Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 23 articles for you...
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoraremote exploit

Fedora 42 docker-buildkit Vulnerable to CVE-2026-39984 Certificate Issues

Update to release v0.30.0 Resolves CVE-2026-39984: rhbz#2458929 Upstream new features and fixes. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-0adc4a8098 2026-05-23 16:00:29.000904+00:00 -------------------------------------------------------------------------------- Name : docker-buildkit Product : Fedora 42 Version : 0.30.0 Release : 1.fc42 URL : https://github.com/moby/buildkit Summary : Concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit Description : Concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit. -------------------------------------------------------------------------------- Update Information: Update to release v0.30.0 Resolves CVE-2026-39984: rhbz#2458929 Upstream new features and fixes -------------------------------------------------------------------------------- ChangeLog: * Wed May 13 2026 Bradley G Smith - 0.30.0-1 - Update to release v0.30.0 - Resolves CVE-2026-39984: rhbz#2458929 - Upstream new features and fixes -------------------------------------------------------------------------------- References: [ 1 ] Bug #2458929 - CVE-2026-39984 docker-buildkit: improper certificate validation in verifier [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2458929 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-0adc4a8098' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Critical update for Fedora 42 docker-buildkit resolves CVE-2026-39984 improper certificate validation issue.. Fedora Update, docker-buildkit Vulnerability, CVE-2026-39984, Security Advisory. . Severity: Important. LinuxSecurity.com Team

Calendar 2 May 23, 2026 Important Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoraCVE

Fedora 43 docker-buildkit Moderate CVE-2026-39984 Improper Validation Issue

Update to release v0.30.0 Resolves CVE-2026-39984: rhbz#2458929 Upstream new features and fixes. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-36769a9e58 2026-05-23 15:47:52.432903+00:00 -------------------------------------------------------------------------------- Name : docker-buildkit Product : Fedora 43 Version : 0.30.0 Release : 1.fc43 URL : https://github.com/moby/buildkit Summary : Concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit Description : Concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit. -------------------------------------------------------------------------------- Update Information: Update to release v0.30.0 Resolves CVE-2026-39984: rhbz#2458929 Upstream new features and fixes -------------------------------------------------------------------------------- ChangeLog: * Wed May 13 2026 Bradley G Smith - 0.30.0-1 - Update to release v0.30.0 - Resolves CVE-2026-39984: rhbz#2458929 - Upstream new features and fixes -------------------------------------------------------------------------------- References: [ 1 ] Bug #2458929 - CVE-2026-39984 docker-buildkit: improper certificate validation in verifier [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2458929 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-36769a9e58' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Update for Fedora 43 docker-buildkit resolves CVE-2026-39984 and improves security features in the toolkit.. docker-buildkit updates,CVE fixes,Fedora security,software update. . Severity: Important. LinuxSecurity.com Team

Calendar 2 May 23, 2026 Important Fedora
Banner 1 1028x280 1708121660 1771599717
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoraimportant

Fedora 43 docker-buildx Important Improper Certificate Valid CVE-2026-39984

Update to release v0.34.0 Resolves: rhbz#2467576 Resolves CVE-2026-39984: rhbz#2458930 Upstream new features and fixes. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-6d1dd77956 2026-05-23 15:47:52.432901+00:00 -------------------------------------------------------------------------------- Name : docker-buildx Product : Fedora 43 Version : 0.34.0 Release : 1.fc43 URL : https://github.com/docker/buildx Summary : Docker CLI plugin for extended build capabilities with BuildKit Description : Docker CLI plugin for extended build capabilities with BuildKit. -------------------------------------------------------------------------------- Update Information: Update to release v0.34.0 Resolves: rhbz#2467576 Resolves CVE-2026-39984: rhbz#2458930 Upstream new features and fixes -------------------------------------------------------------------------------- ChangeLog: * Wed May 13 2026 Bradley G Smith - 0.34.0-1 - Update to release v0.34.0 - Resolves: rhbz#2467576 - Resolves CVE-2026-39984: rhbz#2458930 - Upstream new features and fixes * Thu Apr 2 2026 Bradley G Smith - 0.33.0-2 - Update to new spec file - Regenerate spec file using go2rpm - Use gocheck2. Current v0.33.0 release will sometimes fail during check phase with an https related test. No obvious pattern related to architecture. gocheck2 will allow for test to be skipped if needed -------------------------------------------------------------------------------- References: [ 1 ] Bug #2458930 - CVE-2026-39984 docker-buildx: improper certificate validation in verifier [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2458930 [ 2 ] Bug #2467576 - docker-buildx-0.34.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2467576 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su-c 'dnf upgrade --advisory FEDORA-2026-6d1dd77956' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Fedora 43 docker-buildx updated to fix improper certificate validation; detailed security advisory inside.. docker-buildx update, Fedora 43 security, certificate validation fix, security patch. . Severity: Important. LinuxSecurity.com Team

Calendar 2 May 23, 2026 Important Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoracontainer security

Fedora 44 docker-buildx 0.34.0 CVE-2026-39984 Fix Improper Validation

Update to release v0.34.0 Resolves: rhbz#2467576 Resolves CVE-2026-39984: rhbz#2458930 Upstream new features and fixes. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-7f8de90b74 2026-05-23 00:56:16.173313+00:00 -------------------------------------------------------------------------------- Name : docker-buildx Product : Fedora 44 Version : 0.34.0 Release : 1.fc44 URL : https://github.com/docker/buildx Summary : Docker CLI plugin for extended build capabilities with BuildKit Description : Docker CLI plugin for extended build capabilities with BuildKit. -------------------------------------------------------------------------------- Update Information: Update to release v0.34.0 Resolves: rhbz#2467576 Resolves CVE-2026-39984: rhbz#2458930 Upstream new features and fixes -------------------------------------------------------------------------------- ChangeLog: * Wed May 13 2026 Bradley G Smith - 0.34.0-1 - Update to release v0.34.0 - Resolves: rhbz#2467576 - Resolves CVE-2026-39984: rhbz#2458930 - Upstream new features and fixes * Thu Apr 2 2026 Bradley G Smith - 0.33.0-2 - Update to new spec file - Regenerate spec file using go2rpm - Use gocheck2. Current v0.33.0 release will sometimes fail during check phase with an https related test. No obvious pattern related to architecture. gocheck2 will allow for test to be skipped if needed -------------------------------------------------------------------------------- References: [ 1 ] Bug #2458930 - CVE-2026-39984 docker-buildx: improper certificate validation in verifier [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2458930 [ 2 ] Bug #2467576 - docker-buildx-0.34.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2467576 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su-c 'dnf upgrade --advisory FEDORA-2026-7f8de90b74' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Update to Fedora 44 docker-buildx v0.34.0 resolves CVE-2026-39984 with new features and security fixes.. Fedora 44 security update, docker-buildx CVE-2026-39984, container security update. . Severity: Important. LinuxSecurity.com Team

Calendar 2 May 23, 2026 Important Fedora
Banner 1 1028x280 1708121660 1771599717
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorymoderateSuSE

SUSE Cargo-C Moderate Update for Three Issues CVE-2024-12224

An update that solves three vulnerabilities can now be installed.. # Security update for cargo-c Announcement ID: SUSE-SU-2026:20096-1 Release Date: 2026-01-19T10:42:10Z Rating: moderate References: * bsc#1243179 * bsc#1243851 * bsc#1249012 Cross-References: * CVE-2024-12224 * CVE-2025-4574 * CVE-2025-58160 CVSS scores: * CVE-2024-12224 ( SUSE ): 2.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-12224 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2024-12224 ( NVD ): 5.1 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-4574 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-4574 ( SUSE ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-4574 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2025-58160 ( SUSE ): 2.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-58160 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2025-58160 ( NVD ): 2.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP Applications 16.0 An update that solves three vulnerabilities can now be installed. ## Description: This update for cargo-c fixes the following issues: * CVE-2025-4574: crossbeam-channel: Fixed double-free on drop in Channel::discard_all_messages (bsc#1243179) * CVE-2025-58160: tracing-subscriber: Fixed log pollution (bsc#1249012) * CVE-2024-12224: idna: Fixed improper validation of Punycode labels (bsc#1243851) Other fixes: \- Fixed _service file to have proper versioning \- Update to version 0.10.15~git0.3e178d5:* Bump actions/download-artifact from 4 to 5 * Update implib requirement from 0.3.5 to 0.4.0 * Add rlib to the targets when building tests * Allow disabling emission of library version constants in header files * Bump to cargo 0.90 * Fix static_libraries swallowing sequence of -framework flags * Fix non-POSIX paths in Libdir under Windows * Bump actions- rs-plus/clippy-check from 2.2.1 to 2.3.0 * Fix clippy lints * Bump cargo-0.89, object-0.37.1, cbindgen-0.29 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-153=1 * SUSE Linux Enterprise Server for SAP Applications 16.0 zypper in -t patch SUSE-SLES-16.0-153=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * cargo-c-0.10.15-160000.1.1 * cargo-c-debugsource-0.10.15-160000.1.1 * cargo-c-debuginfo-0.10.15-160000.1.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (ppc64le x86_64) * cargo-c-0.10.15-160000.1.1 * cargo-c-debugsource-0.10.15-160000.1.1 * cargo-c-debuginfo-0.10.15-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2024-12224.html * https://www.suse.com/security/cve/CVE-2025-4574.html * https://www.suse.com/security/cve/CVE-2025-58160.html * https://bugzilla.suse.com/show_bug.cgi?id=1243179 * https://bugzilla.suse.com/show_bug.cgi?id=1243851 * https://bugzilla.suse.com/show_bug.cgi?id=1249012 . An essential update for SUSE cargo-c resolves critical issues and vulnerabilities. Ensure timely installation for security.. SUSE Linux Updates,cargo-c vulnerabilities,security fixes,crossbeam-channel. . LinuxSecurity.com Team

Calendar 2 Jan 23, 2026 SuSE
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoraDoS

Fedora 42: Fix for qt6-qtdeclarative Denial of Service CVE-2025-12385

CVE-2025-12385: Fix improper validation of img tag size in Text component parser. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-62d125612b 2025-12-16 01:13:25.255156+00:00 -------------------------------------------------------------------------------- Name : qt6-qtdeclarative Product : Fedora 42 Version : 6.9.3 Release : 2.fc42 URL : http://www.qt.io Summary : Qt6 - QtDeclarative component Description : Qt6 - QtDeclarative component. -------------------------------------------------------------------------------- Update Information: CVE-2025-12385: Fix improper validation of img tag size in Text component parser -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 5 2025 Jan Grulich - 6.9.3-2 - Fix improper validation of img tag size in Text component parser Resolves: CVE-2025-12385 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-62d125612b' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives:https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . Fixes an improper img tag size validation flaw in the QtDeclarative component for Fedora 42, enhancing security.. Fedora QtDeclarative update img security. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Dec 16, 2025 Important Fedora
Banner 1 1028x280 1708121660 1771599717
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorylowOpenSUSE

openSUSE: cmake Low Severity Update CVE-2025-9301 Advisory 2025:3812-1

An update that solves one vulnerability can now be installed.. # Security update for cmake Announcement ID: SUSE-SU-2025:3812-1 Release Date: 2025-10-27T16:13:37Z Rating: low References: * bsc#1248461 Cross-References: * CVE-2025-9301 CVSS scores: * CVE-2025-9301 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-9301 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-9301 ( NVD ): 1.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-9301 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L Affected Products: * Basesystem Module 15-SP6 * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for cmake fixes the following issues: * CVE-2025-9301: Fixed assertion failure due to improper validation (bsc#1248461) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-3812=1 openSUSE-SLE-15.6-2025-3812=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-3812=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-3812=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) *cmake-gui-debuginfo-3.28.3-150600.3.3.1 * cmake-full-debugsource-3.28.3-150600.3.3.1 * cmake-full-debuginfo-3.28.3-150600.3.3.1 * cmake-ui-debugsource-3.28.3-150600.3.3.1 * cmake-mini-debuginfo-3.28.3-150600.3.3.1 * cmake-mini-3.28.3-150600.3.3.1 * cmake-gui-3.28.3-150600.3.3.1 * cmake-3.28.3-150600.3.3.1 * cmake-mini-debugsource-3.28.3-150600.3.3.1 * cmake-full-3.28.3-150600.3.3.1 * cmake-man-3.28.3-150600.3.3.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * cmake-full-debugsource-3.28.3-150600.3.3.1 * cmake-full-3.28.3-150600.3.3.1 * cmake-3.28.3-150600.3.3.1 * cmake-full-debuginfo-3.28.3-150600.3.3.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * cmake-full-debugsource-3.28.3-150600.3.3.1 * cmake-full-3.28.3-150600.3.3.1 * cmake-3.28.3-150600.3.3.1 * cmake-full-debuginfo-3.28.3-150600.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-9301.html * https://bugzilla.suse.com/show_bug.cgi?id=1248461 . Update for openSUSE fixes low severity issue in cmake due to improper validation, CVE-2025-9301 included.. openSUSE Security Patch, cmake Update, Low Severity Vulnerability, CVE-2025-9301, improper validation. . Severity: Low. LinuxSecurity.com Team

Calendar 2 Oct 27, 2025 Low OpenSUSE
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorymoderateSuSE

SUSE: sevctl Moderate CVE-2024-12224 Use-After-Free Fix 2025:03306-1

* bsc#1242618 * bsc#1243860 Cross-References: * CVE-2024-12224 . # Security update for sevctl Announcement ID: SUSE-SU-2025:03306-1 Release Date: 2025-09-23T13:13:44Z Rating: moderate References: * bsc#1242618 * bsc#1243860 Cross-References: * CVE-2024-12224 * CVE-2025-3416 CVSS scores: * CVE-2024-12224 ( SUSE ): 2.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-12224 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2024-12224 ( NVD ): 5.1 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-3416 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-3416 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-3416 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * Server Applications Module 15-SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves two vulnerabilities can now be installed. ## Description: This update for sevctl fixes the following issues: * CVE-2024-12224: idna: Fixed improper validation of unsafe equivalence in punycode. (bsc#1243860) * CVE-2025-3416: openssl: Fixed use-after-free in Md::fetch and Cipher::fetch (bsc#1242618) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Server Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2025-3306=1 ## Package List: * Server Applications Module 15-SP7 (x86_64) * sevctl-debuginfo-0.6.0-150700.3.3.1 * sevctl-0.6.0-150700.3.3.1 * sevctl-debugsource-0.6.0-150700.3.3.1 ## References: *https://www.suse.com/security/cve/CVE-2024-12224.html * https://www.suse.com/security/cve/CVE-2025-3416.html * https://bugzilla.suse.com/show_bug.cgi?id=1242618 * https://bugzilla.suse.com/show_bug.cgi?id=1243860 . SUSE has released updates for sevctl that resolve notable security concerns, specifically those involving inadequate validation and use-after-free flaws.. SUSE sevctl security issues, patch notification, moderate severity updates. . LinuxSecurity.com Team

Calendar 2 Sep 23, 2025 SuSE
Banner 1 1028x280 1708121660 1771599717
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here