Explore top 10 tips to secure your open-source projects now. Read More
×An update that solves four vulnerabilities can now be installed.. # Security update for python311 Announcement ID: SUSE-SU-2026:3104-1 Release Date: 2026-07-17T13:31:49Z Rating: important References: * bsc#1261969 * bsc#1262098 * bsc#1262319 * bsc#1262654 Cross-References: * CVE-2026-1502 * CVE-2026-4786 * CVE-2026-6019 * CVE-2026-6100 CVSS scores: * CVE-2026-1502 ( SUSE ): 5.7 CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-1502 ( SUSE ): 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2026-1502 ( NVD ): 5.7 CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-4786 ( SUSE ): 7.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-4786 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L * CVE-2026-4786 ( NVD ): 7.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-4786 ( NVD ): 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L * CVE-2026-6019 ( SUSE ): 2.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-6019 ( SUSE ): 3.8 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N * CVE-2026-6019 ( NVD ): 2.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-6019 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-6100 ( SUSE ): 9.1 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N *CVE-2026-6100 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6100 ( NVD ): 9.1 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-6100 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * Python 3 Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves four vulnerabilities can now be installed. ## Description: This update for python311 fixes the following issues * CVE-2026-1502: CR/LF bytes not rejected by HTTP client proxy tunnel headers or host (bsc#1261969). * CVE-2026-4786: URLs containing `%action` can bypass mitigation that allows command injection via the `webbrowser.open()` API (bsc#1262319). * CVE-2026-6019: HTML parser-sensitive sequence not neutralized by `http.cookies.Morsel.js_output()` (bsc#1262654). * CVE-2026-6100: use-after-free in decompression modules when a memory allocation fails with a `MemoryError` and the decompression instance is re- used (bsc#1262098). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Python 3 Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Python3-15-SP7-2026-3104=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-3104=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-3104=1 * SUSE Linux EnterpriseServer for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-3104=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-3104=1 ## Package List: * openSUSE Leap 15.6 (aarch64_ilp32) * libpython3_11-1_0-64bit-3.11.15-150600.3.59.3 * python311-base-64bit-debuginfo-3.11.15-150600.3.59.3 * python311-64bit-3.11.15-150600.3.59.3 * python311-base-64bit-3.11.15-150600.3.59.3 * libpython3_11-1_0-64bit-debuginfo-3.11.15-150600.3.59.3 * python311-64bit-debuginfo-3.11.15-150600.3.59.3 * openSUSE Leap 15.6 (aarch64 i586 ppc64le s390x x86_64) * python311-doc-devhelp-3.11.15-150600.3.59.1 * python311-3.11.15-150600.3.59.3 * python311-curses-3.11.15-150600.3.59.3 * python311-core-debugsource-3.11.15-150600.3.59.3 * python311-tk-debuginfo-3.11.15-150600.3.59.3 * libpython3_11-1_0-debuginfo-3.11.15-150600.3.59.3 * python311-testsuite-3.11.15-150600.3.59.3 * python311-dbm-debuginfo-3.11.15-150600.3.59.3 * python311-dbm-3.11.15-150600.3.59.3 * python311-testsuite-debuginfo-3.11.15-150600.3.59.3 * python311-base-3.11.15-150600.3.59.3 * python311-curses-debuginfo-3.11.15-150600.3.59.3 * libpython3_11-1_0-3.11.15-150600.3.59.3 * python311-base-debuginfo-3.11.15-150600.3.59.3 * python311-debugsource-3.11.15-150600.3.59.3 * python311-tk-3.11.15-150600.3.59.3 * python311-tools-3.11.15-150600.3.59.3 * python311-idle-3.11.15-150600.3.59.3 * python311-doc-3.11.15-150600.3.59.1 * python311-debuginfo-3.11.15-150600.3.59.3 * python311-devel-3.11.15-150600.3.59.3 * openSUSE Leap 15.6 (x86_64) * python311-base-32bit-debuginfo-3.11.15-150600.3.59.3 * python311-base-32bit-3.11.15-150600.3.59.3 * libpython3_11-1_0-32bit-3.11.15-150600.3.59.3 * python311-32bit-debuginfo-3.11.15-150600.3.59.3 * python311-32bit-3.11.15-150600.3.59.3 * libpython3_11-1_0-32bit-debuginfo-3.11.15-150600.3.59.3 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) *python311-base-debuginfo-3.11.15-150600.3.59.3 * python311-dbm-debuginfo-3.11.15-150600.3.59.3 * python311-3.11.15-150600.3.59.3 * python311-curses-3.11.15-150600.3.59.3 * python311-dbm-3.11.15-150600.3.59.3 * python311-debugsource-3.11.15-150600.3.59.3 * libpython3_11-1_0-debuginfo-3.11.15-150600.3.59.3 * python311-core-debugsource-3.11.15-150600.3.59.3 * python311-tk-3.11.15-150600.3.59.3 * python311-base-3.11.15-150600.3.59.3 * python311-curses-debuginfo-3.11.15-150600.3.59.3 * python311-tools-3.11.15-150600.3.59.3 * python311-tk-debuginfo-3.11.15-150600.3.59.3 * python311-idle-3.11.15-150600.3.59.3 * libpython3_11-1_0-3.11.15-150600.3.59.3 * python311-debuginfo-3.11.15-150600.3.59.3 * python311-devel-3.11.15-150600.3.59.3 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * python311-base-debuginfo-3.11.15-150600.3.59.3 * python311-debugsource-3.11.15-150600.3.59.3 * python311-dbm-3.11.15-150600.3.59.3 * python311-curses-3.11.15-150600.3.59.3 * python311-dbm-debuginfo-3.11.15-150600.3.59.3 * python311-3.11.15-150600.3.59.3 * python311-core-debugsource-3.11.15-150600.3.59.3 * python311-tk-3.11.15-150600.3.59.3 * python311-base-3.11.15-150600.3.59.3 * python311-curses-debuginfo-3.11.15-150600.3.59.3 * python311-tk-debuginfo-3.11.15-150600.3.59.3 * python311-tools-3.11.15-150600.3.59.3 * libpython3_11-1_0-3.11.15-150600.3.59.3 * python311-idle-3.11.15-150600.3.59.3 * libpython3_11-1_0-debuginfo-3.11.15-150600.3.59.3 * python311-debuginfo-3.11.15-150600.3.59.3 * python311-devel-3.11.15-150600.3.59.3 * Python 3 Module 15-SP7 (aarch64 ppc64le s390x x86_64) * python311-dbm-debuginfo-3.11.15-150600.3.59.3 * python311-dbm-3.11.15-150600.3.59.3 * python311-curses-3.11.15-150600.3.59.3 * python311-3.11.15-150600.3.59.3 * python311-debugsource-3.11.15-150600.3.59.3 * python311-core-debugsource-3.11.15-150600.3.59.3 *python311-tk-3.11.15-150600.3.59.3 * python311-curses-debuginfo-3.11.15-150600.3.59.3 * python311-tk-debuginfo-3.11.15-150600.3.59.3 * python311-tools-3.11.15-150600.3.59.3 * python311-idle-3.11.15-150600.3.59.3 * python311-debuginfo-3.11.15-150600.3.59.3 * python311-devel-3.11.15-150600.3.59.3 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * python311-base-debuginfo-3.11.15-150600.3.59.3 * libpython3_11-1_0-debuginfo-3.11.15-150600.3.59.3 * python311-core-debugsource-3.11.15-150600.3.59.3 * python311-base-3.11.15-150600.3.59.3 * libpython3_11-1_0-3.11.15-150600.3.59.3 ## References: * https://www.suse.com/security/cve/CVE-2026-1502.html * https://www.suse.com/security/cve/CVE-2026-4786.html * https://www.suse.com/security/cve/CVE-2026-6019.html * https://www.suse.com/security/cve/CVE-2026-6100.html * https://bugzilla.suse.com/show_bug.cgi?id=1261969 * https://bugzilla.suse.com/show_bug.cgi?id=1262098 * https://bugzilla.suse.com/show_bug.cgi?id=1262319 * https://bugzilla.suse.com/show_bug.cgi?id=1262654 . Four security issues in python311 are resolved in openSUSE update SUSE-SU-2026:3104-1. Install the patch immediately.. openSUSE update, python update, security flaws, important fixes, python311 patch. . Severity: Important. LinuxSecurity.com Team
The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-33565 http://linux.oracle.com/errata/ELSA-2026-33565.html The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable LinuxNetwork: x86_64: ruby-3.3.10-13.el10_2.x86_64.rpm ruby-bundled-gems-3.3.10-13.el10_2.x86_64.rpm ruby-default-gems-3.3.10-13.el10_2.noarch.rpm ruby-devel-3.3.10-13.el10_2.x86_64.rpm ruby-doc-3.3.10-13.el10_2.noarch.rpm ruby-libs-3.3.10-13.el10_2.x86_64.rpm rubygem-bigdecimal-3.1.5-13.el10_2.x86_64.rpm rubygem-bundler-2.5.22-13.el10_2.noarch.rpm rubygem-io-console-0.7.1-13.el10_2.x86_64.rpm rubygem-irb-1.13.1-13.el10_2.noarch.rpm rubygem-json-2.7.2-13.el10_2.x86_64.rpm rubygem-minitest-5.20.0-13.el10_2.noarch.rpm rubygem-power_assert-2.0.3-13.el10_2.noarch.rpm rubygem-psych-5.1.2-13.el10_2.x86_64.rpm rubygem-racc-1.7.3-13.el10_2.x86_64.rpm rubygem-rake-13.1.0-13.el10_2.noarch.rpm rubygem-rbs-3.4.0-13.el10_2.x86_64.rpm rubygem-rdoc-6.6.3.1-13.el10_2.noarch.rpm rubygem-rexml-3.4.4-13.el10_2.noarch.rpm rubygem-rss-0.3.1-13.el10_2.noarch.rpm rubygem-test-unit-3.6.1-13.el10_2.noarch.rpm rubygem-typeprof-0.21.9-13.el10_2.noarch.rpm rubygems-3.5.22-13.el10_2.noarch.rpm rubygems-devel-3.5.22-13.el10_2.noarch.rpm aarch64: ruby-3.3.10-13.el10_2.aarch64.rpm ruby-bundled-gems-3.3.10-13.el10_2.aarch64.rpm ruby-default-gems-3.3.10-13.el10_2.noarch.rpm ruby-devel-3.3.10-13.el10_2.aarch64.rpm ruby-doc-3.3.10-13.el10_2.noarch.rpm ruby-libs-3.3.10-13.el10_2.aarch64.rpm rubygem-bigdecimal-3.1.5-13.el10_2.aarch64.rpm rubygem-bundler-2.5.22-13.el10_2.noarch.rpm rubygem-io-console-0.7.1-13.el10_2.aarch64.rpm rubygem-irb-1.13.1-13.el10_2.noarch.rpm rubygem-json-2.7.2-13.el10_2.aarch64.rpm rubygem-minitest-5.20.0-13.el10_2.noarch.rpm rubygem-power_assert-2.0.3-13.el10_2.noarch.rpm rubygem-psych-5.1.2-13.el10_2.aarch64.rpm rubygem-racc-1.7.3-13.el10_2.aarch64.rpm rubygem-rake-13.1.0-13.el10_2.noarch.rpm rubygem-rbs-3.4.0-13.el10_2.aarch64.rpm rubygem-rdoc-6.6.3.1-13.el10_2.noarch.rpm rubygem-rexml-3.4.4-13.el10_2.noarch.rpm rubygem-rss-0.3.1-13.el10_2.noarch.rpm rubygem-test-unit-3.6.1-13.el10_2.noarch.rpm rubygem-typeprof-0.21.9-13.el10_2.noarch.rpm rubygems-3.5.22-13.el10_2.noarch.rpm rubygems-devel-3.5.22-13.el10_2.noarch.rpm SRPMS: http://oss.oracle.com/ol10/SRPMS-updates/ruby-3.3.10-13.el10_2.src.rpm Related CVEs: CVE-2026-42245 CVE-2026-42246 CVE-2026-42258 Description of changes: [3.3.10-13] - Fix DoS via crafted IMAP responses in net-imap. (CVE-2026-42245) Resolves: RHEL-181687 - Fix information disclosure via MITM attack bypassing TLS in net-imap. (CVE-2026-42246) Resolves: RHEL-181775 - Fix command injection via Symbol arguments in net-imap. (CVE-2026-42258) Resolves: RHEL-181797 _______________________________________________ El-errata mailing list
An update that solves one vulnerability can now be installed.. # Security update for dracut Announcement ID: SUSE-SU-2026:2851-1 Release Date: 2026-07-10T13:19:22Z Rating: important References: * bsc#1268322 Cross-References: * CVE-2026-6893 CVSS scores: * CVE-2026-6893 ( SUSE ): 8.7 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-6893 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6893 ( NVD ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6893 ( NVD ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Availability Extension 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for dracut fixes the following issue * CVE-2026-6893: Root code execution via DHCP options command injection (bsc#1268322). Changes for dracut: * Update to version 059+suse.570.g2b84048d7: * fix(network-legacy): sanitize DHCP values in dhclient-script.sh (bsc#1268322, CVE-2026-6893) * fix(network-legacy): add input validation to RFC 3442 route parser ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-2851=1 * SUSE Linux Enterprise High Availability Extension 15 SP7 zypper in -t patch SUSE-SLE-Product-HA-15-SP7-2026-2851=1 ## Package List: * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * dracut-ima-059+suse.570.g2b84048d7-150700.3.17.1 * dracut-059+suse.570.g2b84048d7-150700.3.17.1 *dracut-debuginfo-059+suse.570.g2b84048d7-150700.3.17.1 * dracut-fips-059+suse.570.g2b84048d7-150700.3.17.1 * dracut-debugsource-059+suse.570.g2b84048d7-150700.3.17.1 * SUSE Linux Enterprise High Availability Extension 15 SP7 (ppc64le x86_64) * dracut-mkinitrd-deprecated-059+suse.570.g2b84048d7-150700.3.17.1 * dracut-debugsource-059+suse.570.g2b84048d7-150700.3.17.1 * dracut-debuginfo-059+suse.570.g2b84048d7-150700.3.17.1 ## References: * https://www.suse.com/security/cve/CVE-2026-6893.html * https://bugzilla.suse.com/show_bug.cgi?id=1268322 . SUSE updates dracut to fix important issue allowing root execution via DHCP command injection. Immediate action recommended.. dracut update, SUSE Linux, root execution, security patch. . Severity: Important. LinuxSecurity.com Team
An update that solves one vulnerability can now be installed.. # Security update for dracut Announcement ID: SUSE-SU-2026:2803-1 Release Date: 2026-07-08T19:31:32Z Rating: important References: * bsc#1268322 Cross-References: * CVE-2026-6893 CVSS scores: * CVE-2026-6893 ( SUSE ): 8.7 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-6893 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6893 ( NVD ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6893 ( NVD ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise High Availability Extension 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for dracut fixes the following issue * CVE-2026-6893: Root code execution via DHCP options command injection (bsc#1268322). Changes for dracut: * Update to version 059+suse.565.g682306ec5: * fix(network-legacy): sanitize DHCP values in dhclient-script.sh (bsc#1268322, CVE-2026-6893) * fix(network-legacy): add input validation to RFC 3442 route parser ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-2803=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2803=1 * SUSE Linux Enterprise High Availability Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-HA-15-SP6-2026-2803=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2803=1 ## Package List: * openSUSE Leap 15.6 (aarch64 i586ppc64le s390x x86_64) * dracut-tools-059+suse.565.g682306ec5-150600.3.29.1 * dracut-extra-059+suse.565.g682306ec5-150600.3.29.1 * dracut-ima-059+suse.565.g682306ec5-150600.3.29.1 * dracut-059+suse.565.g682306ec5-150600.3.29.1 * dracut-debuginfo-059+suse.565.g682306ec5-150600.3.29.1 * dracut-debugsource-059+suse.565.g682306ec5-150600.3.29.1 * dracut-fips-059+suse.565.g682306ec5-150600.3.29.1 * dracut-mkinitrd-deprecated-059+suse.565.g682306ec5-150600.3.29.1 * SUSE Linux Enterprise High Availability Extension 15 SP6 (ppc64le x86_64) * dracut-debuginfo-059+suse.565.g682306ec5-150600.3.29.1 * dracut-debugsource-059+suse.565.g682306ec5-150600.3.29.1 * dracut-mkinitrd-deprecated-059+suse.565.g682306ec5-150600.3.29.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * dracut-ima-059+suse.565.g682306ec5-150600.3.29.1 * dracut-059+suse.565.g682306ec5-150600.3.29.1 * dracut-debuginfo-059+suse.565.g682306ec5-150600.3.29.1 * dracut-debugsource-059+suse.565.g682306ec5-150600.3.29.1 * dracut-fips-059+suse.565.g682306ec5-150600.3.29.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * dracut-ima-059+suse.565.g682306ec5-150600.3.29.1 * dracut-059+suse.565.g682306ec5-150600.3.29.1 * dracut-debuginfo-059+suse.565.g682306ec5-150600.3.29.1 * dracut-debugsource-059+suse.565.g682306ec5-150600.3.29.1 * dracut-fips-059+suse.565.g682306ec5-150600.3.29.1 ## References: * https://www.suse.com/security/cve/CVE-2026-6893.html * https://bugzilla.suse.com/show_bug.cgi?id=1268322 . Important security update for dracut resolves a critical command injection issue on SUSE systems, CVE-2026-6893.. SUSE Linux, Dracut Security, Command Injection, Security Update, Patch Instructions. . Severity: Important. LinuxSecurity.com Team
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-33577 http://linux.oracle.com/errata/ELSA-2026-33577.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable LinuxNetwork: x86_64: ruby-4.0.3-33.module+el9.8.0+90938+383082f5.i686.rpm ruby-4.0.3-33.module+el9.8.0+90938+383082f5.x86_64.rpm ruby-bundled-gems-4.0.3-33.module+el9.8.0+90938+383082f5.i686.rpm ruby-bundled-gems-4.0.3-33.module+el9.8.0+90938+383082f5.x86_64.rpm ruby-default-gems-4.0.3-33.module+el9.8.0+90938+383082f5.noarch.rpm ruby-devel-4.0.3-33.module+el9.8.0+90938+383082f5.i686.rpm ruby-devel-4.0.3-33.module+el9.8.0+90938+383082f5.x86_64.rpm ruby-doc-4.0.3-33.module+el9.8.0+90938+383082f5.noarch.rpm rubygem-bigdecimal-4.0.1-33.module+el9.8.0+90938+383082f5.i686.rpm rubygem-bigdecimal-4.0.1-33.module+el9.8.0+90938+383082f5.x86_64.rpm rubygem-bundler-4.0.6-33.module+el9.8.0+90938+383082f5.noarch.rpm rubygem-io-console-0.8.2-33.module+el9.8.0+90938+383082f5.i686.rpm rubygem-io-console-0.8.2-33.module+el9.8.0+90938+383082f5.x86_64.rpm rubygem-irb-1.16.0-33.module+el9.8.0+90938+383082f5.noarch.rpm rubygem-json-2.18.0-33.module+el9.8.0+90938+383082f5.i686.rpm rubygem-json-2.18.0-33.module+el9.8.0+90938+383082f5.x86_64.rpm rubygem-minitest-6.0.0-33.module+el9.8.0+90938+383082f5.noarch.rpm rubygem-mysql2-0.5.7-1.module+el9.8.0+90938+383082f5.x86_64.rpm rubygem-mysql2-doc-0.5.7-1.module+el9.8.0+90938+383082f5.noarch.rpm rubygem-pg-1.6.3-1.module+el9.8.0+90938+383082f5.x86_64.rpm rubygem-pg-doc-1.6.3-1.module+el9.8.0+90938+383082f5.noarch.rpm rubygem-power_assert-3.0.1-33.module+el9.8.0+90938+383082f5.noarch.rpm rubygem-psych-5.3.1-33.module+el9.8.0+90938+383082f5.i686.rpm rubygem-psych-5.3.1-33.module+el9.8.0+90938+383082f5.x86_64.rpm rubygem-racc-1.8.1-33.module+el9.8.0+90938+383082f5.i686.rpm rubygem-racc-1.8.1-33.module+el9.8.0+90938+383082f5.x86_64.rpm rubygem-rake-13.3.1-33.module+el9.8.0+90938+383082f5.noarch.rpm rubygem-rbs-3.10.0-33.module+el9.8.0+90938+383082f5.i686.rpm rubygem-rbs-3.10.0-33.module+el9.8.0+90938+383082f5.x86_64.rpm rubygem-rdoc-7.0.3-33.module+el9.8.0+90938+383082f5.noarch.rpm rubygem-rexml-3.4.4-33.module+el9.8.0+90938+383082f5.noarch.rpm rubygem-rss-0.3.2-33.module+el9.8.0+90938+383082f5.noarch.rpm rubygems-4.0.6-33.module+el9.8.0+90938+383082f5.noarch.rpm rubygems-devel-4.0.6-33.module+el9.8.0+90938+383082f5.noarch.rpm rubygem-test-unit-3.7.5-33.module+el9.8.0+90938+383082f5.noarch.rpm rubygem-typeprof-0.31.1-33.module+el9.8.0+90938+383082f5.noarch.rpm ruby-libs-4.0.3-33.module+el9.8.0+90938+383082f5.i686.rpm ruby-libs-4.0.3-33.module+el9.8.0+90938+383082f5.x86_64.rpm aarch64: ruby-4.0.3-33.module+el9.8.0+90938+383082f5.aarch64.rpm ruby-bundled-gems-4.0.3-33.module+el9.8.0+90938+383082f5.aarch64.rpm ruby-default-gems-4.0.3-33.module+el9.8.0+90938+383082f5.noarch.rpm ruby-devel-4.0.3-33.module+el9.8.0+90938+383082f5.aarch64.rpm ruby-doc-4.0.3-33.module+el9.8.0+90938+383082f5.noarch.rpm rubygem-bigdecimal-4.0.1-33.module+el9.8.0+90938+383082f5.aarch64.rpm rubygem-bundler-4.0.6-33.module+el9.8.0+90938+383082f5.noarch.rpm rubygem-io-console-0.8.2-33.module+el9.8.0+90938+383082f5.aarch64.rpm rubygem-irb-1.16.0-33.module+el9.8.0+90938+383082f5.noarch.rpm rubygem-json-2.18.0-33.module+el9.8.0+90938+383082f5.aarch64.rpm rubygem-minitest-6.0.0-33.module+el9.8.0+90938+383082f5.noarch.rpm rubygem-mysql2-0.5.7-1.module+el9.8.0+90938+383082f5.aarch64.rpm rubygem-mysql2-doc-0.5.7-1.module+el9.8.0+90938+383082f5.noarch.rpm rubygem-pg-1.6.3-1.module+el9.8.0+90938+383082f5.aarch64.rpm rubygem-pg-doc-1.6.3-1.module+el9.8.0+90938+383082f5.noarch.rpm rubygem-power_assert-3.0.1-33.module+el9.8.0+90938+383082f5.noarch.rpm rubygem-psych-5.3.1-33.module+el9.8.0+90938+383082f5.aarch64.rpm rubygem-racc-1.8.1-33.module+el9.8.0+90938+383082f5.aarch64.rpm rubygem-rake-13.3.1-33.module+el9.8.0+90938+383082f5.noarch.rpm rubygem-rbs-3.10.0-33.module+el9.8.0+90938+383082f5.aarch64.rpm rubygem-rdoc-7.0.3-33.module+el9.8.0+90938+383082f5.noarch.rpm rubygem-rexml-3.4.4-33.module+el9.8.0+90938+383082f5.noarch.rpm rubygem-rss-0.3.2-33.module+el9.8.0+90938+383082f5.noarch.rpm rubygems-4.0.6-33.module+el9.8.0+90938+383082f5.noarch.rpm rubygems-devel-4.0.6-33.module+el9.8.0+90938+383082f5.noarch.rpm rubygem-test-unit-3.7.5-33.module+el9.8.0+90938+383082f5.noarch.rpm rubygem-typeprof-0.31.1-33.module+el9.8.0+90938+383082f5.noarch.rpm ruby-libs-4.0.3-33.module+el9.8.0+90938+383082f5.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/ruby-4.0.3-33.module+el9.8.0+90938+383082f5.src.rpm http://oss.oracle.com/ol9/SRPMS-updates/rubygem-mysql2-0.5.7-1.module+el9.8.0+90938+383082f5.src.rpm http://oss.oracle.com/ol9/SRPMS-updates/rubygem-pg-1.6.3-1.module+el9.8.0+90938+383082f5.src.rpm Related CVEs: CVE-2026-42245 CVE-2026-42246 CVE-2026-42258 Description of changes: ruby [4.0.3-33] - Fix Net::IMAP ResponseReader quadratic complexity vulnerability. (CVE-2026-42245) Resolves: RHEL-181690 - Fix Net::IMAP STARTTLS stripping vulnerability. (CVE-2026-42246) Resolves: RHEL-181771 - Fix Net::IMAP command injection vulnerability via unvalidated Symbol arguments. (CVE-2026-42258) Resolves: RHEL-181803 [4.0.3-32] - Upgrade to Ruby 4.0.3. Resolves: RHEL-171933 - Fix ERB: Arbitrary code execution via deserialization bypass (CVE-2026-41316) Resolves: RHEL-171258 - Fix JSON: Denial of Service or Information Disclosure via format string injection (CVE-2026-33210) Resolves: RHEL-173458 rubygem-mysql2 [0.5.7-1] - Upgrade to mysql2 0.5.7. Related: RHEL-142278 rubygem-pg [1.6.3-1] - Upgrade to pg 1.6.3 Related: RHEL-142278 _______________________________________________ El-errata mailing list
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-33576 http://linux.oracle.com/errata/ELSA-2026-33576.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable LinuxNetwork: x86_64: ruby-3.3.10-7.module+el9.8.0+90944+8975e57f.i686.rpm ruby-3.3.10-7.module+el9.8.0+90944+8975e57f.x86_64.rpm ruby-bundled-gems-3.3.10-7.module+el9.8.0+90944+8975e57f.i686.rpm ruby-bundled-gems-3.3.10-7.module+el9.8.0+90944+8975e57f.x86_64.rpm ruby-default-gems-3.3.10-7.module+el9.8.0+90944+8975e57f.noarch.rpm ruby-devel-3.3.10-7.module+el9.8.0+90944+8975e57f.i686.rpm ruby-devel-3.3.10-7.module+el9.8.0+90944+8975e57f.x86_64.rpm ruby-doc-3.3.10-7.module+el9.8.0+90944+8975e57f.noarch.rpm rubygem-bigdecimal-3.1.5-7.module+el9.8.0+90944+8975e57f.i686.rpm rubygem-bigdecimal-3.1.5-7.module+el9.8.0+90944+8975e57f.x86_64.rpm rubygem-bundler-2.5.22-7.module+el9.8.0+90944+8975e57f.noarch.rpm rubygem-io-console-0.7.1-7.module+el9.8.0+90944+8975e57f.i686.rpm rubygem-io-console-0.7.1-7.module+el9.8.0+90944+8975e57f.x86_64.rpm rubygem-irb-1.13.1-7.module+el9.8.0+90944+8975e57f.noarch.rpm rubygem-json-2.7.2-7.module+el9.8.0+90944+8975e57f.i686.rpm rubygem-json-2.7.2-7.module+el9.8.0+90944+8975e57f.x86_64.rpm rubygem-minitest-5.20.0-7.module+el9.8.0+90944+8975e57f.noarch.rpm rubygem-mysql2-0.5.5-3.module+el9.8.0+90944+8975e57f.x86_64.rpm rubygem-mysql2-doc-0.5.5-3.module+el9.8.0+90944+8975e57f.noarch.rpm rubygem-pg-1.5.4-2.module+el9.8.0+90944+8975e57f.x86_64.rpm rubygem-pg-doc-1.5.4-2.module+el9.8.0+90944+8975e57f.noarch.rpm rubygem-power_assert-2.0.3-7.module+el9.8.0+90944+8975e57f.noarch.rpm rubygem-psych-5.1.2-7.module+el9.8.0+90944+8975e57f.i686.rpm rubygem-psych-5.1.2-7.module+el9.8.0+90944+8975e57f.x86_64.rpm rubygem-racc-1.7.3-7.module+el9.8.0+90944+8975e57f.i686.rpm rubygem-racc-1.7.3-7.module+el9.8.0+90944+8975e57f.x86_64.rpm rubygem-rake-13.1.0-7.module+el9.8.0+90944+8975e57f.noarch.rpm rubygem-rbs-3.4.0-7.module+el9.8.0+90944+8975e57f.i686.rpm rubygem-rbs-3.4.0-7.module+el9.8.0+90944+8975e57f.x86_64.rpm rubygem-rdoc-6.6.3.1-7.module+el9.8.0+90944+8975e57f.noarch.rpm rubygem-rexml-3.4.4-7.module+el9.8.0+90944+8975e57f.noarch.rpm rubygem-rss-0.3.1-7.module+el9.8.0+90944+8975e57f.noarch.rpm rubygems-3.5.22-7.module+el9.8.0+90944+8975e57f.noarch.rpm rubygems-devel-3.5.22-7.module+el9.8.0+90944+8975e57f.noarch.rpm rubygem-test-unit-3.6.1-7.module+el9.8.0+90944+8975e57f.noarch.rpm rubygem-typeprof-0.21.9-7.module+el9.8.0+90944+8975e57f.noarch.rpm ruby-libs-3.3.10-7.module+el9.8.0+90944+8975e57f.i686.rpm ruby-libs-3.3.10-7.module+el9.8.0+90944+8975e57f.x86_64.rpm aarch64: ruby-3.3.10-7.module+el9.8.0+90944+8975e57f.aarch64.rpm ruby-bundled-gems-3.3.10-7.module+el9.8.0+90944+8975e57f.aarch64.rpm ruby-default-gems-3.3.10-7.module+el9.8.0+90944+8975e57f.noarch.rpm ruby-devel-3.3.10-7.module+el9.8.0+90944+8975e57f.aarch64.rpm ruby-doc-3.3.10-7.module+el9.8.0+90944+8975e57f.noarch.rpm rubygem-bigdecimal-3.1.5-7.module+el9.8.0+90944+8975e57f.aarch64.rpm rubygem-bundler-2.5.22-7.module+el9.8.0+90944+8975e57f.noarch.rpm rubygem-io-console-0.7.1-7.module+el9.8.0+90944+8975e57f.aarch64.rpm rubygem-irb-1.13.1-7.module+el9.8.0+90944+8975e57f.noarch.rpm rubygem-json-2.7.2-7.module+el9.8.0+90944+8975e57f.aarch64.rpm rubygem-minitest-5.20.0-7.module+el9.8.0+90944+8975e57f.noarch.rpm rubygem-mysql2-0.5.5-3.module+el9.8.0+90944+8975e57f.aarch64.rpm rubygem-mysql2-doc-0.5.5-3.module+el9.8.0+90944+8975e57f.noarch.rpm rubygem-pg-1.5.4-2.module+el9.8.0+90944+8975e57f.aarch64.rpm rubygem-pg-doc-1.5.4-2.module+el9.8.0+90944+8975e57f.noarch.rpm rubygem-power_assert-2.0.3-7.module+el9.8.0+90944+8975e57f.noarch.rpm rubygem-psych-5.1.2-7.module+el9.8.0+90944+8975e57f.aarch64.rpm rubygem-racc-1.7.3-7.module+el9.8.0+90944+8975e57f.aarch64.rpm rubygem-rake-13.1.0-7.module+el9.8.0+90944+8975e57f.noarch.rpm rubygem-rbs-3.4.0-7.module+el9.8.0+90944+8975e57f.aarch64.rpm rubygem-rdoc-6.6.3.1-7.module+el9.8.0+90944+8975e57f.noarch.rpm rubygem-rexml-3.4.4-7.module+el9.8.0+90944+8975e57f.noarch.rpm rubygem-rss-0.3.1-7.module+el9.8.0+90944+8975e57f.noarch.rpm rubygems-3.5.22-7.module+el9.8.0+90944+8975e57f.noarch.rpm rubygems-devel-3.5.22-7.module+el9.8.0+90944+8975e57f.noarch.rpm rubygem-test-unit-3.6.1-7.module+el9.8.0+90944+8975e57f.noarch.rpm rubygem-typeprof-0.21.9-7.module+el9.8.0+90944+8975e57f.noarch.rpm ruby-libs-3.3.10-7.module+el9.8.0+90944+8975e57f.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/ruby-3.3.10-7.module+el9.8.0+90944+8975e57f.src.rpm http://oss.oracle.com/ol9/SRPMS-updates/rubygem-mysql2-0.5.5-3.module+el9.8.0+90944+8975e57f.src.rpm http://oss.oracle.com/ol9/SRPMS-updates/rubygem-pg-1.5.4-2.module+el9.8.0+90944+8975e57f.src.rpm Related CVEs: CVE-2026-42245 CVE-2026-42246 CVE-2026-42258 Description of changes: ruby [3.3.10-7] - Fix DoS via crafted IMAP responses in net-imap. (CVE-2026-42245) Resolves: RHEL-181693 - Fix information disclosure via MITM attack bypassing TLS in net-imap. (CVE-2026-42246) Resolves: RHEL-181779 - Fix command injection via Symbol arguments in net-imap. (CVE-2026-42258) Resolves: RHEL-181811 rubygem-mysql2 [0.5.5-3] - Disable tests on the 32bit platforms ix86. Related: RHEL-80222 rubygem-pg [-1.5.4-2] - Fix encoding issue in spec suite. Resolves: RHEL-159199 _______________________________________________ El-errata mailing list
An update that solves one vulnerability can now be installed.. # Security update for dracut Announcement ID: SUSE-SU-2026:22446-1 Release Date: 2026-06-29T09:20:34Z Rating: important References: * bsc#1268322 Cross-References: * CVE-2026-6893 CVSS scores: * CVE-2026-6893 ( SUSE ): 8.7 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-6893 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6893 ( NVD ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6893 ( NVD ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves one vulnerability can now be installed. ## Description: This update for dracut fixes the following issue * CVE-2026-6893: Root code execution via DHCP options command injection (bsc#1268322). Changes for dracut: * Update to version 059+suse.643.g1f1d880: * fix(network-legacy): sanitize DHCP values in dhclient-script.sh (bsc#1268322, CVE-2026-6893) * fix(network-legacy): add input validation to RFC 3442 route parser ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-596=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * dracut-debuginfo-059+suse.643.g1f1d880-slfo.1.1_1.1 * dracut-fips-059+suse.643.g1f1d880-slfo.1.1_1.1 * dracut-059+suse.643.g1f1d880-slfo.1.1_1.1 * dracut-debugsource-059+suse.643.g1f1d880-slfo.1.1_1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-6893.html * https://bugzilla.suse.com/show_bug.cgi?id=1268322 . Install important dracut security update for CVE-2026-6893 addressing root access risk via DHCP command injection.. SUSE Linux Micro, dracut security update, command injection fix, CVE-2026-6893. .Severity: Important. LinuxSecurity.com Team
An update that solves one vulnerability can now be installed.. # Security update for dracut Announcement ID: SUSE-SU-2026:2721-1 Release Date: 2026-07-01T13:15:53Z Rating: important References: * bsc#1268322 Cross-References: * CVE-2026-6893 CVSS scores: * CVE-2026-6893 ( SUSE ): 8.7 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-6893 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6893 ( NVD ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6893 ( NVD ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for dracut fixes the following issue * CVE-2026-6893: Root code execution via DHCP options command injection (bsc#1268322). Changes for dracut: * Update to version 055+suse.402.g2720eea: * fix(network-legacy): sanitize DHCP values in dhclient-script.sh (bsc#1268322, CVE-2026-6893) * fix(network-legacy): add input validation to RFC 3442 route parser ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2721=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2721=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patchSUSE-SLE-Micro-5.5-2026-2721=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2721=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2721=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-2721=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * dracut-fips-055+suse.402.g2720eea-150500.3.41.1 * dracut-debugsource-055+suse.402.g2720eea-150500.3.41.1 * dracut-debuginfo-055+suse.402.g2720eea-150500.3.41.1 * dracut-mkinitrd-deprecated-055+suse.402.g2720eea-150500.3.41.1 * dracut-055+suse.402.g2720eea-150500.3.41.1 * dracut-ima-055+suse.402.g2720eea-150500.3.41.1 * openSUSE Leap 15.5 (aarch64 i586 ppc64le s390x x86_64) * dracut-fips-055+suse.402.g2720eea-150500.3.41.1 * dracut-tools-055+suse.402.g2720eea-150500.3.41.1 * dracut-debugsource-055+suse.402.g2720eea-150500.3.41.1 * dracut-debuginfo-055+suse.402.g2720eea-150500.3.41.1 * dracut-mkinitrd-deprecated-055+suse.402.g2720eea-150500.3.41.1 * dracut-055+suse.402.g2720eea-150500.3.41.1 * dracut-ima-055+suse.402.g2720eea-150500.3.41.1 * dracut-extra-055+suse.402.g2720eea-150500.3.41.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * dracut-fips-055+suse.402.g2720eea-150500.3.41.1 * dracut-debugsource-055+suse.402.g2720eea-150500.3.41.1 * dracut-debuginfo-055+suse.402.g2720eea-150500.3.41.1 * dracut-mkinitrd-deprecated-055+suse.402.g2720eea-150500.3.41.1 * dracut-055+suse.402.g2720eea-150500.3.41.1 * dracut-ima-055+suse.402.g2720eea-150500.3.41.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * dracut-debuginfo-055+suse.402.g2720eea-150500.3.41.1 * dracut-fips-055+suse.402.g2720eea-150500.3.41.1 * dracut-055+suse.402.g2720eea-150500.3.41.1 * dracut-debugsource-055+suse.402.g2720eea-150500.3.41.1 * SUSELinux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * dracut-fips-055+suse.402.g2720eea-150500.3.41.1 * dracut-debugsource-055+suse.402.g2720eea-150500.3.41.1 * dracut-debuginfo-055+suse.402.g2720eea-150500.3.41.1 * dracut-mkinitrd-deprecated-055+suse.402.g2720eea-150500.3.41.1 * dracut-055+suse.402.g2720eea-150500.3.41.1 * dracut-ima-055+suse.402.g2720eea-150500.3.41.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * dracut-fips-055+suse.402.g2720eea-150500.3.41.1 * dracut-debugsource-055+suse.402.g2720eea-150500.3.41.1 * dracut-debuginfo-055+suse.402.g2720eea-150500.3.41.1 * dracut-mkinitrd-deprecated-055+suse.402.g2720eea-150500.3.41.1 * dracut-055+suse.402.g2720eea-150500.3.41.1 * dracut-ima-055+suse.402.g2720eea-150500.3.41.1 ## References: * https://www.suse.com/security/cve/CVE-2026-6893.html * https://bugzilla.suse.com/show_bug.cgi?id=1268322 . An important update for openSUSE addresses a critical command injection issue in dracut, enhancing system security.. dracut update, openSUSE patch, command injection risk, root access fix. . Severity: Important. LinuxSecurity.com Team
Get the latest Linux and open source security news straight to your inbox.