From null at suse.de Mon Feb 2 08:30:11 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 02 Feb 2026 08:30:11 -0000 Subject: SUSE-SU-2026:0355-1: important: Security update for glib2 Message-ID: <177002101135.24019.3992385475852346834@smelt2.prg2.suse.org> # Security update for glib2 Announcement ID: SUSE-SU-2026:0355-1 Release Date: 2026-01-31T02:04:40Z Rating: important References: * bsc#1257353 * bsc#1257354 * bsc#1257355 Cross-References: * CVE-2026-1484 * CVE-2026-1485 * CVE-2026-1489 CVSS scores: * CVE-2026-1484 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-1484 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-1484 ( NVD ): 4.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L * CVE-2026-1485 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-1485 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-1485 ( NVD ): 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2026-1489 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-1489 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-1489 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L Affected Products: * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that solves three vulnerabilities can now be installed. ## Description: This update for glib2 fixes the following issues: * CVE-2026-1485: Fixed buffer underflow and out-of-bounds access due to integer wraparound in content type parsing (bsc#1257354). * CVE-2026-1484: Fixed buffer underflow and out-of-bounds access due to miscalculated buffer boundaries in the Base64 encoding routine (bsc#1257355). * CVE-2026-1489: Fixed undersized heap allocation followed by out-of-bounds access due to integer overflow in Unicode case conversion (bsc#1257353). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2026-355=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2026-355=1 ## Package List: * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * libglib-2_0-0-debuginfo-2.62.6-150200.3.42.1 * glib2-tools-2.62.6-150200.3.42.1 * libgobject-2_0-0-2.62.6-150200.3.42.1 * libgobject-2_0-0-debuginfo-2.62.6-150200.3.42.1 * glib2-debugsource-2.62.6-150200.3.42.1 * libgio-2_0-0-2.62.6-150200.3.42.1 * libgmodule-2_0-0-2.62.6-150200.3.42.1 * libgio-2_0-0-debuginfo-2.62.6-150200.3.42.1 * libgmodule-2_0-0-debuginfo-2.62.6-150200.3.42.1 * libglib-2_0-0-2.62.6-150200.3.42.1 * glib2-tools-debuginfo-2.62.6-150200.3.42.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * libglib-2_0-0-debuginfo-2.62.6-150200.3.42.1 * glib2-tools-2.62.6-150200.3.42.1 * libgobject-2_0-0-2.62.6-150200.3.42.1 * libgobject-2_0-0-debuginfo-2.62.6-150200.3.42.1 * glib2-debugsource-2.62.6-150200.3.42.1 * libgio-2_0-0-2.62.6-150200.3.42.1 * libgmodule-2_0-0-2.62.6-150200.3.42.1 * libgio-2_0-0-debuginfo-2.62.6-150200.3.42.1 * libgmodule-2_0-0-debuginfo-2.62.6-150200.3.42.1 * libglib-2_0-0-2.62.6-150200.3.42.1 * glib2-tools-debuginfo-2.62.6-150200.3.42.1 ## References: * https://www.suse.com/security/cve/CVE-2026-1484.html * https://www.suse.com/security/cve/CVE-2026-1485.html * https://www.suse.com/security/cve/CVE-2026-1489.html * https://bugzilla.suse.com/show_bug.cgi?id=1257353 * https://bugzilla.suse.com/show_bug.cgi?id=1257354 * https://bugzilla.suse.com/show_bug.cgi?id=1257355 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Feb 2 08:30:18 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 02 Feb 2026 08:30:18 -0000 Subject: SUSE-SU-2026:0354-1: moderate: Security update for govulncheck-vulndb Message-ID: <177002101813.24019.16779275371847106590@smelt2.prg2.suse.org> # Security update for govulncheck-vulndb Announcement ID: SUSE-SU-2026:0354-1 Release Date: 2026-01-30T18:33:39Z Rating: moderate References: * jsc#PED-11136 Cross-References: * CVE-2025-61726 * CVE-2025-61728 * CVE-2025-61730 * CVE-2025-61731 * CVE-2025-68119 CVSS scores: * CVE-2025-61726 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-61726 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-61726 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-61728 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-61728 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-61728 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-61730 ( SUSE ): 2.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-61730 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2025-61730 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-61731 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-61731 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-61731 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-68119 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-68119 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-68119 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 An update that solves five vulnerabilities and contains one feature can now be installed. ## Description: This update for govulncheck-vulndb fixes the following issues: Update to version 0.0.20260128T190828 2026-01-28T19:08:28Z (jsc#PED-11136): Go CVE Numbering Authority IDs added or updated with aliases: * GO-2026-4338 CVE-2025-68119 CVE-2025-68119 * GO-2026-4339 CVE-2025-61731 CVE-2025-61731 * GO-2026-4340 CVE-2025-61730 CVE-2025-61730 * GO-2026-4341 CVE-2025-61726 CVE-2025-61726 * GO-2026-4342 CVE-2025-61728 CVE-2025-61728 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2026-354=1 ## Package List: * openSUSE Leap 15.6 (noarch) * govulncheck-vulndb-0.0.20260128T190828-150000.1.143.1 ## References: * https://www.suse.com/security/cve/CVE-2025-61726.html * https://www.suse.com/security/cve/CVE-2025-61728.html * https://www.suse.com/security/cve/CVE-2025-61730.html * https://www.suse.com/security/cve/CVE-2025-61731.html * https://www.suse.com/security/cve/CVE-2025-68119.html * https://jira.suse.com/browse/PED-11136 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Feb 2 12:30:03 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 02 Feb 2026 12:30:03 -0000 Subject: SUSE-SU-2026:0356-1: important: Security update for qemu Message-ID: <177003540398.9683.17079571820966263095@smelt2.prg2.suse.org> # Security update for qemu Announcement ID: SUSE-SU-2026:0356-1 Release Date: 2026-02-01T21:18:57Z Rating: important References: * bsc#1250984 Cross-References: * CVE-2025-11234 CVSS scores: * CVE-2025-11234 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-11234 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-11234 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that solves one vulnerability can now be installed. ## Description: This update for qemu fixes the following issues: * CVE-2025-11234: Fixed use-after-free in websocket handshake code can lead to denial of service (bsc#1250984). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2026-356=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2026-356=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2026-356=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * qemu-extra-debuginfo-5.2.0-150300.142.1 * qemu-block-gluster-5.2.0-150300.142.1 * qemu-s390x-debuginfo-5.2.0-150300.142.1 * qemu-vhost-user-gpu-debuginfo-5.2.0-150300.142.1 * qemu-hw-usb-redirect-5.2.0-150300.142.1 * qemu-ivshmem-tools-debuginfo-5.2.0-150300.142.1 * qemu-ppc-5.2.0-150300.142.1 * qemu-block-curl-debuginfo-5.2.0-150300.142.1 * qemu-block-ssh-debuginfo-5.2.0-150300.142.1 * qemu-block-iscsi-5.2.0-150300.142.1 * qemu-block-dmg-debuginfo-5.2.0-150300.142.1 * qemu-linux-user-debugsource-5.2.0-150300.142.1 * qemu-5.2.0-150300.142.1 * qemu-chardev-spice-debuginfo-5.2.0-150300.142.1 * qemu-hw-s390x-virtio-gpu-ccw-5.2.0-150300.142.1 * qemu-hw-usb-smartcard-debuginfo-5.2.0-150300.142.1 * qemu-ivshmem-tools-5.2.0-150300.142.1 * qemu-audio-pa-debuginfo-5.2.0-150300.142.1 * qemu-ui-gtk-5.2.0-150300.142.1 * qemu-hw-display-virtio-gpu-debuginfo-5.2.0-150300.142.1 * qemu-audio-spice-debuginfo-5.2.0-150300.142.1 * qemu-ui-spice-core-5.2.0-150300.142.1 * qemu-ui-spice-core-debuginfo-5.2.0-150300.142.1 * qemu-ui-curses-5.2.0-150300.142.1 * qemu-block-nfs-5.2.0-150300.142.1 * qemu-block-curl-5.2.0-150300.142.1 * qemu-block-nfs-debuginfo-5.2.0-150300.142.1 * qemu-hw-display-qxl-5.2.0-150300.142.1 * qemu-linux-user-5.2.0-150300.142.1 * qemu-lang-5.2.0-150300.142.1 * qemu-guest-agent-5.2.0-150300.142.1 * qemu-x86-5.2.0-150300.142.1 * qemu-arm-5.2.0-150300.142.1 * qemu-chardev-baum-debuginfo-5.2.0-150300.142.1 * qemu-hw-display-virtio-gpu-5.2.0-150300.142.1 * qemu-hw-display-virtio-gpu-pci-debuginfo-5.2.0-150300.142.1 * qemu-audio-alsa-5.2.0-150300.142.1 * qemu-block-ssh-5.2.0-150300.142.1 * qemu-ui-opengl-debuginfo-5.2.0-150300.142.1 * qemu-ui-opengl-5.2.0-150300.142.1 * qemu-hw-display-qxl-debuginfo-5.2.0-150300.142.1 * qemu-hw-usb-redirect-debuginfo-5.2.0-150300.142.1 * qemu-guest-agent-debuginfo-5.2.0-150300.142.1 * qemu-block-iscsi-debuginfo-5.2.0-150300.142.1 * qemu-extra-5.2.0-150300.142.1 * qemu-ui-spice-app-5.2.0-150300.142.1 * qemu-arm-debuginfo-5.2.0-150300.142.1 * qemu-audio-pa-5.2.0-150300.142.1 * qemu-audio-spice-5.2.0-150300.142.1 * qemu-debugsource-5.2.0-150300.142.1 * qemu-s390x-5.2.0-150300.142.1 * qemu-chardev-baum-5.2.0-150300.142.1 * qemu-linux-user-debuginfo-5.2.0-150300.142.1 * qemu-debuginfo-5.2.0-150300.142.1 * qemu-chardev-spice-5.2.0-150300.142.1 * qemu-hw-display-virtio-gpu-pci-5.2.0-150300.142.1 * qemu-ppc-debuginfo-5.2.0-150300.142.1 * qemu-ui-gtk-debuginfo-5.2.0-150300.142.1 * qemu-ui-spice-app-debuginfo-5.2.0-150300.142.1 * qemu-hw-s390x-virtio-gpu-ccw-debuginfo-5.2.0-150300.142.1 * qemu-hw-display-virtio-vga-debuginfo-5.2.0-150300.142.1 * qemu-hw-usb-smartcard-5.2.0-150300.142.1 * qemu-ui-curses-debuginfo-5.2.0-150300.142.1 * qemu-tools-5.2.0-150300.142.1 * qemu-audio-alsa-debuginfo-5.2.0-150300.142.1 * qemu-tools-debuginfo-5.2.0-150300.142.1 * qemu-ksm-5.2.0-150300.142.1 * qemu-block-gluster-debuginfo-5.2.0-150300.142.1 * qemu-vhost-user-gpu-5.2.0-150300.142.1 * qemu-x86-debuginfo-5.2.0-150300.142.1 * qemu-testsuite-5.2.0-150300.142.2 * qemu-block-dmg-5.2.0-150300.142.1 * qemu-hw-display-virtio-vga-5.2.0-150300.142.1 * openSUSE Leap 15.3 (s390x x86_64 i586) * qemu-kvm-5.2.0-150300.142.1 * openSUSE Leap 15.3 (noarch) * qemu-sgabios-8-150300.142.1 * qemu-microvm-5.2.0-150300.142.1 * qemu-vgabios-1.14.0_0_g155821a-150300.142.1 * qemu-SLOF-5.2.0-150300.142.1 * qemu-ipxe-1.0.0+-150300.142.1 * qemu-skiboot-5.2.0-150300.142.1 * qemu-seabios-1.14.0_0_g155821a-150300.142.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64) * qemu-block-rbd-5.2.0-150300.142.1 * qemu-block-rbd-debuginfo-5.2.0-150300.142.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * qemu-hw-usb-redirect-5.2.0-150300.142.1 * qemu-5.2.0-150300.142.1 * qemu-chardev-spice-debuginfo-5.2.0-150300.142.1 * qemu-ui-spice-core-5.2.0-150300.142.1 * qemu-ui-spice-core-debuginfo-5.2.0-150300.142.1 * qemu-hw-display-virtio-gpu-debuginfo-5.2.0-150300.142.1 * qemu-audio-spice-debuginfo-5.2.0-150300.142.1 * qemu-hw-display-qxl-5.2.0-150300.142.1 * qemu-guest-agent-5.2.0-150300.142.1 * qemu-hw-display-virtio-gpu-5.2.0-150300.142.1 * qemu-ui-opengl-debuginfo-5.2.0-150300.142.1 * qemu-ui-opengl-5.2.0-150300.142.1 * qemu-hw-display-qxl-debuginfo-5.2.0-150300.142.1 * qemu-hw-usb-redirect-debuginfo-5.2.0-150300.142.1 * qemu-guest-agent-debuginfo-5.2.0-150300.142.1 * qemu-debugsource-5.2.0-150300.142.1 * qemu-audio-spice-5.2.0-150300.142.1 * qemu-debuginfo-5.2.0-150300.142.1 * qemu-chardev-spice-5.2.0-150300.142.1 * qemu-hw-display-virtio-vga-debuginfo-5.2.0-150300.142.1 * qemu-tools-5.2.0-150300.142.1 * qemu-tools-debuginfo-5.2.0-150300.142.1 * qemu-hw-display-virtio-vga-5.2.0-150300.142.1 * SUSE Linux Enterprise Micro 5.2 (aarch64) * qemu-arm-debuginfo-5.2.0-150300.142.1 * qemu-arm-5.2.0-150300.142.1 * SUSE Linux Enterprise Micro 5.2 (noarch) * qemu-ipxe-1.0.0+-150300.142.1 * qemu-seabios-1.14.0_0_g155821a-150300.142.1 * qemu-vgabios-1.14.0_0_g155821a-150300.142.1 * qemu-sgabios-8-150300.142.1 * SUSE Linux Enterprise Micro 5.2 (s390x) * qemu-s390x-5.2.0-150300.142.1 * qemu-s390x-debuginfo-5.2.0-150300.142.1 * SUSE Linux Enterprise Micro 5.2 (x86_64) * qemu-x86-debuginfo-5.2.0-150300.142.1 * qemu-x86-5.2.0-150300.142.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * qemu-hw-usb-redirect-5.2.0-150300.142.1 * qemu-5.2.0-150300.142.1 * qemu-chardev-spice-debuginfo-5.2.0-150300.142.1 * qemu-ui-spice-core-5.2.0-150300.142.1 * qemu-ui-spice-core-debuginfo-5.2.0-150300.142.1 * qemu-hw-display-virtio-gpu-debuginfo-5.2.0-150300.142.1 * qemu-audio-spice-debuginfo-5.2.0-150300.142.1 * qemu-hw-display-qxl-5.2.0-150300.142.1 * qemu-guest-agent-5.2.0-150300.142.1 * qemu-hw-display-virtio-gpu-5.2.0-150300.142.1 * qemu-ui-opengl-debuginfo-5.2.0-150300.142.1 * qemu-ui-opengl-5.2.0-150300.142.1 * qemu-hw-display-qxl-debuginfo-5.2.0-150300.142.1 * qemu-hw-usb-redirect-debuginfo-5.2.0-150300.142.1 * qemu-guest-agent-debuginfo-5.2.0-150300.142.1 * qemu-debugsource-5.2.0-150300.142.1 * qemu-audio-spice-5.2.0-150300.142.1 * qemu-debuginfo-5.2.0-150300.142.1 * qemu-chardev-spice-5.2.0-150300.142.1 * qemu-hw-display-virtio-vga-debuginfo-5.2.0-150300.142.1 * qemu-tools-5.2.0-150300.142.1 * qemu-tools-debuginfo-5.2.0-150300.142.1 * qemu-hw-display-virtio-vga-5.2.0-150300.142.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64) * qemu-arm-debuginfo-5.2.0-150300.142.1 * qemu-arm-5.2.0-150300.142.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch) * qemu-ipxe-1.0.0+-150300.142.1 * qemu-seabios-1.14.0_0_g155821a-150300.142.1 * qemu-vgabios-1.14.0_0_g155821a-150300.142.1 * qemu-sgabios-8-150300.142.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (s390x) * qemu-s390x-5.2.0-150300.142.1 * qemu-s390x-debuginfo-5.2.0-150300.142.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (x86_64) * qemu-x86-debuginfo-5.2.0-150300.142.1 * qemu-x86-5.2.0-150300.142.1 ## References: * https://www.suse.com/security/cve/CVE-2025-11234.html * https://bugzilla.suse.com/show_bug.cgi?id=1250984 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Feb 2 16:30:04 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 02 Feb 2026 16:30:04 -0000 Subject: SUSE-SU-2026:20180-1: moderate: Security update for unbound Message-ID: <177004980443.14302.8749307395708990916@smelt2.prg2.suse.org> # Security update for unbound Announcement ID: SUSE-SU-2026:20180-1 Release Date: 2026-01-30T10:02:19Z Rating: moderate References: * bsc#1252525 Cross-References: * CVE-2025-11411 CVSS scores: * CVE-2025-11411 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:L * CVE-2025-11411 ( SUSE ): 6.9 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:L * CVE-2025-11411 ( NVD ): 5.7 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:H/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Linux Micro 6.2 An update that solves one vulnerability can now be installed. ## Description: This update for unbound fixes the following issues: Update to 1.24.1: * CVE-2025-11411: Fixed possible domain hijacking attack (bsc#1252525). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-224=1 ## Package List: * SUSE Linux Micro 6.2 (aarch64 ppc64le s390x x86_64) * unbound-debugsource-1.24.1-160000.1.1 * libunbound8-debuginfo-1.24.1-160000.1.1 * libunbound8-1.24.1-160000.1.1 * unbound-anchor-debuginfo-1.24.1-160000.1.1 * unbound-debuginfo-1.24.1-160000.1.1 * unbound-anchor-1.24.1-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-11411.html * https://bugzilla.suse.com/show_bug.cgi?id=1252525 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Feb 2 16:30:09 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 02 Feb 2026 16:30:09 -0000 Subject: SUSE-SU-2026:20179-1: important: Security update for gpg2 Message-ID: <177004980989.14302.8607000137032692000@smelt2.prg2.suse.org> # Security update for gpg2 Announcement ID: SUSE-SU-2026:20179-1 Release Date: 2026-01-29T16:16:14Z Rating: important References: * bsc#1256389 * bsc#1257395 * bsc#1257396 Cross-References: * CVE-2026-24882 * CVE-2026-24883 CVSS scores: * CVE-2026-24882 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-24882 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-24882 ( NVD ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-24883 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-24883 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-24883 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Micro 6.2 An update that solves two vulnerabilities and has one fix can now be installed. ## Description: This update for gpg2 fixes the following issues: * CVE-2026-24882: stack-based buffer overflow in TPM2 PKDECRYPT for TPM-backed RSA and ECC keys (bsc#1257396). * CVE-2026-24883: denial of service due to long signature packet length causing parse_signature to return success with sig->data[] set to a NULL value (bsc#1257395). * gpg.fail/filename: GnuPG Accepts Path Separators and Path Traversals in Literal Data "Filename" Field (bsc#1256389). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-221=1 ## Package List: * SUSE Linux Micro 6.2 (aarch64 ppc64le s390x x86_64) * gpg2-debuginfo-2.5.5-160000.4.1 * gpg2-debugsource-2.5.5-160000.4.1 * gpg2-2.5.5-160000.4.1 ## References: * https://www.suse.com/security/cve/CVE-2026-24882.html * https://www.suse.com/security/cve/CVE-2026-24883.html * https://bugzilla.suse.com/show_bug.cgi?id=1256389 * https://bugzilla.suse.com/show_bug.cgi?id=1257395 * https://bugzilla.suse.com/show_bug.cgi?id=1257396 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Feb 2 16:30:16 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 02 Feb 2026 16:30:16 -0000 Subject: SUSE-SU-2026:20178-1: important: Security update for glibc Message-ID: <177004981658.14302.1127564556498536575@smelt2.prg2.suse.org> # Security update for glibc Announcement ID: SUSE-SU-2026:20178-1 Release Date: 2026-01-29T16:16:14Z Rating: important References: * bsc#1236282 * bsc#1256436 * bsc#1256766 * bsc#1256822 * bsc#1257005 Cross-References: * CVE-2025-0395 * CVE-2025-15281 * CVE-2026-0861 * CVE-2026-0915 CVSS scores: * CVE-2025-0395 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-0395 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2025-0395 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-15281 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-15281 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-15281 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-0861 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-0861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-0861 ( NVD ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-0915 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-0915 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-0915 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.2 * SUSE Linux Micro Extras 6.2 An update that solves four vulnerabilities and has one fix can now be installed. ## Description: This update for glibc fixes the following issues: Security fixes: * CVE-2025-0395: Fixed buffer overflow in the assert() function (bsc#1236282). * CVE-2026-0861: Fixed inadequate size check in the memalign suite may result in an integer overflow (bsc#1256766). * CVE-2026-0915: Fixed uninitialized stack buffer used as DNS query name when net==0 in _nss_dns_getnetbyaddr_r (bsc#1256822). * CVE-2025-15281: Fixed uninitialized memory may cause the process abort (bsc#1257005). Other fixes: * NPTL: Optimize trylock for high cache contention workloads (bsc#1256436) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-218=1 * SUSE Linux Micro Extras 6.2 zypper in -t patch SUSE-SL-Micro-6.2-218=1 ## Package List: * SUSE Linux Micro 6.2 (aarch64 ppc64le s390x x86_64) * glibc-locale-base-2.40-160000.3.1 * glibc-2.40-160000.3.1 * glibc-debugsource-2.40-160000.3.1 * glibc-debuginfo-2.40-160000.3.1 * glibc-devel-2.40-160000.3.1 * glibc-locale-2.40-160000.3.1 * glibc-devel-debuginfo-2.40-160000.3.1 * SUSE Linux Micro 6.2 (aarch64 x86_64) * glibc-gconv-modules-extra-debuginfo-2.40-160000.3.1 * glibc-gconv-modules-extra-2.40-160000.3.1 * SUSE Linux Micro Extras 6.2 (aarch64 ppc64le s390x x86_64) * glibc-gconv-modules-extra-debuginfo-2.40-160000.3.1 * glibc-debuginfo-2.40-160000.3.1 * glibc-gconv-modules-extra-2.40-160000.3.1 * glibc-debugsource-2.40-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-0395.html * https://www.suse.com/security/cve/CVE-2025-15281.html * https://www.suse.com/security/cve/CVE-2026-0861.html * https://www.suse.com/security/cve/CVE-2026-0915.html * https://bugzilla.suse.com/show_bug.cgi?id=1236282 * https://bugzilla.suse.com/show_bug.cgi?id=1256436 * https://bugzilla.suse.com/show_bug.cgi?id=1256766 * https://bugzilla.suse.com/show_bug.cgi?id=1256822 * https://bugzilla.suse.com/show_bug.cgi?id=1257005 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Feb 2 16:30:27 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 02 Feb 2026 16:30:27 -0000 Subject: SUSE-SU-2026:20176-1: important: Security update for elemental-register, elemental-toolkit Message-ID: <177004982741.14302.5834319195212376327@smelt2.prg2.suse.org> # Security update for elemental-register, elemental-toolkit Announcement ID: SUSE-SU-2026:20176-1 Release Date: 2026-01-29T15:29:59Z Rating: important References: * bsc#1241826 * bsc#1241857 * bsc#1251511 * bsc#1251679 * bsc#1253581 * bsc#1253901 * bsc#1254079 Cross-References: * CVE-2025-22872 * CVE-2025-47911 * CVE-2025-47913 * CVE-2025-47914 * CVE-2025-58181 * CVE-2025-58190 CVSS scores: * CVE-2025-22872 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L * CVE-2025-22872 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L * CVE-2025-22872 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L * CVE-2025-47911 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-47911 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-47913 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-47913 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-47913 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-47914 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-47914 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-47914 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-58181 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-58181 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-58181 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-58190 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-58190 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Micro 6.2 An update that solves six vulnerabilities and has one fix can now be installed. ## Description: This update for elemental-register, elemental-toolkit fixes the following issues: elemental-register was updated to 1.8.1: Changes on top of v1.8.1: * Update headers to 2026 * Update questions to include SL Micro 6.2 Update to v1.8.1: * Install yip config files in before-install step * Bump github.com/rancher-sandbox/go-tpm and its dependencies This includes few CVE fixes: * bsc#1241826 (CVE-2025-22872) * bsc#1241857 (CVE-2025-22872) * bsc#1251511 (CVE-2025-47911) * bsc#1251679 (CVE-2025-58190) elemental-toolkit was updated to v2.3.2: * Bump golang.org/x/crypto library This includes few CVE fixes: * bsc#1241826 (CVE-2025-22872) * bsc#1241857 (CVE-2025-22872) * bsc#1251511 (CVE-2025-47911) * bsc#1251679 (CVE-2025-58190) * bsc#1253581 (CVE-2025-47913) * bsc#1253901 (CVE-2025-58181) * bsc#1254079 (CVE-2025-47914) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-217=1 ## Package List: * SUSE Linux Micro 6.2 (aarch64 x86_64) * elemental-toolkit-2.3.2-160000.1.1 * elemental-support-1.8.1-160000.1.1 * elemental-register-1.8.1-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-22872.html * https://www.suse.com/security/cve/CVE-2025-47911.html * https://www.suse.com/security/cve/CVE-2025-47913.html * https://www.suse.com/security/cve/CVE-2025-47914.html * https://www.suse.com/security/cve/CVE-2025-58181.html * https://www.suse.com/security/cve/CVE-2025-58190.html * https://bugzilla.suse.com/show_bug.cgi?id=1241826 * https://bugzilla.suse.com/show_bug.cgi?id=1241857 * https://bugzilla.suse.com/show_bug.cgi?id=1251511 * https://bugzilla.suse.com/show_bug.cgi?id=1251679 * https://bugzilla.suse.com/show_bug.cgi?id=1253581 * https://bugzilla.suse.com/show_bug.cgi?id=1253901 * https://bugzilla.suse.com/show_bug.cgi?id=1254079 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Feb 2 16:30:30 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 02 Feb 2026 16:30:30 -0000 Subject: SUSE-SU-2026:20175-1: important: Security update for python-urllib3 Message-ID: <177004983079.14302.9917709464729410041@smelt2.prg2.suse.org> # Security update for python-urllib3 Announcement ID: SUSE-SU-2026:20175-1 Release Date: 2026-01-29T14:48:50Z Rating: important References: * bsc#1254866 * bsc#1254867 Cross-References: * CVE-2025-66418 * CVE-2025-66471 CVSS scores: * CVE-2025-66418 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-66418 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-66418 ( NVD ): 8.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-66418 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-66471 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-66471 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-66471 ( NVD ): 8.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-66471 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.2 An update that solves two vulnerabilities can now be installed. ## Description: This update for python-urllib3 fixes the following issues: * CVE-2025-66471: Fixed excessive resource consumption via decompression of highly compressed data in Streaming API (bsc#1254867) * CVE-2025-66418: Fixed resource exhaustion via unbounded number of links in the decompression chain (bsc#1254866) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-212=1 ## Package List: * SUSE Linux Micro 6.2 (noarch) * python313-urllib3-2.5.0-160000.4.1 ## References: * https://www.suse.com/security/cve/CVE-2025-66418.html * https://www.suse.com/security/cve/CVE-2025-66471.html * https://bugzilla.suse.com/show_bug.cgi?id=1254866 * https://bugzilla.suse.com/show_bug.cgi?id=1254867 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Feb 2 16:30:36 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 02 Feb 2026 16:30:36 -0000 Subject: SUSE-SU-2026:20173-1: important: Security update for ucode-amd Message-ID: <177004983675.14302.8372367190026436468@smelt2.prg2.suse.org> # Security update for ucode-amd Announcement ID: SUSE-SU-2026:20173-1 Release Date: 2026-01-28T16:01:59Z Rating: important References: Affected Products: * SUSE Linux Micro 6.2 An update that can now be installed. ## Description: This update for ucode-amd fixes the following issues: Changes in ucode-amd: * Update to version 20251203 (git commit a0f0e52138e5): * linux-firmware: Update amd-ucode copyright information * linux-firmware: Update AMD cpu microcode * Update to version 20251113 (git commit fb0dbcd30118): * linux-firmware: Update AMD cpu microcode * Update to version 20251031 (git commit 04b323bb64f9): * linux-firmware: Update AMD cpu microcode * Update to version 20251028 (git commit 4f72031fc195): * linux-firmware: Update AMD cpu microcode * Update to version 20251024 (git commit 9b899c779b8a): * amd-ucode: Fix minimum revisions in README * Update to version 20250730 (git commit 910c19074091): * linux-firmware: Update AMD cpu microcode ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-209=1 ## Package List: * SUSE Linux Micro 6.2 (noarch) * ucode-amd-20251203-160000.1.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Feb 2 16:30:49 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 02 Feb 2026 16:30:49 -0000 Subject: SUSE-SU-2026:20171-1: important: Security update for the Linux Kernel (Live Patch 1 for SUSE Linux Enterprise 16) Message-ID: <177004984933.14302.11445290739008611165@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 1 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:20171-1 Release Date: 2026-01-28T10:28:18Z Rating: important References: * bsc#1251982 * bsc#1252270 * bsc#1253437 * bsc#1254196 Cross-References: * CVE-2025-39963 * CVE-2025-40204 * CVE-2025-40212 CVSS scores: * CVE-2025-39963 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39963 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40204 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-40204 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-40212 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40212 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.2 An update that solves three vulnerabilities and has one fix can now be installed. ## Description: This update for the SUSE Linux Enterprise kernel 6.12.0-160000.6.1 fixes various security issues The following security issues were fixed: * CVE-2025-39963: io_uring: fix incorrect io_kiocb reference in io_link_skb (bsc#1251982). * CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437). * CVE-2025-40212: nfsd: fix refcount leak in nfsd_set_fh_dentry() (bsc#1254196). The following non security issues was fixed: * Explicitly add module-common.c with vermagic and retpoline modinfo (bsc#1252270). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-205=1 ## Package List: * SUSE Linux Micro 6.2 (ppc64le s390x x86_64) * kernel-livepatch-6_12_0-160000_6-default-debuginfo-3-160000.1.1 * kernel-livepatch-SLE16_Update_1-debugsource-3-160000.1.1 * kernel-livepatch-6_12_0-160000_6-default-3-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-39963.html * https://www.suse.com/security/cve/CVE-2025-40204.html * https://www.suse.com/security/cve/CVE-2025-40212.html * https://bugzilla.suse.com/show_bug.cgi?id=1251982 * https://bugzilla.suse.com/show_bug.cgi?id=1252270 * https://bugzilla.suse.com/show_bug.cgi?id=1253437 * https://bugzilla.suse.com/show_bug.cgi?id=1254196 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Feb 2 16:30:51 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 02 Feb 2026 16:30:51 -0000 Subject: SUSE-SU-2026:20170-1: moderate: Security update for cockpit-subscriptions Message-ID: <177004985177.14302.8546996279538402404@smelt2.prg2.suse.org> # Security update for cockpit-subscriptions Announcement ID: SUSE-SU-2026:20170-1 Release Date: 2026-01-27T20:37:55Z Rating: moderate References: * bsc#1255425 Cross-References: * CVE-2025-64718 CVSS scores: * CVE-2025-64718 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-64718 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L * CVE-2025-64718 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Affected Products: * SUSE Linux Micro 6.2 An update that solves one vulnerability can now be installed. ## Description: This update for cockpit-subscriptions fixes the following issues: Update to version 12.1: * CVE-2025-64718: js-yaml: fixed prototype pollution in merge (bsc#1255425). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-202=1 ## Package List: * SUSE Linux Micro 6.2 (noarch) * cockpit-subscriptions-12.1-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-64718.html * https://bugzilla.suse.com/show_bug.cgi?id=1255425 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Feb 2 16:31:00 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 02 Feb 2026 16:31:00 -0000 Subject: SUSE-SU-2026:0360-1: moderate: Security update for openssl-1_1 Message-ID: <177004986060.14302.1858089006860126919@smelt2.prg2.suse.org> # Security update for openssl-1_1 Announcement ID: SUSE-SU-2026:0360-1 Release Date: 2026-02-02T09:55:53Z Rating: moderate References: * bsc#1256834 * bsc#1256835 * bsc#1256836 * bsc#1256837 * bsc#1256838 * bsc#1256839 * bsc#1256840 Cross-References: * CVE-2025-68160 * CVE-2025-69418 * CVE-2025-69419 * CVE-2025-69420 * CVE-2025-69421 * CVE-2026-22795 * CVE-2026-22796 CVSS scores: * CVE-2025-68160 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68160 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68160 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-69418 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-69418 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-69418 ( NVD ): 4.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-69419 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-69419 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-69419 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2025-69420 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-69420 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-69420 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-69421 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-69421 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-22795 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-22795 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-22795 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-22796 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-22796 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves seven vulnerabilities can now be installed. ## Description: This update for openssl-1_1 fixes the following issues: * CVE-2026-22795: Missing ASN1_TYPE validation in PKCS#12 parsing (bsc#1256839). * CVE-2025-69420: Missing ASN1_TYPE validation in TS_RESP_verify_response() function (bsc#1256837). * CVE-2025-69421: NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex function (bsc#1256838). * CVE-2026-22796: ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes() function (bsc#1256840). * CVE-2025-68160: Heap out-of-bounds write in BIO_f_linebuffer on short writes (bsc#1256834). * CVE-2025-69418: Unauthenticated/unencrypted trailing bytes with low-level OCB function calls (bsc#1256835). * CVE-2025-69419: Out of bounds write in PKCS12_get_friendlyname() UTF-8 conversion (bsc#1256836). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-360=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-360=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-360=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-360=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-360=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-360=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-360=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-360=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-360=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * openssl-1_1-debugsource-1.1.1l-150400.7.87.1 * openssl-1_1-1.1.1l-150400.7.87.1 * openssl-1_1-debuginfo-1.1.1l-150400.7.87.1 * libopenssl-1_1-devel-1.1.1l-150400.7.87.1 * libopenssl1_1-hmac-1.1.1l-150400.7.87.1 * libopenssl1_1-debuginfo-1.1.1l-150400.7.87.1 * libopenssl1_1-1.1.1l-150400.7.87.1 * openSUSE Leap 15.4 (x86_64) * libopenssl-1_1-devel-32bit-1.1.1l-150400.7.87.1 * libopenssl1_1-32bit-1.1.1l-150400.7.87.1 * libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.87.1 * libopenssl1_1-hmac-32bit-1.1.1l-150400.7.87.1 * openSUSE Leap 15.4 (noarch) * openssl-1_1-doc-1.1.1l-150400.7.87.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libopenssl1_1-64bit-1.1.1l-150400.7.87.1 * libopenssl-1_1-devel-64bit-1.1.1l-150400.7.87.1 * libopenssl1_1-64bit-debuginfo-1.1.1l-150400.7.87.1 * libopenssl1_1-hmac-64bit-1.1.1l-150400.7.87.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * openssl-1_1-debugsource-1.1.1l-150400.7.87.1 * openssl-1_1-1.1.1l-150400.7.87.1 * openssl-1_1-debuginfo-1.1.1l-150400.7.87.1 * libopenssl-1_1-devel-1.1.1l-150400.7.87.1 * libopenssl1_1-hmac-1.1.1l-150400.7.87.1 * libopenssl1_1-debuginfo-1.1.1l-150400.7.87.1 * libopenssl1_1-1.1.1l-150400.7.87.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * openssl-1_1-debugsource-1.1.1l-150400.7.87.1 * openssl-1_1-1.1.1l-150400.7.87.1 * openssl-1_1-debuginfo-1.1.1l-150400.7.87.1 * libopenssl-1_1-devel-1.1.1l-150400.7.87.1 * libopenssl1_1-hmac-1.1.1l-150400.7.87.1 * libopenssl1_1-debuginfo-1.1.1l-150400.7.87.1 * libopenssl1_1-1.1.1l-150400.7.87.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * openssl-1_1-debugsource-1.1.1l-150400.7.87.1 * openssl-1_1-1.1.1l-150400.7.87.1 * openssl-1_1-debuginfo-1.1.1l-150400.7.87.1 * libopenssl-1_1-devel-1.1.1l-150400.7.87.1 * libopenssl1_1-hmac-1.1.1l-150400.7.87.1 * libopenssl1_1-debuginfo-1.1.1l-150400.7.87.1 * libopenssl1_1-1.1.1l-150400.7.87.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * openssl-1_1-debugsource-1.1.1l-150400.7.87.1 * openssl-1_1-1.1.1l-150400.7.87.1 * openssl-1_1-debuginfo-1.1.1l-150400.7.87.1 * libopenssl-1_1-devel-1.1.1l-150400.7.87.1 * libopenssl1_1-hmac-1.1.1l-150400.7.87.1 * libopenssl1_1-debuginfo-1.1.1l-150400.7.87.1 * libopenssl1_1-1.1.1l-150400.7.87.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * openssl-1_1-debugsource-1.1.1l-150400.7.87.1 * openssl-1_1-1.1.1l-150400.7.87.1 * openssl-1_1-debuginfo-1.1.1l-150400.7.87.1 * libopenssl-1_1-devel-1.1.1l-150400.7.87.1 * libopenssl1_1-hmac-1.1.1l-150400.7.87.1 * libopenssl1_1-debuginfo-1.1.1l-150400.7.87.1 * libopenssl1_1-1.1.1l-150400.7.87.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * libopenssl-1_1-devel-32bit-1.1.1l-150400.7.87.1 * libopenssl1_1-32bit-1.1.1l-150400.7.87.1 * libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.87.1 * libopenssl1_1-hmac-32bit-1.1.1l-150400.7.87.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * openssl-1_1-debugsource-1.1.1l-150400.7.87.1 * openssl-1_1-1.1.1l-150400.7.87.1 * openssl-1_1-debuginfo-1.1.1l-150400.7.87.1 * libopenssl-1_1-devel-1.1.1l-150400.7.87.1 * libopenssl1_1-hmac-1.1.1l-150400.7.87.1 * libopenssl1_1-debuginfo-1.1.1l-150400.7.87.1 * libopenssl1_1-1.1.1l-150400.7.87.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * libopenssl-1_1-devel-32bit-1.1.1l-150400.7.87.1 * libopenssl1_1-32bit-1.1.1l-150400.7.87.1 * libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.87.1 * libopenssl1_1-hmac-32bit-1.1.1l-150400.7.87.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * openssl-1_1-debugsource-1.1.1l-150400.7.87.1 * openssl-1_1-1.1.1l-150400.7.87.1 * openssl-1_1-debuginfo-1.1.1l-150400.7.87.1 * libopenssl-1_1-devel-1.1.1l-150400.7.87.1 * libopenssl1_1-hmac-1.1.1l-150400.7.87.1 * libopenssl1_1-debuginfo-1.1.1l-150400.7.87.1 * libopenssl1_1-1.1.1l-150400.7.87.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64) * libopenssl-1_1-devel-32bit-1.1.1l-150400.7.87.1 * libopenssl1_1-32bit-1.1.1l-150400.7.87.1 * libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.87.1 * libopenssl1_1-hmac-32bit-1.1.1l-150400.7.87.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * openssl-1_1-debugsource-1.1.1l-150400.7.87.1 * openssl-1_1-1.1.1l-150400.7.87.1 * openssl-1_1-debuginfo-1.1.1l-150400.7.87.1 * libopenssl-1_1-devel-1.1.1l-150400.7.87.1 * libopenssl1_1-hmac-1.1.1l-150400.7.87.1 * libopenssl1_1-debuginfo-1.1.1l-150400.7.87.1 * libopenssl1_1-1.1.1l-150400.7.87.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * libopenssl-1_1-devel-32bit-1.1.1l-150400.7.87.1 * libopenssl1_1-32bit-1.1.1l-150400.7.87.1 * libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.87.1 * libopenssl1_1-hmac-32bit-1.1.1l-150400.7.87.1 ## References: * https://www.suse.com/security/cve/CVE-2025-68160.html * https://www.suse.com/security/cve/CVE-2025-69418.html * https://www.suse.com/security/cve/CVE-2025-69419.html * https://www.suse.com/security/cve/CVE-2025-69420.html * https://www.suse.com/security/cve/CVE-2025-69421.html * https://www.suse.com/security/cve/CVE-2026-22795.html * https://www.suse.com/security/cve/CVE-2026-22796.html * https://bugzilla.suse.com/show_bug.cgi?id=1256834 * https://bugzilla.suse.com/show_bug.cgi?id=1256835 * https://bugzilla.suse.com/show_bug.cgi?id=1256836 * https://bugzilla.suse.com/show_bug.cgi?id=1256837 * https://bugzilla.suse.com/show_bug.cgi?id=1256838 * https://bugzilla.suse.com/show_bug.cgi?id=1256839 * https://bugzilla.suse.com/show_bug.cgi?id=1256840 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Feb 2 16:31:10 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 02 Feb 2026 16:31:10 -0000 Subject: SUSE-SU-2026:0359-1: moderate: Security update for openssl-1_1 Message-ID: <177004987039.14302.7277894766233392839@smelt2.prg2.suse.org> # Security update for openssl-1_1 Announcement ID: SUSE-SU-2026:0359-1 Release Date: 2026-02-02T09:55:09Z Rating: moderate References: * bsc#1256834 * bsc#1256835 * bsc#1256836 * bsc#1256837 * bsc#1256838 * bsc#1256839 * bsc#1256840 Cross-References: * CVE-2025-68160 * CVE-2025-69418 * CVE-2025-69419 * CVE-2025-69420 * CVE-2025-69421 * CVE-2026-22795 * CVE-2026-22796 CVSS scores: * CVE-2025-68160 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68160 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68160 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-69418 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-69418 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-69418 ( NVD ): 4.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-69419 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-69419 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-69419 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2025-69420 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-69420 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-69420 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-69421 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-69421 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-22795 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-22795 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-22795 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-22796 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-22796 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves seven vulnerabilities can now be installed. ## Description: This update for openssl-1_1 fixes the following issues: * CVE-2026-22795: Missing ASN1_TYPE validation in PKCS#12 parsing (bsc#1256839). * CVE-2025-69420: Missing ASN1_TYPE validation in TS_RESP_verify_response() function (bsc#1256837). * CVE-2025-69421: NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex function (bsc#1256838). * CVE-2026-22796: ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes() function (bsc#1256840). * CVE-2025-68160: Heap out-of-bounds write in BIO_f_linebuffer on short writes (bsc#1256834). * CVE-2025-69418: Unauthenticated/unencrypted trailing bytes with low-level OCB function calls (bsc#1256835). * CVE-2025-69419: Out of bounds write in PKCS12_get_friendlyname() UTF-8 conversion (bsc#1256836). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-359=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-359=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-359=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-359=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-359=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-359=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * libopenssl1_1-debuginfo-1.1.1l-150500.17.46.1 * libopenssl1_1-hmac-1.1.1l-150500.17.46.1 * openssl-1_1-debugsource-1.1.1l-150500.17.46.1 * libopenssl-1_1-devel-1.1.1l-150500.17.46.1 * openssl-1_1-debuginfo-1.1.1l-150500.17.46.1 * libopenssl1_1-1.1.1l-150500.17.46.1 * openssl-1_1-1.1.1l-150500.17.46.1 * openSUSE Leap 15.5 (x86_64) * libopenssl1_1-32bit-1.1.1l-150500.17.46.1 * libopenssl1_1-32bit-debuginfo-1.1.1l-150500.17.46.1 * libopenssl-1_1-devel-32bit-1.1.1l-150500.17.46.1 * libopenssl1_1-hmac-32bit-1.1.1l-150500.17.46.1 * openSUSE Leap 15.5 (noarch) * openssl-1_1-doc-1.1.1l-150500.17.46.1 * openSUSE Leap 15.5 (aarch64_ilp32) * libopenssl1_1-64bit-1.1.1l-150500.17.46.1 * libopenssl1_1-hmac-64bit-1.1.1l-150500.17.46.1 * libopenssl-1_1-devel-64bit-1.1.1l-150500.17.46.1 * libopenssl1_1-64bit-debuginfo-1.1.1l-150500.17.46.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libopenssl1_1-debuginfo-1.1.1l-150500.17.46.1 * libopenssl1_1-hmac-1.1.1l-150500.17.46.1 * openssl-1_1-debugsource-1.1.1l-150500.17.46.1 * libopenssl-1_1-devel-1.1.1l-150500.17.46.1 * openssl-1_1-debuginfo-1.1.1l-150500.17.46.1 * libopenssl1_1-1.1.1l-150500.17.46.1 * openssl-1_1-1.1.1l-150500.17.46.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * libopenssl1_1-debuginfo-1.1.1l-150500.17.46.1 * libopenssl1_1-hmac-1.1.1l-150500.17.46.1 * openssl-1_1-debugsource-1.1.1l-150500.17.46.1 * libopenssl-1_1-devel-1.1.1l-150500.17.46.1 * openssl-1_1-debuginfo-1.1.1l-150500.17.46.1 * libopenssl1_1-1.1.1l-150500.17.46.1 * openssl-1_1-1.1.1l-150500.17.46.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64) * libopenssl1_1-32bit-1.1.1l-150500.17.46.1 * libopenssl1_1-32bit-debuginfo-1.1.1l-150500.17.46.1 * libopenssl1_1-hmac-32bit-1.1.1l-150500.17.46.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * libopenssl1_1-debuginfo-1.1.1l-150500.17.46.1 * libopenssl1_1-hmac-1.1.1l-150500.17.46.1 * openssl-1_1-debugsource-1.1.1l-150500.17.46.1 * libopenssl-1_1-devel-1.1.1l-150500.17.46.1 * openssl-1_1-debuginfo-1.1.1l-150500.17.46.1 * libopenssl1_1-1.1.1l-150500.17.46.1 * openssl-1_1-1.1.1l-150500.17.46.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64) * libopenssl1_1-32bit-1.1.1l-150500.17.46.1 * libopenssl1_1-32bit-debuginfo-1.1.1l-150500.17.46.1 * libopenssl1_1-hmac-32bit-1.1.1l-150500.17.46.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libopenssl1_1-debuginfo-1.1.1l-150500.17.46.1 * libopenssl1_1-hmac-1.1.1l-150500.17.46.1 * openssl-1_1-debugsource-1.1.1l-150500.17.46.1 * libopenssl-1_1-devel-1.1.1l-150500.17.46.1 * openssl-1_1-debuginfo-1.1.1l-150500.17.46.1 * libopenssl1_1-1.1.1l-150500.17.46.1 * openssl-1_1-1.1.1l-150500.17.46.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64) * libopenssl1_1-32bit-1.1.1l-150500.17.46.1 * libopenssl1_1-32bit-debuginfo-1.1.1l-150500.17.46.1 * libopenssl1_1-hmac-32bit-1.1.1l-150500.17.46.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * libopenssl1_1-debuginfo-1.1.1l-150500.17.46.1 * libopenssl1_1-hmac-1.1.1l-150500.17.46.1 * openssl-1_1-debugsource-1.1.1l-150500.17.46.1 * libopenssl-1_1-devel-1.1.1l-150500.17.46.1 * openssl-1_1-debuginfo-1.1.1l-150500.17.46.1 * libopenssl1_1-1.1.1l-150500.17.46.1 * openssl-1_1-1.1.1l-150500.17.46.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64) * libopenssl1_1-32bit-1.1.1l-150500.17.46.1 * libopenssl1_1-32bit-debuginfo-1.1.1l-150500.17.46.1 * libopenssl1_1-hmac-32bit-1.1.1l-150500.17.46.1 ## References: * https://www.suse.com/security/cve/CVE-2025-68160.html * https://www.suse.com/security/cve/CVE-2025-69418.html * https://www.suse.com/security/cve/CVE-2025-69419.html * https://www.suse.com/security/cve/CVE-2025-69420.html * https://www.suse.com/security/cve/CVE-2025-69421.html * https://www.suse.com/security/cve/CVE-2026-22795.html * https://www.suse.com/security/cve/CVE-2026-22796.html * https://bugzilla.suse.com/show_bug.cgi?id=1256834 * https://bugzilla.suse.com/show_bug.cgi?id=1256835 * https://bugzilla.suse.com/show_bug.cgi?id=1256836 * https://bugzilla.suse.com/show_bug.cgi?id=1256837 * https://bugzilla.suse.com/show_bug.cgi?id=1256838 * https://bugzilla.suse.com/show_bug.cgi?id=1256839 * https://bugzilla.suse.com/show_bug.cgi?id=1256840 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Feb 2 16:31:18 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 02 Feb 2026 16:31:18 -0000 Subject: SUSE-SU-2026:0358-1: moderate: Security update for openssl-1_1 Message-ID: <177004987872.14302.6295554109118970180@smelt2.prg2.suse.org> # Security update for openssl-1_1 Announcement ID: SUSE-SU-2026:0358-1 Release Date: 2026-02-02T09:54:26Z Rating: moderate References: * bsc#1256834 * bsc#1256835 * bsc#1256836 * bsc#1256837 * bsc#1256838 * bsc#1256839 * bsc#1256840 Cross-References: * CVE-2025-68160 * CVE-2025-69418 * CVE-2025-69419 * CVE-2025-69420 * CVE-2025-69421 * CVE-2026-22795 * CVE-2026-22796 CVSS scores: * CVE-2025-68160 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68160 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68160 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-69418 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-69418 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-69418 ( NVD ): 4.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-69419 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-69419 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-69419 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2025-69420 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-69420 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-69420 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-69421 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-69421 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-22795 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-22795 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-22795 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-22796 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-22796 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves seven vulnerabilities can now be installed. ## Description: This update for openssl-1_1 fixes the following issues: * CVE-2026-22795: Missing ASN1_TYPE validation in PKCS#12 parsing (bsc#1256839). * CVE-2025-69420: Missing ASN1_TYPE validation in TS_RESP_verify_response() function (bsc#1256837). * CVE-2025-69421: NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex function (bsc#1256838). * CVE-2026-22796: ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes() function (bsc#1256840). * CVE-2025-68160: Heap out-of-bounds write in BIO_f_linebuffer on short writes (bsc#1256834). * CVE-2025-69418: Unauthenticated/unencrypted trailing bytes with low-level OCB function calls (bsc#1256835). * CVE-2025-69419: Out of bounds write in PKCS12_get_friendlyname() UTF-8 conversion (bsc#1256836). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2026-358=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-358=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libopenssl1_1-1.1.1d-2.122.1 * openssl-1_1-1.1.1d-2.122.1 * libopenssl1_1-hmac-1.1.1d-2.122.1 * libopenssl-1_1-devel-1.1.1d-2.122.1 * openssl-1_1-debugsource-1.1.1d-2.122.1 * libopenssl1_1-debuginfo-1.1.1d-2.122.1 * openssl-1_1-debuginfo-1.1.1d-2.122.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x x86_64) * libopenssl-1_1-devel-32bit-1.1.1d-2.122.1 * libopenssl1_1-32bit-1.1.1d-2.122.1 * libopenssl1_1-debuginfo-32bit-1.1.1d-2.122.1 * libopenssl1_1-hmac-32bit-1.1.1d-2.122.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libopenssl1_1-32bit-1.1.1d-2.122.1 * libopenssl1_1-1.1.1d-2.122.1 * openssl-1_1-1.1.1d-2.122.1 * libopenssl1_1-hmac-1.1.1d-2.122.1 * libopenssl-1_1-devel-1.1.1d-2.122.1 * libopenssl1_1-hmac-32bit-1.1.1d-2.122.1 * libopenssl-1_1-devel-32bit-1.1.1d-2.122.1 * libopenssl1_1-debuginfo-32bit-1.1.1d-2.122.1 * openssl-1_1-debugsource-1.1.1d-2.122.1 * libopenssl1_1-debuginfo-1.1.1d-2.122.1 * openssl-1_1-debuginfo-1.1.1d-2.122.1 ## References: * https://www.suse.com/security/cve/CVE-2025-68160.html * https://www.suse.com/security/cve/CVE-2025-69418.html * https://www.suse.com/security/cve/CVE-2025-69419.html * https://www.suse.com/security/cve/CVE-2025-69420.html * https://www.suse.com/security/cve/CVE-2025-69421.html * https://www.suse.com/security/cve/CVE-2026-22795.html * https://www.suse.com/security/cve/CVE-2026-22796.html * https://bugzilla.suse.com/show_bug.cgi?id=1256834 * https://bugzilla.suse.com/show_bug.cgi?id=1256835 * https://bugzilla.suse.com/show_bug.cgi?id=1256836 * https://bugzilla.suse.com/show_bug.cgi?id=1256837 * https://bugzilla.suse.com/show_bug.cgi?id=1256838 * https://bugzilla.suse.com/show_bug.cgi?id=1256839 * https://bugzilla.suse.com/show_bug.cgi?id=1256840 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Feb 2 20:30:06 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 02 Feb 2026 20:30:06 -0000 Subject: SUSE-SU-2026:0361-1: moderate: Security update for logback Message-ID: <177006420609.9900.16138335257136194885@smelt2.prg2.suse.org> # Security update for logback Announcement ID: SUSE-SU-2026:0361-1 Release Date: 2026-02-02T13:20:46Z Rating: moderate References: * bsc#1257094 Cross-References: * CVE-2026-1225 CVSS scores: * CVE-2026-1225 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-1225 ( NVD ): 1.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:X/V:X/RE:M/U:Green Affected Products: * openSUSE Leap 15.6 An update that solves one vulnerability can now be installed. ## Description: This update for logback fixes the following issues: * CVE-2026-1225: ACE vulnerability in configuration file (bsc#1257094) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2026-361=1 ## Package List: * openSUSE Leap 15.6 (noarch) * logback-1.2.13-150200.3.16.1 * logback-access-1.2.13-150200.3.16.1 * logback-javadoc-1.2.13-150200.3.16.1 * logback-examples-1.2.13-150200.3.16.1 ## References: * https://www.suse.com/security/cve/CVE-2026-1225.html * https://bugzilla.suse.com/show_bug.cgi?id=1257094 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Feb 3 16:30:03 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 03 Feb 2026 16:30:03 -0000 Subject: SUSE-SU-2026:20203-1: important: Security update for ucode-amd Message-ID: <177013620394.28774.4776599151557929580@smelt2.prg2.suse.org> # Security update for ucode-amd Announcement ID: SUSE-SU-2026:20203-1 Release Date: 2026-01-28T16:01:59Z Rating: important References: Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP Applications 16.0 An update that can now be installed. ## Description: This update for ucode-amd fixes the following issues: Changes in ucode-amd: * Update to version 20251203 (git commit a0f0e52138e5): * linux-firmware: Update amd-ucode copyright information * linux-firmware: Update AMD cpu microcode * Update to version 20251113 (git commit fb0dbcd30118): * linux-firmware: Update AMD cpu microcode * Update to version 20251031 (git commit 04b323bb64f9): * linux-firmware: Update AMD cpu microcode * Update to version 20251028 (git commit 4f72031fc195): * linux-firmware: Update AMD cpu microcode * Update to version 20251024 (git commit 9b899c779b8a): * amd-ucode: Fix minimum revisions in README * Update to version 20250730 (git commit 910c19074091): * linux-firmware: Update AMD cpu microcode ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-209=1 * SUSE Linux Enterprise Server for SAP Applications 16.0 zypper in -t patch SUSE-SLES-16.0-209=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (noarch) * ucode-amd-20251203-160000.1.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (noarch) * ucode-amd-20251203-160000.1.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Feb 3 16:30:17 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 03 Feb 2026 16:30:17 -0000 Subject: SUSE-SU-2026:20202-1: important: Security update for the Linux Kernel (Live Patch 1 for SUSE Linux Enterprise 16) Message-ID: <177013621724.28774.15523294718901781942@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 1 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:20202-1 Release Date: 2026-01-28T10:28:18Z Rating: important References: * bsc#1251982 * bsc#1252270 * bsc#1253437 * bsc#1254196 Cross-References: * CVE-2025-39963 * CVE-2025-40204 * CVE-2025-40212 CVSS scores: * CVE-2025-39963 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39963 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-39963 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40204 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-40204 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-40212 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40212 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP Applications 16.0 An update that solves three vulnerabilities and has one fix can now be installed. ## Description: This update for the SUSE Linux Enterprise kernel 6.12.0-160000.6.1 fixes various security issues The following security issues were fixed: * CVE-2025-39963: io_uring: fix incorrect io_kiocb reference in io_link_skb (bsc#1251982). * CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437). * CVE-2025-40212: nfsd: fix refcount leak in nfsd_set_fh_dentry() (bsc#1254196). The following non security issues was fixed: * Explicitly add module-common.c with vermagic and retpoline modinfo (bsc#1252270). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-205=1 * SUSE Linux Enterprise Server for SAP Applications 16.0 zypper in -t patch SUSE-SLES-16.0-205=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (ppc64le s390x x86_64) * kernel-livepatch-SLE16_Update_1-debugsource-3-160000.1.1 * kernel-livepatch-6_12_0-160000_6-default-3-160000.1.1 * kernel-livepatch-6_12_0-160000_6-default-debuginfo-3-160000.1.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (ppc64le x86_64) * kernel-livepatch-SLE16_Update_1-debugsource-3-160000.1.1 * kernel-livepatch-6_12_0-160000_6-default-3-160000.1.1 * kernel-livepatch-6_12_0-160000_6-default-debuginfo-3-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-39963.html * https://www.suse.com/security/cve/CVE-2025-40204.html * https://www.suse.com/security/cve/CVE-2025-40212.html * https://bugzilla.suse.com/show_bug.cgi?id=1251982 * https://bugzilla.suse.com/show_bug.cgi?id=1252270 * https://bugzilla.suse.com/show_bug.cgi?id=1253437 * https://bugzilla.suse.com/show_bug.cgi?id=1254196 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Feb 3 16:30:20 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 03 Feb 2026 16:30:20 -0000 Subject: SUSE-SU-2026:20201-1: moderate: Security update for unbound Message-ID: <177013622063.28774.4776378503497923081@smelt2.prg2.suse.org> # Security update for unbound Announcement ID: SUSE-SU-2026:20201-1 Release Date: 2026-01-30T10:05:07Z Rating: moderate References: * bsc#1252525 Cross-References: * CVE-2025-11411 CVSS scores: * CVE-2025-11411 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:L * CVE-2025-11411 ( SUSE ): 6.9 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:L * CVE-2025-11411 ( NVD ): 5.7 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:H/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP Applications 16.0 An update that solves one vulnerability can now be installed. ## Description: This update for unbound fixes the following issues: Update to 1.24.1: * CVE-2025-11411: Fixed possible domain hijacking attack (bsc#1252525). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-224=1 * SUSE Linux Enterprise Server for SAP Applications 16.0 zypper in -t patch SUSE-SLES-16.0-224=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * python3-unbound-debuginfo-1.24.1-160000.1.1 * unbound-debuginfo-1.24.1-160000.1.1 * unbound-debugsource-1.24.1-160000.1.1 * unbound-devel-1.24.1-160000.1.1 * python3-unbound-1.24.1-160000.1.1 * libunbound8-1.24.1-160000.1.1 * unbound-anchor-debuginfo-1.24.1-160000.1.1 * unbound-anchor-1.24.1-160000.1.1 * libunbound8-debuginfo-1.24.1-160000.1.1 * unbound-1.24.1-160000.1.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (ppc64le x86_64) * python3-unbound-debuginfo-1.24.1-160000.1.1 * unbound-debuginfo-1.24.1-160000.1.1 * unbound-debugsource-1.24.1-160000.1.1 * unbound-devel-1.24.1-160000.1.1 * python3-unbound-1.24.1-160000.1.1 * libunbound8-1.24.1-160000.1.1 * unbound-anchor-debuginfo-1.24.1-160000.1.1 * unbound-anchor-1.24.1-160000.1.1 * libunbound8-debuginfo-1.24.1-160000.1.1 * unbound-1.24.1-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-11411.html * https://bugzilla.suse.com/show_bug.cgi?id=1252525 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Feb 3 16:30:24 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 03 Feb 2026 16:30:24 -0000 Subject: SUSE-SU-2026:20200-1: moderate: Security update for jasper Message-ID: <177013622497.28774.2515158385884323424@smelt2.prg2.suse.org> # Security update for jasper Announcement ID: SUSE-SU-2026:20200-1 Release Date: 2026-01-30T09:59:14Z Rating: moderate References: * bsc#1247901 * bsc#1247902 * bsc#1247904 Cross-References: * CVE-2025-8835 * CVE-2025-8836 * CVE-2025-8837 CVSS scores: * CVE-2025-8835 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-8835 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-8835 ( NVD ): 1.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-8835 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-8835 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-8836 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-8836 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-8836 ( NVD ): 1.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-8836 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-8837 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-8837 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H * CVE-2025-8837 ( NVD ): 1.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-8837 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-8837 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP Applications 16.0 An update that solves three vulnerabilities can now be installed. ## Description: This update for jasper fixes the following issues: Update to 4.2.8: * CVE-2025-8837: Fixed a bug in the JPC decoder that could cause bad memory accesses if the debug level is set sufficiently high (bsc#1247901). * CVE-2025-8836: Added some missing range checking on several coding parameters in the JPC encoder (bsc#1247902). * CVE-2025-8835: Added a check for a missing color component in the jas_image_chclrspc function (bsc#1247904). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-223=1 * SUSE Linux Enterprise Server for SAP Applications 16.0 zypper in -t patch SUSE-SLES-16.0-223=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * jasper-debugsource-4.2.8-160000.1.1 * libjasper7-debuginfo-4.2.8-160000.1.1 * libjasper7-4.2.8-160000.1.1 * jasper-debuginfo-4.2.8-160000.1.1 * jasper-4.2.8-160000.1.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (ppc64le x86_64) * jasper-debugsource-4.2.8-160000.1.1 * libjasper7-debuginfo-4.2.8-160000.1.1 * libjasper7-4.2.8-160000.1.1 * jasper-debuginfo-4.2.8-160000.1.1 * jasper-4.2.8-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-8835.html * https://www.suse.com/security/cve/CVE-2025-8836.html * https://www.suse.com/security/cve/CVE-2025-8837.html * https://bugzilla.suse.com/show_bug.cgi?id=1247901 * https://bugzilla.suse.com/show_bug.cgi?id=1247902 * https://bugzilla.suse.com/show_bug.cgi?id=1247904 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Feb 3 16:30:32 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 03 Feb 2026 16:30:32 -0000 Subject: SUSE-SU-2026:20199-1: important: Security update for java-17-openjdk Message-ID: <177013623250.28774.14067270079784903362@smelt2.prg2.suse.org> # Security update for java-17-openjdk Announcement ID: SUSE-SU-2026:20199-1 Release Date: 2026-01-29T17:44:57Z Rating: important References: * bsc#1255446 * bsc#1257034 * bsc#1257036 * bsc#1257037 * bsc#1257038 * jsc#PED-14507 * jsc#PED-15216 Cross-References: * CVE-2026-21925 * CVE-2026-21932 * CVE-2026-21933 * CVE-2026-21945 CVSS scores: * CVE-2026-21925 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-21925 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-21932 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N * CVE-2026-21932 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N * CVE-2026-21933 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-21933 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-21945 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-21945 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP Applications 16.0 An update that solves four vulnerabilities, contains two features and has one fix can now be installed. ## Description: This update for java-17-openjdk fixes the following issues: Upgrade to upstream tag jdk-17.0.18+8 (January 2026 CPU) Security fixes: * CVE-2026-21925: Fixed Oracle Java SE component RMI (bsc#1257034). * CVE-2026-21932: Fixed Oracle Java SE component AWT and JavaFX (bsc#1257036). * CVE-2026-21933: Fixed Oracle Java SE component Networking (bsc#1257037). * CVE-2026-21945: Fixed Oracle Java SE component Security (bsc#1257038). Other fixes: * OpenJDK rendering blue borders when it should not, due to missing the fix for JDK-6304250 from upstream (bsc#1255446). * Do not depend on update-desktop-files (jsc#PED-14507, jsc#PED-15216). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-219=1 * SUSE Linux Enterprise Server for SAP Applications 16.0 zypper in -t patch SUSE-SLES-16.0-219=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * java-17-openjdk-demo-17.0.18.0-160000.1.1 * java-17-openjdk-devel-17.0.18.0-160000.1.1 * java-17-openjdk-headless-debuginfo-17.0.18.0-160000.1.1 * java-17-openjdk-headless-17.0.18.0-160000.1.1 * java-17-openjdk-17.0.18.0-160000.1.1 * java-17-openjdk-src-17.0.18.0-160000.1.1 * java-17-openjdk-jmods-17.0.18.0-160000.1.1 * java-17-openjdk-devel-debuginfo-17.0.18.0-160000.1.1 * java-17-openjdk-debuginfo-17.0.18.0-160000.1.1 * SUSE Linux Enterprise Server 16.0 (noarch) * java-17-openjdk-javadoc-17.0.18.0-160000.1.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (ppc64le x86_64) * java-17-openjdk-demo-17.0.18.0-160000.1.1 * java-17-openjdk-devel-17.0.18.0-160000.1.1 * java-17-openjdk-headless-debuginfo-17.0.18.0-160000.1.1 * java-17-openjdk-headless-17.0.18.0-160000.1.1 * java-17-openjdk-17.0.18.0-160000.1.1 * java-17-openjdk-src-17.0.18.0-160000.1.1 * java-17-openjdk-jmods-17.0.18.0-160000.1.1 * java-17-openjdk-devel-debuginfo-17.0.18.0-160000.1.1 * java-17-openjdk-debuginfo-17.0.18.0-160000.1.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (noarch) * java-17-openjdk-javadoc-17.0.18.0-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-21925.html * https://www.suse.com/security/cve/CVE-2026-21932.html * https://www.suse.com/security/cve/CVE-2026-21933.html * https://www.suse.com/security/cve/CVE-2026-21945.html * https://bugzilla.suse.com/show_bug.cgi?id=1255446 * https://bugzilla.suse.com/show_bug.cgi?id=1257034 * https://bugzilla.suse.com/show_bug.cgi?id=1257036 * https://bugzilla.suse.com/show_bug.cgi?id=1257037 * https://bugzilla.suse.com/show_bug.cgi?id=1257038 * https://jira.suse.com/browse/PED-14507 * https://jira.suse.com/browse/PED-15216 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Feb 3 16:30:41 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 03 Feb 2026 16:30:41 -0000 Subject: SUSE-SU-2026:20198-1: important: Security update for glibc Message-ID: <177013624100.28774.13263580993333483762@smelt2.prg2.suse.org> # Security update for glibc Announcement ID: SUSE-SU-2026:20198-1 Release Date: 2026-01-29T17:44:57Z Rating: important References: * bsc#1236282 * bsc#1256436 * bsc#1256766 * bsc#1256822 * bsc#1257005 Cross-References: * CVE-2025-0395 * CVE-2025-15281 * CVE-2026-0861 * CVE-2026-0915 CVSS scores: * CVE-2025-0395 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-0395 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2025-0395 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-15281 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-15281 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-15281 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-0861 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-0861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-0861 ( NVD ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-0915 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-0915 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-0915 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP Applications 16.0 An update that solves four vulnerabilities and has one fix can now be installed. ## Description: This update for glibc fixes the following issues: Security fixes: * CVE-2025-0395: Fixed buffer overflow in the assert() function (bsc#1236282). * CVE-2026-0861: Fixed inadequate size check in the memalign suite may result in an integer overflow (bsc#1256766). * CVE-2026-0915: Fixed uninitialized stack buffer used as DNS query name when net==0 in _nss_dns_getnetbyaddr_r (bsc#1256822). * CVE-2025-15281: Fixed uninitialized memory may cause the process abort (bsc#1257005). Other fixes: * NPTL: Optimize trylock for high cache contention workloads (bsc#1256436) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-218=1 * SUSE Linux Enterprise Server for SAP Applications 16.0 zypper in -t patch SUSE-SLES-16.0-218=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * glibc-debugsource-2.40-160000.3.1 * glibc-2.40-160000.3.1 * glibc-devel-2.40-160000.3.1 * glibc-utils-src-debugsource-2.40-160000.3.1 * glibc-extra-debuginfo-2.40-160000.3.1 * glibc-devel-static-2.40-160000.3.1 * glibc-utils-debuginfo-2.40-160000.3.1 * glibc-locale-2.40-160000.3.1 * glibc-locale-base-2.40-160000.3.1 * glibc-devel-debuginfo-2.40-160000.3.1 * glibc-gconv-modules-extra-2.40-160000.3.1 * glibc-debuginfo-2.40-160000.3.1 * glibc-gconv-modules-extra-debuginfo-2.40-160000.3.1 * glibc-utils-2.40-160000.3.1 * glibc-extra-2.40-160000.3.1 * glibc-profile-2.40-160000.3.1 * SUSE Linux Enterprise Server 16.0 (noarch) * glibc-html-2.40-160000.3.1 * glibc-i18ndata-2.40-160000.3.1 * glibc-lang-2.40-160000.3.1 * glibc-info-2.40-160000.3.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (ppc64le x86_64) * glibc-debugsource-2.40-160000.3.1 * glibc-2.40-160000.3.1 * glibc-devel-2.40-160000.3.1 * glibc-utils-src-debugsource-2.40-160000.3.1 * glibc-extra-debuginfo-2.40-160000.3.1 * glibc-devel-static-2.40-160000.3.1 * glibc-utils-debuginfo-2.40-160000.3.1 * glibc-locale-2.40-160000.3.1 * glibc-locale-base-2.40-160000.3.1 * glibc-devel-debuginfo-2.40-160000.3.1 * glibc-gconv-modules-extra-2.40-160000.3.1 * glibc-debuginfo-2.40-160000.3.1 * glibc-gconv-modules-extra-debuginfo-2.40-160000.3.1 * glibc-utils-2.40-160000.3.1 * glibc-extra-2.40-160000.3.1 * glibc-profile-2.40-160000.3.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (noarch) * glibc-html-2.40-160000.3.1 * glibc-i18ndata-2.40-160000.3.1 * glibc-lang-2.40-160000.3.1 * glibc-info-2.40-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-0395.html * https://www.suse.com/security/cve/CVE-2025-15281.html * https://www.suse.com/security/cve/CVE-2026-0861.html * https://www.suse.com/security/cve/CVE-2026-0915.html * https://bugzilla.suse.com/show_bug.cgi?id=1236282 * https://bugzilla.suse.com/show_bug.cgi?id=1256436 * https://bugzilla.suse.com/show_bug.cgi?id=1256766 * https://bugzilla.suse.com/show_bug.cgi?id=1256822 * https://bugzilla.suse.com/show_bug.cgi?id=1257005 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Feb 3 16:30:47 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 03 Feb 2026 16:30:47 -0000 Subject: SUSE-SU-2026:20196-1: important: Security update for openvpn Message-ID: <177013624741.28774.17418535133752146257@smelt2.prg2.suse.org> # Security update for openvpn Announcement ID: SUSE-SU-2026:20196-1 Release Date: 2026-01-29T16:14:38Z Rating: important References: * bsc#1254486 Cross-References: * CVE-2025-13086 CVSS scores: * CVE-2025-13086 ( SUSE ): 4.6 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-13086 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-13086 ( NVD ): 4.6 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-13086 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP Applications 16.0 An update that solves one vulnerability can now be installed. ## Description: This update for openvpn fixes the following issues: * CVE-2025-13086: Fixed improper validation of source IP addresses in OpenVPN that could lead to DoS (bsc#1254486). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-222=1 * SUSE Linux Enterprise Server for SAP Applications 16.0 zypper in -t patch SUSE-SLES-16.0-222=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * openvpn-auth-pam-plugin-2.6.10-160000.3.1 * openvpn-down-root-plugin-debuginfo-2.6.10-160000.3.1 * openvpn-2.6.10-160000.3.1 * openvpn-auth-pam-plugin-debuginfo-2.6.10-160000.3.1 * openvpn-devel-2.6.10-160000.3.1 * openvpn-down-root-plugin-2.6.10-160000.3.1 * openvpn-debuginfo-2.6.10-160000.3.1 * openvpn-debugsource-2.6.10-160000.3.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (ppc64le x86_64) * openvpn-auth-pam-plugin-2.6.10-160000.3.1 * openvpn-down-root-plugin-debuginfo-2.6.10-160000.3.1 * openvpn-2.6.10-160000.3.1 * openvpn-auth-pam-plugin-debuginfo-2.6.10-160000.3.1 * openvpn-devel-2.6.10-160000.3.1 * openvpn-down-root-plugin-2.6.10-160000.3.1 * openvpn-debuginfo-2.6.10-160000.3.1 * openvpn-debugsource-2.6.10-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-13086.html * https://bugzilla.suse.com/show_bug.cgi?id=1254486 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Feb 3 16:30:55 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 03 Feb 2026 16:30:55 -0000 Subject: SUSE-SU-2026:20194-1: important: Security update for postgresql17 and postgresql18 Message-ID: <177013625530.28774.9197808573495997649@smelt2.prg2.suse.org> # Security update for postgresql17 and postgresql18 Announcement ID: SUSE-SU-2026:20194-1 Release Date: 2026-01-29T13:21:20Z Rating: important References: * bsc#1253332 * bsc#1253333 Cross-References: * CVE-2025-12817 * CVE-2025-12818 CVSS scores: * CVE-2025-12817 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-12817 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2025-12817 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-12818 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-12818 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-12818 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP Applications 16.0 An update that solves two vulnerabilities can now be installed. ## Description: This update for postgresql17 and postgresql18 fixes the following issues: Changes in postgresql17, postgresql18: Update to 17.7: * https://www.postgresql.org/about/news/p-3171/ * https://www.postgresql.org/docs/release/17.7/ * bsc#1253332, CVE-2025-12817: Missing check for CREATE privileges on the schema in CREATE STATISTICS allowed table owners to create statistics in any schema, potentially leading to unexpected naming conflicts. * bsc#1253333, CVE-2025-12818: Several places in libpq were not sufficiently careful about computing the required size of a memory allocation. Sufficiently large inputs could cause integer overflow, resulting in an undersized buffer, which would then lead to writing past the end of the buffer. Postgresql is shipped in version 18.1. pgvector was updated to 0.8.1 to support postgresql18. pgaudit was updated to support postgresql18. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-216=1 * SUSE Linux Enterprise Server for SAP Applications 16.0 zypper in -t patch SUSE-SLES-16.0-216=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (noarch) * postgresql18-docs-18.1-160000.1.1 * postgresql-plperl-18-160000.1.1 * postgresql-pltcl-18-160000.1.1 * postgresql-server-18-160000.1.1 * postgresql17-docs-17.7-160000.1.1 * postgresql-contrib-18-160000.1.1 * postgresql-server-devel-18-160000.1.1 * postgresql-plpython-18-160000.1.1 * postgresql-docs-18-160000.1.1 * postgresql-18-160000.1.1 * postgresql-devel-18-160000.1.1 * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * libecpg6-debuginfo-18.1-160000.1.1 * postgresql15-pgaudit-debugsource-1.7.1-160000.3.1 * postgresql15-pgvector-debugsource-0.8.1-160000.1.1 * postgresql18-pgaudit-18.0-160000.3.1 * postgresql13-pgvector-debuginfo-0.8.1-160000.1.1 * postgresql18-debugsource-18.1-160000.1.1 * postgresql18-plperl-debuginfo-18.1-160000.1.1 * postgresql14-pgaudit-debugsource-1.6.3-160000.3.1 * postgresql18-pgvector-0.8.1-160000.1.1 * postgresql18-pgvector-debugsource-0.8.1-160000.1.1 * postgresql17-pgaudit-debugsource-17.1-160000.3.1 * postgresql17-plperl-debuginfo-17.7-160000.1.1 * postgresql17-contrib-debuginfo-17.7-160000.1.1 * postgresql18-server-devel-18.1-160000.1.1 * postgresql14-pgaudit-1.6.3-160000.3.1 * postgresql18-pltcl-debuginfo-18.1-160000.1.1 * postgresql18-server-18.1-160000.1.1 * postgresql17-debuginfo-17.7-160000.1.1 * libpq5-18.1-160000.1.1 * postgresql17-plpython-debuginfo-17.7-160000.1.1 * postgresql18-server-debuginfo-18.1-160000.1.1 * postgresql18-devel-18.1-160000.1.1 * postgresql17-17.7-160000.1.1 * postgresql17-devel-17.7-160000.1.1 * postgresql16-pgvector-debugsource-0.8.1-160000.1.1 * postgresql17-server-devel-17.7-160000.1.1 * postgresql18-pgvector-debuginfo-0.8.1-160000.1.1 * postgresql16-pgvector-debuginfo-0.8.1-160000.1.1 * postgresql17-pgvector-debugsource-0.8.1-160000.1.1 * postgresql17-server-devel-debuginfo-17.7-160000.1.1 * postgresql17-debugsource-17.7-160000.1.1 * postgresql18-pltcl-18.1-160000.1.1 * postgresql13-pgvector-debugsource-0.8.1-160000.1.1 * postgresql18-server-devel-debuginfo-18.1-160000.1.1 * postgresql15-pgaudit-debuginfo-1.7.1-160000.3.1 * libecpg6-18.1-160000.1.1 * postgresql18-plpython-debuginfo-18.1-160000.1.1 * postgresql13-pgaudit-debuginfo-1.5.3-160000.3.1 * postgresql17-plperl-17.7-160000.1.1 * postgresql18-pgaudit-debuginfo-18.0-160000.3.1 * postgresql14-pgvector-0.8.1-160000.1.1 * postgresql17-devel-debuginfo-17.7-160000.1.1 * postgresql17-server-17.7-160000.1.1 * postgresql18-devel-debuginfo-18.1-160000.1.1 * postgresql18-plperl-18.1-160000.1.1 * postgresql17-pltcl-debuginfo-17.7-160000.1.1 * postgresql14-pgvector-debugsource-0.8.1-160000.1.1 * postgresql17-pgvector-debuginfo-0.8.1-160000.1.1 * postgresql16-pgaudit-debugsource-16.1-160000.3.1 * postgresql13-pgvector-0.8.1-160000.1.1 * postgresql18-pgaudit-debugsource-18.0-160000.3.1 * postgresql15-pgaudit-1.7.1-160000.3.1 * postgresql15-pgvector-debuginfo-0.8.1-160000.1.1 * postgresql17-pltcl-17.7-160000.1.1 * postgresql17-server-debuginfo-17.7-160000.1.1 * postgresql14-pgaudit-debuginfo-1.6.3-160000.3.1 * postgresql16-pgaudit-debuginfo-16.1-160000.3.1 * postgresql17-pgaudit-debuginfo-17.1-160000.3.1 * postgresql16-pgaudit-16.1-160000.3.1 * postgresql18-debuginfo-18.1-160000.1.1 * postgresql18-contrib-18.1-160000.1.1 * postgresql15-pgvector-0.8.1-160000.1.1 * postgresql17-pgvector-0.8.1-160000.1.1 * postgresql18-18.1-160000.1.1 * postgresql18-contrib-debuginfo-18.1-160000.1.1 * postgresql16-pgvector-0.8.1-160000.1.1 * postgresql17-pgaudit-17.1-160000.3.1 * postgresql14-pgvector-debuginfo-0.8.1-160000.1.1 * libpq5-debuginfo-18.1-160000.1.1 * postgresql13-pgaudit-1.5.3-160000.3.1 * postgresql17-plpython-17.7-160000.1.1 * postgresql18-plpython-18.1-160000.1.1 * postgresql13-pgaudit-debugsource-1.5.3-160000.3.1 * postgresql17-contrib-17.7-160000.1.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (ppc64le x86_64) * libecpg6-debuginfo-18.1-160000.1.1 * postgresql15-pgaudit-debugsource-1.7.1-160000.3.1 * postgresql15-pgvector-debugsource-0.8.1-160000.1.1 * postgresql18-pgaudit-18.0-160000.3.1 * postgresql13-pgvector-debuginfo-0.8.1-160000.1.1 * postgresql18-debugsource-18.1-160000.1.1 * postgresql18-plperl-debuginfo-18.1-160000.1.1 * postgresql14-pgaudit-debugsource-1.6.3-160000.3.1 * postgresql18-pgvector-0.8.1-160000.1.1 * postgresql18-pgvector-debugsource-0.8.1-160000.1.1 * postgresql17-pgaudit-debugsource-17.1-160000.3.1 * postgresql17-plperl-debuginfo-17.7-160000.1.1 * postgresql17-contrib-debuginfo-17.7-160000.1.1 * postgresql18-server-devel-18.1-160000.1.1 * postgresql14-pgaudit-1.6.3-160000.3.1 * postgresql18-pltcl-debuginfo-18.1-160000.1.1 * postgresql18-server-18.1-160000.1.1 * postgresql17-debuginfo-17.7-160000.1.1 * libpq5-18.1-160000.1.1 * postgresql17-plpython-debuginfo-17.7-160000.1.1 * postgresql18-server-debuginfo-18.1-160000.1.1 * postgresql18-devel-18.1-160000.1.1 * postgresql17-17.7-160000.1.1 * postgresql17-devel-17.7-160000.1.1 * postgresql16-pgvector-debugsource-0.8.1-160000.1.1 * postgresql17-server-devel-17.7-160000.1.1 * postgresql13-pgaudit-debugsource-1.5.3-160000.3.1 * postgresql18-pgvector-debuginfo-0.8.1-160000.1.1 * postgresql16-pgvector-debuginfo-0.8.1-160000.1.1 * postgresql17-pgvector-debugsource-0.8.1-160000.1.1 * postgresql17-server-devel-debuginfo-17.7-160000.1.1 * postgresql17-debugsource-17.7-160000.1.1 * postgresql18-pltcl-18.1-160000.1.1 * postgresql13-pgvector-debugsource-0.8.1-160000.1.1 * postgresql18-server-devel-debuginfo-18.1-160000.1.1 * postgresql15-pgaudit-debuginfo-1.7.1-160000.3.1 * libecpg6-18.1-160000.1.1 * postgresql18-plpython-debuginfo-18.1-160000.1.1 * postgresql13-pgaudit-debuginfo-1.5.3-160000.3.1 * postgresql17-plperl-17.7-160000.1.1 * postgresql18-pgaudit-debuginfo-18.0-160000.3.1 * postgresql14-pgvector-0.8.1-160000.1.1 * postgresql17-devel-debuginfo-17.7-160000.1.1 * postgresql17-server-17.7-160000.1.1 * postgresql18-devel-debuginfo-18.1-160000.1.1 * postgresql18-plperl-18.1-160000.1.1 * postgresql17-pltcl-debuginfo-17.7-160000.1.1 * postgresql14-pgvector-debugsource-0.8.1-160000.1.1 * postgresql17-pgvector-debuginfo-0.8.1-160000.1.1 * postgresql16-pgaudit-debugsource-16.1-160000.3.1 * postgresql18-pgaudit-debugsource-18.0-160000.3.1 * postgresql15-pgaudit-1.7.1-160000.3.1 * postgresql15-pgvector-debuginfo-0.8.1-160000.1.1 * postgresql17-pltcl-17.7-160000.1.1 * postgresql17-server-debuginfo-17.7-160000.1.1 * postgresql14-pgaudit-debuginfo-1.6.3-160000.3.1 * postgresql16-pgaudit-debuginfo-16.1-160000.3.1 * postgresql17-pgaudit-debuginfo-17.1-160000.3.1 * postgresql16-pgaudit-16.1-160000.3.1 * postgresql18-debuginfo-18.1-160000.1.1 * postgresql18-contrib-18.1-160000.1.1 * postgresql15-pgvector-0.8.1-160000.1.1 * postgresql17-pgvector-0.8.1-160000.1.1 * postgresql18-18.1-160000.1.1 * postgresql18-contrib-debuginfo-18.1-160000.1.1 * postgresql16-pgvector-0.8.1-160000.1.1 * postgresql17-pgaudit-17.1-160000.3.1 * postgresql14-pgvector-debuginfo-0.8.1-160000.1.1 * libpq5-debuginfo-18.1-160000.1.1 * postgresql13-pgaudit-1.5.3-160000.3.1 * postgresql17-plpython-17.7-160000.1.1 * postgresql18-plpython-18.1-160000.1.1 * postgresql13-pgvector-0.8.1-160000.1.1 * postgresql17-contrib-17.7-160000.1.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (noarch) * postgresql18-docs-18.1-160000.1.1 * postgresql-plperl-18-160000.1.1 * postgresql-pltcl-18-160000.1.1 * postgresql-server-18-160000.1.1 * postgresql17-docs-17.7-160000.1.1 * postgresql-contrib-18-160000.1.1 * postgresql-server-devel-18-160000.1.1 * postgresql-plpython-18-160000.1.1 * postgresql-docs-18-160000.1.1 * postgresql-18-160000.1.1 * postgresql-devel-18-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-12817.html * https://www.suse.com/security/cve/CVE-2025-12818.html * https://bugzilla.suse.com/show_bug.cgi?id=1253332 * https://bugzilla.suse.com/show_bug.cgi?id=1253333 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Feb 3 16:30:51 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 03 Feb 2026 16:30:51 -0000 Subject: SUSE-SU-2026:20195-1: important: Security update for gpg2 Message-ID: <177013625189.28774.8091910874649411225@smelt2.prg2.suse.org> # Security update for gpg2 Announcement ID: SUSE-SU-2026:20195-1 Release Date: 2026-01-29T16:14:38Z Rating: important References: * bsc#1256389 * bsc#1257395 * bsc#1257396 Cross-References: * CVE-2026-24882 * CVE-2026-24883 CVSS scores: * CVE-2026-24882 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-24882 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-24882 ( NVD ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-24883 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-24883 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-24883 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP Applications 16.0 An update that solves two vulnerabilities and has one fix can now be installed. ## Description: This update for gpg2 fixes the following issues: * CVE-2026-24882: stack-based buffer overflow in TPM2 PKDECRYPT for TPM-backed RSA and ECC keys (bsc#1257396). * CVE-2026-24883: denial of service due to long signature packet length causing parse_signature to return success with sig->data[] set to a NULL value (bsc#1257395). * gpg.fail/filename: GnuPG Accepts Path Separators and Path Traversals in Literal Data "Filename" Field (bsc#1256389). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-221=1 * SUSE Linux Enterprise Server for SAP Applications 16.0 zypper in -t patch SUSE-SLES-16.0-221=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * gpg2-debugsource-2.5.5-160000.4.1 * gpg2-debuginfo-2.5.5-160000.4.1 * dirmngr-debuginfo-2.5.5-160000.4.1 * gpg2-tpm-debuginfo-2.5.5-160000.4.1 * gpg2-tpm-2.5.5-160000.4.1 * gpg2-2.5.5-160000.4.1 * dirmngr-2.5.5-160000.4.1 * SUSE Linux Enterprise Server 16.0 (noarch) * gpg2-lang-2.5.5-160000.4.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (ppc64le x86_64) * gpg2-debugsource-2.5.5-160000.4.1 * gpg2-debuginfo-2.5.5-160000.4.1 * dirmngr-debuginfo-2.5.5-160000.4.1 * gpg2-tpm-debuginfo-2.5.5-160000.4.1 * gpg2-tpm-2.5.5-160000.4.1 * gpg2-2.5.5-160000.4.1 * dirmngr-2.5.5-160000.4.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (noarch) * gpg2-lang-2.5.5-160000.4.1 ## References: * https://www.suse.com/security/cve/CVE-2026-24882.html * https://www.suse.com/security/cve/CVE-2026-24883.html * https://bugzilla.suse.com/show_bug.cgi?id=1256389 * https://bugzilla.suse.com/show_bug.cgi?id=1257395 * https://bugzilla.suse.com/show_bug.cgi?id=1257396 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Feb 3 16:30:58 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 03 Feb 2026 16:30:58 -0000 Subject: SUSE-SU-2026:20193-1: important: Security update for postgresql16 Message-ID: <177013625851.28774.906508371287325668@smelt2.prg2.suse.org> # Security update for postgresql16 Announcement ID: SUSE-SU-2026:20193-1 Release Date: 2026-01-29T10:55:17Z Rating: important References: * bsc#1253332 * bsc#1253333 Cross-References: * CVE-2025-12817 * CVE-2025-12818 CVSS scores: * CVE-2025-12817 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-12817 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2025-12817 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-12818 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-12818 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-12818 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP Applications 16.0 An update that solves two vulnerabilities can now be installed. ## Description: This update for postgresql16 fixes the following issues: Security fixes: * CVE-2025-12817: Missing check for CREATE privileges on the schema in CREATE STATISTICS allowed table owners to create statistics in any schema, potentially leading to unexpected naming conflicts (bsc#1253332) * CVE-2025-12818: Several places in libpq were not sufficiently careful about computing the required size of a memory allocation. Sufficiently large inputs could cause integer overflow, resulting in an undersized buffer, which would then lead to writing past the end of the buffer (bsc#1253333) Other fixes: * Upgrade to 16.11 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-215=1 * SUSE Linux Enterprise Server for SAP Applications 16.0 zypper in -t patch SUSE-SLES-16.0-215=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * postgresql16-debuginfo-16.11-160000.1.1 * postgresql16-plpython-debuginfo-16.11-160000.1.1 * postgresql16-devel-16.11-160000.1.1 * postgresql16-plperl-debuginfo-16.11-160000.1.1 * postgresql16-pltcl-16.11-160000.1.1 * postgresql16-server-16.11-160000.1.1 * postgresql16-debugsource-16.11-160000.1.1 * postgresql16-server-debuginfo-16.11-160000.1.1 * postgresql16-contrib-16.11-160000.1.1 * postgresql16-plpython-16.11-160000.1.1 * postgresql16-server-devel-debuginfo-16.11-160000.1.1 * postgresql16-devel-debuginfo-16.11-160000.1.1 * postgresql16-contrib-debuginfo-16.11-160000.1.1 * postgresql16-16.11-160000.1.1 * postgresql16-pltcl-debuginfo-16.11-160000.1.1 * postgresql16-server-devel-16.11-160000.1.1 * postgresql16-plperl-16.11-160000.1.1 * SUSE Linux Enterprise Server 16.0 (noarch) * postgresql16-docs-16.11-160000.1.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (ppc64le x86_64) * postgresql16-debuginfo-16.11-160000.1.1 * postgresql16-plpython-debuginfo-16.11-160000.1.1 * postgresql16-devel-16.11-160000.1.1 * postgresql16-plperl-debuginfo-16.11-160000.1.1 * postgresql16-pltcl-16.11-160000.1.1 * postgresql16-server-16.11-160000.1.1 * postgresql16-debugsource-16.11-160000.1.1 * postgresql16-server-debuginfo-16.11-160000.1.1 * postgresql16-contrib-16.11-160000.1.1 * postgresql16-plpython-16.11-160000.1.1 * postgresql16-server-devel-debuginfo-16.11-160000.1.1 * postgresql16-devel-debuginfo-16.11-160000.1.1 * postgresql16-contrib-debuginfo-16.11-160000.1.1 * postgresql16-16.11-160000.1.1 * postgresql16-pltcl-debuginfo-16.11-160000.1.1 * postgresql16-server-devel-16.11-160000.1.1 * postgresql16-plperl-16.11-160000.1.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (noarch) * postgresql16-docs-16.11-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-12817.html * https://www.suse.com/security/cve/CVE-2025-12818.html * https://bugzilla.suse.com/show_bug.cgi?id=1253332 * https://bugzilla.suse.com/show_bug.cgi?id=1253333 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Feb 3 16:31:10 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 03 Feb 2026 16:31:10 -0000 Subject: SUSE-SU-2026:20190-1: important: Security update for java-21-openjdk Message-ID: <177013627023.28774.10144655271332208232@smelt2.prg2.suse.org> # Security update for java-21-openjdk Announcement ID: SUSE-SU-2026:20190-1 Release Date: 2026-01-28T16:43:12Z Rating: important References: * bsc#1257034 * bsc#1257036 * bsc#1257037 * bsc#1257038 * jsc#PED-14507 * jsc#PED-15217 Cross-References: * CVE-2026-21925 * CVE-2026-21932 * CVE-2026-21933 * CVE-2026-21945 CVSS scores: * CVE-2026-21925 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-21925 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-21932 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N * CVE-2026-21932 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N * CVE-2026-21933 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-21933 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-21945 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-21945 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP Applications 16.0 An update that solves four vulnerabilities and contains two features can now be installed. ## Description: This update for java-21-openjdk fixes the following issues: Update to upstream tag jdk-21.0.10+7 (January 2026 CPU) Security fixes: * CVE-2026-21925: Fixed Oracle Java SE component RMI (bsc#1257034). * CVE-2026-21932: Fixed Oracle Java SE component AWT and JavaFX (bsc#1257036). * CVE-2026-21933: Fixed Oracle Java SE component Networking (bsc#1257037). * CVE-2026-21945: Fixed Oracle Java SE component Security (bsc#1257038). Other fixes: * Do not depend on update-desktop-files (jsc#PED-14507, jsc#PED-15217). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-211=1 * SUSE Linux Enterprise Server for SAP Applications 16.0 zypper in -t patch SUSE-SLES-16.0-211=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * java-21-openjdk-debuginfo-21.0.10.0-160000.1.1 * java-21-openjdk-21.0.10.0-160000.1.1 * java-21-openjdk-devel-debuginfo-21.0.10.0-160000.1.1 * java-21-openjdk-headless-debuginfo-21.0.10.0-160000.1.1 * java-21-openjdk-src-21.0.10.0-160000.1.1 * java-21-openjdk-jmods-21.0.10.0-160000.1.1 * java-21-openjdk-demo-21.0.10.0-160000.1.1 * java-21-openjdk-headless-21.0.10.0-160000.1.1 * java-21-openjdk-devel-21.0.10.0-160000.1.1 * SUSE Linux Enterprise Server 16.0 (noarch) * java-21-openjdk-javadoc-21.0.10.0-160000.1.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (ppc64le x86_64) * java-21-openjdk-debuginfo-21.0.10.0-160000.1.1 * java-21-openjdk-21.0.10.0-160000.1.1 * java-21-openjdk-devel-debuginfo-21.0.10.0-160000.1.1 * java-21-openjdk-headless-debuginfo-21.0.10.0-160000.1.1 * java-21-openjdk-src-21.0.10.0-160000.1.1 * java-21-openjdk-jmods-21.0.10.0-160000.1.1 * java-21-openjdk-demo-21.0.10.0-160000.1.1 * java-21-openjdk-headless-21.0.10.0-160000.1.1 * java-21-openjdk-devel-21.0.10.0-160000.1.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (noarch) * java-21-openjdk-javadoc-21.0.10.0-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-21925.html * https://www.suse.com/security/cve/CVE-2026-21932.html * https://www.suse.com/security/cve/CVE-2026-21933.html * https://www.suse.com/security/cve/CVE-2026-21945.html * https://bugzilla.suse.com/show_bug.cgi?id=1257034 * https://bugzilla.suse.com/show_bug.cgi?id=1257036 * https://bugzilla.suse.com/show_bug.cgi?id=1257037 * https://bugzilla.suse.com/show_bug.cgi?id=1257038 * https://jira.suse.com/browse/PED-14507 * https://jira.suse.com/browse/PED-15217 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Feb 3 16:31:13 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 03 Feb 2026 16:31:13 -0000 Subject: SUSE-SU-2026:20189-1: important: Security update for python-urllib3 Message-ID: <177013627383.28774.7069101283870779474@smelt2.prg2.suse.org> # Security update for python-urllib3 Announcement ID: SUSE-SU-2026:20189-1 Release Date: 2026-01-28T16:04:56Z Rating: important References: * bsc#1254866 * bsc#1254867 Cross-References: * CVE-2025-66418 * CVE-2025-66471 CVSS scores: * CVE-2025-66418 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-66418 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-66418 ( NVD ): 8.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-66418 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-66471 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-66471 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-66471 ( NVD ): 8.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-66471 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP Applications 16.0 An update that solves two vulnerabilities can now be installed. ## Description: This update for python-urllib3 fixes the following issues: * CVE-2025-66471: Fixed excessive resource consumption via decompression of highly compressed data in Streaming API (bsc#1254867) * CVE-2025-66418: Fixed resource exhaustion via unbounded number of links in the decompression chain (bsc#1254866) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-212=1 * SUSE Linux Enterprise Server for SAP Applications 16.0 zypper in -t patch SUSE-SLES-16.0-212=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (noarch) * python313-urllib3-2.5.0-160000.4.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (noarch) * python313-urllib3-2.5.0-160000.4.1 ## References: * https://www.suse.com/security/cve/CVE-2025-66418.html * https://www.suse.com/security/cve/CVE-2025-66471.html * https://bugzilla.suse.com/show_bug.cgi?id=1254866 * https://bugzilla.suse.com/show_bug.cgi?id=1254867 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Feb 3 16:31:16 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 03 Feb 2026 16:31:16 -0000 Subject: SUSE-SU-2026:20188-1: important: Security update for python-python-multipart Message-ID: <177013627602.28774.8990583728128091106@smelt2.prg2.suse.org> # Security update for python-python-multipart Announcement ID: SUSE-SU-2026:20188-1 Release Date: 2026-01-28T16:01:35Z Rating: important References: * bsc#1257301 Cross-References: * CVE-2026-24486 CVSS scores: * CVE-2026-24486 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2026-24486 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L * CVE-2026-24486 ( NVD ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP Applications 16.0 An update that solves one vulnerability can now be installed. ## Description: This update for python-python-multipart fixes the following issues: * CVE-2026-24486: Fixed non-default configuration options can lead to path traversal (bsc#1257301). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-210=1 * SUSE Linux Enterprise Server for SAP Applications 16.0 zypper in -t patch SUSE-SLES-16.0-210=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (noarch) * python313-python-multipart-0.0.20-160000.3.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (noarch) * python313-python-multipart-0.0.20-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-24486.html * https://bugzilla.suse.com/show_bug.cgi?id=1257301 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Feb 3 16:31:19 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 03 Feb 2026 16:31:19 -0000 Subject: SUSE-SU-2026:20187-1: moderate: Security update for python-h2 Message-ID: <177013627942.28774.8950924714605214793@smelt2.prg2.suse.org> # Security update for python-h2 Announcement ID: SUSE-SU-2026:20187-1 Release Date: 2026-01-28T15:48:58Z Rating: moderate References: * bsc#1248737 Cross-References: * CVE-2025-57804 CVSS scores: * CVE-2025-57804 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-57804 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2025-57804 ( NVD ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP Applications 16.0 An update that solves one vulnerability can now be installed. ## Description: This update for python-h2 fixes the following issues: * CVE-2025-57804: Fixed HTTP Request Smuggling due to illegal characters in headers (bsc#1248737) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-207=1 * SUSE Linux Enterprise Server for SAP Applications 16.0 zypper in -t patch SUSE-SLES-16.0-207=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (noarch) * python313-h2-4.2.0-160000.3.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (noarch) * python313-h2-4.2.0-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-57804.html * https://bugzilla.suse.com/show_bug.cgi?id=1248737 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Feb 3 16:31:22 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 03 Feb 2026 16:31:22 -0000 Subject: SUSE-SU-2026:20186-1: low: Security update for xkbcomp Message-ID: <177013628290.28774.11462889577098036509@smelt2.prg2.suse.org> # Security update for xkbcomp Announcement ID: SUSE-SU-2026:20186-1 Release Date: 2026-01-28T15:47:30Z Rating: low References: * bsc#1105832 Cross-References: * CVE-2018-15853 * CVE-2018-15859 * CVE-2018-15861 * CVE-2018-15863 CVSS scores: * CVE-2018-15853 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2018-15853 ( SUSE ): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2018-15853 ( NVD ): 5.5 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2018-15859 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2018-15859 ( SUSE ): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2018-15859 ( NVD ): 5.5 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2018-15861 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2018-15861 ( SUSE ): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2018-15861 ( NVD ): 5.5 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2018-15863 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2018-15863 ( SUSE ): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2018-15863 ( NVD ): 5.5 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP Applications 16.0 An update that solves four vulnerabilities can now be installed. ## Description: This update for xkbcomp fixes the following issues: * CVE-2018-15863, CVE-2018-15861, CVE-2018-15859, CVE-2018-15853: Fixed multiple memory handling and correctness issues (bsc#1105832) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-208=1 * SUSE Linux Enterprise Server for SAP Applications 16.0 zypper in -t patch SUSE-SLES-16.0-208=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * xkbcomp-debuginfo-1.4.7-160000.3.1 * xkbcomp-1.4.7-160000.3.1 * xkbcomp-devel-1.4.7-160000.3.1 * xkbcomp-debugsource-1.4.7-160000.3.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (ppc64le x86_64) * xkbcomp-debuginfo-1.4.7-160000.3.1 * xkbcomp-1.4.7-160000.3.1 * xkbcomp-devel-1.4.7-160000.3.1 * xkbcomp-debugsource-1.4.7-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2018-15853.html * https://www.suse.com/security/cve/CVE-2018-15859.html * https://www.suse.com/security/cve/CVE-2018-15861.html * https://www.suse.com/security/cve/CVE-2018-15863.html * https://bugzilla.suse.com/show_bug.cgi?id=1105832 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Feb 3 16:31:28 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 03 Feb 2026 16:31:28 -0000 Subject: SUSE-SU-2026:20184-1: moderate: Security update for python-FontTools Message-ID: <177013628889.28774.9666413596092435130@smelt2.prg2.suse.org> # Security update for python-FontTools Announcement ID: SUSE-SU-2026:20184-1 Release Date: 2026-01-28T09:54:14Z Rating: moderate References: * bsc#1254366 Cross-References: * CVE-2025-66034 CVSS scores: * CVE-2025-66034 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2025-66034 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:L * CVE-2025-66034 ( NVD ): 6.3 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:L * CVE-2025-66034 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP Applications 16.0 An update that solves one vulnerability can now be installed. ## Description: This update for python-FontTools fixes the following issues: * CVE-2025-66034: Fixed arbitrary file write vulnerability that could lead to remote code execution (bsc#1254366). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-204=1 * SUSE Linux Enterprise Server for SAP Applications 16.0 zypper in -t patch SUSE-SLES-16.0-204=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (noarch) * python313-FontTools-4.53.1-160000.3.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (noarch) * python313-FontTools-4.53.1-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-66034.html * https://bugzilla.suse.com/show_bug.cgi?id=1254366 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Feb 3 16:31:34 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 03 Feb 2026 16:31:34 -0000 Subject: SUSE-SU-2026:20183-1: important: Security update for ImageMagick Message-ID: <177013629410.28774.2270828877322378236@smelt2.prg2.suse.org> # Security update for ImageMagick Announcement ID: SUSE-SU-2026:20183-1 Release Date: 2026-01-28T08:27:48Z Rating: important References: * bsc#1254435 * bsc#1254820 * bsc#1255821 * bsc#1255822 * bsc#1255823 Cross-References: * CVE-2025-65955 * CVE-2025-66628 * CVE-2025-68618 * CVE-2025-68950 * CVE-2025-69204 CVSS scores: * CVE-2025-65955 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-65955 ( SUSE ): 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-65955 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-65955 ( NVD ): 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-66628 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-66628 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-66628 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-68618 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-68618 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-68618 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-68618 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68950 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-68950 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-68950 ( NVD ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-68950 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-69204 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-69204 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-69204 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-69204 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP Applications 16.0 An update that solves five vulnerabilities can now be installed. ## Description: This update for ImageMagick fixes the following issues: * CVE-2025-65955: Fixed use-after-free/double-free in ImageMagick (bsc#1254435) * CVE-2025-66628: Fixed Integer Overflow leading to out of bounds read in ImageMagick (32-bit only) (bsc#1254820) * CVE-2025-68618: Fixed that reading a malicious SVG file may result in a DoS attack (bsc#1255821) * CVE-2025-68950: Fixed check for circular references in mvg files may lead to stack overflow (bsc#1255822) * CVE-2025-69204: Fixed an integer overflow can lead to a DoS attack (bsc#1255823) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-203=1 * SUSE Linux Enterprise Server for SAP Applications 16.0 zypper in -t patch SUSE-SLES-16.0-203=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * ImageMagick-extra-debuginfo-7.1.2.0-160000.5.1 * libMagick++-7_Q16HDRI5-7.1.2.0-160000.5.1 * ImageMagick-debuginfo-7.1.2.0-160000.5.1 * libMagickWand-7_Q16HDRI10-7.1.2.0-160000.5.1 * perl-PerlMagick-debuginfo-7.1.2.0-160000.5.1 * libMagick++-devel-7.1.2.0-160000.5.1 * libMagick++-7_Q16HDRI5-debuginfo-7.1.2.0-160000.5.1 * libMagickCore-7_Q16HDRI10-7.1.2.0-160000.5.1 * ImageMagick-extra-7.1.2.0-160000.5.1 * libMagickWand-7_Q16HDRI10-debuginfo-7.1.2.0-160000.5.1 * ImageMagick-7.1.2.0-160000.5.1 * libMagickCore-7_Q16HDRI10-debuginfo-7.1.2.0-160000.5.1 * ImageMagick-debugsource-7.1.2.0-160000.5.1 * ImageMagick-devel-7.1.2.0-160000.5.1 * perl-PerlMagick-7.1.2.0-160000.5.1 * SUSE Linux Enterprise Server 16.0 (noarch) * ImageMagick-config-7-upstream-websafe-7.1.2.0-160000.5.1 * ImageMagick-doc-7.1.2.0-160000.5.1 * ImageMagick-config-7-SUSE-7.1.2.0-160000.5.1 * ImageMagick-config-7-upstream-open-7.1.2.0-160000.5.1 * ImageMagick-config-7-upstream-limited-7.1.2.0-160000.5.1 * ImageMagick-config-7-upstream-secure-7.1.2.0-160000.5.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (ppc64le x86_64) * ImageMagick-extra-debuginfo-7.1.2.0-160000.5.1 * libMagick++-7_Q16HDRI5-7.1.2.0-160000.5.1 * ImageMagick-debuginfo-7.1.2.0-160000.5.1 * libMagickWand-7_Q16HDRI10-7.1.2.0-160000.5.1 * perl-PerlMagick-debuginfo-7.1.2.0-160000.5.1 * libMagick++-devel-7.1.2.0-160000.5.1 * libMagick++-7_Q16HDRI5-debuginfo-7.1.2.0-160000.5.1 * libMagickCore-7_Q16HDRI10-7.1.2.0-160000.5.1 * ImageMagick-extra-7.1.2.0-160000.5.1 * libMagickWand-7_Q16HDRI10-debuginfo-7.1.2.0-160000.5.1 * ImageMagick-7.1.2.0-160000.5.1 * libMagickCore-7_Q16HDRI10-debuginfo-7.1.2.0-160000.5.1 * ImageMagick-debugsource-7.1.2.0-160000.5.1 * ImageMagick-devel-7.1.2.0-160000.5.1 * perl-PerlMagick-7.1.2.0-160000.5.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (noarch) * ImageMagick-config-7-upstream-websafe-7.1.2.0-160000.5.1 * ImageMagick-doc-7.1.2.0-160000.5.1 * ImageMagick-config-7-SUSE-7.1.2.0-160000.5.1 * ImageMagick-config-7-upstream-open-7.1.2.0-160000.5.1 * ImageMagick-config-7-upstream-limited-7.1.2.0-160000.5.1 * ImageMagick-config-7-upstream-secure-7.1.2.0-160000.5.1 ## References: * https://www.suse.com/security/cve/CVE-2025-65955.html * https://www.suse.com/security/cve/CVE-2025-66628.html * https://www.suse.com/security/cve/CVE-2025-68618.html * https://www.suse.com/security/cve/CVE-2025-68950.html * https://www.suse.com/security/cve/CVE-2025-69204.html * https://bugzilla.suse.com/show_bug.cgi?id=1254435 * https://bugzilla.suse.com/show_bug.cgi?id=1254820 * https://bugzilla.suse.com/show_bug.cgi?id=1255821 * https://bugzilla.suse.com/show_bug.cgi?id=1255822 * https://bugzilla.suse.com/show_bug.cgi?id=1255823 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Feb 3 16:31:36 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 03 Feb 2026 16:31:36 -0000 Subject: SUSE-SU-2026:20182-1: moderate: Security update for cockpit-subscriptions Message-ID: <177013629618.28774.2385728016357855503@smelt2.prg2.suse.org> # Security update for cockpit-subscriptions Announcement ID: SUSE-SU-2026:20182-1 Release Date: 2026-01-27T20:39:51Z Rating: moderate References: * bsc#1255425 Cross-References: * CVE-2025-64718 CVSS scores: * CVE-2025-64718 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-64718 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L * CVE-2025-64718 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP Applications 16.0 An update that solves one vulnerability can now be installed. ## Description: This update for cockpit-subscriptions fixes the following issues: Update to version 12.1: * CVE-2025-64718: js-yaml: fixed prototype pollution in merge (bsc#1255425). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-202=1 * SUSE Linux Enterprise Server for SAP Applications 16.0 zypper in -t patch SUSE-SLES-16.0-202=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (noarch) * cockpit-subscriptions-12.1-160000.1.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (noarch) * cockpit-subscriptions-12.1-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-64718.html * https://bugzilla.suse.com/show_bug.cgi?id=1255425 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Feb 3 16:31:52 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 03 Feb 2026 16:31:52 -0000 Subject: SUSE-SU-2026:0364-1: moderate: Security update for libpng16 Message-ID: <177013631291.28774.12930874065695385126@smelt2.prg2.suse.org> # Security update for libpng16 Announcement ID: SUSE-SU-2026:0364-1 Release Date: 2026-02-03T09:51:01Z Rating: moderate References: * bsc#1257364 * bsc#1257365 Cross-References: * CVE-2025-28162 * CVE-2025-28164 CVSS scores: * CVE-2025-28162 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-28162 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-28162 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-28164 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-28164 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-28164 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves two vulnerabilities can now be installed. ## Description: This update for libpng16 fixes the following issues: * CVE-2025-28162: memory leaks when running `pngimage` (bsc#1257364). * CVE-2025-28164: memory leaks when running `pngimage` (bsc#1257365). * CVE-2026-22695: Fixed heap buffer over-read in png_image_finish_read (bsc#1256525). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-364=1 openSUSE-SLE-15.6-2026-364=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-364=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libpng16-16-debuginfo-1.6.40-150600.3.9.1 * libpng16-tools-debuginfo-1.6.40-150600.3.9.1 * libpng16-compat-devel-1.6.40-150600.3.9.1 * libpng16-devel-1.6.40-150600.3.9.1 * libpng16-tools-1.6.40-150600.3.9.1 * libpng16-16-1.6.40-150600.3.9.1 * libpng16-debugsource-1.6.40-150600.3.9.1 * openSUSE Leap 15.6 (x86_64) * libpng16-16-32bit-debuginfo-1.6.40-150600.3.9.1 * libpng16-devel-32bit-1.6.40-150600.3.9.1 * libpng16-compat-devel-32bit-1.6.40-150600.3.9.1 * libpng16-16-32bit-1.6.40-150600.3.9.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libpng16-16-64bit-debuginfo-1.6.40-150600.3.9.1 * libpng16-16-64bit-1.6.40-150600.3.9.1 * libpng16-devel-64bit-1.6.40-150600.3.9.1 * libpng16-compat-devel-64bit-1.6.40-150600.3.9.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libpng16-16-debuginfo-1.6.40-150600.3.9.1 * libpng16-compat-devel-1.6.40-150600.3.9.1 * libpng16-devel-1.6.40-150600.3.9.1 * libpng16-16-1.6.40-150600.3.9.1 * libpng16-debugsource-1.6.40-150600.3.9.1 * Basesystem Module 15-SP7 (x86_64) * libpng16-16-32bit-debuginfo-1.6.40-150600.3.9.1 * libpng16-16-32bit-1.6.40-150600.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2025-28162.html * https://www.suse.com/security/cve/CVE-2025-28164.html * https://bugzilla.suse.com/show_bug.cgi?id=1257364 * https://bugzilla.suse.com/show_bug.cgi?id=1257365 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Feb 3 16:31:57 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 03 Feb 2026 16:31:57 -0000 Subject: SUSE-SU-2026:0363-1: important: Security update for java-21-openjdk Message-ID: <177013631770.28774.13815802557489665045@smelt2.prg2.suse.org> # Security update for java-21-openjdk Announcement ID: SUSE-SU-2026:0363-1 Release Date: 2026-02-03T09:39:29Z Rating: important References: * bsc#1257034 * bsc#1257036 * bsc#1257037 * bsc#1257038 * jsc#PED-14507 * jsc#PED-15217 Cross-References: * CVE-2026-21925 * CVE-2026-21932 * CVE-2026-21933 * CVE-2026-21945 CVSS scores: * CVE-2026-21925 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-21925 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-21932 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N * CVE-2026-21932 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N * CVE-2026-21933 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-21933 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-21945 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-21945 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves four vulnerabilities and contains two features can now be installed. ## Description: This update for java-21-openjdk fixes the following issues: Update to upstream tag jdk-21.0.10+7 (January 2026 CPU) Security fixes: * CVE-2026-21925: Fixed Oracle Java SE component RMI (bsc#1257034). * CVE-2026-21932: Fixed Oracle Java SE component AWT and JavaFX (bsc#1257036). * CVE-2026-21933: Fixed Oracle Java SE component Networking (bsc#1257037). * CVE-2026-21945: Fixed Oracle Java SE component Security (bsc#1257038). Other fixes: * Do not depend on update-desktop-files (jsc#PED-14507, jsc#PED-15217). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-363=1 openSUSE-SLE-15.6-2026-363=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-363=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-363=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-363=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * java-21-openjdk-devel-debuginfo-21.0.10.0-150600.3.23.1 * java-21-openjdk-demo-21.0.10.0-150600.3.23.1 * java-21-openjdk-src-21.0.10.0-150600.3.23.1 * java-21-openjdk-21.0.10.0-150600.3.23.1 * java-21-openjdk-headless-debuginfo-21.0.10.0-150600.3.23.1 * java-21-openjdk-devel-21.0.10.0-150600.3.23.1 * java-21-openjdk-headless-21.0.10.0-150600.3.23.1 * java-21-openjdk-jmods-21.0.10.0-150600.3.23.1 * java-21-openjdk-debugsource-21.0.10.0-150600.3.23.1 * java-21-openjdk-debuginfo-21.0.10.0-150600.3.23.1 * openSUSE Leap 15.6 (noarch) * java-21-openjdk-javadoc-21.0.10.0-150600.3.23.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * java-21-openjdk-devel-debuginfo-21.0.10.0-150600.3.23.1 * java-21-openjdk-demo-21.0.10.0-150600.3.23.1 * java-21-openjdk-21.0.10.0-150600.3.23.1 * java-21-openjdk-headless-debuginfo-21.0.10.0-150600.3.23.1 * java-21-openjdk-devel-21.0.10.0-150600.3.23.1 * java-21-openjdk-headless-21.0.10.0-150600.3.23.1 * java-21-openjdk-debugsource-21.0.10.0-150600.3.23.1 * java-21-openjdk-debuginfo-21.0.10.0-150600.3.23.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * java-21-openjdk-devel-debuginfo-21.0.10.0-150600.3.23.1 * java-21-openjdk-demo-21.0.10.0-150600.3.23.1 * java-21-openjdk-21.0.10.0-150600.3.23.1 * java-21-openjdk-headless-debuginfo-21.0.10.0-150600.3.23.1 * java-21-openjdk-devel-21.0.10.0-150600.3.23.1 * java-21-openjdk-headless-21.0.10.0-150600.3.23.1 * java-21-openjdk-debugsource-21.0.10.0-150600.3.23.1 * java-21-openjdk-debuginfo-21.0.10.0-150600.3.23.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * java-21-openjdk-devel-debuginfo-21.0.10.0-150600.3.23.1 * java-21-openjdk-demo-21.0.10.0-150600.3.23.1 * java-21-openjdk-21.0.10.0-150600.3.23.1 * java-21-openjdk-headless-debuginfo-21.0.10.0-150600.3.23.1 * java-21-openjdk-devel-21.0.10.0-150600.3.23.1 * java-21-openjdk-headless-21.0.10.0-150600.3.23.1 * java-21-openjdk-debugsource-21.0.10.0-150600.3.23.1 * java-21-openjdk-debuginfo-21.0.10.0-150600.3.23.1 ## References: * https://www.suse.com/security/cve/CVE-2026-21925.html * https://www.suse.com/security/cve/CVE-2026-21932.html * https://www.suse.com/security/cve/CVE-2026-21933.html * https://www.suse.com/security/cve/CVE-2026-21945.html * https://bugzilla.suse.com/show_bug.cgi?id=1257034 * https://bugzilla.suse.com/show_bug.cgi?id=1257036 * https://bugzilla.suse.com/show_bug.cgi?id=1257037 * https://bugzilla.suse.com/show_bug.cgi?id=1257038 * https://jira.suse.com/browse/PED-14507 * https://jira.suse.com/browse/PED-15217 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Feb 3 20:30:04 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 03 Feb 2026 20:30:04 -0000 Subject: SUSE-SU-2026:0370-1: moderate: Security update for php8 Message-ID: <177015060499.17387.12046508881714321651@smelt2.prg2.suse.org> # Security update for php8 Announcement ID: SUSE-SU-2026:0370-1 Release Date: 2026-02-03T15:20:51Z Rating: moderate References: * bsc#1255711 Cross-References: * CVE-2025-14178 CVSS scores: * CVE-2025-14178 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-14178 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2025-14178 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2025-14178 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H Affected Products: * openSUSE Leap 15.4 An update that solves one vulnerability can now be installed. ## Description: This update for php8 fixes the following issues: * CVE-2025-14178: heap buffer overflow occurs in array_merge() when the total element count of packed arrays exceeds 32-bit limits or HT_MAX_SIZE (bsc#1255711). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-370=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * php8-xmlwriter-debuginfo-8.0.30-150400.4.60.1 * php8-odbc-8.0.30-150400.4.60.1 * php8-pcntl-debuginfo-8.0.30-150400.4.60.1 * php8-gettext-8.0.30-150400.4.60.1 * php8-snmp-8.0.30-150400.4.60.1 * php8-dom-8.0.30-150400.4.60.1 * php8-zip-debuginfo-8.0.30-150400.4.60.1 * php8-mysql-8.0.30-150400.4.60.1 * php8-tokenizer-8.0.30-150400.4.60.1 * php8-xmlreader-debuginfo-8.0.30-150400.4.60.1 * php8-soap-8.0.30-150400.4.60.1 * php8-fileinfo-8.0.30-150400.4.60.1 * php8-bz2-debuginfo-8.0.30-150400.4.60.1 * php8-calendar-debuginfo-8.0.30-150400.4.60.1 * php8-bcmath-debuginfo-8.0.30-150400.4.60.1 * php8-ctype-8.0.30-150400.4.60.1 * php8-xsl-debuginfo-8.0.30-150400.4.60.1 * php8-mysql-debuginfo-8.0.30-150400.4.60.1 * php8-sockets-8.0.30-150400.4.60.1 * php8-pgsql-8.0.30-150400.4.60.1 * php8-soap-debuginfo-8.0.30-150400.4.60.1 * php8-xmlwriter-8.0.30-150400.4.60.1 * php8-mbstring-debuginfo-8.0.30-150400.4.60.1 * php8-zip-8.0.30-150400.4.60.1 * php8-cli-debuginfo-8.0.30-150400.4.60.1 * php8-exif-debuginfo-8.0.30-150400.4.60.1 * php8-opcache-8.0.30-150400.4.60.1 * php8-opcache-debuginfo-8.0.30-150400.4.60.1 * php8-debuginfo-8.0.30-150400.4.60.1 * php8-zlib-8.0.30-150400.4.60.1 * php8-enchant-8.0.30-150400.4.60.1 * php8-bz2-8.0.30-150400.4.60.1 * php8-sodium-8.0.30-150400.4.60.1 * php8-snmp-debuginfo-8.0.30-150400.4.60.1 * php8-pdo-8.0.30-150400.4.60.1 * php8-shmop-8.0.30-150400.4.60.1 * apache2-mod_php8-debugsource-8.0.30-150400.4.60.1 * php8-sysvmsg-debuginfo-8.0.30-150400.4.60.1 * php8-sockets-debuginfo-8.0.30-150400.4.60.1 * php8-tokenizer-debuginfo-8.0.30-150400.4.60.1 * php8-debugsource-8.0.30-150400.4.60.1 * php8-fastcgi-8.0.30-150400.4.60.1 * php8-cli-8.0.30-150400.4.60.1 * php8-exif-8.0.30-150400.4.60.1 * php8-openssl-debuginfo-8.0.30-150400.4.60.1 * php8-gd-debuginfo-8.0.30-150400.4.60.1 * php8-gd-8.0.30-150400.4.60.1 * php8-phar-8.0.30-150400.4.60.1 * php8-sysvshm-8.0.30-150400.4.60.1 * php8-xmlreader-8.0.30-150400.4.60.1 * php8-posix-debuginfo-8.0.30-150400.4.60.1 * php8-fastcgi-debugsource-8.0.30-150400.4.60.1 * php8-xsl-8.0.30-150400.4.60.1 * php8-sysvshm-debuginfo-8.0.30-150400.4.60.1 * php8-phar-debuginfo-8.0.30-150400.4.60.1 * php8-fastcgi-debuginfo-8.0.30-150400.4.60.1 * apache2-mod_php8-debuginfo-8.0.30-150400.4.60.1 * php8-curl-debuginfo-8.0.30-150400.4.60.1 * php8-openssl-8.0.30-150400.4.60.1 * php8-embed-debuginfo-8.0.30-150400.4.60.1 * php8-tidy-debuginfo-8.0.30-150400.4.60.1 * php8-dom-debuginfo-8.0.30-150400.4.60.1 * php8-ftp-8.0.30-150400.4.60.1 * php8-sqlite-8.0.30-150400.4.60.1 * php8-pdo-debuginfo-8.0.30-150400.4.60.1 * php8-readline-8.0.30-150400.4.60.1 * php8-embed-8.0.30-150400.4.60.1 * php8-embed-debugsource-8.0.30-150400.4.60.1 * php8-intl-8.0.30-150400.4.60.1 * php8-zlib-debuginfo-8.0.30-150400.4.60.1 * php8-sqlite-debuginfo-8.0.30-150400.4.60.1 * php8-ldap-debuginfo-8.0.30-150400.4.60.1 * php8-mbstring-8.0.30-150400.4.60.1 * php8-sysvsem-debuginfo-8.0.30-150400.4.60.1 * php8-iconv-8.0.30-150400.4.60.1 * php8-curl-8.0.30-150400.4.60.1 * php8-fpm-debuginfo-8.0.30-150400.4.60.1 * php8-gettext-debuginfo-8.0.30-150400.4.60.1 * php8-calendar-8.0.30-150400.4.60.1 * php8-devel-8.0.30-150400.4.60.1 * php8-sodium-debuginfo-8.0.30-150400.4.60.1 * php8-ftp-debuginfo-8.0.30-150400.4.60.1 * php8-sysvsem-8.0.30-150400.4.60.1 * php8-sysvmsg-8.0.30-150400.4.60.1 * php8-posix-8.0.30-150400.4.60.1 * php8-intl-debuginfo-8.0.30-150400.4.60.1 * php8-bcmath-8.0.30-150400.4.60.1 * php8-ctype-debuginfo-8.0.30-150400.4.60.1 * php8-fpm-8.0.30-150400.4.60.1 * php8-test-8.0.30-150400.4.60.1 * php8-8.0.30-150400.4.60.1 * php8-dba-8.0.30-150400.4.60.1 * apache2-mod_php8-8.0.30-150400.4.60.1 * php8-dba-debuginfo-8.0.30-150400.4.60.1 * php8-gmp-debuginfo-8.0.30-150400.4.60.1 * php8-fpm-debugsource-8.0.30-150400.4.60.1 * php8-iconv-debuginfo-8.0.30-150400.4.60.1 * php8-ldap-8.0.30-150400.4.60.1 * php8-gmp-8.0.30-150400.4.60.1 * php8-odbc-debuginfo-8.0.30-150400.4.60.1 * php8-fileinfo-debuginfo-8.0.30-150400.4.60.1 * php8-enchant-debuginfo-8.0.30-150400.4.60.1 * php8-pgsql-debuginfo-8.0.30-150400.4.60.1 * php8-shmop-debuginfo-8.0.30-150400.4.60.1 * php8-readline-debuginfo-8.0.30-150400.4.60.1 * php8-pcntl-8.0.30-150400.4.60.1 * php8-tidy-8.0.30-150400.4.60.1 ## References: * https://www.suse.com/security/cve/CVE-2025-14178.html * https://bugzilla.suse.com/show_bug.cgi?id=1255711 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Feb 3 20:31:39 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 03 Feb 2026 20:31:39 -0000 Subject: SUSE-SU-2026:0369-1: important: Security update for the Linux Kernel Message-ID: <177015069981.17387.3484675869838918642@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:0369-1 Release Date: 2026-02-03T13:42:48Z Rating: important References: * bsc#1065729 * bsc#1196823 * bsc#1204957 * bsc#1206889 * bsc#1207051 * bsc#1207088 * bsc#1207653 * bsc#1209799 * bsc#1213653 * bsc#1213969 * bsc#1225109 * bsc#1228015 * bsc#1245210 * bsc#1245751 * bsc#1249739 * bsc#1249871 * bsc#1250397 * bsc#1252678 * bsc#1254520 * bsc#1254592 * bsc#1254614 * bsc#1254615 * bsc#1254632 * bsc#1254634 * bsc#1254686 * bsc#1254711 * bsc#1254751 * bsc#1254763 * bsc#1254775 * bsc#1254785 * bsc#1254792 * bsc#1254813 * bsc#1254847 * bsc#1254851 * bsc#1254894 * bsc#1254902 * bsc#1254959 * bsc#1255002 * bsc#1255565 * bsc#1255576 * bsc#1255607 * bsc#1255609 * bsc#1255636 * bsc#1255844 * bsc#1255901 * bsc#1255908 * bsc#1255919 * bsc#1256040 * bsc#1256045 * bsc#1256048 * bsc#1256049 * bsc#1256053 * bsc#1256056 * bsc#1256064 * bsc#1256095 * bsc#1256127 * bsc#1256132 * bsc#1256136 * bsc#1256137 * bsc#1256143 * bsc#1256154 * bsc#1256165 * bsc#1256194 * bsc#1256203 * bsc#1256207 * bsc#1256208 * bsc#1256216 * bsc#1256230 * bsc#1256242 * bsc#1256248 * bsc#1256333 * bsc#1256344 * bsc#1256353 * bsc#1256426 * bsc#1256641 * bsc#1256779 * jsc#SLE-13847 Cross-References: * CVE-2022-0854 * CVE-2022-48853 * CVE-2022-50282 * CVE-2022-50623 * CVE-2022-50630 * CVE-2022-50635 * CVE-2022-50640 * CVE-2022-50641 * CVE-2022-50644 * CVE-2022-50646 * CVE-2022-50649 * CVE-2022-50668 * CVE-2022-50671 * CVE-2022-50678 * CVE-2022-50700 * CVE-2022-50703 * CVE-2022-50709 * CVE-2022-50717 * CVE-2022-50726 * CVE-2022-50730 * CVE-2022-50731 * CVE-2022-50733 * CVE-2022-50736 * CVE-2022-50742 * CVE-2022-50744 * CVE-2022-50756 * CVE-2022-50758 * CVE-2022-50767 * CVE-2022-50814 * CVE-2022-50821 * CVE-2022-50823 * CVE-2022-50827 * CVE-2022-50828 * CVE-2022-50840 * CVE-2022-50843 * CVE-2022-50850 * CVE-2022-50870 * CVE-2022-50876 * CVE-2022-50880 * CVE-2022-50884 * CVE-2022-50889 * CVE-2023-23559 * CVE-2023-4132 * CVE-2023-53215 * CVE-2023-53254 * CVE-2023-53761 * CVE-2023-53781 * CVE-2023-54019 * CVE-2023-54024 * CVE-2023-54110 * CVE-2023-54142 * CVE-2023-54168 * CVE-2023-54170 * CVE-2023-54242 * CVE-2023-54243 * CVE-2023-54270 * CVE-2025-38068 * CVE-2025-38159 * CVE-2025-40019 * CVE-2025-40215 * CVE-2025-40220 * CVE-2025-40233 * CVE-2025-40256 * CVE-2025-40277 * CVE-2025-40280 * CVE-2025-40331 * CVE-2025-68813 * CVE-2025-71120 CVSS scores: * CVE-2022-0854 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-0854 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-48853 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48853 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-50282 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-50282 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-50282 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-50623 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-50630 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-50635 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-50640 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-50640 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-50641 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-50641 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-50644 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-50644 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-50646 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-50646 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-50649 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-50649 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-50668 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-50671 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-50678 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-50700 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-50700 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-50703 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-50709 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-50709 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2022-50717 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-50717 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-50726 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-50726 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-50730 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-50731 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-50733 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-50733 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-50736 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-50736 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-50742 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-50742 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-50744 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-50744 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-50756 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-50756 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-50758 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-50758 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2022-50767 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H * CVE-2022-50814 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-50821 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-50823 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-50823 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-50827 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-50827 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-50828 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-50840 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-50843 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-50850 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-50870 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-50876 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-50880 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-50884 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-50889 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-50889 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-23559 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L * CVE-2023-23559 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-23559 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-4132 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-4132 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-4132 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-53215 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2023-53215 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2023-53215 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-53215 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-53254 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2023-53254 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-53254 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2023-53254 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2023-53761 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2023-53761 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-53781 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2023-53781 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-54019 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-54024 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-54110 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-54142 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2023-54142 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-54168 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-54170 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-54242 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-54242 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-54243 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2023-54243 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2023-54270 ( SUSE ): 5.4 CVSS:4.0/AV:P/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2023-54270 ( SUSE ): 6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38068 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38068 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38068 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38159 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38159 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38159 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-40019 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40019 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40215 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40215 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40220 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-40220 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-40233 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40256 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40277 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40280 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40280 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40331 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68813 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68813 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-71120 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-71120 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that solves 68 vulnerabilities, contains one feature and has eight security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP3 kernel was updated to fix various security issues The following security issues were fixed: * CVE-2022-50282: chardev: fix error handling in cdev_device_add() (bsc#1249739). * CVE-2022-50630: mm: hugetlb: fix UAF in hugetlb_handle_userfault (bsc#1254785). * CVE-2022-50700: wifi: ath10k: Delay the unmapping of the buffer (bsc#1255576). * CVE-2022-50717: nvmet-tcp: add bounds check on Transfer Tag (bsc#1255844). * CVE-2022-50726: net/mlx5: Fix possible use-after-free in async command interface (bsc#1256040). * CVE-2022-50736: RDMA/siw: Fix immediate work request flush to completion queue (bsc#1256137). * CVE-2022-50756: nvme-core: replace ctrl page size with a macro (bsc#1256216). * CVE-2023-53215: sched/fair: Don't balance task to its current running CPU (bsc#1250397). * CVE-2023-53254: cacheinfo: Fix shared_cpu_map to handle shared caches at different levels (bsc#1249871). * CVE-2023-53761: USB: usbtmc: Fix direction for 0-length ioctl control messages (bsc#1255002). * CVE-2023-53781: smc: Fix use-after-free in tcp_write_timer_handler() (bsc#1254751). * CVE-2023-54142: gtp: Fix use-after-free in __gtp_encap_destroy() (bsc#1256095). * CVE-2023-54168: RDMA/mlx4: Prevent shift wrapping in set_user_sq_size() (bsc#1256053). * CVE-2023-54243: netfilter: ebtables: fix table blob use-after-free (bsc#1255908). * CVE-2025-38068: crypto: lzo - Fix compression buffer overrun (bsc#1245210). * CVE-2025-38159: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (bsc#1245751). * CVE-2025-40019: crypto: essiv - Check ssize for decryption and in-place encryption (bsc#1252678). * CVE-2025-40215: kABI: xfrm: delete x->tunnel as we delete x (bsc#1254959). * CVE-2025-40220: fuse: fix livelock in synchronous file put from fuseblk workers (bsc#1254520). * CVE-2025-40233: ocfs2: clear extent cache after moving/defragmenting extents (bsc#1254813). * CVE-2025-40277: drm/vmwgfx: Validate command header size against (bsc#1254894). * CVE-2025-40280: tipc: Fix use-after-free in tipc_mon_reinit_self() (bsc#1254847). * CVE-2025-40331: sctp: Prevent TOCTOU out-of-bounds write (bsc#1254615). * CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256641). * CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256779). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2026-369=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2026-369=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2026-369=1 ## Package List: * openSUSE Leap 15.3 (noarch nosrc) * kernel-docs-5.3.18-150300.59.232.1 * openSUSE Leap 15.3 (noarch) * kernel-docs-html-5.3.18-150300.59.232.1 * kernel-source-vanilla-5.3.18-150300.59.232.1 * kernel-devel-5.3.18-150300.59.232.1 * kernel-macros-5.3.18-150300.59.232.1 * kernel-source-5.3.18-150300.59.232.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64) * kernel-default-optional-debuginfo-5.3.18-150300.59.232.1 * kernel-obs-build-5.3.18-150300.59.232.1 * kernel-default-debuginfo-5.3.18-150300.59.232.1 * kernel-default-extra-5.3.18-150300.59.232.1 * kernel-syms-5.3.18-150300.59.232.1 * kernel-default-devel-5.3.18-150300.59.232.1 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.232.1 * gfs2-kmp-default-debuginfo-5.3.18-150300.59.232.1 * ocfs2-kmp-default-debuginfo-5.3.18-150300.59.232.1 * cluster-md-kmp-default-5.3.18-150300.59.232.1 * reiserfs-kmp-default-5.3.18-150300.59.232.1 * kernel-obs-qa-5.3.18-150300.59.232.1 * kernel-default-debugsource-5.3.18-150300.59.232.1 * kernel-default-livepatch-5.3.18-150300.59.232.1 * kernel-default-base-5.3.18-150300.59.232.1.150300.18.138.1 * kernel-default-base-rebuild-5.3.18-150300.59.232.1.150300.18.138.1 * dlm-kmp-default-5.3.18-150300.59.232.1 * kselftests-kmp-default-debuginfo-5.3.18-150300.59.232.1 * kselftests-kmp-default-5.3.18-150300.59.232.1 * ocfs2-kmp-default-5.3.18-150300.59.232.1 * cluster-md-kmp-default-debuginfo-5.3.18-150300.59.232.1 * dlm-kmp-default-debuginfo-5.3.18-150300.59.232.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.232.1 * kernel-obs-build-debugsource-5.3.18-150300.59.232.1 * kernel-default-extra-debuginfo-5.3.18-150300.59.232.1 * kernel-default-optional-5.3.18-150300.59.232.1 * gfs2-kmp-default-5.3.18-150300.59.232.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.3.18-150300.59.232.1 * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-default-livepatch-devel-5.3.18-150300.59.232.1 * openSUSE Leap 15.3 (nosrc ppc64le x86_64) * kernel-kvmsmall-5.3.18-150300.59.232.1 * openSUSE Leap 15.3 (ppc64le x86_64) * kernel-kvmsmall-devel-5.3.18-150300.59.232.1 * kernel-kvmsmall-debuginfo-5.3.18-150300.59.232.1 * kernel-kvmsmall-devel-debuginfo-5.3.18-150300.59.232.1 * kernel-kvmsmall-debugsource-5.3.18-150300.59.232.1 * openSUSE Leap 15.3 (aarch64 x86_64) * gfs2-kmp-preempt-debuginfo-5.3.18-150300.59.232.1 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.232.1 * kernel-preempt-debugsource-5.3.18-150300.59.232.1 * kernel-preempt-extra-5.3.18-150300.59.232.1 * kernel-preempt-optional-debuginfo-5.3.18-150300.59.232.1 * kselftests-kmp-preempt-5.3.18-150300.59.232.1 * dlm-kmp-preempt-debuginfo-5.3.18-150300.59.232.1 * kernel-preempt-extra-debuginfo-5.3.18-150300.59.232.1 * kselftests-kmp-preempt-debuginfo-5.3.18-150300.59.232.1 * cluster-md-kmp-preempt-5.3.18-150300.59.232.1 * kernel-preempt-optional-5.3.18-150300.59.232.1 * kernel-preempt-devel-5.3.18-150300.59.232.1 * kernel-preempt-debuginfo-5.3.18-150300.59.232.1 * reiserfs-kmp-preempt-5.3.18-150300.59.232.1 * reiserfs-kmp-preempt-debuginfo-5.3.18-150300.59.232.1 * gfs2-kmp-preempt-5.3.18-150300.59.232.1 * ocfs2-kmp-preempt-debuginfo-5.3.18-150300.59.232.1 * dlm-kmp-preempt-5.3.18-150300.59.232.1 * cluster-md-kmp-preempt-debuginfo-5.3.18-150300.59.232.1 * ocfs2-kmp-preempt-5.3.18-150300.59.232.1 * openSUSE Leap 15.3 (aarch64 nosrc x86_64) * kernel-preempt-5.3.18-150300.59.232.1 * openSUSE Leap 15.3 (nosrc s390x) * kernel-zfcpdump-5.3.18-150300.59.232.1 * openSUSE Leap 15.3 (s390x) * kernel-zfcpdump-debugsource-5.3.18-150300.59.232.1 * kernel-zfcpdump-debuginfo-5.3.18-150300.59.232.1 * openSUSE Leap 15.3 (nosrc) * dtb-aarch64-5.3.18-150300.59.232.1 * openSUSE Leap 15.3 (aarch64) * dtb-al-5.3.18-150300.59.232.1 * dtb-exynos-5.3.18-150300.59.232.1 * dtb-amd-5.3.18-150300.59.232.1 * kselftests-kmp-64kb-5.3.18-150300.59.232.1 * dtb-allwinner-5.3.18-150300.59.232.1 * dtb-rockchip-5.3.18-150300.59.232.1 * cluster-md-kmp-64kb-debuginfo-5.3.18-150300.59.232.1 * ocfs2-kmp-64kb-debuginfo-5.3.18-150300.59.232.1 * gfs2-kmp-64kb-5.3.18-150300.59.232.1 * dtb-cavium-5.3.18-150300.59.232.1 * dtb-broadcom-5.3.18-150300.59.232.1 * dtb-arm-5.3.18-150300.59.232.1 * dtb-nvidia-5.3.18-150300.59.232.1 * kernel-64kb-debuginfo-5.3.18-150300.59.232.1 * dtb-amlogic-5.3.18-150300.59.232.1 * dtb-qcom-5.3.18-150300.59.232.1 * cluster-md-kmp-64kb-5.3.18-150300.59.232.1 * gfs2-kmp-64kb-debuginfo-5.3.18-150300.59.232.1 * kernel-64kb-extra-debuginfo-5.3.18-150300.59.232.1 * reiserfs-kmp-64kb-debuginfo-5.3.18-150300.59.232.1 * dtb-altera-5.3.18-150300.59.232.1 * dtb-sprd-5.3.18-150300.59.232.1 * kernel-64kb-extra-5.3.18-150300.59.232.1 * dtb-marvell-5.3.18-150300.59.232.1 * kernel-64kb-devel-5.3.18-150300.59.232.1 * kernel-64kb-optional-debuginfo-5.3.18-150300.59.232.1 * dtb-renesas-5.3.18-150300.59.232.1 * dtb-zte-5.3.18-150300.59.232.1 * reiserfs-kmp-64kb-5.3.18-150300.59.232.1 * dtb-freescale-5.3.18-150300.59.232.1 * dlm-kmp-64kb-5.3.18-150300.59.232.1 * dtb-xilinx-5.3.18-150300.59.232.1 * dtb-mediatek-5.3.18-150300.59.232.1 * kernel-64kb-devel-debuginfo-5.3.18-150300.59.232.1 * kselftests-kmp-64kb-debuginfo-5.3.18-150300.59.232.1 * ocfs2-kmp-64kb-5.3.18-150300.59.232.1 * dlm-kmp-64kb-debuginfo-5.3.18-150300.59.232.1 * kernel-64kb-debugsource-5.3.18-150300.59.232.1 * kernel-64kb-optional-5.3.18-150300.59.232.1 * dtb-lg-5.3.18-150300.59.232.1 * dtb-hisilicon-5.3.18-150300.59.232.1 * dtb-apm-5.3.18-150300.59.232.1 * dtb-socionext-5.3.18-150300.59.232.1 * openSUSE Leap 15.3 (aarch64 nosrc) * kernel-64kb-5.3.18-150300.59.232.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 nosrc s390x x86_64) * kernel-default-5.3.18-150300.59.232.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 x86_64) * kernel-default-base-5.3.18-150300.59.232.1.150300.18.138.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * kernel-default-debugsource-5.3.18-150300.59.232.1 * kernel-default-debuginfo-5.3.18-150300.59.232.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 nosrc s390x x86_64) * kernel-default-5.3.18-150300.59.232.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 x86_64) * kernel-default-base-5.3.18-150300.59.232.1.150300.18.138.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * kernel-default-debugsource-5.3.18-150300.59.232.1 * kernel-default-debuginfo-5.3.18-150300.59.232.1 ## References: * https://www.suse.com/security/cve/CVE-2022-0854.html * https://www.suse.com/security/cve/CVE-2022-48853.html * https://www.suse.com/security/cve/CVE-2022-50282.html * https://www.suse.com/security/cve/CVE-2022-50623.html * https://www.suse.com/security/cve/CVE-2022-50630.html * https://www.suse.com/security/cve/CVE-2022-50635.html * https://www.suse.com/security/cve/CVE-2022-50640.html * https://www.suse.com/security/cve/CVE-2022-50641.html * https://www.suse.com/security/cve/CVE-2022-50644.html * https://www.suse.com/security/cve/CVE-2022-50646.html * https://www.suse.com/security/cve/CVE-2022-50649.html * https://www.suse.com/security/cve/CVE-2022-50668.html * https://www.suse.com/security/cve/CVE-2022-50671.html * https://www.suse.com/security/cve/CVE-2022-50678.html * https://www.suse.com/security/cve/CVE-2022-50700.html * https://www.suse.com/security/cve/CVE-2022-50703.html * https://www.suse.com/security/cve/CVE-2022-50709.html * https://www.suse.com/security/cve/CVE-2022-50717.html * https://www.suse.com/security/cve/CVE-2022-50726.html * https://www.suse.com/security/cve/CVE-2022-50730.html * https://www.suse.com/security/cve/CVE-2022-50731.html * https://www.suse.com/security/cve/CVE-2022-50733.html * https://www.suse.com/security/cve/CVE-2022-50736.html * https://www.suse.com/security/cve/CVE-2022-50742.html * https://www.suse.com/security/cve/CVE-2022-50744.html * https://www.suse.com/security/cve/CVE-2022-50756.html * https://www.suse.com/security/cve/CVE-2022-50758.html * https://www.suse.com/security/cve/CVE-2022-50767.html * https://www.suse.com/security/cve/CVE-2022-50814.html * https://www.suse.com/security/cve/CVE-2022-50821.html * https://www.suse.com/security/cve/CVE-2022-50823.html * https://www.suse.com/security/cve/CVE-2022-50827.html * https://www.suse.com/security/cve/CVE-2022-50828.html * https://www.suse.com/security/cve/CVE-2022-50840.html * https://www.suse.com/security/cve/CVE-2022-50843.html * https://www.suse.com/security/cve/CVE-2022-50850.html * https://www.suse.com/security/cve/CVE-2022-50870.html * https://www.suse.com/security/cve/CVE-2022-50876.html * https://www.suse.com/security/cve/CVE-2022-50880.html * https://www.suse.com/security/cve/CVE-2022-50884.html * https://www.suse.com/security/cve/CVE-2022-50889.html * https://www.suse.com/security/cve/CVE-2023-23559.html * https://www.suse.com/security/cve/CVE-2023-4132.html * https://www.suse.com/security/cve/CVE-2023-53215.html * https://www.suse.com/security/cve/CVE-2023-53254.html * https://www.suse.com/security/cve/CVE-2023-53761.html * https://www.suse.com/security/cve/CVE-2023-53781.html * https://www.suse.com/security/cve/CVE-2023-54019.html * https://www.suse.com/security/cve/CVE-2023-54024.html * https://www.suse.com/security/cve/CVE-2023-54110.html * https://www.suse.com/security/cve/CVE-2023-54142.html * https://www.suse.com/security/cve/CVE-2023-54168.html * https://www.suse.com/security/cve/CVE-2023-54170.html * https://www.suse.com/security/cve/CVE-2023-54242.html * https://www.suse.com/security/cve/CVE-2023-54243.html * https://www.suse.com/security/cve/CVE-2023-54270.html * https://www.suse.com/security/cve/CVE-2025-38068.html * https://www.suse.com/security/cve/CVE-2025-38159.html * https://www.suse.com/security/cve/CVE-2025-40019.html * https://www.suse.com/security/cve/CVE-2025-40215.html * https://www.suse.com/security/cve/CVE-2025-40220.html * https://www.suse.com/security/cve/CVE-2025-40233.html * https://www.suse.com/security/cve/CVE-2025-40256.html * https://www.suse.com/security/cve/CVE-2025-40277.html * https://www.suse.com/security/cve/CVE-2025-40280.html * https://www.suse.com/security/cve/CVE-2025-40331.html * https://www.suse.com/security/cve/CVE-2025-68813.html * https://www.suse.com/security/cve/CVE-2025-71120.html * https://bugzilla.suse.com/show_bug.cgi?id=1065729 * https://bugzilla.suse.com/show_bug.cgi?id=1196823 * https://bugzilla.suse.com/show_bug.cgi?id=1204957 * https://bugzilla.suse.com/show_bug.cgi?id=1206889 * https://bugzilla.suse.com/show_bug.cgi?id=1207051 * https://bugzilla.suse.com/show_bug.cgi?id=1207088 * https://bugzilla.suse.com/show_bug.cgi?id=1207653 * https://bugzilla.suse.com/show_bug.cgi?id=1209799 * https://bugzilla.suse.com/show_bug.cgi?id=1213653 * https://bugzilla.suse.com/show_bug.cgi?id=1213969 * https://bugzilla.suse.com/show_bug.cgi?id=1225109 * https://bugzilla.suse.com/show_bug.cgi?id=1228015 * https://bugzilla.suse.com/show_bug.cgi?id=1245210 * https://bugzilla.suse.com/show_bug.cgi?id=1245751 * https://bugzilla.suse.com/show_bug.cgi?id=1249739 * https://bugzilla.suse.com/show_bug.cgi?id=1249871 * https://bugzilla.suse.com/show_bug.cgi?id=1250397 * https://bugzilla.suse.com/show_bug.cgi?id=1252678 * https://bugzilla.suse.com/show_bug.cgi?id=1254520 * https://bugzilla.suse.com/show_bug.cgi?id=1254592 * https://bugzilla.suse.com/show_bug.cgi?id=1254614 * https://bugzilla.suse.com/show_bug.cgi?id=1254615 * https://bugzilla.suse.com/show_bug.cgi?id=1254632 * https://bugzilla.suse.com/show_bug.cgi?id=1254634 * https://bugzilla.suse.com/show_bug.cgi?id=1254686 * https://bugzilla.suse.com/show_bug.cgi?id=1254711 * https://bugzilla.suse.com/show_bug.cgi?id=1254751 * https://bugzilla.suse.com/show_bug.cgi?id=1254763 * https://bugzilla.suse.com/show_bug.cgi?id=1254775 * https://bugzilla.suse.com/show_bug.cgi?id=1254785 * https://bugzilla.suse.com/show_bug.cgi?id=1254792 * https://bugzilla.suse.com/show_bug.cgi?id=1254813 * https://bugzilla.suse.com/show_bug.cgi?id=1254847 * https://bugzilla.suse.com/show_bug.cgi?id=1254851 * https://bugzilla.suse.com/show_bug.cgi?id=1254894 * https://bugzilla.suse.com/show_bug.cgi?id=1254902 * https://bugzilla.suse.com/show_bug.cgi?id=1254959 * https://bugzilla.suse.com/show_bug.cgi?id=1255002 * https://bugzilla.suse.com/show_bug.cgi?id=1255565 * https://bugzilla.suse.com/show_bug.cgi?id=1255576 * https://bugzilla.suse.com/show_bug.cgi?id=1255607 * https://bugzilla.suse.com/show_bug.cgi?id=1255609 * https://bugzilla.suse.com/show_bug.cgi?id=1255636 * https://bugzilla.suse.com/show_bug.cgi?id=1255844 * https://bugzilla.suse.com/show_bug.cgi?id=1255901 * https://bugzilla.suse.com/show_bug.cgi?id=1255908 * https://bugzilla.suse.com/show_bug.cgi?id=1255919 * https://bugzilla.suse.com/show_bug.cgi?id=1256040 * https://bugzilla.suse.com/show_bug.cgi?id=1256045 * https://bugzilla.suse.com/show_bug.cgi?id=1256048 * https://bugzilla.suse.com/show_bug.cgi?id=1256049 * https://bugzilla.suse.com/show_bug.cgi?id=1256053 * https://bugzilla.suse.com/show_bug.cgi?id=1256056 * https://bugzilla.suse.com/show_bug.cgi?id=1256064 * https://bugzilla.suse.com/show_bug.cgi?id=1256095 * https://bugzilla.suse.com/show_bug.cgi?id=1256127 * https://bugzilla.suse.com/show_bug.cgi?id=1256132 * https://bugzilla.suse.com/show_bug.cgi?id=1256136 * https://bugzilla.suse.com/show_bug.cgi?id=1256137 * https://bugzilla.suse.com/show_bug.cgi?id=1256143 * https://bugzilla.suse.com/show_bug.cgi?id=1256154 * https://bugzilla.suse.com/show_bug.cgi?id=1256165 * https://bugzilla.suse.com/show_bug.cgi?id=1256194 * https://bugzilla.suse.com/show_bug.cgi?id=1256203 * https://bugzilla.suse.com/show_bug.cgi?id=1256207 * https://bugzilla.suse.com/show_bug.cgi?id=1256208 * https://bugzilla.suse.com/show_bug.cgi?id=1256216 * https://bugzilla.suse.com/show_bug.cgi?id=1256230 * https://bugzilla.suse.com/show_bug.cgi?id=1256242 * https://bugzilla.suse.com/show_bug.cgi?id=1256248 * https://bugzilla.suse.com/show_bug.cgi?id=1256333 * https://bugzilla.suse.com/show_bug.cgi?id=1256344 * https://bugzilla.suse.com/show_bug.cgi?id=1256353 * https://bugzilla.suse.com/show_bug.cgi?id=1256426 * https://bugzilla.suse.com/show_bug.cgi?id=1256641 * https://bugzilla.suse.com/show_bug.cgi?id=1256779 * https://jira.suse.com/browse/SLE-13847 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Feb 3 20:31:45 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 03 Feb 2026 20:31:45 -0000 Subject: SUSE-SU-2026:0368-1: moderate: Security update for libsodium Message-ID: <177015070523.17387.14642266934822290832@smelt2.prg2.suse.org> # Security update for libsodium Announcement ID: SUSE-SU-2026:0368-1 Release Date: 2026-02-03T13:41:03Z Rating: moderate References: * bsc#1255764 * bsc#1256070 Cross-References: * CVE-2025-15444 * CVE-2025-69277 CVSS scores: * CVE-2025-15444 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2025-15444 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-69277 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-69277 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2025-69277 ( NVD ): 4.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N Affected Products: * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves two vulnerabilities can now be installed. ## Description: This update for libsodium fixes the following issues: * CVE-2025-15444: Fixed cryptographic bypass via improper elliptic curve point validation (bsc#1256070). * CVE-2025-69277: Fixed incorrect validation of elliptic curve points in crypto_core_ed25519_is_valid_point function (bsc#1255764). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2026-368=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-368=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-368=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-368=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-368=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-368=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-368=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2026-368=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2026-368=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * libsodium23-debuginfo-1.0.18-150000.4.14.1 * libsodium23-1.0.18-150000.4.14.1 * libsodium-devel-1.0.18-150000.4.14.1 * libsodium-debugsource-1.0.18-150000.4.14.1 * openSUSE Leap 15.6 (x86_64) * libsodium23-32bit-1.0.18-150000.4.14.1 * libsodium23-32bit-debuginfo-1.0.18-150000.4.14.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libsodium23-debuginfo-1.0.18-150000.4.14.1 * libsodium23-1.0.18-150000.4.14.1 * libsodium-debugsource-1.0.18-150000.4.14.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libsodium23-debuginfo-1.0.18-150000.4.14.1 * libsodium23-1.0.18-150000.4.14.1 * libsodium-debugsource-1.0.18-150000.4.14.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libsodium23-debuginfo-1.0.18-150000.4.14.1 * libsodium23-1.0.18-150000.4.14.1 * libsodium-debugsource-1.0.18-150000.4.14.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libsodium23-debuginfo-1.0.18-150000.4.14.1 * libsodium23-1.0.18-150000.4.14.1 * libsodium-debugsource-1.0.18-150000.4.14.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libsodium23-debuginfo-1.0.18-150000.4.14.1 * libsodium23-1.0.18-150000.4.14.1 * libsodium-debugsource-1.0.18-150000.4.14.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libsodium23-debuginfo-1.0.18-150000.4.14.1 * libsodium23-1.0.18-150000.4.14.1 * libsodium-devel-1.0.18-150000.4.14.1 * libsodium-debugsource-1.0.18-150000.4.14.1 * Basesystem Module 15-SP7 (x86_64) * libsodium23-32bit-1.0.18-150000.4.14.1 * libsodium23-32bit-debuginfo-1.0.18-150000.4.14.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * libsodium23-debuginfo-1.0.18-150000.4.14.1 * libsodium23-1.0.18-150000.4.14.1 * libsodium-debugsource-1.0.18-150000.4.14.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * libsodium23-debuginfo-1.0.18-150000.4.14.1 * libsodium23-1.0.18-150000.4.14.1 * libsodium-debugsource-1.0.18-150000.4.14.1 ## References: * https://www.suse.com/security/cve/CVE-2025-15444.html * https://www.suse.com/security/cve/CVE-2025-69277.html * https://bugzilla.suse.com/show_bug.cgi?id=1255764 * https://bugzilla.suse.com/show_bug.cgi?id=1256070 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Feb 3 20:31:49 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 03 Feb 2026 20:31:49 -0000 Subject: SUSE-SU-2026:0367-1: moderate: Security update for python-urllib3 Message-ID: <177015070902.17387.9287844981782381655@smelt2.prg2.suse.org> # Security update for python-urllib3 Announcement ID: SUSE-SU-2026:0367-1 Release Date: 2026-02-03T13:09:51Z Rating: moderate References: * bsc#1254866 * bsc#1254867 Cross-References: * CVE-2025-66418 * CVE-2025-66471 CVSS scores: * CVE-2025-66418 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-66418 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-66418 ( NVD ): 8.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-66418 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-66471 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-66471 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-66471 ( NVD ): 8.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-66471 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.6 * Public Cloud Module 15-SP4 * Python 3 Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves two vulnerabilities can now be installed. ## Description: This update for python-urllib3 fixes the following issues: * CVE-2025-66471: excessive resource consumption via decompression of highly compressed data in Streaming API (bsc#1254867). * CVE-2025-66418: resource exhaustion via unbounded number of links in the decompression chain (bsc#1254866). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-367=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2026-367=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2026-367=1 * Python 3 Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Python3-15-SP7-2026-367=1 ## Package List: * openSUSE Leap 15.4 (noarch) * python311-urllib3-2.0.7-150400.7.27.1 * openSUSE Leap 15.6 (noarch) * python311-urllib3-2.0.7-150400.7.27.1 * Public Cloud Module 15-SP4 (noarch) * python311-urllib3-2.0.7-150400.7.27.1 * Python 3 Module 15-SP7 (noarch) * python311-urllib3-2.0.7-150400.7.27.1 ## References: * https://www.suse.com/security/cve/CVE-2025-66418.html * https://www.suse.com/security/cve/CVE-2025-66471.html * https://bugzilla.suse.com/show_bug.cgi?id=1254866 * https://bugzilla.suse.com/show_bug.cgi?id=1254867 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Feb 3 20:31:53 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 03 Feb 2026 20:31:53 -0000 Subject: SUSE-SU-2026:0366-1: moderate: Security update for util-linux Message-ID: <177015071358.17387.17113359718133131762@smelt2.prg2.suse.org> # Security update for util-linux Announcement ID: SUSE-SU-2026:0366-1 Release Date: 2026-02-03T12:53:11Z Rating: moderate References: * bsc#1254666 Cross-References: * CVE-2025-14104 CVSS scores: * CVE-2025-14104 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-14104 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-14104 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for util-linux fixes the following issues: * CVE-2025-14104: Fixed heap buffer overread in setpwnam() when processing 256-byte usernames (bsc#1254666). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-366=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libmount1-debuginfo-2.33.2-4.48.1 * libsmartcols1-debuginfo-2.33.2-4.48.1 * libblkid1-2.33.2-4.48.1 * util-linux-systemd-debuginfo-2.33.2-4.48.1 * util-linux-systemd-debugsource-2.33.2-4.48.1 * libmount1-2.33.2-4.48.1 * libblkid1-32bit-2.33.2-4.48.1 * python-libmount-2.33.2-4.48.1 * uuidd-2.33.2-4.48.1 * libuuid-devel-2.33.2-4.48.1 * libmount1-32bit-2.33.2-4.48.1 * libblkid1-debuginfo-32bit-2.33.2-4.48.1 * util-linux-systemd-2.33.2-4.48.1 * python-libmount-debugsource-2.33.2-4.48.1 * util-linux-2.33.2-4.48.1 * uuidd-debuginfo-2.33.2-4.48.1 * libsmartcols1-2.33.2-4.48.1 * libmount1-debuginfo-32bit-2.33.2-4.48.1 * libfdisk1-debuginfo-2.33.2-4.48.1 * libuuid1-debuginfo-2.33.2-4.48.1 * libuuid1-debuginfo-32bit-2.33.2-4.48.1 * libblkid-devel-2.33.2-4.48.1 * python-libmount-debuginfo-2.33.2-4.48.1 * util-linux-debuginfo-2.33.2-4.48.1 * libuuid1-32bit-2.33.2-4.48.1 * libfdisk1-2.33.2-4.48.1 * libsmartcols-devel-2.33.2-4.48.1 * libuuid1-2.33.2-4.48.1 * util-linux-debugsource-2.33.2-4.48.1 * libblkid1-debuginfo-2.33.2-4.48.1 * libmount-devel-2.33.2-4.48.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * util-linux-lang-2.33.2-4.48.1 ## References: * https://www.suse.com/security/cve/CVE-2025-14104.html * https://bugzilla.suse.com/show_bug.cgi?id=1254666 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Feb 4 08:30:08 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 04 Feb 2026 08:30:08 -0000 Subject: SUSE-SU-2026:0371-1: important: Security update for glibc Message-ID: <177019380863.28500.2631000399643366409@smelt2.prg2.suse.org> # Security update for glibc Announcement ID: SUSE-SU-2026:0371-1 Release Date: 2026-02-03T18:09:03Z Rating: important References: * bsc#1256437 * bsc#1256766 * bsc#1256822 * bsc#1257005 Cross-References: * CVE-2025-15281 * CVE-2026-0861 * CVE-2026-0915 CVSS scores: * CVE-2025-15281 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-15281 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-15281 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-0861 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-0861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-0861 ( NVD ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-0915 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-0915 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-0915 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * Basesystem Module 15-SP7 * Development Tools Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves three vulnerabilities and has one security fix can now be installed. ## Description: This update for glibc fixes the following issues: Security fixes: * CVE-2026-0861: Fixed inadequate size check in the memalign suite may result in an integer overflow (bsc#1256766). * CVE-2026-0915: Fixed uninitialized stack buffer used as DNS query name when net==0 in _nss_dns_getnetbyaddr_r (bsc#1256822). * CVE-2025-15281: Fixed uninitialized memory may cause the process abort (bsc#1257005). Other fixes: * NPTL: Optimize trylock for high cache contention workloads (bsc#1256437). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-371=1 openSUSE-SLE-15.6-2026-371=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-371=1 * Development Tools Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP7-2026-371=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-371=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-371=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586 i686) * glibc-2.38-150600.14.40.1 * glibc-debuginfo-2.38-150600.14.40.1 * glibc-devel-static-2.38-150600.14.40.1 * glibc-locale-2.38-150600.14.40.1 * glibc-locale-base-debuginfo-2.38-150600.14.40.1 * glibc-profile-2.38-150600.14.40.1 * libnsl1-debuginfo-2.38-150600.14.40.1 * glibc-devel-debuginfo-2.38-150600.14.40.1 * glibc-devel-2.38-150600.14.40.1 * libnsl1-2.38-150600.14.40.1 * glibc-locale-base-2.38-150600.14.40.1 * glibc-debugsource-2.38-150600.14.40.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * glibc-extra-2.38-150600.14.40.1 * nscd-2.38-150600.14.40.1 * glibc-utils-src-debugsource-2.38-150600.14.40.1 * nscd-debuginfo-2.38-150600.14.40.1 * glibc-utils-2.38-150600.14.40.1 * glibc-extra-debuginfo-2.38-150600.14.40.1 * glibc-utils-debuginfo-2.38-150600.14.40.1 * openSUSE Leap 15.6 (noarch) * glibc-info-2.38-150600.14.40.1 * glibc-html-2.38-150600.14.40.1 * glibc-i18ndata-2.38-150600.14.40.1 * glibc-lang-2.38-150600.14.40.1 * openSUSE Leap 15.6 (x86_64) * glibc-devel-32bit-debuginfo-2.38-150600.14.40.1 * glibc-devel-static-32bit-2.38-150600.14.40.1 * libnsl1-32bit-debuginfo-2.38-150600.14.40.1 * glibc-devel-32bit-2.38-150600.14.40.1 * glibc-utils-32bit-debuginfo-2.38-150600.14.40.1 * glibc-locale-base-32bit-debuginfo-2.38-150600.14.40.1 * glibc-profile-32bit-2.38-150600.14.40.1 * glibc-locale-base-32bit-2.38-150600.14.40.1 * glibc-32bit-2.38-150600.14.40.1 * libnsl1-32bit-2.38-150600.14.40.1 * glibc-utils-32bit-2.38-150600.14.40.1 * glibc-32bit-debuginfo-2.38-150600.14.40.1 * openSUSE Leap 15.6 (aarch64_ilp32) * glibc-64bit-debuginfo-2.38-150600.14.40.1 * glibc-devel-64bit-2.38-150600.14.40.1 * glibc-devel-64bit-debuginfo-2.38-150600.14.40.1 * glibc-64bit-2.38-150600.14.40.1 * libnsl1-64bit-debuginfo-2.38-150600.14.40.1 * glibc-devel-static-64bit-2.38-150600.14.40.1 * glibc-locale-base-64bit-2.38-150600.14.40.1 * glibc-profile-64bit-2.38-150600.14.40.1 * glibc-utils-64bit-debuginfo-2.38-150600.14.40.1 * glibc-locale-base-64bit-debuginfo-2.38-150600.14.40.1 * glibc-utils-64bit-2.38-150600.14.40.1 * libnsl1-64bit-2.38-150600.14.40.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * glibc-2.38-150600.14.40.1 * glibc-debuginfo-2.38-150600.14.40.1 * glibc-locale-2.38-150600.14.40.1 * glibc-locale-base-debuginfo-2.38-150600.14.40.1 * glibc-profile-2.38-150600.14.40.1 * libnsl1-debuginfo-2.38-150600.14.40.1 * glibc-extra-2.38-150600.14.40.1 * glibc-devel-debuginfo-2.38-150600.14.40.1 * nscd-2.38-150600.14.40.1 * glibc-devel-2.38-150600.14.40.1 * nscd-debuginfo-2.38-150600.14.40.1 * libnsl1-2.38-150600.14.40.1 * glibc-locale-base-2.38-150600.14.40.1 * glibc-debugsource-2.38-150600.14.40.1 * glibc-extra-debuginfo-2.38-150600.14.40.1 * Basesystem Module 15-SP7 (noarch) * glibc-info-2.38-150600.14.40.1 * glibc-i18ndata-2.38-150600.14.40.1 * glibc-lang-2.38-150600.14.40.1 * Basesystem Module 15-SP7 (x86_64) * libnsl1-32bit-debuginfo-2.38-150600.14.40.1 * glibc-locale-base-32bit-debuginfo-2.38-150600.14.40.1 * glibc-locale-base-32bit-2.38-150600.14.40.1 * glibc-32bit-2.38-150600.14.40.1 * libnsl1-32bit-2.38-150600.14.40.1 * glibc-32bit-debuginfo-2.38-150600.14.40.1 * Development Tools Module 15-SP7 (aarch64 ppc64le s390x x86_64) * glibc-debuginfo-2.38-150600.14.40.1 * glibc-devel-static-2.38-150600.14.40.1 * glibc-utils-src-debugsource-2.38-150600.14.40.1 * glibc-debugsource-2.38-150600.14.40.1 * glibc-utils-2.38-150600.14.40.1 * glibc-utils-debuginfo-2.38-150600.14.40.1 * Development Tools Module 15-SP7 (x86_64) * glibc-devel-32bit-2.38-150600.14.40.1 * glibc-devel-32bit-debuginfo-2.38-150600.14.40.1 * glibc-32bit-debuginfo-2.38-150600.14.40.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * glibc-2.38-150600.14.40.1 * glibc-debuginfo-2.38-150600.14.40.1 * glibc-devel-static-2.38-150600.14.40.1 * glibc-locale-2.38-150600.14.40.1 * glibc-locale-base-debuginfo-2.38-150600.14.40.1 * glibc-profile-2.38-150600.14.40.1 * libnsl1-debuginfo-2.38-150600.14.40.1 * glibc-extra-2.38-150600.14.40.1 * glibc-devel-debuginfo-2.38-150600.14.40.1 * glibc-utils-src-debugsource-2.38-150600.14.40.1 * nscd-2.38-150600.14.40.1 * glibc-devel-2.38-150600.14.40.1 * nscd-debuginfo-2.38-150600.14.40.1 * libnsl1-2.38-150600.14.40.1 * glibc-locale-base-2.38-150600.14.40.1 * glibc-debugsource-2.38-150600.14.40.1 * glibc-utils-2.38-150600.14.40.1 * glibc-extra-debuginfo-2.38-150600.14.40.1 * glibc-utils-debuginfo-2.38-150600.14.40.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch) * glibc-info-2.38-150600.14.40.1 * glibc-i18ndata-2.38-150600.14.40.1 * glibc-lang-2.38-150600.14.40.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (x86_64) * glibc-devel-32bit-debuginfo-2.38-150600.14.40.1 * libnsl1-32bit-debuginfo-2.38-150600.14.40.1 * glibc-devel-32bit-2.38-150600.14.40.1 * glibc-locale-base-32bit-debuginfo-2.38-150600.14.40.1 * glibc-locale-base-32bit-2.38-150600.14.40.1 * glibc-32bit-2.38-150600.14.40.1 * libnsl1-32bit-2.38-150600.14.40.1 * glibc-32bit-debuginfo-2.38-150600.14.40.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * glibc-2.38-150600.14.40.1 * glibc-debuginfo-2.38-150600.14.40.1 * glibc-devel-static-2.38-150600.14.40.1 * glibc-locale-2.38-150600.14.40.1 * glibc-locale-base-debuginfo-2.38-150600.14.40.1 * glibc-profile-2.38-150600.14.40.1 * libnsl1-debuginfo-2.38-150600.14.40.1 * glibc-extra-2.38-150600.14.40.1 * glibc-devel-debuginfo-2.38-150600.14.40.1 * glibc-utils-src-debugsource-2.38-150600.14.40.1 * nscd-2.38-150600.14.40.1 * glibc-devel-2.38-150600.14.40.1 * nscd-debuginfo-2.38-150600.14.40.1 * libnsl1-2.38-150600.14.40.1 * glibc-locale-base-2.38-150600.14.40.1 * glibc-debugsource-2.38-150600.14.40.1 * glibc-utils-2.38-150600.14.40.1 * glibc-extra-debuginfo-2.38-150600.14.40.1 * glibc-utils-debuginfo-2.38-150600.14.40.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch) * glibc-info-2.38-150600.14.40.1 * glibc-i18ndata-2.38-150600.14.40.1 * glibc-lang-2.38-150600.14.40.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (x86_64) * glibc-devel-32bit-debuginfo-2.38-150600.14.40.1 * libnsl1-32bit-debuginfo-2.38-150600.14.40.1 * glibc-devel-32bit-2.38-150600.14.40.1 * glibc-locale-base-32bit-debuginfo-2.38-150600.14.40.1 * glibc-locale-base-32bit-2.38-150600.14.40.1 * glibc-32bit-2.38-150600.14.40.1 * libnsl1-32bit-2.38-150600.14.40.1 * glibc-32bit-debuginfo-2.38-150600.14.40.1 ## References: * https://www.suse.com/security/cve/CVE-2025-15281.html * https://www.suse.com/security/cve/CVE-2026-0861.html * https://www.suse.com/security/cve/CVE-2026-0915.html * https://bugzilla.suse.com/show_bug.cgi?id=1256437 * https://bugzilla.suse.com/show_bug.cgi?id=1256766 * https://bugzilla.suse.com/show_bug.cgi?id=1256822 * https://bugzilla.suse.com/show_bug.cgi?id=1257005 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Feb 4 12:30:04 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 04 Feb 2026 12:30:04 -0000 Subject: SUSE-SU-2026:0379-1: important: Security update for cockpit-podman Message-ID: <177020820405.28709.5427976944630292005@smelt2.prg2.suse.org> # Security update for cockpit-podman Announcement ID: SUSE-SU-2026:0379-1 Release Date: 2026-02-04T07:38:29Z Rating: important References: * bsc#1257324 Cross-References: * CVE-2025-13465 CVSS scores: * CVE-2025-13465 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-13465 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2025-13465 ( NVD ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:H/SI:H/SA:H/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that solves one vulnerability can now be installed. ## Description: This update for cockpit-podman fixes the following issues: * CVE-2025-13465: Update the lodash dependencie to avoid prototype pollution. (bsc#1257324) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2026-379=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2026-379=1 ## Package List: * SUSE Linux Enterprise Micro 5.2 (noarch) * cockpit-podman-33-150300.6.6.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch) * cockpit-podman-33-150300.6.6.1 ## References: * https://www.suse.com/security/cve/CVE-2025-13465.html * https://bugzilla.suse.com/show_bug.cgi?id=1257324 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Feb 4 12:30:09 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 04 Feb 2026 12:30:09 -0000 Subject: SUSE-SU-2026:0378-1: important: Security update for gpg2 Message-ID: <177020820982.28709.15998954502284888968@smelt2.prg2.suse.org> # Security update for gpg2 Announcement ID: SUSE-SU-2026:0378-1 Release Date: 2026-02-04T07:38:17Z Rating: important References: * bsc#1255715 * bsc#1256244 * bsc#1256389 * bsc#1256390 Cross-References: * CVE-2025-68973 CVSS scores: * CVE-2025-68973 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N * CVE-2025-68973 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N * CVE-2025-68973 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability and has three security fixes can now be installed. ## Description: This update for gpg2 fixes the following issues: * CVE-2025-68973: Fixed possile memory corruption in the armor parser [T7906] (bsc#1255715) * Fixed GnuPG Accepting Path Separators and Path Traversals in Literal Data (bsc#1256389) * Fixed Cleartext Signature Forgery in the NotDashEscaped header implementation in GnuPG (bsc#1256390) * Fixed error out on unverified output for non-detached signatures [T7903] (bsc#1256244) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-378=1 * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2026-378=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * gpg2-debugsource-2.0.24-9.17.1 * gpg2-2.0.24-9.17.1 * gpg2-debuginfo-2.0.24-9.17.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * gpg2-lang-2.0.24-9.17.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * gpg2-debugsource-2.0.24-9.17.1 * gpg2-2.0.24-9.17.1 * gpg2-debuginfo-2.0.24-9.17.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * gpg2-lang-2.0.24-9.17.1 ## References: * https://www.suse.com/security/cve/CVE-2025-68973.html * https://bugzilla.suse.com/show_bug.cgi?id=1255715 * https://bugzilla.suse.com/show_bug.cgi?id=1256244 * https://bugzilla.suse.com/show_bug.cgi?id=1256389 * https://bugzilla.suse.com/show_bug.cgi?id=1256390 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Feb 4 12:30:12 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 04 Feb 2026 12:30:12 -0000 Subject: SUSE-SU-2026:0377-1: moderate: Security update for libheif Message-ID: <177020821274.28709.16026722019402337553@smelt2.prg2.suse.org> # Security update for libheif Announcement ID: SUSE-SU-2026:0377-1 Release Date: 2026-02-04T07:37:59Z Rating: moderate References: * bsc#1255735 Cross-References: * CVE-2025-68431 CVSS scores: * CVE-2025-68431 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68431 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-68431 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.6 An update that solves one vulnerability can now be installed. ## Description: This update for libheif fixes the following issues: * CVE-2025-68431: Fixed heap buffer over-read in `HeifPixelImage::overlay()` via crafted HEIF that exercises the overlay image item (bsc#1255735) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-377=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2026-377=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libheif-devel-1.12.0-150400.3.17.1 * libheif1-1.12.0-150400.3.17.1 * libheif-debugsource-1.12.0-150400.3.17.1 * libheif1-debuginfo-1.12.0-150400.3.17.1 * gdk-pixbuf-loader-libheif-debuginfo-1.12.0-150400.3.17.1 * gdk-pixbuf-loader-libheif-1.12.0-150400.3.17.1 * openSUSE Leap 15.4 (x86_64) * libheif1-32bit-debuginfo-1.12.0-150400.3.17.1 * libheif1-32bit-1.12.0-150400.3.17.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libheif1-64bit-1.12.0-150400.3.17.1 * libheif1-64bit-debuginfo-1.12.0-150400.3.17.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * libheif-devel-1.12.0-150400.3.17.1 * libheif1-1.12.0-150400.3.17.1 * libheif-debugsource-1.12.0-150400.3.17.1 * libheif1-debuginfo-1.12.0-150400.3.17.1 * gdk-pixbuf-loader-libheif-debuginfo-1.12.0-150400.3.17.1 * gdk-pixbuf-loader-libheif-1.12.0-150400.3.17.1 * openSUSE Leap 15.6 (x86_64) * libheif1-32bit-debuginfo-1.12.0-150400.3.17.1 * libheif1-32bit-1.12.0-150400.3.17.1 ## References: * https://www.suse.com/security/cve/CVE-2025-68431.html * https://bugzilla.suse.com/show_bug.cgi?id=1255735 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Feb 4 12:30:17 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 04 Feb 2026 12:30:17 -0000 Subject: SUSE-SU-2026:0375-1: moderate: Security update for libvirt Message-ID: <177020821717.28709.2040252290075123749@smelt2.prg2.suse.org> # Security update for libvirt Announcement ID: SUSE-SU-2026:0375-1 Release Date: 2026-02-04T07:37:41Z Rating: moderate References: * bsc#1251822 * bsc#1253278 * bsc#1253703 Cross-References: * CVE-2025-12748 * CVE-2025-13193 CVSS scores: * CVE-2025-12748 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-12748 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-12748 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-13193 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-13193 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2025-13193 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves two vulnerabilities and has one security fix can now be installed. ## Description: This update for libvirt fixes the following issues: Security fixes: * CVE-2025-13193: Fixed umask for 'qemu-img' when creating external inactive snapshots (bsc#1253703) * CVE-2025-12748: Fixed check ACLs before parsing the whole domain XML (bsc#1253278) Other fixes: * libvirt-supportconfig: Add support for supportconfig.rc (bsc#1251822) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-375=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-375=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-375=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-375=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-375=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libvirt-daemon-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-mpath-debuginfo-8.0.0-150400.7.14.1 * libvirt-lock-sanlock-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-core-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-gluster-8.0.0-150400.7.14.1 * libvirt-daemon-lxc-8.0.0-150400.7.14.1 * libvirt-client-8.0.0-150400.7.14.1 * libvirt-devel-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-logical-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-disk-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-secret-8.0.0-150400.7.14.1 * libvirt-daemon-driver-nodedev-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-iscsi-debuginfo-8.0.0-150400.7.14.1 * wireshark-plugin-libvirt-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.14.1 * libvirt-daemon-driver-network-8.0.0-150400.7.14.1 * libvirt-daemon-driver-nwfilter-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-disk-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.14.1 * libvirt-daemon-driver-interface-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-interface-8.0.0-150400.7.14.1 * libvirt-daemon-config-network-8.0.0-150400.7.14.1 * libvirt-debugsource-8.0.0-150400.7.14.1 * libvirt-daemon-driver-qemu-debuginfo-8.0.0-150400.7.14.1 * libvirt-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-iscsi-direct-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-gluster-debuginfo-8.0.0-150400.7.14.1 * libvirt-nss-8.0.0-150400.7.14.1 * libvirt-daemon-driver-lxc-debuginfo-8.0.0-150400.7.14.1 * libvirt-lock-sanlock-8.0.0-150400.7.14.1 * libvirt-libs-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-8.0.0-150400.7.14.1 * libvirt-daemon-qemu-8.0.0-150400.7.14.1 * libvirt-daemon-driver-nwfilter-8.0.0-150400.7.14.1 * libvirt-daemon-hooks-8.0.0-150400.7.14.1 * libvirt-client-debuginfo-8.0.0-150400.7.14.1 * libvirt-libs-8.0.0-150400.7.14.1 * wireshark-plugin-libvirt-debuginfo-8.0.0-150400.7.14.1 * libvirt-nss-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-logical-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.14.1 * libvirt-daemon-driver-secret-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-network-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-lxc-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-core-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-scsi-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-qemu-8.0.0-150400.7.14.1 * libvirt-daemon-config-nwfilter-8.0.0-150400.7.14.1 * libvirt-daemon-driver-nodedev-8.0.0-150400.7.14.1 * openSUSE Leap 15.4 (x86_64) * libvirt-client-32bit-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-libxl-8.0.0-150400.7.14.1 * libvirt-daemon-driver-libxl-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-xen-8.0.0-150400.7.14.1 * libvirt-devel-32bit-8.0.0-150400.7.14.1 * openSUSE Leap 15.4 (noarch) * libvirt-doc-8.0.0-150400.7.14.1 * openSUSE Leap 15.4 (aarch64 x86_64) * libvirt-daemon-driver-storage-rbd-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.14.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libvirt-client-64bit-debuginfo-8.0.0-150400.7.14.1 * libvirt-devel-64bit-8.0.0-150400.7.14.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libvirt-daemon-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-mpath-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-core-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.14.1 * libvirt-client-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-logical-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-disk-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-secret-8.0.0-150400.7.14.1 * libvirt-daemon-driver-nodedev-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-iscsi-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.14.1 * libvirt-daemon-driver-network-8.0.0-150400.7.14.1 * libvirt-daemon-driver-nwfilter-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-disk-8.0.0-150400.7.14.1 * libvirt-daemon-driver-interface-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-interface-8.0.0-150400.7.14.1 * libvirt-debugsource-8.0.0-150400.7.14.1 * libvirt-daemon-driver-qemu-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-iscsi-direct-debuginfo-8.0.0-150400.7.14.1 * libvirt-libs-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-8.0.0-150400.7.14.1 * libvirt-daemon-qemu-8.0.0-150400.7.14.1 * libvirt-daemon-driver-nwfilter-8.0.0-150400.7.14.1 * libvirt-libs-8.0.0-150400.7.14.1 * libvirt-client-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-logical-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.14.1 * libvirt-daemon-driver-secret-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-network-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-core-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-scsi-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-qemu-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.14.1 * libvirt-daemon-driver-nodedev-8.0.0-150400.7.14.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 x86_64) * libvirt-daemon-driver-storage-rbd-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.14.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libvirt-daemon-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-mpath-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-core-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.14.1 * libvirt-client-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-logical-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-disk-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-secret-8.0.0-150400.7.14.1 * libvirt-daemon-driver-nodedev-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-iscsi-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.14.1 * libvirt-daemon-driver-network-8.0.0-150400.7.14.1 * libvirt-daemon-driver-nwfilter-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-disk-8.0.0-150400.7.14.1 * libvirt-daemon-driver-interface-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-interface-8.0.0-150400.7.14.1 * libvirt-debugsource-8.0.0-150400.7.14.1 * libvirt-daemon-driver-qemu-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-iscsi-direct-debuginfo-8.0.0-150400.7.14.1 * libvirt-libs-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-8.0.0-150400.7.14.1 * libvirt-daemon-qemu-8.0.0-150400.7.14.1 * libvirt-daemon-driver-nwfilter-8.0.0-150400.7.14.1 * libvirt-libs-8.0.0-150400.7.14.1 * libvirt-client-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-logical-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.14.1 * libvirt-daemon-driver-secret-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-network-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-core-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-scsi-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-qemu-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.14.1 * libvirt-daemon-driver-nodedev-8.0.0-150400.7.14.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 x86_64) * libvirt-daemon-driver-storage-rbd-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.14.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libvirt-daemon-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-mpath-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-core-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.14.1 * libvirt-client-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-logical-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-disk-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-secret-8.0.0-150400.7.14.1 * libvirt-daemon-driver-nodedev-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-iscsi-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.14.1 * libvirt-daemon-driver-network-8.0.0-150400.7.14.1 * libvirt-daemon-driver-nwfilter-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-disk-8.0.0-150400.7.14.1 * libvirt-daemon-driver-interface-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-interface-8.0.0-150400.7.14.1 * libvirt-debugsource-8.0.0-150400.7.14.1 * libvirt-daemon-driver-qemu-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-iscsi-direct-debuginfo-8.0.0-150400.7.14.1 * libvirt-libs-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-8.0.0-150400.7.14.1 * libvirt-daemon-qemu-8.0.0-150400.7.14.1 * libvirt-daemon-driver-nwfilter-8.0.0-150400.7.14.1 * libvirt-libs-8.0.0-150400.7.14.1 * libvirt-client-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-logical-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.14.1 * libvirt-daemon-driver-secret-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-network-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-core-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-scsi-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-qemu-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.14.1 * libvirt-daemon-driver-nodedev-8.0.0-150400.7.14.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 x86_64) * libvirt-daemon-driver-storage-rbd-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.14.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libvirt-daemon-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-mpath-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-core-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.14.1 * libvirt-client-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-logical-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-disk-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-secret-8.0.0-150400.7.14.1 * libvirt-daemon-driver-nodedev-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-iscsi-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.14.1 * libvirt-daemon-driver-network-8.0.0-150400.7.14.1 * libvirt-daemon-driver-nwfilter-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-disk-8.0.0-150400.7.14.1 * libvirt-daemon-driver-interface-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-interface-8.0.0-150400.7.14.1 * libvirt-debugsource-8.0.0-150400.7.14.1 * libvirt-daemon-driver-qemu-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-iscsi-direct-debuginfo-8.0.0-150400.7.14.1 * libvirt-libs-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-8.0.0-150400.7.14.1 * libvirt-daemon-qemu-8.0.0-150400.7.14.1 * libvirt-daemon-driver-nwfilter-8.0.0-150400.7.14.1 * libvirt-libs-8.0.0-150400.7.14.1 * libvirt-client-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-logical-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.14.1 * libvirt-daemon-driver-secret-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-network-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-core-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-scsi-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-qemu-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.14.1 * libvirt-daemon-driver-nodedev-8.0.0-150400.7.14.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 x86_64) * libvirt-daemon-driver-storage-rbd-debuginfo-8.0.0-150400.7.14.1 * libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.14.1 ## References: * https://www.suse.com/security/cve/CVE-2025-12748.html * https://www.suse.com/security/cve/CVE-2025-13193.html * https://bugzilla.suse.com/show_bug.cgi?id=1251822 * https://bugzilla.suse.com/show_bug.cgi?id=1253278 * https://bugzilla.suse.com/show_bug.cgi?id=1253703 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Feb 4 12:30:19 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 04 Feb 2026 12:30:19 -0000 Subject: SUSE-SU-2026:0374-1: moderate: Security update for protobuf Message-ID: <177020821975.28709.17027078940409753857@smelt2.prg2.suse.org> # Security update for protobuf Announcement ID: SUSE-SU-2026:0374-1 Release Date: 2026-02-04T07:03:50Z Rating: moderate References: * bsc#1257173 Cross-References: * CVE-2026-0994 CVSS scores: * CVE-2026-0994 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-0994 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-0994 ( NVD ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * Basesystem Module 15-SP7 * Development Tools Module 15-SP7 * openSUSE Leap 15.6 * Python 3 Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for protobuf fixes the following issues: * CVE-2026-0994: Fixed google.protobuf.Any recursion depth bypass in Python json_format.ParseDict (bsc#1257173). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-374=1 openSUSE-SLE-15.6-2026-374=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-374=1 * Development Tools Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP7-2026-374=1 * Python 3 Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Python3-15-SP7-2026-374=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libprotobuf25_1_0-25.1-150600.16.16.1 * libprotoc25_1_0-debuginfo-25.1-150600.16.16.1 * protobuf-debugsource-25.1-150600.16.16.1 * protobuf-devel-debuginfo-25.1-150600.16.16.1 * libprotobuf25_1_0-debuginfo-25.1-150600.16.16.1 * protobuf-devel-25.1-150600.16.16.1 * libprotoc25_1_0-25.1-150600.16.16.1 * libprotobuf-lite25_1_0-debuginfo-25.1-150600.16.16.1 * python311-protobuf-4.25.1-150600.16.16.1 * libprotobuf-lite25_1_0-25.1-150600.16.16.1 * openSUSE Leap 15.6 (x86_64) * libprotoc25_1_0-32bit-25.1-150600.16.16.1 * libprotobuf-lite25_1_0-32bit-25.1-150600.16.16.1 * libprotoc25_1_0-32bit-debuginfo-25.1-150600.16.16.1 * libprotobuf-lite25_1_0-32bit-debuginfo-25.1-150600.16.16.1 * libprotobuf25_1_0-32bit-25.1-150600.16.16.1 * libprotobuf25_1_0-32bit-debuginfo-25.1-150600.16.16.1 * openSUSE Leap 15.6 (noarch) * protobuf-java-25.1-150600.16.16.1 * protobuf-java-parent-25.1-150600.16.16.1 * protobuf-java-bom-25.1-150600.16.16.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libprotoc25_1_0-64bit-25.1-150600.16.16.1 * libprotobuf-lite25_1_0-64bit-debuginfo-25.1-150600.16.16.1 * libprotoc25_1_0-64bit-debuginfo-25.1-150600.16.16.1 * libprotobuf-lite25_1_0-64bit-25.1-150600.16.16.1 * libprotobuf25_1_0-64bit-25.1-150600.16.16.1 * libprotobuf25_1_0-64bit-debuginfo-25.1-150600.16.16.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libprotobuf25_1_0-25.1-150600.16.16.1 * libprotoc25_1_0-debuginfo-25.1-150600.16.16.1 * protobuf-debugsource-25.1-150600.16.16.1 * libprotobuf25_1_0-debuginfo-25.1-150600.16.16.1 * libprotoc25_1_0-25.1-150600.16.16.1 * libprotobuf-lite25_1_0-debuginfo-25.1-150600.16.16.1 * libprotobuf-lite25_1_0-25.1-150600.16.16.1 * Development Tools Module 15-SP7 (aarch64 ppc64le s390x x86_64) * protobuf-devel-debuginfo-25.1-150600.16.16.1 * protobuf-devel-25.1-150600.16.16.1 * protobuf-debugsource-25.1-150600.16.16.1 * Python 3 Module 15-SP7 (aarch64 ppc64le s390x x86_64) * python311-protobuf-4.25.1-150600.16.16.1 ## References: * https://www.suse.com/security/cve/CVE-2026-0994.html * https://bugzilla.suse.com/show_bug.cgi?id=1257173 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Feb 4 12:30:24 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 04 Feb 2026 12:30:24 -0000 Subject: SUSE-SU-2026:0373-1: important: Security update for glib2 Message-ID: <177020822409.28709.10001450735768928329@smelt2.prg2.suse.org> # Security update for glib2 Announcement ID: SUSE-SU-2026:0373-1 Release Date: 2026-02-04T02:50:53Z Rating: important References: * bsc#1257353 * bsc#1257354 * bsc#1257355 Cross-References: * CVE-2026-1484 * CVE-2026-1485 * CVE-2026-1489 CVSS scores: * CVE-2026-1484 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-1484 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-1484 ( NVD ): 4.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L * CVE-2026-1485 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-1485 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-1485 ( NVD ): 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2026-1489 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-1489 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-1489 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L Affected Products: * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves three vulnerabilities can now be installed. ## Description: This update for glib2 fixes the following issues: * CVE-2026-1485: Fixed buffer underflow and out-of-bounds access due to integer wraparound in content type parsing (bsc#1257354). * CVE-2026-1484: Fixed buffer underflow and out-of-bounds access due to miscalculated buffer boundaries in the Base64 encoding routine (bsc#1257355). * CVE-2026-1489: Fixed undersized heap allocation followed by out-of-bounds access due to integer overflow in Unicode case conversion (bsc#1257353). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-373=1 openSUSE-SLE-15.6-2026-373=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-373=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-373=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-373=1 ## Package List: * openSUSE Leap 15.6 (noarch) * gio-branding-upstream-2.78.6-150600.4.35.1 * glib2-lang-2.78.6-150600.4.35.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * glib2-tools-2.78.6-150600.4.35.1 * glib2-tests-devel-2.78.6-150600.4.35.1 * libgio-2_0-0-debuginfo-2.78.6-150600.4.35.1 * libgmodule-2_0-0-debuginfo-2.78.6-150600.4.35.1 * libgthread-2_0-0-debuginfo-2.78.6-150600.4.35.1 * libgobject-2_0-0-debuginfo-2.78.6-150600.4.35.1 * libgio-2_0-0-2.78.6-150600.4.35.1 * libgmodule-2_0-0-2.78.6-150600.4.35.1 * libgobject-2_0-0-2.78.6-150600.4.35.1 * libgthread-2_0-0-2.78.6-150600.4.35.1 * glib2-doc-2.78.6-150600.4.35.1 * libglib-2_0-0-2.78.6-150600.4.35.1 * glib2-devel-static-2.78.6-150600.4.35.1 * glib2-devel-2.78.6-150600.4.35.1 * libglib-2_0-0-debuginfo-2.78.6-150600.4.35.1 * glib2-tools-debuginfo-2.78.6-150600.4.35.1 * glib2-tests-devel-debuginfo-2.78.6-150600.4.35.1 * glib2-devel-debuginfo-2.78.6-150600.4.35.1 * glib2-debugsource-2.78.6-150600.4.35.1 * openSUSE Leap 15.6 (x86_64) * libglib-2_0-0-32bit-2.78.6-150600.4.35.1 * libgmodule-2_0-0-32bit-debuginfo-2.78.6-150600.4.35.1 * libgthread-2_0-0-32bit-2.78.6-150600.4.35.1 * libglib-2_0-0-32bit-debuginfo-2.78.6-150600.4.35.1 * libgmodule-2_0-0-32bit-2.78.6-150600.4.35.1 * glib2-devel-32bit-2.78.6-150600.4.35.1 * libgio-2_0-0-32bit-2.78.6-150600.4.35.1 * glib2-tools-32bit-debuginfo-2.78.6-150600.4.35.1 * libgobject-2_0-0-32bit-2.78.6-150600.4.35.1 * libgobject-2_0-0-32bit-debuginfo-2.78.6-150600.4.35.1 * glib2-tools-32bit-2.78.6-150600.4.35.1 * glib2-devel-32bit-debuginfo-2.78.6-150600.4.35.1 * libgio-2_0-0-32bit-debuginfo-2.78.6-150600.4.35.1 * libgthread-2_0-0-32bit-debuginfo-2.78.6-150600.4.35.1 * openSUSE Leap 15.6 (aarch64_ilp32) * glib2-tools-64bit-2.78.6-150600.4.35.1 * libgmodule-2_0-0-64bit-debuginfo-2.78.6-150600.4.35.1 * libgobject-2_0-0-64bit-2.78.6-150600.4.35.1 * libgio-2_0-0-64bit-2.78.6-150600.4.35.1 * glib2-tools-64bit-debuginfo-2.78.6-150600.4.35.1 * libgthread-2_0-0-64bit-2.78.6-150600.4.35.1 * glib2-devel-64bit-debuginfo-2.78.6-150600.4.35.1 * glib2-devel-64bit-2.78.6-150600.4.35.1 * libgio-2_0-0-64bit-debuginfo-2.78.6-150600.4.35.1 * libglib-2_0-0-64bit-2.78.6-150600.4.35.1 * libgobject-2_0-0-64bit-debuginfo-2.78.6-150600.4.35.1 * libgthread-2_0-0-64bit-debuginfo-2.78.6-150600.4.35.1 * libglib-2_0-0-64bit-debuginfo-2.78.6-150600.4.35.1 * libgmodule-2_0-0-64bit-2.78.6-150600.4.35.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * glib2-tools-2.78.6-150600.4.35.1 * libgio-2_0-0-debuginfo-2.78.6-150600.4.35.1 * libgmodule-2_0-0-debuginfo-2.78.6-150600.4.35.1 * libgthread-2_0-0-debuginfo-2.78.6-150600.4.35.1 * libgobject-2_0-0-debuginfo-2.78.6-150600.4.35.1 * libgio-2_0-0-2.78.6-150600.4.35.1 * libgmodule-2_0-0-2.78.6-150600.4.35.1 * libgobject-2_0-0-2.78.6-150600.4.35.1 * libgthread-2_0-0-2.78.6-150600.4.35.1 * libglib-2_0-0-2.78.6-150600.4.35.1 * glib2-devel-2.78.6-150600.4.35.1 * glib2-tools-debuginfo-2.78.6-150600.4.35.1 * libglib-2_0-0-debuginfo-2.78.6-150600.4.35.1 * glib2-devel-debuginfo-2.78.6-150600.4.35.1 * glib2-debugsource-2.78.6-150600.4.35.1 * Basesystem Module 15-SP7 (noarch) * glib2-lang-2.78.6-150600.4.35.1 * Basesystem Module 15-SP7 (x86_64) * libglib-2_0-0-32bit-2.78.6-150600.4.35.1 * libgmodule-2_0-0-32bit-debuginfo-2.78.6-150600.4.35.1 * libglib-2_0-0-32bit-debuginfo-2.78.6-150600.4.35.1 * libgmodule-2_0-0-32bit-2.78.6-150600.4.35.1 * libgio-2_0-0-32bit-2.78.6-150600.4.35.1 * libgobject-2_0-0-32bit-2.78.6-150600.4.35.1 * libgobject-2_0-0-32bit-debuginfo-2.78.6-150600.4.35.1 * libgio-2_0-0-32bit-debuginfo-2.78.6-150600.4.35.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * glib2-tools-2.78.6-150600.4.35.1 * libgio-2_0-0-debuginfo-2.78.6-150600.4.35.1 * libgmodule-2_0-0-debuginfo-2.78.6-150600.4.35.1 * libgthread-2_0-0-debuginfo-2.78.6-150600.4.35.1 * libgobject-2_0-0-debuginfo-2.78.6-150600.4.35.1 * libgio-2_0-0-2.78.6-150600.4.35.1 * libgmodule-2_0-0-2.78.6-150600.4.35.1 * libgobject-2_0-0-2.78.6-150600.4.35.1 * libgthread-2_0-0-2.78.6-150600.4.35.1 * libglib-2_0-0-2.78.6-150600.4.35.1 * glib2-devel-2.78.6-150600.4.35.1 * glib2-tools-debuginfo-2.78.6-150600.4.35.1 * libglib-2_0-0-debuginfo-2.78.6-150600.4.35.1 * glib2-devel-debuginfo-2.78.6-150600.4.35.1 * glib2-debugsource-2.78.6-150600.4.35.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch) * glib2-lang-2.78.6-150600.4.35.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (x86_64) * libglib-2_0-0-32bit-2.78.6-150600.4.35.1 * libgmodule-2_0-0-32bit-debuginfo-2.78.6-150600.4.35.1 * libglib-2_0-0-32bit-debuginfo-2.78.6-150600.4.35.1 * libgmodule-2_0-0-32bit-2.78.6-150600.4.35.1 * libgio-2_0-0-32bit-2.78.6-150600.4.35.1 * libgobject-2_0-0-32bit-2.78.6-150600.4.35.1 * libgobject-2_0-0-32bit-debuginfo-2.78.6-150600.4.35.1 * libgio-2_0-0-32bit-debuginfo-2.78.6-150600.4.35.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * glib2-tools-2.78.6-150600.4.35.1 * libgio-2_0-0-debuginfo-2.78.6-150600.4.35.1 * libgmodule-2_0-0-debuginfo-2.78.6-150600.4.35.1 * libgthread-2_0-0-debuginfo-2.78.6-150600.4.35.1 * libgobject-2_0-0-debuginfo-2.78.6-150600.4.35.1 * libgio-2_0-0-2.78.6-150600.4.35.1 * libgmodule-2_0-0-2.78.6-150600.4.35.1 * libgobject-2_0-0-2.78.6-150600.4.35.1 * libgthread-2_0-0-2.78.6-150600.4.35.1 * libglib-2_0-0-2.78.6-150600.4.35.1 * glib2-devel-2.78.6-150600.4.35.1 * glib2-tools-debuginfo-2.78.6-150600.4.35.1 * libglib-2_0-0-debuginfo-2.78.6-150600.4.35.1 * glib2-devel-debuginfo-2.78.6-150600.4.35.1 * glib2-debugsource-2.78.6-150600.4.35.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch) * glib2-lang-2.78.6-150600.4.35.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (x86_64) * libglib-2_0-0-32bit-2.78.6-150600.4.35.1 * libgmodule-2_0-0-32bit-debuginfo-2.78.6-150600.4.35.1 * libglib-2_0-0-32bit-debuginfo-2.78.6-150600.4.35.1 * libgmodule-2_0-0-32bit-2.78.6-150600.4.35.1 * libgio-2_0-0-32bit-2.78.6-150600.4.35.1 * libgobject-2_0-0-32bit-2.78.6-150600.4.35.1 * libgobject-2_0-0-32bit-debuginfo-2.78.6-150600.4.35.1 * libgio-2_0-0-32bit-debuginfo-2.78.6-150600.4.35.1 ## References: * https://www.suse.com/security/cve/CVE-2026-1484.html * https://www.suse.com/security/cve/CVE-2026-1485.html * https://www.suse.com/security/cve/CVE-2026-1489.html * https://bugzilla.suse.com/show_bug.cgi?id=1257353 * https://bugzilla.suse.com/show_bug.cgi?id=1257354 * https://bugzilla.suse.com/show_bug.cgi?id=1257355 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Feb 4 12:30:28 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 04 Feb 2026 12:30:28 -0000 Subject: SUSE-SU-2026:0372-1: important: Security update for glib2 Message-ID: <177020822854.28709.5120478760291402232@smelt2.prg2.suse.org> # Security update for glib2 Announcement ID: SUSE-SU-2026:0372-1 Release Date: 2026-02-04T01:43:47Z Rating: important References: * bsc#1257353 * bsc#1257354 * bsc#1257355 Cross-References: * CVE-2026-1484 * CVE-2026-1485 * CVE-2026-1489 CVSS scores: * CVE-2026-1484 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-1484 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-1484 ( NVD ): 4.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L * CVE-2026-1485 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-1485 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-1485 ( NVD ): 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2026-1489 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-1489 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-1489 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for glib2 fixes the following issues: * CVE-2026-1485: Fixed buffer underflow and out-of-bounds access due to integer wraparound in content type parsing (bsc#1257354). * CVE-2026-1484: Fixed buffer underflow and out-of-bounds access due to miscalculated buffer boundaries in the Base64 encoding routine (bsc#1257355). * CVE-2026-1489: Fixed undersized heap allocation followed by out-of-bounds access due to integer overflow in Unicode case conversion (bsc#1257353). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2026-372=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-372=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libglib-2_0-0-debuginfo-2.48.2-12.58.1 * libglib-2_0-0-2.48.2-12.58.1 * libgmodule-2_0-0-2.48.2-12.58.1 * glib2-devel-debuginfo-2.48.2-12.58.1 * glib2-tools-debuginfo-2.48.2-12.58.1 * libgthread-2_0-0-2.48.2-12.58.1 * libgthread-2_0-0-debuginfo-2.48.2-12.58.1 * glib2-debugsource-2.48.2-12.58.1 * glib2-devel-static-2.48.2-12.58.1 * libgobject-2_0-0-debuginfo-2.48.2-12.58.1 * libgio-2_0-0-2.48.2-12.58.1 * glib2-devel-2.48.2-12.58.1 * libgio-2_0-0-debuginfo-2.48.2-12.58.1 * libgmodule-2_0-0-debuginfo-2.48.2-12.58.1 * glib2-tools-2.48.2-12.58.1 * libgobject-2_0-0-2.48.2-12.58.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * glib2-lang-2.48.2-12.58.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x x86_64) * libgmodule-2_0-0-debuginfo-32bit-2.48.2-12.58.1 * libglib-2_0-0-32bit-2.48.2-12.58.1 * libgthread-2_0-0-32bit-2.48.2-12.58.1 * libgmodule-2_0-0-32bit-2.48.2-12.58.1 * libgthread-2_0-0-debuginfo-32bit-2.48.2-12.58.1 * libglib-2_0-0-debuginfo-32bit-2.48.2-12.58.1 * libgio-2_0-0-debuginfo-32bit-2.48.2-12.58.1 * libgobject-2_0-0-debuginfo-32bit-2.48.2-12.58.1 * libgobject-2_0-0-32bit-2.48.2-12.58.1 * libgio-2_0-0-32bit-2.48.2-12.58.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libglib-2_0-0-debuginfo-2.48.2-12.58.1 * glib2-devel-debuginfo-2.48.2-12.58.1 * glib2-tools-debuginfo-2.48.2-12.58.1 * libgthread-2_0-0-debuginfo-32bit-2.48.2-12.58.1 * libgobject-2_0-0-32bit-2.48.2-12.58.1 * libgmodule-2_0-0-debuginfo-2.48.2-12.58.1 * libgthread-2_0-0-32bit-2.48.2-12.58.1 * libglib-2_0-0-debuginfo-32bit-2.48.2-12.58.1 * libgobject-2_0-0-debuginfo-32bit-2.48.2-12.58.1 * libgio-2_0-0-debuginfo-2.48.2-12.58.1 * libgmodule-2_0-0-2.48.2-12.58.1 * libgio-2_0-0-32bit-2.48.2-12.58.1 * libglib-2_0-0-2.48.2-12.58.1 * libgthread-2_0-0-2.48.2-12.58.1 * libgthread-2_0-0-debuginfo-2.48.2-12.58.1 * glib2-debugsource-2.48.2-12.58.1 * libgmodule-2_0-0-32bit-2.48.2-12.58.1 * glib2-devel-static-2.48.2-12.58.1 * libgio-2_0-0-debuginfo-32bit-2.48.2-12.58.1 * libgio-2_0-0-2.48.2-12.58.1 * libgobject-2_0-0-2.48.2-12.58.1 * libgmodule-2_0-0-debuginfo-32bit-2.48.2-12.58.1 * libglib-2_0-0-32bit-2.48.2-12.58.1 * glib2-devel-2.48.2-12.58.1 * glib2-tools-2.48.2-12.58.1 * libgobject-2_0-0-debuginfo-2.48.2-12.58.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * glib2-lang-2.48.2-12.58.1 ## References: * https://www.suse.com/security/cve/CVE-2026-1484.html * https://www.suse.com/security/cve/CVE-2026-1485.html * https://www.suse.com/security/cve/CVE-2026-1489.html * https://bugzilla.suse.com/show_bug.cgi?id=1257353 * https://bugzilla.suse.com/show_bug.cgi?id=1257354 * https://bugzilla.suse.com/show_bug.cgi?id=1257355 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Feb 4 16:30:13 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 04 Feb 2026 16:30:13 -0000 Subject: SUSE-SU-2026:20211-1: important: Security update for openssl-3 Message-ID: <177022261309.28774.14806183377559935760@smelt2.prg2.suse.org> # Security update for openssl-3 Announcement ID: SUSE-SU-2026:20211-1 Release Date: 2026-02-02T13:05:58Z Rating: important References: * bsc#1256829 * bsc#1256830 * bsc#1256831 * bsc#1256832 * bsc#1256833 * bsc#1256834 * bsc#1256835 * bsc#1256836 * bsc#1256837 * bsc#1256838 * bsc#1256839 * bsc#1256840 * bsc#1257274 Cross-References: * CVE-2025-11187 * CVE-2025-15467 * CVE-2025-15468 * CVE-2025-15469 * CVE-2025-66199 * CVE-2025-68160 * CVE-2025-69418 * CVE-2025-69419 * CVE-2025-69420 * CVE-2025-69421 * CVE-2026-22795 * CVE-2026-22796 CVSS scores: * CVE-2025-11187 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-11187 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-11187 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H * CVE-2025-15467 ( SUSE ): 9.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-15467 ( SUSE ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-15467 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-15468 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-15468 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-15468 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-15469 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-15469 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2025-15469 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2025-66199 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-66199 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-66199 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68160 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68160 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68160 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-69418 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-69418 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-69418 ( NVD ): 4.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-69419 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-69419 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-69419 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2025-69420 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-69420 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-69420 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-69421 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-69421 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-69421 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-22795 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-22795 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-22795 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-22796 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-22796 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Micro 6.2 An update that solves 12 vulnerabilities and has one fix can now be installed. ## Description: This update for openssl-3 fixes the following issues: Security fixes: * CVE-2025-11187: Improper validation of PBMAC1 parameters in PKCS#12 MAC verification (bsc#1256829). * CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing (bsc#1256830). * CVE-2025-15468: NULL dereference in SSL_CIPHER_find() function on unknown cipher ID (bsc#1256831). * CVE-2025-15469: "openssl dgst" one-shot codepath silently truncates inputs >16MB (bsc#1256832). * CVE-2025-66199: TLS 1.3 CompressedCertificate excessive memory allocation (bsc#1256833). * CVE-2025-68160: Heap out-of-bounds write in BIO_f_linebuffer on short writes (bsc#1256834). * CVE-2025-69418: Unauthenticated/unencrypted trailing bytes with low-level OCB function calls (bsc#1256835). * CVE-2025-69419: Out of bounds write in PKCS12_get_friendlyname() UTF-8 conversion (bsc#1256836). * CVE-2025-69420: Missing ASN1_TYPE validation in TS_RESP_verify_response() function (bsc#1256837). * CVE-2025-69421: NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex function (bsc#1256838). * CVE-2026-22795: Missing ASN1_TYPE validation in PKCS#12 parsing (bsc#1256839). * CVE-2026-22796: ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes() function (bsc#1256840). Other fixes: * Enable livepatching support for ppc64le (bsc#1257274). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-237=1 ## Package List: * SUSE Linux Micro 6.2 (aarch64 ppc64le s390x x86_64) * libopenssl3-debuginfo-3.5.0-160000.5.1 * libopenssl3-3.5.0-160000.5.1 * libopenssl-3-fips-provider-debuginfo-3.5.0-160000.5.1 * openssl-3-3.5.0-160000.5.1 * openssl-3-debugsource-3.5.0-160000.5.1 * openssl-3-debuginfo-3.5.0-160000.5.1 * libopenssl-3-fips-provider-3.5.0-160000.5.1 * libopenssl-3-devel-3.5.0-160000.5.1 ## References: * https://www.suse.com/security/cve/CVE-2025-11187.html * https://www.suse.com/security/cve/CVE-2025-15467.html * https://www.suse.com/security/cve/CVE-2025-15468.html * https://www.suse.com/security/cve/CVE-2025-15469.html * https://www.suse.com/security/cve/CVE-2025-66199.html * https://www.suse.com/security/cve/CVE-2025-68160.html * https://www.suse.com/security/cve/CVE-2025-69418.html * https://www.suse.com/security/cve/CVE-2025-69419.html * https://www.suse.com/security/cve/CVE-2025-69420.html * https://www.suse.com/security/cve/CVE-2025-69421.html * https://www.suse.com/security/cve/CVE-2026-22795.html * https://www.suse.com/security/cve/CVE-2026-22796.html * https://bugzilla.suse.com/show_bug.cgi?id=1256829 * https://bugzilla.suse.com/show_bug.cgi?id=1256830 * https://bugzilla.suse.com/show_bug.cgi?id=1256831 * https://bugzilla.suse.com/show_bug.cgi?id=1256832 * https://bugzilla.suse.com/show_bug.cgi?id=1256833 * https://bugzilla.suse.com/show_bug.cgi?id=1256834 * https://bugzilla.suse.com/show_bug.cgi?id=1256835 * https://bugzilla.suse.com/show_bug.cgi?id=1256836 * https://bugzilla.suse.com/show_bug.cgi?id=1256837 * https://bugzilla.suse.com/show_bug.cgi?id=1256838 * https://bugzilla.suse.com/show_bug.cgi?id=1256839 * https://bugzilla.suse.com/show_bug.cgi?id=1256840 * https://bugzilla.suse.com/show_bug.cgi?id=1257274 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Feb 4 16:30:17 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 04 Feb 2026 16:30:17 -0000 Subject: SUSE-SU-2026:20210-1: important: Security update for glib2 Message-ID: <177022261763.28774.12872033645267029378@smelt2.prg2.suse.org> # Security update for glib2 Announcement ID: SUSE-SU-2026:20210-1 Release Date: 2026-02-02T12:36:59Z Rating: important References: * bsc#1257049 * bsc#1257353 * bsc#1257354 * bsc#1257355 Cross-References: * CVE-2026-0988 * CVE-2026-1484 * CVE-2026-1485 * CVE-2026-1489 CVSS scores: * CVE-2026-0988 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-0988 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-0988 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-1484 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-1484 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-1484 ( NVD ): 4.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L * CVE-2026-1485 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-1485 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-1485 ( NVD ): 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2026-1489 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-1489 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-1489 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L Affected Products: * SUSE Linux Micro 6.2 An update that solves four vulnerabilities can now be installed. ## Description: This update for glib2 fixes the following issues: * CVE-2026-1485: Fixed buffer underflow and out-of-bounds access due to integer wraparound in content type parsing (bsc#1257354). * CVE-2026-1484: Fixed buffer underflow and out-of-bounds access due to miscalculated buffer boundaries in the Base64 encoding routine (bsc#1257355). * CVE-2026-1489: Fixed undersized heap allocation followed by out-of-bounds access due to integer overflow in Unicode case conversion (bsc#1257353). * CVE-2026-0988: Fixed a potential integer overflow in g_buffered_input_stream_peek (bsc#1257049). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-235=1 ## Package List: * SUSE Linux Micro 6.2 (aarch64 ppc64le s390x x86_64) * libgmodule-2_0-0-2.84.4-160000.2.1 * libgirepository-2_0-0-2.84.4-160000.2.1 * libglib-2_0-0-2.84.4-160000.2.1 * libglib-2_0-0-debuginfo-2.84.4-160000.2.1 * typelib-1_0-GObject-2_0-2.84.4-160000.2.1 * libgio-2_0-0-2.84.4-160000.2.1 * libgobject-2_0-0-debuginfo-2.84.4-160000.2.1 * glib2-debugsource-2.84.4-160000.2.1 * typelib-1_0-Gio-2_0-2.84.4-160000.2.1 * libgirepository-2_0-0-debuginfo-2.84.4-160000.2.1 * libgobject-2_0-0-2.84.4-160000.2.1 * libgmodule-2_0-0-debuginfo-2.84.4-160000.2.1 * glib2-tools-debuginfo-2.84.4-160000.2.1 * typelib-1_0-GLib-2_0-2.84.4-160000.2.1 * typelib-1_0-GModule-2_0-2.84.4-160000.2.1 * glib2-tools-2.84.4-160000.2.1 * libgio-2_0-0-debuginfo-2.84.4-160000.2.1 ## References: * https://www.suse.com/security/cve/CVE-2026-0988.html * https://www.suse.com/security/cve/CVE-2026-1484.html * https://www.suse.com/security/cve/CVE-2026-1485.html * https://www.suse.com/security/cve/CVE-2026-1489.html * https://bugzilla.suse.com/show_bug.cgi?id=1257049 * https://bugzilla.suse.com/show_bug.cgi?id=1257353 * https://bugzilla.suse.com/show_bug.cgi?id=1257354 * https://bugzilla.suse.com/show_bug.cgi?id=1257355 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Feb 4 16:30:20 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 04 Feb 2026 16:30:20 -0000 Subject: SUSE-SU-2026:20209-1: moderate: Security update for dpdk Message-ID: <177022262061.28774.9893939979354437278@smelt2.prg2.suse.org> # Security update for dpdk Announcement ID: SUSE-SU-2026:20209-1 Release Date: 2026-02-02T10:23:38Z Rating: moderate References: * bsc#1247389 * bsc#1254161 Cross-References: * CVE-2025-23259 CVSS scores: * CVE-2025-23259 ( SUSE ): 7.0 CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-23259 ( SUSE ): 6.3 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-23259 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H Affected Products: * SUSE Linux Micro 6.2 An update that solves one vulnerability and has one fix can now be installed. ## Description: This update for dpdk fixes the following issues: Update to version 24.11.4. Security issues fixed: * CVE-2025-23259: issue in the Poll Mode Driver (PMD) allows an attacker on a VM in the system to leak information and cause a denial of service on the network interface (bsc#1254161). Other issues fixed: * Remove obsolete build option -Denable_kmods. * Add "which" as a build requirement. * Drop pesign and needssslcertforbuild because we don't build a kmp anymore (bsc#1247389). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-233=1 ## Package List: * SUSE Linux Micro 6.2 (aarch64 ppc64le x86_64) * dpdk-24.11.4-160000.1.1 * dpdk-debugsource-24.11.4-160000.1.1 * libdpdk-25-24.11.4-160000.1.1 * libdpdk-25-debuginfo-24.11.4-160000.1.1 * dpdk-debuginfo-24.11.4-160000.1.1 * SUSE Linux Micro 6.2 (noarch) * dpdk-tools-24.11.4-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-23259.html * https://bugzilla.suse.com/show_bug.cgi?id=1247389 * https://bugzilla.suse.com/show_bug.cgi?id=1254161 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Feb 4 16:33:20 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 04 Feb 2026 16:33:20 -0000 Subject: SUSE-SU-2026:20207-1: important: Security update for the Linux Kernel Message-ID: <177022280087.28774.10037356207924195692@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:20207-1 Release Date: 2026-02-02T09:44:21Z Rating: important References: * bsc#1205462 * bsc#1214285 * bsc#1243112 * bsc#1245193 * bsc#1247500 * bsc#1250388 * bsc#1252046 * bsc#1252861 * bsc#1253155 * bsc#1253238 * bsc#1253262 * bsc#1253365 * bsc#1253400 * bsc#1253413 * bsc#1253414 * bsc#1253442 * bsc#1253458 * bsc#1253623 * bsc#1253674 * bsc#1253739 * bsc#1254126 * bsc#1254128 * bsc#1254195 * bsc#1254244 * bsc#1254363 * bsc#1254378 * bsc#1254408 * bsc#1254477 * bsc#1254510 * bsc#1254518 * bsc#1254519 * bsc#1254520 * bsc#1254615 * bsc#1254616 * bsc#1254618 * bsc#1254621 * bsc#1254624 * bsc#1254791 * bsc#1254793 * bsc#1254794 * bsc#1254795 * bsc#1254796 * bsc#1254797 * bsc#1254798 * bsc#1254808 * bsc#1254809 * bsc#1254813 * bsc#1254815 * bsc#1254821 * bsc#1254824 * bsc#1254825 * bsc#1254827 * bsc#1254828 * bsc#1254829 * bsc#1254830 * bsc#1254832 * bsc#1254835 * bsc#1254840 * bsc#1254843 * bsc#1254846 * bsc#1254847 * bsc#1254849 * bsc#1254850 * bsc#1254851 * bsc#1254852 * bsc#1254854 * bsc#1254856 * bsc#1254858 * bsc#1254860 * bsc#1254861 * bsc#1254864 * bsc#1254868 * bsc#1254869 * bsc#1254871 * bsc#1254894 * bsc#1254957 * bsc#1254959 * bsc#1254961 * bsc#1254964 * bsc#1254996 * bsc#1255026 * bsc#1255030 * bsc#1255034 * bsc#1255035 * bsc#1255039 * bsc#1255040 * bsc#1255041 * bsc#1255042 * bsc#1255057 * bsc#1255058 * bsc#1255064 * bsc#1255065 * bsc#1255068 * bsc#1255071 * bsc#1255072 * bsc#1255075 * bsc#1255077 * bsc#1255081 * bsc#1255082 * bsc#1255083 * bsc#1255087 * bsc#1255092 * bsc#1255094 * bsc#1255095 * bsc#1255097 * bsc#1255099 * bsc#1255103 * bsc#1255116 * bsc#1255120 * bsc#1255121 * bsc#1255122 * bsc#1255124 * bsc#1255131 * bsc#1255134 * bsc#1255135 * bsc#1255136 * bsc#1255138 * bsc#1255140 * bsc#1255142 * bsc#1255145 * bsc#1255146 * bsc#1255149 * bsc#1255150 * bsc#1255152 * bsc#1255154 * bsc#1255155 * bsc#1255156 * bsc#1255161 * bsc#1255167 * bsc#1255169 * bsc#1255171 * bsc#1255175 * bsc#1255179 * bsc#1255181 * bsc#1255182 * bsc#1255186 * bsc#1255187 * bsc#1255190 * bsc#1255193 * bsc#1255196 * bsc#1255197 * bsc#1255199 * bsc#1255202 * bsc#1255203 * bsc#1255206 * bsc#1255209 * bsc#1255218 * bsc#1255220 * bsc#1255221 * bsc#1255223 * bsc#1255226 * bsc#1255227 * bsc#1255228 * bsc#1255230 * bsc#1255231 * bsc#1255233 * bsc#1255234 * bsc#1255242 * bsc#1255243 * bsc#1255246 * bsc#1255247 * bsc#1255251 * bsc#1255252 * bsc#1255253 * bsc#1255255 * bsc#1255256 * bsc#1255259 * bsc#1255260 * bsc#1255261 * bsc#1255262 * bsc#1255272 * bsc#1255273 * bsc#1255274 * bsc#1255276 * bsc#1255279 * bsc#1255297 * bsc#1255312 * bsc#1255316 * bsc#1255318 * bsc#1255325 * bsc#1255329 * bsc#1255346 * bsc#1255349 * bsc#1255351 * bsc#1255354 * bsc#1255357 * bsc#1255377 * bsc#1255379 * bsc#1255380 * bsc#1255395 * bsc#1255401 * bsc#1255415 * bsc#1255428 * bsc#1255433 * bsc#1255434 * bsc#1255480 * bsc#1255483 * bsc#1255488 * bsc#1255489 * bsc#1255493 * bsc#1255495 * bsc#1255505 * bsc#1255507 * bsc#1255508 * bsc#1255509 * bsc#1255533 * bsc#1255541 * bsc#1255550 * bsc#1255552 * bsc#1255553 * bsc#1255567 * bsc#1255580 * bsc#1255601 * bsc#1255603 * bsc#1255611 * bsc#1255614 * bsc#1255672 * bsc#1255688 * bsc#1255698 * bsc#1255706 * bsc#1255707 * bsc#1255709 * bsc#1255722 * bsc#1255723 * bsc#1255724 * bsc#1255812 * bsc#1255813 * bsc#1255814 * bsc#1255816 * bsc#1255931 * bsc#1255932 * bsc#1255934 * bsc#1255943 * bsc#1255944 * bsc#1256238 * bsc#1256495 * bsc#1256606 * bsc#1256794 * jsc#PED-12745 * jsc#PED-14344 * jsc#PED-14571 Cross-References: * CVE-2025-38704 * CVE-2025-39880 * CVE-2025-39977 * CVE-2025-40042 * CVE-2025-40123 * CVE-2025-40130 * CVE-2025-40160 * CVE-2025-40167 * CVE-2025-40170 * CVE-2025-40179 * CVE-2025-40190 * CVE-2025-40209 * CVE-2025-40211 * CVE-2025-40212 * CVE-2025-40213 * CVE-2025-40214 * CVE-2025-40215 * CVE-2025-40218 * CVE-2025-40219 * CVE-2025-40220 * CVE-2025-40221 * CVE-2025-40223 * CVE-2025-40225 * CVE-2025-40226 * CVE-2025-40231 * CVE-2025-40233 * CVE-2025-40235 * CVE-2025-40237 * CVE-2025-40238 * CVE-2025-40239 * CVE-2025-40240 * CVE-2025-40242 * CVE-2025-40246 * CVE-2025-40248 * CVE-2025-40250 * CVE-2025-40251 * CVE-2025-40252 * CVE-2025-40254 * CVE-2025-40255 * CVE-2025-40256 * CVE-2025-40258 * CVE-2025-40262 * CVE-2025-40263 * CVE-2025-40264 * CVE-2025-40266 * CVE-2025-40268 * CVE-2025-40269 * CVE-2025-40271 * CVE-2025-40272 * CVE-2025-40273 * CVE-2025-40274 * CVE-2025-40275 * CVE-2025-40276 * CVE-2025-40277 * CVE-2025-40278 * CVE-2025-40279 * CVE-2025-40280 * CVE-2025-40282 * CVE-2025-40283 * CVE-2025-40284 * CVE-2025-40287 * CVE-2025-40288 * CVE-2025-40289 * CVE-2025-40292 * CVE-2025-40293 * CVE-2025-40294 * CVE-2025-40297 * CVE-2025-40301 * CVE-2025-40302 * CVE-2025-40303 * CVE-2025-40304 * CVE-2025-40307 * CVE-2025-40308 * CVE-2025-40309 * CVE-2025-40310 * CVE-2025-40311 * CVE-2025-40314 * CVE-2025-40315 * CVE-2025-40316 * CVE-2025-40317 * CVE-2025-40318 * CVE-2025-40319 * CVE-2025-40320 * CVE-2025-40321 * CVE-2025-40322 * CVE-2025-40323 * CVE-2025-40324 * CVE-2025-40328 * CVE-2025-40329 * CVE-2025-40330 * CVE-2025-40331 * CVE-2025-40332 * CVE-2025-40337 * CVE-2025-40338 * CVE-2025-40339 * CVE-2025-40340 * CVE-2025-40342 * CVE-2025-40343 * CVE-2025-40344 * CVE-2025-40345 * CVE-2025-40346 * CVE-2025-40347 * CVE-2025-40350 * CVE-2025-40353 * CVE-2025-40354 * CVE-2025-40355 * CVE-2025-40357 * CVE-2025-40359 * CVE-2025-40360 * CVE-2025-40362 * CVE-2025-68167 * CVE-2025-68170 * CVE-2025-68171 * CVE-2025-68172 * CVE-2025-68176 * CVE-2025-68180 * CVE-2025-68181 * CVE-2025-68183 * CVE-2025-68184 * CVE-2025-68185 * CVE-2025-68190 * CVE-2025-68192 * CVE-2025-68194 * CVE-2025-68195 * CVE-2025-68197 * CVE-2025-68198 * CVE-2025-68201 * CVE-2025-68202 * CVE-2025-68206 * CVE-2025-68207 * CVE-2025-68208 * CVE-2025-68209 * CVE-2025-68210 * CVE-2025-68213 * CVE-2025-68215 * CVE-2025-68217 * CVE-2025-68222 * CVE-2025-68223 * CVE-2025-68230 * CVE-2025-68233 * CVE-2025-68235 * CVE-2025-68237 * CVE-2025-68238 * CVE-2025-68239 * CVE-2025-68242 * CVE-2025-68244 * CVE-2025-68249 * CVE-2025-68252 * CVE-2025-68254 * CVE-2025-68255 * CVE-2025-68256 * CVE-2025-68257 * CVE-2025-68258 * CVE-2025-68259 * CVE-2025-68264 * CVE-2025-68283 * CVE-2025-68284 * CVE-2025-68285 * CVE-2025-68286 * CVE-2025-68287 * CVE-2025-68289 * CVE-2025-68290 * CVE-2025-68293 * CVE-2025-68298 * CVE-2025-68301 * CVE-2025-68302 * CVE-2025-68303 * CVE-2025-68305 * CVE-2025-68306 * CVE-2025-68307 * CVE-2025-68308 * CVE-2025-68311 * CVE-2025-68312 * CVE-2025-68313 * CVE-2025-68317 * CVE-2025-68327 * CVE-2025-68328 * CVE-2025-68330 * CVE-2025-68331 * CVE-2025-68332 * CVE-2025-68335 * CVE-2025-68339 * CVE-2025-68340 * CVE-2025-68342 * CVE-2025-68343 * CVE-2025-68344 * CVE-2025-68345 * CVE-2025-68346 * CVE-2025-68347 * CVE-2025-68351 * CVE-2025-68352 * CVE-2025-68353 * CVE-2025-68354 * CVE-2025-68362 * CVE-2025-68363 * CVE-2025-68378 * CVE-2025-68380 * CVE-2025-68724 * CVE-2025-68732 * CVE-2025-68736 * CVE-2025-68740 * CVE-2025-68742 * CVE-2025-68744 * CVE-2025-68746 * CVE-2025-68747 * CVE-2025-68748 * CVE-2025-68749 * CVE-2025-68750 * CVE-2025-68753 * CVE-2025-68757 * CVE-2025-68758 * CVE-2025-68759 * CVE-2025-68765 * CVE-2025-68766 * CVE-2025-71096 CVSS scores: * CVE-2025-38704 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38704 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-39880 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-39880 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40042 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40123 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40123 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40130 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40130 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40160 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-40160 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-40167 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40167 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40170 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40170 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-40179 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40179 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40190 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-40190 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-40209 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40209 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40211 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40211 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-40212 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40212 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40213 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-40213 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-40214 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40214 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40215 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40215 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40218 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40219 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-40219 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-40220 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-40220 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-40221 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40221 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-40223 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40225 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40226 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40231 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40233 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40235 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40237 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40238 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40239 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40240 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40242 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40242 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40246 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40248 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40250 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40251 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40252 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40254 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40255 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40256 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40258 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40258 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40262 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40263 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40263 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40264 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40266 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-40266 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L * CVE-2025-40268 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40268 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40269 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40269 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40271 ( SUSE ): 5.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H * CVE-2025-40272 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40273 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40274 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40275 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40276 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40277 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40278 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40279 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-40279 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2025-40280 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40280 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40282 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40282 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40283 ( SUSE ): 7.0 CVSS:4.0/AV:P/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40283 ( SUSE ): 6.6 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40284 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40284 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40287 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40288 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40288 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40289 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40289 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40292 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40292 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H * CVE-2025-40293 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40293 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40294 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-40294 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2025-40297 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40297 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40301 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-40301 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2025-40302 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40302 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-40303 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-40303 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-40304 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40304 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40307 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40307 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40308 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40308 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40309 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40309 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40310 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40310 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40311 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-40311 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-40314 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-40314 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-40315 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40315 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40316 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40317 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40318 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40319 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40320 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40321 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40322 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40322 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-40323 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40323 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40324 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40328 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40329 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40330 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40331 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40332 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40332 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40337 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40338 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-40338 ( SUSE ): 5.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H * CVE-2025-40339 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40340 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-40342 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40342 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40343 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40343 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40344 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40345 ( SUSE ): 7.0 CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40345 ( SUSE ): 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40346 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40346 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40347 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40350 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40353 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-40353 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-40354 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40354 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40355 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40357 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-40357 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-40359 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-40359 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-40360 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40360 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40362 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40362 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-68167 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68167 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68170 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68171 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68172 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68176 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68180 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68181 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68183 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-68183 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-68184 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68184 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68185 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68185 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68190 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68190 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68192 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68194 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68194 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68195 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68197 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68198 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68201 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68201 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68202 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68202 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68206 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68206 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68207 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68208 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68208 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H * CVE-2025-68209 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68210 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68213 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68215 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68217 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68222 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68223 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-68223 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-68230 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68230 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68233 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68235 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68237 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68238 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68239 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68242 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68244 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68249 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68252 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68254 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68254 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68255 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-68255 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-68256 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68256 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68257 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68258 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68259 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68264 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-68264 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-68283 ( SUSE ): 5.9 CVSS:4.0/AV:A/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68283 ( SUSE ): 6.4 CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-68284 ( SUSE ): 7.0 CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-68284 ( SUSE ): 7.3 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-68285 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-68285 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-68286 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68287 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68289 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68290 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68293 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68298 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68301 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68302 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68303 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68305 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68305 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68306 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68306 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68307 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-68307 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-68308 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68308 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68311 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68311 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68312 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68312 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68313 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-68313 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-68317 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-68317 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2025-68327 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68327 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68328 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-68328 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-68330 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68330 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68331 ( SUSE ): 5.4 CVSS:4.0/AV:P/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-68331 ( SUSE ): 6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-68332 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68335 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68339 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-68339 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-68340 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-68340 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-68342 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68342 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-68343 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68343 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-68344 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-68344 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-68345 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68346 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68347 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-68347 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-68351 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68352 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68353 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68353 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68354 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68362 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68363 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68378 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68380 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68724 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68732 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-68732 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-68736 ( SUSE ): 7.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-68736 ( SUSE ): 5.7 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N * CVE-2025-68740 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68740 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68742 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68742 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68744 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68744 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68746 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68746 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68747 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-68747 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-68748 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-68748 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-68749 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68749 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68750 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-68750 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-68753 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-68753 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2025-68757 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68757 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68758 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-68758 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-68759 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68759 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68765 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68765 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68766 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-68766 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-71096 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-71096 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H Affected Products: * SUSE Linux Micro 6.2 * SUSE Linux Micro Extras 6.2 An update that solves 215 vulnerabilities, contains three features and has 23 fixes can now be installed. ## Description: The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: * CVE-2025-38704: rcu/nocb: Fix possible invalid rdp's->nocb_cb_kthread pointer (bsc#1254408). * CVE-2025-39880: ceph: fix race condition validating r_parent before applying state (bsc#1250388). * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252046). * CVE-2025-40042: tracing: Fix race condition in kprobe initialization causing NULL pointer dereference (bsc#1252861). * CVE-2025-40123: bpf: Enforce expected_attach_type for tailcall compatibility (bsc#1253365). * CVE-2025-40130: scsi: ufs: core: Fix data race in CPU latency PM QoS request handling * CVE-2025-40160: xen/events: Cleanup find_virq() return codes (bsc#1253400). * CVE-2025-40167: ext4: detect invalid INLINE_DATA + EXTENTS flag combination (bsc#1253458). * CVE-2025-40170: net: use dst_dev_rcu() in sk_setup_caps() (bsc#1253413). * CVE-2025-40179: ext4: verify orphan file size is not too big (bsc#1253442). * CVE-2025-40190: ext4: guard against EA inode refcount underflow in xattr update (bsc#1253623). * CVE-2025-40214: af_unix: Initialise scc_index in unix_add_edge() (bsc#1254961). * CVE-2025-40215: xfrm: delete x->tunnel as we delete x (bsc#1254959). * CVE-2025-40218: mm/damon/vaddr: do not repeat pte_offset_map_lock() until success (bsc#1254964). * CVE-2025-40220: fuse: fix livelock in synchronous file put from fuseblk workers (bsc#1254520). * CVE-2025-40231: vsock: fix lock inversion in vsock_assign_transport() (bsc#1254815). * CVE-2025-40233: ocfs2: clear extent cache after moving/defragmenting extents (bsc#1254813). * CVE-2025-40237: fs/notify: call exportfs_encode_fid with s_umount (bsc#1254809). * CVE-2025-40238: net/mlx5: Fix IPsec cleanup over MPV device (bsc#1254871). * CVE-2025-40239: net: phy: micrel: always set shared->phydev for LAN8814 (bsc#1254868). * CVE-2025-40242: gfs2: Fix unlikely race in gdlm_put_lock (bsc#1255075). * CVE-2025-40246: xfs: fix out of bounds memory read error in symlink repair (bsc#1254861). * CVE-2025-40248: vsock: Ignore signal/timeout on connect() if already established (bsc#1254864). * CVE-2025-40250: net/mlx5: Clean up only new IRQ glue on request_irq() failure (bsc#1254854). * CVE-2025-40251: devlink: rate: Unset parent pointer in devl_rate_nodes_destroy (bsc#1254856). * CVE-2025-40252: net: qlogic/qede: fix potential out-of-bounds read in qede_tpa_cont() and qede_tpa_end() (bsc#1254849). * CVE-2025-40254: net: openvswitch: remove never-working support for setting nsh fields (bsc#1254852). * CVE-2025-40255: net: core: prevent NULL deref in generic_hwtstamp_ioctl_lower() (bsc#1255156). * CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1254843). * CVE-2025-40264: be2net: pass wrb_params in case of OS2BMC (bsc#1254835). * CVE-2025-40268: cifs: client: fix memory leak in smb3_fs_context_parse_param (bsc#1255082). * CVE-2025-40271: fs/proc: fix uaf in proc_readdir_de() (bsc#1255297). * CVE-2025-40274: KVM: guest_memfd: Remove bindings on memslot deletion when gmem is dying (bsc#1254830). * CVE-2025-40276: drm/panthor: Flush shmem writes before mapping buffers CPU- uncached (bsc#1254824). * CVE-2025-40278: net: sched: act_ife: initialize struct tc_ife to fix KMSAN kernel-infoleak (bsc#1254825). * CVE-2025-40279: net: sched: act_connmark: initialize struct tc_ife to fix kernel leak (bsc#1254846). * CVE-2025-40280: tipc: Fix use-after-free in tipc_mon_reinit_self() (bsc#1254847). * CVE-2025-40292: virtio-net: fix received length check in big packets (bsc#1255175). * CVE-2025-40293: iommufd: Don't overflow during division for dirty tracking (bsc#1255179). * CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255187). * CVE-2025-40319: bpf: Sync pending IRQ work before freeing ring buffer (bsc#1254794). * CVE-2025-40328: smb: client: fix potential UAF in smb2_close_cached_fid() (bsc#1254624). * CVE-2025-40330: bnxt_en: Shutdown FW DMA in bnxt_shutdown() (bsc#1254616). * CVE-2025-40331: sctp: Prevent TOCTOU out-of-bounds write (bsc#1254615). * CVE-2025-40338: ASoC: Intel: avs: Do not share the name pointer between components (bsc#1255273). * CVE-2025-40346: arch_topology: Fix incorrect error check in topology_parse_cpu_capacity() (bsc#1255318). * CVE-2025-40347: net: enetc: fix the deadlock of enetc_mdio_lock (bsc#1255262). * CVE-2025-40350: net/mlx5e: RX, Fix generating skb from non-linear xdp_buff for striding RQ (bsc#1255260). * CVE-2025-40355: sysfs: check visibility before changing group attribute ownership (bsc#1255261). * CVE-2025-40357: net/smc: fix general protection fault in __smc_diag_dump (bsc#1255097). * CVE-2025-40359: perf/x86/intel: Fix KASAN global-out-of-bounds warning (bsc#1255087). * CVE-2025-40362: ceph: fix multifs mds auth caps issue (bsc#1255103). * CVE-2025-68171: x86/fpu: Ensure XFD state on signal delivery (bsc#1255255). * CVE-2025-68197: bnxt_en: Fix null pointer dereference in bnxt_bs_trace_check_wrap() (bsc#1255242). * CVE-2025-68198: crash: fix crashkernel resource shrink (bsc#1255243). * CVE-2025-68202: sched_ext: Fix unsafe locking in the scx_dump_state() (bsc#1255223). * CVE-2025-68206: netfilter: nft_ct: add seqadj extension for natted connections (bsc#1255142). * CVE-2025-68208: bpf: account for current allocated stack depth in widen_imprecise_scalars() (bsc#1255227). * CVE-2025-68209: mlx5: Fix default values in create CQ (bsc#1255230). * CVE-2025-68215: ice: fix PTP cleanup on driver removal in error path (bsc#1255226). * CVE-2025-68239: binfmt_misc: restore write access before closing files opened by open_exec() (bsc#1255272). * CVE-2025-68259: KVM: SVM: Don't skip unrelated instruction if INT3/INTO is replaced (bsc#1255199). * CVE-2025-68264: ext4: refresh inline data size before write operations (bsc#1255380). * CVE-2025-68283: libceph: replace BUG_ON with bounds check for map->max_osd (bsc#1255379). * CVE-2025-68284: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (bsc#1255377). * CVE-2025-68285: libceph: fix potential use-after-free in have_mon_and_osd_map() (bsc#1255401). * CVE-2025-68293: mm/huge_memory: fix NULL pointer deference when splitting folio (bsc#1255150). * CVE-2025-68301: net: atlantic: fix fragment overflow handling in RX path (bsc#1255120). * CVE-2025-68302: net: sxgbe: fix potential NULL dereference in sxgbe_rx() (bsc#1255121). * CVE-2025-68317: io_uring/zctx: check chained notif contexts (bsc#1255354). * CVE-2025-68340: team: Move team device type change at the end of team_port_add (bsc#1255507). * CVE-2025-68353: net: vxlan: prevent NULL deref in vxlan_xmit_one (bsc#1255533). * CVE-2025-68363: bpf: Check skb->transport_header is set in bpf_skb_check_mtu (bsc#1255552). * CVE-2025-68378: bpf: Refactor stack map trace depth calculation into helper function (bsc#1255614). * CVE-2025-68736: landlock: Optimize file path walks and prepare for audit support (bsc#1255698). * CVE-2025-68742: bpf: Fix invalid prog->stats access when update_effective_progs fails (bsc#1255707). * CVE-2025-68744: bpf: Free special fields when update [lru_,]percpu_hash maps (bsc#1255709). * CVE-2025-71096: RDMA/core: Check for the presence of LS_NLA_TYPE_DGID correctly (bsc#1256606). The following non security issues were fixed: * KVM: SEV: Drop GHCB_VERSION_DEFAULT and open code it (bsc#1255672). * Set HZ=1000 for ppc64 default configuration (jsc#PED-14344) * bpf: Do not limit bpf_cgroup_from_id to current's namespace (bsc#1255433). * btrfs: handle aligned EOF truncation correctly for subpage cases (bsc#1253238). * cgroup: rstat: use LOCK CMPXCHG in css_rstat_updated (bsc#1255434). * cifs: update dstaddr whenever channel iface is updated (git-fixes). * cpuidle: menu: Use residency threshold in polling state override decisions (bsc#1255026). * cpuset: fix warning when disabling remote partition (bsc#1256794). * ext4: use optimized mballoc scanning regardless of inode format (bsc#1254378). * net: usb: pegasus: fix memory leak in update_eth_regs_async() (git-fixes). * netdevsim: print human readable IP address (bsc#1255071). * powerpc/eeh: fix recursive pci_lock_rescan_remove locking in EEH event handling (bsc#1253262 ltc#216029). * powerpc/kexec: Enable SMT before waking offline CPUs (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes bsc#1253739 ltc#211493 bsc#1254244 ltc#216496). * sched: Increase sched_tick_remote timeout (bsc#1254510). * selftests: net: fib-onlink-tests: Set high metric for default IPv6 route (bsc#1255346). * selftests: net: use slowwait to make sure IPv6 setup finished (bsc#1255349). * selftests: net: use slowwait to stabilize vrf_route_leaking test (bsc#1255349). * serial: xilinx_uartps: Use helper function hrtimer_update_function() (stable-fixes). * supported.conf: Mark lan 743x supported (jsc#PED-14571) * tick/sched: Limit non-timekeeper CPUs calling jiffies update (bsc#1254477). * wifi: ath10k: Avoid vdev delete timeout when firmware is already down (stable-fixes). * x86/microcode/AMD: Fix Entrysign revision check for Zen5/Strix Halo (bsc#1256495). * x86/microcode/AMD: Make __verify_patch_size() return bool (bsc#1256495). * x86/microcode/AMD: Remove bogus comment from parse_container() (bsc#1256495). * x86/microcode/AMD: Select which microcode patch to load (bsc#1256495). * x86/microcode/AMD: Use sha256() instead of init/update/final (bsc#1256495). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-230=1 * SUSE Linux Micro Extras 6.2 zypper in -t patch SUSE-SL-Micro-6.2-230=1 ## Package List: * SUSE Linux Micro 6.2 (aarch64 ppc64le s390x x86_64) * kernel-default-debugsource-6.12.0-160000.9.1 * kernel-default-extra-6.12.0-160000.9.1 * kernel-default-devel-6.12.0-160000.9.1 * kernel-default-extra-debuginfo-6.12.0-160000.9.1 * kernel-default-debuginfo-6.12.0-160000.9.1 * SUSE Linux Micro 6.2 (noarch) * kernel-macros-6.12.0-160000.9.1 * kernel-devel-6.12.0-160000.9.1 * kernel-source-6.12.0-160000.9.1 * SUSE Linux Micro 6.2 (aarch64 ppc64le x86_64) * kernel-default-base-6.12.0-160000.9.1.160000.2.6 * SUSE Linux Micro 6.2 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-6.12.0-160000.9.1 * SUSE Linux Micro 6.2 (x86_64) * kernel-default-devel-debuginfo-6.12.0-160000.9.1 * kernel-rt-devel-debuginfo-6.12.0-160000.9.1 * kernel-rt-livepatch-6.12.0-160000.9.1 * SUSE Linux Micro 6.2 (ppc64le s390x x86_64) * kernel-default-livepatch-6.12.0-160000.9.1 * SUSE Linux Micro 6.2 (aarch64 nosrc x86_64) * kernel-rt-6.12.0-160000.9.1 * SUSE Linux Micro 6.2 (aarch64 x86_64) * kernel-rt-debugsource-6.12.0-160000.9.1 * kernel-rt-debuginfo-6.12.0-160000.9.1 * kernel-rt-devel-6.12.0-160000.9.1 * SUSE Linux Micro 6.2 (aarch64 nosrc) * kernel-64kb-6.12.0-160000.9.1 * SUSE Linux Micro 6.2 (aarch64) * kernel-64kb-devel-6.12.0-160000.9.1 * kernel-64kb-debugsource-6.12.0-160000.9.1 * kernel-64kb-debuginfo-6.12.0-160000.9.1 * SUSE Linux Micro Extras 6.2 (aarch64 ppc64le s390x x86_64) * kernel-syms-6.12.0-160000.9.1 * kernel-obs-build-debugsource-6.12.0-160000.9.1 * kernel-obs-build-6.12.0-160000.9.1 ## References: * https://www.suse.com/security/cve/CVE-2025-38704.html * https://www.suse.com/security/cve/CVE-2025-39880.html * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-40042.html * https://www.suse.com/security/cve/CVE-2025-40123.html * https://www.suse.com/security/cve/CVE-2025-40130.html * https://www.suse.com/security/cve/CVE-2025-40160.html * https://www.suse.com/security/cve/CVE-2025-40167.html * https://www.suse.com/security/cve/CVE-2025-40170.html * https://www.suse.com/security/cve/CVE-2025-40179.html * https://www.suse.com/security/cve/CVE-2025-40190.html * https://www.suse.com/security/cve/CVE-2025-40209.html * https://www.suse.com/security/cve/CVE-2025-40211.html * https://www.suse.com/security/cve/CVE-2025-40212.html * https://www.suse.com/security/cve/CVE-2025-40213.html * https://www.suse.com/security/cve/CVE-2025-40214.html * https://www.suse.com/security/cve/CVE-2025-40215.html * https://www.suse.com/security/cve/CVE-2025-40218.html * https://www.suse.com/security/cve/CVE-2025-40219.html * https://www.suse.com/security/cve/CVE-2025-40220.html * https://www.suse.com/security/cve/CVE-2025-40221.html * https://www.suse.com/security/cve/CVE-2025-40223.html * https://www.suse.com/security/cve/CVE-2025-40225.html * https://www.suse.com/security/cve/CVE-2025-40226.html * https://www.suse.com/security/cve/CVE-2025-40231.html * https://www.suse.com/security/cve/CVE-2025-40233.html * https://www.suse.com/security/cve/CVE-2025-40235.html * https://www.suse.com/security/cve/CVE-2025-40237.html * https://www.suse.com/security/cve/CVE-2025-40238.html * https://www.suse.com/security/cve/CVE-2025-40239.html * https://www.suse.com/security/cve/CVE-2025-40240.html * https://www.suse.com/security/cve/CVE-2025-40242.html * https://www.suse.com/security/cve/CVE-2025-40246.html * https://www.suse.com/security/cve/CVE-2025-40248.html * https://www.suse.com/security/cve/CVE-2025-40250.html * https://www.suse.com/security/cve/CVE-2025-40251.html * https://www.suse.com/security/cve/CVE-2025-40252.html * https://www.suse.com/security/cve/CVE-2025-40254.html * https://www.suse.com/security/cve/CVE-2025-40255.html * https://www.suse.com/security/cve/CVE-2025-40256.html * https://www.suse.com/security/cve/CVE-2025-40258.html * https://www.suse.com/security/cve/CVE-2025-40262.html * https://www.suse.com/security/cve/CVE-2025-40263.html * https://www.suse.com/security/cve/CVE-2025-40264.html * https://www.suse.com/security/cve/CVE-2025-40266.html * https://www.suse.com/security/cve/CVE-2025-40268.html * https://www.suse.com/security/cve/CVE-2025-40269.html * https://www.suse.com/security/cve/CVE-2025-40271.html * https://www.suse.com/security/cve/CVE-2025-40272.html * https://www.suse.com/security/cve/CVE-2025-40273.html * https://www.suse.com/security/cve/CVE-2025-40274.html * https://www.suse.com/security/cve/CVE-2025-40275.html * https://www.suse.com/security/cve/CVE-2025-40276.html * https://www.suse.com/security/cve/CVE-2025-40277.html * https://www.suse.com/security/cve/CVE-2025-40278.html * https://www.suse.com/security/cve/CVE-2025-40279.html * https://www.suse.com/security/cve/CVE-2025-40280.html * https://www.suse.com/security/cve/CVE-2025-40282.html * https://www.suse.com/security/cve/CVE-2025-40283.html * https://www.suse.com/security/cve/CVE-2025-40284.html * https://www.suse.com/security/cve/CVE-2025-40287.html * https://www.suse.com/security/cve/CVE-2025-40288.html * https://www.suse.com/security/cve/CVE-2025-40289.html * https://www.suse.com/security/cve/CVE-2025-40292.html * https://www.suse.com/security/cve/CVE-2025-40293.html * https://www.suse.com/security/cve/CVE-2025-40294.html * https://www.suse.com/security/cve/CVE-2025-40297.html * https://www.suse.com/security/cve/CVE-2025-40301.html * https://www.suse.com/security/cve/CVE-2025-40302.html * https://www.suse.com/security/cve/CVE-2025-40303.html * https://www.suse.com/security/cve/CVE-2025-40304.html * https://www.suse.com/security/cve/CVE-2025-40307.html * https://www.suse.com/security/cve/CVE-2025-40308.html * https://www.suse.com/security/cve/CVE-2025-40309.html * https://www.suse.com/security/cve/CVE-2025-40310.html * https://www.suse.com/security/cve/CVE-2025-40311.html * https://www.suse.com/security/cve/CVE-2025-40314.html * https://www.suse.com/security/cve/CVE-2025-40315.html * https://www.suse.com/security/cve/CVE-2025-40316.html * https://www.suse.com/security/cve/CVE-2025-40317.html * https://www.suse.com/security/cve/CVE-2025-40318.html * https://www.suse.com/security/cve/CVE-2025-40319.html * https://www.suse.com/security/cve/CVE-2025-40320.html * https://www.suse.com/security/cve/CVE-2025-40321.html * https://www.suse.com/security/cve/CVE-2025-40322.html * https://www.suse.com/security/cve/CVE-2025-40323.html * https://www.suse.com/security/cve/CVE-2025-40324.html * https://www.suse.com/security/cve/CVE-2025-40328.html * https://www.suse.com/security/cve/CVE-2025-40329.html * https://www.suse.com/security/cve/CVE-2025-40330.html * https://www.suse.com/security/cve/CVE-2025-40331.html * https://www.suse.com/security/cve/CVE-2025-40332.html * https://www.suse.com/security/cve/CVE-2025-40337.html * https://www.suse.com/security/cve/CVE-2025-40338.html * https://www.suse.com/security/cve/CVE-2025-40339.html * https://www.suse.com/security/cve/CVE-2025-40340.html * https://www.suse.com/security/cve/CVE-2025-40342.html * https://www.suse.com/security/cve/CVE-2025-40343.html * https://www.suse.com/security/cve/CVE-2025-40344.html * https://www.suse.com/security/cve/CVE-2025-40345.html * https://www.suse.com/security/cve/CVE-2025-40346.html * https://www.suse.com/security/cve/CVE-2025-40347.html * https://www.suse.com/security/cve/CVE-2025-40350.html * https://www.suse.com/security/cve/CVE-2025-40353.html * https://www.suse.com/security/cve/CVE-2025-40354.html * https://www.suse.com/security/cve/CVE-2025-40355.html * https://www.suse.com/security/cve/CVE-2025-40357.html * https://www.suse.com/security/cve/CVE-2025-40359.html * https://www.suse.com/security/cve/CVE-2025-40360.html * https://www.suse.com/security/cve/CVE-2025-40362.html * https://www.suse.com/security/cve/CVE-2025-68167.html * https://www.suse.com/security/cve/CVE-2025-68170.html * https://www.suse.com/security/cve/CVE-2025-68171.html * https://www.suse.com/security/cve/CVE-2025-68172.html * https://www.suse.com/security/cve/CVE-2025-68176.html * https://www.suse.com/security/cve/CVE-2025-68180.html * https://www.suse.com/security/cve/CVE-2025-68181.html * https://www.suse.com/security/cve/CVE-2025-68183.html * https://www.suse.com/security/cve/CVE-2025-68184.html * https://www.suse.com/security/cve/CVE-2025-68185.html * https://www.suse.com/security/cve/CVE-2025-68190.html * https://www.suse.com/security/cve/CVE-2025-68192.html * https://www.suse.com/security/cve/CVE-2025-68194.html * https://www.suse.com/security/cve/CVE-2025-68195.html * https://www.suse.com/security/cve/CVE-2025-68197.html * https://www.suse.com/security/cve/CVE-2025-68198.html * https://www.suse.com/security/cve/CVE-2025-68201.html * https://www.suse.com/security/cve/CVE-2025-68202.html * https://www.suse.com/security/cve/CVE-2025-68206.html * https://www.suse.com/security/cve/CVE-2025-68207.html * https://www.suse.com/security/cve/CVE-2025-68208.html * https://www.suse.com/security/cve/CVE-2025-68209.html * https://www.suse.com/security/cve/CVE-2025-68210.html * https://www.suse.com/security/cve/CVE-2025-68213.html * https://www.suse.com/security/cve/CVE-2025-68215.html * https://www.suse.com/security/cve/CVE-2025-68217.html * https://www.suse.com/security/cve/CVE-2025-68222.html * https://www.suse.com/security/cve/CVE-2025-68223.html * https://www.suse.com/security/cve/CVE-2025-68230.html * https://www.suse.com/security/cve/CVE-2025-68233.html * https://www.suse.com/security/cve/CVE-2025-68235.html * https://www.suse.com/security/cve/CVE-2025-68237.html * https://www.suse.com/security/cve/CVE-2025-68238.html * https://www.suse.com/security/cve/CVE-2025-68239.html * https://www.suse.com/security/cve/CVE-2025-68242.html * https://www.suse.com/security/cve/CVE-2025-68244.html * https://www.suse.com/security/cve/CVE-2025-68249.html * https://www.suse.com/security/cve/CVE-2025-68252.html * https://www.suse.com/security/cve/CVE-2025-68254.html * https://www.suse.com/security/cve/CVE-2025-68255.html * https://www.suse.com/security/cve/CVE-2025-68256.html * https://www.suse.com/security/cve/CVE-2025-68257.html * https://www.suse.com/security/cve/CVE-2025-68258.html * https://www.suse.com/security/cve/CVE-2025-68259.html * https://www.suse.com/security/cve/CVE-2025-68264.html * https://www.suse.com/security/cve/CVE-2025-68283.html * https://www.suse.com/security/cve/CVE-2025-68284.html * https://www.suse.com/security/cve/CVE-2025-68285.html * https://www.suse.com/security/cve/CVE-2025-68286.html * https://www.suse.com/security/cve/CVE-2025-68287.html * https://www.suse.com/security/cve/CVE-2025-68289.html * https://www.suse.com/security/cve/CVE-2025-68290.html * https://www.suse.com/security/cve/CVE-2025-68293.html * https://www.suse.com/security/cve/CVE-2025-68298.html * https://www.suse.com/security/cve/CVE-2025-68301.html * https://www.suse.com/security/cve/CVE-2025-68302.html * https://www.suse.com/security/cve/CVE-2025-68303.html * https://www.suse.com/security/cve/CVE-2025-68305.html * https://www.suse.com/security/cve/CVE-2025-68306.html * https://www.suse.com/security/cve/CVE-2025-68307.html * https://www.suse.com/security/cve/CVE-2025-68308.html * https://www.suse.com/security/cve/CVE-2025-68311.html * https://www.suse.com/security/cve/CVE-2025-68312.html * https://www.suse.com/security/cve/CVE-2025-68313.html * https://www.suse.com/security/cve/CVE-2025-68317.html * https://www.suse.com/security/cve/CVE-2025-68327.html * https://www.suse.com/security/cve/CVE-2025-68328.html * https://www.suse.com/security/cve/CVE-2025-68330.html * https://www.suse.com/security/cve/CVE-2025-68331.html * https://www.suse.com/security/cve/CVE-2025-68332.html * https://www.suse.com/security/cve/CVE-2025-68335.html * https://www.suse.com/security/cve/CVE-2025-68339.html * https://www.suse.com/security/cve/CVE-2025-68340.html * https://www.suse.com/security/cve/CVE-2025-68342.html * https://www.suse.com/security/cve/CVE-2025-68343.html * https://www.suse.com/security/cve/CVE-2025-68344.html * https://www.suse.com/security/cve/CVE-2025-68345.html * https://www.suse.com/security/cve/CVE-2025-68346.html * https://www.suse.com/security/cve/CVE-2025-68347.html * https://www.suse.com/security/cve/CVE-2025-68351.html * https://www.suse.com/security/cve/CVE-2025-68352.html * https://www.suse.com/security/cve/CVE-2025-68353.html * https://www.suse.com/security/cve/CVE-2025-68354.html * https://www.suse.com/security/cve/CVE-2025-68362.html * https://www.suse.com/security/cve/CVE-2025-68363.html * https://www.suse.com/security/cve/CVE-2025-68378.html * https://www.suse.com/security/cve/CVE-2025-68380.html * https://www.suse.com/security/cve/CVE-2025-68724.html * https://www.suse.com/security/cve/CVE-2025-68732.html * https://www.suse.com/security/cve/CVE-2025-68736.html * https://www.suse.com/security/cve/CVE-2025-68740.html * https://www.suse.com/security/cve/CVE-2025-68742.html * https://www.suse.com/security/cve/CVE-2025-68744.html * https://www.suse.com/security/cve/CVE-2025-68746.html * https://www.suse.com/security/cve/CVE-2025-68747.html * https://www.suse.com/security/cve/CVE-2025-68748.html * https://www.suse.com/security/cve/CVE-2025-68749.html * https://www.suse.com/security/cve/CVE-2025-68750.html * https://www.suse.com/security/cve/CVE-2025-68753.html * https://www.suse.com/security/cve/CVE-2025-68757.html * https://www.suse.com/security/cve/CVE-2025-68758.html * https://www.suse.com/security/cve/CVE-2025-68759.html * https://www.suse.com/security/cve/CVE-2025-68765.html * https://www.suse.com/security/cve/CVE-2025-68766.html * https://www.suse.com/security/cve/CVE-2025-71096.html * https://bugzilla.suse.com/show_bug.cgi?id=1205462 * https://bugzilla.suse.com/show_bug.cgi?id=1214285 * https://bugzilla.suse.com/show_bug.cgi?id=1243112 * https://bugzilla.suse.com/show_bug.cgi?id=1245193 * https://bugzilla.suse.com/show_bug.cgi?id=1247500 * https://bugzilla.suse.com/show_bug.cgi?id=1250388 * https://bugzilla.suse.com/show_bug.cgi?id=1252046 * https://bugzilla.suse.com/show_bug.cgi?id=1252861 * https://bugzilla.suse.com/show_bug.cgi?id=1253155 * https://bugzilla.suse.com/show_bug.cgi?id=1253238 * https://bugzilla.suse.com/show_bug.cgi?id=1253262 * https://bugzilla.suse.com/show_bug.cgi?id=1253365 * https://bugzilla.suse.com/show_bug.cgi?id=1253400 * https://bugzilla.suse.com/show_bug.cgi?id=1253413 * https://bugzilla.suse.com/show_bug.cgi?id=1253414 * https://bugzilla.suse.com/show_bug.cgi?id=1253442 * https://bugzilla.suse.com/show_bug.cgi?id=1253458 * https://bugzilla.suse.com/show_bug.cgi?id=1253623 * https://bugzilla.suse.com/show_bug.cgi?id=1253674 * https://bugzilla.suse.com/show_bug.cgi?id=1253739 * https://bugzilla.suse.com/show_bug.cgi?id=1254126 * https://bugzilla.suse.com/show_bug.cgi?id=1254128 * https://bugzilla.suse.com/show_bug.cgi?id=1254195 * https://bugzilla.suse.com/show_bug.cgi?id=1254244 * https://bugzilla.suse.com/show_bug.cgi?id=1254363 * https://bugzilla.suse.com/show_bug.cgi?id=1254378 * https://bugzilla.suse.com/show_bug.cgi?id=1254408 * https://bugzilla.suse.com/show_bug.cgi?id=1254477 * https://bugzilla.suse.com/show_bug.cgi?id=1254510 * https://bugzilla.suse.com/show_bug.cgi?id=1254518 * https://bugzilla.suse.com/show_bug.cgi?id=1254519 * https://bugzilla.suse.com/show_bug.cgi?id=1254520 * https://bugzilla.suse.com/show_bug.cgi?id=1254615 * https://bugzilla.suse.com/show_bug.cgi?id=1254616 * https://bugzilla.suse.com/show_bug.cgi?id=1254618 * https://bugzilla.suse.com/show_bug.cgi?id=1254621 * https://bugzilla.suse.com/show_bug.cgi?id=1254624 * https://bugzilla.suse.com/show_bug.cgi?id=1254791 * https://bugzilla.suse.com/show_bug.cgi?id=1254793 * https://bugzilla.suse.com/show_bug.cgi?id=1254794 * https://bugzilla.suse.com/show_bug.cgi?id=1254795 * https://bugzilla.suse.com/show_bug.cgi?id=1254796 * https://bugzilla.suse.com/show_bug.cgi?id=1254797 * https://bugzilla.suse.com/show_bug.cgi?id=1254798 * https://bugzilla.suse.com/show_bug.cgi?id=1254808 * https://bugzilla.suse.com/show_bug.cgi?id=1254809 * https://bugzilla.suse.com/show_bug.cgi?id=1254813 * https://bugzilla.suse.com/show_bug.cgi?id=1254815 * https://bugzilla.suse.com/show_bug.cgi?id=1254821 * https://bugzilla.suse.com/show_bug.cgi?id=1254824 * https://bugzilla.suse.com/show_bug.cgi?id=1254825 * https://bugzilla.suse.com/show_bug.cgi?id=1254827 * https://bugzilla.suse.com/show_bug.cgi?id=1254828 * https://bugzilla.suse.com/show_bug.cgi?id=1254829 * https://bugzilla.suse.com/show_bug.cgi?id=1254830 * https://bugzilla.suse.com/show_bug.cgi?id=1254832 * https://bugzilla.suse.com/show_bug.cgi?id=1254835 * https://bugzilla.suse.com/show_bug.cgi?id=1254840 * https://bugzilla.suse.com/show_bug.cgi?id=1254843 * https://bugzilla.suse.com/show_bug.cgi?id=1254846 * https://bugzilla.suse.com/show_bug.cgi?id=1254847 * https://bugzilla.suse.com/show_bug.cgi?id=1254849 * https://bugzilla.suse.com/show_bug.cgi?id=1254850 * https://bugzilla.suse.com/show_bug.cgi?id=1254851 * https://bugzilla.suse.com/show_bug.cgi?id=1254852 * https://bugzilla.suse.com/show_bug.cgi?id=1254854 * https://bugzilla.suse.com/show_bug.cgi?id=1254856 * https://bugzilla.suse.com/show_bug.cgi?id=1254858 * https://bugzilla.suse.com/show_bug.cgi?id=1254860 * https://bugzilla.suse.com/show_bug.cgi?id=1254861 * https://bugzilla.suse.com/show_bug.cgi?id=1254864 * https://bugzilla.suse.com/show_bug.cgi?id=1254868 * https://bugzilla.suse.com/show_bug.cgi?id=1254869 * https://bugzilla.suse.com/show_bug.cgi?id=1254871 * https://bugzilla.suse.com/show_bug.cgi?id=1254894 * https://bugzilla.suse.com/show_bug.cgi?id=1254957 * https://bugzilla.suse.com/show_bug.cgi?id=1254959 * https://bugzilla.suse.com/show_bug.cgi?id=1254961 * https://bugzilla.suse.com/show_bug.cgi?id=1254964 * https://bugzilla.suse.com/show_bug.cgi?id=1254996 * https://bugzilla.suse.com/show_bug.cgi?id=1255026 * https://bugzilla.suse.com/show_bug.cgi?id=1255030 * https://bugzilla.suse.com/show_bug.cgi?id=1255034 * https://bugzilla.suse.com/show_bug.cgi?id=1255035 * https://bugzilla.suse.com/show_bug.cgi?id=1255039 * https://bugzilla.suse.com/show_bug.cgi?id=1255040 * https://bugzilla.suse.com/show_bug.cgi?id=1255041 * https://bugzilla.suse.com/show_bug.cgi?id=1255042 * https://bugzilla.suse.com/show_bug.cgi?id=1255057 * https://bugzilla.suse.com/show_bug.cgi?id=1255058 * https://bugzilla.suse.com/show_bug.cgi?id=1255064 * https://bugzilla.suse.com/show_bug.cgi?id=1255065 * https://bugzilla.suse.com/show_bug.cgi?id=1255068 * https://bugzilla.suse.com/show_bug.cgi?id=1255071 * https://bugzilla.suse.com/show_bug.cgi?id=1255072 * https://bugzilla.suse.com/show_bug.cgi?id=1255075 * https://bugzilla.suse.com/show_bug.cgi?id=1255077 * https://bugzilla.suse.com/show_bug.cgi?id=1255081 * https://bugzilla.suse.com/show_bug.cgi?id=1255082 * https://bugzilla.suse.com/show_bug.cgi?id=1255083 * https://bugzilla.suse.com/show_bug.cgi?id=1255087 * https://bugzilla.suse.com/show_bug.cgi?id=1255092 * https://bugzilla.suse.com/show_bug.cgi?id=1255094 * https://bugzilla.suse.com/show_bug.cgi?id=1255095 * https://bugzilla.suse.com/show_bug.cgi?id=1255097 * https://bugzilla.suse.com/show_bug.cgi?id=1255099 * https://bugzilla.suse.com/show_bug.cgi?id=1255103 * https://bugzilla.suse.com/show_bug.cgi?id=1255116 * https://bugzilla.suse.com/show_bug.cgi?id=1255120 * https://bugzilla.suse.com/show_bug.cgi?id=1255121 * https://bugzilla.suse.com/show_bug.cgi?id=1255122 * https://bugzilla.suse.com/show_bug.cgi?id=1255124 * https://bugzilla.suse.com/show_bug.cgi?id=1255131 * https://bugzilla.suse.com/show_bug.cgi?id=1255134 * https://bugzilla.suse.com/show_bug.cgi?id=1255135 * https://bugzilla.suse.com/show_bug.cgi?id=1255136 * https://bugzilla.suse.com/show_bug.cgi?id=1255138 * https://bugzilla.suse.com/show_bug.cgi?id=1255140 * https://bugzilla.suse.com/show_bug.cgi?id=1255142 * https://bugzilla.suse.com/show_bug.cgi?id=1255145 * https://bugzilla.suse.com/show_bug.cgi?id=1255146 * https://bugzilla.suse.com/show_bug.cgi?id=1255149 * https://bugzilla.suse.com/show_bug.cgi?id=1255150 * https://bugzilla.suse.com/show_bug.cgi?id=1255152 * https://bugzilla.suse.com/show_bug.cgi?id=1255154 * https://bugzilla.suse.com/show_bug.cgi?id=1255155 * https://bugzilla.suse.com/show_bug.cgi?id=1255156 * https://bugzilla.suse.com/show_bug.cgi?id=1255161 * https://bugzilla.suse.com/show_bug.cgi?id=1255167 * https://bugzilla.suse.com/show_bug.cgi?id=1255169 * https://bugzilla.suse.com/show_bug.cgi?id=1255171 * https://bugzilla.suse.com/show_bug.cgi?id=1255175 * https://bugzilla.suse.com/show_bug.cgi?id=1255179 * https://bugzilla.suse.com/show_bug.cgi?id=1255181 * https://bugzilla.suse.com/show_bug.cgi?id=1255182 * https://bugzilla.suse.com/show_bug.cgi?id=1255186 * https://bugzilla.suse.com/show_bug.cgi?id=1255187 * https://bugzilla.suse.com/show_bug.cgi?id=1255190 * https://bugzilla.suse.com/show_bug.cgi?id=1255193 * https://bugzilla.suse.com/show_bug.cgi?id=1255196 * https://bugzilla.suse.com/show_bug.cgi?id=1255197 * https://bugzilla.suse.com/show_bug.cgi?id=1255199 * https://bugzilla.suse.com/show_bug.cgi?id=1255202 * https://bugzilla.suse.com/show_bug.cgi?id=1255203 * https://bugzilla.suse.com/show_bug.cgi?id=1255206 * https://bugzilla.suse.com/show_bug.cgi?id=1255209 * https://bugzilla.suse.com/show_bug.cgi?id=1255218 * https://bugzilla.suse.com/show_bug.cgi?id=1255220 * https://bugzilla.suse.com/show_bug.cgi?id=1255221 * https://bugzilla.suse.com/show_bug.cgi?id=1255223 * https://bugzilla.suse.com/show_bug.cgi?id=1255226 * https://bugzilla.suse.com/show_bug.cgi?id=1255227 * https://bugzilla.suse.com/show_bug.cgi?id=1255228 * https://bugzilla.suse.com/show_bug.cgi?id=1255230 * https://bugzilla.suse.com/show_bug.cgi?id=1255231 * https://bugzilla.suse.com/show_bug.cgi?id=1255233 * https://bugzilla.suse.com/show_bug.cgi?id=1255234 * https://bugzilla.suse.com/show_bug.cgi?id=1255242 * https://bugzilla.suse.com/show_bug.cgi?id=1255243 * https://bugzilla.suse.com/show_bug.cgi?id=1255246 * https://bugzilla.suse.com/show_bug.cgi?id=1255247 * https://bugzilla.suse.com/show_bug.cgi?id=1255251 * https://bugzilla.suse.com/show_bug.cgi?id=1255252 * https://bugzilla.suse.com/show_bug.cgi?id=1255253 * https://bugzilla.suse.com/show_bug.cgi?id=1255255 * https://bugzilla.suse.com/show_bug.cgi?id=1255256 * https://bugzilla.suse.com/show_bug.cgi?id=1255259 * https://bugzilla.suse.com/show_bug.cgi?id=1255260 * https://bugzilla.suse.com/show_bug.cgi?id=1255261 * https://bugzilla.suse.com/show_bug.cgi?id=1255262 * https://bugzilla.suse.com/show_bug.cgi?id=1255272 * https://bugzilla.suse.com/show_bug.cgi?id=1255273 * https://bugzilla.suse.com/show_bug.cgi?id=1255274 * https://bugzilla.suse.com/show_bug.cgi?id=1255276 * https://bugzilla.suse.com/show_bug.cgi?id=1255279 * https://bugzilla.suse.com/show_bug.cgi?id=1255297 * https://bugzilla.suse.com/show_bug.cgi?id=1255312 * https://bugzilla.suse.com/show_bug.cgi?id=1255316 * https://bugzilla.suse.com/show_bug.cgi?id=1255318 * https://bugzilla.suse.com/show_bug.cgi?id=1255325 * https://bugzilla.suse.com/show_bug.cgi?id=1255329 * https://bugzilla.suse.com/show_bug.cgi?id=1255346 * https://bugzilla.suse.com/show_bug.cgi?id=1255349 * https://bugzilla.suse.com/show_bug.cgi?id=1255351 * https://bugzilla.suse.com/show_bug.cgi?id=1255354 * https://bugzilla.suse.com/show_bug.cgi?id=1255357 * https://bugzilla.suse.com/show_bug.cgi?id=1255377 * https://bugzilla.suse.com/show_bug.cgi?id=1255379 * https://bugzilla.suse.com/show_bug.cgi?id=1255380 * https://bugzilla.suse.com/show_bug.cgi?id=1255395 * https://bugzilla.suse.com/show_bug.cgi?id=1255401 * https://bugzilla.suse.com/show_bug.cgi?id=1255415 * https://bugzilla.suse.com/show_bug.cgi?id=1255428 * https://bugzilla.suse.com/show_bug.cgi?id=1255433 * https://bugzilla.suse.com/show_bug.cgi?id=1255434 * https://bugzilla.suse.com/show_bug.cgi?id=1255480 * https://bugzilla.suse.com/show_bug.cgi?id=1255483 * https://bugzilla.suse.com/show_bug.cgi?id=1255488 * https://bugzilla.suse.com/show_bug.cgi?id=1255489 * https://bugzilla.suse.com/show_bug.cgi?id=1255493 * https://bugzilla.suse.com/show_bug.cgi?id=1255495 * https://bugzilla.suse.com/show_bug.cgi?id=1255505 * https://bugzilla.suse.com/show_bug.cgi?id=1255507 * https://bugzilla.suse.com/show_bug.cgi?id=1255508 * https://bugzilla.suse.com/show_bug.cgi?id=1255509 * https://bugzilla.suse.com/show_bug.cgi?id=1255533 * https://bugzilla.suse.com/show_bug.cgi?id=1255541 * https://bugzilla.suse.com/show_bug.cgi?id=1255550 * https://bugzilla.suse.com/show_bug.cgi?id=1255552 * https://bugzilla.suse.com/show_bug.cgi?id=1255553 * https://bugzilla.suse.com/show_bug.cgi?id=1255567 * https://bugzilla.suse.com/show_bug.cgi?id=1255580 * https://bugzilla.suse.com/show_bug.cgi?id=1255601 * https://bugzilla.suse.com/show_bug.cgi?id=1255603 * https://bugzilla.suse.com/show_bug.cgi?id=1255611 * https://bugzilla.suse.com/show_bug.cgi?id=1255614 * https://bugzilla.suse.com/show_bug.cgi?id=1255672 * https://bugzilla.suse.com/show_bug.cgi?id=1255688 * https://bugzilla.suse.com/show_bug.cgi?id=1255698 * https://bugzilla.suse.com/show_bug.cgi?id=1255706 * https://bugzilla.suse.com/show_bug.cgi?id=1255707 * https://bugzilla.suse.com/show_bug.cgi?id=1255709 * https://bugzilla.suse.com/show_bug.cgi?id=1255722 * https://bugzilla.suse.com/show_bug.cgi?id=1255723 * https://bugzilla.suse.com/show_bug.cgi?id=1255724 * https://bugzilla.suse.com/show_bug.cgi?id=1255812 * https://bugzilla.suse.com/show_bug.cgi?id=1255813 * https://bugzilla.suse.com/show_bug.cgi?id=1255814 * https://bugzilla.suse.com/show_bug.cgi?id=1255816 * https://bugzilla.suse.com/show_bug.cgi?id=1255931 * https://bugzilla.suse.com/show_bug.cgi?id=1255932 * https://bugzilla.suse.com/show_bug.cgi?id=1255934 * https://bugzilla.suse.com/show_bug.cgi?id=1255943 * https://bugzilla.suse.com/show_bug.cgi?id=1255944 * https://bugzilla.suse.com/show_bug.cgi?id=1256238 * https://bugzilla.suse.com/show_bug.cgi?id=1256495 * https://bugzilla.suse.com/show_bug.cgi?id=1256606 * https://bugzilla.suse.com/show_bug.cgi?id=1256794 * https://jira.suse.com/browse/PED-12745 * https://jira.suse.com/browse/PED-14344 * https://jira.suse.com/browse/PED-14571 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Feb 4 16:33:23 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 04 Feb 2026 16:33:23 -0000 Subject: SUSE-SU-2026:20206-1: moderate: Security update for udisks2 Message-ID: <177022280327.28774.4464502181923861948@smelt2.prg2.suse.org> # Security update for udisks2 Announcement ID: SUSE-SU-2026:20206-1 Release Date: 2026-01-30T14:28:06Z Rating: moderate References: * bsc#1248502 Cross-References: * CVE-2025-8067 CVSS scores: * CVE-2025-8067 ( SUSE ): 8.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H * CVE-2025-8067 ( NVD ): 8.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H Affected Products: * SUSE Linux Micro 6.2 An update that solves one vulnerability can now be installed. ## Description: This update for udisks2 fixes the following issues: * CVE-2025-8067: Fixed a missing bounds check that could lead to out-of-bounds read in udisks daemon (bsc#1248502). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-226=1 ## Package List: * SUSE Linux Micro 6.2 (aarch64 ppc64le s390x x86_64) * libudisks2-0_btrfs-2.10.1-160000.3.1 * libudisks2-0-2.10.1-160000.3.1 * libudisks2-0_lvm2-2.10.1-160000.3.1 * libudisks2-0_lvm2-debuginfo-2.10.1-160000.3.1 * udisks2-debuginfo-2.10.1-160000.3.1 * udisks2-2.10.1-160000.3.1 * libudisks2-0-debuginfo-2.10.1-160000.3.1 * udisks2-debugsource-2.10.1-160000.3.1 * libudisks2-0_btrfs-debuginfo-2.10.1-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-8067.html * https://bugzilla.suse.com/show_bug.cgi?id=1248502 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Feb 4 16:33:27 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 04 Feb 2026 16:33:27 -0000 Subject: SUSE-SU-2026:20205-1: important: Security update for libsoup Message-ID: <177022280715.28774.9391234932360203919@smelt2.prg2.suse.org> # Security update for libsoup Announcement ID: SUSE-SU-2026:20205-1 Release Date: 2026-01-30T14:26:50Z Rating: important References: * bsc#1250562 * bsc#1256399 * bsc#1256418 Cross-References: * CVE-2025-11021 * CVE-2026-0716 * CVE-2026-0719 CVSS scores: * CVE-2025-11021 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-11021 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-11021 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-0716 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-0716 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L * CVE-2026-0716 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2026-0719 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-0719 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-0719 ( NVD ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H Affected Products: * SUSE Linux Micro 6.2 An update that solves three vulnerabilities can now be installed. ## Description: This update for libsoup fixes the following issues: * CVE-2025-11021: Fixed out-of-bounds read in Cookie Date Handling of libsoup HTTP Library (bsc#1250562). * CVE-2026-0719: Fixed stack-based buffer overflow in NTLM authentication can lead to arbitrary code execution (bsc#1256399). * CVE-2026-0716: Fixed improper bounds handling may allow out-of-bounds read (bsc#1256418). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-227=1 ## Package List: * SUSE Linux Micro 6.2 (aarch64 ppc64le s390x x86_64) * libsoup-3_0-0-3.6.5-160000.3.1 * libsoup-3_0-0-debuginfo-3.6.5-160000.3.1 * libsoup-debugsource-3.6.5-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-11021.html * https://www.suse.com/security/cve/CVE-2026-0716.html * https://www.suse.com/security/cve/CVE-2026-0719.html * https://bugzilla.suse.com/show_bug.cgi?id=1250562 * https://bugzilla.suse.com/show_bug.cgi?id=1256399 * https://bugzilla.suse.com/show_bug.cgi?id=1256418 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Feb 4 16:33:29 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 04 Feb 2026 16:33:29 -0000 Subject: SUSE-SU-2026:0381-1: moderate: Security update for abseil-cpp Message-ID: <177022280960.28774.16934533224149690093@smelt2.prg2.suse.org> # Security update for abseil-cpp Announcement ID: SUSE-SU-2026:0381-1 Release Date: 2026-02-04T09:34:54Z Rating: moderate References: * bsc#1237543 Cross-References: * CVE-2025-0838 CVSS scores: * CVE-2025-0838 ( SUSE ): 5.9 CVSS:4.0/AV:A/AC:H/AT:P/PR:L/UI:A/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L * CVE-2025-0838 ( SUSE ): 5.6 CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:L/I:H/A:L * CVE-2025-0838 ( NVD ): 5.9 CVSS:4.0/AV:A/AC:H/AT:P/PR:L/UI:A/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-0838 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves one vulnerability can now be installed. ## Description: This update for abseil-cpp fixes the following issues: Update to 20240116.3 * CVE-2025-0838: Fixed potential integer overflow in hash container create/resize (bsc#1237543). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-381=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-381=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-381=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-381=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * abseil-cpp-debugsource-20240116.3-150500.13.10.1 * libabsl2401_0_0-20240116.3-150500.13.10.1 * abseil-cpp-devel-20240116.3-150500.13.10.1 * libabsl2401_0_0-debuginfo-20240116.3-150500.13.10.1 * openSUSE Leap 15.5 (x86_64) * libabsl2401_0_0-32bit-debuginfo-20240116.3-150500.13.10.1 * libabsl2401_0_0-32bit-20240116.3-150500.13.10.1 * openSUSE Leap 15.5 (aarch64_ilp32) * libabsl2401_0_0-64bit-20240116.3-150500.13.10.1 * libabsl2401_0_0-64bit-debuginfo-20240116.3-150500.13.10.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * abseil-cpp-debugsource-20240116.3-150500.13.10.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * abseil-cpp-debugsource-20240116.3-150500.13.10.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * abseil-cpp-debugsource-20240116.3-150500.13.10.1 * libabsl2401_0_0-20240116.3-150500.13.10.1 ## References: * https://www.suse.com/security/cve/CVE-2025-0838.html * https://bugzilla.suse.com/show_bug.cgi?id=1237543 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Feb 4 20:30:43 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 04 Feb 2026 20:30:43 -0000 Subject: SUSE-SU-2026:0385-1: important: Security update for the Linux Kernel Message-ID: <177023704395.26823.17554631621405636140@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:0385-1 Release Date: 2026-02-04T12:55:08Z Rating: important References: * bsc#1197331 * bsc#1203769 * bsc#1235441 * bsc#1237768 * bsc#1238271 * bsc#1238272 * bsc#1238454 * bsc#1238705 * bsc#1238729 * bsc#1238911 * bsc#1239073 * bsc#1239076 Cross-References: * CVE-2021-47633 * CVE-2022-1048 * CVE-2022-3303 * CVE-2022-49272 * CVE-2022-49288 * CVE-2022-49291 * CVE-2022-49545 * CVE-2022-49733 * CVE-2024-56658 * CVE-2024-57996 * CVE-2025-21718 * CVE-2025-21772 CVSS scores: * CVE-2021-47633 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2021-47633 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2021-47633 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2022-1048 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2022-1048 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-3303 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2022-3303 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-3303 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49272 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49272 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49288 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49288 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49291 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49291 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49291 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49545 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49545 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49545 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49733 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49733 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49733 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56658 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56658 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56658 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56658 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57996 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57996 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57996 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21718 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21718 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21718 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21772 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21772 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21772 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Server 11 SP4 * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE An update that solves 12 vulnerabilities can now be installed. ## Description: The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2021-47633: ath5k: fix OOB in ath5k_eeprom_read_pcal_info_5111 (bsc#1237768). * CVE-2022-49545: ALSA: usb-audio: Cancel pending work at closing a MIDI substream (bsc#1238729). * CVE-2024-56658: net: defer final 'struct net' free in netns dismantle (bsc#1235441). * CVE-2024-57996: net_sched: sch_sfq: do not allow 1 packet limit (bsc#1239076). * CVE-2025-21718: net: rose: fix timer races against user threads (bsc#1239073). * CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238911). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE zypper in -t patch SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2026-385=1 * SUSE Linux Enterprise Server 11 SP4 zypper in -t patch SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2026-385=1 ## Package List: * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE (nosrc x86_64) * kernel-xen-3.0.101-108.180.1 * kernel-ec2-3.0.101-108.180.1 * kernel-trace-3.0.101-108.180.1 * kernel-default-3.0.101-108.180.1 * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE (x86_64) * kernel-ec2-base-3.0.101-108.180.1 * kernel-ec2-debuginfo-3.0.101-108.180.1 * kernel-default-devel-3.0.101-108.180.1 * kernel-xen-debuginfo-3.0.101-108.180.1 * kernel-xen-devel-debuginfo-3.0.101-108.180.1 * kernel-trace-debuginfo-3.0.101-108.180.1 * kernel-trace-debugsource-3.0.101-108.180.1 * kernel-xen-debugsource-3.0.101-108.180.1 * kernel-syms-3.0.101-108.180.1 * kernel-xen-devel-3.0.101-108.180.1 * kernel-trace-base-3.0.101-108.180.1 * kernel-ec2-debugsource-3.0.101-108.180.1 * kernel-xen-base-3.0.101-108.180.1 * kernel-ec2-devel-3.0.101-108.180.1 * kernel-default-base-3.0.101-108.180.1 * kernel-trace-devel-debuginfo-3.0.101-108.180.1 * kernel-trace-devel-3.0.101-108.180.1 * kernel-ec2-devel-debuginfo-3.0.101-108.180.1 * kernel-source-3.0.101-108.180.1 * kernel-default-debugsource-3.0.101-108.180.1 * kernel-default-debuginfo-3.0.101-108.180.1 * kernel-default-devel-debuginfo-3.0.101-108.180.1 * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE (noarch nosrc) * kernel-docs-3.0.101-108.180.1 * SUSE Linux Enterprise Server 11 SP4 (nosrc x86_64) * kernel-xen-3.0.101-108.180.1 * kernel-ec2-3.0.101-108.180.1 * kernel-trace-3.0.101-108.180.1 * kernel-default-3.0.101-108.180.1 * SUSE Linux Enterprise Server 11 SP4 (x86_64) * kernel-ec2-base-3.0.101-108.180.1 * kernel-ec2-debuginfo-3.0.101-108.180.1 * kernel-default-devel-3.0.101-108.180.1 * kernel-xen-debuginfo-3.0.101-108.180.1 * kernel-xen-devel-debuginfo-3.0.101-108.180.1 * kernel-trace-debuginfo-3.0.101-108.180.1 * kernel-trace-debugsource-3.0.101-108.180.1 * kernel-xen-debugsource-3.0.101-108.180.1 * kernel-syms-3.0.101-108.180.1 * kernel-xen-devel-3.0.101-108.180.1 * kernel-trace-base-3.0.101-108.180.1 * kernel-ec2-debugsource-3.0.101-108.180.1 * kernel-xen-base-3.0.101-108.180.1 * kernel-ec2-devel-3.0.101-108.180.1 * kernel-default-base-3.0.101-108.180.1 * kernel-trace-devel-debuginfo-3.0.101-108.180.1 * kernel-trace-devel-3.0.101-108.180.1 * kernel-ec2-devel-debuginfo-3.0.101-108.180.1 * kernel-source-3.0.101-108.180.1 * kernel-default-debugsource-3.0.101-108.180.1 * kernel-default-debuginfo-3.0.101-108.180.1 * kernel-default-devel-debuginfo-3.0.101-108.180.1 * SUSE Linux Enterprise Server 11 SP4 (noarch nosrc) * kernel-docs-3.0.101-108.180.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47633.html * https://www.suse.com/security/cve/CVE-2022-1048.html * https://www.suse.com/security/cve/CVE-2022-3303.html * https://www.suse.com/security/cve/CVE-2022-49272.html * https://www.suse.com/security/cve/CVE-2022-49288.html * https://www.suse.com/security/cve/CVE-2022-49291.html * https://www.suse.com/security/cve/CVE-2022-49545.html * https://www.suse.com/security/cve/CVE-2022-49733.html * https://www.suse.com/security/cve/CVE-2024-56658.html * https://www.suse.com/security/cve/CVE-2024-57996.html * https://www.suse.com/security/cve/CVE-2025-21718.html * https://www.suse.com/security/cve/CVE-2025-21772.html * https://bugzilla.suse.com/show_bug.cgi?id=1197331 * https://bugzilla.suse.com/show_bug.cgi?id=1203769 * https://bugzilla.suse.com/show_bug.cgi?id=1235441 * https://bugzilla.suse.com/show_bug.cgi?id=1237768 * https://bugzilla.suse.com/show_bug.cgi?id=1238271 * https://bugzilla.suse.com/show_bug.cgi?id=1238272 * https://bugzilla.suse.com/show_bug.cgi?id=1238454 * https://bugzilla.suse.com/show_bug.cgi?id=1238705 * https://bugzilla.suse.com/show_bug.cgi?id=1238729 * https://bugzilla.suse.com/show_bug.cgi?id=1238911 * https://bugzilla.suse.com/show_bug.cgi?id=1239073 * https://bugzilla.suse.com/show_bug.cgi?id=1239076 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Feb 4 20:31:17 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 04 Feb 2026 20:31:17 -0000 Subject: SUSE-SU-2026:0384-1: important: Security update for ImageMagick Message-ID: <177023707772.26823.16711305771565318304@smelt2.prg2.suse.org> # Security update for ImageMagick Announcement ID: SUSE-SU-2026:0384-1 Release Date: 2026-02-04T12:46:49Z Rating: important References: * bsc#1256962 * bsc#1256976 * bsc#1257076 Cross-References: * CVE-2026-23874 * CVE-2026-23876 * CVE-2026-23952 CVSS scores: * CVE-2026-23874 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23874 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23874 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23876 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23876 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23876 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23876 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23952 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23952 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23952 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for ImageMagick fixes the following issues: * CVE-2026-23874: manipulation of digital images can lead to stack overflow (bsc#1256976). * CVE-2026-23876: maliciously crafted image can lead to heap buffer overflow (bsc#1256962). * CVE-2026-23952: processing comment tag can cause null pointer dereference (bsc#1257076). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2026-384=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-384=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * ImageMagick-devel-6.8.8.1-71.227.1 * libMagickCore-6_Q16-1-6.8.8.1-71.227.1 * libMagickCore-6_Q16-1-debuginfo-6.8.8.1-71.227.1 * libMagickWand-6_Q16-1-debuginfo-6.8.8.1-71.227.1 * ImageMagick-debugsource-6.8.8.1-71.227.1 * ImageMagick-config-6-SUSE-6.8.8.1-71.227.1 * libMagickWand-6_Q16-1-6.8.8.1-71.227.1 * ImageMagick-debuginfo-6.8.8.1-71.227.1 * ImageMagick-config-6-upstream-6.8.8.1-71.227.1 * libMagick++-devel-6.8.8.1-71.227.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * ImageMagick-devel-6.8.8.1-71.227.1 * libMagickCore-6_Q16-1-6.8.8.1-71.227.1 * libMagickCore-6_Q16-1-debuginfo-6.8.8.1-71.227.1 * libMagickWand-6_Q16-1-debuginfo-6.8.8.1-71.227.1 * ImageMagick-debugsource-6.8.8.1-71.227.1 * ImageMagick-config-6-SUSE-6.8.8.1-71.227.1 * libMagickWand-6_Q16-1-6.8.8.1-71.227.1 * ImageMagick-debuginfo-6.8.8.1-71.227.1 * ImageMagick-config-6-upstream-6.8.8.1-71.227.1 * libMagick++-devel-6.8.8.1-71.227.1 ## References: * https://www.suse.com/security/cve/CVE-2026-23874.html * https://www.suse.com/security/cve/CVE-2026-23876.html * https://www.suse.com/security/cve/CVE-2026-23952.html * https://bugzilla.suse.com/show_bug.cgi?id=1256962 * https://bugzilla.suse.com/show_bug.cgi?id=1256976 * https://bugzilla.suse.com/show_bug.cgi?id=1257076 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Feb 4 20:31:52 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 04 Feb 2026 20:31:52 -0000 Subject: SUSE-SU-2026:0383-1: moderate: Security update for rekor Message-ID: <177023711212.26823.1937086017032302775@smelt2.prg2.suse.org> # Security update for rekor Announcement ID: SUSE-SU-2026:0383-1 Release Date: 2026-02-04T12:46:33Z Rating: moderate References: * bsc#1241153 * bsc#1248910 * jsc#SLE-23476 Cross-References: * CVE-2025-29923 * CVE-2025-58058 CVSS scores: * CVE-2025-29923 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2025-29923 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2025-58058 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-58058 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-58058 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * Basesystem Module 15-SP7 * openSUSE Leap 15.4 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves two vulnerabilities and contains one feature can now be installed. ## Description: This update for rekor fixes the following issues: Security fixes: * CVE-2025-58058: Fixed github.com/ulikunitz/xz leaks memory (bsc#1248910) * CVE-2025-29923: Fixed potential out of order responses when `CLIENT SETINFO` times out during connection establishment (bsc#1241153) Other fixes: * Update to version 1.4.3 * Update to version 1.4.2 * Update to version 1.4.1 (jsc#SLE-23476) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-383=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-383=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2026-383=1 ## Package List: * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * rekor-1.4.3-150400.4.28.1 * rekor-debuginfo-1.4.3-150400.4.28.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * rekor-1.4.3-150400.4.28.1 * rekor-debuginfo-1.4.3-150400.4.28.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * rekor-1.4.3-150400.4.28.1 * rekor-debuginfo-1.4.3-150400.4.28.1 ## References: * https://www.suse.com/security/cve/CVE-2025-29923.html * https://www.suse.com/security/cve/CVE-2025-58058.html * https://bugzilla.suse.com/show_bug.cgi?id=1241153 * https://bugzilla.suse.com/show_bug.cgi?id=1248910 * https://jira.suse.com/browse/SLE-23476 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Feb 4 20:32:27 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 04 Feb 2026 20:32:27 -0000 Subject: SUSE-SU-2026:0382-1: important: Security update for java-1_8_0-ibm Message-ID: <177023714735.26823.15461277242528810505@smelt2.prg2.suse.org> # Security update for java-1_8_0-ibm Announcement ID: SUSE-SU-2026:0382-1 Release Date: 2026-02-04T12:46:02Z Rating: important References: * bsc#1257034 * bsc#1257036 * bsc#1257037 * bsc#1257038 * bsc#1257131 Cross-References: * CVE-2026-21925 * CVE-2026-21932 * CVE-2026-21933 * CVE-2026-21945 CVSS scores: * CVE-2026-21925 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-21925 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-21932 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N * CVE-2026-21932 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N * CVE-2026-21933 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-21933 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-21945 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-21945 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves four vulnerabilities and has one security fix can now be installed. ## Description: This update for java-1_8_0-ibm fixes the following issues: Security fixes: - CVE-2026-21925: Fixed Oracle Java SE component RMI (bsc#1257034) - CVE-2026-21932: Fixed Oracle Java SE component AWT and JavaFX (bsc#1257036) - CVE-2026-21933: Fixed Oracle Java SE component Networking (bsc#1257037) - CVE-2026-21945: Fixed Oracle Java SE component Security (bsc#1257038) Other fixes: * Upgrade to Java 8.0 Service Refresh 8 Fix Pack 60 (bsc#1257131) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-382=1 * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2026-382=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (nosrc x86_64) * java-1_8_0-ibm-1.8.0_sr8.60-30.146.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * java-1_8_0-ibm-devel-1.8.0_sr8.60-30.146.1 * java-1_8_0-ibm-alsa-1.8.0_sr8.60-30.146.1 * java-1_8_0-ibm-plugin-1.8.0_sr8.60-30.146.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (nosrc ppc64le s390x x86_64) * java-1_8_0-ibm-1.8.0_sr8.60-30.146.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (ppc64le s390x x86_64) * java-1_8_0-ibm-devel-1.8.0_sr8.60-30.146.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (x86_64) * java-1_8_0-ibm-plugin-1.8.0_sr8.60-30.146.1 * java-1_8_0-ibm-alsa-1.8.0_sr8.60-30.146.1 ## References: * https://www.suse.com/security/cve/CVE-2026-21925.html * https://www.suse.com/security/cve/CVE-2026-21932.html * https://www.suse.com/security/cve/CVE-2026-21933.html * https://www.suse.com/security/cve/CVE-2026-21945.html * https://bugzilla.suse.com/show_bug.cgi?id=1257034 * https://bugzilla.suse.com/show_bug.cgi?id=1257036 * https://bugzilla.suse.com/show_bug.cgi?id=1257037 * https://bugzilla.suse.com/show_bug.cgi?id=1257038 * https://bugzilla.suse.com/show_bug.cgi?id=1257131 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Feb 5 16:30:09 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 05 Feb 2026 16:30:09 -0000 Subject: SUSE-SU-2026:0388-1: important: Security update for MozillaThunderbird Message-ID: <177030900907.28493.7755802953069732021@smelt2.prg2.suse.org> # Security update for MozillaThunderbird Announcement ID: SUSE-SU-2026:0388-1 Release Date: 2026-02-05T11:14:26Z Rating: important References: * bsc#1257397 Cross-References: * CVE-2026-0818 CVSS scores: * CVE-2026-0818 ( SUSE ): 2.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-0818 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N * CVE-2026-0818 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Linux Enterprise Workstation Extension 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves one vulnerability can now be installed. ## Description: This update for MozillaThunderbird fixes the following issues: Update to Mozilla Thunderbird 140.7.1 MFSA 2026-08 (bsc#1257397): * CVE-2026-0818: CSS-based exfiltration of the content from partially encrypted emails when allowing remote content ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2026-388=1 * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-388=1 * SUSE Linux Enterprise Workstation Extension 15 SP7 zypper in -t patch SUSE-SLE-Product-WE-15-SP7-2026-388=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * MozillaThunderbird-debugsource-140.7.1-150200.8.254.1 * MozillaThunderbird-140.7.1-150200.8.254.1 * MozillaThunderbird-debuginfo-140.7.1-150200.8.254.1 * MozillaThunderbird-translations-other-140.7.1-150200.8.254.1 * MozillaThunderbird-translations-common-140.7.1-150200.8.254.1 * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x) * MozillaThunderbird-debugsource-140.7.1-150200.8.254.1 * MozillaThunderbird-140.7.1-150200.8.254.1 * MozillaThunderbird-debuginfo-140.7.1-150200.8.254.1 * MozillaThunderbird-translations-other-140.7.1-150200.8.254.1 * MozillaThunderbird-translations-common-140.7.1-150200.8.254.1 * SUSE Linux Enterprise Workstation Extension 15 SP7 (x86_64) * MozillaThunderbird-debugsource-140.7.1-150200.8.254.1 * MozillaThunderbird-140.7.1-150200.8.254.1 * MozillaThunderbird-debuginfo-140.7.1-150200.8.254.1 * MozillaThunderbird-translations-other-140.7.1-150200.8.254.1 * MozillaThunderbird-translations-common-140.7.1-150200.8.254.1 ## References: * https://www.suse.com/security/cve/CVE-2026-0818.html * https://bugzilla.suse.com/show_bug.cgi?id=1257397 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Feb 5 16:30:14 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 05 Feb 2026 16:30:14 -0000 Subject: SUSE-SU-2026:0386-1: moderate: Security update for expat Message-ID: <177030901438.28493.9270022613629503287@smelt2.prg2.suse.org> # Security update for expat Announcement ID: SUSE-SU-2026:0386-1 Release Date: 2026-02-05T08:30:37Z Rating: moderate References: * bsc#1257144 * bsc#1257496 Cross-References: * CVE-2026-24515 * CVE-2026-25210 CVSS scores: * CVE-2026-24515 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-24515 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-24515 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-24515 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-25210 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2026-25210 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L * CVE-2026-25210 ( NVD ): 6.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L Affected Products: * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that solves two vulnerabilities can now be installed. ## Description: This update for expat fixes the following issues: * CVE-2026-24515: Fixed a null dereference in XML_ExternalEntityParserCreate. (bsc#1257144) * CVE-2026-25210: Fixed an integer overflow in doContent. (bsc#1257496) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2026-386=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2026-386=1 ## Package List: * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * expat-debuginfo-2.7.1-150000.3.42.1 * expat-debugsource-2.7.1-150000.3.42.1 * libexpat1-debuginfo-2.7.1-150000.3.42.1 * libexpat1-2.7.1-150000.3.42.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * expat-debuginfo-2.7.1-150000.3.42.1 * expat-debugsource-2.7.1-150000.3.42.1 * libexpat1-debuginfo-2.7.1-150000.3.42.1 * libexpat1-2.7.1-150000.3.42.1 ## References: * https://www.suse.com/security/cve/CVE-2026-24515.html * https://www.suse.com/security/cve/CVE-2026-25210.html * https://bugzilla.suse.com/show_bug.cgi?id=1257144 * https://bugzilla.suse.com/show_bug.cgi?id=1257496 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Feb 5 20:30:07 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 05 Feb 2026 20:30:07 -0000 Subject: SUSE-SU-2026:20229-1: critical: Security update for cups Message-ID: <177032340742.6560.16375772904307777181@smelt2.prg2.suse.org> # Security update for cups Announcement ID: SUSE-SU-2026:20229-1 Release Date: 2026-02-04T11:35:17Z Rating: critical References: * bsc#1244057 * bsc#1249049 * bsc#1249128 * bsc#1253783 * bsc#1254353 * jsc#PED-14688 * jsc#PED-14775 Cross-References: * CVE-2025-58060 * CVE-2025-58364 * CVE-2025-58436 * CVE-2025-61915 CVSS scores: * CVE-2025-58060 ( SUSE ): 7.7 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-58060 ( SUSE ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-58060 ( NVD ): 8.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H * CVE-2025-58364 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-58364 ( NVD ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-58436 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-58436 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-58436 ( NVD ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-58436 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-61915 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-61915 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H * CVE-2025-61915 ( NVD ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H * CVE-2025-61915 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.2 An update that solves four vulnerabilities, contains two features and has one fix can now be installed. ## Description: This update for cups fixes the following issues: Update to version 2.4.16. Security issues fixed: * CVE-2025-61915: local denial-of-service via cupsd.conf update and related issues (bsc#1253783). * CVE-2025-58436: slow client communication leads to a possible DoS attack (bsc#1244057). * CVE-2025-58364: unsafe deserialization and validation of printer attributes can cause a null dereference (bsc#1249128). * CVE-2025-58060: authentication bypass with AuthType Negotiate (bsc#1249049). Other updates and bugfixes: * Version upgrade to 2.4.16: * 'cupsUTF8ToCharset' didn't validate 2-byte UTF-8 sequences, potentially reading past the end of the source string (Issue #1438) * The web interface did not support domain usernames fully (Issue #1441) * Fixed an infinite loop issue in the GTK+ print dialog (Issue #1439 boo#1254353) * Fixed stopping scheduler on unknown directive in configuration (Issue #1443) * Fixed packages for Immutable Mode (jsc#PED-14775 from epic jsc#PED-14688) * Version upgrade to 2.4.15: * Fixed potential crash in 'cups-driverd' when there are duplicate PPDs (Issue #1355) * Fixed error recovery when scanning for PPDs in 'cups-driverd' (Issue #1416) * Version upgrade to 2.4.14. * Version upgrade to 2.4.13: * Added 'print-as-raster' printer and job attributes for forcing rasterization (Issue #1282) * Updated documentation (Issue #1086) * Updated IPP backend to try a sanitized user name if the printer/server does not like the value (Issue #1145) * Updated the scheduler to send the "printer-added" or "printer-modified" events whenever an IPP Everywhere PPD is installed (Issue #1244) * Updated the scheduler to send the "printer-modified" event whenever the system default printer is changed (Issue #1246) * Fixed a memory leak in 'httpClose' (Issue #1223) * Fixed missing commas in 'ippCreateRequestedArray' (Issue #1234) * Fixed subscription issues in the scheduler and D-Bus notifier (Issue #1235) * Fixed media-default reporting for custom sizes (Issue #1238) * Fixed support for IPP/PPD options with periods or underscores (Issue #1249) * Fixed parsing of real numbers in PPD compiler source files (Issue #1263) * Fixed scheduler freezing with zombie clients (Issue #1264) * Fixed support for the server name in the ErrorLog filename (Issue #1277) * Fixed job cleanup after daemon restart (Issue #1315) * Fixed handling of buggy DYMO USB printer serial numbers (Issue #1338) * Fixed unreachable block in IPP backend (Issue #1351) * Fixed memory leak in _cupsConvertOptions (Issue #1354) * Version upgrade to 2.4.12: * GnuTLS follows system crypto policies now (Issue #1105) * Added `NoSystem` SSLOptions value (Issue #1130) * Now we raise alert for certificate issues (Issue #1194) * Added Kyocera USB quirk (Issue #1198) * The scheduler now logs a job's debugging history if the backend fails (Issue #1205) * Fixed a potential timing issue with `cupsEnumDests` (Issue #1084) * Fixed a potential "lost PPD" condition in the scheduler (Issue #1109) * Fixed a compressed file error handling bug (Issue #1070) * Fixed a bug in the make-and-model whitespace trimming code (Issue #1096) * Fixed a removal of IPP Everywhere permanent queue if installation failed (Issue #1102) * Fixed `ServerToken None` in scheduler (Issue #1111) * Fixed invalid IPP keyword values created from PPD option names (Issue #1118) * Fixed handling of "media" and "PageSize" in the same print request (Issue #1125) * Fixed client raster printing from macOS (Issue #1143) * Fixed the default User-Agent string. * Fixed a recursion issue in `ippReadIO`. * Fixed handling incorrect radix in `scan_ps()` (Issue #1188) * Fixed validation of dateTime values with time zones more than UTC+11 (Issue #1201) * Fixed attributes returned by the Create-Xxx-Subscriptions requests (Issue #1204) * Fixed `ippDateToTime` when using a non GMT/UTC timezone (Issue #1208) * Fixed `job-completed` event notifications for jobs that are cancelled before started (Issue #1209) * Fixed DNS-SD discovery with `ippfind` (Issue #1211) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-242=1 ## Package List: * SUSE Linux Micro 6.2 (aarch64 ppc64le s390x x86_64) * cups-debugsource-2.4.16-160000.1.1 * cups-debuginfo-2.4.16-160000.1.1 * cups-config-2.4.16-160000.1.1 * libcups2-debuginfo-2.4.16-160000.1.1 * libcups2-2.4.16-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-58060.html * https://www.suse.com/security/cve/CVE-2025-58364.html * https://www.suse.com/security/cve/CVE-2025-58436.html * https://www.suse.com/security/cve/CVE-2025-61915.html * https://bugzilla.suse.com/show_bug.cgi?id=1244057 * https://bugzilla.suse.com/show_bug.cgi?id=1249049 * https://bugzilla.suse.com/show_bug.cgi?id=1249128 * https://bugzilla.suse.com/show_bug.cgi?id=1253783 * https://bugzilla.suse.com/show_bug.cgi?id=1254353 * https://jira.suse.com/browse/PED-14688 * https://jira.suse.com/browse/PED-14775 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Feb 5 20:32:54 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 05 Feb 2026 20:32:54 -0000 Subject: SUSE-SU-2026:20228-1: important: Security update for the Linux Kernel Message-ID: <177032357460.6560.4209054434548516107@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:20228-1 Release Date: 2026-02-02T09:27:27Z Rating: important References: * bsc#1205462 * bsc#1214285 * bsc#1243112 * bsc#1245193 * bsc#1247500 * bsc#1250388 * bsc#1252046 * bsc#1252861 * bsc#1253155 * bsc#1253238 * bsc#1253262 * bsc#1253365 * bsc#1253400 * bsc#1253413 * bsc#1253414 * bsc#1253442 * bsc#1253458 * bsc#1253623 * bsc#1253674 * bsc#1253739 * bsc#1254126 * bsc#1254128 * bsc#1254195 * bsc#1254244 * bsc#1254363 * bsc#1254378 * bsc#1254408 * bsc#1254477 * bsc#1254510 * bsc#1254518 * bsc#1254519 * bsc#1254520 * bsc#1254615 * bsc#1254616 * bsc#1254618 * bsc#1254621 * bsc#1254624 * bsc#1254791 * bsc#1254793 * bsc#1254794 * bsc#1254795 * bsc#1254796 * bsc#1254797 * bsc#1254798 * bsc#1254808 * bsc#1254809 * bsc#1254813 * bsc#1254815 * bsc#1254821 * bsc#1254824 * bsc#1254825 * bsc#1254827 * bsc#1254828 * bsc#1254829 * bsc#1254830 * bsc#1254832 * bsc#1254835 * bsc#1254840 * bsc#1254843 * bsc#1254846 * bsc#1254847 * bsc#1254849 * bsc#1254850 * bsc#1254851 * bsc#1254852 * bsc#1254854 * bsc#1254856 * bsc#1254858 * bsc#1254860 * bsc#1254861 * bsc#1254864 * bsc#1254868 * bsc#1254869 * bsc#1254871 * bsc#1254894 * bsc#1254957 * bsc#1254959 * bsc#1254961 * bsc#1254964 * bsc#1254996 * bsc#1255026 * bsc#1255030 * bsc#1255034 * bsc#1255035 * bsc#1255039 * bsc#1255040 * bsc#1255041 * bsc#1255042 * bsc#1255057 * bsc#1255058 * bsc#1255064 * bsc#1255065 * bsc#1255068 * bsc#1255071 * bsc#1255072 * bsc#1255075 * bsc#1255077 * bsc#1255081 * bsc#1255082 * bsc#1255083 * bsc#1255087 * bsc#1255092 * bsc#1255094 * bsc#1255095 * bsc#1255097 * bsc#1255099 * bsc#1255103 * bsc#1255116 * bsc#1255120 * bsc#1255121 * bsc#1255122 * bsc#1255124 * bsc#1255131 * bsc#1255134 * bsc#1255135 * bsc#1255136 * bsc#1255138 * bsc#1255140 * bsc#1255142 * bsc#1255145 * bsc#1255146 * bsc#1255149 * bsc#1255150 * bsc#1255152 * bsc#1255154 * bsc#1255155 * bsc#1255156 * bsc#1255161 * bsc#1255167 * bsc#1255169 * bsc#1255171 * bsc#1255175 * bsc#1255179 * bsc#1255181 * bsc#1255182 * bsc#1255186 * bsc#1255187 * bsc#1255190 * bsc#1255193 * bsc#1255196 * bsc#1255197 * bsc#1255199 * bsc#1255202 * bsc#1255203 * bsc#1255206 * bsc#1255209 * bsc#1255218 * bsc#1255220 * bsc#1255221 * bsc#1255223 * bsc#1255226 * bsc#1255227 * bsc#1255228 * bsc#1255230 * bsc#1255231 * bsc#1255233 * bsc#1255234 * bsc#1255242 * bsc#1255243 * bsc#1255246 * bsc#1255247 * bsc#1255251 * bsc#1255252 * bsc#1255253 * bsc#1255255 * bsc#1255256 * bsc#1255259 * bsc#1255260 * bsc#1255261 * bsc#1255262 * bsc#1255272 * bsc#1255273 * bsc#1255274 * bsc#1255276 * bsc#1255279 * bsc#1255297 * bsc#1255312 * bsc#1255316 * bsc#1255318 * bsc#1255325 * bsc#1255329 * bsc#1255346 * bsc#1255349 * bsc#1255351 * bsc#1255354 * bsc#1255357 * bsc#1255377 * bsc#1255379 * bsc#1255380 * bsc#1255395 * bsc#1255401 * bsc#1255415 * bsc#1255428 * bsc#1255433 * bsc#1255434 * bsc#1255480 * bsc#1255483 * bsc#1255488 * bsc#1255489 * bsc#1255493 * bsc#1255495 * bsc#1255505 * bsc#1255507 * bsc#1255508 * bsc#1255509 * bsc#1255533 * bsc#1255541 * bsc#1255550 * bsc#1255552 * bsc#1255553 * bsc#1255567 * bsc#1255580 * bsc#1255601 * bsc#1255603 * bsc#1255611 * bsc#1255614 * bsc#1255672 * bsc#1255688 * bsc#1255698 * bsc#1255706 * bsc#1255707 * bsc#1255709 * bsc#1255722 * bsc#1255723 * bsc#1255724 * bsc#1255812 * bsc#1255813 * bsc#1255814 * bsc#1255816 * bsc#1255931 * bsc#1255932 * bsc#1255934 * bsc#1255943 * bsc#1255944 * bsc#1256238 * bsc#1256495 * bsc#1256606 * bsc#1256794 * jsc#PED-12745 * jsc#PED-14344 * jsc#PED-14571 Cross-References: * CVE-2025-38704 * CVE-2025-39880 * CVE-2025-39977 * CVE-2025-40042 * CVE-2025-40123 * CVE-2025-40130 * CVE-2025-40160 * CVE-2025-40167 * CVE-2025-40170 * CVE-2025-40179 * CVE-2025-40190 * CVE-2025-40209 * CVE-2025-40211 * CVE-2025-40212 * CVE-2025-40213 * CVE-2025-40214 * CVE-2025-40215 * CVE-2025-40218 * CVE-2025-40219 * CVE-2025-40220 * CVE-2025-40221 * CVE-2025-40223 * CVE-2025-40225 * CVE-2025-40226 * CVE-2025-40231 * CVE-2025-40233 * CVE-2025-40235 * CVE-2025-40237 * CVE-2025-40238 * CVE-2025-40239 * CVE-2025-40240 * CVE-2025-40242 * CVE-2025-40246 * CVE-2025-40248 * CVE-2025-40250 * CVE-2025-40251 * CVE-2025-40252 * CVE-2025-40254 * CVE-2025-40255 * CVE-2025-40256 * CVE-2025-40258 * CVE-2025-40262 * CVE-2025-40263 * CVE-2025-40264 * CVE-2025-40266 * CVE-2025-40268 * CVE-2025-40269 * CVE-2025-40271 * CVE-2025-40272 * CVE-2025-40273 * CVE-2025-40274 * CVE-2025-40275 * CVE-2025-40276 * CVE-2025-40277 * CVE-2025-40278 * CVE-2025-40279 * CVE-2025-40280 * CVE-2025-40282 * CVE-2025-40283 * CVE-2025-40284 * CVE-2025-40287 * CVE-2025-40288 * CVE-2025-40289 * CVE-2025-40292 * CVE-2025-40293 * CVE-2025-40294 * CVE-2025-40297 * CVE-2025-40301 * CVE-2025-40302 * CVE-2025-40303 * CVE-2025-40304 * CVE-2025-40307 * CVE-2025-40308 * CVE-2025-40309 * CVE-2025-40310 * CVE-2025-40311 * CVE-2025-40314 * CVE-2025-40315 * CVE-2025-40316 * CVE-2025-40317 * CVE-2025-40318 * CVE-2025-40319 * CVE-2025-40320 * CVE-2025-40321 * CVE-2025-40322 * CVE-2025-40323 * CVE-2025-40324 * CVE-2025-40328 * CVE-2025-40329 * CVE-2025-40330 * CVE-2025-40331 * CVE-2025-40332 * CVE-2025-40337 * CVE-2025-40338 * CVE-2025-40339 * CVE-2025-40340 * CVE-2025-40342 * CVE-2025-40343 * CVE-2025-40344 * CVE-2025-40345 * CVE-2025-40346 * CVE-2025-40347 * CVE-2025-40350 * CVE-2025-40353 * CVE-2025-40354 * CVE-2025-40355 * CVE-2025-40357 * CVE-2025-40359 * CVE-2025-40360 * CVE-2025-40362 * CVE-2025-68167 * CVE-2025-68170 * CVE-2025-68171 * CVE-2025-68172 * CVE-2025-68176 * CVE-2025-68180 * CVE-2025-68181 * CVE-2025-68183 * CVE-2025-68184 * CVE-2025-68185 * CVE-2025-68190 * CVE-2025-68192 * CVE-2025-68194 * CVE-2025-68195 * CVE-2025-68197 * CVE-2025-68198 * CVE-2025-68201 * CVE-2025-68202 * CVE-2025-68206 * CVE-2025-68207 * CVE-2025-68208 * CVE-2025-68209 * CVE-2025-68210 * CVE-2025-68213 * CVE-2025-68215 * CVE-2025-68217 * CVE-2025-68222 * CVE-2025-68223 * CVE-2025-68230 * CVE-2025-68233 * CVE-2025-68235 * CVE-2025-68237 * CVE-2025-68238 * CVE-2025-68239 * CVE-2025-68242 * CVE-2025-68244 * CVE-2025-68249 * CVE-2025-68252 * CVE-2025-68254 * CVE-2025-68255 * CVE-2025-68256 * CVE-2025-68257 * CVE-2025-68258 * CVE-2025-68259 * CVE-2025-68264 * CVE-2025-68283 * CVE-2025-68284 * CVE-2025-68285 * CVE-2025-68286 * CVE-2025-68287 * CVE-2025-68289 * CVE-2025-68290 * CVE-2025-68293 * CVE-2025-68298 * CVE-2025-68301 * CVE-2025-68302 * CVE-2025-68303 * CVE-2025-68305 * CVE-2025-68306 * CVE-2025-68307 * CVE-2025-68308 * CVE-2025-68311 * CVE-2025-68312 * CVE-2025-68313 * CVE-2025-68317 * CVE-2025-68327 * CVE-2025-68328 * CVE-2025-68330 * CVE-2025-68331 * CVE-2025-68332 * CVE-2025-68335 * CVE-2025-68339 * CVE-2025-68340 * CVE-2025-68342 * CVE-2025-68343 * CVE-2025-68344 * CVE-2025-68345 * CVE-2025-68346 * CVE-2025-68347 * CVE-2025-68351 * CVE-2025-68352 * CVE-2025-68353 * CVE-2025-68354 * CVE-2025-68362 * CVE-2025-68363 * CVE-2025-68378 * CVE-2025-68380 * CVE-2025-68724 * CVE-2025-68732 * CVE-2025-68736 * CVE-2025-68740 * CVE-2025-68742 * CVE-2025-68744 * CVE-2025-68746 * CVE-2025-68747 * CVE-2025-68748 * CVE-2025-68749 * CVE-2025-68750 * CVE-2025-68753 * CVE-2025-68757 * CVE-2025-68758 * CVE-2025-68759 * CVE-2025-68765 * CVE-2025-68766 * CVE-2025-71096 CVSS scores: * CVE-2025-38704 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38704 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-39880 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-39880 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40042 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40123 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40123 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40130 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40130 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40160 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-40160 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-40167 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40167 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40170 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40170 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-40179 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40179 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40190 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-40190 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-40209 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40209 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40211 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40211 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-40212 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40212 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40213 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-40213 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-40214 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40214 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40215 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40215 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40218 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40219 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-40219 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-40220 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-40220 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-40221 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40221 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-40223 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40225 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40226 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40231 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40233 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40235 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40237 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40238 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40239 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40240 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40242 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40242 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40246 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40248 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40250 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40251 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40252 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40254 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40255 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40256 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40258 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40258 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40262 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40263 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40263 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40264 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40266 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-40266 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L * CVE-2025-40268 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40268 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40269 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40269 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40271 ( SUSE ): 5.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H * CVE-2025-40272 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40273 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40274 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40275 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40276 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40277 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40278 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40279 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-40279 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2025-40280 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40280 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40282 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40282 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40283 ( SUSE ): 7.0 CVSS:4.0/AV:P/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40283 ( SUSE ): 6.6 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40284 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40284 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40287 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40288 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40288 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40289 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40289 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40292 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40292 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H * CVE-2025-40293 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40293 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40294 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-40294 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2025-40297 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40297 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40301 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-40301 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2025-40302 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40302 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-40303 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-40303 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-40304 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40304 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40307 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40307 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40308 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40308 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40309 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40309 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40310 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40310 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40311 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-40311 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-40314 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-40314 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-40315 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40315 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40316 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40317 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40318 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40319 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40320 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40321 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40322 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40322 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-40323 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40323 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40324 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40328 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40329 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40330 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40331 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40332 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40332 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40337 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40338 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-40338 ( SUSE ): 5.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H * CVE-2025-40339 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40340 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-40342 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40342 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40343 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40343 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40344 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40345 ( SUSE ): 7.0 CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40345 ( SUSE ): 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40346 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40346 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40347 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40350 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40353 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-40353 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-40354 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40354 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40355 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40357 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-40357 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-40359 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-40359 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-40360 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40360 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40362 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40362 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-68167 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68167 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68170 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68171 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68172 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68176 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68180 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68181 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68183 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-68183 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-68184 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68184 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68185 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68185 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68190 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68190 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68192 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68194 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68194 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68195 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68197 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68198 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68201 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68201 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68202 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68202 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68206 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68206 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68207 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68208 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68208 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H * CVE-2025-68209 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68210 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68213 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68215 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68217 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68222 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68223 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-68223 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-68230 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68230 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68233 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68235 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68237 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68238 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68239 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68242 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68244 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68249 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68252 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68254 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68254 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68255 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-68255 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-68256 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68256 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68257 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68258 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68259 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68264 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-68264 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-68283 ( SUSE ): 5.9 CVSS:4.0/AV:A/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68283 ( SUSE ): 6.4 CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-68284 ( SUSE ): 7.0 CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-68284 ( SUSE ): 7.3 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-68285 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-68285 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-68286 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68287 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68289 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68290 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68293 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68298 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68301 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68302 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68303 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68305 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68305 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68306 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68306 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68307 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-68307 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-68308 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68308 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68311 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68311 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68312 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68312 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68313 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-68313 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-68317 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-68317 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2025-68327 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68327 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68328 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-68328 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-68330 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68330 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68331 ( SUSE ): 5.4 CVSS:4.0/AV:P/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-68331 ( SUSE ): 6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-68332 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68335 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68339 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-68339 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-68340 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-68340 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-68342 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68342 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-68343 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68343 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-68344 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-68344 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-68345 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68346 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68347 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-68347 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-68351 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68352 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68353 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68353 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68354 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68362 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68363 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68378 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68380 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68724 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68732 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-68732 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-68736 ( SUSE ): 7.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-68736 ( SUSE ): 5.7 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N * CVE-2025-68740 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68740 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68742 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68742 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68744 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68744 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68746 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68746 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68747 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-68747 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-68748 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-68748 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-68749 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68749 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68750 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-68750 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-68753 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-68753 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2025-68757 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68757 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68758 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-68758 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-68759 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68759 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68765 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68765 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68766 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-68766 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-71096 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-71096 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server High Availability Extension 16.0 An update that solves 215 vulnerabilities, contains three features and has 23 fixes can now be installed. ## Description: The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: * CVE-2025-38704: rcu/nocb: Fix possible invalid rdp's->nocb_cb_kthread pointer (bsc#1254408). * CVE-2025-39880: ceph: fix race condition validating r_parent before applying state (bsc#1250388). * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252046). * CVE-2025-40042: tracing: Fix race condition in kprobe initialization causing NULL pointer dereference (bsc#1252861). * CVE-2025-40123: bpf: Enforce expected_attach_type for tailcall compatibility (bsc#1253365). * CVE-2025-40130: scsi: ufs: core: Fix data race in CPU latency PM QoS request handling * CVE-2025-40160: xen/events: Cleanup find_virq() return codes (bsc#1253400). * CVE-2025-40167: ext4: detect invalid INLINE_DATA + EXTENTS flag combination (bsc#1253458). * CVE-2025-40170: net: use dst_dev_rcu() in sk_setup_caps() (bsc#1253413). * CVE-2025-40179: ext4: verify orphan file size is not too big (bsc#1253442). * CVE-2025-40190: ext4: guard against EA inode refcount underflow in xattr update (bsc#1253623). * CVE-2025-40214: af_unix: Initialise scc_index in unix_add_edge() (bsc#1254961). * CVE-2025-40215: xfrm: delete x->tunnel as we delete x (bsc#1254959). * CVE-2025-40218: mm/damon/vaddr: do not repeat pte_offset_map_lock() until success (bsc#1254964). * CVE-2025-40220: fuse: fix livelock in synchronous file put from fuseblk workers (bsc#1254520). * CVE-2025-40231: vsock: fix lock inversion in vsock_assign_transport() (bsc#1254815). * CVE-2025-40233: ocfs2: clear extent cache after moving/defragmenting extents (bsc#1254813). * CVE-2025-40237: fs/notify: call exportfs_encode_fid with s_umount (bsc#1254809). * CVE-2025-40238: net/mlx5: Fix IPsec cleanup over MPV device (bsc#1254871). * CVE-2025-40239: net: phy: micrel: always set shared->phydev for LAN8814 (bsc#1254868). * CVE-2025-40242: gfs2: Fix unlikely race in gdlm_put_lock (bsc#1255075). * CVE-2025-40246: xfs: fix out of bounds memory read error in symlink repair (bsc#1254861). * CVE-2025-40248: vsock: Ignore signal/timeout on connect() if already established (bsc#1254864). * CVE-2025-40250: net/mlx5: Clean up only new IRQ glue on request_irq() failure (bsc#1254854). * CVE-2025-40251: devlink: rate: Unset parent pointer in devl_rate_nodes_destroy (bsc#1254856). * CVE-2025-40252: net: qlogic/qede: fix potential out-of-bounds read in qede_tpa_cont() and qede_tpa_end() (bsc#1254849). * CVE-2025-40254: net: openvswitch: remove never-working support for setting nsh fields (bsc#1254852). * CVE-2025-40255: net: core: prevent NULL deref in generic_hwtstamp_ioctl_lower() (bsc#1255156). * CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1254843). * CVE-2025-40264: be2net: pass wrb_params in case of OS2BMC (bsc#1254835). * CVE-2025-40268: cifs: client: fix memory leak in smb3_fs_context_parse_param (bsc#1255082). * CVE-2025-40271: fs/proc: fix uaf in proc_readdir_de() (bsc#1255297). * CVE-2025-40274: KVM: guest_memfd: Remove bindings on memslot deletion when gmem is dying (bsc#1254830). * CVE-2025-40276: drm/panthor: Flush shmem writes before mapping buffers CPU- uncached (bsc#1254824). * CVE-2025-40278: net: sched: act_ife: initialize struct tc_ife to fix KMSAN kernel-infoleak (bsc#1254825). * CVE-2025-40279: net: sched: act_connmark: initialize struct tc_ife to fix kernel leak (bsc#1254846). * CVE-2025-40280: tipc: Fix use-after-free in tipc_mon_reinit_self() (bsc#1254847). * CVE-2025-40292: virtio-net: fix received length check in big packets (bsc#1255175). * CVE-2025-40293: iommufd: Don't overflow during division for dirty tracking (bsc#1255179). * CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255187). * CVE-2025-40319: bpf: Sync pending IRQ work before freeing ring buffer (bsc#1254794). * CVE-2025-40328: smb: client: fix potential UAF in smb2_close_cached_fid() (bsc#1254624). * CVE-2025-40330: bnxt_en: Shutdown FW DMA in bnxt_shutdown() (bsc#1254616). * CVE-2025-40331: sctp: Prevent TOCTOU out-of-bounds write (bsc#1254615). * CVE-2025-40338: ASoC: Intel: avs: Do not share the name pointer between components (bsc#1255273). * CVE-2025-40346: arch_topology: Fix incorrect error check in topology_parse_cpu_capacity() (bsc#1255318). * CVE-2025-40347: net: enetc: fix the deadlock of enetc_mdio_lock (bsc#1255262). * CVE-2025-40350: net/mlx5e: RX, Fix generating skb from non-linear xdp_buff for striding RQ (bsc#1255260). * CVE-2025-40355: sysfs: check visibility before changing group attribute ownership (bsc#1255261). * CVE-2025-40357: net/smc: fix general protection fault in __smc_diag_dump (bsc#1255097). * CVE-2025-40359: perf/x86/intel: Fix KASAN global-out-of-bounds warning (bsc#1255087). * CVE-2025-40362: ceph: fix multifs mds auth caps issue (bsc#1255103). * CVE-2025-68171: x86/fpu: Ensure XFD state on signal delivery (bsc#1255255). * CVE-2025-68197: bnxt_en: Fix null pointer dereference in bnxt_bs_trace_check_wrap() (bsc#1255242). * CVE-2025-68198: crash: fix crashkernel resource shrink (bsc#1255243). * CVE-2025-68202: sched_ext: Fix unsafe locking in the scx_dump_state() (bsc#1255223). * CVE-2025-68206: netfilter: nft_ct: add seqadj extension for natted connections (bsc#1255142). * CVE-2025-68208: bpf: account for current allocated stack depth in widen_imprecise_scalars() (bsc#1255227). * CVE-2025-68209: mlx5: Fix default values in create CQ (bsc#1255230). * CVE-2025-68215: ice: fix PTP cleanup on driver removal in error path (bsc#1255226). * CVE-2025-68239: binfmt_misc: restore write access before closing files opened by open_exec() (bsc#1255272). * CVE-2025-68259: KVM: SVM: Don't skip unrelated instruction if INT3/INTO is replaced (bsc#1255199). * CVE-2025-68264: ext4: refresh inline data size before write operations (bsc#1255380). * CVE-2025-68283: libceph: replace BUG_ON with bounds check for map->max_osd (bsc#1255379). * CVE-2025-68284: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (bsc#1255377). * CVE-2025-68285: libceph: fix potential use-after-free in have_mon_and_osd_map() (bsc#1255401). * CVE-2025-68293: mm/huge_memory: fix NULL pointer deference when splitting folio (bsc#1255150). * CVE-2025-68301: net: atlantic: fix fragment overflow handling in RX path (bsc#1255120). * CVE-2025-68302: net: sxgbe: fix potential NULL dereference in sxgbe_rx() (bsc#1255121). * CVE-2025-68317: io_uring/zctx: check chained notif contexts (bsc#1255354). * CVE-2025-68340: team: Move team device type change at the end of team_port_add (bsc#1255507). * CVE-2025-68353: net: vxlan: prevent NULL deref in vxlan_xmit_one (bsc#1255533). * CVE-2025-68363: bpf: Check skb->transport_header is set in bpf_skb_check_mtu (bsc#1255552). * CVE-2025-68378: bpf: Refactor stack map trace depth calculation into helper function (bsc#1255614). * CVE-2025-68736: landlock: Optimize file path walks and prepare for audit support (bsc#1255698). * CVE-2025-68742: bpf: Fix invalid prog->stats access when update_effective_progs fails (bsc#1255707). * CVE-2025-68744: bpf: Free special fields when update [lru_,]percpu_hash maps (bsc#1255709). * CVE-2025-71096: RDMA/core: Check for the presence of LS_NLA_TYPE_DGID correctly (bsc#1256606). The following non security issues were fixed: * KVM: SEV: Drop GHCB_VERSION_DEFAULT and open code it (bsc#1255672). * Set HZ=1000 for ppc64 default configuration (jsc#PED-14344) * bpf: Do not limit bpf_cgroup_from_id to current's namespace (bsc#1255433). * btrfs: handle aligned EOF truncation correctly for subpage cases (bsc#1253238). * cgroup: rstat: use LOCK CMPXCHG in css_rstat_updated (bsc#1255434). * cifs: update dstaddr whenever channel iface is updated (git-fixes). * cpuidle: menu: Use residency threshold in polling state override decisions (bsc#1255026). * cpuset: fix warning when disabling remote partition (bsc#1256794). * ext4: use optimized mballoc scanning regardless of inode format (bsc#1254378). * net: usb: pegasus: fix memory leak in update_eth_regs_async() (git-fixes). * netdevsim: print human readable IP address (bsc#1255071). * powerpc/eeh: fix recursive pci_lock_rescan_remove locking in EEH event handling (bsc#1253262 ltc#216029). * powerpc/kexec: Enable SMT before waking offline CPUs (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes bsc#1253739 ltc#211493 bsc#1254244 ltc#216496). * sched: Increase sched_tick_remote timeout (bsc#1254510). * selftests: net: fib-onlink-tests: Set high metric for default IPv6 route (bsc#1255346). * selftests: net: use slowwait to make sure IPv6 setup finished (bsc#1255349). * selftests: net: use slowwait to stabilize vrf_route_leaking test (bsc#1255349). * serial: xilinx_uartps: Use helper function hrtimer_update_function() (stable-fixes). * supported.conf: Mark lan 743x supported (jsc#PED-14571) * tick/sched: Limit non-timekeeper CPUs calling jiffies update (bsc#1254477). * wifi: ath10k: Avoid vdev delete timeout when firmware is already down (stable-fixes). * x86/microcode/AMD: Fix Entrysign revision check for Zen5/Strix Halo (bsc#1256495). * x86/microcode/AMD: Make __verify_patch_size() return bool (bsc#1256495). * x86/microcode/AMD: Remove bogus comment from parse_container() (bsc#1256495). * x86/microcode/AMD: Select which microcode patch to load (bsc#1256495). * x86/microcode/AMD: Use sha256() instead of init/update/final (bsc#1256495). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server High Availability Extension 16.0 zypper in -t patch SUSE-SLES-HA-16.0-230=1 ## Package List: * SUSE Linux Enterprise Server High Availability Extension 16.0 (ppc64le s390x x86_64) * dlm-kmp-default-debuginfo-6.12.0-160000.9.1 * kernel-default-debuginfo-6.12.0-160000.9.1 * gfs2-kmp-default-6.12.0-160000.9.1 * kernel-default-debugsource-6.12.0-160000.9.1 * gfs2-kmp-default-debuginfo-6.12.0-160000.9.1 * dlm-kmp-default-6.12.0-160000.9.1 * cluster-md-kmp-default-6.12.0-160000.9.1 * cluster-md-kmp-default-debuginfo-6.12.0-160000.9.1 * SUSE Linux Enterprise Server High Availability Extension 16.0 (nosrc) * kernel-default-6.12.0-160000.9.1 ## References: * https://www.suse.com/security/cve/CVE-2025-38704.html * https://www.suse.com/security/cve/CVE-2025-39880.html * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-40042.html * https://www.suse.com/security/cve/CVE-2025-40123.html * https://www.suse.com/security/cve/CVE-2025-40130.html * https://www.suse.com/security/cve/CVE-2025-40160.html * https://www.suse.com/security/cve/CVE-2025-40167.html * https://www.suse.com/security/cve/CVE-2025-40170.html * https://www.suse.com/security/cve/CVE-2025-40179.html * https://www.suse.com/security/cve/CVE-2025-40190.html * https://www.suse.com/security/cve/CVE-2025-40209.html * https://www.suse.com/security/cve/CVE-2025-40211.html * https://www.suse.com/security/cve/CVE-2025-40212.html * https://www.suse.com/security/cve/CVE-2025-40213.html * https://www.suse.com/security/cve/CVE-2025-40214.html * https://www.suse.com/security/cve/CVE-2025-40215.html * https://www.suse.com/security/cve/CVE-2025-40218.html * https://www.suse.com/security/cve/CVE-2025-40219.html * https://www.suse.com/security/cve/CVE-2025-40220.html * https://www.suse.com/security/cve/CVE-2025-40221.html * https://www.suse.com/security/cve/CVE-2025-40223.html * https://www.suse.com/security/cve/CVE-2025-40225.html * https://www.suse.com/security/cve/CVE-2025-40226.html * https://www.suse.com/security/cve/CVE-2025-40231.html * https://www.suse.com/security/cve/CVE-2025-40233.html * https://www.suse.com/security/cve/CVE-2025-40235.html * https://www.suse.com/security/cve/CVE-2025-40237.html * https://www.suse.com/security/cve/CVE-2025-40238.html * https://www.suse.com/security/cve/CVE-2025-40239.html * https://www.suse.com/security/cve/CVE-2025-40240.html * https://www.suse.com/security/cve/CVE-2025-40242.html * https://www.suse.com/security/cve/CVE-2025-40246.html * https://www.suse.com/security/cve/CVE-2025-40248.html * https://www.suse.com/security/cve/CVE-2025-40250.html * https://www.suse.com/security/cve/CVE-2025-40251.html * https://www.suse.com/security/cve/CVE-2025-40252.html * https://www.suse.com/security/cve/CVE-2025-40254.html * https://www.suse.com/security/cve/CVE-2025-40255.html * https://www.suse.com/security/cve/CVE-2025-40256.html * https://www.suse.com/security/cve/CVE-2025-40258.html * https://www.suse.com/security/cve/CVE-2025-40262.html * https://www.suse.com/security/cve/CVE-2025-40263.html * https://www.suse.com/security/cve/CVE-2025-40264.html * https://www.suse.com/security/cve/CVE-2025-40266.html * https://www.suse.com/security/cve/CVE-2025-40268.html * https://www.suse.com/security/cve/CVE-2025-40269.html * https://www.suse.com/security/cve/CVE-2025-40271.html * https://www.suse.com/security/cve/CVE-2025-40272.html * https://www.suse.com/security/cve/CVE-2025-40273.html * https://www.suse.com/security/cve/CVE-2025-40274.html * https://www.suse.com/security/cve/CVE-2025-40275.html * https://www.suse.com/security/cve/CVE-2025-40276.html * https://www.suse.com/security/cve/CVE-2025-40277.html * https://www.suse.com/security/cve/CVE-2025-40278.html * https://www.suse.com/security/cve/CVE-2025-40279.html * https://www.suse.com/security/cve/CVE-2025-40280.html * https://www.suse.com/security/cve/CVE-2025-40282.html * https://www.suse.com/security/cve/CVE-2025-40283.html * https://www.suse.com/security/cve/CVE-2025-40284.html * https://www.suse.com/security/cve/CVE-2025-40287.html * https://www.suse.com/security/cve/CVE-2025-40288.html * https://www.suse.com/security/cve/CVE-2025-40289.html * https://www.suse.com/security/cve/CVE-2025-40292.html * https://www.suse.com/security/cve/CVE-2025-40293.html * https://www.suse.com/security/cve/CVE-2025-40294.html * https://www.suse.com/security/cve/CVE-2025-40297.html * https://www.suse.com/security/cve/CVE-2025-40301.html * https://www.suse.com/security/cve/CVE-2025-40302.html * https://www.suse.com/security/cve/CVE-2025-40303.html * https://www.suse.com/security/cve/CVE-2025-40304.html * https://www.suse.com/security/cve/CVE-2025-40307.html * https://www.suse.com/security/cve/CVE-2025-40308.html * https://www.suse.com/security/cve/CVE-2025-40309.html * https://www.suse.com/security/cve/CVE-2025-40310.html * https://www.suse.com/security/cve/CVE-2025-40311.html * https://www.suse.com/security/cve/CVE-2025-40314.html * https://www.suse.com/security/cve/CVE-2025-40315.html * https://www.suse.com/security/cve/CVE-2025-40316.html * https://www.suse.com/security/cve/CVE-2025-40317.html * https://www.suse.com/security/cve/CVE-2025-40318.html * https://www.suse.com/security/cve/CVE-2025-40319.html * https://www.suse.com/security/cve/CVE-2025-40320.html * https://www.suse.com/security/cve/CVE-2025-40321.html * https://www.suse.com/security/cve/CVE-2025-40322.html * https://www.suse.com/security/cve/CVE-2025-40323.html * https://www.suse.com/security/cve/CVE-2025-40324.html * https://www.suse.com/security/cve/CVE-2025-40328.html * https://www.suse.com/security/cve/CVE-2025-40329.html * https://www.suse.com/security/cve/CVE-2025-40330.html * https://www.suse.com/security/cve/CVE-2025-40331.html * https://www.suse.com/security/cve/CVE-2025-40332.html * https://www.suse.com/security/cve/CVE-2025-40337.html * https://www.suse.com/security/cve/CVE-2025-40338.html * https://www.suse.com/security/cve/CVE-2025-40339.html * https://www.suse.com/security/cve/CVE-2025-40340.html * https://www.suse.com/security/cve/CVE-2025-40342.html * https://www.suse.com/security/cve/CVE-2025-40343.html * https://www.suse.com/security/cve/CVE-2025-40344.html * https://www.suse.com/security/cve/CVE-2025-40345.html * https://www.suse.com/security/cve/CVE-2025-40346.html * https://www.suse.com/security/cve/CVE-2025-40347.html * https://www.suse.com/security/cve/CVE-2025-40350.html * https://www.suse.com/security/cve/CVE-2025-40353.html * https://www.suse.com/security/cve/CVE-2025-40354.html * https://www.suse.com/security/cve/CVE-2025-40355.html * https://www.suse.com/security/cve/CVE-2025-40357.html * https://www.suse.com/security/cve/CVE-2025-40359.html * https://www.suse.com/security/cve/CVE-2025-40360.html * https://www.suse.com/security/cve/CVE-2025-40362.html * https://www.suse.com/security/cve/CVE-2025-68167.html * https://www.suse.com/security/cve/CVE-2025-68170.html * https://www.suse.com/security/cve/CVE-2025-68171.html * https://www.suse.com/security/cve/CVE-2025-68172.html * https://www.suse.com/security/cve/CVE-2025-68176.html * https://www.suse.com/security/cve/CVE-2025-68180.html * https://www.suse.com/security/cve/CVE-2025-68181.html * https://www.suse.com/security/cve/CVE-2025-68183.html * https://www.suse.com/security/cve/CVE-2025-68184.html * https://www.suse.com/security/cve/CVE-2025-68185.html * https://www.suse.com/security/cve/CVE-2025-68190.html * https://www.suse.com/security/cve/CVE-2025-68192.html * https://www.suse.com/security/cve/CVE-2025-68194.html * https://www.suse.com/security/cve/CVE-2025-68195.html * https://www.suse.com/security/cve/CVE-2025-68197.html * https://www.suse.com/security/cve/CVE-2025-68198.html * https://www.suse.com/security/cve/CVE-2025-68201.html * https://www.suse.com/security/cve/CVE-2025-68202.html * https://www.suse.com/security/cve/CVE-2025-68206.html * https://www.suse.com/security/cve/CVE-2025-68207.html * https://www.suse.com/security/cve/CVE-2025-68208.html * https://www.suse.com/security/cve/CVE-2025-68209.html * https://www.suse.com/security/cve/CVE-2025-68210.html * https://www.suse.com/security/cve/CVE-2025-68213.html * https://www.suse.com/security/cve/CVE-2025-68215.html * https://www.suse.com/security/cve/CVE-2025-68217.html * https://www.suse.com/security/cve/CVE-2025-68222.html * https://www.suse.com/security/cve/CVE-2025-68223.html * https://www.suse.com/security/cve/CVE-2025-68230.html * https://www.suse.com/security/cve/CVE-2025-68233.html * https://www.suse.com/security/cve/CVE-2025-68235.html * https://www.suse.com/security/cve/CVE-2025-68237.html * https://www.suse.com/security/cve/CVE-2025-68238.html * https://www.suse.com/security/cve/CVE-2025-68239.html * https://www.suse.com/security/cve/CVE-2025-68242.html * https://www.suse.com/security/cve/CVE-2025-68244.html * https://www.suse.com/security/cve/CVE-2025-68249.html * https://www.suse.com/security/cve/CVE-2025-68252.html * https://www.suse.com/security/cve/CVE-2025-68254.html * https://www.suse.com/security/cve/CVE-2025-68255.html * https://www.suse.com/security/cve/CVE-2025-68256.html * https://www.suse.com/security/cve/CVE-2025-68257.html * https://www.suse.com/security/cve/CVE-2025-68258.html * https://www.suse.com/security/cve/CVE-2025-68259.html * https://www.suse.com/security/cve/CVE-2025-68264.html * https://www.suse.com/security/cve/CVE-2025-68283.html * https://www.suse.com/security/cve/CVE-2025-68284.html * https://www.suse.com/security/cve/CVE-2025-68285.html * https://www.suse.com/security/cve/CVE-2025-68286.html * https://www.suse.com/security/cve/CVE-2025-68287.html * https://www.suse.com/security/cve/CVE-2025-68289.html * https://www.suse.com/security/cve/CVE-2025-68290.html * https://www.suse.com/security/cve/CVE-2025-68293.html * https://www.suse.com/security/cve/CVE-2025-68298.html * https://www.suse.com/security/cve/CVE-2025-68301.html * https://www.suse.com/security/cve/CVE-2025-68302.html * https://www.suse.com/security/cve/CVE-2025-68303.html * https://www.suse.com/security/cve/CVE-2025-68305.html * https://www.suse.com/security/cve/CVE-2025-68306.html * https://www.suse.com/security/cve/CVE-2025-68307.html * https://www.suse.com/security/cve/CVE-2025-68308.html * https://www.suse.com/security/cve/CVE-2025-68311.html * https://www.suse.com/security/cve/CVE-2025-68312.html * https://www.suse.com/security/cve/CVE-2025-68313.html * https://www.suse.com/security/cve/CVE-2025-68317.html * https://www.suse.com/security/cve/CVE-2025-68327.html * https://www.suse.com/security/cve/CVE-2025-68328.html * https://www.suse.com/security/cve/CVE-2025-68330.html * https://www.suse.com/security/cve/CVE-2025-68331.html * https://www.suse.com/security/cve/CVE-2025-68332.html * https://www.suse.com/security/cve/CVE-2025-68335.html * https://www.suse.com/security/cve/CVE-2025-68339.html * https://www.suse.com/security/cve/CVE-2025-68340.html * https://www.suse.com/security/cve/CVE-2025-68342.html * https://www.suse.com/security/cve/CVE-2025-68343.html * https://www.suse.com/security/cve/CVE-2025-68344.html * https://www.suse.com/security/cve/CVE-2025-68345.html * https://www.suse.com/security/cve/CVE-2025-68346.html * https://www.suse.com/security/cve/CVE-2025-68347.html * https://www.suse.com/security/cve/CVE-2025-68351.html * https://www.suse.com/security/cve/CVE-2025-68352.html * https://www.suse.com/security/cve/CVE-2025-68353.html * https://www.suse.com/security/cve/CVE-2025-68354.html * https://www.suse.com/security/cve/CVE-2025-68362.html * https://www.suse.com/security/cve/CVE-2025-68363.html * https://www.suse.com/security/cve/CVE-2025-68378.html * https://www.suse.com/security/cve/CVE-2025-68380.html * https://www.suse.com/security/cve/CVE-2025-68724.html * https://www.suse.com/security/cve/CVE-2025-68732.html * https://www.suse.com/security/cve/CVE-2025-68736.html * https://www.suse.com/security/cve/CVE-2025-68740.html * https://www.suse.com/security/cve/CVE-2025-68742.html * https://www.suse.com/security/cve/CVE-2025-68744.html * https://www.suse.com/security/cve/CVE-2025-68746.html * https://www.suse.com/security/cve/CVE-2025-68747.html * https://www.suse.com/security/cve/CVE-2025-68748.html * https://www.suse.com/security/cve/CVE-2025-68749.html * https://www.suse.com/security/cve/CVE-2025-68750.html * https://www.suse.com/security/cve/CVE-2025-68753.html * https://www.suse.com/security/cve/CVE-2025-68757.html * https://www.suse.com/security/cve/CVE-2025-68758.html * https://www.suse.com/security/cve/CVE-2025-68759.html * https://www.suse.com/security/cve/CVE-2025-68765.html * https://www.suse.com/security/cve/CVE-2025-68766.html * https://www.suse.com/security/cve/CVE-2025-71096.html * https://bugzilla.suse.com/show_bug.cgi?id=1205462 * https://bugzilla.suse.com/show_bug.cgi?id=1214285 * https://bugzilla.suse.com/show_bug.cgi?id=1243112 * https://bugzilla.suse.com/show_bug.cgi?id=1245193 * https://bugzilla.suse.com/show_bug.cgi?id=1247500 * https://bugzilla.suse.com/show_bug.cgi?id=1250388 * https://bugzilla.suse.com/show_bug.cgi?id=1252046 * https://bugzilla.suse.com/show_bug.cgi?id=1252861 * https://bugzilla.suse.com/show_bug.cgi?id=1253155 * https://bugzilla.suse.com/show_bug.cgi?id=1253238 * https://bugzilla.suse.com/show_bug.cgi?id=1253262 * https://bugzilla.suse.com/show_bug.cgi?id=1253365 * https://bugzilla.suse.com/show_bug.cgi?id=1253400 * https://bugzilla.suse.com/show_bug.cgi?id=1253413 * https://bugzilla.suse.com/show_bug.cgi?id=1253414 * https://bugzilla.suse.com/show_bug.cgi?id=1253442 * https://bugzilla.suse.com/show_bug.cgi?id=1253458 * https://bugzilla.suse.com/show_bug.cgi?id=1253623 * https://bugzilla.suse.com/show_bug.cgi?id=1253674 * https://bugzilla.suse.com/show_bug.cgi?id=1253739 * https://bugzilla.suse.com/show_bug.cgi?id=1254126 * https://bugzilla.suse.com/show_bug.cgi?id=1254128 * https://bugzilla.suse.com/show_bug.cgi?id=1254195 * https://bugzilla.suse.com/show_bug.cgi?id=1254244 * https://bugzilla.suse.com/show_bug.cgi?id=1254363 * https://bugzilla.suse.com/show_bug.cgi?id=1254378 * https://bugzilla.suse.com/show_bug.cgi?id=1254408 * https://bugzilla.suse.com/show_bug.cgi?id=1254477 * https://bugzilla.suse.com/show_bug.cgi?id=1254510 * https://bugzilla.suse.com/show_bug.cgi?id=1254518 * https://bugzilla.suse.com/show_bug.cgi?id=1254519 * https://bugzilla.suse.com/show_bug.cgi?id=1254520 * https://bugzilla.suse.com/show_bug.cgi?id=1254615 * https://bugzilla.suse.com/show_bug.cgi?id=1254616 * https://bugzilla.suse.com/show_bug.cgi?id=1254618 * https://bugzilla.suse.com/show_bug.cgi?id=1254621 * https://bugzilla.suse.com/show_bug.cgi?id=1254624 * https://bugzilla.suse.com/show_bug.cgi?id=1254791 * https://bugzilla.suse.com/show_bug.cgi?id=1254793 * https://bugzilla.suse.com/show_bug.cgi?id=1254794 * https://bugzilla.suse.com/show_bug.cgi?id=1254795 * https://bugzilla.suse.com/show_bug.cgi?id=1254796 * https://bugzilla.suse.com/show_bug.cgi?id=1254797 * https://bugzilla.suse.com/show_bug.cgi?id=1254798 * https://bugzilla.suse.com/show_bug.cgi?id=1254808 * https://bugzilla.suse.com/show_bug.cgi?id=1254809 * https://bugzilla.suse.com/show_bug.cgi?id=1254813 * https://bugzilla.suse.com/show_bug.cgi?id=1254815 * https://bugzilla.suse.com/show_bug.cgi?id=1254821 * https://bugzilla.suse.com/show_bug.cgi?id=1254824 * https://bugzilla.suse.com/show_bug.cgi?id=1254825 * https://bugzilla.suse.com/show_bug.cgi?id=1254827 * https://bugzilla.suse.com/show_bug.cgi?id=1254828 * https://bugzilla.suse.com/show_bug.cgi?id=1254829 * https://bugzilla.suse.com/show_bug.cgi?id=1254830 * https://bugzilla.suse.com/show_bug.cgi?id=1254832 * https://bugzilla.suse.com/show_bug.cgi?id=1254835 * https://bugzilla.suse.com/show_bug.cgi?id=1254840 * https://bugzilla.suse.com/show_bug.cgi?id=1254843 * https://bugzilla.suse.com/show_bug.cgi?id=1254846 * https://bugzilla.suse.com/show_bug.cgi?id=1254847 * https://bugzilla.suse.com/show_bug.cgi?id=1254849 * https://bugzilla.suse.com/show_bug.cgi?id=1254850 * https://bugzilla.suse.com/show_bug.cgi?id=1254851 * https://bugzilla.suse.com/show_bug.cgi?id=1254852 * https://bugzilla.suse.com/show_bug.cgi?id=1254854 * https://bugzilla.suse.com/show_bug.cgi?id=1254856 * https://bugzilla.suse.com/show_bug.cgi?id=1254858 * https://bugzilla.suse.com/show_bug.cgi?id=1254860 * https://bugzilla.suse.com/show_bug.cgi?id=1254861 * https://bugzilla.suse.com/show_bug.cgi?id=1254864 * https://bugzilla.suse.com/show_bug.cgi?id=1254868 * https://bugzilla.suse.com/show_bug.cgi?id=1254869 * https://bugzilla.suse.com/show_bug.cgi?id=1254871 * https://bugzilla.suse.com/show_bug.cgi?id=1254894 * https://bugzilla.suse.com/show_bug.cgi?id=1254957 * https://bugzilla.suse.com/show_bug.cgi?id=1254959 * https://bugzilla.suse.com/show_bug.cgi?id=1254961 * https://bugzilla.suse.com/show_bug.cgi?id=1254964 * https://bugzilla.suse.com/show_bug.cgi?id=1254996 * https://bugzilla.suse.com/show_bug.cgi?id=1255026 * https://bugzilla.suse.com/show_bug.cgi?id=1255030 * https://bugzilla.suse.com/show_bug.cgi?id=1255034 * https://bugzilla.suse.com/show_bug.cgi?id=1255035 * https://bugzilla.suse.com/show_bug.cgi?id=1255039 * https://bugzilla.suse.com/show_bug.cgi?id=1255040 * https://bugzilla.suse.com/show_bug.cgi?id=1255041 * https://bugzilla.suse.com/show_bug.cgi?id=1255042 * https://bugzilla.suse.com/show_bug.cgi?id=1255057 * https://bugzilla.suse.com/show_bug.cgi?id=1255058 * https://bugzilla.suse.com/show_bug.cgi?id=1255064 * https://bugzilla.suse.com/show_bug.cgi?id=1255065 * https://bugzilla.suse.com/show_bug.cgi?id=1255068 * https://bugzilla.suse.com/show_bug.cgi?id=1255071 * https://bugzilla.suse.com/show_bug.cgi?id=1255072 * https://bugzilla.suse.com/show_bug.cgi?id=1255075 * https://bugzilla.suse.com/show_bug.cgi?id=1255077 * https://bugzilla.suse.com/show_bug.cgi?id=1255081 * https://bugzilla.suse.com/show_bug.cgi?id=1255082 * https://bugzilla.suse.com/show_bug.cgi?id=1255083 * https://bugzilla.suse.com/show_bug.cgi?id=1255087 * https://bugzilla.suse.com/show_bug.cgi?id=1255092 * https://bugzilla.suse.com/show_bug.cgi?id=1255094 * https://bugzilla.suse.com/show_bug.cgi?id=1255095 * https://bugzilla.suse.com/show_bug.cgi?id=1255097 * https://bugzilla.suse.com/show_bug.cgi?id=1255099 * https://bugzilla.suse.com/show_bug.cgi?id=1255103 * https://bugzilla.suse.com/show_bug.cgi?id=1255116 * https://bugzilla.suse.com/show_bug.cgi?id=1255120 * https://bugzilla.suse.com/show_bug.cgi?id=1255121 * https://bugzilla.suse.com/show_bug.cgi?id=1255122 * https://bugzilla.suse.com/show_bug.cgi?id=1255124 * https://bugzilla.suse.com/show_bug.cgi?id=1255131 * https://bugzilla.suse.com/show_bug.cgi?id=1255134 * https://bugzilla.suse.com/show_bug.cgi?id=1255135 * https://bugzilla.suse.com/show_bug.cgi?id=1255136 * https://bugzilla.suse.com/show_bug.cgi?id=1255138 * https://bugzilla.suse.com/show_bug.cgi?id=1255140 * https://bugzilla.suse.com/show_bug.cgi?id=1255142 * https://bugzilla.suse.com/show_bug.cgi?id=1255145 * https://bugzilla.suse.com/show_bug.cgi?id=1255146 * https://bugzilla.suse.com/show_bug.cgi?id=1255149 * https://bugzilla.suse.com/show_bug.cgi?id=1255150 * https://bugzilla.suse.com/show_bug.cgi?id=1255152 * https://bugzilla.suse.com/show_bug.cgi?id=1255154 * https://bugzilla.suse.com/show_bug.cgi?id=1255155 * https://bugzilla.suse.com/show_bug.cgi?id=1255156 * https://bugzilla.suse.com/show_bug.cgi?id=1255161 * https://bugzilla.suse.com/show_bug.cgi?id=1255167 * https://bugzilla.suse.com/show_bug.cgi?id=1255169 * https://bugzilla.suse.com/show_bug.cgi?id=1255171 * https://bugzilla.suse.com/show_bug.cgi?id=1255175 * https://bugzilla.suse.com/show_bug.cgi?id=1255179 * https://bugzilla.suse.com/show_bug.cgi?id=1255181 * https://bugzilla.suse.com/show_bug.cgi?id=1255182 * https://bugzilla.suse.com/show_bug.cgi?id=1255186 * https://bugzilla.suse.com/show_bug.cgi?id=1255187 * https://bugzilla.suse.com/show_bug.cgi?id=1255190 * https://bugzilla.suse.com/show_bug.cgi?id=1255193 * https://bugzilla.suse.com/show_bug.cgi?id=1255196 * https://bugzilla.suse.com/show_bug.cgi?id=1255197 * https://bugzilla.suse.com/show_bug.cgi?id=1255199 * https://bugzilla.suse.com/show_bug.cgi?id=1255202 * https://bugzilla.suse.com/show_bug.cgi?id=1255203 * https://bugzilla.suse.com/show_bug.cgi?id=1255206 * https://bugzilla.suse.com/show_bug.cgi?id=1255209 * https://bugzilla.suse.com/show_bug.cgi?id=1255218 * https://bugzilla.suse.com/show_bug.cgi?id=1255220 * https://bugzilla.suse.com/show_bug.cgi?id=1255221 * https://bugzilla.suse.com/show_bug.cgi?id=1255223 * https://bugzilla.suse.com/show_bug.cgi?id=1255226 * https://bugzilla.suse.com/show_bug.cgi?id=1255227 * https://bugzilla.suse.com/show_bug.cgi?id=1255228 * https://bugzilla.suse.com/show_bug.cgi?id=1255230 * https://bugzilla.suse.com/show_bug.cgi?id=1255231 * https://bugzilla.suse.com/show_bug.cgi?id=1255233 * https://bugzilla.suse.com/show_bug.cgi?id=1255234 * https://bugzilla.suse.com/show_bug.cgi?id=1255242 * https://bugzilla.suse.com/show_bug.cgi?id=1255243 * https://bugzilla.suse.com/show_bug.cgi?id=1255246 * https://bugzilla.suse.com/show_bug.cgi?id=1255247 * https://bugzilla.suse.com/show_bug.cgi?id=1255251 * https://bugzilla.suse.com/show_bug.cgi?id=1255252 * https://bugzilla.suse.com/show_bug.cgi?id=1255253 * https://bugzilla.suse.com/show_bug.cgi?id=1255255 * https://bugzilla.suse.com/show_bug.cgi?id=1255256 * https://bugzilla.suse.com/show_bug.cgi?id=1255259 * https://bugzilla.suse.com/show_bug.cgi?id=1255260 * https://bugzilla.suse.com/show_bug.cgi?id=1255261 * https://bugzilla.suse.com/show_bug.cgi?id=1255262 * https://bugzilla.suse.com/show_bug.cgi?id=1255272 * https://bugzilla.suse.com/show_bug.cgi?id=1255273 * https://bugzilla.suse.com/show_bug.cgi?id=1255274 * https://bugzilla.suse.com/show_bug.cgi?id=1255276 * https://bugzilla.suse.com/show_bug.cgi?id=1255279 * https://bugzilla.suse.com/show_bug.cgi?id=1255297 * https://bugzilla.suse.com/show_bug.cgi?id=1255312 * https://bugzilla.suse.com/show_bug.cgi?id=1255316 * https://bugzilla.suse.com/show_bug.cgi?id=1255318 * https://bugzilla.suse.com/show_bug.cgi?id=1255325 * https://bugzilla.suse.com/show_bug.cgi?id=1255329 * https://bugzilla.suse.com/show_bug.cgi?id=1255346 * https://bugzilla.suse.com/show_bug.cgi?id=1255349 * https://bugzilla.suse.com/show_bug.cgi?id=1255351 * https://bugzilla.suse.com/show_bug.cgi?id=1255354 * https://bugzilla.suse.com/show_bug.cgi?id=1255357 * https://bugzilla.suse.com/show_bug.cgi?id=1255377 * https://bugzilla.suse.com/show_bug.cgi?id=1255379 * https://bugzilla.suse.com/show_bug.cgi?id=1255380 * https://bugzilla.suse.com/show_bug.cgi?id=1255395 * https://bugzilla.suse.com/show_bug.cgi?id=1255401 * https://bugzilla.suse.com/show_bug.cgi?id=1255415 * https://bugzilla.suse.com/show_bug.cgi?id=1255428 * https://bugzilla.suse.com/show_bug.cgi?id=1255433 * https://bugzilla.suse.com/show_bug.cgi?id=1255434 * https://bugzilla.suse.com/show_bug.cgi?id=1255480 * https://bugzilla.suse.com/show_bug.cgi?id=1255483 * https://bugzilla.suse.com/show_bug.cgi?id=1255488 * https://bugzilla.suse.com/show_bug.cgi?id=1255489 * https://bugzilla.suse.com/show_bug.cgi?id=1255493 * https://bugzilla.suse.com/show_bug.cgi?id=1255495 * https://bugzilla.suse.com/show_bug.cgi?id=1255505 * https://bugzilla.suse.com/show_bug.cgi?id=1255507 * https://bugzilla.suse.com/show_bug.cgi?id=1255508 * https://bugzilla.suse.com/show_bug.cgi?id=1255509 * https://bugzilla.suse.com/show_bug.cgi?id=1255533 * https://bugzilla.suse.com/show_bug.cgi?id=1255541 * https://bugzilla.suse.com/show_bug.cgi?id=1255550 * https://bugzilla.suse.com/show_bug.cgi?id=1255552 * https://bugzilla.suse.com/show_bug.cgi?id=1255553 * https://bugzilla.suse.com/show_bug.cgi?id=1255567 * https://bugzilla.suse.com/show_bug.cgi?id=1255580 * https://bugzilla.suse.com/show_bug.cgi?id=1255601 * https://bugzilla.suse.com/show_bug.cgi?id=1255603 * https://bugzilla.suse.com/show_bug.cgi?id=1255611 * https://bugzilla.suse.com/show_bug.cgi?id=1255614 * https://bugzilla.suse.com/show_bug.cgi?id=1255672 * https://bugzilla.suse.com/show_bug.cgi?id=1255688 * https://bugzilla.suse.com/show_bug.cgi?id=1255698 * https://bugzilla.suse.com/show_bug.cgi?id=1255706 * https://bugzilla.suse.com/show_bug.cgi?id=1255707 * https://bugzilla.suse.com/show_bug.cgi?id=1255709 * https://bugzilla.suse.com/show_bug.cgi?id=1255722 * https://bugzilla.suse.com/show_bug.cgi?id=1255723 * https://bugzilla.suse.com/show_bug.cgi?id=1255724 * https://bugzilla.suse.com/show_bug.cgi?id=1255812 * https://bugzilla.suse.com/show_bug.cgi?id=1255813 * https://bugzilla.suse.com/show_bug.cgi?id=1255814 * https://bugzilla.suse.com/show_bug.cgi?id=1255816 * https://bugzilla.suse.com/show_bug.cgi?id=1255931 * https://bugzilla.suse.com/show_bug.cgi?id=1255932 * https://bugzilla.suse.com/show_bug.cgi?id=1255934 * https://bugzilla.suse.com/show_bug.cgi?id=1255943 * https://bugzilla.suse.com/show_bug.cgi?id=1255944 * https://bugzilla.suse.com/show_bug.cgi?id=1256238 * https://bugzilla.suse.com/show_bug.cgi?id=1256495 * https://bugzilla.suse.com/show_bug.cgi?id=1256606 * https://bugzilla.suse.com/show_bug.cgi?id=1256794 * https://jira.suse.com/browse/PED-12745 * https://jira.suse.com/browse/PED-14344 * https://jira.suse.com/browse/PED-14571 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Feb 5 20:33:11 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 05 Feb 2026 20:33:11 -0000 Subject: SUSE-SU-2026:20223-1: important: Security update for openssl-3 Message-ID: <177032359120.6560.10802598895102608201@smelt2.prg2.suse.org> # Security update for openssl-3 Announcement ID: SUSE-SU-2026:20223-1 Release Date: 2026-02-02T13:00:02Z Rating: important References: * bsc#1256829 * bsc#1256830 * bsc#1256831 * bsc#1256832 * bsc#1256833 * bsc#1256834 * bsc#1256835 * bsc#1256836 * bsc#1256837 * bsc#1256838 * bsc#1256839 * bsc#1256840 * bsc#1257274 Cross-References: * CVE-2025-11187 * CVE-2025-15467 * CVE-2025-15468 * CVE-2025-15469 * CVE-2025-66199 * CVE-2025-68160 * CVE-2025-69418 * CVE-2025-69419 * CVE-2025-69420 * CVE-2025-69421 * CVE-2026-22795 * CVE-2026-22796 CVSS scores: * CVE-2025-11187 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-11187 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-11187 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H * CVE-2025-15467 ( SUSE ): 9.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-15467 ( SUSE ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-15467 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-15468 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-15468 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-15468 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-15469 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-15469 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2025-15469 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2025-66199 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-66199 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-66199 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68160 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68160 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68160 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-69418 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-69418 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-69418 ( NVD ): 4.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-69419 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-69419 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-69419 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2025-69420 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-69420 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-69420 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-69421 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-69421 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-69421 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-22795 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-22795 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-22795 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-22796 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-22796 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP Applications 16.0 An update that solves 12 vulnerabilities and has one fix can now be installed. ## Description: This update for openssl-3 fixes the following issues: Security fixes: * CVE-2025-11187: Improper validation of PBMAC1 parameters in PKCS#12 MAC verification (bsc#1256829). * CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing (bsc#1256830). * CVE-2025-15468: NULL dereference in SSL_CIPHER_find() function on unknown cipher ID (bsc#1256831). * CVE-2025-15469: "openssl dgst" one-shot codepath silently truncates inputs >16MB (bsc#1256832). * CVE-2025-66199: TLS 1.3 CompressedCertificate excessive memory allocation (bsc#1256833). * CVE-2025-68160: Heap out-of-bounds write in BIO_f_linebuffer on short writes (bsc#1256834). * CVE-2025-69418: Unauthenticated/unencrypted trailing bytes with low-level OCB function calls (bsc#1256835). * CVE-2025-69419: Out of bounds write in PKCS12_get_friendlyname() UTF-8 conversion (bsc#1256836). * CVE-2025-69420: Missing ASN1_TYPE validation in TS_RESP_verify_response() function (bsc#1256837). * CVE-2025-69421: NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex function (bsc#1256838). * CVE-2026-22795: Missing ASN1_TYPE validation in PKCS#12 parsing (bsc#1256839). * CVE-2026-22796: ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes() function (bsc#1256840). Other fixes: * Enable livepatching support for ppc64le (bsc#1257274). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-237=1 * SUSE Linux Enterprise Server for SAP Applications 16.0 zypper in -t patch SUSE-SLES-16.0-237=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * libopenssl3-3.5.0-160000.5.1 * libopenssl3-debuginfo-3.5.0-160000.5.1 * openssl-3-debugsource-3.5.0-160000.5.1 * libopenssl-3-fips-provider-3.5.0-160000.5.1 * openssl-3-3.5.0-160000.5.1 * libopenssl-3-fips-provider-debuginfo-3.5.0-160000.5.1 * libopenssl-3-devel-3.5.0-160000.5.1 * openssl-3-debuginfo-3.5.0-160000.5.1 * SUSE Linux Enterprise Server 16.0 (noarch) * openssl-3-doc-3.5.0-160000.5.1 * SUSE Linux Enterprise Server 16.0 (x86_64) * libopenssl3-x86-64-v3-debuginfo-3.5.0-160000.5.1 * libopenssl3-x86-64-v3-3.5.0-160000.5.1 * libopenssl-3-fips-provider-x86-64-v3-debuginfo-3.5.0-160000.5.1 * libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.5.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (ppc64le x86_64) * libopenssl3-3.5.0-160000.5.1 * libopenssl3-debuginfo-3.5.0-160000.5.1 * openssl-3-debugsource-3.5.0-160000.5.1 * libopenssl-3-fips-provider-3.5.0-160000.5.1 * openssl-3-3.5.0-160000.5.1 * libopenssl-3-fips-provider-debuginfo-3.5.0-160000.5.1 * libopenssl-3-devel-3.5.0-160000.5.1 * openssl-3-debuginfo-3.5.0-160000.5.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (x86_64) * libopenssl3-x86-64-v3-debuginfo-3.5.0-160000.5.1 * libopenssl3-x86-64-v3-3.5.0-160000.5.1 * libopenssl-3-fips-provider-x86-64-v3-debuginfo-3.5.0-160000.5.1 * libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.5.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (noarch) * openssl-3-doc-3.5.0-160000.5.1 ## References: * https://www.suse.com/security/cve/CVE-2025-11187.html * https://www.suse.com/security/cve/CVE-2025-15467.html * https://www.suse.com/security/cve/CVE-2025-15468.html * https://www.suse.com/security/cve/CVE-2025-15469.html * https://www.suse.com/security/cve/CVE-2025-66199.html * https://www.suse.com/security/cve/CVE-2025-68160.html * https://www.suse.com/security/cve/CVE-2025-69418.html * https://www.suse.com/security/cve/CVE-2025-69419.html * https://www.suse.com/security/cve/CVE-2025-69420.html * https://www.suse.com/security/cve/CVE-2025-69421.html * https://www.suse.com/security/cve/CVE-2026-22795.html * https://www.suse.com/security/cve/CVE-2026-22796.html * https://bugzilla.suse.com/show_bug.cgi?id=1256829 * https://bugzilla.suse.com/show_bug.cgi?id=1256830 * https://bugzilla.suse.com/show_bug.cgi?id=1256831 * https://bugzilla.suse.com/show_bug.cgi?id=1256832 * https://bugzilla.suse.com/show_bug.cgi?id=1256833 * https://bugzilla.suse.com/show_bug.cgi?id=1256834 * https://bugzilla.suse.com/show_bug.cgi?id=1256835 * https://bugzilla.suse.com/show_bug.cgi?id=1256836 * https://bugzilla.suse.com/show_bug.cgi?id=1256837 * https://bugzilla.suse.com/show_bug.cgi?id=1256838 * https://bugzilla.suse.com/show_bug.cgi?id=1256839 * https://bugzilla.suse.com/show_bug.cgi?id=1256840 * https://bugzilla.suse.com/show_bug.cgi?id=1257274 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Feb 5 20:33:17 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 05 Feb 2026 20:33:17 -0000 Subject: SUSE-SU-2026:20222-1: moderate: Security update for wireshark Message-ID: <177032359761.6560.9329086073226550285@smelt2.prg2.suse.org> # Security update for wireshark Announcement ID: SUSE-SU-2026:20222-1 Release Date: 2026-02-02T12:56:02Z Rating: moderate References: * bsc#1249090 * bsc#1251933 * bsc#1254108 * bsc#1254471 * bsc#1254472 * bsc#1256734 * bsc#1256738 * bsc#1256739 Cross-References: * CVE-2025-11626 * CVE-2025-13499 * CVE-2025-13945 * CVE-2025-13946 * CVE-2025-9817 * CVE-2026-0959 * CVE-2026-0961 * CVE-2026-0962 CVSS scores: * CVE-2025-11626 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-11626 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-11626 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-13499 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-13499 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H * CVE-2025-13499 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-13499 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-13945 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-13945 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-13946 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-13946 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-9817 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-9817 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-9817 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-9817 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-0959 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-0959 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-0959 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-0959 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-0961 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-0961 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-0961 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-0961 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-0962 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-0962 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-0962 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-0962 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP Applications 16.0 An update that solves eight vulnerabilities can now be installed. ## Description: This update for wireshark fixes the following issues: Update to Wireshark 4.4.13: * CVE-2025-11626: MONGO dissector infinite loop (bsc#1251933). * CVE-2025-13499: Kafka dissector crash (bsc#1254108). * CVE-2025-13945: HTTP3 dissector crash (bsc#1254471). * CVE-2025-13946: MEGACO dissector infinite loop (bsc#1254472). * CVE-2025-9817: SSH dissector crash (bsc#1249090). * CVE-2026-0959: IEEE 802.11 dissector crash (bsc#1256734). * CVE-2026-0961: BLF file parser crash (bsc#1256738). * CVE-2026-0962: SOME/IP-SD dissector crash (bsc#1256739). Full changelog: https://www.wireshark.org/docs/relnotes/wireshark-4.4.13.html ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-236=1 * SUSE Linux Enterprise Server for SAP Applications 16.0 zypper in -t patch SUSE-SLES-16.0-236=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * wireshark-4.4.13-160000.1.1 * wireshark-devel-4.4.13-160000.1.1 * libwireshark18-4.4.13-160000.1.1 * libwiretap15-4.4.13-160000.1.1 * libwiretap15-debuginfo-4.4.13-160000.1.1 * wireshark-ui-qt-4.4.13-160000.1.1 * libwsutil16-4.4.13-160000.1.1 * wireshark-debugsource-4.4.13-160000.1.1 * libwireshark18-debuginfo-4.4.13-160000.1.1 * wireshark-debuginfo-4.4.13-160000.1.1 * wireshark-ui-qt-debuginfo-4.4.13-160000.1.1 * libwsutil16-debuginfo-4.4.13-160000.1.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (ppc64le x86_64) * wireshark-4.4.13-160000.1.1 * wireshark-devel-4.4.13-160000.1.1 * libwireshark18-4.4.13-160000.1.1 * libwiretap15-4.4.13-160000.1.1 * libwiretap15-debuginfo-4.4.13-160000.1.1 * wireshark-ui-qt-4.4.13-160000.1.1 * libwsutil16-4.4.13-160000.1.1 * wireshark-debugsource-4.4.13-160000.1.1 * libwireshark18-debuginfo-4.4.13-160000.1.1 * wireshark-debuginfo-4.4.13-160000.1.1 * wireshark-ui-qt-debuginfo-4.4.13-160000.1.1 * libwsutil16-debuginfo-4.4.13-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-11626.html * https://www.suse.com/security/cve/CVE-2025-13499.html * https://www.suse.com/security/cve/CVE-2025-13945.html * https://www.suse.com/security/cve/CVE-2025-13946.html * https://www.suse.com/security/cve/CVE-2025-9817.html * https://www.suse.com/security/cve/CVE-2026-0959.html * https://www.suse.com/security/cve/CVE-2026-0961.html * https://www.suse.com/security/cve/CVE-2026-0962.html * https://bugzilla.suse.com/show_bug.cgi?id=1249090 * https://bugzilla.suse.com/show_bug.cgi?id=1251933 * https://bugzilla.suse.com/show_bug.cgi?id=1254108 * https://bugzilla.suse.com/show_bug.cgi?id=1254471 * https://bugzilla.suse.com/show_bug.cgi?id=1254472 * https://bugzilla.suse.com/show_bug.cgi?id=1256734 * https://bugzilla.suse.com/show_bug.cgi?id=1256738 * https://bugzilla.suse.com/show_bug.cgi?id=1256739 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Feb 5 20:33:22 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 05 Feb 2026 20:33:22 -0000 Subject: SUSE-SU-2026:20221-1: important: Security update for glib2 Message-ID: <177032360225.6560.15772062215435436228@smelt2.prg2.suse.org> # Security update for glib2 Announcement ID: SUSE-SU-2026:20221-1 Release Date: 2026-02-02T12:41:24Z Rating: important References: * bsc#1257049 * bsc#1257353 * bsc#1257354 * bsc#1257355 Cross-References: * CVE-2026-0988 * CVE-2026-1484 * CVE-2026-1485 * CVE-2026-1489 CVSS scores: * CVE-2026-0988 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-0988 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-0988 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-1484 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-1484 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-1484 ( NVD ): 4.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L * CVE-2026-1485 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-1485 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-1485 ( NVD ): 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2026-1489 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-1489 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-1489 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP Applications 16.0 An update that solves four vulnerabilities can now be installed. ## Description: This update for glib2 fixes the following issues: * CVE-2026-1485: Fixed buffer underflow and out-of-bounds access due to integer wraparound in content type parsing (bsc#1257354). * CVE-2026-1484: Fixed buffer underflow and out-of-bounds access due to miscalculated buffer boundaries in the Base64 encoding routine (bsc#1257355). * CVE-2026-1489: Fixed undersized heap allocation followed by out-of-bounds access due to integer overflow in Unicode case conversion (bsc#1257353). * CVE-2026-0988: Fixed a potential integer overflow in g_buffered_input_stream_peek (bsc#1257049). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-235=1 * SUSE Linux Enterprise Server for SAP Applications 16.0 zypper in -t patch SUSE-SLES-16.0-235=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * glib2-doc-2.84.4-160000.2.1 * typelib-1_0-GLib-2_0-2.84.4-160000.2.1 * libgthread-2_0-0-2.84.4-160000.2.1 * libglib-2_0-0-debuginfo-2.84.4-160000.2.1 * libgirepository-2_0-0-debuginfo-2.84.4-160000.2.1 * libgio-2_0-0-2.84.4-160000.2.1 * typelib-1_0-GObject-2_0-2.84.4-160000.2.1 * glib2-devel-debuginfo-2.84.4-160000.2.1 * libgthread-2_0-0-debuginfo-2.84.4-160000.2.1 * libglib-2_0-0-2.84.4-160000.2.1 * glib2-devel-2.84.4-160000.2.1 * libgobject-2_0-0-debuginfo-2.84.4-160000.2.1 * libgmodule-2_0-0-debuginfo-2.84.4-160000.2.1 * libgirepository-2_0-0-2.84.4-160000.2.1 * glib2-devel-static-2.84.4-160000.2.1 * glib2-tools-2.84.4-160000.2.1 * typelib-1_0-GIRepository-3_0-2.84.4-160000.2.1 * libgmodule-2_0-0-2.84.4-160000.2.1 * typelib-1_0-GModule-2_0-2.84.4-160000.2.1 * typelib-1_0-Gio-2_0-2.84.4-160000.2.1 * glib2-debugsource-2.84.4-160000.2.1 * libgio-2_0-0-debuginfo-2.84.4-160000.2.1 * glib2-tools-debuginfo-2.84.4-160000.2.1 * typelib-1_0-GLibUnix-2_0-2.84.4-160000.2.1 * libgobject-2_0-0-2.84.4-160000.2.1 * SUSE Linux Enterprise Server 16.0 (noarch) * glib2-lang-2.84.4-160000.2.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (ppc64le x86_64) * glib2-doc-2.84.4-160000.2.1 * typelib-1_0-GLib-2_0-2.84.4-160000.2.1 * libgthread-2_0-0-2.84.4-160000.2.1 * libglib-2_0-0-debuginfo-2.84.4-160000.2.1 * libgirepository-2_0-0-debuginfo-2.84.4-160000.2.1 * libgio-2_0-0-2.84.4-160000.2.1 * typelib-1_0-GObject-2_0-2.84.4-160000.2.1 * glib2-devel-debuginfo-2.84.4-160000.2.1 * libgthread-2_0-0-debuginfo-2.84.4-160000.2.1 * libglib-2_0-0-2.84.4-160000.2.1 * glib2-devel-2.84.4-160000.2.1 * libgobject-2_0-0-debuginfo-2.84.4-160000.2.1 * libgmodule-2_0-0-debuginfo-2.84.4-160000.2.1 * libgirepository-2_0-0-2.84.4-160000.2.1 * glib2-devel-static-2.84.4-160000.2.1 * glib2-tools-2.84.4-160000.2.1 * typelib-1_0-GIRepository-3_0-2.84.4-160000.2.1 * libgmodule-2_0-0-2.84.4-160000.2.1 * typelib-1_0-GModule-2_0-2.84.4-160000.2.1 * typelib-1_0-Gio-2_0-2.84.4-160000.2.1 * glib2-debugsource-2.84.4-160000.2.1 * libgio-2_0-0-debuginfo-2.84.4-160000.2.1 * glib2-tools-debuginfo-2.84.4-160000.2.1 * typelib-1_0-GLibUnix-2_0-2.84.4-160000.2.1 * libgobject-2_0-0-2.84.4-160000.2.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (noarch) * glib2-lang-2.84.4-160000.2.1 ## References: * https://www.suse.com/security/cve/CVE-2026-0988.html * https://www.suse.com/security/cve/CVE-2026-1484.html * https://www.suse.com/security/cve/CVE-2026-1485.html * https://www.suse.com/security/cve/CVE-2026-1489.html * https://bugzilla.suse.com/show_bug.cgi?id=1257049 * https://bugzilla.suse.com/show_bug.cgi?id=1257353 * https://bugzilla.suse.com/show_bug.cgi?id=1257354 * https://bugzilla.suse.com/show_bug.cgi?id=1257355 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Feb 5 20:36:09 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 05 Feb 2026 20:36:09 -0000 Subject: SUSE-SU-2026:20220-1: important: Security update for the Linux Kernel Message-ID: <177032376928.6560.9522568175372191037@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:20220-1 Release Date: 2026-02-02T11:54:26Z Rating: important References: * bsc#1205462 * bsc#1214285 * bsc#1243112 * bsc#1245193 * bsc#1247500 * bsc#1250388 * bsc#1252046 * bsc#1252861 * bsc#1253155 * bsc#1253238 * bsc#1253262 * bsc#1253365 * bsc#1253400 * bsc#1253413 * bsc#1253414 * bsc#1253442 * bsc#1253458 * bsc#1253623 * bsc#1253674 * bsc#1253739 * bsc#1254126 * bsc#1254128 * bsc#1254195 * bsc#1254244 * bsc#1254363 * bsc#1254378 * bsc#1254408 * bsc#1254477 * bsc#1254510 * bsc#1254518 * bsc#1254519 * bsc#1254520 * bsc#1254615 * bsc#1254616 * bsc#1254618 * bsc#1254621 * bsc#1254624 * bsc#1254791 * bsc#1254793 * bsc#1254794 * bsc#1254795 * bsc#1254796 * bsc#1254797 * bsc#1254798 * bsc#1254808 * bsc#1254809 * bsc#1254813 * bsc#1254815 * bsc#1254821 * bsc#1254824 * bsc#1254825 * bsc#1254827 * bsc#1254828 * bsc#1254829 * bsc#1254830 * bsc#1254832 * bsc#1254835 * bsc#1254840 * bsc#1254843 * bsc#1254846 * bsc#1254847 * bsc#1254849 * bsc#1254850 * bsc#1254851 * bsc#1254852 * bsc#1254854 * bsc#1254856 * bsc#1254858 * bsc#1254860 * bsc#1254861 * bsc#1254864 * bsc#1254868 * bsc#1254869 * bsc#1254871 * bsc#1254894 * bsc#1254957 * bsc#1254959 * bsc#1254961 * bsc#1254964 * bsc#1254996 * bsc#1255026 * bsc#1255030 * bsc#1255034 * bsc#1255035 * bsc#1255039 * bsc#1255040 * bsc#1255041 * bsc#1255042 * bsc#1255057 * bsc#1255058 * bsc#1255064 * bsc#1255065 * bsc#1255068 * bsc#1255071 * bsc#1255072 * bsc#1255075 * bsc#1255077 * bsc#1255081 * bsc#1255082 * bsc#1255083 * bsc#1255087 * bsc#1255092 * bsc#1255094 * bsc#1255095 * bsc#1255097 * bsc#1255099 * bsc#1255103 * bsc#1255116 * bsc#1255120 * bsc#1255121 * bsc#1255122 * bsc#1255124 * bsc#1255131 * bsc#1255134 * bsc#1255135 * bsc#1255136 * bsc#1255138 * bsc#1255140 * bsc#1255142 * bsc#1255145 * bsc#1255146 * bsc#1255149 * bsc#1255150 * bsc#1255152 * bsc#1255154 * bsc#1255155 * bsc#1255156 * bsc#1255161 * bsc#1255167 * bsc#1255169 * bsc#1255171 * bsc#1255175 * bsc#1255179 * bsc#1255181 * bsc#1255182 * bsc#1255186 * bsc#1255187 * bsc#1255190 * bsc#1255193 * bsc#1255196 * bsc#1255197 * bsc#1255199 * bsc#1255202 * bsc#1255203 * bsc#1255206 * bsc#1255209 * bsc#1255218 * bsc#1255220 * bsc#1255221 * bsc#1255223 * bsc#1255226 * bsc#1255227 * bsc#1255228 * bsc#1255230 * bsc#1255231 * bsc#1255233 * bsc#1255234 * bsc#1255242 * bsc#1255243 * bsc#1255246 * bsc#1255247 * bsc#1255251 * bsc#1255252 * bsc#1255253 * bsc#1255255 * bsc#1255256 * bsc#1255259 * bsc#1255260 * bsc#1255261 * bsc#1255262 * bsc#1255272 * bsc#1255273 * bsc#1255274 * bsc#1255276 * bsc#1255279 * bsc#1255297 * bsc#1255312 * bsc#1255316 * bsc#1255318 * bsc#1255325 * bsc#1255329 * bsc#1255346 * bsc#1255349 * bsc#1255351 * bsc#1255354 * bsc#1255357 * bsc#1255377 * bsc#1255379 * bsc#1255380 * bsc#1255395 * bsc#1255401 * bsc#1255415 * bsc#1255428 * bsc#1255433 * bsc#1255434 * bsc#1255480 * bsc#1255483 * bsc#1255488 * bsc#1255489 * bsc#1255493 * bsc#1255495 * bsc#1255505 * bsc#1255507 * bsc#1255508 * bsc#1255509 * bsc#1255533 * bsc#1255541 * bsc#1255550 * bsc#1255552 * bsc#1255553 * bsc#1255567 * bsc#1255580 * bsc#1255601 * bsc#1255603 * bsc#1255611 * bsc#1255614 * bsc#1255672 * bsc#1255688 * bsc#1255698 * bsc#1255706 * bsc#1255707 * bsc#1255709 * bsc#1255722 * bsc#1255723 * bsc#1255724 * bsc#1255812 * bsc#1255813 * bsc#1255814 * bsc#1255816 * bsc#1255931 * bsc#1255932 * bsc#1255934 * bsc#1255943 * bsc#1255944 * bsc#1256238 * bsc#1256495 * bsc#1256606 * bsc#1256794 * jsc#PED-12745 * jsc#PED-14344 * jsc#PED-14571 Cross-References: * CVE-2025-38704 * CVE-2025-39880 * CVE-2025-39977 * CVE-2025-40042 * CVE-2025-40123 * CVE-2025-40130 * CVE-2025-40160 * CVE-2025-40167 * CVE-2025-40170 * CVE-2025-40179 * CVE-2025-40190 * CVE-2025-40209 * CVE-2025-40211 * CVE-2025-40212 * CVE-2025-40213 * CVE-2025-40214 * CVE-2025-40215 * CVE-2025-40218 * CVE-2025-40219 * CVE-2025-40220 * CVE-2025-40221 * CVE-2025-40223 * CVE-2025-40225 * CVE-2025-40226 * CVE-2025-40231 * CVE-2025-40233 * CVE-2025-40235 * CVE-2025-40237 * CVE-2025-40238 * CVE-2025-40239 * CVE-2025-40240 * CVE-2025-40242 * CVE-2025-40246 * CVE-2025-40248 * CVE-2025-40250 * CVE-2025-40251 * CVE-2025-40252 * CVE-2025-40254 * CVE-2025-40255 * CVE-2025-40256 * CVE-2025-40258 * CVE-2025-40262 * CVE-2025-40263 * CVE-2025-40264 * CVE-2025-40266 * CVE-2025-40268 * CVE-2025-40269 * CVE-2025-40271 * CVE-2025-40272 * CVE-2025-40273 * CVE-2025-40274 * CVE-2025-40275 * CVE-2025-40276 * CVE-2025-40277 * CVE-2025-40278 * CVE-2025-40279 * CVE-2025-40280 * CVE-2025-40282 * CVE-2025-40283 * CVE-2025-40284 * CVE-2025-40287 * CVE-2025-40288 * CVE-2025-40289 * CVE-2025-40292 * CVE-2025-40293 * CVE-2025-40294 * CVE-2025-40297 * CVE-2025-40301 * CVE-2025-40302 * CVE-2025-40303 * CVE-2025-40304 * CVE-2025-40307 * CVE-2025-40308 * CVE-2025-40309 * CVE-2025-40310 * CVE-2025-40311 * CVE-2025-40314 * CVE-2025-40315 * CVE-2025-40316 * CVE-2025-40317 * CVE-2025-40318 * CVE-2025-40319 * CVE-2025-40320 * CVE-2025-40321 * CVE-2025-40322 * CVE-2025-40323 * CVE-2025-40324 * CVE-2025-40328 * CVE-2025-40329 * CVE-2025-40330 * CVE-2025-40331 * CVE-2025-40332 * CVE-2025-40337 * CVE-2025-40338 * CVE-2025-40339 * CVE-2025-40340 * CVE-2025-40342 * CVE-2025-40343 * CVE-2025-40344 * CVE-2025-40345 * CVE-2025-40346 * CVE-2025-40347 * CVE-2025-40350 * CVE-2025-40353 * CVE-2025-40354 * CVE-2025-40355 * CVE-2025-40357 * CVE-2025-40359 * CVE-2025-40360 * CVE-2025-40362 * CVE-2025-68167 * CVE-2025-68170 * CVE-2025-68171 * CVE-2025-68172 * CVE-2025-68176 * CVE-2025-68180 * CVE-2025-68181 * CVE-2025-68183 * CVE-2025-68184 * CVE-2025-68185 * CVE-2025-68190 * CVE-2025-68192 * CVE-2025-68194 * CVE-2025-68195 * CVE-2025-68197 * CVE-2025-68198 * CVE-2025-68201 * CVE-2025-68202 * CVE-2025-68206 * CVE-2025-68207 * CVE-2025-68208 * CVE-2025-68209 * CVE-2025-68210 * CVE-2025-68213 * CVE-2025-68215 * CVE-2025-68217 * CVE-2025-68222 * CVE-2025-68223 * CVE-2025-68230 * CVE-2025-68233 * CVE-2025-68235 * CVE-2025-68237 * CVE-2025-68238 * CVE-2025-68239 * CVE-2025-68242 * CVE-2025-68244 * CVE-2025-68249 * CVE-2025-68252 * CVE-2025-68254 * CVE-2025-68255 * CVE-2025-68256 * CVE-2025-68257 * CVE-2025-68258 * CVE-2025-68259 * CVE-2025-68264 * CVE-2025-68283 * CVE-2025-68284 * CVE-2025-68285 * CVE-2025-68286 * CVE-2025-68287 * CVE-2025-68289 * CVE-2025-68290 * CVE-2025-68293 * CVE-2025-68298 * CVE-2025-68301 * CVE-2025-68302 * CVE-2025-68303 * CVE-2025-68305 * CVE-2025-68306 * CVE-2025-68307 * CVE-2025-68308 * CVE-2025-68311 * CVE-2025-68312 * CVE-2025-68313 * CVE-2025-68317 * CVE-2025-68327 * CVE-2025-68328 * CVE-2025-68330 * CVE-2025-68331 * CVE-2025-68332 * CVE-2025-68335 * CVE-2025-68339 * CVE-2025-68340 * CVE-2025-68342 * CVE-2025-68343 * CVE-2025-68344 * CVE-2025-68345 * CVE-2025-68346 * CVE-2025-68347 * CVE-2025-68351 * CVE-2025-68352 * CVE-2025-68353 * CVE-2025-68354 * CVE-2025-68362 * CVE-2025-68363 * CVE-2025-68378 * CVE-2025-68380 * CVE-2025-68724 * CVE-2025-68732 * CVE-2025-68736 * CVE-2025-68740 * CVE-2025-68742 * CVE-2025-68744 * CVE-2025-68746 * CVE-2025-68747 * CVE-2025-68748 * CVE-2025-68749 * CVE-2025-68750 * CVE-2025-68753 * CVE-2025-68757 * CVE-2025-68758 * CVE-2025-68759 * CVE-2025-68765 * CVE-2025-68766 * CVE-2025-71096 CVSS scores: * CVE-2025-38704 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38704 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-39880 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-39880 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40042 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40123 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40123 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40130 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40130 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40160 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-40160 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-40167 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40167 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40170 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40170 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-40179 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40179 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40190 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-40190 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-40209 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40209 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40211 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40211 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-40212 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40212 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40213 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-40213 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-40214 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40214 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40215 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40215 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40218 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40219 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-40219 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-40220 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-40220 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-40221 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40221 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-40223 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40225 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40226 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40231 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40233 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40235 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40237 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40238 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40239 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40240 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40242 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40242 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40246 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40248 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40250 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40251 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40252 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40254 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40255 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40256 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40258 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40258 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40262 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40263 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40263 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40264 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40266 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-40266 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L * CVE-2025-40268 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40268 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40269 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40269 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40271 ( SUSE ): 5.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H * CVE-2025-40272 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40273 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40274 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40275 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40276 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40277 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40278 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40279 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-40279 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2025-40280 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40280 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40282 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40282 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40283 ( SUSE ): 7.0 CVSS:4.0/AV:P/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40283 ( SUSE ): 6.6 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40284 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40284 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40287 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40288 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40288 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40289 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40289 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40292 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40292 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H * CVE-2025-40293 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40293 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40294 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-40294 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2025-40297 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40297 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40301 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-40301 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2025-40302 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40302 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-40303 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-40303 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-40304 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40304 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40307 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40307 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40308 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40308 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40309 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40309 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40310 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40310 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40311 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-40311 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-40314 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-40314 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-40315 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40315 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40316 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40317 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40318 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40319 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40320 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40321 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40322 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40322 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-40323 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40323 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40324 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40328 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40329 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40330 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40331 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40332 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40332 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40337 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40338 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-40338 ( SUSE ): 5.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H * CVE-2025-40339 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40340 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-40342 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40342 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40343 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40343 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40344 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40345 ( SUSE ): 7.0 CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40345 ( SUSE ): 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40346 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40346 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40347 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40350 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40353 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-40353 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-40354 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40354 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40355 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40357 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-40357 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-40359 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-40359 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-40360 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40360 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40362 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40362 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-68167 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68167 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68170 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68171 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68172 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68176 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68180 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68181 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68183 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-68183 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-68184 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68184 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68185 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68185 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68190 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68190 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68192 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68194 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68194 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68195 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68197 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68198 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68201 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68201 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68202 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68202 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68206 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68206 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68207 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68208 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68208 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H * CVE-2025-68209 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68210 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68213 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68215 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68217 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68222 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68223 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-68223 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-68230 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68230 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68233 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68235 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68237 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68238 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68239 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68242 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68244 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68249 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68252 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68254 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68254 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68255 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-68255 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-68256 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68256 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68257 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68258 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68259 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68264 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-68264 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-68283 ( SUSE ): 5.9 CVSS:4.0/AV:A/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68283 ( SUSE ): 6.4 CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-68284 ( SUSE ): 7.0 CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-68284 ( SUSE ): 7.3 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-68285 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-68285 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-68286 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68287 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68289 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68290 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68293 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68298 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68301 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68302 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68303 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68305 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68305 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68306 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68306 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68307 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-68307 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-68308 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68308 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68311 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68311 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68312 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68312 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68313 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-68313 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-68317 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-68317 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2025-68327 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68327 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68328 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-68328 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-68330 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68330 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68331 ( SUSE ): 5.4 CVSS:4.0/AV:P/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-68331 ( SUSE ): 6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-68332 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68335 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68339 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-68339 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-68340 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-68340 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-68342 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68342 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-68343 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68343 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-68344 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-68344 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-68345 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68346 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68347 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-68347 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-68351 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68352 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68353 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68353 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68354 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68362 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68363 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68378 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68380 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68724 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68732 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-68732 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-68736 ( SUSE ): 7.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-68736 ( SUSE ): 5.7 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N * CVE-2025-68740 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68740 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68742 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68742 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68744 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68744 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68746 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68746 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68747 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-68747 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-68748 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-68748 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-68749 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68749 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68750 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-68750 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-68753 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-68753 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2025-68757 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68757 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68758 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-68758 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-68759 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68759 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68765 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68765 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68766 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-68766 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-71096 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-71096 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP Applications 16.0 An update that solves 215 vulnerabilities, contains three features and has 23 fixes can now be installed. ## Description: The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: * CVE-2025-38704: rcu/nocb: Fix possible invalid rdp's->nocb_cb_kthread pointer (bsc#1254408). * CVE-2025-39880: ceph: fix race condition validating r_parent before applying state (bsc#1250388). * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252046). * CVE-2025-40042: tracing: Fix race condition in kprobe initialization causing NULL pointer dereference (bsc#1252861). * CVE-2025-40123: bpf: Enforce expected_attach_type for tailcall compatibility (bsc#1253365). * CVE-2025-40130: scsi: ufs: core: Fix data race in CPU latency PM QoS request handling * CVE-2025-40160: xen/events: Cleanup find_virq() return codes (bsc#1253400). * CVE-2025-40167: ext4: detect invalid INLINE_DATA + EXTENTS flag combination (bsc#1253458). * CVE-2025-40170: net: use dst_dev_rcu() in sk_setup_caps() (bsc#1253413). * CVE-2025-40179: ext4: verify orphan file size is not too big (bsc#1253442). * CVE-2025-40190: ext4: guard against EA inode refcount underflow in xattr update (bsc#1253623). * CVE-2025-40214: af_unix: Initialise scc_index in unix_add_edge() (bsc#1254961). * CVE-2025-40215: xfrm: delete x->tunnel as we delete x (bsc#1254959). * CVE-2025-40218: mm/damon/vaddr: do not repeat pte_offset_map_lock() until success (bsc#1254964). * CVE-2025-40220: fuse: fix livelock in synchronous file put from fuseblk workers (bsc#1254520). * CVE-2025-40231: vsock: fix lock inversion in vsock_assign_transport() (bsc#1254815). * CVE-2025-40233: ocfs2: clear extent cache after moving/defragmenting extents (bsc#1254813). * CVE-2025-40237: fs/notify: call exportfs_encode_fid with s_umount (bsc#1254809). * CVE-2025-40238: net/mlx5: Fix IPsec cleanup over MPV device (bsc#1254871). * CVE-2025-40239: net: phy: micrel: always set shared->phydev for LAN8814 (bsc#1254868). * CVE-2025-40242: gfs2: Fix unlikely race in gdlm_put_lock (bsc#1255075). * CVE-2025-40246: xfs: fix out of bounds memory read error in symlink repair (bsc#1254861). * CVE-2025-40248: vsock: Ignore signal/timeout on connect() if already established (bsc#1254864). * CVE-2025-40250: net/mlx5: Clean up only new IRQ glue on request_irq() failure (bsc#1254854). * CVE-2025-40251: devlink: rate: Unset parent pointer in devl_rate_nodes_destroy (bsc#1254856). * CVE-2025-40252: net: qlogic/qede: fix potential out-of-bounds read in qede_tpa_cont() and qede_tpa_end() (bsc#1254849). * CVE-2025-40254: net: openvswitch: remove never-working support for setting nsh fields (bsc#1254852). * CVE-2025-40255: net: core: prevent NULL deref in generic_hwtstamp_ioctl_lower() (bsc#1255156). * CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1254843). * CVE-2025-40264: be2net: pass wrb_params in case of OS2BMC (bsc#1254835). * CVE-2025-40268: cifs: client: fix memory leak in smb3_fs_context_parse_param (bsc#1255082). * CVE-2025-40271: fs/proc: fix uaf in proc_readdir_de() (bsc#1255297). * CVE-2025-40274: KVM: guest_memfd: Remove bindings on memslot deletion when gmem is dying (bsc#1254830). * CVE-2025-40276: drm/panthor: Flush shmem writes before mapping buffers CPU- uncached (bsc#1254824). * CVE-2025-40278: net: sched: act_ife: initialize struct tc_ife to fix KMSAN kernel-infoleak (bsc#1254825). * CVE-2025-40279: net: sched: act_connmark: initialize struct tc_ife to fix kernel leak (bsc#1254846). * CVE-2025-40280: tipc: Fix use-after-free in tipc_mon_reinit_self() (bsc#1254847). * CVE-2025-40292: virtio-net: fix received length check in big packets (bsc#1255175). * CVE-2025-40293: iommufd: Don't overflow during division for dirty tracking (bsc#1255179). * CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255187). * CVE-2025-40319: bpf: Sync pending IRQ work before freeing ring buffer (bsc#1254794). * CVE-2025-40328: smb: client: fix potential UAF in smb2_close_cached_fid() (bsc#1254624). * CVE-2025-40330: bnxt_en: Shutdown FW DMA in bnxt_shutdown() (bsc#1254616). * CVE-2025-40331: sctp: Prevent TOCTOU out-of-bounds write (bsc#1254615). * CVE-2025-40338: ASoC: Intel: avs: Do not share the name pointer between components (bsc#1255273). * CVE-2025-40346: arch_topology: Fix incorrect error check in topology_parse_cpu_capacity() (bsc#1255318). * CVE-2025-40347: net: enetc: fix the deadlock of enetc_mdio_lock (bsc#1255262). * CVE-2025-40350: net/mlx5e: RX, Fix generating skb from non-linear xdp_buff for striding RQ (bsc#1255260). * CVE-2025-40355: sysfs: check visibility before changing group attribute ownership (bsc#1255261). * CVE-2025-40357: net/smc: fix general protection fault in __smc_diag_dump (bsc#1255097). * CVE-2025-40359: perf/x86/intel: Fix KASAN global-out-of-bounds warning (bsc#1255087). * CVE-2025-40362: ceph: fix multifs mds auth caps issue (bsc#1255103). * CVE-2025-68171: x86/fpu: Ensure XFD state on signal delivery (bsc#1255255). * CVE-2025-68197: bnxt_en: Fix null pointer dereference in bnxt_bs_trace_check_wrap() (bsc#1255242). * CVE-2025-68198: crash: fix crashkernel resource shrink (bsc#1255243). * CVE-2025-68202: sched_ext: Fix unsafe locking in the scx_dump_state() (bsc#1255223). * CVE-2025-68206: netfilter: nft_ct: add seqadj extension for natted connections (bsc#1255142). * CVE-2025-68208: bpf: account for current allocated stack depth in widen_imprecise_scalars() (bsc#1255227). * CVE-2025-68209: mlx5: Fix default values in create CQ (bsc#1255230). * CVE-2025-68215: ice: fix PTP cleanup on driver removal in error path (bsc#1255226). * CVE-2025-68239: binfmt_misc: restore write access before closing files opened by open_exec() (bsc#1255272). * CVE-2025-68259: KVM: SVM: Don't skip unrelated instruction if INT3/INTO is replaced (bsc#1255199). * CVE-2025-68264: ext4: refresh inline data size before write operations (bsc#1255380). * CVE-2025-68283: libceph: replace BUG_ON with bounds check for map->max_osd (bsc#1255379). * CVE-2025-68284: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (bsc#1255377). * CVE-2025-68285: libceph: fix potential use-after-free in have_mon_and_osd_map() (bsc#1255401). * CVE-2025-68293: mm/huge_memory: fix NULL pointer deference when splitting folio (bsc#1255150). * CVE-2025-68301: net: atlantic: fix fragment overflow handling in RX path (bsc#1255120). * CVE-2025-68302: net: sxgbe: fix potential NULL dereference in sxgbe_rx() (bsc#1255121). * CVE-2025-68317: io_uring/zctx: check chained notif contexts (bsc#1255354). * CVE-2025-68340: team: Move team device type change at the end of team_port_add (bsc#1255507). * CVE-2025-68353: net: vxlan: prevent NULL deref in vxlan_xmit_one (bsc#1255533). * CVE-2025-68363: bpf: Check skb->transport_header is set in bpf_skb_check_mtu (bsc#1255552). * CVE-2025-68378: bpf: Refactor stack map trace depth calculation into helper function (bsc#1255614). * CVE-2025-68736: landlock: Optimize file path walks and prepare for audit support (bsc#1255698). * CVE-2025-68742: bpf: Fix invalid prog->stats access when update_effective_progs fails (bsc#1255707). * CVE-2025-68744: bpf: Free special fields when update [lru_,]percpu_hash maps (bsc#1255709). * CVE-2025-71096: RDMA/core: Check for the presence of LS_NLA_TYPE_DGID correctly (bsc#1256606). The following non security issues were fixed: * KVM: SEV: Drop GHCB_VERSION_DEFAULT and open code it (bsc#1255672). * Set HZ=1000 for ppc64 default configuration (jsc#PED-14344) * bpf: Do not limit bpf_cgroup_from_id to current's namespace (bsc#1255433). * btrfs: handle aligned EOF truncation correctly for subpage cases (bsc#1253238). * cgroup: rstat: use LOCK CMPXCHG in css_rstat_updated (bsc#1255434). * cifs: update dstaddr whenever channel iface is updated (git-fixes). * cpuidle: menu: Use residency threshold in polling state override decisions (bsc#1255026). * cpuset: fix warning when disabling remote partition (bsc#1256794). * ext4: use optimized mballoc scanning regardless of inode format (bsc#1254378). * net: usb: pegasus: fix memory leak in update_eth_regs_async() (git-fixes). * netdevsim: print human readable IP address (bsc#1255071). * powerpc/eeh: fix recursive pci_lock_rescan_remove locking in EEH event handling (bsc#1253262 ltc#216029). * powerpc/kexec: Enable SMT before waking offline CPUs (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes bsc#1253739 ltc#211493 bsc#1254244 ltc#216496). * sched: Increase sched_tick_remote timeout (bsc#1254510). * selftests: net: fib-onlink-tests: Set high metric for default IPv6 route (bsc#1255346). * selftests: net: use slowwait to make sure IPv6 setup finished (bsc#1255349). * selftests: net: use slowwait to stabilize vrf_route_leaking test (bsc#1255349). * serial: xilinx_uartps: Use helper function hrtimer_update_function() (stable-fixes). * supported.conf: Mark lan 743x supported (jsc#PED-14571) * tick/sched: Limit non-timekeeper CPUs calling jiffies update (bsc#1254477). * wifi: ath10k: Avoid vdev delete timeout when firmware is already down (stable-fixes). * x86/microcode/AMD: Fix Entrysign revision check for Zen5/Strix Halo (bsc#1256495). * x86/microcode/AMD: Make __verify_patch_size() return bool (bsc#1256495). * x86/microcode/AMD: Remove bogus comment from parse_container() (bsc#1256495). * x86/microcode/AMD: Select which microcode patch to load (bsc#1256495). * x86/microcode/AMD: Use sha256() instead of init/update/final (bsc#1256495). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-230=1 * SUSE Linux Enterprise Server for SAP Applications 16.0 zypper in -t patch SUSE-SLES-16.0-230=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (noarch) * kernel-source-vanilla-6.12.0-160000.9.1 * kernel-docs-html-6.12.0-160000.9.1 * kernel-source-6.12.0-160000.9.1 * kernel-devel-6.12.0-160000.9.1 * kernel-macros-6.12.0-160000.9.1 * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le x86_64) * kernel-kvmsmall-debuginfo-6.12.0-160000.9.1 * kernel-kvmsmall-devel-6.12.0-160000.9.1 * kernel-default-base-6.12.0-160000.9.1.160000.2.6 * kernel-kvmsmall-debugsource-6.12.0-160000.9.1 * SUSE Linux Enterprise Server 16.0 (aarch64 nosrc) * kernel-64kb-6.12.0-160000.9.1 * SUSE Linux Enterprise Server 16.0 (aarch64) * kernel-64kb-extra-debuginfo-6.12.0-160000.9.1 * kernel-64kb-devel-6.12.0-160000.9.1 * kernel-64kb-extra-6.12.0-160000.9.1 * kernel-64kb-debugsource-6.12.0-160000.9.1 * kernel-64kb-debuginfo-6.12.0-160000.9.1 * SUSE Linux Enterprise Server 16.0 (aarch64 nosrc x86_64) * kernel-azure-6.12.0-160000.9.1 * SUSE Linux Enterprise Server 16.0 (aarch64 x86_64) * kernel-azure-extra-6.12.0-160000.9.1 * kernel-azure-extra-debuginfo-6.12.0-160000.9.1 * kernel-azure-devel-6.12.0-160000.9.1 * kernel-azure-debugsource-6.12.0-160000.9.1 * kernel-azure-debuginfo-6.12.0-160000.9.1 * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-6.12.0-160000.9.1 * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * kernel-default-debuginfo-6.12.0-160000.9.1 * kernel-default-extra-6.12.0-160000.9.1 * kernel-default-extra-debuginfo-6.12.0-160000.9.1 * kernel-default-debugsource-6.12.0-160000.9.1 * kernel-syms-6.12.0-160000.9.1 * kernel-obs-qa-6.12.0-160000.9.1 * kernel-default-devel-6.12.0-160000.9.1 * SUSE Linux Enterprise Server 16.0 (noarch nosrc) * kernel-docs-6.12.0-160000.9.1 * SUSE Linux Enterprise Server 16.0 (aarch64 nosrc ppc64le x86_64) * kernel-kvmsmall-6.12.0-160000.9.1 * SUSE Linux Enterprise Server 16.0 (x86_64) * kernel-azure-devel-debuginfo-6.12.0-160000.9.1 * kernel-kvmsmall-devel-debuginfo-6.12.0-160000.9.1 * kernel-default-vdso-6.12.0-160000.9.1 * kernel-kvmsmall-vdso-debuginfo-6.12.0-160000.9.1 * kernel-azure-vdso-6.12.0-160000.9.1 * kernel-default-devel-debuginfo-6.12.0-160000.9.1 * kernel-default-vdso-debuginfo-6.12.0-160000.9.1 * kernel-kvmsmall-vdso-6.12.0-160000.9.1 * kernel-azure-vdso-debuginfo-6.12.0-160000.9.1 * SUSE Linux Enterprise Server 16.0 (ppc64le s390x x86_64) * kernel-default-livepatch-6.12.0-160000.9.1 * SUSE Linux Enterprise Server 16.0 (nosrc s390x) * kernel-zfcpdump-6.12.0-160000.9.1 * SUSE Linux Enterprise Server 16.0 (s390x) * kernel-zfcpdump-debugsource-6.12.0-160000.9.1 * kernel-zfcpdump-debuginfo-6.12.0-160000.9.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (noarch) * kernel-source-vanilla-6.12.0-160000.9.1 * kernel-docs-html-6.12.0-160000.9.1 * kernel-source-6.12.0-160000.9.1 * kernel-devel-6.12.0-160000.9.1 * kernel-macros-6.12.0-160000.9.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (ppc64le x86_64) * kernel-kvmsmall-devel-6.12.0-160000.9.1 * dlm-kmp-default-debuginfo-6.12.0-160000.9.1 * kernel-default-debuginfo-6.12.0-160000.9.1 * kernel-default-extra-6.12.0-160000.9.1 * gfs2-kmp-default-6.12.0-160000.9.1 * kernel-default-extra-debuginfo-6.12.0-160000.9.1 * kernel-default-debugsource-6.12.0-160000.9.1 * kernel-default-base-6.12.0-160000.9.1.160000.2.6 * gfs2-kmp-default-debuginfo-6.12.0-160000.9.1 * dlm-kmp-default-6.12.0-160000.9.1 * cluster-md-kmp-default-6.12.0-160000.9.1 * kernel-kvmsmall-debuginfo-6.12.0-160000.9.1 * kernel-syms-6.12.0-160000.9.1 * kernel-kvmsmall-debugsource-6.12.0-160000.9.1 * cluster-md-kmp-default-debuginfo-6.12.0-160000.9.1 * kernel-obs-qa-6.12.0-160000.9.1 * kernel-default-livepatch-6.12.0-160000.9.1 * kernel-default-devel-6.12.0-160000.9.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (nosrc x86_64) * kernel-azure-6.12.0-160000.9.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (x86_64) * kernel-azure-devel-debuginfo-6.12.0-160000.9.1 * kernel-kvmsmall-devel-debuginfo-6.12.0-160000.9.1 * kernel-azure-extra-6.12.0-160000.9.1 * kernel-default-vdso-6.12.0-160000.9.1 * kernel-azure-extra-debuginfo-6.12.0-160000.9.1 * kernel-kvmsmall-vdso-debuginfo-6.12.0-160000.9.1 * kernel-azure-vdso-6.12.0-160000.9.1 * kernel-azure-vdso-debuginfo-6.12.0-160000.9.1 * kernel-default-devel-debuginfo-6.12.0-160000.9.1 * kernel-default-vdso-debuginfo-6.12.0-160000.9.1 * kernel-azure-devel-6.12.0-160000.9.1 * kernel-kvmsmall-vdso-6.12.0-160000.9.1 * kernel-azure-debugsource-6.12.0-160000.9.1 * kernel-azure-debuginfo-6.12.0-160000.9.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (nosrc ppc64le x86_64) * kernel-default-6.12.0-160000.9.1 * kernel-kvmsmall-6.12.0-160000.9.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (noarch nosrc) * kernel-docs-6.12.0-160000.9.1 ## References: * https://www.suse.com/security/cve/CVE-2025-38704.html * https://www.suse.com/security/cve/CVE-2025-39880.html * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-40042.html * https://www.suse.com/security/cve/CVE-2025-40123.html * https://www.suse.com/security/cve/CVE-2025-40130.html * https://www.suse.com/security/cve/CVE-2025-40160.html * https://www.suse.com/security/cve/CVE-2025-40167.html * https://www.suse.com/security/cve/CVE-2025-40170.html * https://www.suse.com/security/cve/CVE-2025-40179.html * https://www.suse.com/security/cve/CVE-2025-40190.html * https://www.suse.com/security/cve/CVE-2025-40209.html * https://www.suse.com/security/cve/CVE-2025-40211.html * https://www.suse.com/security/cve/CVE-2025-40212.html * https://www.suse.com/security/cve/CVE-2025-40213.html * https://www.suse.com/security/cve/CVE-2025-40214.html * https://www.suse.com/security/cve/CVE-2025-40215.html * https://www.suse.com/security/cve/CVE-2025-40218.html * https://www.suse.com/security/cve/CVE-2025-40219.html * https://www.suse.com/security/cve/CVE-2025-40220.html * https://www.suse.com/security/cve/CVE-2025-40221.html * https://www.suse.com/security/cve/CVE-2025-40223.html * https://www.suse.com/security/cve/CVE-2025-40225.html * https://www.suse.com/security/cve/CVE-2025-40226.html * https://www.suse.com/security/cve/CVE-2025-40231.html * https://www.suse.com/security/cve/CVE-2025-40233.html * https://www.suse.com/security/cve/CVE-2025-40235.html * https://www.suse.com/security/cve/CVE-2025-40237.html * https://www.suse.com/security/cve/CVE-2025-40238.html * https://www.suse.com/security/cve/CVE-2025-40239.html * https://www.suse.com/security/cve/CVE-2025-40240.html * https://www.suse.com/security/cve/CVE-2025-40242.html * https://www.suse.com/security/cve/CVE-2025-40246.html * https://www.suse.com/security/cve/CVE-2025-40248.html * https://www.suse.com/security/cve/CVE-2025-40250.html * https://www.suse.com/security/cve/CVE-2025-40251.html * https://www.suse.com/security/cve/CVE-2025-40252.html * https://www.suse.com/security/cve/CVE-2025-40254.html * https://www.suse.com/security/cve/CVE-2025-40255.html * https://www.suse.com/security/cve/CVE-2025-40256.html * https://www.suse.com/security/cve/CVE-2025-40258.html * https://www.suse.com/security/cve/CVE-2025-40262.html * https://www.suse.com/security/cve/CVE-2025-40263.html * https://www.suse.com/security/cve/CVE-2025-40264.html * https://www.suse.com/security/cve/CVE-2025-40266.html * https://www.suse.com/security/cve/CVE-2025-40268.html * https://www.suse.com/security/cve/CVE-2025-40269.html * https://www.suse.com/security/cve/CVE-2025-40271.html * https://www.suse.com/security/cve/CVE-2025-40272.html * https://www.suse.com/security/cve/CVE-2025-40273.html * https://www.suse.com/security/cve/CVE-2025-40274.html * https://www.suse.com/security/cve/CVE-2025-40275.html * https://www.suse.com/security/cve/CVE-2025-40276.html * https://www.suse.com/security/cve/CVE-2025-40277.html * https://www.suse.com/security/cve/CVE-2025-40278.html * https://www.suse.com/security/cve/CVE-2025-40279.html * https://www.suse.com/security/cve/CVE-2025-40280.html * https://www.suse.com/security/cve/CVE-2025-40282.html * https://www.suse.com/security/cve/CVE-2025-40283.html * https://www.suse.com/security/cve/CVE-2025-40284.html * https://www.suse.com/security/cve/CVE-2025-40287.html * https://www.suse.com/security/cve/CVE-2025-40288.html * https://www.suse.com/security/cve/CVE-2025-40289.html * https://www.suse.com/security/cve/CVE-2025-40292.html * https://www.suse.com/security/cve/CVE-2025-40293.html * https://www.suse.com/security/cve/CVE-2025-40294.html * https://www.suse.com/security/cve/CVE-2025-40297.html * https://www.suse.com/security/cve/CVE-2025-40301.html * https://www.suse.com/security/cve/CVE-2025-40302.html * https://www.suse.com/security/cve/CVE-2025-40303.html * https://www.suse.com/security/cve/CVE-2025-40304.html * https://www.suse.com/security/cve/CVE-2025-40307.html * https://www.suse.com/security/cve/CVE-2025-40308.html * https://www.suse.com/security/cve/CVE-2025-40309.html * https://www.suse.com/security/cve/CVE-2025-40310.html * https://www.suse.com/security/cve/CVE-2025-40311.html * https://www.suse.com/security/cve/CVE-2025-40314.html * https://www.suse.com/security/cve/CVE-2025-40315.html * https://www.suse.com/security/cve/CVE-2025-40316.html * https://www.suse.com/security/cve/CVE-2025-40317.html * https://www.suse.com/security/cve/CVE-2025-40318.html * https://www.suse.com/security/cve/CVE-2025-40319.html * https://www.suse.com/security/cve/CVE-2025-40320.html * https://www.suse.com/security/cve/CVE-2025-40321.html * https://www.suse.com/security/cve/CVE-2025-40322.html * https://www.suse.com/security/cve/CVE-2025-40323.html * https://www.suse.com/security/cve/CVE-2025-40324.html * https://www.suse.com/security/cve/CVE-2025-40328.html * https://www.suse.com/security/cve/CVE-2025-40329.html * https://www.suse.com/security/cve/CVE-2025-40330.html * https://www.suse.com/security/cve/CVE-2025-40331.html * https://www.suse.com/security/cve/CVE-2025-40332.html * https://www.suse.com/security/cve/CVE-2025-40337.html * https://www.suse.com/security/cve/CVE-2025-40338.html * https://www.suse.com/security/cve/CVE-2025-40339.html * https://www.suse.com/security/cve/CVE-2025-40340.html * https://www.suse.com/security/cve/CVE-2025-40342.html * https://www.suse.com/security/cve/CVE-2025-40343.html * https://www.suse.com/security/cve/CVE-2025-40344.html * https://www.suse.com/security/cve/CVE-2025-40345.html * https://www.suse.com/security/cve/CVE-2025-40346.html * https://www.suse.com/security/cve/CVE-2025-40347.html * https://www.suse.com/security/cve/CVE-2025-40350.html * https://www.suse.com/security/cve/CVE-2025-40353.html * https://www.suse.com/security/cve/CVE-2025-40354.html * https://www.suse.com/security/cve/CVE-2025-40355.html * https://www.suse.com/security/cve/CVE-2025-40357.html * https://www.suse.com/security/cve/CVE-2025-40359.html * https://www.suse.com/security/cve/CVE-2025-40360.html * https://www.suse.com/security/cve/CVE-2025-40362.html * https://www.suse.com/security/cve/CVE-2025-68167.html * https://www.suse.com/security/cve/CVE-2025-68170.html * https://www.suse.com/security/cve/CVE-2025-68171.html * https://www.suse.com/security/cve/CVE-2025-68172.html * https://www.suse.com/security/cve/CVE-2025-68176.html * https://www.suse.com/security/cve/CVE-2025-68180.html * https://www.suse.com/security/cve/CVE-2025-68181.html * https://www.suse.com/security/cve/CVE-2025-68183.html * https://www.suse.com/security/cve/CVE-2025-68184.html * https://www.suse.com/security/cve/CVE-2025-68185.html * https://www.suse.com/security/cve/CVE-2025-68190.html * https://www.suse.com/security/cve/CVE-2025-68192.html * https://www.suse.com/security/cve/CVE-2025-68194.html * https://www.suse.com/security/cve/CVE-2025-68195.html * https://www.suse.com/security/cve/CVE-2025-68197.html * https://www.suse.com/security/cve/CVE-2025-68198.html * https://www.suse.com/security/cve/CVE-2025-68201.html * https://www.suse.com/security/cve/CVE-2025-68202.html * https://www.suse.com/security/cve/CVE-2025-68206.html * https://www.suse.com/security/cve/CVE-2025-68207.html * https://www.suse.com/security/cve/CVE-2025-68208.html * https://www.suse.com/security/cve/CVE-2025-68209.html * https://www.suse.com/security/cve/CVE-2025-68210.html * https://www.suse.com/security/cve/CVE-2025-68213.html * https://www.suse.com/security/cve/CVE-2025-68215.html * https://www.suse.com/security/cve/CVE-2025-68217.html * https://www.suse.com/security/cve/CVE-2025-68222.html * https://www.suse.com/security/cve/CVE-2025-68223.html * https://www.suse.com/security/cve/CVE-2025-68230.html * https://www.suse.com/security/cve/CVE-2025-68233.html * https://www.suse.com/security/cve/CVE-2025-68235.html * https://www.suse.com/security/cve/CVE-2025-68237.html * https://www.suse.com/security/cve/CVE-2025-68238.html * https://www.suse.com/security/cve/CVE-2025-68239.html * https://www.suse.com/security/cve/CVE-2025-68242.html * https://www.suse.com/security/cve/CVE-2025-68244.html * https://www.suse.com/security/cve/CVE-2025-68249.html * https://www.suse.com/security/cve/CVE-2025-68252.html * https://www.suse.com/security/cve/CVE-2025-68254.html * https://www.suse.com/security/cve/CVE-2025-68255.html * https://www.suse.com/security/cve/CVE-2025-68256.html * https://www.suse.com/security/cve/CVE-2025-68257.html * https://www.suse.com/security/cve/CVE-2025-68258.html * https://www.suse.com/security/cve/CVE-2025-68259.html * https://www.suse.com/security/cve/CVE-2025-68264.html * https://www.suse.com/security/cve/CVE-2025-68283.html * https://www.suse.com/security/cve/CVE-2025-68284.html * https://www.suse.com/security/cve/CVE-2025-68285.html * https://www.suse.com/security/cve/CVE-2025-68286.html * https://www.suse.com/security/cve/CVE-2025-68287.html * https://www.suse.com/security/cve/CVE-2025-68289.html * https://www.suse.com/security/cve/CVE-2025-68290.html * https://www.suse.com/security/cve/CVE-2025-68293.html * https://www.suse.com/security/cve/CVE-2025-68298.html * https://www.suse.com/security/cve/CVE-2025-68301.html * https://www.suse.com/security/cve/CVE-2025-68302.html * https://www.suse.com/security/cve/CVE-2025-68303.html * https://www.suse.com/security/cve/CVE-2025-68305.html * https://www.suse.com/security/cve/CVE-2025-68306.html * https://www.suse.com/security/cve/CVE-2025-68307.html * https://www.suse.com/security/cve/CVE-2025-68308.html * https://www.suse.com/security/cve/CVE-2025-68311.html * https://www.suse.com/security/cve/CVE-2025-68312.html * https://www.suse.com/security/cve/CVE-2025-68313.html * https://www.suse.com/security/cve/CVE-2025-68317.html * https://www.suse.com/security/cve/CVE-2025-68327.html * https://www.suse.com/security/cve/CVE-2025-68328.html * https://www.suse.com/security/cve/CVE-2025-68330.html * https://www.suse.com/security/cve/CVE-2025-68331.html * https://www.suse.com/security/cve/CVE-2025-68332.html * https://www.suse.com/security/cve/CVE-2025-68335.html * https://www.suse.com/security/cve/CVE-2025-68339.html * https://www.suse.com/security/cve/CVE-2025-68340.html * https://www.suse.com/security/cve/CVE-2025-68342.html * https://www.suse.com/security/cve/CVE-2025-68343.html * https://www.suse.com/security/cve/CVE-2025-68344.html * https://www.suse.com/security/cve/CVE-2025-68345.html * https://www.suse.com/security/cve/CVE-2025-68346.html * https://www.suse.com/security/cve/CVE-2025-68347.html * https://www.suse.com/security/cve/CVE-2025-68351.html * https://www.suse.com/security/cve/CVE-2025-68352.html * https://www.suse.com/security/cve/CVE-2025-68353.html * https://www.suse.com/security/cve/CVE-2025-68354.html * https://www.suse.com/security/cve/CVE-2025-68362.html * https://www.suse.com/security/cve/CVE-2025-68363.html * https://www.suse.com/security/cve/CVE-2025-68378.html * https://www.suse.com/security/cve/CVE-2025-68380.html * https://www.suse.com/security/cve/CVE-2025-68724.html * https://www.suse.com/security/cve/CVE-2025-68732.html * https://www.suse.com/security/cve/CVE-2025-68736.html * https://www.suse.com/security/cve/CVE-2025-68740.html * https://www.suse.com/security/cve/CVE-2025-68742.html * https://www.suse.com/security/cve/CVE-2025-68744.html * https://www.suse.com/security/cve/CVE-2025-68746.html * https://www.suse.com/security/cve/CVE-2025-68747.html * https://www.suse.com/security/cve/CVE-2025-68748.html * https://www.suse.com/security/cve/CVE-2025-68749.html * https://www.suse.com/security/cve/CVE-2025-68750.html * https://www.suse.com/security/cve/CVE-2025-68753.html * https://www.suse.com/security/cve/CVE-2025-68757.html * https://www.suse.com/security/cve/CVE-2025-68758.html * https://www.suse.com/security/cve/CVE-2025-68759.html * https://www.suse.com/security/cve/CVE-2025-68765.html * https://www.suse.com/security/cve/CVE-2025-68766.html * https://www.suse.com/security/cve/CVE-2025-71096.html * https://bugzilla.suse.com/show_bug.cgi?id=1205462 * https://bugzilla.suse.com/show_bug.cgi?id=1214285 * https://bugzilla.suse.com/show_bug.cgi?id=1243112 * https://bugzilla.suse.com/show_bug.cgi?id=1245193 * https://bugzilla.suse.com/show_bug.cgi?id=1247500 * https://bugzilla.suse.com/show_bug.cgi?id=1250388 * https://bugzilla.suse.com/show_bug.cgi?id=1252046 * https://bugzilla.suse.com/show_bug.cgi?id=1252861 * https://bugzilla.suse.com/show_bug.cgi?id=1253155 * https://bugzilla.suse.com/show_bug.cgi?id=1253238 * https://bugzilla.suse.com/show_bug.cgi?id=1253262 * https://bugzilla.suse.com/show_bug.cgi?id=1253365 * https://bugzilla.suse.com/show_bug.cgi?id=1253400 * https://bugzilla.suse.com/show_bug.cgi?id=1253413 * https://bugzilla.suse.com/show_bug.cgi?id=1253414 * https://bugzilla.suse.com/show_bug.cgi?id=1253442 * https://bugzilla.suse.com/show_bug.cgi?id=1253458 * https://bugzilla.suse.com/show_bug.cgi?id=1253623 * https://bugzilla.suse.com/show_bug.cgi?id=1253674 * https://bugzilla.suse.com/show_bug.cgi?id=1253739 * https://bugzilla.suse.com/show_bug.cgi?id=1254126 * https://bugzilla.suse.com/show_bug.cgi?id=1254128 * https://bugzilla.suse.com/show_bug.cgi?id=1254195 * https://bugzilla.suse.com/show_bug.cgi?id=1254244 * https://bugzilla.suse.com/show_bug.cgi?id=1254363 * https://bugzilla.suse.com/show_bug.cgi?id=1254378 * https://bugzilla.suse.com/show_bug.cgi?id=1254408 * https://bugzilla.suse.com/show_bug.cgi?id=1254477 * https://bugzilla.suse.com/show_bug.cgi?id=1254510 * https://bugzilla.suse.com/show_bug.cgi?id=1254518 * https://bugzilla.suse.com/show_bug.cgi?id=1254519 * https://bugzilla.suse.com/show_bug.cgi?id=1254520 * https://bugzilla.suse.com/show_bug.cgi?id=1254615 * https://bugzilla.suse.com/show_bug.cgi?id=1254616 * https://bugzilla.suse.com/show_bug.cgi?id=1254618 * https://bugzilla.suse.com/show_bug.cgi?id=1254621 * https://bugzilla.suse.com/show_bug.cgi?id=1254624 * https://bugzilla.suse.com/show_bug.cgi?id=1254791 * https://bugzilla.suse.com/show_bug.cgi?id=1254793 * https://bugzilla.suse.com/show_bug.cgi?id=1254794 * https://bugzilla.suse.com/show_bug.cgi?id=1254795 * https://bugzilla.suse.com/show_bug.cgi?id=1254796 * https://bugzilla.suse.com/show_bug.cgi?id=1254797 * https://bugzilla.suse.com/show_bug.cgi?id=1254798 * https://bugzilla.suse.com/show_bug.cgi?id=1254808 * https://bugzilla.suse.com/show_bug.cgi?id=1254809 * https://bugzilla.suse.com/show_bug.cgi?id=1254813 * https://bugzilla.suse.com/show_bug.cgi?id=1254815 * https://bugzilla.suse.com/show_bug.cgi?id=1254821 * https://bugzilla.suse.com/show_bug.cgi?id=1254824 * https://bugzilla.suse.com/show_bug.cgi?id=1254825 * https://bugzilla.suse.com/show_bug.cgi?id=1254827 * https://bugzilla.suse.com/show_bug.cgi?id=1254828 * https://bugzilla.suse.com/show_bug.cgi?id=1254829 * https://bugzilla.suse.com/show_bug.cgi?id=1254830 * https://bugzilla.suse.com/show_bug.cgi?id=1254832 * https://bugzilla.suse.com/show_bug.cgi?id=1254835 * https://bugzilla.suse.com/show_bug.cgi?id=1254840 * https://bugzilla.suse.com/show_bug.cgi?id=1254843 * https://bugzilla.suse.com/show_bug.cgi?id=1254846 * https://bugzilla.suse.com/show_bug.cgi?id=1254847 * https://bugzilla.suse.com/show_bug.cgi?id=1254849 * https://bugzilla.suse.com/show_bug.cgi?id=1254850 * https://bugzilla.suse.com/show_bug.cgi?id=1254851 * https://bugzilla.suse.com/show_bug.cgi?id=1254852 * https://bugzilla.suse.com/show_bug.cgi?id=1254854 * https://bugzilla.suse.com/show_bug.cgi?id=1254856 * https://bugzilla.suse.com/show_bug.cgi?id=1254858 * https://bugzilla.suse.com/show_bug.cgi?id=1254860 * https://bugzilla.suse.com/show_bug.cgi?id=1254861 * https://bugzilla.suse.com/show_bug.cgi?id=1254864 * https://bugzilla.suse.com/show_bug.cgi?id=1254868 * https://bugzilla.suse.com/show_bug.cgi?id=1254869 * https://bugzilla.suse.com/show_bug.cgi?id=1254871 * https://bugzilla.suse.com/show_bug.cgi?id=1254894 * https://bugzilla.suse.com/show_bug.cgi?id=1254957 * https://bugzilla.suse.com/show_bug.cgi?id=1254959 * https://bugzilla.suse.com/show_bug.cgi?id=1254961 * https://bugzilla.suse.com/show_bug.cgi?id=1254964 * https://bugzilla.suse.com/show_bug.cgi?id=1254996 * https://bugzilla.suse.com/show_bug.cgi?id=1255026 * https://bugzilla.suse.com/show_bug.cgi?id=1255030 * https://bugzilla.suse.com/show_bug.cgi?id=1255034 * https://bugzilla.suse.com/show_bug.cgi?id=1255035 * https://bugzilla.suse.com/show_bug.cgi?id=1255039 * https://bugzilla.suse.com/show_bug.cgi?id=1255040 * https://bugzilla.suse.com/show_bug.cgi?id=1255041 * https://bugzilla.suse.com/show_bug.cgi?id=1255042 * https://bugzilla.suse.com/show_bug.cgi?id=1255057 * https://bugzilla.suse.com/show_bug.cgi?id=1255058 * https://bugzilla.suse.com/show_bug.cgi?id=1255064 * https://bugzilla.suse.com/show_bug.cgi?id=1255065 * https://bugzilla.suse.com/show_bug.cgi?id=1255068 * https://bugzilla.suse.com/show_bug.cgi?id=1255071 * https://bugzilla.suse.com/show_bug.cgi?id=1255072 * https://bugzilla.suse.com/show_bug.cgi?id=1255075 * https://bugzilla.suse.com/show_bug.cgi?id=1255077 * https://bugzilla.suse.com/show_bug.cgi?id=1255081 * https://bugzilla.suse.com/show_bug.cgi?id=1255082 * https://bugzilla.suse.com/show_bug.cgi?id=1255083 * https://bugzilla.suse.com/show_bug.cgi?id=1255087 * https://bugzilla.suse.com/show_bug.cgi?id=1255092 * https://bugzilla.suse.com/show_bug.cgi?id=1255094 * https://bugzilla.suse.com/show_bug.cgi?id=1255095 * https://bugzilla.suse.com/show_bug.cgi?id=1255097 * https://bugzilla.suse.com/show_bug.cgi?id=1255099 * https://bugzilla.suse.com/show_bug.cgi?id=1255103 * https://bugzilla.suse.com/show_bug.cgi?id=1255116 * https://bugzilla.suse.com/show_bug.cgi?id=1255120 * https://bugzilla.suse.com/show_bug.cgi?id=1255121 * https://bugzilla.suse.com/show_bug.cgi?id=1255122 * https://bugzilla.suse.com/show_bug.cgi?id=1255124 * https://bugzilla.suse.com/show_bug.cgi?id=1255131 * https://bugzilla.suse.com/show_bug.cgi?id=1255134 * https://bugzilla.suse.com/show_bug.cgi?id=1255135 * https://bugzilla.suse.com/show_bug.cgi?id=1255136 * https://bugzilla.suse.com/show_bug.cgi?id=1255138 * https://bugzilla.suse.com/show_bug.cgi?id=1255140 * https://bugzilla.suse.com/show_bug.cgi?id=1255142 * https://bugzilla.suse.com/show_bug.cgi?id=1255145 * https://bugzilla.suse.com/show_bug.cgi?id=1255146 * https://bugzilla.suse.com/show_bug.cgi?id=1255149 * https://bugzilla.suse.com/show_bug.cgi?id=1255150 * https://bugzilla.suse.com/show_bug.cgi?id=1255152 * https://bugzilla.suse.com/show_bug.cgi?id=1255154 * https://bugzilla.suse.com/show_bug.cgi?id=1255155 * https://bugzilla.suse.com/show_bug.cgi?id=1255156 * https://bugzilla.suse.com/show_bug.cgi?id=1255161 * https://bugzilla.suse.com/show_bug.cgi?id=1255167 * https://bugzilla.suse.com/show_bug.cgi?id=1255169 * https://bugzilla.suse.com/show_bug.cgi?id=1255171 * https://bugzilla.suse.com/show_bug.cgi?id=1255175 * https://bugzilla.suse.com/show_bug.cgi?id=1255179 * https://bugzilla.suse.com/show_bug.cgi?id=1255181 * https://bugzilla.suse.com/show_bug.cgi?id=1255182 * https://bugzilla.suse.com/show_bug.cgi?id=1255186 * https://bugzilla.suse.com/show_bug.cgi?id=1255187 * https://bugzilla.suse.com/show_bug.cgi?id=1255190 * https://bugzilla.suse.com/show_bug.cgi?id=1255193 * https://bugzilla.suse.com/show_bug.cgi?id=1255196 * https://bugzilla.suse.com/show_bug.cgi?id=1255197 * https://bugzilla.suse.com/show_bug.cgi?id=1255199 * https://bugzilla.suse.com/show_bug.cgi?id=1255202 * https://bugzilla.suse.com/show_bug.cgi?id=1255203 * https://bugzilla.suse.com/show_bug.cgi?id=1255206 * https://bugzilla.suse.com/show_bug.cgi?id=1255209 * https://bugzilla.suse.com/show_bug.cgi?id=1255218 * https://bugzilla.suse.com/show_bug.cgi?id=1255220 * https://bugzilla.suse.com/show_bug.cgi?id=1255221 * https://bugzilla.suse.com/show_bug.cgi?id=1255223 * https://bugzilla.suse.com/show_bug.cgi?id=1255226 * https://bugzilla.suse.com/show_bug.cgi?id=1255227 * https://bugzilla.suse.com/show_bug.cgi?id=1255228 * https://bugzilla.suse.com/show_bug.cgi?id=1255230 * https://bugzilla.suse.com/show_bug.cgi?id=1255231 * https://bugzilla.suse.com/show_bug.cgi?id=1255233 * https://bugzilla.suse.com/show_bug.cgi?id=1255234 * https://bugzilla.suse.com/show_bug.cgi?id=1255242 * https://bugzilla.suse.com/show_bug.cgi?id=1255243 * https://bugzilla.suse.com/show_bug.cgi?id=1255246 * https://bugzilla.suse.com/show_bug.cgi?id=1255247 * https://bugzilla.suse.com/show_bug.cgi?id=1255251 * https://bugzilla.suse.com/show_bug.cgi?id=1255252 * https://bugzilla.suse.com/show_bug.cgi?id=1255253 * https://bugzilla.suse.com/show_bug.cgi?id=1255255 * https://bugzilla.suse.com/show_bug.cgi?id=1255256 * https://bugzilla.suse.com/show_bug.cgi?id=1255259 * https://bugzilla.suse.com/show_bug.cgi?id=1255260 * https://bugzilla.suse.com/show_bug.cgi?id=1255261 * https://bugzilla.suse.com/show_bug.cgi?id=1255262 * https://bugzilla.suse.com/show_bug.cgi?id=1255272 * https://bugzilla.suse.com/show_bug.cgi?id=1255273 * https://bugzilla.suse.com/show_bug.cgi?id=1255274 * https://bugzilla.suse.com/show_bug.cgi?id=1255276 * https://bugzilla.suse.com/show_bug.cgi?id=1255279 * https://bugzilla.suse.com/show_bug.cgi?id=1255297 * https://bugzilla.suse.com/show_bug.cgi?id=1255312 * https://bugzilla.suse.com/show_bug.cgi?id=1255316 * https://bugzilla.suse.com/show_bug.cgi?id=1255318 * https://bugzilla.suse.com/show_bug.cgi?id=1255325 * https://bugzilla.suse.com/show_bug.cgi?id=1255329 * https://bugzilla.suse.com/show_bug.cgi?id=1255346 * https://bugzilla.suse.com/show_bug.cgi?id=1255349 * https://bugzilla.suse.com/show_bug.cgi?id=1255351 * https://bugzilla.suse.com/show_bug.cgi?id=1255354 * https://bugzilla.suse.com/show_bug.cgi?id=1255357 * https://bugzilla.suse.com/show_bug.cgi?id=1255377 * https://bugzilla.suse.com/show_bug.cgi?id=1255379 * https://bugzilla.suse.com/show_bug.cgi?id=1255380 * https://bugzilla.suse.com/show_bug.cgi?id=1255395 * https://bugzilla.suse.com/show_bug.cgi?id=1255401 * https://bugzilla.suse.com/show_bug.cgi?id=1255415 * https://bugzilla.suse.com/show_bug.cgi?id=1255428 * https://bugzilla.suse.com/show_bug.cgi?id=1255433 * https://bugzilla.suse.com/show_bug.cgi?id=1255434 * https://bugzilla.suse.com/show_bug.cgi?id=1255480 * https://bugzilla.suse.com/show_bug.cgi?id=1255483 * https://bugzilla.suse.com/show_bug.cgi?id=1255488 * https://bugzilla.suse.com/show_bug.cgi?id=1255489 * https://bugzilla.suse.com/show_bug.cgi?id=1255493 * https://bugzilla.suse.com/show_bug.cgi?id=1255495 * https://bugzilla.suse.com/show_bug.cgi?id=1255505 * https://bugzilla.suse.com/show_bug.cgi?id=1255507 * https://bugzilla.suse.com/show_bug.cgi?id=1255508 * https://bugzilla.suse.com/show_bug.cgi?id=1255509 * https://bugzilla.suse.com/show_bug.cgi?id=1255533 * https://bugzilla.suse.com/show_bug.cgi?id=1255541 * https://bugzilla.suse.com/show_bug.cgi?id=1255550 * https://bugzilla.suse.com/show_bug.cgi?id=1255552 * https://bugzilla.suse.com/show_bug.cgi?id=1255553 * https://bugzilla.suse.com/show_bug.cgi?id=1255567 * https://bugzilla.suse.com/show_bug.cgi?id=1255580 * https://bugzilla.suse.com/show_bug.cgi?id=1255601 * https://bugzilla.suse.com/show_bug.cgi?id=1255603 * https://bugzilla.suse.com/show_bug.cgi?id=1255611 * https://bugzilla.suse.com/show_bug.cgi?id=1255614 * https://bugzilla.suse.com/show_bug.cgi?id=1255672 * https://bugzilla.suse.com/show_bug.cgi?id=1255688 * https://bugzilla.suse.com/show_bug.cgi?id=1255698 * https://bugzilla.suse.com/show_bug.cgi?id=1255706 * https://bugzilla.suse.com/show_bug.cgi?id=1255707 * https://bugzilla.suse.com/show_bug.cgi?id=1255709 * https://bugzilla.suse.com/show_bug.cgi?id=1255722 * https://bugzilla.suse.com/show_bug.cgi?id=1255723 * https://bugzilla.suse.com/show_bug.cgi?id=1255724 * https://bugzilla.suse.com/show_bug.cgi?id=1255812 * https://bugzilla.suse.com/show_bug.cgi?id=1255813 * https://bugzilla.suse.com/show_bug.cgi?id=1255814 * https://bugzilla.suse.com/show_bug.cgi?id=1255816 * https://bugzilla.suse.com/show_bug.cgi?id=1255931 * https://bugzilla.suse.com/show_bug.cgi?id=1255932 * https://bugzilla.suse.com/show_bug.cgi?id=1255934 * https://bugzilla.suse.com/show_bug.cgi?id=1255943 * https://bugzilla.suse.com/show_bug.cgi?id=1255944 * https://bugzilla.suse.com/show_bug.cgi?id=1256238 * https://bugzilla.suse.com/show_bug.cgi?id=1256495 * https://bugzilla.suse.com/show_bug.cgi?id=1256606 * https://bugzilla.suse.com/show_bug.cgi?id=1256794 * https://jira.suse.com/browse/PED-12745 * https://jira.suse.com/browse/PED-14344 * https://jira.suse.com/browse/PED-14571 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Feb 5 20:36:19 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 05 Feb 2026 20:36:19 -0000 Subject: SUSE-SU-2026:20216-1: moderate: Security update for python-filelock Message-ID: <177032377995.6560.12235910129527117523@smelt2.prg2.suse.org> # Security update for python-filelock Announcement ID: SUSE-SU-2026:20216-1 Release Date: 2026-01-30T21:24:31Z Rating: moderate References: * bsc#1255244 * bsc#1256457 Cross-References: * CVE-2025-68146 * CVE-2026-22701 CVSS scores: * CVE-2025-68146 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-68146 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2025-68146 ( NVD ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-22701 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-22701 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-22701 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP Applications 16.0 An update that solves two vulnerabilities can now be installed. ## Description: This update for python-filelock fixes the following issues: * CVE-2025-68146: TOCTOU race condition may allow local attackers to corrupt or truncate arbitrary user files (bsc#1255244). * CVE-2026-22701: TOCTOU race condition in the SoftFileLock implementation (bsc#1256457). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-229=1 * SUSE Linux Enterprise Server for SAP Applications 16.0 zypper in -t patch SUSE-SLES-16.0-229=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (noarch) * python313-filelock-3.18.0-160000.3.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (noarch) * python313-filelock-3.18.0-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-68146.html * https://www.suse.com/security/cve/CVE-2026-22701.html * https://bugzilla.suse.com/show_bug.cgi?id=1255244 * https://bugzilla.suse.com/show_bug.cgi?id=1256457 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Feb 5 20:36:14 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 05 Feb 2026 20:36:14 -0000 Subject: SUSE-SU-2026:20218-1: moderate: Security update for dpdk Message-ID: <177032377404.6560.2147442841552103439@smelt2.prg2.suse.org> # Security update for dpdk Announcement ID: SUSE-SU-2026:20218-1 Release Date: 2026-02-02T11:12:33Z Rating: moderate References: * bsc#1247389 * bsc#1254161 Cross-References: * CVE-2025-23259 CVSS scores: * CVE-2025-23259 ( SUSE ): 7.0 CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-23259 ( SUSE ): 6.3 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-23259 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP Applications 16.0 An update that solves one vulnerability and has one fix can now be installed. ## Description: This update for dpdk fixes the following issues: Update to version 24.11.4. Security issues fixed: * CVE-2025-23259: issue in the Poll Mode Driver (PMD) allows an attacker on a VM in the system to leak information and cause a denial of service on the network interface (bsc#1254161). Other issues fixed: * Remove obsolete build option -Denable_kmods. * Add "which" as a build requirement. * Drop pesign and needssslcertforbuild because we don't build a kmp anymore (bsc#1247389). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-233=1 * SUSE Linux Enterprise Server for SAP Applications 16.0 zypper in -t patch SUSE-SLES-16.0-233=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le x86_64) * dpdk-devel-24.11.4-160000.1.1 * libdpdk-25-24.11.4-160000.1.1 * dpdk-devel-static-24.11.4-160000.1.1 * dpdk-debuginfo-24.11.4-160000.1.1 * dpdk-24.11.4-160000.1.1 * libdpdk-25-debuginfo-24.11.4-160000.1.1 * dpdk-debugsource-24.11.4-160000.1.1 * SUSE Linux Enterprise Server 16.0 (noarch) * dpdk-doc-24.11.4-160000.1.1 * dpdk-tools-24.11.4-160000.1.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (ppc64le x86_64) * dpdk-devel-24.11.4-160000.1.1 * libdpdk-25-24.11.4-160000.1.1 * dpdk-devel-static-24.11.4-160000.1.1 * dpdk-debuginfo-24.11.4-160000.1.1 * dpdk-24.11.4-160000.1.1 * libdpdk-25-debuginfo-24.11.4-160000.1.1 * dpdk-debugsource-24.11.4-160000.1.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (noarch) * dpdk-doc-24.11.4-160000.1.1 * dpdk-tools-24.11.4-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-23259.html * https://bugzilla.suse.com/show_bug.cgi?id=1247389 * https://bugzilla.suse.com/show_bug.cgi?id=1254161 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Feb 5 20:36:16 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 05 Feb 2026 20:36:16 -0000 Subject: SUSE-SU-2026:20217-1: important: Security update for python-wheel Message-ID: <177032377631.6560.15065689758543096999@smelt2.prg2.suse.org> # Security update for python-wheel Announcement ID: SUSE-SU-2026:20217-1 Release Date: 2026-02-02T09:48:28Z Rating: important References: * bsc#1257100 Cross-References: * CVE-2026-24049 CVSS scores: * CVE-2026-24049 ( SUSE ): 7.2 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:P/VC:N/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-24049 ( SUSE ): 7.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H * CVE-2026-24049 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP Applications 16.0 An update that solves one vulnerability can now be installed. ## Description: This update for python-wheel fixes the following issues: * CVE-2026-24049: Fixed absent path sanitization can cause arbitrary file permission modification (bsc#1257100). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-232=1 * SUSE Linux Enterprise Server for SAP Applications 16.0 zypper in -t patch SUSE-SLES-16.0-232=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (noarch) * python313-wheel-0.45.1-160000.3.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (noarch) * python313-wheel-0.45.1-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-24049.html * https://bugzilla.suse.com/show_bug.cgi?id=1257100 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Feb 5 20:36:24 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 05 Feb 2026 20:36:24 -0000 Subject: SUSE-SU-2026:20215-1: important: Security update for java-25-openjdk Message-ID: <177032378439.6560.9215886772401487045@smelt2.prg2.suse.org> # Security update for java-25-openjdk Announcement ID: SUSE-SU-2026:20215-1 Release Date: 2026-01-30T15:55:47Z Rating: important References: * bsc#1257034 * bsc#1257036 * bsc#1257037 * bsc#1257038 * jsc#PED-14507 * jsc#PED-15221 Cross-References: * CVE-2026-21925 * CVE-2026-21932 * CVE-2026-21933 * CVE-2026-21945 CVSS scores: * CVE-2026-21925 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-21925 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-21932 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N * CVE-2026-21932 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N * CVE-2026-21933 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-21933 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-21945 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-21945 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP Applications 16.0 An update that solves four vulnerabilities and contains two features can now be installed. ## Description: This update for java-25-openjdk fixes the following issues: Update to upstream tag jdk-25.0.2+10 (January 2026 CPU) Security fixes: * CVE-2026-21925: Fixed Oracle Java SE component RMI (bsc#1257034). * CVE-2026-21932: Fixed Oracle Java SE component AWT and JavaFX (bsc#1257036). * CVE-2026-21933: Fixed Oracle Java SE component Networking (bsc#1257037). * CVE-2026-21945: Fixed Oracle Java SE component Security (bsc#1257038). Other fixes: * Do not depend on update-desktop-files (jsc#PED-14507, jsc#PED-15221). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-228=1 * SUSE Linux Enterprise Server for SAP Applications 16.0 zypper in -t patch SUSE-SLES-16.0-228=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * java-25-openjdk-devel-debuginfo-25.0.2.0-160000.1.1 * java-25-openjdk-headless-debuginfo-25.0.2.0-160000.1.1 * java-25-openjdk-25.0.2.0-160000.1.1 * java-25-openjdk-demo-25.0.2.0-160000.1.1 * java-25-openjdk-src-25.0.2.0-160000.1.1 * java-25-openjdk-debuginfo-25.0.2.0-160000.1.1 * java-25-openjdk-headless-25.0.2.0-160000.1.1 * java-25-openjdk-jmods-25.0.2.0-160000.1.1 * java-25-openjdk-devel-25.0.2.0-160000.1.1 * SUSE Linux Enterprise Server 16.0 (noarch) * java-25-openjdk-javadoc-25.0.2.0-160000.1.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (ppc64le x86_64) * java-25-openjdk-devel-debuginfo-25.0.2.0-160000.1.1 * java-25-openjdk-headless-debuginfo-25.0.2.0-160000.1.1 * java-25-openjdk-25.0.2.0-160000.1.1 * java-25-openjdk-demo-25.0.2.0-160000.1.1 * java-25-openjdk-src-25.0.2.0-160000.1.1 * java-25-openjdk-debuginfo-25.0.2.0-160000.1.1 * java-25-openjdk-headless-25.0.2.0-160000.1.1 * java-25-openjdk-jmods-25.0.2.0-160000.1.1 * java-25-openjdk-devel-25.0.2.0-160000.1.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (noarch) * java-25-openjdk-javadoc-25.0.2.0-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-21925.html * https://www.suse.com/security/cve/CVE-2026-21932.html * https://www.suse.com/security/cve/CVE-2026-21933.html * https://www.suse.com/security/cve/CVE-2026-21945.html * https://bugzilla.suse.com/show_bug.cgi?id=1257034 * https://bugzilla.suse.com/show_bug.cgi?id=1257036 * https://bugzilla.suse.com/show_bug.cgi?id=1257037 * https://bugzilla.suse.com/show_bug.cgi?id=1257038 * https://jira.suse.com/browse/PED-14507 * https://jira.suse.com/browse/PED-15221 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Feb 5 20:36:27 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 05 Feb 2026 20:36:27 -0000 Subject: SUSE-SU-2026:20214-1: important: Security update for alloy Message-ID: <177032378736.6560.3362521131180538893@smelt2.prg2.suse.org> # Security update for alloy Announcement ID: SUSE-SU-2026:20214-1 Release Date: 2026-01-30T14:38:31Z Rating: important References: * bsc#1255074 * bsc#1255333 Cross-References: * CVE-2025-31133 * CVE-2025-52565 * CVE-2025-52881 * CVE-2025-68156 CVSS scores: * CVE-2025-31133 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2025-31133 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-31133 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-31133 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2025-52565 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2025-52565 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-52565 ( NVD ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-52565 ( NVD ): 7.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H * CVE-2025-52881 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2025-52881 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-52881 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-52881 ( NVD ): 7.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H * CVE-2025-68156 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68156 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68156 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP Applications 16.0 An update that solves four vulnerabilities can now be installed. ## Description: This update for alloy fixes the following issues: Update to 1.12.2: Security fixes: * CVE-2025-68156: github.com/expr-lang/expr/builtin: Fixed potential DoS via unbounded recursion (bsc#1255333): * CVE-2025-31133, CVE-2025-52565, CVE-2025-52881: github.com/opencontainers/runc: Fixed container breakouts by bypassing runc's restrictions for writing to arbitrary /proc files (bsc#1255074) Other fixes: - Add missing configuration parameter deployment_name_from_replicaset to k8sattributes processor (5b90a9d) (@dehaansa) - database_observability: Fix schema_details collector to fetch column definitions with case sensitive table names (#4872) (560dff4) (@jharvey10, @fridgepoet) - deps: Update jose2go to 1.7.0 (#4858) (dfdd341) (@jharvey10) - deps: Update npm dependencies [backport] (#5201) (8e06c26) (@jharvey10) - Ensure the squid exporter wrapper properly brackets ipv6 addresses [backport] (#5205) (e329cc6) (@dehaansa) - Preserve meta labels in loki.source.podlogs (#5097) (ab4b21e) (@kalleep) - Prevent panic in import.git when update fails [backport] (#5204) (c82fbae) (@dehaansa, @jharvey10) - show correct fallback alloy version instead of v1.13.0 (#5110) (b72be99) (@dehaansa, @jharvey10) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-225=1 * SUSE Linux Enterprise Server for SAP Applications 16.0 zypper in -t patch SUSE-SLES-16.0-225=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * alloy-1.12.2-160000.1.1 * alloy-debuginfo-1.12.2-160000.1.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (ppc64le x86_64) * alloy-1.12.2-160000.1.1 * alloy-debuginfo-1.12.2-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-31133.html * https://www.suse.com/security/cve/CVE-2025-52565.html * https://www.suse.com/security/cve/CVE-2025-52881.html * https://www.suse.com/security/cve/CVE-2025-68156.html * https://bugzilla.suse.com/show_bug.cgi?id=1255074 * https://bugzilla.suse.com/show_bug.cgi?id=1255333 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Feb 5 20:36:29 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 05 Feb 2026 20:36:29 -0000 Subject: SUSE-SU-2026:20213-1: moderate: Security update for udisks2 Message-ID: <177032378956.6560.18283989576116355838@smelt2.prg2.suse.org> # Security update for udisks2 Announcement ID: SUSE-SU-2026:20213-1 Release Date: 2026-01-30T14:30:57Z Rating: moderate References: * bsc#1248502 Cross-References: * CVE-2025-8067 CVSS scores: * CVE-2025-8067 ( SUSE ): 8.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H * CVE-2025-8067 ( NVD ): 8.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP Applications 16.0 An update that solves one vulnerability can now be installed. ## Description: This update for udisks2 fixes the following issues: * CVE-2025-8067: Fixed a missing bounds check that could lead to out-of-bounds read in udisks daemon (bsc#1248502). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-226=1 * SUSE Linux Enterprise Server for SAP Applications 16.0 zypper in -t patch SUSE-SLES-16.0-226=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * libudisks2-0_btrfs-debuginfo-2.10.1-160000.3.1 * libudisks2-0_lvm2-debuginfo-2.10.1-160000.3.1 * libudisks2-0_lvm2-2.10.1-160000.3.1 * libudisks2-0_btrfs-2.10.1-160000.3.1 * typelib-1_0-UDisks-2_0-2.10.1-160000.3.1 * udisks2-debuginfo-2.10.1-160000.3.1 * libudisks2-0-devel-2.10.1-160000.3.1 * udisks2-2.10.1-160000.3.1 * libudisks2-0_lsm-2.10.1-160000.3.1 * udisks2-debugsource-2.10.1-160000.3.1 * libudisks2-0_lsm-debuginfo-2.10.1-160000.3.1 * libudisks2-0-debuginfo-2.10.1-160000.3.1 * libudisks2-0-2.10.1-160000.3.1 * SUSE Linux Enterprise Server 16.0 (noarch) * udisks2-zsh-completion-2.10.1-160000.3.1 * udisks2-lang-2.10.1-160000.3.1 * udisks2-docs-2.10.1-160000.3.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (ppc64le x86_64) * libudisks2-0_btrfs-debuginfo-2.10.1-160000.3.1 * libudisks2-0_lvm2-debuginfo-2.10.1-160000.3.1 * libudisks2-0_lvm2-2.10.1-160000.3.1 * libudisks2-0_btrfs-2.10.1-160000.3.1 * typelib-1_0-UDisks-2_0-2.10.1-160000.3.1 * udisks2-debuginfo-2.10.1-160000.3.1 * libudisks2-0-devel-2.10.1-160000.3.1 * udisks2-2.10.1-160000.3.1 * libudisks2-0_lsm-2.10.1-160000.3.1 * udisks2-debugsource-2.10.1-160000.3.1 * libudisks2-0_lsm-debuginfo-2.10.1-160000.3.1 * libudisks2-0-debuginfo-2.10.1-160000.3.1 * libudisks2-0-2.10.1-160000.3.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (noarch) * udisks2-zsh-completion-2.10.1-160000.3.1 * udisks2-lang-2.10.1-160000.3.1 * udisks2-docs-2.10.1-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-8067.html * https://bugzilla.suse.com/show_bug.cgi?id=1248502 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Feb 5 20:36:32 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 05 Feb 2026 20:36:32 -0000 Subject: SUSE-SU-2026:20212-1: important: Security update for libsoup Message-ID: <177032379286.6560.3537910194745723071@smelt2.prg2.suse.org> # Security update for libsoup Announcement ID: SUSE-SU-2026:20212-1 Release Date: 2026-01-30T14:27:58Z Rating: important References: * bsc#1250562 * bsc#1256399 * bsc#1256418 Cross-References: * CVE-2025-11021 * CVE-2026-0716 * CVE-2026-0719 CVSS scores: * CVE-2025-11021 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-11021 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-11021 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-0716 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-0716 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L * CVE-2026-0716 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2026-0719 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-0719 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-0719 ( NVD ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP Applications 16.0 An update that solves three vulnerabilities can now be installed. ## Description: This update for libsoup fixes the following issues: * CVE-2025-11021: Fixed out-of-bounds read in Cookie Date Handling of libsoup HTTP Library (bsc#1250562). * CVE-2026-0719: Fixed stack-based buffer overflow in NTLM authentication can lead to arbitrary code execution (bsc#1256399). * CVE-2026-0716: Fixed improper bounds handling may allow out-of-bounds read (bsc#1256418). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-227=1 * SUSE Linux Enterprise Server for SAP Applications 16.0 zypper in -t patch SUSE-SLES-16.0-227=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * libsoup-3_0-0-debuginfo-3.6.5-160000.3.1 * typelib-1_0-Soup-3_0-3.6.5-160000.3.1 * libsoup-devel-3.6.5-160000.3.1 * libsoup-3_0-0-3.6.5-160000.3.1 * libsoup-debugsource-3.6.5-160000.3.1 * SUSE Linux Enterprise Server 16.0 (noarch) * libsoup-lang-3.6.5-160000.3.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (ppc64le x86_64) * libsoup-3_0-0-debuginfo-3.6.5-160000.3.1 * typelib-1_0-Soup-3_0-3.6.5-160000.3.1 * libsoup-devel-3.6.5-160000.3.1 * libsoup-3_0-0-3.6.5-160000.3.1 * libsoup-debugsource-3.6.5-160000.3.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (noarch) * libsoup-lang-3.6.5-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-11021.html * https://www.suse.com/security/cve/CVE-2026-0716.html * https://www.suse.com/security/cve/CVE-2026-0719.html * https://bugzilla.suse.com/show_bug.cgi?id=1250562 * https://bugzilla.suse.com/show_bug.cgi?id=1256399 * https://bugzilla.suse.com/show_bug.cgi?id=1256418 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Feb 5 20:36:37 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 05 Feb 2026 20:36:37 -0000 Subject: SUSE-SU-2026:0394-1: moderate: Security update for xen Message-ID: <177032379708.6560.11462879807840080412@smelt2.prg2.suse.org> # Security update for xen Announcement ID: SUSE-SU-2026:0394-1 Release Date: 2026-02-05T15:42:11Z Rating: moderate References: * bsc#1252692 * bsc#1254180 * bsc#1256745 * bsc#1256747 Cross-References: * CVE-2025-58149 * CVE-2025-58150 * CVE-2026-23553 CVSS scores: * CVE-2025-58149 ( SUSE ): 4.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2025-58149 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2025-58149 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-58150 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-58150 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-58150 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-23553 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23553 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2026-23553 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves three vulnerabilities and has one security fix can now be installed. ## Description: This update for xen fixes the following issues: Security fixes: * CVE-2025-58150: Fixed buffer overrun with shadow paging and tracing (XSA-477) (bsc#1256745) * CVE-2026-23553: Fixed incomplete IBPB for vCPU isolation (XSA-479) (bsc#1256747) * CVE-2025-58149: Fixed incorrect removal od permissions on PCI device unplug allow PV guests to access memory of devices no longer assigned to it (XSA-476) (bsc#1252692) Other fixes: * Fixed virtxend service restart. Caused by a failure to start xenstored (bsc#1254180) ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-394=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-394=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-394=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-394=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-394=1 ## Package List: * openSUSE Leap 15.4 (aarch64 x86_64 i586) * xen-debugsource-4.16.7_06-150400.4.78.1 * xen-tools-domU-debuginfo-4.16.7_06-150400.4.78.1 * xen-libs-4.16.7_06-150400.4.78.1 * xen-tools-domU-4.16.7_06-150400.4.78.1 * xen-devel-4.16.7_06-150400.4.78.1 * xen-libs-debuginfo-4.16.7_06-150400.4.78.1 * openSUSE Leap 15.4 (x86_64) * xen-libs-32bit-4.16.7_06-150400.4.78.1 * xen-libs-32bit-debuginfo-4.16.7_06-150400.4.78.1 * openSUSE Leap 15.4 (aarch64 x86_64) * xen-tools-4.16.7_06-150400.4.78.1 * xen-tools-debuginfo-4.16.7_06-150400.4.78.1 * xen-4.16.7_06-150400.4.78.1 * xen-doc-html-4.16.7_06-150400.4.78.1 * openSUSE Leap 15.4 (noarch) * xen-tools-xendomains-wait-disk-4.16.7_06-150400.4.78.1 * openSUSE Leap 15.4 (aarch64_ilp32) * xen-libs-64bit-4.16.7_06-150400.4.78.1 * xen-libs-64bit-debuginfo-4.16.7_06-150400.4.78.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64) * xen-libs-debuginfo-4.16.7_06-150400.4.78.1 * xen-libs-4.16.7_06-150400.4.78.1 * xen-debugsource-4.16.7_06-150400.4.78.1 * SUSE Linux Enterprise Micro 5.3 (x86_64) * xen-libs-debuginfo-4.16.7_06-150400.4.78.1 * xen-libs-4.16.7_06-150400.4.78.1 * xen-debugsource-4.16.7_06-150400.4.78.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64) * xen-libs-debuginfo-4.16.7_06-150400.4.78.1 * xen-libs-4.16.7_06-150400.4.78.1 * xen-debugsource-4.16.7_06-150400.4.78.1 * SUSE Linux Enterprise Micro 5.4 (x86_64) * xen-libs-debuginfo-4.16.7_06-150400.4.78.1 * xen-libs-4.16.7_06-150400.4.78.1 * xen-debugsource-4.16.7_06-150400.4.78.1 ## References: * https://www.suse.com/security/cve/CVE-2025-58149.html * https://www.suse.com/security/cve/CVE-2025-58150.html * https://www.suse.com/security/cve/CVE-2026-23553.html * https://bugzilla.suse.com/show_bug.cgi?id=1252692 * https://bugzilla.suse.com/show_bug.cgi?id=1254180 * https://bugzilla.suse.com/show_bug.cgi?id=1256745 * https://bugzilla.suse.com/show_bug.cgi?id=1256747 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Feb 5 20:36:39 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 05 Feb 2026 20:36:39 -0000 Subject: SUSE-SU-2026:0391-1: low: Security update for libxml2 Message-ID: <177032379946.6560.5664904064399686556@smelt2.prg2.suse.org> # Security update for libxml2 Announcement ID: SUSE-SU-2026:0391-1 Release Date: 2026-02-05T14:23:48Z Rating: low References: * bsc#1256805 Cross-References: * CVE-2026-0989 CVSS scores: * CVE-2026-0989 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-0989 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-0989 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Micro 5.5 An update that solves one vulnerability can now be installed. ## Description: This update for libxml2 fixes the following issues: * CVE-2026-0989: Fixed call stack exhaustion leading to application crash due to RelaxNG parser not limiting the recursion depth when resolving `<include>` directives (bsc#1256805) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2026-391=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-391=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-391=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python311-libxml2-debuginfo-2.10.3-150500.5.35.1 * libxml2-python-debugsource-2.10.3-150500.5.35.1 * libxml2-debugsource-2.10.3-150500.5.35.1 * python3-libxml2-debuginfo-2.10.3-150500.5.35.1 * libxml2-2-2.10.3-150500.5.35.1 * libxml2-tools-2.10.3-150500.5.35.1 * python311-libxml2-2.10.3-150500.5.35.1 * libxml2-tools-debuginfo-2.10.3-150500.5.35.1 * python3-libxml2-2.10.3-150500.5.35.1 * libxml2-2-debuginfo-2.10.3-150500.5.35.1 * libxml2-devel-2.10.3-150500.5.35.1 * openSUSE Leap 15.6 (x86_64) * libxml2-devel-32bit-2.10.3-150500.5.35.1 * libxml2-2-32bit-2.10.3-150500.5.35.1 * libxml2-2-32bit-debuginfo-2.10.3-150500.5.35.1 * openSUSE Leap 15.6 (noarch) * libxml2-doc-2.10.3-150500.5.35.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libxml2-python-debugsource-2.10.3-150500.5.35.1 * libxml2-debugsource-2.10.3-150500.5.35.1 * python3-libxml2-debuginfo-2.10.3-150500.5.35.1 * libxml2-2-2.10.3-150500.5.35.1 * libxml2-tools-2.10.3-150500.5.35.1 * libxml2-tools-debuginfo-2.10.3-150500.5.35.1 * python3-libxml2-2.10.3-150500.5.35.1 * libxml2-2-debuginfo-2.10.3-150500.5.35.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * python311-libxml2-debuginfo-2.10.3-150500.5.35.1 * libxml2-python-debugsource-2.10.3-150500.5.35.1 * libxml2-debugsource-2.10.3-150500.5.35.1 * python3-libxml2-debuginfo-2.10.3-150500.5.35.1 * libxml2-2-2.10.3-150500.5.35.1 * libxml2-tools-2.10.3-150500.5.35.1 * python311-libxml2-2.10.3-150500.5.35.1 * libxml2-tools-debuginfo-2.10.3-150500.5.35.1 * python3-libxml2-2.10.3-150500.5.35.1 * libxml2-2-debuginfo-2.10.3-150500.5.35.1 * libxml2-devel-2.10.3-150500.5.35.1 * openSUSE Leap 15.5 (x86_64) * libxml2-devel-32bit-2.10.3-150500.5.35.1 * libxml2-2-32bit-2.10.3-150500.5.35.1 * libxml2-2-32bit-debuginfo-2.10.3-150500.5.35.1 * openSUSE Leap 15.5 (noarch) * libxml2-doc-2.10.3-150500.5.35.1 * openSUSE Leap 15.5 (aarch64_ilp32) * libxml2-2-64bit-debuginfo-2.10.3-150500.5.35.1 * libxml2-2-64bit-2.10.3-150500.5.35.1 * libxml2-devel-64bit-2.10.3-150500.5.35.1 ## References: * https://www.suse.com/security/cve/CVE-2026-0989.html * https://bugzilla.suse.com/show_bug.cgi?id=1256805 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Feb 5 20:36:44 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 05 Feb 2026 20:36:44 -0000 Subject: SUSE-SU-2026:0390-1: important: Security update for java-1_8_0-ibm Message-ID: <177032380450.6560.1642204306281418244@smelt2.prg2.suse.org> # Security update for java-1_8_0-ibm Announcement ID: SUSE-SU-2026:0390-1 Release Date: 2026-02-05T14:23:31Z Rating: important References: * bsc#1257034 * bsc#1257036 * bsc#1257037 * bsc#1257038 * bsc#1257131 Cross-References: * CVE-2026-21925 * CVE-2026-21932 * CVE-2026-21933 * CVE-2026-21945 CVSS scores: * CVE-2026-21925 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-21925 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-21932 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N * CVE-2026-21932 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N * CVE-2026-21933 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-21933 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-21945 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-21945 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Legacy Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves four vulnerabilities and has one security fix can now be installed. ## Description: This update for java-1_8_0-ibm fixes the following issues: Security fixes: - CVE-2026-21925: Fixed Oracle Java SE component RMI (bsc#1257034) - CVE-2026-21932: Fixed Oracle Java SE component AWT and JavaFX (bsc#1257036) - CVE-2026-21933: Fixed Oracle Java SE component Networking (bsc#1257037) - CVE-2026-21945: Fixed Oracle Java SE component Security (bsc#1257038) Other fixes: * Upgrade to Java 8.0 Service Refresh 8 Fix Pack 60 (bsc#1257131) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2026-390=1 * Legacy Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP7-2026-390=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-390=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-390=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-390=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-390=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-390=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-390=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-390=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-390=1 ## Package List: * openSUSE Leap 15.6 (nosrc ppc64le s390x x86_64) * java-1_8_0-ibm-1.8.0_sr8.60-150000.3.112.1 * openSUSE Leap 15.6 (x86_64) * java-1_8_0-ibm-plugin-1.8.0_sr8.60-150000.3.112.1 * java-1_8_0-ibm-alsa-1.8.0_sr8.60-150000.3.112.1 * java-1_8_0-ibm-devel-32bit-1.8.0_sr8.60-150000.3.112.1 * java-1_8_0-ibm-32bit-1.8.0_sr8.60-150000.3.112.1 * openSUSE Leap 15.6 (ppc64le s390x x86_64) * java-1_8_0-ibm-devel-1.8.0_sr8.60-150000.3.112.1 * java-1_8_0-ibm-demo-1.8.0_sr8.60-150000.3.112.1 * java-1_8_0-ibm-src-1.8.0_sr8.60-150000.3.112.1 * Legacy Module 15-SP7 (nosrc ppc64le s390x x86_64) * java-1_8_0-ibm-1.8.0_sr8.60-150000.3.112.1 * Legacy Module 15-SP7 (ppc64le s390x x86_64) * java-1_8_0-ibm-devel-1.8.0_sr8.60-150000.3.112.1 * java-1_8_0-ibm-demo-1.8.0_sr8.60-150000.3.112.1 * java-1_8_0-ibm-src-1.8.0_sr8.60-150000.3.112.1 * Legacy Module 15-SP7 (x86_64) * java-1_8_0-ibm-plugin-1.8.0_sr8.60-150000.3.112.1 * java-1_8_0-ibm-alsa-1.8.0_sr8.60-150000.3.112.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (nosrc x86_64) * java-1_8_0-ibm-1.8.0_sr8.60-150000.3.112.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * java-1_8_0-ibm-plugin-1.8.0_sr8.60-150000.3.112.1 * java-1_8_0-ibm-alsa-1.8.0_sr8.60-150000.3.112.1 * java-1_8_0-ibm-devel-1.8.0_sr8.60-150000.3.112.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (nosrc x86_64) * java-1_8_0-ibm-1.8.0_sr8.60-150000.3.112.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * java-1_8_0-ibm-plugin-1.8.0_sr8.60-150000.3.112.1 * java-1_8_0-ibm-alsa-1.8.0_sr8.60-150000.3.112.1 * java-1_8_0-ibm-devel-1.8.0_sr8.60-150000.3.112.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (nosrc ppc64le s390x x86_64) * java-1_8_0-ibm-1.8.0_sr8.60-150000.3.112.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (ppc64le s390x x86_64) * java-1_8_0-ibm-devel-1.8.0_sr8.60-150000.3.112.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64) * java-1_8_0-ibm-plugin-1.8.0_sr8.60-150000.3.112.1 * java-1_8_0-ibm-alsa-1.8.0_sr8.60-150000.3.112.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (nosrc ppc64le s390x x86_64) * java-1_8_0-ibm-1.8.0_sr8.60-150000.3.112.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (ppc64le s390x x86_64) * java-1_8_0-ibm-devel-1.8.0_sr8.60-150000.3.112.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64) * java-1_8_0-ibm-plugin-1.8.0_sr8.60-150000.3.112.1 * java-1_8_0-ibm-alsa-1.8.0_sr8.60-150000.3.112.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (nosrc ppc64le s390x x86_64) * java-1_8_0-ibm-1.8.0_sr8.60-150000.3.112.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (ppc64le s390x x86_64) * java-1_8_0-ibm-devel-1.8.0_sr8.60-150000.3.112.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (x86_64) * java-1_8_0-ibm-plugin-1.8.0_sr8.60-150000.3.112.1 * java-1_8_0-ibm-alsa-1.8.0_sr8.60-150000.3.112.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (nosrc ppc64le x86_64) * java-1_8_0-ibm-1.8.0_sr8.60-150000.3.112.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * java-1_8_0-ibm-devel-1.8.0_sr8.60-150000.3.112.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * java-1_8_0-ibm-plugin-1.8.0_sr8.60-150000.3.112.1 * java-1_8_0-ibm-alsa-1.8.0_sr8.60-150000.3.112.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (nosrc ppc64le x86_64) * java-1_8_0-ibm-1.8.0_sr8.60-150000.3.112.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * java-1_8_0-ibm-devel-1.8.0_sr8.60-150000.3.112.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64) * java-1_8_0-ibm-plugin-1.8.0_sr8.60-150000.3.112.1 * java-1_8_0-ibm-alsa-1.8.0_sr8.60-150000.3.112.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (nosrc ppc64le x86_64) * java-1_8_0-ibm-1.8.0_sr8.60-150000.3.112.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * java-1_8_0-ibm-devel-1.8.0_sr8.60-150000.3.112.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (x86_64) * java-1_8_0-ibm-plugin-1.8.0_sr8.60-150000.3.112.1 * java-1_8_0-ibm-alsa-1.8.0_sr8.60-150000.3.112.1 ## References: * https://www.suse.com/security/cve/CVE-2026-21925.html * https://www.suse.com/security/cve/CVE-2026-21932.html * https://www.suse.com/security/cve/CVE-2026-21933.html * https://www.suse.com/security/cve/CVE-2026-21945.html * https://bugzilla.suse.com/show_bug.cgi?id=1257034 * https://bugzilla.suse.com/show_bug.cgi?id=1257036 * https://bugzilla.suse.com/show_bug.cgi?id=1257037 * https://bugzilla.suse.com/show_bug.cgi?id=1257038 * https://bugzilla.suse.com/show_bug.cgi?id=1257131 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Feb 5 20:36:49 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 05 Feb 2026 20:36:49 -0000 Subject: SUSE-SU-2026:0389-1: important: Security update for java-1_8_0-openj9 Message-ID: <177032380914.6560.15558730647958652832@smelt2.prg2.suse.org> # Security update for java-1_8_0-openj9 Announcement ID: SUSE-SU-2026:0389-1 Release Date: 2026-02-05T14:22:27Z Rating: important References: * bsc#1257034 * bsc#1257036 * bsc#1257037 * bsc#1257038 * jsc#PED-14507 Cross-References: * CVE-2026-21925 * CVE-2026-21932 * CVE-2026-21933 * CVE-2026-21945 CVSS scores: * CVE-2026-21925 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-21925 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-21932 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N * CVE-2026-21932 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N * CVE-2026-21933 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-21933 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-21945 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-21945 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves four vulnerabilities and contains one feature can now be installed. ## Description: This update for java-1_8_0-openj9 fixes the following issues: * CVE-2026-21925: Fixed a vulnerability in the Oracle Java SE component RMI. (bsc#1257034) * CVE-2026-21932: Fixed a vulnerability in the Oracle Java SE component AWT and JavaFX. (bsc#1257036) * CVE-2026-21933: Fixed a vulnerability in the Oracle Java SE component Networking. (bsc#1257037) * CVE-2026-21945: Fixed a vulnerability in the Oracle Java SE component Security. (bsc#1257038) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2026-389=1 * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-389=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * java-1_8_0-openj9-src-1.8.0.482-150200.3.63.1 * java-1_8_0-openj9-1.8.0.482-150200.3.63.1 * java-1_8_0-openj9-demo-debuginfo-1.8.0.482-150200.3.63.1 * java-1_8_0-openj9-accessibility-1.8.0.482-150200.3.63.1 * java-1_8_0-openj9-devel-debuginfo-1.8.0.482-150200.3.63.1 * java-1_8_0-openj9-debugsource-1.8.0.482-150200.3.63.1 * java-1_8_0-openj9-headless-1.8.0.482-150200.3.63.1 * java-1_8_0-openj9-headless-debuginfo-1.8.0.482-150200.3.63.1 * java-1_8_0-openj9-demo-1.8.0.482-150200.3.63.1 * java-1_8_0-openj9-devel-1.8.0.482-150200.3.63.1 * java-1_8_0-openj9-debuginfo-1.8.0.482-150200.3.63.1 * openSUSE Leap 15.6 (noarch) * java-1_8_0-openj9-javadoc-1.8.0.482-150200.3.63.1 * SUSE Package Hub 15 15-SP7 (ppc64le s390x) * java-1_8_0-openj9-src-1.8.0.482-150200.3.63.1 * java-1_8_0-openj9-1.8.0.482-150200.3.63.1 * java-1_8_0-openj9-demo-debuginfo-1.8.0.482-150200.3.63.1 * java-1_8_0-openj9-accessibility-1.8.0.482-150200.3.63.1 * java-1_8_0-openj9-devel-debuginfo-1.8.0.482-150200.3.63.1 * java-1_8_0-openj9-debugsource-1.8.0.482-150200.3.63.1 * java-1_8_0-openj9-headless-1.8.0.482-150200.3.63.1 * java-1_8_0-openj9-headless-debuginfo-1.8.0.482-150200.3.63.1 * java-1_8_0-openj9-demo-1.8.0.482-150200.3.63.1 * java-1_8_0-openj9-devel-1.8.0.482-150200.3.63.1 * java-1_8_0-openj9-debuginfo-1.8.0.482-150200.3.63.1 ## References: * https://www.suse.com/security/cve/CVE-2026-21925.html * https://www.suse.com/security/cve/CVE-2026-21932.html * https://www.suse.com/security/cve/CVE-2026-21933.html * https://www.suse.com/security/cve/CVE-2026-21945.html * https://bugzilla.suse.com/show_bug.cgi?id=1257034 * https://bugzilla.suse.com/show_bug.cgi?id=1257036 * https://bugzilla.suse.com/show_bug.cgi?id=1257037 * https://bugzilla.suse.com/show_bug.cgi?id=1257038 * https://jira.suse.com/browse/PED-14507 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Feb 6 16:30:10 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 06 Feb 2026 16:30:10 -0000 Subject: SUSE-SU-2026:0397-1: important: Security update for cockpit-machines Message-ID: <177039541047.11579.15920881074300153714@smelt2.prg2.suse.org> # Security update for cockpit-machines Announcement ID: SUSE-SU-2026:0397-1 Release Date: 2026-02-06T08:02:33Z Rating: important References: * bsc#1257325 Cross-References: * CVE-2025-13465 CVSS scores: * CVE-2025-13465 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-13465 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2025-13465 ( NVD ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:H/SI:H/SA:H/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that solves one vulnerability can now be installed. ## Description: This update for cockpit-machines fixes the following issues: * CVE-2025-13465: Update the lodash dependencie to avoid prototype pollution. (bsc#1257324) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2026-397=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2026-397=1 ## Package List: * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * cockpit-251.3-150300.6.6.1 * cockpit-debugsource-251.3-150300.6.6.1 * cockpit-ws-251.3-150300.6.6.1 * cockpit-bridge-debuginfo-251.3-150300.6.6.1 * cockpit-debuginfo-251.3-150300.6.6.1 * cockpit-ws-debuginfo-251.3-150300.6.6.1 * cockpit-bridge-251.3-150300.6.6.1 * SUSE Linux Enterprise Micro 5.2 (noarch) * cockpit-system-251.3-150300.6.6.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * cockpit-251.3-150300.6.6.1 * cockpit-debugsource-251.3-150300.6.6.1 * cockpit-ws-251.3-150300.6.6.1 * cockpit-bridge-debuginfo-251.3-150300.6.6.1 * cockpit-debuginfo-251.3-150300.6.6.1 * cockpit-ws-debuginfo-251.3-150300.6.6.1 * cockpit-bridge-251.3-150300.6.6.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch) * cockpit-system-251.3-150300.6.6.1 ## References: * https://www.suse.com/security/cve/CVE-2025-13465.html * https://bugzilla.suse.com/show_bug.cgi?id=1257325 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Feb 6 16:30:12 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 06 Feb 2026 16:30:12 -0000 Subject: SUSE-SU-2026:0396-1: important: Security update for cockpit-machines Message-ID: <177039541299.11579.2917909920085490852@smelt2.prg2.suse.org> # Security update for cockpit-machines Announcement ID: SUSE-SU-2026:0396-1 Release Date: 2026-02-06T08:02:20Z Rating: important References: * bsc#1257325 Cross-References: * CVE-2025-13465 CVSS scores: * CVE-2025-13465 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-13465 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2025-13465 ( NVD ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:H/SI:H/SA:H/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that solves one vulnerability can now be installed. ## Description: This update for cockpit-machines fixes the following issues: * CVE-2025-13465: Update the lodash dependencie to avoid prototype pollution. (bsc#1257324) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2026-396=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2026-396=1 ## Package List: * SUSE Linux Enterprise Micro 5.2 (noarch) * cockpit-machines-249.1-150300.5.3.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch) * cockpit-machines-249.1-150300.5.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-13465.html * https://bugzilla.suse.com/show_bug.cgi?id=1257325 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Feb 6 16:30:16 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 06 Feb 2026 16:30:16 -0000 Subject: SUSE-SU-2026:0395-1: moderate: Security update for sqlite3 Message-ID: <177039541691.11579.12001864877716374288@smelt2.prg2.suse.org> # Security update for sqlite3 Announcement ID: SUSE-SU-2026:0395-1 Release Date: 2026-02-06T08:02:11Z Rating: moderate References: * bsc#1248586 * bsc#1254670 Cross-References: * CVE-2025-7709 CVSS scores: * CVE-2025-7709 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:A/VC:N/VI:H/VA:L/SC:N/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-7709 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2025-7709 ( NVD ): 6.9 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:A/VC:N/VI:H/VA:L/SC:N/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for sqlite3 fixes the following issues: * Update to v3.51.2: * CVE-2025-7709: Fixed an integer overflow in the FTS5 extension. (bsc#1254670) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-395=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libsqlite3-0-debuginfo-32bit-3.51.2-9.44.1 * sqlite3-tcl-3.51.2-9.44.1 * libsqlite3-0-32bit-3.51.2-9.44.1 * libsqlite3-0-3.51.2-9.44.1 * sqlite3-debuginfo-3.51.2-9.44.1 * sqlite3-debugsource-3.51.2-9.44.1 * sqlite3-devel-3.51.2-9.44.1 * sqlite3-3.51.2-9.44.1 * libsqlite3-0-debuginfo-3.51.2-9.44.1 ## References: * https://www.suse.com/security/cve/CVE-2025-7709.html * https://bugzilla.suse.com/show_bug.cgi?id=1248586 * https://bugzilla.suse.com/show_bug.cgi?id=1254670 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Feb 6 20:30:02 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 06 Feb 2026 20:30:02 -0000 Subject: SUSE-SU-2026:0399-1: important: Security update for kubernetes-old Message-ID: <177040980214.28500.5323144631365158034@smelt2.prg2.suse.org> # Security update for kubernetes-old Announcement ID: SUSE-SU-2026:0399-1 Release Date: 2026-02-06T12:06:43Z Rating: important References: Affected Products: * Containers Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that can now be installed. ## Description: This update for kubernetes-old rebuilds it against the current GO security release. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-399=1 openSUSE-SLE-15.6-2026-399=1 * Containers Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Containers-15-SP7-2026-399=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * kubernetes1.33-client-common-1.33.7-150600.13.23.1 * kubernetes1.33-client-1.33.7-150600.13.23.1 * openSUSE Leap 15.6 (noarch) * kubernetes1.33-client-fish-completion-1.33.7-150600.13.23.1 * kubernetes1.33-client-bash-completion-1.33.7-150600.13.23.1 * Containers Module 15-SP7 (aarch64 ppc64le s390x x86_64) * kubernetes1.33-client-common-1.33.7-150600.13.23.1 * kubernetes1.33-client-1.33.7-150600.13.23.1 * Containers Module 15-SP7 (noarch) * kubernetes1.33-client-bash-completion-1.33.7-150600.13.23.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: