Explore top 10 tips to secure your open-source projects now. Read More
×
This update for cosign fixes the following issues
* CVE-2026-25680,CVE-2026-25681,CVE-2026-27136,CVE-2026-42502,CVE-2026-42506:
multiple issues when parsing HTML files (bsc#1267044).
* CVE-2026-33815: memory-safety vulnerability (bsc#1261811).
*
CVE-2026-39827,CVE-2026-39828,CVE-2026-39829,CVE-2026-39830,CVE-2026-39831,CVE-2026-39832,CVE-2026-39833,
CVE-2026-39834,CVE-2026-39835,CVE-2026-42508,CVE-2026-46595,CVE-2026-46597,CVE-2026-46598:
Fixed multiple issues in golang.org/x/crypto/ssh (bsc#1266049).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* SUSE Linux Enterprise Server 15 SP6 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2827=1
* openSUSE Leap 15.4
zypper in -t patch SUSE-2026-2827=1
* Basesystem Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-2827=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2827=1
* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2827=1
* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2827=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2827=1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch...
Read the Full Advisory* Basesystem Module 15-SP7 (noarch)
* cosign-bash-completion-3.1.1-150400.3.45.1
* cosign-zsh-completion-3.1.1-150400.3.45.1
* Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* cosign-3.1.1-150400.3.45.1
* cosign-debuginfo-3.1.1-150400.3.45.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* cosign-3.1.1-150400.3.45.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64)
* cosign-3.1.1-150400.3.45.1
* cosign-debuginfo-3.1.1-150400.3.45.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* cosign-3.1.1-150400.3.45.1
* openSUSE Leap 15.4 (aarch64 i586 ppc64le s390x x86_64)
* cosign-3.1.1-150400.3.45.1
* cosign-debuginfo-3.1.1-150400.3.45.1
* openSUSE Leap 15.4 (noarch)
* cosign-bash-completion-3.1.1-150400.3.45.1
* cosign-fish-completion-3.1.1-150400.3.45.1
* cosign-zsh-completion-3.1.1-150400.3.45.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* cosign-3.1.1-150400.3.45.1
* SUSE Linux...
Read the Full Advisory* bsc#1261811
* bsc#1266049
* bsc#1267044
## References:
* https://www.suse.com/security/cve/CVE-2026-25680.html
* https://www.suse.com/security/cve/CVE-2026-25681.html
* https://www.suse.com/security/cve/CVE-2026-27136.html
* https://www.suse.com/security/cve/CVE-2026-33815.html
* https://www.suse.com/security/cve/CVE-2026-39827.html
* https://www.suse.com/security/cve/CVE-2026-39828.html
* https://www.suse.com/security/cve/CVE-2026-39829.html
* https://www.suse.com/security/cve/CVE-2026-39830.html
* https://www.suse.com/security/cve/CVE-2026-39831.html
* https://www.suse.com/security/cve/CVE-2026-39832.html
* https://www.suse.com/security/cve/CVE-2026-39833.html
* https://www.suse.com/security/cve/CVE-2026-39834.html
* https://www.suse.com/security/cve/CVE-2026-39835.html
* https://www.suse.com/security/cve/CVE-2026-42502.html
* https://www.suse.com/security/cve/CVE-2026-42506.html
* https://www.suse.com/security/cve/CVE-2026-42508.html
* https://www.suse.com/security/cve/CVE-2026-46595.html
*...
Read the Full AdvisoryGet the latest Linux and open source security news straight to your inbox.