Alerts This Week
Warning Icon 1 1,213
Alerts This Week
Warning Icon 1 1,213

openSUSE warewulf4 Important Patch Multiple Vulnerabilities 2026-21151-1

opensuse
Calendar Grey June 30, 2026
Dist Opensuse Esm H88
An important update for openSUSE to address multiple vulnerabilities in warewulf4 and provide essential bug fixes.
An update that solves 5 vulnerabilities and has 5 bug fixes can now be installed.

Description

This update for warewulf4 fixes the following issues:

Changes in warewulf4:

- updated go-jose to fix CVE-2026-34986 (bsc#1262810)

- chi is fixed in the upstream project

- updating to v4.7.0 with following security fixes

* fixed CVE-2026-39821 (bsc#1266483)

* fixed CVE-2026-33814 (bsc#1265653)

- v4.7.0 with significant changes relative to the v4.6.x series which are:

* New wwctl unset command

* Refactored server routes (URLs)

* New /files/ route for serving individual files and templates

* Server TLS support

* Removed support for fetching individual overlays and individual files from overlays

* Fixed whitespace handling around template functions

* Security fixes, including updated Go and library versions

- changes from v4.6.5:

* new wwctl overlay info command

* fixed wwctl image import --update option

* cross-arch support for wwclient

* improved IPv6 support

* improved support for bonded interfaces

* renamed debian.interfaces overlay to ifupdown

* new...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory bug fix vulnerability important OpenSUSE warewulf4

Patch

Package List

- openSUSE Leap 16.0:

warewulf4-4.7.0-bp160.1.1

warewulf4-dracut-4.7.0-bp160.1.1

warewulf4-man-4.7.0-bp160.1.1

warewulf4-overlay-4.7.0-bp160.1.1

warewulf4-overlay-rke2-4.7.0-bp160.1.1

warewulf4-reference-doc-4.7.0-bp160.1.1

References

* bsc#1254470

* bsc#1258511

* bsc#1262810

* bsc#1265653

* bsc#1266483

References:

* https://www.suse.com/security/cve/CVE-2025-58058.html

* https://www.suse.com/security/cve/CVE-2025-69725.html

* https://www.suse.com/security/cve/CVE-2026-33814.html

* https://www.suse.com/security/cve/CVE-2026-34986.html

* https://www.suse.com/security/cve/CVE-2026-39821.html

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2026:21151-1
Rating: important
Affected Products: openSUSE Leap 16.0 -------------------------------------------------------------

Topics%20covered

Topics Covered

security advisory bug fix vulnerability important OpenSUSE warewulf4

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here