Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 540
Alerts This Week
Warning Icon 1 540

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":0,"type":"x","order":1,"pct":0,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":0,"type":"x","order":2,"pct":0,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 9,991 articles for you...
100

openSUSE Leap 15.4 SUSE-2026-2874-1 CVE-2026-41676 Moderate Buffer Overflow

An update that solves one vulnerability can now be installed.. # Security update for sccache Announcement ID: SUSE-SU-2026:2874-1 Release Date: 2026-07-13T09:11:08Z Rating: moderate References: * bsc#1270206 Cross-References: * CVE-2026-41676 CVSS scores: * CVE-2026-41676 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-41676 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-41676 ( NVD ): 7.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-41676 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 An update that solves one vulnerability can now be installed. ## Description: This update for sccache fixes the following issue * CVE-2026-41676: openssl: `Deriver:derive` and `PkeyCtxRef:derive` can overflow short buffers on OpenSSL 1.1.1 (bsc#1270206). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2874=1 ## Package List: * openSUSE Leap 15.4 (aarch64 i586 ppc64le s390x x86_64) * sccache-0.4.2~4-150400.3.12.1 * sccache-debuginfo-0.4.2~4-150400.3.12.1 * sccache-debugsource-0.4.2~4-150400.3.12.1 ## References: * https://www.suse.com/security/cve/CVE-2026-41676.html * https://bugzilla.suse.com/show_bug.cgi?id=1270206 . SUSE updates resolve vulnerabilities in sccache. Install patch to secure against potential buffer overflow attacks.. SUSE, sccache, moderate risk, update, security patch. . LinuxSecurity.com Team

Calendar%202 Jul 13, 2026 SuSE
100

SUSE Python-Pillow Important Memory Allocation Threat Advisory 2026-2875-1

An update that solves four vulnerabilities can now be installed.. # Security update for python-Pillow Announcement ID: SUSE-SU-2026:2875-1 Release Date: 2026-07-13T09:12:44Z Rating: important References: * bsc#1270409 * bsc#1270410 * bsc#1270411 * bsc#1270412 Cross-References: * CVE-2026-54059 * CVE-2026-54060 * CVE-2026-55379 * CVE-2026-55380 CVSS scores: * CVE-2026-54059 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-54059 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-54060 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-54060 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-55379 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-55379 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-55380 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-55380 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves four vulnerabilities can now be installed. ## Description: This update for python-Pillow fixes the following issues * CVE-2026-54059: crafted PCF font data can cause excessive memory allocation (bsc#1270409). * CVE-2026-54060: a font can trigger excessive allocation during conversion or saving (bsc#1270410). * CVE-2026-55379: bypass of decompression bomb protection, allowing excessive memory allocation (bsc#1270411). * CVE-2026-55380: crafted .gd file can trigger excessive C-heap allocation when loaded (bsc#1270412). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the commandlisted for your product: * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-2875=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2026-2875=1 ## Package List: * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64) * python-Pillow-debuginfo-7.2.0-150300.3.27.1 * python3-Pillow-debuginfo-7.2.0-150300.3.27.1 * python-Pillow-debugsource-7.2.0-150300.3.27.1 * python3-Pillow-7.2.0-150300.3.27.1 * openSUSE Leap 15.3 (aarch64 i586 ppc64le s390x x86_64) * python-Pillow-debuginfo-7.2.0-150300.3.27.1 * python3-Pillow-tk-debuginfo-7.2.0-150300.3.27.1 * python3-Pillow-debuginfo-7.2.0-150300.3.27.1 * python3-Pillow-7.2.0-150300.3.27.1 * python3-Pillow-tk-7.2.0-150300.3.27.1 * python-Pillow-debugsource-7.2.0-150300.3.27.1 ## References: * https://www.suse.com/security/cve/CVE-2026-54059.html * https://www.suse.com/security/cve/CVE-2026-54060.html * https://www.suse.com/security/cve/CVE-2026-55379.html * https://www.suse.com/security/cve/CVE-2026-55380.html * https://bugzilla.suse.com/show_bug.cgi?id=1270409 * https://bugzilla.suse.com/show_bug.cgi?id=1270410 * https://bugzilla.suse.com/show_bug.cgi?id=1270411 * https://bugzilla.suse.com/show_bug.cgi?id=1270412 . Install the important SUSE security update for python-Pillow, addressing memory allocation risks and four vulnerabilities.. python pillow security update, SUSE security advisory, important memory vulnerability, patch instructions for SUSE. . LinuxSecurity.com Team

Calendar%202 Jul 13, 2026 SuSE
100

SUSE ImageMagick Important Update for Multiple Vulnerabilities 2026-2877-1

An update that solves 42 vulnerabilities can now be installed.. # Security update for ImageMagick Announcement ID: SUSE-SU-2026:2877-1 Release Date: 2026-07-13T09:26:30Z Rating: important References: * bsc#1265048 * bsc#1268092 * bsc#1268094 * bsc#1268095 * bsc#1268096 * bsc#1268101 * bsc#1268102 * bsc#1268103 * bsc#1268105 * bsc#1268107 * bsc#1268108 * bsc#1268110 * bsc#1268111 * bsc#1268112 * bsc#1268113 * bsc#1268114 * bsc#1268116 * bsc#1268117 * bsc#1268120 * bsc#1268121 * bsc#1268122 * bsc#1268123 * bsc#1268124 * bsc#1268125 * bsc#1268126 * bsc#1268640 * bsc#1268645 * bsc#1268878 * bsc#1268879 * bsc#1268880 * bsc#1269063 * bsc#1269064 * bsc#1270001 * bsc#1270002 * bsc#1270003 * bsc#1270004 * bsc#1270073 * bsc#1270074 * bsc#1270077 * bsc#1270079 * bsc#1270080 * bsc#1271099 Cross-References: * CVE-2026-40169 * CVE-2026-42050 * CVE-2026-42326 * CVE-2026-45031 * CVE-2026-45358 * CVE-2026-45359 * CVE-2026-45624 * CVE-2026-45664 * CVE-2026-46520 * CVE-2026-46521 * CVE-2026-46522 * CVE-2026-46523 * CVE-2026-46557 * CVE-2026-46559 * CVE-2026-46692 * CVE-2026-46693 * CVE-2026-47165 * CVE-2026-47166 * CVE-2026-48724 * CVE-2026-48734 * CVE-2026-48994 * CVE-2026-49218 * CVE-2026-53460 * CVE-2026-53461 * CVE-2026-53463 * CVE-2026-53464 * CVE-2026-53466 * CVE-2026-53467 * CVE-2026-55594 * CVE-2026-55595 * CVE-2026-55597 * CVE-2026-56361 * CVE-2026-56363 * CVE-2026-56364 * CVE-2026-56365 * CVE-2026-56367 * CVE-2026-56368 * CVE-2026-56370 * CVE-2026-56371 * CVE-2026-56374 * CVE-2026-56376 * CVE-2026-56379 CVSS scores: * CVE-2026-40169 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-40169 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-40169 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-40169 ( NVD ): 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42050 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-42050 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-42326 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-42326 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L * CVE-2026-42326 ( NVD ): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2026-45031 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-45031 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-45031 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-45031 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-45358 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-45358 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N * CVE-2026-45358 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-45359 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-45359 ( SUSE ): 5.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L * CVE-2026-45359 ( NVD ): 5.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L * CVE-2026-45359 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-45624 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-45624 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2026-45624 ( NVD ): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2026-45664 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-45664 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-45664 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-45664 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-46520 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-46520 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-46520 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46520 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46521 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-46521 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-46521 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-46522 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-46522 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-46522 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46522 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46523 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-46523 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-46523 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46523 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46557 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-46557 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46557 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46559 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-46559 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-46559 ( NVD ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-46692 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-46692 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46692 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46693 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-46693 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2026-46693 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2026-47165 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-47165 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2026-47165 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2026-47166 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-47166 ( SUSE ): 5.7 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:H * CVE-2026-47166 ( NVD ): 5.7 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:H * CVE-2026-48724 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-48724 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-48724 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-48734 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-48734 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-48734 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-48994 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-48994 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-48994 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-49218 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-49218 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-49218 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-49218 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-53460 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-53460 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H *CVE-2026-53460 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-53460 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-53461 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-53461 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-53461 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-53461 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-53463 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-53463 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-53463 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-53464 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-53464 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-53464 ( NVD ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-53466 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-53466 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2026-53466 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2026-53467 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-53467 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-53467 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-55594 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-55594 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-55594 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-55595 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-55595 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-55595 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H *CVE-2026-55597 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-55597 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-55597 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-56361 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-56361 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-56361 ( NVD ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-56361 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H * CVE-2026-56361 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-56363 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-56363 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-56363 ( NVD ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-56363 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-56364 ( SUSE ): 1.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-56364 ( SUSE ): 1.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2026-56364 ( NVD ): 1.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-56364 ( NVD ): 1.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2026-56365 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-56365 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L *CVE-2026-56365 ( NVD ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-56365 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-56365 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-56367 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2026-56367 ( NVD ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-56367 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-56367 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-56368 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-56368 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-56368 ( NVD ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-56368 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-56368 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-56370 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-56370 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-56370 ( NVD ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-56370 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-56370 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-56371 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-56371 ( SUSE ): 5.3CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-56371 ( NVD ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-56371 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-56371 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-56374 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-56374 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-56374 ( NVD ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-56374 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-56374 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H * CVE-2026-56376 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-56376 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-56376 ( NVD ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-56376 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-56376 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-56379 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-56379 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2026-56379 ( NVD ): 9.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-56379 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-56379 ( NVD ): 5.5CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2026-56379 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * Desktop Applications Module 15-SP7 * Development Tools Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves 42 vulnerabilities can now be installed. ## Description: This update for ImageMagick fixes the following issues: * CVE-2026-53466: integer overflow in the XCF decoder can result in an out-of- bounds read when a crafted image is read (bsc#1270073). * CVE-2026-53467: allocated memory left unchanged in the MNG decoder can lead to a heap information disclosure (bsc#1270074). * CVE-2026-55594: missing depth check in the MVG decoder will result in a stack overflow when a crafted image is provided (bsc#1270077). * CVE-2026-55595: providing invalid arguments to the `connected-components` option can lead to an infinite loop (bsc#1270079). * CVE-2026-55597: incorrect handling of arguments can cause a heap buffer over-write in the JP2 encoder (bsc#1270080). * CVE-2026-56361: off-by-one error in morphology validation can lead to an out-of-bounds read (bsc#1270001). * CVE-2026-56363: integer overflow leading to a division by zero in binomial kernel processing can cause an application crash (bsc#1270002). * CVE-2026-56364: memory leak in `LoadOpenCLDeviceBenchmark` function when parsing malformed OpenCL device profile XML files with unclosed device elements (bsc#1270003). * CVE-2026-56374: missing boundary checks can lead to a heap buffer overflow in the FTXT encoder when parsing `ftxt:format` (bsc#1271099). * CVE-2026-56379: arbitrary MVG drawing command injection via the SVG decoder when processing specially crafted SVG files (bsc#1268878). * CVE-2026-42050: stack buffer overflow via a malicious MIFF file (bsc#1265048). *CVE-2026-42326: out-of-bounds read of single byte via malicious IPTC file (bsc#1268092). * CVE-2026-45031: missing check in the PSD decoder allows bypass of the list- length resource policy when decoding a PSD image (bsc#1268094). * CVE-2026-45358: off-by-one error in the meta encoder can lead to an out-of- bounds read of a single byte (bsc#1268102). * CVE-2026-45359: heap buffer overread via invalid `connected-components` value (bsc#1268095). * CVE-2026-45624: performing a polynomial distortion can lead to an out-of- bounds over-read of 24 bytes (bsc#1268096). * CVE-2026-45664: missing check in the MNG coder can lead to excessive resource use and a DoS (bsc#1268101). * CVE-2026-46520: out-of-bounds write when processing multiple images with different dimensions (bsc#1268112). * CVE-2026-46521: missing check when using LZMA compression in the MIFF encoder can lead to an out-of-bounds write (bsc#1268124). * CVE-2026-46522: missing check in the MIFF decoder can lead to a denial of service via crafted MIFF file (bsc#1268126). * CVE-2026-46523: heap use-after-free via a crafted MSL image (bsc#1268125). * CVE-2026-46557: missing depth check can lead to a stack buffer overflow in the fx operation when processing a crafted argument (bsc#1268123). * CVE-2026-46559: incorrect check in the JP2 can lead to a heap buffer overwrite of a single byte when specifying certain options (bsc#1268121). * CVE-2026-46692: heap buffer overwrite in the server process via an attacker who can connect to a magick -distribute- cache service (bsc#1268120). * CVE-2026-46693: file descriptor hijacking in the server process when a race condition is met via an attacker who can connect to a magick -distribute- cache service (bsc#1268117). * CVE-2026-47165: distributed pixel cache was designed to operate without a challenge-response authentication model (bsc#1268114). * CVE-2026-47166: heap buffer overread in the server process via an attacker who canconnect to a magick -distribute- cache service (bsc#1268113). * CVE-2026-48724: heap buffer underwrite in the Floyd-Steinberg depth dithering (bsc#1268116). * CVE-2026-48734: missing depth or visited-set check can lead to a stack buffer overflow in the MVG decoder (bsc#1268122). * CVE-2026-48994: missing check of a return value in the MAT decoder can lead to a heap buffer overwrite on 32-bit systems (bsc#1268111). * CVE-2026-49218: missing check in the DCM decoder can lead to a DoS (bsc#1268110). * CVE-2026-53460: missing check for maximum memory request in `AcquireAlignedMemory` can lead to an OOM condition (bsc#1268108). * CVE-2026-53461: incorrect loop in the ICON decoder can lead to an out-of- bounds heap write (bsc#1268107). * CVE-2026-53463: passing incorrect arguments in the distort operation can lead to NULL pointer dereference (bsc#1268105). * CVE-2026-53464: providing invalid options to the wand option parser can lead to a memory leak (bsc#1268103). * CVE-2026-56367: integer overflow in the PSB (PSD v2) RLE decoding path can lead to an heap out-of-bounds read (bsc#1268645). * CVE-2026-56368: improper memory management can lead to memory leak in multiple coders that write raw pixel data (bsc#1269064). * CVE-2026-56370: out-of-bounds access in `ConnectedComponentsImage()` when processing `connected-components:*` artifacts with invalid indices (bsc#1269063). * CVE-2026-56371: memory leak in `coders/txt.c` when processing TXT files with texture attributes (bsc#1268879). * CVE-2026-56376: heap use-after-free in the meta coder can lead to denial of service via specially crafted image files (bsc#1268880). * GHSA-3j4x-rwrx-xxj9: possible use-after-free write in PDB decoder (bsc#1268640). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Desktop Applications Module15-SP7 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP7-2026-2877=1 * Development Tools Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP7-2026-2877=1 ## Package List: * Desktop Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libMagickWand-7_Q16HDRI10-debuginfo-7.1.1.43-150700.3.65.1 * ImageMagick-debuginfo-7.1.1.43-150700.3.65.1 * ImageMagick-debugsource-7.1.1.43-150700.3.65.1 * libMagick++-7_Q16HDRI5-7.1.1.43-150700.3.65.1 * libMagickCore-7_Q16HDRI10-7.1.1.43-150700.3.65.1 * libMagickWand-7_Q16HDRI10-7.1.1.43-150700.3.65.1 * libMagick++-devel-7.1.1.43-150700.3.65.1 * ImageMagick-config-7-upstream-limited-7.1.1.43-150700.3.65.1 * libMagickCore-7_Q16HDRI10-debuginfo-7.1.1.43-150700.3.65.1 * ImageMagick-config-7-SUSE-7.1.1.43-150700.3.65.1 * ImageMagick-config-7-upstream-open-7.1.1.43-150700.3.65.1 * libMagick++-7_Q16HDRI5-debuginfo-7.1.1.43-150700.3.65.1 * ImageMagick-devel-7.1.1.43-150700.3.65.1 * ImageMagick-config-7-upstream-secure-7.1.1.43-150700.3.65.1 * ImageMagick-7.1.1.43-150700.3.65.1 * ImageMagick-config-7-upstream-websafe-7.1.1.43-150700.3.65.1 * Development Tools Module 15-SP7 (aarch64 ppc64le s390x x86_64) * ImageMagick-debuginfo-7.1.1.43-150700.3.65.1 * ImageMagick-debugsource-7.1.1.43-150700.3.65.1 * perl-PerlMagick-debuginfo-7.1.1.43-150700.3.65.1 * perl-PerlMagick-7.1.1.43-150700.3.65.1 ## References: * https://www.suse.com/security/cve/CVE-2026-40169.html * https://www.suse.com/security/cve/CVE-2026-42050.html * https://www.suse.com/security/cve/CVE-2026-42326.html * https://www.suse.com/security/cve/CVE-2026-45031.html * https://www.suse.com/security/cve/CVE-2026-45358.html * https://www.suse.com/security/cve/CVE-2026-45359.html * https://www.suse.com/security/cve/CVE-2026-45624.html * https://www.suse.com/security/cve/CVE-2026-45664.html * https://www.suse.com/security/cve/CVE-2026-46520.html *https://www.suse.com/security/cve/CVE-2026-46521.html * https://www.suse.com/security/cve/CVE-2026-46522.html * https://www.suse.com/security/cve/CVE-2026-46523.html * https://www.suse.com/security/cve/CVE-2026-46557.html * https://www.suse.com/security/cve/CVE-2026-46559.html * https://www.suse.com/security/cve/CVE-2026-46692.html * https://www.suse.com/security/cve/CVE-2026-46693.html * https://www.suse.com/security/cve/CVE-2026-47165.html * https://www.suse.com/security/cve/CVE-2026-47166.html * https://www.suse.com/security/cve/CVE-2026-48724.html * https://www.suse.com/security/cve/CVE-2026-48734.html * https://www.suse.com/security/cve/CVE-2026-48994.html * https://www.suse.com/security/cve/CVE-2026-49218.html * https://www.suse.com/security/cve/CVE-2026-53460.html * https://www.suse.com/security/cve/CVE-2026-53461.html * https://www.suse.com/security/cve/CVE-2026-53463.html * https://www.suse.com/security/cve/CVE-2026-53464.html * https://www.suse.com/security/cve/CVE-2026-53466.html * https://www.suse.com/security/cve/CVE-2026-53467.html * https://www.suse.com/security/cve/CVE-2026-55594.html * https://www.suse.com/security/cve/CVE-2026-55595.html * https://www.suse.com/security/cve/CVE-2026-55597.html * https://www.suse.com/security/cve/CVE-2026-56361.html * https://www.suse.com/security/cve/CVE-2026-56363.html * https://www.suse.com/security/cve/CVE-2026-56364.html * https://www.suse.com/security/cve/CVE-2026-56365.html * https://www.suse.com/security/cve/CVE-2026-56367.html * https://www.suse.com/security/cve/CVE-2026-56368.html * https://www.suse.com/security/cve/CVE-2026-56370.html * https://www.suse.com/security/cve/CVE-2026-56371.html * https://www.suse.com/security/cve/CVE-2026-56374.html * https://www.suse.com/security/cve/CVE-2026-56376.html * https://www.suse.com/security/cve/CVE-2026-56379.html * https://bugzilla.suse.com/show_bug.cgi?id=1265048 * https://bugzilla.suse.com/show_bug.cgi?id=1268092 *https://bugzilla.suse.com/show_bug.cgi?id=1268094 * https://bugzilla.suse.com/show_bug.cgi?id=1268095 * https://bugzilla.suse.com/show_bug.cgi?id=1268096 * https://bugzilla.suse.com/show_bug.cgi?id=1268101 * https://bugzilla.suse.com/show_bug.cgi?id=1268102 * https://bugzilla.suse.com/show_bug.cgi?id=1268103 * https://bugzilla.suse.com/show_bug.cgi?id=1268105 * https://bugzilla.suse.com/show_bug.cgi?id=1268107 * https://bugzilla.suse.com/show_bug.cgi?id=1268108 * https://bugzilla.suse.com/show_bug.cgi?id=1268110 * https://bugzilla.suse.com/show_bug.cgi?id=1268111 * https://bugzilla.suse.com/show_bug.cgi?id=1268112 * https://bugzilla.suse.com/show_bug.cgi?id=1268113 * https://bugzilla.suse.com/show_bug.cgi?id=1268114 * https://bugzilla.suse.com/show_bug.cgi?id=1268116 * https://bugzilla.suse.com/show_bug.cgi?id=1268117 * https://bugzilla.suse.com/show_bug.cgi?id=1268120 * https://bugzilla.suse.com/show_bug.cgi?id=1268121 * https://bugzilla.suse.com/show_bug.cgi?id=1268122 * https://bugzilla.suse.com/show_bug.cgi?id=1268123 * https://bugzilla.suse.com/show_bug.cgi?id=1268124 * https://bugzilla.suse.com/show_bug.cgi?id=1268125 * https://bugzilla.suse.com/show_bug.cgi?id=1268126 * https://bugzilla.suse.com/show_bug.cgi?id=1268640 * https://bugzilla.suse.com/show_bug.cgi?id=1268645 * https://bugzilla.suse.com/show_bug.cgi?id=1268878 * https://bugzilla.suse.com/show_bug.cgi?id=1268879 * https://bugzilla.suse.com/show_bug.cgi?id=1268880 * https://bugzilla.suse.com/show_bug.cgi?id=1269063 * https://bugzilla.suse.com/show_bug.cgi?id=1269064 * https://bugzilla.suse.com/show_bug.cgi?id=1270001 * https://bugzilla.suse.com/show_bug.cgi?id=1270002 * https://bugzilla.suse.com/show_bug.cgi?id=1270003 * https://bugzilla.suse.com/show_bug.cgi?id=1270004 * https://bugzilla.suse.com/show_bug.cgi?id=1270073 * https://bugzilla.suse.com/show_bug.cgi?id=1270074 * https://bugzilla.suse.com/show_bug.cgi?id=1270077 *https://bugzilla.suse.com/show_bug.cgi?id=1270079 * https://bugzilla.suse.com/show_bug.cgi?id=1270080 * https://bugzilla.suse.com/show_bug.cgi?id=1271099 . This SUSE advisory addresses critical ImageMagick vulnerabilities requiring immediate attention to enhance security.. SUSE Linux,image processing,ImageMagick,security updates,buffer overflow. . LinuxSecurity.com Team

Calendar%202 Jul 13, 2026 SuSE
100

SUSE Linux 12 SP5 Important Libpng15 Heap Overflow Advisory 2026-2878-1

An update that solves one vulnerability can now be installed.. # Security update for libpng15 Announcement ID: SUSE-SU-2026:2878-1 Release Date: 2026-07-13T09:27:39Z Rating: important References: * bsc#1258020 Cross-References: * CVE-2026-25646 CVSS scores: * CVE-2026-25646 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-25646 ( SUSE ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2026-25646 ( NVD ): 8.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-25646 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-25646 ( NVD ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for libpng15 fixes the following issue * CVE-2026-25646: heap buffer overflow vulnerability in png_set_dither/png_set_quantize (bsc#1258020). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2026-2878=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-2878=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libpng15-15-debuginfo-1.5.30-10.16.1 * libpng15-debugsource-1.5.30-10.16.1 *libpng15-15-1.5.30-10.16.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libpng15-15-debuginfo-1.5.30-10.16.1 * libpng15-debugsource-1.5.30-10.16.1 * libpng15-15-1.5.30-10.16.1 ## References: * https://www.suse.com/security/cve/CVE-2026-25646.html * https://bugzilla.suse.com/show_bug.cgi?id=1258020 . Critical update for libpng15 addresses a buffer overflow issue, enhancing security for SUSE users. Install promptly to mitigate risks.. libpng buffer overflow SUSE security. . LinuxSecurity.com Team

Calendar%202 Jul 13, 2026 SuSE
100

SUSE php8 Moderate Buffer Issue Vulnerability 2026-2880-1 Details

An update that solves one vulnerability can now be installed.. # Security update for php8 Announcement ID: SUSE-SU-2026:2880-1 Release Date: 2026-07-13T09:39:59Z Rating: moderate References: * bsc#1270351 Cross-References: * CVE-2026-14355 CVSS scores: * CVE-2026-14355 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-14355 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2026-14355 ( NVD ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2026-14355 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.4 An update that solves one vulnerability can now be installed. ## Description: This update for php8 fixes the following issue * CVE-2026-14355: The AES-WRAP-PAD algorithm implementation in OpenSSL extension contains a buffer allocation flaw (bsc#1270351). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2880=1 ## Package List: * openSUSE Leap 15.4 (aarch64 i586 ppc64le s390x x86_64) * php8-bcmath-debuginfo-8.0.30-150400.4.68.1 * php8-zip-debuginfo-8.0.30-150400.4.68.1 * php8-mysql-8.0.30-150400.4.68.1 * php8-pcntl-8.0.30-150400.4.68.1 * php8-bcmath-8.0.30-150400.4.68.1 * php8-embed-debuginfo-8.0.30-150400.4.68.1 * apache2-mod_php8-8.0.30-150400.4.68.1 * php8-openssl-debuginfo-8.0.30-150400.4.68.1 * php8-opcache-debuginfo-8.0.30-150400.4.68.1 * php8-sockets-debuginfo-8.0.30-150400.4.68.1 * php8-fileinfo-8.0.30-150400.4.68.1 * php8-phar-8.0.30-150400.4.68.1 * php8-ctype-debuginfo-8.0.30-150400.4.68.1 * php8-ftp-debuginfo-8.0.30-150400.4.68.1 * php8-fileinfo-debuginfo-8.0.30-150400.4.68.1 * php8-fpm-debuginfo-8.0.30-150400.4.68.1 *php8-bz2-debuginfo-8.0.30-150400.4.68.1 * php8-readline-debuginfo-8.0.30-150400.4.68.1 * php8-tidy-8.0.30-150400.4.68.1 * php8-phar-debuginfo-8.0.30-150400.4.68.1 * php8-calendar-8.0.30-150400.4.68.1 * php8-gettext-debuginfo-8.0.30-150400.4.68.1 * php8-xsl-8.0.30-150400.4.68.1 * php8-fastcgi-debugsource-8.0.30-150400.4.68.1 * php8-gmp-debuginfo-8.0.30-150400.4.68.1 * php8-shmop-debuginfo-8.0.30-150400.4.68.1 * php8-posix-debuginfo-8.0.30-150400.4.68.1 * php8-readline-8.0.30-150400.4.68.1 * php8-bz2-8.0.30-150400.4.68.1 * php8-debuginfo-8.0.30-150400.4.68.1 * php8-sysvmsg-debuginfo-8.0.30-150400.4.68.1 * php8-sysvshm-8.0.30-150400.4.68.1 * php8-zip-8.0.30-150400.4.68.1 * php8-pcntl-debuginfo-8.0.30-150400.4.68.1 * php8-enchant-debuginfo-8.0.30-150400.4.68.1 * php8-opcache-8.0.30-150400.4.68.1 * php8-test-8.0.30-150400.4.68.1 * php8-ldap-8.0.30-150400.4.68.1 * php8-tokenizer-8.0.30-150400.4.68.1 * php8-pdo-debuginfo-8.0.30-150400.4.68.1 * php8-sodium-debuginfo-8.0.30-150400.4.68.1 * php8-curl-debuginfo-8.0.30-150400.4.68.1 * php8-devel-8.0.30-150400.4.68.1 * php8-sqlite-debuginfo-8.0.30-150400.4.68.1 * apache2-mod_php8-debuginfo-8.0.30-150400.4.68.1 * php8-dba-8.0.30-150400.4.68.1 * php8-sockets-8.0.30-150400.4.68.1 * php8-calendar-debuginfo-8.0.30-150400.4.68.1 * php8-sysvsem-8.0.30-150400.4.68.1 * php8-xmlreader-debuginfo-8.0.30-150400.4.68.1 * php8-xmlwriter-debuginfo-8.0.30-150400.4.68.1 * php8-gd-debuginfo-8.0.30-150400.4.68.1 * php8-ftp-8.0.30-150400.4.68.1 * php8-enchant-8.0.30-150400.4.68.1 * php8-odbc-8.0.30-150400.4.68.1 * php8-pgsql-8.0.30-150400.4.68.1 * php8-soap-8.0.30-150400.4.68.1 * php8-dba-debuginfo-8.0.30-150400.4.68.1 * php8-gettext-8.0.30-150400.4.68.1 * php8-ctype-8.0.30-150400.4.68.1 * php8-snmp-8.0.30-150400.4.68.1 * php8-dom-debuginfo-8.0.30-150400.4.68.1 * php8-tidy-debuginfo-8.0.30-150400.4.68.1 *php8-tokenizer-debuginfo-8.0.30-150400.4.68.1 * php8-snmp-debuginfo-8.0.30-150400.4.68.1 * php8-dom-8.0.30-150400.4.68.1 * php8-xmlwriter-8.0.30-150400.4.68.1 * apache2-mod_php8-debugsource-8.0.30-150400.4.68.1 * php8-sysvsem-debuginfo-8.0.30-150400.4.68.1 * php8-xmlreader-8.0.30-150400.4.68.1 * php8-fastcgi-debuginfo-8.0.30-150400.4.68.1 * php8-pgsql-debuginfo-8.0.30-150400.4.68.1 * php8-sysvmsg-8.0.30-150400.4.68.1 * php8-xsl-debuginfo-8.0.30-150400.4.68.1 * php8-openssl-8.0.30-150400.4.68.1 * php8-fastcgi-8.0.30-150400.4.68.1 * php8-shmop-8.0.30-150400.4.68.1 * php8-8.0.30-150400.4.68.1 * php8-fpm-debugsource-8.0.30-150400.4.68.1 * php8-debugsource-8.0.30-150400.4.68.1 * php8-exif-8.0.30-150400.4.68.1 * php8-iconv-debuginfo-8.0.30-150400.4.68.1 * php8-odbc-debuginfo-8.0.30-150400.4.68.1 * php8-sqlite-8.0.30-150400.4.68.1 * php8-zlib-8.0.30-150400.4.68.1 * php8-sysvshm-debuginfo-8.0.30-150400.4.68.1 * php8-fpm-8.0.30-150400.4.68.1 * php8-sodium-8.0.30-150400.4.68.1 * php8-embed-8.0.30-150400.4.68.1 * php8-soap-debuginfo-8.0.30-150400.4.68.1 * php8-embed-debugsource-8.0.30-150400.4.68.1 * php8-exif-debuginfo-8.0.30-150400.4.68.1 * php8-mysql-debuginfo-8.0.30-150400.4.68.1 * php8-intl-debuginfo-8.0.30-150400.4.68.1 * php8-cli-8.0.30-150400.4.68.1 * php8-iconv-8.0.30-150400.4.68.1 * php8-ldap-debuginfo-8.0.30-150400.4.68.1 * php8-curl-8.0.30-150400.4.68.1 * php8-intl-8.0.30-150400.4.68.1 * php8-posix-8.0.30-150400.4.68.1 * php8-gmp-8.0.30-150400.4.68.1 * php8-gd-8.0.30-150400.4.68.1 * php8-mbstring-8.0.30-150400.4.68.1 * php8-zlib-debuginfo-8.0.30-150400.4.68.1 * php8-cli-debuginfo-8.0.30-150400.4.68.1 * php8-pdo-8.0.30-150400.4.68.1 * php8-mbstring-debuginfo-8.0.30-150400.4.68.1 ## References: * https://www.suse.com/security/cve/CVE-2026-14355.html * https://bugzilla.suse.com/show_bug.cgi?id=1270351 . The SUSE update fixes a moderateissue in php8 due to a buffer allocation flaw, essential for system integrity and safety.. SUSE Update, php8 Issue, Buffer Flaw, Security Advisory, CVE-2026-14355. . LinuxSecurity.com Team

Calendar%202 Jul 13, 2026 SuSE
100

SUSE nghttp2 Moderate HTTP Smuggling Risk Advisory 2026-2883-1

An update that solves one vulnerability can now be installed.. # Security update for nghttp2 Announcement ID: SUSE-SU-2026:2883-1 Release Date: 2026-07-13T09:54:51Z Rating: moderate References: * bsc#1269489 Cross-References: * CVE-2026-58055 CVSS scores: * CVE-2026-58055 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-58055 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N * CVE-2026-58055 ( NVD ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-58055 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N Affected Products: * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves one vulnerability can now be installed. ## Description: This update for nghttp2 fixes the following issue * CVE-2026-58055: HTTP/1.1 Upgrade request can lead to HTTP request smuggling and cross-client response-queue poisoning (bsc#1269489). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2883=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2883=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2883=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2883=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patchSUSE-SLE-Micro-5.5-2026-2883=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libnghttp2-14-1.40.0-150200.25.1 * nghttp2-debuginfo-1.40.0-150200.25.1 * libnghttp2-14-debuginfo-1.40.0-150200.25.1 * nghttp2-debugsource-1.40.0-150200.25.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libnghttp2-14-1.40.0-150200.25.1 * nghttp2-debuginfo-1.40.0-150200.25.1 * libnghttp2-14-debuginfo-1.40.0-150200.25.1 * nghttp2-debugsource-1.40.0-150200.25.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libnghttp2-14-1.40.0-150200.25.1 * nghttp2-debugsource-1.40.0-150200.25.1 * nghttp2-debuginfo-1.40.0-150200.25.1 * libnghttp2-14-debuginfo-1.40.0-150200.25.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libnghttp2-14-1.40.0-150200.25.1 * nghttp2-debuginfo-1.40.0-150200.25.1 * libnghttp2-14-debuginfo-1.40.0-150200.25.1 * nghttp2-debugsource-1.40.0-150200.25.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libnghttp2-14-1.40.0-150200.25.1 * nghttp2-debuginfo-1.40.0-150200.25.1 * libnghttp2-14-debuginfo-1.40.0-150200.25.1 * nghttp2-debugsource-1.40.0-150200.25.1 ## References: * https://www.suse.com/security/cve/CVE-2026-58055.html * https://bugzilla.suse.com/show_bug.cgi?id=1269489 . A security update has been released for nghttp2 addressing a moderate issue related to HTTP smuggling risks. Install now.. SUSE updates, nghttp2 security, moderate threats, HTTP smuggling, Linux patches. . LinuxSecurity.com Team

Calendar%202 Jul 13, 2026 SuSE
100

SUSE ALSA Moderate Memory Corruption Announced for Advisory 2026-2885-1

An update that solves one vulnerability can now be installed.. # Security update for alsa Announcement ID: SUSE-SU-2026:2885-1 Release Date: 2026-07-13T10:02:46Z Rating: moderate References: * bsc#1268853 Cross-References: * CVE-2026-56109 CVSS scores: * CVE-2026-56109 ( SUSE ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-56109 ( NVD ): 7.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-56109 ( NVD ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves one vulnerability can now be installed. ## Description: This update for alsa fixes the following issue * CVE-2026-56109: crafted ALSA configuration text with nested blocks can cause a double-free and memory corruption (bsc#1268853). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2885=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2885=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2885=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2885=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2885=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libasound2-1.2.6.1-150400.3.3.1 * alsa-debugsource-1.2.6.1-150400.3.3.1 * libasound2-debuginfo-1.2.6.1-150400.3.3.1 * SUSE Linux EnterpriseMicro 5.4 (aarch64 s390x x86_64) * libasound2-1.2.6.1-150400.3.3.1 * alsa-debugsource-1.2.6.1-150400.3.3.1 * libasound2-debuginfo-1.2.6.1-150400.3.3.1 * openSUSE Leap 15.4 (aarch64 i586 ppc64le s390x x86_64) * alsa-debugsource-1.2.6.1-150400.3.3.1 * libasound2-1.2.6.1-150400.3.3.1 * libasound2-debuginfo-1.2.6.1-150400.3.3.1 * alsa-1.2.6.1-150400.3.3.1 * alsa-devel-1.2.6.1-150400.3.3.1 * openSUSE Leap 15.4 (x86_64) * libasound2-32bit-debuginfo-1.2.6.1-150400.3.3.1 * libatopology2-32bit-debuginfo-1.2.6.1-150400.3.3.1 * alsa-topology-devel-32bit-1.2.6.1-150400.3.3.1 * alsa-devel-32bit-1.2.6.1-150400.3.3.1 * libatopology2-32bit-1.2.6.1-150400.3.3.1 * libasound2-32bit-1.2.6.1-150400.3.3.1 * openSUSE Leap 15.4 (aarch64 i586 ppc64le x86_64) * libatopology2-debuginfo-1.2.6.1-150400.3.3.1 * alsa-topology-devel-1.2.6.1-150400.3.3.1 * libatopology2-1.2.6.1-150400.3.3.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libasound2-64bit-1.2.6.1-150400.3.3.1 * libatopology2-64bit-1.2.6.1-150400.3.3.1 * libatopology2-64bit-debuginfo-1.2.6.1-150400.3.3.1 * alsa-devel-64bit-1.2.6.1-150400.3.3.1 * alsa-topology-devel-64bit-1.2.6.1-150400.3.3.1 * libasound2-64bit-debuginfo-1.2.6.1-150400.3.3.1 * openSUSE Leap 15.4 (noarch) * alsa-docs-1.2.6.1-150400.3.3.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * alsa-debugsource-1.2.6.1-150400.3.3.1 * libasound2-1.2.6.1-150400.3.3.1 * libasound2-debuginfo-1.2.6.1-150400.3.3.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * alsa-debugsource-1.2.6.1-150400.3.3.1 * libasound2-1.2.6.1-150400.3.3.1 * libasound2-debuginfo-1.2.6.1-150400.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-56109.html * https://bugzilla.suse.com/show_bug.cgi?id=1268853 . A security patch addressing moderate issues in ALSA for SUSE systems, detailing installation procedures and vulnerability impact.. ALSA Security Patch,SUSE Update,MemoryCorruption Fix. . LinuxSecurity.com Team

Calendar%202 Jul 13, 2026 SuSE
100

SUSE libslirp Moderate Memory Leak Threat Security Update 2026-2886-1

An update that solves one vulnerability can now be installed.. # Security update for libslirp Announcement ID: SUSE-SU-2026:2886-1 Release Date: 2026-07-13T10:09:11Z Rating: moderate References: * bsc#1268903 Cross-References: * CVE-2026-9539 CVSS scores: * CVE-2026-9539 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2026-9539 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves one vulnerability can now be installed. ## Description: This update for libslirp fixes the following issues: * CVE-2026-9539: crafted TCP segment with manipulated URG flags and urgent pointers can cause an integer underflow and host-heap memory leak (bsc#1268903). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2886=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2886=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2026-2886=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2886=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2886=1 ## Package List: * openSUSE Leap 15.3 (aarch64 i586 ppc64le s390x x86_64) * libslirp-debugsource-4.7.0+44-150300.18.1 * libslirp-devel-4.7.0+44-150300.18.1 * libslirp0-4.7.0+44-150300.18.1 * libslirp0-debuginfo-4.7.0+44-150300.18.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libslirp-debugsource-4.7.0+44-150300.18.1 * libslirp0-4.7.0+44-150300.18.1 *libslirp0-debuginfo-4.7.0+44-150300.18.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libslirp-debugsource-4.7.0+44-150300.18.1 * libslirp0-4.7.0+44-150300.18.1 * libslirp0-debuginfo-4.7.0+44-150300.18.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libslirp0-debuginfo-4.7.0+44-150300.18.1 * libslirp0-4.7.0+44-150300.18.1 * libslirp-debugsource-4.7.0+44-150300.18.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libslirp0-debuginfo-4.7.0+44-150300.18.1 * libslirp0-4.7.0+44-150300.18.1 * libslirp-debugsource-4.7.0+44-150300.18.1 ## References: * https://www.suse.com/security/cve/CVE-2026-9539.html * https://bugzilla.suse.com/show_bug.cgi?id=1268903 . SUSE releases a moderate security update for libslirp addressing CVE-2026-9539, improving system stability.. SUSE Linux, libslirp update, system security, openSUSE Leap. . LinuxSecurity.com Team

Calendar%202 Jul 13, 2026 SuSE
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":0,"type":"x","order":1,"pct":0,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":0,"type":"x","order":2,"pct":0,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200