Alerts This Week
Warning Icon 1 815
Alerts This Week
Warning Icon 1 815

openSUSE Apache Commons Important Buffer Overflow Vuln 2026-20841-1

opensuse
Calendar Grey June 1, 2026
Dist Opensuse Esm H88
OpenSUSE discusses a security advisory for Apache Commons addressing important vulnerabilities. Important fixes included.
An update that solves 2 vulnerabilities and has one bug fix can now be installed.

Description

This update for apache-commons-lang3, apache-commons-text, apache-commons-configuration2, apache-commons-cli, apache-commons-io, apache-commons-codec fixes the following issues:

Changes in apache-commons-lang3:

Update to 3.20.0

* New features:

+ Add SystemProperties.getPath(String, Supplier)

+ Add JavaVersion.JAVA_25

+ Add JavaVersion.JAVA_26

+ Add SystemUtils.IS_JAVA_25

+ Add SystemUtils.IS_JAVA_26

+ Add MutablePair.ofNonNull(Map.Entry)

+ Add TimedSemaphore.builder(), Builder, and deprecate

constructors

+ LANG-1504: Adding labels and history to split StopWatch

* Fixed Bugs:

+ Optimize ObjectToStringComparator.compare() method

+ [javadoc] Improve StringUtils Javadoc

+ Fix internal inverted logic in private isEnum() method and

correct its usage in getFirstEnum()

+ Use accessors in ToStringStyle so subclasses can effectively

override them

+ 'LocaleUtils.toLocale(String)' for a 2 letter country code

...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory security issue threat important OpenSUSE apache commons

Patch

Package List

- openSUSE Leap 16.0:

apache-commons-cli-1.11.0-160000.1.1

apache-commons-cli-javadoc-1.11.0-160000.1.1

apache-commons-codec-1.22.0-160000.1.1

apache-commons-codec-javadoc-1.22.0-160000.1.1

apache-commons-configuration2-2.15.0-160000.1.1

apache-commons-configuration2-javadoc-2.15.0-160000.1.1

apache-commons-io-2.22.0-160000.1.1

apache-commons-io-javadoc-2.22.0-160000.1.1

apache-commons-lang3-3.20.0-160000.1.1

apache-commons-lang3-javadoc-3.20.0-160000.1.1

apache-commons-text-1.15.0-160000.1.1

apache-commons-text-javadoc-1.15.0-160000.1.1

References

* bsc#1265299

References:

* https://www.suse.com/security/cve/CVE-2025-48924.html

* https://www.suse.com/security/cve/CVE-2026-45205.html

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2026:20841-1
Rating: important
Affected Products: openSUSE Leap 16.0 -------------------------------------------------------------

Topics%20covered

Topics Covered

security advisory security issue threat important OpenSUSE apache commons

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here