Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 10 articles for you...
100
security advisorymoderateSuSEUbuntu OS Nano 20.04 libcrypto High OOB Security Flaw 2023-11987-2
An update that solves two vulnerabilities can now be installed.. # Security update for libtpms Announcement ID: SUSE-SU-2026:21581-1 Release Date: 2026-05-06T18:19:25Z Rating: moderate References: * bsc#1244528 * bsc#1260439 Cross-References: * CVE-2025-49133 * CVE-2026-21444 CVSS scores: * CVE-2025-49133 ( SUSE ): 5.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H * CVE-2025-49133 ( NVD ): 5.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H * CVE-2025-49133 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-21444 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-21444 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2026-21444 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.2 An update that solves two vulnerabilities can now be installed. ## Description: This update for libtpms fixes the following issues: * CVE-2025-49133: Fixed potential out of bounds (OOB) read vulnerability (bsc#1244528). * CVE-2026-21444: Fixed remote data confidentiality compromise via incorrect Initialization Vector (IV) handling (bsc#1260439). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-714=1 ## Package List: * SUSE Linux Micro 6.2 (aarch64 ppc64le s390x x86_64) * libtpms-debugsource-0.10.0-160000.5.1 * libtpms0-debuginfo-0.10.0-160000.5.1 * libtpms0-0.10.0-160000.5.1 ## References: * https://www.suse.com/security/cve/CVE-2025-49133.html * https://www.suse.com/security/cve/CVE-2026-21444.html * https://bugzilla.suse.com/show_bug.cgi?id=1244528 * https://bugzilla.suse.com/show_bug.cgi?id=1260439 . SUSE provides a security update for libtpms addressing moderate vulnerabilities enhancingsystem integrity and safety.. SUSE libtpms update security issues moderate vulnerabilities. . LinuxSecurity.com Team
May 15, 2026
SuSE
219
security advisorydata breachimportantRocky Linux 10 RLSA-2026-10223 grafana Important Info Disclosure
Important: grafana security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:10223", "synopsis": "Important: grafana security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for grafana.\nThis update affects Rocky Linux 10.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. \n\nSecurity Fix(es):\n\n* grafana: Grafana: Information disclosure of data-source passwords via public dashboards (CVE-2026-27877)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 10"], "fixes": [{"ticket": "2452293", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2452293", "description": ""}], "cves": [{"name": "CVE-2026-27877", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27877", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "cvss3BaseScore": "7.5", "cwe": "CWE-201"}], "references": [], "publishedAt": "2026-04-28T12:06:44.835475Z", "rpms": {"Rocky Linux 10": {"nvras": ["grafana-0:10.2.6-24.el10_1.ppc64le.rpm", "grafana-0:10.2.6-24.el10_1.src.rpm", "grafana-selinux-0:10.2.6-24.el10_1.x86_64.rpm", "grafana-selinux-0:10.2.6-24.el10_1.ppc64le.rpm", "grafana-selinux-0:10.2.6-24.el10_1.aarch64.rpm", "grafana-debuginfo-0:10.2.6-24.el10_1.x86_64.rpm", "grafana-debugsource-0:10.2.6-24.el10_1.x86_64.rpm", "grafana-0:10.2.6-24.el10_1.x86_64.rpm", "grafana-debugsource-0:10.2.6-24.el10_1.ppc64le.rpm", "grafana-debugsource-0:10.2.6-24.el10_1.s390x.rpm", "grafana-0:10.2.6-24.el10_1.s390x.rpm", "grafana-debuginfo-0:10.2.6-24.el10_1.s390x.rpm","grafana-debuginfo-0:10.2.6-24.el10_1.aarch64.rpm", "grafana-0:10.2.6-24.el10_1.aarch64.rpm", "grafana-selinux-0:10.2.6-24.el10_1.s390x.rpm", "grafana-debugsource-0:10.2.6-24.el10_1.aarch64.rpm", "grafana-debuginfo-0:10.2.6-24.el10_1.ppc64le.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Grafana security update addresses information disclosure risks in Rocky Linux 10. Stay informed on CVEs and solutions.. grafana security, Rocky Linux update, CVSS score, information disclosure. . Severity: Important. LinuxSecurity.com Team
Apr 28, 2026
•Important
Rocky Linux
217
security advisorymoderatedata breachOracle Linux 8 ELSA-2026-5581 nginx 1.24 Moderate TLS Proxy Attack
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-5581 http://linux.oracle.com/errata/ELSA-2026-5581.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: nginx-1.24.0-2.0.1.module+el8.10.0+90849+dcad285b.x86_64.rpm nginx-all-modules-1.24.0-2.0.1.module+el8.10.0+90849+dcad285b.noarch.rpm nginx-filesystem-1.24.0-2.0.1.module+el8.10.0+90849+dcad285b.noarch.rpm nginx-mod-devel-1.24.0-2.0.1.module+el8.10.0+90849+dcad285b.x86_64.rpm nginx-mod-http-image-filter-1.24.0-2.0.1.module+el8.10.0+90849+dcad285b.x86_64.rpm nginx-mod-http-perl-1.24.0-2.0.1.module+el8.10.0+90849+dcad285b.x86_64.rpm nginx-mod-http-xslt-filter-1.24.0-2.0.1.module+el8.10.0+90849+dcad285b.x86_64.rpm nginx-mod-mail-1.24.0-2.0.1.module+el8.10.0+90849+dcad285b.x86_64.rpm nginx-mod-stream-1.24.0-2.0.1.module+el8.10.0+90849+dcad285b.x86_64.rpm aarch64: nginx-1.24.0-2.0.1.module+el8.10.0+90849+dcad285b.aarch64.rpm nginx-all-modules-1.24.0-2.0.1.module+el8.10.0+90849+dcad285b.noarch.rpm nginx-filesystem-1.24.0-2.0.1.module+el8.10.0+90849+dcad285b.noarch.rpm nginx-mod-devel-1.24.0-2.0.1.module+el8.10.0+90849+dcad285b.aarch64.rpm nginx-mod-http-image-filter-1.24.0-2.0.1.module+el8.10.0+90849+dcad285b.aarch64.rpm nginx-mod-http-perl-1.24.0-2.0.1.module+el8.10.0+90849+dcad285b.aarch64.rpm nginx-mod-http-xslt-filter-1.24.0-2.0.1.module+el8.10.0+90849+dcad285b.aarch64.rpm nginx-mod-mail-1.24.0-2.0.1.module+el8.10.0+90849+dcad285b.aarch64.rpm nginx-mod-stream-1.24.0-2.0.1.module+el8.10.0+90849+dcad285b.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/nginx-1.24.0-2.0.1.module+el8.10.0+90849+dcad285b.src.rpm Related CVEs: CVE-2026-1642 Description of changes: [1.24.0-2.0.1] - Remove Red Hat references [Orabug: 29498217] [1:1.24.0-2] - Resolves: RHEL-146517 - nginx:1.24/nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections (CVE-2026-1642) [1:1.24.0-1] -Resolves: RHEL-14714 - add nginx:1.24 to RHEL 8.10 [1:1.22.1-2] - Resolves: RHEL-12728 - nginx:1.22/nginx: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)(CVE-2023-44487) [1:1.22.1-1] - Resolves: #2112345 - nginx:1.22 for RHEL 8 - add stream_geoip_module and stream_realip_module - remove obsolete --with-ipv6 [1:1.20.1-1] - rebase to 1.20.1 (addressing CVE-2021-23017) [1:1.20.0-4] - add delaycompress to logrotate config (#2015243) [1:1.20.0-3] - Add -mod-devel subpackage for building external nginx modules (Neal Gompa) Resolves: #1991787 [1:1.20.0-2] - Resolves: #1991796 - build nginx with --with-compat [1:1.20.0-1] - new version 1.20.0 - Resolves: #1945671 - RFE: add nginx:1.20 module stream _______________________________________________ El-errata mailing list
Mar 24, 2026
Oracle
100
security advisorymoderatesecurity issueSUSE Linux Micro 6.2 Curl Moderate Security Update Advisory 2026-20110-1
An update that solves five vulnerabilities can now be installed.. # Security update for curl Announcement ID: SUSE-SU-2026:20110-1 Release Date: 2026-01-14T10:57:51Z Rating: moderate References: * bsc#1255731 * bsc#1255732 * bsc#1255733 * bsc#1255734 * bsc#1256105 Cross-References: * CVE-2025-14017 * CVE-2025-14524 * CVE-2025-14819 * CVE-2025-15079 * CVE-2025-15224 CVSS scores: * CVE-2025-14017 ( SUSE ): 7.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-14017 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N * CVE-2025-14017 ( NVD ): 6.3 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N * CVE-2025-14524 ( SUSE ): 5.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-14524 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2025-14524 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2025-14819 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-14819 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2025-14819 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2025-15079 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-15079 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2025-15079 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2025-15224 ( SUSE ): 2.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-15224 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2025-15224 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N Affected Products: * SUSE Linux Micro 6.2 An update that solves five vulnerabilities can now be installed. ## Description: This update for curl fixes the following issues: This update for curl fixes the following issues: * CVE-2025-14017: broken TLS options for threaded LDAPS (bsc#1256105). *CVE-2025-14524: bearer token leak on cross-protocol redirect (bsc#1255731). * CVE-2025-14819: libssh global knownhost override (bsc#1255732). * CVE-2025-15079: libssh key passphrase bypass without agent set (bsc#1255733). * CVE-2025-15224: OpenSSL partial chain store policy bypass (bsc#1255734). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-140=1 ## Package List: * SUSE Linux Micro 6.2 (aarch64 ppc64le s390x x86_64) * curl-8.14.1-160000.4.1 * libcurl4-8.14.1-160000.4.1 * libcurl4-debuginfo-8.14.1-160000.4.1 * curl-debugsource-8.14.1-160000.4.1 * curl-debuginfo-8.14.1-160000.4.1 ## References: * https://www.suse.com/security/cve/CVE-2025-14017.html * https://www.suse.com/security/cve/CVE-2025-14524.html * https://www.suse.com/security/cve/CVE-2025-14819.html * https://www.suse.com/security/cve/CVE-2025-15079.html * https://www.suse.com/security/cve/CVE-2025-15224.html * https://bugzilla.suse.com/show_bug.cgi?id=1255731 * https://bugzilla.suse.com/show_bug.cgi?id=1255732 * https://bugzilla.suse.com/show_bug.cgi?id=1255733 * https://bugzilla.suse.com/show_bug.cgi?id=1255734 * https://bugzilla.suse.com/show_bug.cgi?id=1256105 . SUSE Linux Micro 6.2 updates curl fixing five security issues including TLS options and token leaks. Essential patch available.. SUSE Linux Micro curl update patch security leaks TLS. . Severity: Important. LinuxSecurity.com Team
Jan 23, 2026
•Important
SuSE
100
security advisorySuSEdata breachSUSE: java-11-openjdk Important Unauthorized Access Threat 2025:3835-1
* bsc#1246806 * bsc#1252414 * bsc#1252417 Cross-References: . # Security update for java-11-openjdk Announcement ID: SUSE-SU-2025:3835-1 Release Date: 2025-10-28T10:31:15Z Rating: important References: * bsc#1246806 * bsc#1252414 * bsc#1252417 Cross-References: * CVE-2025-53057 * CVE-2025-53066 CVSS scores: * CVE-2025-53057 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-53057 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2025-53057 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2025-53066 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-53066 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-53066 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves two vulnerabilities and has one security fix can now be installed. ## Description: This update for java-11-openjdk fixes the following issues: Upgrade to upstream tag jdk-11.0.29+7 (October 2025 CPU): * CVE-2025-53057: Fixed unauthenticated attacker can achieve unauthorized creation, deletion or modification access to critical data (bsc#1252414). * CVE-2025-53066: Fixed unauthenticated attacker can achive unauthorized access to critical data or complete access (bsc#1252417). Other bug fixes: * Do not embed rebuild counter (bsc#1246806) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patchSUSE-SLE-SERVER-12-SP5-LTSS-2025-3835=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-3835=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * java-11-openjdk-debuginfo-11.0.29.0-3.93.1 * java-11-openjdk-devel-11.0.29.0-3.93.1 * java-11-openjdk-11.0.29.0-3.93.1 * java-11-openjdk-demo-11.0.29.0-3.93.1 * java-11-openjdk-headless-11.0.29.0-3.93.1 * java-11-openjdk-debugsource-11.0.29.0-3.93.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * java-11-openjdk-debuginfo-11.0.29.0-3.93.1 * java-11-openjdk-devel-11.0.29.0-3.93.1 * java-11-openjdk-11.0.29.0-3.93.1 * java-11-openjdk-demo-11.0.29.0-3.93.1 * java-11-openjdk-headless-11.0.29.0-3.93.1 * java-11-openjdk-debugsource-11.0.29.0-3.93.1 ## References: * https://www.suse.com/security/cve/CVE-2025-53057.html * https://www.suse.com/security/cve/CVE-2025-53066.html * https://bugzilla.suse.com/show_bug.cgi?id=1246806 * https://bugzilla.suse.com/show_bug.cgi?id=1252414 * https://bugzilla.suse.com/show_bug.cgi?id=1252417 . Critical updates available for java-11-openjdk on SUSE due to important security issues requiring prompt attention.. Java Security Patch, SUSE Update, Linux Vulnerability, OpenJDK Fix. . Severity: Important. LinuxSecurity.com Team
Oct 28, 2025
•Important
SuSE
202
security advisorymoderatedata breachopenSUSE Leap 15.4: MariaDB Moderate Security Advisory 2025:03276-1
An update that solves five vulnerabilities can now be installed. . # Security update for mariadb Announcement ID: SUSE-SU-2025:03276-1 Release Date: 2025-09-19T12:17:27Z Rating: moderate References: * bsc#1239150 * bsc#1239151 * bsc#1243356 * bsc#1249212 * bsc#1249213 Cross-References: * CVE-2023-52969 * CVE-2023-52970 * CVE-2025-21490 * CVE-2025-30693 * CVE-2025-30722 CVSS scores: * CVE-2023-52969 ( SUSE ): 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52969 ( NVD ): 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52970 ( SUSE ): 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52970 ( NVD ): 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21490 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21490 ( SUSE ): 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21490 ( NVD ): 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-30693 ( SUSE ): 5.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H * CVE-2025-30693 ( NVD ): 5.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H * CVE-2025-30722 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2025-30722 ( NVD ): 6.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N Affected Products: * Galera for Ericsson 15 SP4 * Galera for Ericsson 15 SP5 * openSUSE Leap 15.4 An update that solves five vulnerabilities can now be installed. ## Description: This update for mariadb fixes the following issues: Update to version 10.6.23. Security issues fixed: * CVE-2025-21490: InnoDB issue allows high privileged attacker with network access to cause a hang or frequently repeatable crash of MySQL Server (bsc#1243356). * CVE-2025-30693: InnoDB issue allows high privileged attacker with network access to gain unauthorized update, insert or delete access to data and cause repeatable crash in MySQLserver (bsc#1249213). * CVE-2025-30722: mysqldump issue allows low privileged attacker with network access to gain unauthorized update, insert or delete access to data in MySQL Client (bsc#1249212). * CVE-2023-52969: crash with empty backtrace log in MariaDB Server (bsc#1239150). * CVE-2023-52970: crash in MariaDB Server when inserting from derived table containing insert target table (bsc#1239151). Release notes and changelog: * https://mariadb.com/docs/release-notes/community-server/10.6/10.6.23 * https://mariadb.com/docs/release-notes/community-server/changelogs/10.6/10.6.23 * https://mariadb.com/docs/release-notes/community-server/10.6/10.6.22 * https://mariadb.com/docs/release-notes/community-server/changelogs/10.6/10.6.22 * https://mariadb.com/docs/release-notes/community-server/10.6/10.6.21 * https://mariadb.com/docs/release-notes/community-server/changelogs/10.6/10.6.21 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-3276=1 * Galera for Ericsson 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-ERICSSON-2025-3276=1 * Galera for Ericsson 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-ERICSSON-2025-3276=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * mariadb-10.6.23-150400.3.40.1 * mariadb-rpm-macros-10.6.23-150400.3.40.1 * mariadb-tools-debuginfo-10.6.23-150400.3.40.1 * mariadb-galera-10.6.23-150400.3.40.1 * mariadb-test-10.6.23-150400.3.40.1 * mariadb-debugsource-10.6.23-150400.3.40.1 * libmariadbd-devel-10.6.23-150400.3.40.1 * mariadb-bench-debuginfo-10.6.23-150400.3.40.1 * mariadb-client-10.6.23-150400.3.40.1 * mariadb-bench-10.6.23-150400.3.40.1 * mariadb-client-debuginfo-10.6.23-150400.3.40.1 *libmariadbd19-10.6.23-150400.3.40.1 * libmariadbd19-debuginfo-10.6.23-150400.3.40.1 * mariadb-test-debuginfo-10.6.23-150400.3.40.1 * mariadb-tools-10.6.23-150400.3.40.1 * mariadb-debuginfo-10.6.23-150400.3.40.1 * openSUSE Leap 15.4 (noarch) * mariadb-errormessages-10.6.23-150400.3.40.1 * Galera for Ericsson 15 SP4 (x86_64) * mariadb-galera-10.6.23-150400.3.40.1 * Galera for Ericsson 15 SP5 (x86_64) * mariadb-debugsource-10.6.23-150400.3.40.1 * mariadb-galera-10.6.23-150400.3.40.1 * mariadb-debuginfo-10.6.23-150400.3.40.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52969.html * https://www.suse.com/security/cve/CVE-2023-52970.html * https://www.suse.com/security/cve/CVE-2025-21490.html * https://www.suse.com/security/cve/CVE-2025-30693.html * https://www.suse.com/security/cve/CVE-2025-30722.html * https://bugzilla.suse.com/show_bug.cgi?id=1239150 * https://bugzilla.suse.com/show_bug.cgi?id=1239151 * https://bugzilla.suse.com/show_bug.cgi?id=1243356 * https://bugzilla.suse.com/show_bug.cgi?id=1249212 * https://bugzilla.suse.com/show_bug.cgi?id=1249213 . Red Hat releases critical security patches for PostgreSQL targeting various flaws to enhance system integrity and performance.. mariadb update, openSUSE patch, security advisory, database security. . LinuxSecurity.com Team
Sep 19, 2025
OpenSUSE
203
security advisorycriticalmemory corruptionMageia 9: MGASA-2025-0202 critical: catdoc memory overflow and corruptions
A memory corruption vulnerability exists in the Shared String Table Record Parser implementation in the xls2csv utility version 0.95. (CVE-2024-48877) An integer overflow vulnerability exists in the OLE Document File Allocation Table Parser functionality of catdoc 0.95. (CVE-2024-52035) . MGASA-2025-0202 - Updated catdoc packages fix security vulnerabilities Publication date: 05 Jul 2025 URL: https://advisories.mageia.org/MGASA-2025-0202.html Type: security Affected Mageia releases: 9 CVE: CVE-2024-48877, CVE-2024-52035, CVE-2024-54028 A memory corruption vulnerability exists in the Shared String Table Record Parser implementation in the xls2csv utility version 0.95. (CVE-2024-48877) An integer overflow vulnerability exists in the OLE Document File Allocation Table Parser functionality of catdoc 0.95. (CVE-2024-52035) An integer underflow vulnerability exists in the OLE Document DIFAT Parser functionality of catdoc 0.95. (CVE-2024-54028) References: - https://bugs.mageia.org/show_bug.cgi?id=34411 - - https://www.cve.org/CVERecord?id=CVE-2024-48877 - https://www.cve.org/CVERecord?id=CVE-2024-52035 - https://www.cve.org/CVERecord?id=CVE-2024-54028 SRPMS: - 9/core/catdoc-0.95-5.1.mga9 . Critical updates for catdoc on Mageia fix issues related to buffer overflow and memory leak vulnerabilities.. catdoc security update, Mageia vulnerability fix, memory corruption patch. . Severity: Critical. LinuxSecurity.com Team
Jul 05, 2025
•Critical
Mageia
202
security advisorysecurity issueupdateopenSUSE 15.4/15.5: 2023:4479-1 critical: PostgreSQL buffer overflow
This update for postgresql14 fixes the following issues: Security issues fixed:. # Security update for postgresql14 Announcement ID: SUSE-SU-2023:4479-1 Rating: important References: * bsc#1216022 * bsc#1216734 * bsc#1216960 * bsc#1216961 * bsc#1216962 Cross-References: * CVE-2023-5868 * CVE-2023-5869 * CVE-2023-5870 CVSS scores: * CVE-2023-5868 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-5869 ( SUSE ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2023-5870 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP4 * Legacy Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * Server Applications Module 15-SP4 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro 6.0 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAPApplications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Package Hub 15 15-SP4 * SUSE Package Hub 15 15-SP5 An update that solves three vulnerabilities and has two security fixes can now be installed. ## Description: This update for postgresql14 fixes the following issues: Security issues fixed: * CVE-2023-5868: Fix handling of unknown-type arguments in DISTINCT "any" aggregate functions. This error led to a text-type value being interpreted as an unknown-type value (that is, a zero-terminated string) at runtime. This could result in disclosure of server memory following the text value. (bsc#1216962) * CVE-2023-5869: Detect integer overflow while computing new array dimensions. When assigning new elements to array subscripts that are outside the current array bounds, an undetected integer overflow could occur in edge cases. Memory stomps that are potentially exploitable for arbitrary code execution are possible, and so is disclosure of server memory. (bsc#1216961) * CVE-2023-5870: Prevent the pg_signal_backend role from signalling background workers and autovacuum processes. The documentation says that pg_signal_backend cannot issue signals to superuser-owned processes. It was able to signal these background processes, though, because they advertise a role OID of zero. Treat that as indicating superuser ownership. The security implications of cancelling one of these process types are fairly small so far as the core code goes (we'll just start another one), but extensions might add background workers that are more vulnerable. Also ensure that the is_superuser parameter is set correctly in such processes. No specific security consequences are known for that oversight, but it might be significant for some extensions. (bsc#1216960) * update to 14.10: https://www.postgresql.org/docs/14/release-14-10.html * Overhaul postgresql-README.SUSE and move it fromthe binary package to the noarch wrapper package. * Change the unix domain socket location from /var/run to /run. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2023-4479=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2023-4479=1 * openSUSE Leap 15.4 zypper in -t patch openSUSE-SLE-15.4-2023-4479=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2023-4479=1 * Basesystem Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-4479=1 * Legacy Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP5-2023-4479=1 * SUSE Package Hub 15 15-SP4 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2023-4479=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2023-4479=1 * Server Applications Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP4-2023-4479=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2023-4479=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-4479=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2023-4479=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2023-4479=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2023-4479=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patchSUSE-SLE-Product-SLES_SAP-15-SP2-2023-4479=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * postgresql14-server-debuginfo-14.10-150200.5.36.1 * postgresql14-plpython-14.10-150200.5.36.1 * postgresql14-pltcl-debuginfo-14.10-150200.5.36.1 * postgresql14-debuginfo-14.10-150200.5.36.1 * postgresql14-devel-debuginfo-14.10-150200.5.36.1 * postgresql14-plperl-14.10-150200.5.36.1 * postgresql14-debugsource-14.10-150200.5.36.1 * postgresql14-devel-14.10-150200.5.36.1 * postgresql14-pltcl-14.10-150200.5.36.1 * postgresql14-plpython-debuginfo-14.10-150200.5.36.1 * postgresql14-contrib-debuginfo-14.10-150200.5.36.1 * postgresql14-14.10-150200.5.36.1 * postgresql14-server-devel-14.10-150200.5.36.1 * postgresql14-plperl-debuginfo-14.10-150200.5.36.1 * postgresql14-server-devel-debuginfo-14.10-150200.5.36.1 * postgresql14-contrib-14.10-150200.5.36.1 * postgresql14-server-14.10-150200.5.36.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * postgresql14-docs-14.10-150200.5.36.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * postgresql14-server-debuginfo-14.10-150200.5.36.1 * postgresql14-plpython-14.10-150200.5.36.1 * postgresql14-pltcl-debuginfo-14.10-150200.5.36.1 * postgresql14-debuginfo-14.10-150200.5.36.1 * postgresql14-devel-debuginfo-14.10-150200.5.36.1 * postgresql14-plperl-14.10-150200.5.36.1 * postgresql14-debugsource-14.10-150200.5.36.1 * postgresql14-devel-14.10-150200.5.36.1 * postgresql14-pltcl-14.10-150200.5.36.1 * postgresql14-plpython-debuginfo-14.10-150200.5.36.1 * postgresql14-contrib-debuginfo-14.10-150200.5.36.1 * postgresql14-14.10-150200.5.36.1 * postgresql14-server-devel-14.10-150200.5.36.1 * postgresql14-plperl-debuginfo-14.10-150200.5.36.1 * postgresql14-server-devel-debuginfo-14.10-150200.5.36.1 * postgresql14-contrib-14.10-150200.5.36.1 * postgresql14-server-14.10-150200.5.36.1 * SUSEEnterprise Storage 7.1 (noarch) * postgresql14-docs-14.10-150200.5.36.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * postgresql14-server-debuginfo-14.10-150200.5.36.1 * postgresql14-pltcl-debuginfo-14.10-150200.5.36.1 * postgresql14-debuginfo-14.10-150200.5.36.1 * postgresql14-plperl-14.10-150200.5.36.1 * postgresql14-debugsource-14.10-150200.5.36.1 * postgresql14-14.10-150200.5.36.1 * postgresql14-server-devel-14.10-150200.5.36.1 * postgresql14-llvmjit-14.10-150200.5.36.1 * postgresql14-plpython-14.10-150200.5.36.1 * postgresql14-devel-14.10-150200.5.36.1 * postgresql14-test-14.10-150200.5.36.1 * postgresql14-llvmjit-devel-14.10-150200.5.36.1 * postgresql14-llvmjit-debuginfo-14.10-150200.5.36.1 * postgresql14-devel-debuginfo-14.10-150200.5.36.1 * postgresql14-pltcl-14.10-150200.5.36.1 * postgresql14-plpython-debuginfo-14.10-150200.5.36.1 * postgresql14-contrib-debuginfo-14.10-150200.5.36.1 * postgresql14-plperl-debuginfo-14.10-150200.5.36.1 * postgresql14-server-devel-debuginfo-14.10-150200.5.36.1 * postgresql14-contrib-14.10-150200.5.36.1 * postgresql14-server-14.10-150200.5.36.1 * openSUSE Leap 15.4 (noarch) * postgresql14-docs-14.10-150200.5.36.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * postgresql14-server-debuginfo-14.10-150200.5.36.1 * postgresql14-pltcl-debuginfo-14.10-150200.5.36.1 * postgresql14-debuginfo-14.10-150200.5.36.1 * postgresql14-plperl-14.10-150200.5.36.1 * postgresql14-debugsource-14.10-150200.5.36.1 * postgresql14-14.10-150200.5.36.1 * postgresql14-server-devel-14.10-150200.5.36.1 * postgresql14-llvmjit-14.10-150200.5.36.1 * postgresql14-plpython-14.10-150200.5.36.1 * postgresql14-devel-14.10-150200.5.36.1 * postgresql14-test-14.10-150200.5.36.1 * postgresql14-llvmjit-devel-14.10-150200.5.36.1 * postgresql14-llvmjit-debuginfo-14.10-150200.5.36.1 * postgresql14-devel-debuginfo-14.10-150200.5.36.1 *postgresql14-pltcl-14.10-150200.5.36.1 * postgresql14-plpython-debuginfo-14.10-150200.5.36.1 * postgresql14-contrib-debuginfo-14.10-150200.5.36.1 * postgresql14-plperl-debuginfo-14.10-150200.5.36.1 * postgresql14-server-devel-debuginfo-14.10-150200.5.36.1 * postgresql14-contrib-14.10-150200.5.36.1 * postgresql14-server-14.10-150200.5.36.1 * openSUSE Leap 15.5 (noarch) * postgresql14-docs-14.10-150200.5.36.1 * Basesystem Module 15-SP4 (aarch64 ppc64le s390x x86_64) * postgresql14-debugsource-14.10-150200.5.36.1 * postgresql14-14.10-150200.5.36.1 * postgresql14-debuginfo-14.10-150200.5.36.1 * Legacy Module 15-SP5 (aarch64 ppc64le s390x x86_64) * postgresql14-llvmjit-14.10-150200.5.36.1 * postgresql14-plpython-14.10-150200.5.36.1 * postgresql14-pltcl-debuginfo-14.10-150200.5.36.1 * postgresql14-debuginfo-14.10-150200.5.36.1 * postgresql14-devel-debuginfo-14.10-150200.5.36.1 * postgresql14-server-debuginfo-14.10-150200.5.36.1 * postgresql14-plperl-14.10-150200.5.36.1 * postgresql14-debugsource-14.10-150200.5.36.1 * postgresql14-devel-14.10-150200.5.36.1 * postgresql14-llvmjit-devel-14.10-150200.5.36.1 * postgresql14-plpython-debuginfo-14.10-150200.5.36.1 * postgresql14-pltcl-14.10-150200.5.36.1 * postgresql14-contrib-debuginfo-14.10-150200.5.36.1 * postgresql14-14.10-150200.5.36.1 * postgresql14-server-devel-14.10-150200.5.36.1 * postgresql14-plperl-debuginfo-14.10-150200.5.36.1 * postgresql14-server-devel-debuginfo-14.10-150200.5.36.1 * postgresql14-llvmjit-debuginfo-14.10-150200.5.36.1 * postgresql14-contrib-14.10-150200.5.36.1 * postgresql14-server-14.10-150200.5.36.1 * Legacy Module 15-SP5 (noarch) * postgresql14-docs-14.10-150200.5.36.1 * SUSE Package Hub 15 15-SP4 (aarch64 ppc64le s390x x86_64) * postgresql14-llvmjit-14.10-150200.5.36.1 * postgresql14-debuginfo-14.10-150200.5.36.1 * postgresql14-debugsource-14.10-150200.5.36.1 *postgresql14-llvmjit-devel-14.10-150200.5.36.1 * postgresql14-llvmjit-debuginfo-14.10-150200.5.36.1 * postgresql14-test-14.10-150200.5.36.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * postgresql14-llvmjit-14.10-150200.5.36.1 * postgresql14-debuginfo-14.10-150200.5.36.1 * postgresql14-debugsource-14.10-150200.5.36.1 * postgresql14-llvmjit-debuginfo-14.10-150200.5.36.1 * postgresql14-test-14.10-150200.5.36.1 * Server Applications Module 15-SP4 (aarch64 ppc64le s390x x86_64) * postgresql14-server-debuginfo-14.10-150200.5.36.1 * postgresql14-plpython-14.10-150200.5.36.1 * postgresql14-pltcl-debuginfo-14.10-150200.5.36.1 * postgresql14-debuginfo-14.10-150200.5.36.1 * postgresql14-devel-debuginfo-14.10-150200.5.36.1 * postgresql14-plperl-14.10-150200.5.36.1 * postgresql14-debugsource-14.10-150200.5.36.1 * postgresql14-devel-14.10-150200.5.36.1 * postgresql14-pltcl-14.10-150200.5.36.1 * postgresql14-plpython-debuginfo-14.10-150200.5.36.1 * postgresql14-contrib-debuginfo-14.10-150200.5.36.1 * postgresql14-server-devel-14.10-150200.5.36.1 * postgresql14-plperl-debuginfo-14.10-150200.5.36.1 * postgresql14-server-devel-debuginfo-14.10-150200.5.36.1 * postgresql14-contrib-14.10-150200.5.36.1 * postgresql14-server-14.10-150200.5.36.1 * Server Applications Module 15-SP4 (noarch) * postgresql14-docs-14.10-150200.5.36.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * postgresql14-server-debuginfo-14.10-150200.5.36.1 * postgresql14-plpython-14.10-150200.5.36.1 * postgresql14-pltcl-debuginfo-14.10-150200.5.36.1 * postgresql14-debuginfo-14.10-150200.5.36.1 * postgresql14-devel-debuginfo-14.10-150200.5.36.1 * postgresql14-plperl-14.10-150200.5.36.1 * postgresql14-debugsource-14.10-150200.5.36.1 * postgresql14-devel-14.10-150200.5.36.1 * postgresql14-pltcl-14.10-150200.5.36.1 * postgresql14-plpython-debuginfo-14.10-150200.5.36.1 * postgresql14-contrib-debuginfo-14.10-150200.5.36.1 * postgresql14-14.10-150200.5.36.1 * postgresql14-server-devel-14.10-150200.5.36.1 * postgresql14-plperl-debuginfo-14.10-150200.5.36.1 * postgresql14-server-devel-debuginfo-14.10-150200.5.36.1 * postgresql14-contrib-14.10-150200.5.36.1 * postgresql14-server-14.10-150200.5.36.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * postgresql14-docs-14.10-150200.5.36.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (aarch64 x86_64) * postgresql14-server-debuginfo-14.10-150200.5.36.1 * postgresql14-plpython-14.10-150200.5.36.1 * postgresql14-pltcl-debuginfo-14.10-150200.5.36.1 * postgresql14-debuginfo-14.10-150200.5.36.1 * postgresql14-devel-debuginfo-14.10-150200.5.36.1 * postgresql14-plperl-14.10-150200.5.36.1 * postgresql14-debugsource-14.10-150200.5.36.1 * postgresql14-devel-14.10-150200.5.36.1 * postgresql14-pltcl-14.10-150200.5.36.1 * postgresql14-plpython-debuginfo-14.10-150200.5.36.1 * postgresql14-contrib-debuginfo-14.10-150200.5.36.1 * postgresql14-14.10-150200.5.36.1 * postgresql14-server-devel-14.10-150200.5.36.1 * postgresql14-plperl-debuginfo-14.10-150200.5.36.1 * postgresql14-server-devel-debuginfo-14.10-150200.5.36.1 * postgresql14-contrib-14.10-150200.5.36.1 * postgresql14-server-14.10-150200.5.36.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (noarch) * postgresql14-docs-14.10-150200.5.36.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * postgresql14-server-debuginfo-14.10-150200.5.36.1 * postgresql14-plpython-14.10-150200.5.36.1 * postgresql14-pltcl-debuginfo-14.10-150200.5.36.1 * postgresql14-debuginfo-14.10-150200.5.36.1 * postgresql14-devel-debuginfo-14.10-150200.5.36.1 * postgresql14-plperl-14.10-150200.5.36.1 * postgresql14-debugsource-14.10-150200.5.36.1 * postgresql14-devel-14.10-150200.5.36.1 * postgresql14-pltcl-14.10-150200.5.36.1 * postgresql14-plpython-debuginfo-14.10-150200.5.36.1 * postgresql14-contrib-debuginfo-14.10-150200.5.36.1 * postgresql14-14.10-150200.5.36.1 * postgresql14-server-devel-14.10-150200.5.36.1 * postgresql14-plperl-debuginfo-14.10-150200.5.36.1 * postgresql14-server-devel-debuginfo-14.10-150200.5.36.1 * postgresql14-contrib-14.10-150200.5.36.1 * postgresql14-server-14.10-150200.5.36.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * postgresql14-docs-14.10-150200.5.36.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * postgresql14-server-debuginfo-14.10-150200.5.36.1 * postgresql14-plpython-14.10-150200.5.36.1 * postgresql14-pltcl-debuginfo-14.10-150200.5.36.1 * postgresql14-debuginfo-14.10-150200.5.36.1 * postgresql14-devel-debuginfo-14.10-150200.5.36.1 * postgresql14-plperl-14.10-150200.5.36.1 * postgresql14-debugsource-14.10-150200.5.36.1 * postgresql14-devel-14.10-150200.5.36.1 * postgresql14-pltcl-14.10-150200.5.36.1 * postgresql14-plpython-debuginfo-14.10-150200.5.36.1 * postgresql14-contrib-debuginfo-14.10-150200.5.36.1 * postgresql14-14.10-150200.5.36.1 * postgresql14-server-devel-14.10-150200.5.36.1 * postgresql14-plperl-debuginfo-14.10-150200.5.36.1 * postgresql14-server-devel-debuginfo-14.10-150200.5.36.1 * postgresql14-contrib-14.10-150200.5.36.1 * postgresql14-server-14.10-150200.5.36.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * postgresql14-docs-14.10-150200.5.36.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * postgresql14-server-debuginfo-14.10-150200.5.36.1 * postgresql14-plpython-14.10-150200.5.36.1 * postgresql14-pltcl-debuginfo-14.10-150200.5.36.1 * postgresql14-debuginfo-14.10-150200.5.36.1 * postgresql14-devel-debuginfo-14.10-150200.5.36.1 * postgresql14-plperl-14.10-150200.5.36.1 *postgresql14-debugsource-14.10-150200.5.36.1 * postgresql14-devel-14.10-150200.5.36.1 * postgresql14-pltcl-14.10-150200.5.36.1 * postgresql14-plpython-debuginfo-14.10-150200.5.36.1 * postgresql14-contrib-debuginfo-14.10-150200.5.36.1 * postgresql14-14.10-150200.5.36.1 * postgresql14-server-devel-14.10-150200.5.36.1 * postgresql14-plperl-debuginfo-14.10-150200.5.36.1 * postgresql14-server-devel-debuginfo-14.10-150200.5.36.1 * postgresql14-contrib-14.10-150200.5.36.1 * postgresql14-server-14.10-150200.5.36.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * postgresql14-docs-14.10-150200.5.36.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * postgresql14-server-debuginfo-14.10-150200.5.36.1 * postgresql14-plpython-14.10-150200.5.36.1 * postgresql14-pltcl-debuginfo-14.10-150200.5.36.1 * postgresql14-debuginfo-14.10-150200.5.36.1 * postgresql14-devel-debuginfo-14.10-150200.5.36.1 * postgresql14-plperl-14.10-150200.5.36.1 * postgresql14-debugsource-14.10-150200.5.36.1 * postgresql14-devel-14.10-150200.5.36.1 * postgresql14-pltcl-14.10-150200.5.36.1 * postgresql14-plpython-debuginfo-14.10-150200.5.36.1 * postgresql14-contrib-debuginfo-14.10-150200.5.36.1 * postgresql14-14.10-150200.5.36.1 * postgresql14-server-devel-14.10-150200.5.36.1 * postgresql14-plperl-debuginfo-14.10-150200.5.36.1 * postgresql14-server-devel-debuginfo-14.10-150200.5.36.1 * postgresql14-contrib-14.10-150200.5.36.1 * postgresql14-server-14.10-150200.5.36.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * postgresql14-docs-14.10-150200.5.36.1 ## References: * https://www.suse.com/security/cve/CVE-2023-5868.html * https://www.suse.com/security/cve/CVE-2023-5869.html * https://www.suse.com/security/cve/CVE-2023-5870.html * https://bugzilla.suse.com/show_bug.cgi?id=1216022 * https://bugzilla.suse.com/show_bug.cgi?id=1216734 *https://bugzilla.suse.com/show_bug.cgi?id=1216960 * https://bugzilla.suse.com/show_bug.cgi?id=1216961 * https://bugzilla.suse.com/show_bug.cgi?id=1216962 . Crucial patch released for postgresql14 targeting significant flaws and weaknesses that demand prompt action.. PostgreSQL Security, openSUSE Update, Database Vulnerabilities, Postgresql14 Exploits. . Severity: Critical. LinuxSecurity.com Team
Nov 20, 2023
•Critical
OpenSUSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!