Alerts This Week
Warning Icon 1 1,149
Alerts This Week
Warning Icon 1 1,149

openSUSE google-osconfig-agent Important DoS Issues Resolved 2026-21210-1

opensuse
Calendar Grey July 3, 2026
Dist Opensuse Esm H88
An update for openSUSE's google-osconfig-agent addresses 22 bugs and 9 vulnerabilities, enhancing system security and stability.
An update that solves 22 vulnerabilities and has 9 bug fixes can now be installed.

Description

This update for google-osconfig-agent fixes the following issues

- CVE-2023-45288: golang.org/x/net/http2: close connections when receiving too many headers.

- CVE-2025-47911: golang.org/x/net/html: various algorithms with quadratic complexity when parsing HTML documents

(bsc#1251453).

- CVE-2025-58190: golang.org/x/net/html: excessive memory consumption by `html.ParseFragment` when processing specially

crafted input (bsc#1251704).

- CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2 :path pseudo-

header (bsc#1260264).

- CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE

(bsc#1265762).

- CVE-2026-34986: github.com/go-jose/go-jose/v4: crafted JWE input with a missing encrypted key can lead to a denial of

service (bsc#1262926).

- CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded labels allows for validation

bypass and privilege...

Read the Full Advisory

Patch

Package List

- openSUSE Leap 16.0:

google-osconfig-agent-20260615.01-160000.1.1

References

* bsc#1210938

* bsc#1251453

* bsc#1251704

* bsc#1260264

* bsc#1262926

* bsc#1264923

* bsc#1265762

* bsc#1266171

* bsc#1266603

References:

* https://www.suse.com/security/cve/CVE-2023-45288.html

* https://www.suse.com/security/cve/CVE-2025-22868.html

* https://www.suse.com/security/cve/CVE-2025-47911.html

* https://www.suse.com/security/cve/CVE-2025-58190.html

* https://www.suse.com/security/cve/CVE-2026-33186.html

* https://www.suse.com/security/cve/CVE-2026-33814.html

* https://www.suse.com/security/cve/CVE-2026-34986.html

* https://www.suse.com/security/cve/CVE-2026-39821.html

* https://www.suse.com/security/cve/CVE-2026-39827.html

* https://www.suse.com/security/cve/CVE-2026-39828.html

* https://www.suse.com/security/cve/CVE-2026-39829.html

* https://www.suse.com/security/cve/CVE-2026-39830.html

* https://www.suse.com/security/cve/CVE-2026-39831.html

* https://www.suse.com/security/cve/CVE-2026-39832.html

* https://www.suse.com/security/cve/CVE-2026-39833.html

*...

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2026:21210-1
Rating: important
Affected Products: openSUSE Leap 16.0 -------------------------------------------------------------

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here