Alerts This Week
Warning Icon 1 449
Alerts This Week
Warning Icon 1 449

openSUSE Backports SLE-15-SP7 Cheat Important HTTP Leak Fix 2026-0205-1

opensuse
Calendar Grey June 15, 2026
Dist Opensuse Esm H88
Update for openSUSE addresses 16 vulnerabilities in cheat application with security enhancements and bug fixes.
An update that fixes 16 vulnerabilities is now available.

Description

This update for cheat fixes the following issues:

- CVE-2026-41506: HTTP authentication credential leak (boo#1264943) Bump

go-git to 5.18.0

- CVE-2026-1229: Fix incorrect value (boo#1265539) Bump circl to 1.6.3

-

CVE-2026-39827,CVE-2026-39834,CVE-2026-39828,CVE-2026-39829,CVE-2026-39831,

CVE-2026-42508,CVE-2026-39833,CVE-2026-39830,CVE-2026-39832,CVE-2026-46597,

CVE-2026-46598,CVE-2026-46595,CVE-2026-39835: Fix multiple issues

(boo#1266184) Bump crypto to 0.52.0

- CVE-2026-44740: Improper input handling (boo#1267330) Bump go-billy to

5.9.0

- Update to 5.1.0:

* --update / -u flag: Pull the latest changes for all git-backed

cheatpaths from the CLI. Reports per-path status (ok, skipped, error).

Works with --path filtering to update specific cheatpaths. Supports

SSH remotes via key file discovery and SSH agent. (#552) Documentation:

* Fixed config filename references in man page (conf.yaml → conf.yml)

*...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory important credential leak input handling OpenSUSE cheat

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP7:

zypper in -t patch openSUSE-2026-205=1

Package List

- openSUSE Backports SLE-15-SP7 (aarch64 i586 ppc64le s390x x86_64):

cheat-5.1.0-bp157.2.6.1

References

https://www.suse.com/security/cve/CVE-2026-1229.html

https://www.suse.com/security/cve/CVE-2026-39827.html

https://www.suse.com/security/cve/CVE-2026-39828.html

https://www.suse.com/security/cve/CVE-2026-39829.html

https://www.suse.com/security/cve/CVE-2026-39830.html

https://www.suse.com/security/cve/CVE-2026-39831.html

https://www.suse.com/security/cve/CVE-2026-39832.html

https://www.suse.com/security/cve/CVE-2026-39833.html

https://www.suse.com/security/cve/CVE-2026-39834.html

https://www.suse.com/security/cve/CVE-2026-39835.html

https://www.suse.com/security/cve/CVE-2026-41506.html

https://www.suse.com/security/cve/CVE-2026-42508.html

https://www.suse.com/security/cve/CVE-2026-44740.html

https://www.suse.com/security/cve/CVE-2026-46595.html

https://www.suse.com/security/cve/CVE-2026-46597.html

https://www.suse.com/security/cve/CVE-2026-46598.html

https://bugzilla.suse.com/1264943

https://bugzilla.suse.com/1265539

https://bugzilla.suse.com/1266184

https://bugzilla.suse.com/1267330

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2026:0205-1
Rating: important
Affected Products: openSUSE Backports SLE-15-SP7

Topics%20covered

Topics Covered

security advisory important credential leak input handling OpenSUSE cheat

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here