raw_cap() declaration (git-fixes).
- RDMA/uverbs: Check CAP_NET_RAW in user namespace for QP create (git-fixes).
- RDMA/uverbs: Check CAP_NET_RAW in user namespace for RAW QP create (git-fixes).
- RDMA/uverbs: Check CAP_NET_RAW in user namespace for flow create (git-fixes).
- arch/idle: Change arch_cpu_idle() behavior: always exit with IRQs disabled (git-fixes).
- cpuidle/poll: Ensure IRQs stay disabled after cpuidle_state::enter() calls (git-fixes).
- cpuidle: Move IRQ state validation (git-fixes).
- cpuidle: haltpoll: Do not enable interrupts when entering idle (git-fixes).
- dm: free table mempools if not used in __bind (git-fixes).
- padata: Honor the caller's alignment in case of chunk_size 0 (bsc#1237563).
- platform/x86/intel-uncore-freq: Fail module load when plat_info is NULL (git-fixes).
- x86/bugs: Fix RSB clearing in indirect_branch_prediction_barrier() (git-fixes).
- x86/bugs: Use SBPB in write_ibpb() if applicable (git-fixes).
- x86/paravirt: Move halt paravirt calls under CONFIG_PARAVIRT (git-fixes).
- x86/tdx: Drop flags from __tdx_hypercall() (git-fixes).
- x86/tdx: Dynamically disable SEPT violations from causing #VEs (git-fixes).
- x86/tdx: Emit warning if IRQs are enabled during HLT #VE handling (git-fixes).
- x86/tdx: Extend TDX_MODULE_CALL to support more TDCALL/SEAMCALL leafs (git-fixes).
- x86/tdx: Fix __noreturn build warning around __tdx_hypercall_failed() (git-fixes).
- x86/tdx: Fix arch_safe_halt() execution for TDX VMs (git-fixes).
- x86/tdx: Introduce wrappers to read and write TD metadata (git-fixes).
- x86/tdx: Make TDX_HYPERCALL asm similar to TDX_MODULE_CALL (git-fixes).
- x86/tdx: Make macros of TDCALLs consistent with the spec (git-fixes).
- x86/tdx: Pass TDCALL/SEAMCALL input/output registers via a structure (git-fixes).
- x86/tdx: Reimplement __tdx_hypercall() using TDX_MODULE_CALL asm (git-fixes).
- x86/tdx: Remove 'struct tdx_hypercall_args' (git-fixes).
- x86/tdx: Remove TDX_HCALL_ISSUE_STI (git-fixes).
- x86/tdx: Rename __tdx_module_call() to __tdcall() (git-fixes).
- x86/tdx: Rename tdx_parse_tdinfo() to tdx_setup() (git-fixes).
- x86/tdx: Retry partially-completed page conversion hypercalls (git-fixes).
- x86/tdx: Skip saving output regs when SEAMCALL fails with VMFailInvalid (git-fixes).
- x86/tdx: Zero out the missing RSI in TDX_HYPERCALL macro (git-fixes).
- x86/virt/tdx: Make TDX_MODULE_CALL handle SEAMCALL #UD and #GP (git-fixes).
- x86/virt/tdx: Wire up basic SEAMCALL functions (git-fixes).
- xfs: fix sparse inode limits on runt AG (bsc#1254392).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:359-1
Released: Mon Feb 2 10:54:54 2026
Summary: Security update for openssl-1_1
Type: security
Severity: moderate
References: 1256834,1256835,1256836,1256837,1256838,1256839,1256840,CVE-2025-68160,CVE-2025-69418,CVE-2025-69419,CVE-2025-69420,CVE-2025-69421,CVE-2026-22795,CVE-2026-22796
This update for openssl-1_1 fixes the following issues:
- CVE-2026-22795: Missing ASN1_TYPE validation in PKCS#12 parsing (bsc#1256839).
- CVE-2025-69420: Missing ASN1_TYPE validation in TS_RESP_verify_response() function (bsc#1256837).
- CVE-2025-69421: NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex function (bsc#1256838).
- CVE-2026-22796: ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes() function (bsc#1256840).
- CVE-2025-68160: Heap out-of-bounds write in BIO_f_linebuffer on short writes (bsc#1256834).
- CVE-2025-69418: Unauthenticated/unencrypted trailing bytes with low-level OCB function calls (bsc#1256835).
- CVE-2025-69419: Out of bounds write in PKCS12_get_friendlyname() UTF-8 conversion (bsc#1256836).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:391-1
Released: Thu Feb 5 15:23:42 2026
Summary: Security update for libxml2
Type: security
Severity: low
References: 1256805,CVE-2026-0989
This update for libxml2 fixes the following issues:
- CVE-2026-0989: Fixed call stack exhaustion leading to application
crash due to RelaxNG parser not limiting the recursion depth when
resolving `<include>` directives (bsc#1256805)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:432-1
Released: Wed Feb 11 10:11:56 2026
Summary: Security update for sqlite3
Type: security
Severity: moderate
References: 1248586,1254670,CVE-2025-7709
This update for sqlite3 fixes the following issues:
- Update to v3.51.2:
- CVE-2025-7709: Fixed an integer overflow in the FTS5 extension. (bsc#1254670)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:458-1
Released: Thu Feb 12 00:28:37 2026
Summary: Security update for glib2
Type: security
Severity: important
References: 1257049,CVE-2026-0988
This update for glib2 fixes the following issues:
- CVE-2026-1485: Fixed buffer underflow and out-of-bounds access due to integer wraparound in content type parsing (bsc#1257354).
- CVE-2026-1484: Fixed buffer underflow and out-of-bounds access due to miscalculated buffer boundaries in the Base64 encoding routine (bsc#1257355).
- CVE-2026-1489: Fixed undersized heap allocation followed by out-of-bounds access due to integer overflow in Unicode case conversion (bsc#1257353).
- CVE-2026-0988: Fixed a potential integer overflow in g_buffered_input_stream_peek (bsc#1257049).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2026:462-1
Released: Thu Feb 12 08:38:20 2026
Summary: Recommended update for google-guest-configs
Type: recommended
Severity: important
References: 1198323,1256906
This update for google-guest-configs fixes the following issues:
- Update to version 20260116.00 (bsc#1256906)
* set_multiqueue: Only set XPS on 'multinic accelerator platforms'
- Update to version 20260112.00
* Make c4x a 'multinic accelerator platform'
* set_multiqueue xps: stop assuming 2 numa nodes
* Add IDPF irq setting; improve a4x-max performance
* Allow test injection of the root directory and metadata server endpoint
* add nic naming support for connextx VF in baremetal
* bugfix for idpf only rename got skipped.
* add a4x-max to google_set_multiqueue is_multinic_accelerator_platform
* remove unnecessary link up and down
* fix inconsistent NIC index between smart NICs and GPU NICs.
- Mark %{_modprobedir}/gce-blacklist.conf as %config(noreplace) (bsc#1198323)
- Update to version 20251014.00
- Update to version 20250913.00
* Swap guest-config rule from checking the build VM OS to taking in a variable for target version
- from version 20250826.00
* Moved tx/rx IRQ logging after assignment
* Fix core assignment in set_irq_range
* Correct IRQ tx/rx affinity core assignment
- Update to version 20250807.00
* Avoid duplicate entries for the metadata server in /etc/hosts
- Update to version 20250709.00
* Add comments in scripts to document the behavior in google hostname setting.
* Always use primary NIC IP for NetworkManager dispatcher hook.
- from version 20250626.00
* Fix spelling error: 'explicilty' to 'explicitly'
- Update to version 20250605.00
* Added comment to the bitmap conversion functions
* Remove IRQ affinity overwrite to XPS affinity
* Update XPS affinity to assign the remaining unassigned CPUs
to the last queue when populating the last queue
* Fix set_xps_affinity to correctly parse cpus array
* Update XPS CPU assignment logic
* Update CPU assignment algorithm in XPS affinity
* Remove commented code
* Update XPS affinity vCPU distribution algorithm s.t. the vCPUs assigned
to a queue are on the same core - fixed IRQ affinity on NUMA1 not using
the correct bind_cores_index
* Fixed NUMA comparison error in set_xps_affinity
* Update XPS affinity setup to be NUMA aware and support 64 bit CPU mask calculation
- from version 20250604.00
* Bug fix: bind_cores_begin to bind_cores_index
* Name smart NICs in lexicographic order
- Run %postun to modify %{_sysconfdir}/sysconfig/network/ifcfg-eth0
during uninstall only to avoid removal of POST_UP_SCRIPT on upgrade
- Update to version 20250516.00
* Remove unused fset
* Remove unused lines
* Update google_set_multiqueue to unpack IRQ ranges before core assignment
- Update to version 20250501.00
* Configure local domain as route only domain to support cloud dns local
domain but avoid adding it to the search path.
- from version 20250409.00
* Change RDMA test condition to ensure renaming race conditions can be detected.
- from version 20250328.00
* Revert 'Include systemd-networkd hook in Ubuntu packaging'
- from version 20250326.00
* Update google_set_multiqueue to check pnic_ids
- from version 20250221.00
* Make google_set_multiqueue aware A4X is multinic_accelerator_platform
- from version 20250207.00
* Update google_set_multiqueue to adapt A4 platform
* Merge branch 'GoogleCloudPlatform:master' into master
* Fix IS_A3_PLATFORM syntax
* Correct IS_A3_PLATFORM to save is_a3_platform results
* Remove excess empty line.
* Store is_a3_platform results into a global variable to avoid redundant curl calls
* Skip tx affinity binding on non-gvnic interfaces only on A3 platforms.
* Update comments for get_vcpu_ranges_on_accelerator_platform to reflect the expected vcpu ranges
* rename get_vcpu_ranges to get_vcpu_ranges_on_accelerator_platform
* Avoid IRQ binding on vCPU 0
* Fix returned value for get_vcpu_ranges
* Update get_vcpu_ranges to read from sys file instead of hardcoded value
* Update google_set_multiqueue to set vCPU ranges based on platform
* Add comment for handling IRQ binding on non-gvnic devices
* Update is_gvnic to include gvnic driver checks
* revert removed echo lines
* Update google_set_multiqueue to skip set_irq if nic is not a gvnic device.
* Update google_set_multiqueue to enable on A3Ultra family
- from version 20250124.00
* Fix missing files. This is a no-op.
* Also force virtio_scsi
- from version 20250116.00
* Add GPL-2 to licensing information
- from version 20250107.00
* Restore IDPF devices for renaming rules
- from version 20241213.00
* Remove Pat from owners file
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2026:463-1
Released: Thu Feb 12 08:40:25 2026
Summary: Recommended update for supportutils
Type: recommended
Severity: important
References: 1232351,1241284,1244003,1244011,1244937,1245667,1246011,1246025,1249657,1250224,1252318,1254425,1256709
This update for supportutils fixes the following issues:
- scplugin.rc is restored in package 3.2.12.1 for continued compatibility (bsc#1256709)
- Changes to version 3.2.12:
* Optimized lsof usage and honors OPTION_OFILES (bsc#1232351)
* Run in containers without errors (bsc#1245667)
* Removed pmap PID from memory.txt (bsc#1246011)
* Added missing /proc/pagetypeinfo to memory.txt (bsc#1246025)
* Improved database perforce with kGraft patching (bsc#1249657)
* Using last boot for journalctl for optimization (bsc#1250224)
* Fixed extraction failures (bsc#1252318)
* Update supportconfig.conf path in docs (bsc#1254425)
* drm_sub_info: Catch error when dir doesn't exist
* Replace remaining `egrep` with `grep -E`
* Add process affinity to slert logs
* Reintroduce cgroup statistics (and v2)
* Minor changes to basic-health-check: improve information level
* Collect important machine health counters
* powerpc: collect hot-pluggable PCI and PHB slots
* podman: collect podman disk usage
* Exclude binary files in crondir
* kexec/kdump: collect everything under /sys/kernel/kexec dir
* Use short-iso for journalctl
- Changes to version 3.2.11:
* Collect rsyslog frule files (bsc#1244003)
* Remove proxy passwords (bsc#1244011)
* Missing NetworkManager information (bsc#1241284)
* Include agama logs bsc#1244937)
* Additional NFS conf files
* New fadump sysfs files
* Fixed change log dates
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:474-1
Released: Thu Feb 12 12:28:33 2026
Summary: Security update for the Linux Kernel
Type: security
Severity: important
References: 1220137,1220144,1222323,1223007,1225049,1233038,1235905,1236104,1236208,1237885,1237906,1238414,1238754,1238763,1244758,1244904,1245110,1245210,1245723,1245751,1247177,1247483,1248306,1248377,1249156,1249158,1249827,1252785,1253028,1253087,1253409,1253702,1254447,1254462,1254463,1254464,1254465,1254767,1254842,1255171,1255251,1255377,1255401,1255594,1255908,1256095,1256582,1256612,1256623,1256641,1256726,1256744,1256779,1256792,1257232,1257236,1257296,1257473,CVE-2022-49604,CVE-2022-49943,CVE-2022-49980,CVE-2022-50232,CVE-2022-50697,CVE-2023-52433,CVE-2023-52874,CVE-2023-52923,CVE-2023-53178,CVE-2023-53407,CVE-2023-53412,CVE-2023-53417,CVE-2023-53418,CVE-2023-53714,CVE-2023-54142,CVE-2023-54243,CVE-2024-26581,CVE-2024-26661,CVE-2024-26832,CVE-2024-50143,CVE-2024-54031,CVE-2025-21658,CVE-2025-21760,CVE-2025-21764,CVE-2025-21765,CVE-2025-21766,CVE-2025-38068,CVE-2025-38129,CVE-2025-38159,CVE-2025-38375,CVE-2025-38563,CVE-2025-38565,CVE-2025-38684,CVE-2025-40044,CVE-2025-40
139,CVE-2025-40257,CVE-2025-40300,CVE-2025-68183,CVE-2025-68284,CVE-2025-68285,CVE-2025-68312,CVE-2025-68771,CVE-2025-68813,CVE-2025-71085,CVE-2025-71089,CVE-2025-71112,CVE-2025-71116,CVE-2025-71120,CVE-2026-22999,CVE-2026-23001
The SUSE Linux Enterprise 15 SP5 kernel was updated to fix various security issues
The following security issues were fixed:
- CVE-2022-50697: mrp: introduce active flags to prevent UAF when applicant uninit (bsc#1255594).
- CVE-2023-54142: gtp: Fix use-after-free in __gtp_encap_destroy() (bsc#1256095).
- CVE-2023-54243: netfilter: ebtables: fix table blob use-after-free (bsc#1255908).
- CVE-2025-38068: crypto: lzo - Fix compression buffer overrun (bsc#1245210).
- CVE-2025-38129: page_pool: fix inconsistency for page_pool_ring_lock() (bsc#1245723).
- CVE-2025-38159: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (bsc#1245751).
- CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1247177).
- CVE-2025-40257: mptcp: fix a race in mptcp_pm_del_add_timer() (bsc#1254842).
- CVE-2025-40300: Documentation/hw-vuln: Add VMSCAPE documentation (bsc#1247483).
- CVE-2025-68183: ima: don't clear IMA_DIGSIG flag when setting or removing non-IMA xattr (bsc#1255251).
- CVE-2025-68284: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (bsc#1255377).
- CVE-2025-68285: libceph: fix potential use-after-free in have_mon_and_osd_map() (bsc#1255401).
- CVE-2025-68312: usbnet: Prevents free active kevent (bsc#1255171).
- CVE-2025-68771: ocfs2: fix kernel BUG in ocfs2_find_victim_chain (bsc#1256582).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256641).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256623).
- CVE-2025-71089: iommu: disable SVA when CONFIG_X86 is set (bsc#1256612).
- CVE-2025-71112: net: hns3: add VLAN id validation before using (bsc#1256726).
- CVE-2025-71116: libceph: make decode_pool() more resilient against corrupted osdmaps (bsc#1256744).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256779).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257236).
- CVE-2026-23001: macvlan: fix possible UAF in macvlan_forward_source() (bsc#1257232).
The following non security issues were fixed:
- mm, page_alloc, thp: prevent reclaim for __GFP_THISNODE THP allocations (bsc#1253087).
- net: hv_netvsc: reject RSS hash key programming without RX indirection table (bsc#1257473).
- net: tcp: allow zero-window ACK update the window (bsc#1254767).
- net: tcp: send zero-window ACK when no memory (bsc#1254767).
- scsi: storvsc: Process unsupported MODE_SENSE_10 (bsc#1257296).
- tcp: correct handling of extreme memory squeeze (bsc#1254767).
- x86: make page fault handling disable interrupts properly (git-fixes).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:508-1
Released: Fri Feb 13 15:50:21 2026
Summary: Security update for curl
Type: security
Severity: moderate
References: 1255731,1255732,1255733,1255734,1256105,CVE-2025-14017,CVE-2025-14524,CVE-2025-14819,CVE-2025-15079,CVE-2025-15224
This update for curl fixes the following issues:
- CVE-2025-14017: Fixed broken TLS options for threaded LDAPS (bsc#1256105).
- CVE-2025-14524: bearer token leak on cross-protocol redirect (bsc#1255731).
- CVE-2025-14819: libssh global knownhost override (bsc#1255732).
- CVE-2025-15079: libssh key passphrase bypass without agent set (bsc#1255733).
- CVE-2025-15224: OpenSSL partial chain store policy bypass (bsc#1255734).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:570-1
Released: Tue Feb 17 17:38:47 2026
Summary: Security update for libxml2
Type: security
Severity: moderate
References: 1247850,1247858,1250553,1256807,1256808,1256809,1256811,1256812,1257593,1257594,1257595,CVE-2025-10911,CVE-2025-8732,CVE-2026-0990,CVE-2026-0992,CVE-2026-1757
This update for libxml2 fixes the following issues:
- CVE-2026-0990: Fixed a call stack overflow leading to application crash due to infinite recursion in `xmlCatalogXMLResolveURI`. (bsc#1256807, bsc#1256811)
- CVE-2026-0992: Fixed an excessive resource consumption when processing XML catalogs due to exponential behavior. (bsc#1256809, bsc#1256812)
- CVE-2026-1757: Fixed a memory leak in the `xmllint` interactive shell. (bsc#1257594, bsc#1257595)
- CVE-2025-10911: Fixed a use-after-free with key data stored cross-RVT. (bsc#1250553)
- CVE-2025-8732: Fixed an infinite recursion in catalog parsing functions when processing malformed SGML catalog files. (bsc#1247858)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:575-1
Released: Wed Feb 18 10:10:36 2026
Summary: Security update for libpcap
Type: security
Severity: low
References: 1255765,CVE-2025-11961
This update for libpcap fixes the following issues:
- CVE-2025-11961: missing validation of provided MAC-48 address string in `pcap_ether_aton()` can lead to out-of-bounds
read and write (bsc#1255765).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:577-1
Released: Wed Feb 18 16:49:13 2026
Summary: Security update for avahi
Type: security
Severity: moderate
References: 1256498,1256499,1256500,CVE-2025-68276,CVE-2025-68468,CVE-2025-68471
This update for avahi fixes the following issues:
- CVE-2025-68276: Fixed refuse to create wide-area record browsers when
wide-area is off (bsc#1256498)
- CVE-2025-68471: Fixed DoS bug by changing assert to return (bsc#1256500)
- CVE-2025-68468: Fixed DoS bug by removing incorrect assertion (bsc#1256499)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:596-1
Released: Mon Feb 23 16:57:20 2026
Summary: Security update for libpng16
Type: security
Severity: important
References: 1256525,1256526,1257364,1257365,1258020,CVE-2025-28162,CVE-2025-28164,CVE-2026-22695,CVE-2026-22801,CVE-2026-25646
This update for libpng16 fixes the following issues:
- CVE-2025-28162: memory leaks when running `pngimage` (bsc#1257364).
- CVE-2025-28164: memory leaks when running `pngimage` (bsc#1257365).
- CVE-2026-22695: heap buffer over-read in png_image_finish_read (bsc#1256525).
- CVE-2026-22801: integer truncation causing heap buffer over-read in png_image_write_* (bsc#1256526).
- CVE-2026-25646: heap buffer overflow vulnerability in png_set_dither/png_set_quantize (bsc#1258020).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:664-1
Released: Thu Feb 26 16:15:04 2026
Summary: Security update for python3
Type: security
Severity: important
References: 1257029,1257031,1257041,1257042,1257044,1257046,CVE-2025-11468,CVE-2025-15282,CVE-2025-15366,CVE-2025-15367,CVE-2026-0672,CVE-2026-0865
This update for python3 fixes the following issues:
- CVE-2025-11468: header injection when folding a long comment in an email header containing exclusively unfoldable
characters (bsc#1257029).
- CVE-2026-0672: HTTP header injection via user-controlled cookie values and parameters when using http.cookies.Morsel
(bsc#1257031).
- CVE-2026-0865: user-controlled header containing newlines can allow injecting HTTP headers (bsc#1257042).
- CVE-2025-15366: user-controlled command can allow additional commands injected using newlines (bsc#1257044).
- CVE-2025-15282: user-controlled data URLs parsed may allow injecting headers (bsc#1257046).
- CVE-2025-15367: control characters may allow the injection of additional commands (bsc#1257041).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:694-1
Released: Fri Feb 27 16:14:32 2026
Summary: Security update for gpg2
Type: security
Severity: moderate
References: 1256389
This update for gpg2 fixes the following issues:
Security fix:
- Fixed GnuPG accepting Path Separators and Path Traversals
in Literal Data (bsc#1256389)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:741-1
Released: Mon Mar 2 09:11:04 2026
Summary: Security update for shim
Type: security
Severity: moderate
References: 1240871,1247432,CVE-2024-2312
This update for shim fixes the following issues:
shim is updated to version 16.1:
- shim_start_image(): fix guid/handle pairing when uninstalling protocols
- Fix uncompressed ipv6 netboot
- fix test segfaults caused by uninitialized memory
- SbatLevel_Variable.txt: minor typo fix.
- Realloc() needs to allocate one more byte for sprintf()
- IPv6: Add more check to avoid multiple double colon and illegal char
- Loader proto v2
- loader-protocol: add workaround for EDK2 2025.02 page fault on FreePages
- Generate Authenticode for the entire PE file
- README: mention new loader protocol and interaction with UKIs
- shim: change automatically enable MOK_POLICY_REQUIRE_NX
- Save var info
- add SbatLevel entry 2025051000 for PSA-2025-00012-1
- Coverity fixes 20250804
- fix http boot
- Fix double free and leak in the loader protocol
shim is updated to version 16.0:
- Validate that a supplied vendor cert is not in PEM format
- sbat: Add grub.peimage,2 to latest (CVE-2024-2312)
- sbat: Also bump latest for grub,4 (and to todays date)
- undo change that limits certificate files to a single file
- shim: don't set second_stage to the empty string
- Fix SBAT.md for today's consensus about numbers
- Update Code of Conduct contact address
- make-certs: Handle missing OpenSSL installation
- Update MokVars.txt
- export DEFINES for sub makefile
- Drop unused EFI_IMAGE_SECURITY_DATABASE_GUID definition
- Null-terminate 'arguments' in fallback
- Fix 'Verifiying' typo in error message
- Update Fedora CI targets
- Force gcc to produce DWARF4 so that gdb can use it
- Minor housekeeping 2024121700
- Discard load-options that start with WINDOWS
- Fix the issue that the gBS->LoadImage pointer was empty.
- shim: Allow data after the end of device path node in load options
- Handle network file not found like disks
- Update gnu-efi submodule for EFI_HTTP_ERROR
- Increase EFI file alignment
- avoid EFIv2 runtime services on Apple x86 machines
- Improve shortcut performance when comparing two boolean expressions
- Provide better error message when MokManager is not found
- tpm: Boot with a warning if the event log is full
- MokManager: remove redundant logical constraints
- Test import_mok_state() when MokListRT would be bigger than available size
- test-mok-mirror: minor bug fix
- Fix file system browser hang when enrolling MOK from disk
- Ignore a minor clang-tidy nit
- Allow fallback to default loader when encountering errors on network boot
- test.mk: don't use a temporary random.bin
- pe: Enhance debug report for update_mem_attrs
- Multiple certificate handling improvements
- Generate SbatLevel Metadata from SbatLevel_Variable.txt
- Apply EKU check with compile option
- Add configuration option to boot an alternative 2nd stage
- Loader protocol (with Device Path resolution support)
- netboot cleanup for additional files
- Document how revocations can be delivered
- post-process-pe: add tests to validate NX compliance
- regression: CopyMem() in ad8692e copies out of bounds
- Save the debug and error logs in mok-variables
- Add features for the Host Security ID program
- Mirror some more efi variables to mok-variables
- This adds DXE Services measurements to HSI and uses them for NX
- Add shim's current NX_COMPAT status to HSIStatus
- README.tpm: reflect that vendor_db is in fact logged as 'vendor_db'
- Reject HTTP message with duplicate Content-Length header fields
- Disable log saving
- fallback: don't add new boot order entries backwards
- README.tpm: Update MokList entry to MokListRT
- SBAT Level update for February 2025 GRUB CVEs
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:783-1
Released: Tue Mar 3 14:36:14 2026
Summary: Security update for zlib
Type: security
Severity: moderate
References: 1258392,CVE-2026-27171
This update for zlib fixes the following issue:
- CVE-2026-27171: Fixed infinite loop via the `crc32_combine64` and `crc32_combine_gen64` functions due to missing
checks for negative lengths (bsc#1258392).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2026:791-1
Released: Tue Mar 3 16:59:33 2026
Summary: Recommended update for gcc15
Type: recommended
Severity: moderate
References: 1257463
This update for gcc15 fixes the following issues:
- Fix bogus expression simplification (bsc#1257463)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2026:818-1
Released: Thu Mar 5 11:26:09 2026
Summary: Recommended update for grub2
Type: recommended
Severity: important
References: 1258022
This update for grub2 fixes the following issues:
- Backport upstream's commit to prevent BIOS assert (bsc#1258022)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:826-1
Released: Thu Mar 5 16:16:29 2026
Summary: Security update for expat
Type: security
Severity: moderate
References: 1257144,1257496,CVE-2026-24515,CVE-2026-25210
This update for expat fixes the following issues:
- CVE-2026-24515: Fixed a null dereference in XML_ExternalEntityParserCreate. (bsc#1257144)
- CVE-2026-25210: Fixed an integer overflow in doContent. (bsc#1257496)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2026:837-1
Released: Fri Mar 6 08:30:05 2026
Summary: Recommended update for syslogd
Type: recommended
Severity: moderate
References:
This update for syslogd fixes the following issues:
- Drop last sysvinit Requirement/Provide (jsc#PED-13698)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:856-1
Released: Tue Mar 10 09:35:24 2026
Summary: Security update for util-linux
Type: security
Severity: moderate
References: 1258859,CVE-2026-3184
This update for util-linux fixes the following issues:
- CVE-2026-3184: Fix full hostname usage for PAM to ensure correct access control for 'login -h' (bsc#1258859).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:862-1
Released: Wed Mar 11 10:59:55 2026
Summary: Security update for gnutls
Type: security
Severity: moderate
References: 1257960,CVE-2025-14831
This update for gnutls fixes the following issues:
- CVE-2025-14831: excessive resource consumption when verifying specially crafted malicious certificates containing
a large number of name constraints and subject alternative names (SANs) (bsc#1257960).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:896-1
Released: Fri Mar 13 16:25:07 2026
Summary: Security update for glibc
Type: security
Severity: important
References: 1246965,1256766,1256822,1257005,CVE-2025-15281,CVE-2025-8058,CVE-2026-0861,CVE-2026-0915
This update for glibc fixes the following issues:
- CVE-2026-0861: memalign: reinstate alignment overflow check (bsc#1256766)
- CVE-2026-0915: resolv: Fix NSS DNS backend for getnetbyaddr (bsc#1256822)
- CVE-2025-15281: posix: Reset wordexp_t fields with WRDE_REUSE (bsc#1257005)
- CVE-2025-8058: posix: Fix double-free after allocation failure in regcomp (bsc#1246965)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2026:899-1
Released: Fri Mar 13 16:32:57 2026
Summary: Recommended update for suseconnect-ng
Type: recommended
Severity: moderate
References: 1230861,1239439,1241002,1244550
This update for suseconnect-ng fixes the following issues:
- Regressions found during QA test runs:
* Ignore product in announce call (bsc#1257490)
* Registration to SMT server with failed (bsc#1257625)
- Update version to 1.20:
* Update error message for Public Cloud instances with registercloudguest installed.
SUSEConnect -d is disabled on PYAG and BYOS when
the registercloudguest command is available. (bsc#1230861)
* Enhanced SAP detected. Take TREX into account and remove empty values when
only /usr/sap but no installation exists (bsc#1241002)
* Fixed modules and extension link to point to version less documentation. (bsc#1239439)
* Fixed SAP instance detection (bsc#1244550)
* Remove link to extensions documentation (bsc#1239439)
* Migrate to the public library
- Version 1.14 public library release
This version is only available on Github as a tag to release the new golang public library
which can be consumed without the need to interface with SUSEConnect directly.
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:910-1
Released: Tue Mar 17 20:34:12 2026
Summary: Security update for vim
Type: security
Severity: moderate
References: 1246602,1258229,1259051,CVE-2025-53906,CVE-2026-26269,CVE-2026-28417
This update for vim fixes the following issues:
Update Vim to version 9.2.0110:
- CVE-2025-53906: malicious zip archive may cause a path traversal in Vim's zip (bsc#1246602).
- CVE-2026-26269: Netbeans specialKeys stack buffer overflow (bsc#1258229).
- CVE-2026-28417: crafted URL parsed by netrw plugin can lead to execute arbitrary shell commands (bsc#1259051).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:911-1
Released: Tue Mar 17 20:56:12 2026
Summary: Security update for curl
Type: security
Severity: important
References: 1259362,1259363,1259364,1259365,CVE-2026-1965,CVE-2026-3783,CVE-2026-3784,CVE-2026-3805
This update for curl fixes the following issues:
- CVE-2026-1965: bad reuse of HTTP Negotiate connection (bsc#1259362).
- CVE-2026-3783: token leak with redirect and netrc (bsc#1259363).
- CVE-2026-3784: wrong proxy connection reuse with credentials (bsc#1259364).
- CVE-2026-3805: use after free in SMB connection reuse (bsc#1259365).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2026:912-1
Released: Wed Mar 18 07:19:42 2026
Summary: Recommended update for ca-certificates-mozilla
Type: recommended
Severity: moderate
References: 1229003,1258002
This update for ca-certificates-mozilla fixes the following issues:
- test for a concretely missing certificate rather than
just the directory, as the latter is now also provided by openssl-3
- Re-create java-cacerts with SOURCE_DATE_EPOCH set
for reproducible builds (bsc#1229003)
- Also mark /usr/share/factory/var/lib/ca-certificates/ as writable by the user
during install: allow rpm to properly execute %clean when completed.
- Create /var/lib/ca-certificates during build to ensure rpm gives
the %ghost'ed directory proper mode attributes.
- Updated to 2.84 state (bsc#1258002)
* Removed:
+ Baltimore CyberTrust Root
+ CommScope Public Trust ECC Root-01
+ CommScope Public Trust ECC Root-02
+ CommScope Public Trust RSA Root-01
+ CommScope Public Trust RSA Root-02
+ DigiNotar Root CA
* Added:
+ e-Szigno TLS Root CA 2023
+ OISTE Client Root ECC G1
+ OISTE Client Root RSA G1
+ OISTE Server Root ECC G1
+ OISTE Server Root RSA G1
+ SwissSign RSA SMIME Root CA 2022 - 1
+ SwissSign RSA TLS Root CA 2022 - 1
+ TrustAsia SMIME ECC Root CA
+ TrustAsia SMIME RSA Root CA
+ TrustAsia TLS ECC Root CA
+ TrustAsia TLS RSA Root CA
- reenable the distrusted certs again. the distrust is only for certs
issued after the distrust date, not for all certs of a CA.
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:931-1
Released: Thu Mar 19 09:23:14 2026
Summary: Security update for jq
Type: security
Severity: low
References: 1248600,CVE-2025-9403
This update for jq fixes the following issue:
- CVE-2025-9403: test suite assertion failure in JSON parsing consistency validation (bsc#1248600).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:949-1
Released: Fri Mar 20 19:08:19 2026
Summary: Security update for runc
Type: security
Severity: important
References:
This update for runc rebuilds it against the current go 1.25 security release.
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:1003-1
Released: Wed Mar 25 10:25:34 2026
Summary: Security update for the Linux Kernel
Type: security
Severity: important
References: 1238917,1255075,1256645,1257231,1257473,1257732,1257735,1257749,1257790,1258340,1258395,1258518,1258849,1258850,1259857,CVE-2025-21738,CVE-2025-40242,CVE-2025-71066,CVE-2026-23004,CVE-2026-23054,CVE-2026-23060,CVE-2026-23074,CVE-2026-23089,CVE-2026-23191,CVE-2026-23204,CVE-2026-23209,CVE-2026-23268,CVE-2026-23269
The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2025-21738: ata: libata-sff: Ensure that we cannot write outside the allocated buffer (bsc#1238917).
- CVE-2025-40242: gfs2: Fix unlikely race in gdlm_put_lock (bsc#1255075).
- CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1256645).
- CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1257231).
- CVE-2026-23060: crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (bsc#1257735).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1257749).
- CVE-2026-23089: ALSA: usb-audio: Fix use-after-free in snd_usb_mixer_free() (bsc#1257790).
- CVE-2026-23191: ALSA: aloop: Fix racy access at PCM trigger (bsc#1258395).
- CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1258340).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258518).
- CVE-2026-23268: apparmor: fix unprivileged local user can do privileged policy management (bsc#1258850).
- CVE-2026-23269: apparmor: validate DFA start states are in bounds in unpack_pdb (bsc#1259857).
The following non-security bugs were fixed:
- Disable CONFIG_NET_SCH_ATM (jsc#PED-12836).
- apparmor: Fix double free of ns_name in aa_replace_profiles() (bsc#1258849).
- apparmor: fix differential encoding verification (bsc#1258849).
- apparmor: fix memory leak in verify_header (bsc#1258849).
- apparmor: fix missing bounds check on DEFAULT table in verify_dfa() (bsc#1258849).
- apparmor: fix race between freeing data and fs accessing it (bsc#1258849).
- apparmor: fix race on rawdata dereference (bsc#1258849).
- apparmor: fix side-effect bug in match_char() macro usage (bsc#1258849).
- apparmor: fix unprivileged local user can do privileged policy management (bsc#1258849).
- apparmor: fix: limit the number of levels of policy namespaces (bsc#1258849).
- apparmor: replace recursive profile removal with iterative approach (bsc#1258849).
- apparmor: validate DFA start states are in bounds in unpack_pdb (bsc#1258849).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:1061-1
Released: Thu Mar 26 11:35:08 2026
Summary: Security update for systemd
Type: security
Severity: important
References: 1259418,1259650,1259697,CVE-2026-29111,CVE-2026-4105
This update for systemd fixes the following issues:
- CVE-2026-4105: privilege escalation due to improper access control in RegisterMachine D-Bus method (bsc#1259650).
- CVE-2026-29111: local unprivileged user can trigger an assert in systemd (bsc#1259418).
- udev: check for invalid chars in various fields received from the kernel (bsc#1259697).
Changelog:
- 6a38d88a42 machined: reject invalid class types when registering machines
- 8c9a592e5a udev: fix review mixup
- b57007a917 udev-builtin-net-id: print cescaped bad attributes
- ee23c7604b udev-builtin-net_id: do not assume the current interface name is ethX
- 0f63e799e6 udev: ensure tag parsing stays within bounds
- 046f52ec12 udev: ensure there is space for trailing NUL before calling sprintf
- 5be21460ce udev: check for invalid chars in various fields received from the kernel
- 9559607b16 core/cgroup: avoid one unnecessary strjoina()
- fcae348ca4 core: validate input cgroup path more prudently
- a3ca6b3031 alloc-util: add strdupa_safe() + strndupa_safe() and use it everywhere
- 08125d6b06 units: add dep on systemd-logind.service by user at .service
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:1065-1
Released: Thu Mar 26 11:38:12 2026
Summary: Security update for sqlite3
Type: security
Severity: moderate
References: 1254670,1259619,CVE-2025-70873,CVE-2025-7709
This update for sqlite3 fixes the following issues:
Update sqlite3 to 3.51.3:
- CVE-2025-7709: Integer Overflow in FTS5 Extension (bsc#1254670).
- CVE-2025-70873: SQLite zipfile extension may disclose uninitialized heap memory during inflation (bsc#1259619).
Changelog:
* Fix the WAL-reset database corruption bug:
https://sqlite.org/wal.html#walresetbug
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2026:1087-1
Released: Thu Mar 26 16:20:57 2026
Summary: Recommended update for util-linux
Type: recommended
Severity: moderate
References: 1222465,1234736
This update for util-linux fixes the following issues:
- recognize fuse 'portal' as a virtual file system (bsc#1234736).
- fdisk: Fix possible partition overlay and data corruption if EBR gap is missing (bsc#1222465).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:1090-1
Released: Thu Mar 26 18:44:54 2026
Summary: Security update for python3
Type: security
Severity: important
References: 1257181,CVE-2026-1299
This update for python3 fixes the following issues:
- CVE-2026-1299: header injection when an email is serialized due to improper newline quoting in BytesGenerator (bsc#1257181).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:1092-1
Released: Thu Mar 26 18:51:45 2026
Summary: Security update for xen
Type: security
Severity: important
References: 1259247,CVE-2026-23554
This update for xen fixes the following issues:
- CVE-2026-23554: xen: Use after free of paging structures in EPT (bsc#1259247, XSA-480)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:1105-1
Released: Fri Mar 27 08:03:05 2026
Summary: Security update for containerd
Type: security
Severity: important
References:
This update for containerd rebuilds it against the current go 1.25 security release.
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:1166-1
Released: Thu Apr 2 03:08:04 2026
Summary: Security update for expat
Type: security
Severity: important
References: 1259711,1259726,1259729,CVE-2026-32776,CVE-2026-32777,CVE-2026-32778
This update for expat fixes the following issues:
- CVE-2026-32776: NULL pointer dereference when processing empty external parameter entities inside an entity
declaration value (bsc#1259726).
- CVE-2026-32777: denial of service due to infinite loop in DTD content parsing (bsc#1259711).
- CVE-2026-32778: NULL pointer dereference in `setContext` on retry after an out-of-memory condition (bsc#1259729).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:1177-1
Released: Thu Apr 2 17:00:30 2026
Summary: Security update for tar
Type: security
Severity: important
References: 1246399,CVE-2025-45582
This update for tar fixes the following issue:
- CVE-2025-45582: file overwrite via directory traversal in crafted TAR archives (bsc#1246399).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:1230-1
Released: Thu Apr 9 10:58:22 2026
Summary: Security update for bind
Type: security
Severity: important
References: 1260805,CVE-2026-1519
This update for bind fixes the following issues:
- CVE-2026-1519: high CPU load during insecure delegation validation due to excessive NSEC3 iterations (bsc#1260805).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:1247-1
Released: Fri Apr 10 12:34:39 2026
Summary: Security update for nghttp2
Type: security
Severity: important
References: 1259845,CVE-2026-27135
This update for nghttp2 fixes the following issue:
- CVE-2026-27135: assertion failure due to missing state validation can lead to DoS (bsc#1259845).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:1290-1
Released: Mon Apr 13 10:08:34 2026
Summary: Security update for openssl-1_1
Type: security
Severity: important
References: 1260441,1260442,1260443,1260444,CVE-2026-28387,CVE-2026-28388,CVE-2026-28389,CVE-2026-31789
This update for openssl-1_1 fixes the following issues:
- CVE-2026-28387: Potential use-after-free in DANE client code (bsc#1260441).
- CVE-2026-28388: NULL Pointer Dereference When Processing a Delta CRL (bsc#1260442).
- CVE-2026-28389: Possible NULL dereference when processing CMS KeyAgreeRecipientInfo (bsc#1260443).
- CVE-2026-31789: Heap buffer overflow in hexadecimal conversion (bsc#1260444).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:1308-1
Released: Tue Apr 14 12:37:49 2026
Summary: Security update for sudo
Type: security
Severity: important
References: 1261420,CVE-2026-35535
This update for sudo fixes the following issue:
- CVE-2026-35535: Fixed potential privilege escalation when running the mailer (bsc#1261420).
-----------------------------------------------------------------
Advisory ID: SUSE-OU-2026:1315-1
Released: Tue Apr 14 13:26:20 2026
Summary: Optional update for rsyslog
Type: optional
Severity: moderate
References:
This update for rsyslog fixes the following issue:
- add the rsyslog-module-ossl (openssl TLS support).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:1323-1
Released: Tue Apr 14 15:11:50 2026
Summary: Security update for libpng16
Type: security
Severity: important
References: 1260754,CVE-2026-33416
This update for libpng16 fixes the following issues:
- CVE-2026-33416: use-after-free via pointer aliasing in `png_set_tRNS` and `png_set_PLTE` can lead to arbitrary code
execution (bsc#1260754).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2026:1380-1
Released: Thu Apr 16 11:13:40 2026
Summary: Recommended update for suseconnect-ng
Type: recommended
Severity: important
References: 1257667,1257825,1261155
This update for suseconnect-ng fixes the following issues:
- Update version to 1.21.1:
* Fix nil token handling (bsc#1261155)
* Switch to using go1.24-openssl as the default Go version to
install to support building the package (jsc#SCC-585).
- Update version to 1.21:
* Add expanded metric collection for kernel modules and hardware detection (jsc#TEL-226).
* Support new profile based metric collection
* Fix ignored --root parameter hanbling when reading and writing configuration (bsc#1257667)
* Add expanded metric collection for system vendor/manfacturer (jsc#TEL-260).
* Removed backport patch
* Add missing product id to allow yast2-registration to not break (bsc#1257825)
* Fix libsuseconnect APIError detection logic (bsc#1257825)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2026:1403-1
Released: Thu Apr 16 13:34:01 2026
Summary: Recommended update for cyrus-sasl
Type: recommended
Severity: moderate
References: 1229655
This update for cyrus-sasl fixes the following issues:
- Add Channel Binding support for GSSAPI/GSS-SPNEGO (bsc#1229655, jsc#PED-12097)
- Add support for setting max ssf 0 to GSS-SPNEGO
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:1432-1
Released: Fri Apr 17 12:12:08 2026
Summary: Security update for libcap
Type: security
Severity: important
References: 1261809,CVE-2026-4878
This update for libcap fixes the following issue:
- CVE-2026-4878: Address a potential TOCTOU race condition in cap_set_file() (bsc#1261809).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2026:1472-1
Released: Mon Apr 20 11:31:54 2026
Summary: Recommended update for grub2
Type: recommended
Severity: important
References: 1259543
This update for grub2 fixes the following issues:
- Fix double free in xen booting if root filesystem is Btrfs (bsc#1259543)
* btrfs: add ability to boot from subvolumes
* btrfs: get default subvolume
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:1487-1
Released: Mon Apr 20 17:52:11 2026
Summary: Security update for runc
Type: security
Severity: important
References:
This update for runc rebuilds it against the current go 1.25 security release.
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:1495-1
Released: Mon Apr 20 17:59:12 2026
Summary: Security update for containerd
Type: security
Severity: important
References:
This update for containerd rebuilds it against the current go 1.25 security release.
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:1510-1
Released: Tue Apr 21 08:28:12 2026
Summary: Security update for ncurses
Type: security
Severity: moderate
References: 1259924,CVE-2025-69720
This update for ncurses fixes the following issue:
- CVE-2025-69720: buffer overflow in function `analyze_string()`of `progs/infocmp.c` (bsc#1259924).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:1550-1
Released: Wed Apr 22 11:41:14 2026
Summary: Security update for openssl-1_1
Type: security
Severity: moderate
References: 1261678,CVE-2026-28390
This update for openssl-1_1 fixes the following issues:
- CVE-2026-28390: NULL pointer dereference during processing of a crafted CMS EnvelopedData message with
KeyTransportRecipientInfo (bsc#1261678).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:1565-1
Released: Thu Apr 23 09:08:29 2026
Summary: Security update for libssh
Type: security
Severity: moderate
References: 1258045,1258049,1258054,1258080,1258081,1259377,CVE-2026-0964,CVE-2026-0965,CVE-2026-0966,CVE-2026-0967,CVE-2026-0968,CVE-2026-3731
This update for libssh fixes the following issues:
- CVE-2026-0964: improper sanitation of paths received from SCP servers can cause path traversal (bsc#1258049).
- CVE-2026-0965: possible denial of service when parsing unexpected configuration files (bsc#1258045).
- CVE-2026-0966: buffer underflow in ssh_get_hexa() on invalid input (bsc#1258054).
- CVE-2026-0967: specially crafted patterns could cause denial of service (bsc#1258081).
- CVE-2026-0968: malformed SFTP message can lead to out of bound read (bsc#1258080).
- CVE-2026-3731: denial of service via out-of-bounds read in SFTP extension name handler (bsc#1259377).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:1606-1
Released: Fri Apr 24 13:50:09 2026
Summary: Security update for the Linux Kernel
Type: security
Severity: important
References: 1215492,1246057,1256675,1257773,1259797,1260005,1260009,1260347,1260562,CVE-2025-38234,CVE-2025-68818,CVE-2026-23103,CVE-2026-23243,CVE-2026-23272,CVE-2026-23274,CVE-2026-23317
The SUSE Linux Enterprise 15 SP5 kernel was updated to fix various security issues
The following security issues were fixed:
- CVE-2025-38234: sched/rt: Fix race in push_rt_task (bsc#1246057).
- CVE-2026-23103: ipvlan: Make the addrs_lock be per port (bsc#1257773).
- CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259797).
- CVE-2026-23272: netfilter: nf_tables: unconditionally bump set-nelems before insertion (bsc#1260009).
- CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260005).
- CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260562).
The following non security issues were fixed:
- nvme-fc: use ctrl state getter (git-fixes bsc#1215492).
- nvme-pci: fix queue unquiesce check on slot_reset (git-fixes).
- nvme-pci: skip nvme_write_sq_db on empty rqlist (git-fixes).
- PCI: dwc: ep: Return -ENOMEM for allocation failures (git-fixes).
- PCI: Fix lock symmetry in pci_slot_unlock() (git-fixes).
- PCI: Fix pci_slot_trylock() error handling (git-fixes).
- PCI: tegra194: Fix duplicate PLL disable in pex_ep_event_pex_rst_assert() (git-fixes).
- PCI/ACS: Fix 'pci=config_acs=' parameter (git-fixes).
- x86/platform/uv: Handle deconfigured sockets (bsc#1260347).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:1607-1
Released: Fri Apr 24 13:50:52 2026
Summary: Security update for vim
Type: security
Severity: important
References: 1259985,1261191,1261271,CVE-2026-33412,CVE-2026-34714,CVE-2026-34982
This update for vim fixes the following issues:
Update to version 9.2.0280.
- CVE-2026-34982: missing input validation allows for a modeline sandbox bypass and can lead to arbitrary OS command
execution (bsc#1261271).
- CVE-2026-34714: missing checks allow for a `tabpanel` modeline escape and can lead to arbitrary OS command execution
(bsc#1261191).
- CVE-2026-33412: improper escaping of newline characters allows for command injection in `glob` and can lead to
arbitrary code execution (bsc#1259985).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:1657-1
Released: Wed Apr 29 13:06:49 2026
Summary: Security update for xen
Type: security
Severity: important
References: 1262178,1262180,1262428,CVE-2025-54505,CVE-2026-23557,CVE-2026-23558
This update for xen fixes the following issues:
- CVE-2025-54505: floating point divider state sampling on AMD CPUs AMD-SN-7053 (bsc#1262428).
- CVE-2026-23557: Xenstored DoS via XS_RESET_WATCHES command (bsc#1262178).
- CVE-2026-23558: grant table v2 race in status page mapping (bsc#1262180).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:1659-1
Released: Wed Apr 29 13:09:06 2026
Summary: Security update for sed
Type: security
Severity: moderate
References: 1262144,CVE-2026-5958
This update for sed fixes the following issues:
- CVE-2026-5958: TOCTOU race allows write of user-controlled content to unintended files and can lead to arbitrary file
overwrite (bsc#1262144).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:1670-1
Released: Sat May 2 07:53:26 2026
Summary: Security update for the Linux Kernel
Type: security
Severity: important
References: 1262573,CVE-2026-31431
The SUSE Linux Enterprise 15 SP6 kernel was updated to fix one security issue
The following security issue was fixed:
- CVE-2026-31431: The copy.fail security issue is fixed by revert to operating out-of-place in algif_aead (bsc#1262573).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:1715-1
Released: Wed May 6 14:09:30 2026
Summary: Security update for python3
Type: security
Severity: important
References: 1259611,1259734,1259735,1259989,1260026,1261969,1261970,1262098,1262319,1262654,CVE-2025-13462,CVE-2026-1502,CVE-2026-3446,CVE-2026-3479,CVE-2026-3644,CVE-2026-4224,CVE-2026-4519,CVE-2026-4786,CVE-2026-6019,CVE-2026-6100
This update for python3 fixes the following issues:
- CVE-2025-13462: incorrect parsing of TarInfo when GNU long name and type AREGTYPE are combined can lead to
misinterpretation of tar archives (bsc#1259611).
- CVE-2026-1502: HTTP client proxy tunnel headers not validated for CR/LF (bsc#1261969).
- CVE-2026-3446: base64 decoding stops at first padded quad by default and ignores other information that could be
processed (bsc#1261970).
- CVE-2026-3479: improper resource argument validation in `pkgutil.get_data()` can lead to path traversal (bsc#1259989).
- CVE-2026-3644: incomplete control character validation in http.cookies can lead to input validation bypass
(bsc#1259734).
- CVE-2026-4224: parsing XML with deeply nested DTD content models can lead to C stack overflow (bsc#1259735).
- CVE-2026-4519: failure to sanitize leading dashes in URLs in the `webbrowser.open()` API can lead to web browser
command line option injection (bsc#1260026).
- CVE-2026-4786: URLs prefixed with `%action` can pass the dash-prefix safety check and allow for command injection
(bsc#1262319).
- CVE-2026-6019: `BaseCookie.js_output()` does not neutralize characters in cookie values embedded in JS (bsc#1262654).
- CVE-2026-6100: use-after-free in `lzma.LZMADecompressor`, `bz2.BZ2Decompressor`, and `gzip.GzipFile` when process is
under memory pressure(bsc#1262098).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:1717-1
Released: Wed May 6 14:13:17 2026
Summary: Security update for curl
Type: security
Severity: important
References: 1259362,1262631,1262632,1262635,1262636,1262638,CVE-2026-1965,CVE-2026-4873,CVE-2026-5545,CVE-2026-6253,CVE-2026-6276,CVE-2026-6429
This update for curl fixes the following issues:
Security issues fixed:
- CVE-2026-4873: connection reuse ignores TLS requirement (bsc#1262631).
- CVE-2026-5545: wrong reuse of HTTP Negotiate connection (bsc#1262632).
- CVE-2026-6253: proxy credentials leak over redirect-to proxy (bsc#1262635).
- CVE-2026-6276: stale custom cookie host causes cookie leak (bsc#1262636).
- CVE-2026-6429: netrc credential leak with reused proxy connection (bsc#1262638).
Other updates and bugfixes:
- sws: prevent 'connection monitor' to say disconnect twice (bsc#1259362).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2026:1721-1
Released: Wed May 6 16:43:37 2026
Summary: Recommended update for cloud-netconfig
Type: recommended
Severity: important
References: 1253223,1258406,1258730
This update for cloud-netconfig fixes the following issues:
- Update to version 1.19:
* Make sure IPADDR variable is stripped of netmask
- Update to version 1.18:
* Fix issue with link-local address routing (bsc#1258730)
- Update to version 1.17:
* Do not set broadcast address explicitly (bsc#1258406)
- Update to version 1.16:
* Fix query of default CLOUD_NETCONFIG_MANAGE (bsc#1253223)
* Fix variable names in the README
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2026:1759-1
Released: Thu May 7 16:03:37 2026
Summary: Recommended update for dracut
Type: recommended
Severity: moderate
References: 1261274
This update for dracut fixes the following issues:
- Update to version 055+suse.399.g9aa7e567:
* fix: make iso-scan trigger udev events (bsc#1261274)
The following package changes have been done:
- bash-sh-4.4-150400.27.6.1 updated
- bash-4.4-150400.27.6.1 updated
- bind-utils-9.16.50-150500.8.35.1 updated
- ca-certificates-mozilla-2.84-150200.44.1 updated
- chrony-pool-suse-4.1-150400.21.8.1 updated
- chrony-4.1-150400.21.8.1 updated
- cifs-utils-6.15-150400.3.18.1 updated
- cloud-netconfig-gce-1.19-150000.25.31.1 updated
- containerd-ctr-1.7.29-150000.132.1 updated
- containerd-1.7.29-150000.132.1 updated
- curl-8.14.1-150400.5.83.1 updated
- dracut-055+suse.399.g9aa7e567-150500.3.35.1 updated
- e2fsprogs-1.46.4-150400.3.9.2 added
- elfutils-0.185-150400.5.8.3 updated
- glibc-locale-base-2.31-150300.98.1 updated
- glibc-locale-2.31-150300.98.1 updated
- glibc-2.31-150300.98.1 updated
- google-guest-configs-20260116.00-150400.13.25.1 updated
- gpg2-2.2.27-150300.3.19.1 updated
- grub2-i386-pc-2.06-150500.29.65.1 updated
- grub2-x86_64-efi-2.06-150500.29.65.1 updated
- grub2-2.06-150500.29.65.1 updated
- iptables-1.8.7-1.1 added
- jq-1.6-150000.3.12.1 updated
- kernel-default-5.14.21-150500.55.149.1 updated
- kmod-29-150300.4.18.1 updated
- libasm1-0.185-150400.5.8.3 updated
- libavahi-client3-0.8-150400.7.26.1 updated
- libavahi-common3-0.8-150400.7.26.1 updated
- libblkid1-2.37.4-150500.9.26.1 updated
- libcap2-2.63-150400.3.6.1 updated
- libcurl4-8.14.1-150400.5.83.1 updated
- libdevmapper1_03-2.03.22_1.02.196-150500.7.18.4 updated
- libdw1-0.185-150400.5.8.3 updated
- libelf1-0.185-150400.5.8.3 updated
- libexpat1-2.7.1-150400.3.37.1 updated
- libext2fs2-1.46.4-150400.3.9.2 added
- libfdisk1-2.37.4-150500.9.26.1 updated
- libfreetype6-2.10.4-150000.4.25.1 updated
- libgcc_s1-15.2.0+git10201-150000.1.9.1 updated
- libglib-2_0-0-2.70.5-150400.3.34.1 updated
- libgnutls30-3.7.3-150400.4.56.1 updated
- libip6tc2-1.8.7-1.1 added
- libjq1-1.6-150000.3.12.1 updated
- libkmod2-29-150300.4.18.1 updated
- libmount1-2.37.4-150500.9.26.1 updated
- libncurses6-6.1-150000.5.33.1 updated
- libnftnl11-1.2.0-150400.1.6 added
- libnghttp2-14-1.40.0-150200.22.1 updated
- libopenssl1_1-1.1.1l-150500.17.54.1 updated
- libpcap1-1.10.1-150400.3.9.1 updated
- libpci3-3.13.0-150300.13.12.1 updated
- libpng16-16-1.6.34-150000.3.22.1 updated
- libprocps8-3.3.17-150000.7.42.1 added
- libpython3_6m1_0-3.6.15-150300.10.118.1 updated
- libreadline7-7.0-150400.27.6.1 updated
- libsasl2-3-2.1.28-150500.3.3.1 updated
- libsmartcols1-2.37.4-150500.9.26.1 updated
- libsqlite3-0-3.51.3-150000.3.39.1 updated
- libssh-config-0.9.8-150400.3.17.1 updated
- libssh4-0.9.8-150400.3.17.1 updated
- libstdc++6-15.2.0+git10201-150000.1.9.1 updated
- libsystemd0-249.17-150400.8.55.1 updated
- libtasn1-6-4.13-150000.4.14.1 updated
- libtasn1-4.13-150000.4.14.1 updated
- libudev1-249.17-150400.8.55.1 updated
- libuuid1-2.37.4-150500.9.26.1 updated
- libxml2-2-2.10.3-150500.5.38.1 updated
- libz1-1.2.13-150500.4.6.1 updated
- ncurses-utils-6.1-150000.5.33.1 updated
- openssh-clients-8.4p1-150300.3.57.1 updated
- openssh-common-8.4p1-150300.3.57.1 updated
- openssh-server-8.4p1-150300.3.57.1 updated
- openssh-8.4p1-150300.3.57.1 updated
- openssl-1_1-1.1.1l-150500.17.54.1 updated
- pciutils-3.13.0-150300.13.12.1 updated
- procps-3.3.17-150000.7.42.1 added
- python3-base-3.6.15-150300.10.118.1 updated
- python3-bind-9.16.50-150500.8.35.1 updated
- python3-3.6.15-150300.10.118.1 updated
- rsyslog-module-relp-8.2306.0-150400.5.35.1 updated
- rsyslog-8.2306.0-150400.5.35.1 updated
- runc-1.3.4-150000.92.1 updated
- sed-4.4-150300.13.6.1 updated
- shim-16.1-150300.4.31.3 updated
- sudo-1.9.12p1-150500.7.16.1 updated
- supportutils-3.2.12.1-150300.7.35.39.1 updated
- suseconnect-ng-1.21.1-150500.3.40.1 updated
- syslog-service-2.0-150300.13.3.1 updated
- systemd-sysvinit-249.17-150400.8.55.1 updated
- systemd-249.17-150400.8.55.1 updated
- tar-1.34-150000.3.37.1 updated
- terminfo-base-6.1-150000.5.33.1 updated
- terminfo-6.1-150000.5.33.1 updated
- udev-249.17-150400.8.55.1 updated
- util-linux-systemd-2.37.4-150500.9.26.1 updated
- util-linux-2.37.4-150500.9.26.1 updated
- vim-data-common-9.2.0280-150500.20.46.1 updated
- vim-9.2.0280-150500.20.46.1 updated
- xen-libs-4.17.6_08-150500.3.65.1 updated
- xtables-plugins-1.8.7-1.1 added
- iproute2-5.14-150400.3.3.1 removed
- libwayland-client0-1.21.0-150500.1.1 removed
More information about the sle-container-updates
mailing list