Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 524
Alerts This Week
Warning Icon 1 524

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 307 articles for you...
202

openSUSE glib-networking Moderate Infinite Loop Issue Vuln 2026-3032-1

An update that solves one vulnerability can now be installed.. # Security update for glib-networking Announcement ID: SUSE-SU-2026:3032-1 Release Date: 2026-07-15T09:53:56Z Rating: moderate References: * bsc#1267979 Cross-References: * CVE-2026-10028 CVSS scores: * CVE-2026-10028 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-10028 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-10028 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L Affected Products: * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for glib-networking fixes the following issue * CVE-2026-10028: two certificates which are each signed by the other can lead to an infinite loop (bsc#1267979). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-3032=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-3032=1 ## Package List: * openSUSE Leap 15.6 (aarch64 i586 ppc64le s390x x86_64) * glib-networking-debugsource-2.78.0-150600.3.3.1 * glib-networking-2.78.0-150600.3.3.1 * glib-networking-debuginfo-2.78.0-150600.3.3.1 * openSUSE Leap 15.6 (x86_64) * glib-networking-32bit-debuginfo-2.78.0-150600.3.3.1 * glib-networking-32bit-2.78.0-150600.3.3.1 * openSUSE Leap 15.6 (aarch64_ilp32) * glib-networking-64bit-debuginfo-2.78.0-150600.3.3.1 * glib-networking-64bit-2.78.0-150600.3.3.1 * openSUSE Leap 15.6 (noarch) * glib-networking-lang-2.78.0-150600.3.3.1 *Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * glib-networking-debugsource-2.78.0-150600.3.3.1 * glib-networking-2.78.0-150600.3.3.1 * glib-networking-debuginfo-2.78.0-150600.3.3.1 * Basesystem Module 15-SP7 (noarch) * glib-networking-lang-2.78.0-150600.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-10028.html * https://bugzilla.suse.com/show_bug.cgi?id=1267979 . Update available for glib-networking on openSUSE addressing a moderate issue involving an infinite loop from certificates.. glib-networking update opensuse CVE-2026-10028 security patch. . Severity: moderate. LinuxSecurity.com Team

Calendar%202 Jul 15, 2026 moderate OpenSUSE
100

SUSE 2026-2850-1 Terraform Providers Important Infinite Loop Fix

An update that solves one vulnerability and has one security fix can now be installed.. # Security update for terraform-provider-aws, terraform-provider-azurerm, terraform-provider-external, terraform-provider-google, terraform-provider-helm, terraform-provider-kubernetes, terraform-provid Announcement ID: SUSE-SU-2026:2850-1 Release Date: 2026-07-10T12:48:09Z Rating: important References: * bsc#1265678 * bsc#1265700 Cross-References: * CVE-2026-33814 CVSS scores: * CVE-2026-33814 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Public Cloud Module 15-SP4 * Public Cloud Module 15-SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for terraform-provider-aws, terraform-provider-azurerm, terraform- provider-external, terraform-provider-google, terraform-provider-helm, terraform-provider-kubernetes, terraform-provider-random, terraform-provider- susepubliccloud, terraform-provider-tls fixes the following issue * CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE (bsc#1265678, bsc#1265700). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run thecommand listed for your product: * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2026-2850=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2026-2850=1 ## Package List: * Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64) * terraform-provider-kubernetes-1.13.2-150200.6.9.1 * terraform-provider-susepubliccloud-0.0.1-150100.3.11.1 * terraform-provider-random-3.0.0-150200.6.12.1 * terraform-provider-tls-3.0.0-150200.5.12.1 * terraform-provider-aws-3.11.0-150200.6.15.2 * terraform-provider-google-3.43.0-150200.6.9.2 * terraform-provider-helm-2.9.0-150200.6.20.2 * terraform-provider-azurerm-2.32.0-150200.6.9.2 * terraform-provider-external-2.0.0-150200.6.9.2 * Public Cloud Module 15-SP5 (aarch64 ppc64le s390x x86_64) * terraform-provider-kubernetes-1.13.2-150200.6.9.1 * terraform-provider-susepubliccloud-0.0.1-150100.3.11.1 * terraform-provider-random-3.0.0-150200.6.12.1 * terraform-provider-tls-3.0.0-150200.5.12.1 * terraform-provider-aws-3.11.0-150200.6.15.2 * terraform-provider-google-3.43.0-150200.6.9.2 * terraform-provider-helm-2.9.0-150200.6.20.2 * terraform-provider-azurerm-2.32.0-150200.6.9.2 * terraform-provider-external-2.0.0-150200.6.9.2 ## References: * https://www.suse.com/security/cve/CVE-2026-33814.html * https://bugzilla.suse.com/show_bug.cgi?id=1265678 * https://bugzilla.suse.com/show_bug.cgi?id=1265700 . Resolve an infinite loop issue in Terraform providers with this important security update for SUSE systems.. terraform providers, SUSE updates, security patch, cloud infrastructure, system vulnerabilities. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 10, 2026 Important SuSE
202

openSUSE glib-networking Moderate Infinite Loop Issue SUSE-SU-2026-2810-1

An update that solves one vulnerability can now be installed.. # Security update for glib-networking Announcement ID: SUSE-SU-2026:2810-1 Release Date: 2026-07-09T06:14:47Z Rating: moderate References: * bsc#1267979 Cross-References: * CVE-2026-10028 CVSS scores: * CVE-2026-10028 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-10028 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-10028 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves one vulnerability can now be installed. ## Description: This update for glib-networking fixes the following issue * CVE-2026-10028: two certificates which are each signed by the other can lead to an infinite loop (bsc#1267979). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-2810=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2810=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2810=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2810=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2810=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2810=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * glib-networking-2.70.1-150400.3.3.1 * glib-networking-debuginfo-2.70.1-150400.3.3.1 *glib-networking-debugsource-2.70.1-150400.3.3.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * glib-networking-2.70.1-150400.3.3.1 * glib-networking-debuginfo-2.70.1-150400.3.3.1 * glib-networking-debugsource-2.70.1-150400.3.3.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * glib-networking-2.70.1-150400.3.3.1 * glib-networking-debuginfo-2.70.1-150400.3.3.1 * glib-networking-debugsource-2.70.1-150400.3.3.1 * openSUSE Leap 15.4 (aarch64 i586 ppc64le s390x x86_64) * glib-networking-2.70.1-150400.3.3.1 * glib-networking-debuginfo-2.70.1-150400.3.3.1 * glib-networking-debugsource-2.70.1-150400.3.3.1 * openSUSE Leap 15.4 (aarch64_ilp32) * glib-networking-64bit-2.70.1-150400.3.3.1 * glib-networking-64bit-debuginfo-2.70.1-150400.3.3.1 * openSUSE Leap 15.4 (x86_64) * glib-networking-32bit-debuginfo-2.70.1-150400.3.3.1 * glib-networking-32bit-2.70.1-150400.3.3.1 * openSUSE Leap 15.4 (noarch) * glib-networking-lang-2.70.1-150400.3.3.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * glib-networking-2.70.1-150400.3.3.1 * glib-networking-debuginfo-2.70.1-150400.3.3.1 * glib-networking-debugsource-2.70.1-150400.3.3.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * glib-networking-2.70.1-150400.3.3.1 * glib-networking-debuginfo-2.70.1-150400.3.3.1 * glib-networking-debugsource-2.70.1-150400.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-10028.html * https://bugzilla.suse.com/show_bug.cgi?id=1267979 . Update for glib-networking addresses CVE-2026-10028 with moderate severity, fix infinite loop issues in SUSE products.. openSUSE update, glib-networking patch, security fix, moderate severity, CVE-2026-10028. . Severity: moderate. LinuxSecurity.com Team

Calendar%202 Jul 09, 2026 moderate OpenSUSE
100

SUSE glib-networking Moderate Infinite Loop Vulnern 2026-2810-1

An update that solves one vulnerability can now be installed.. # Security update for glib-networking Announcement ID: SUSE-SU-2026:2810-1 Release Date: 2026-07-09T06:14:47Z Rating: moderate References: * bsc#1267979 Cross-References: * CVE-2026-10028 CVSS scores: * CVE-2026-10028 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-10028 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-10028 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves one vulnerability can now be installed. ## Description: This update for glib-networking fixes the following issue * CVE-2026-10028: two certificates which are each signed by the other can lead to an infinite loop (bsc#1267979). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-2810=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2810=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2810=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2810=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2810=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2810=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * glib-networking-2.70.1-150400.3.3.1 * glib-networking-debuginfo-2.70.1-150400.3.3.1 *glib-networking-debugsource-2.70.1-150400.3.3.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * glib-networking-2.70.1-150400.3.3.1 * glib-networking-debuginfo-2.70.1-150400.3.3.1 * glib-networking-debugsource-2.70.1-150400.3.3.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * glib-networking-2.70.1-150400.3.3.1 * glib-networking-debuginfo-2.70.1-150400.3.3.1 * glib-networking-debugsource-2.70.1-150400.3.3.1 * openSUSE Leap 15.4 (aarch64 i586 ppc64le s390x x86_64) * glib-networking-2.70.1-150400.3.3.1 * glib-networking-debuginfo-2.70.1-150400.3.3.1 * glib-networking-debugsource-2.70.1-150400.3.3.1 * openSUSE Leap 15.4 (aarch64_ilp32) * glib-networking-64bit-2.70.1-150400.3.3.1 * glib-networking-64bit-debuginfo-2.70.1-150400.3.3.1 * openSUSE Leap 15.4 (x86_64) * glib-networking-32bit-debuginfo-2.70.1-150400.3.3.1 * glib-networking-32bit-2.70.1-150400.3.3.1 * openSUSE Leap 15.4 (noarch) * glib-networking-lang-2.70.1-150400.3.3.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * glib-networking-2.70.1-150400.3.3.1 * glib-networking-debuginfo-2.70.1-150400.3.3.1 * glib-networking-debugsource-2.70.1-150400.3.3.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * glib-networking-2.70.1-150400.3.3.1 * glib-networking-debuginfo-2.70.1-150400.3.3.1 * glib-networking-debugsource-2.70.1-150400.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-10028.html * https://bugzilla.suse.com/show_bug.cgi?id=1267979 . A moderate security update for glib-networking addresses a critical infinite loop issue in SUSE distributions.. SUSE Linux glib-networking security patch infinite loop. . Severity: moderate. LinuxSecurity.com Team

Calendar%202 Jul 09, 2026 moderate SuSE
100

SUSE glib-networking Moderate Infinite Loop Risk Advisory 2026-22297-1

An update that solves one vulnerability can now be installed.. # Security update for glib-networking Announcement ID: SUSE-SU-2026:22297-1 Release Date: 2026-06-20T18:14:55Z Rating: moderate References: * bsc#1267979 Cross-References: * CVE-2026-10028 CVSS scores: * CVE-2026-10028 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-10028 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-10028 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves one vulnerability can now be installed. ## Description: This update for glib-networking fixes the following issue * CVE-2026-10028: two certificates which are each signed by the other can lead to an infinite loop (bsc#1267979). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-995=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-995=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * glib-networking-debugsource-2.80.1-160000.3.1 * glib-networking-2.80.1-160000.3.1 * glib-networking-debuginfo-2.80.1-160000.3.1 * SUSE Linux Enterprise Server 16.0 (noarch) * glib-networking-lang-2.80.1-160000.3.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (noarch) * glib-networking-lang-2.80.1-160000.3.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * glib-networking-debugsource-2.80.1-160000.3.1 * glib-networking-2.80.1-160000.3.1 * glib-networking-debuginfo-2.80.1-160000.3.1 ## References: *https://www.suse.com/security/cve/CVE-2026-10028.html * https://bugzilla.suse.com/show_bug.cgi?id=1267979 . Update addresses a critical flaw in glib-networking for SUSE Linux Enterprise Server, improving system stability and security functions.. glib-networking update, security flaws SUSE, moderate threat assessment, SUSE advisory 2026. . Severity: moderate. LinuxSecurity.com Team

Calendar%202 Jul 01, 2026 moderate SuSE
100

SUSE 16.0 amazon-ecs-init Important Update for HTTP Transport Security

An update that solves two vulnerabilities can now be installed.. # Security update for amazon-ecs-init Announcement ID: SUSE-SU-2026:22320-1 Release Date: 2026-06-22T14:30:37Z Rating: important References: * bsc#1265843 * bsc#1266652 Cross-References: * CVE-2026-33814 * CVE-2026-39821 CVSS scores: * CVE-2026-33814 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-39821 ( SUSE ): 9.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-39821 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-39821 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N * CVE-2026-39821 ( NVD ): 9.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves two vulnerabilities can now be installed. ## Description: This update for amazon-ecs-init fixes the following issues Update to version 1.103.2: * CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE (bsc#1265843). * CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded labels allows for validation bypass and privilege escalation (bsc#1266652). Changes: * Enhancement - Bump github.com/aws/aws-sdk-go-v2/service/fsx from 1.53.1 to 1.65.10 in /agent (#4966) * Enhancement - Add semgrep security scan for command injection (#4959) * Enhancement - Bump golang.org/x/tools from 0.39.0 to 0.45.0 in /ecs-agent (#4965), also updates x/net to 0.54.0 (bsc#1266652, CVE-2026-39821) * Enhancement - Add integration test for credential refresher (#4961) * Enhancement - Bump golang.org/x/tools from0.42.0 to 0.45.0 in /agent (#4873) * Enhancement - Update Go version to 1.25.10 (#4960) * Enhancement - Bump go.etcd.io/bbolt from 1.3.9 to 1.4.3 in /ecs-agent (#4872) * Enhancement - update credentials-fetcher retry comments/tests (#4954) * Enhancement - Enhancement - Add retry mechanism to credentialsfetcher (#4948) * Enhancement - Add IMDS credential refresher (#4953) * Bugfix - fix flaky tests depending on timers (#4955) * Feature - Implement IMDS scanner for task credential retrieval, in the shared library (#4945) * Feature - Add config/capability for IMDS-based task credential retrieval (disabled for now) (#4938) * Feature - Add IMDS credential scanner interface and capability constant for IMDS-based task credential retrieval (#4937) * Enhancement - Bump github.com/aws/aws-sdk-go-v2/service/cloudwatchlogs from 1.47.3 to 1.65.0 in /agent (#4921) * Enhancement - Bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.63.1 to 1.97.3 in /ecs-init (#4923) from 1.79.2 to 1.97.3 in /agent (#4924) * Enhancement - Bump go.opentelemetry.io/otel/exporters/otlp/ otlptrace/ otlptracehttp from 1.32.0 to 1.43.0 in /agent (#4926) * Enhancement - Truncate log values to make agent logs less verbose (#4940) * Enhancement - Golang bump: 1.25.9 (#4935) * Enhancement - Use env variable to read user input when mounting FSx volumes (#4934) * Enhancement - Enhancement - Replace SSM Dualstack endpoint resolution logic with UseDualStackEndpoint (#4931) * Enhancement - Emit duration metrics for TACS connect/disconnect (#4928) * Enhancement - Bump github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream from 1.6.10 to 1.7.8 in /agent (#4922) from 1.6.5 to 1.7.8 in /ecs-init (#4925) * Enhancement - Track and emit metric for disconnect time from ACS (#4920) * Enhancement - engine: skip execution role checks when task desired status is stopped (#4918) * Enhancement - Add NeuronDevices type and sysfs-based device discovery (#4919) * Bugfix -Fix release workflow branch handling and add GitHub App token (#4929) * Bugfix - fix(netlib): Conditionally add IPv6 subnet to IPAM config when IPv6 (#4916) * Enhancement - Update SSM exec agent version to 3.3.4108.0 (#4912) * Enhancement - Update Go version to 1.25.8 (#4894) * Enhancement - Apply skip-gpg-check to both ecs-init and ssm agent (#4901) * Enhancement - Bump google.golang.org/grpc from 1.78.0 to 1.79.3 (#4906) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-1025=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-1025=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (aarch64 x86_64) * amazon-ecs-init-1.103.2-160000.1.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (x86_64) * amazon-ecs-init-1.103.2-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-33814.html * https://www.suse.com/security/cve/CVE-2026-39821.html * https://bugzilla.suse.com/show_bug.cgi?id=1265843 * https://bugzilla.suse.com/show_bug.cgi?id=1266652 . SUSE security update addresses critical issues in amazon-ecs-init to prevent potential privilege escalations and service disruptions.. SUSE Security Update, amazon-ecs-init, privilege escalation, infinite loop, update patch. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 01, 2026 Important SuSE
202

openSUSE Leap 16.0 glib-networking Moderate Infinite Loop Vuln 2026-21130-1

An update that solves one vulnerability and has one bug fix can now be installed.. openSUSE security update: security update for glib-networking ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:21130-1 Rating: moderate References: * bsc#1267979 Cross-References: * CVE-2026-10028 CVSS scores: * CVE-2026-10028 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-10028 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N Affected Products: openSUSE Leap 16.0 ------------------------------------------------------------- An update that solves one vulnerability and has one bug fix can now be installed. Description: This update for glib-networking fixes the following issue - CVE-2026-10028: two certificates which are each signed by the other can lead to an infinite loop (bsc#1267979). Patch instructions: To install this openSUSE security update use the suse recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 16.0 zypper in -t patch openSUSE-Leap-16.0-995=1 Package List: - openSUSE Leap 16.0: glib-networking-2.80.1-160000.3.1 glib-networking-lang-2.80.1-160000.3.1 References: * https://www.suse.com/security/cve/CVE-2026-10028.html . OpenSUSE issues a security update for glib-networking, addressing one bug and a moderate severity issue.. openSUSE security, glib-networking CVE, updates, security vulnerabilities, software patches. . Severity: moderate. LinuxSecurity.com Team

Calendar%202 Jun 30, 2026 moderate OpenSUSE
202

openSUSE Ignition Important HTTP Transport Infinite Loop Fix 2026-21108-1

An update that solves one vulnerability and has one bug fix can now be installed.. openSUSE security update: security update for ignition ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:21108-1 Rating: important References: * bsc#1265751 Cross-References: * CVE-2026-33814 CVSS scores: * CVE-2026-33814 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Leap 16.0 ------------------------------------------------------------- An update that solves one vulnerability and has one bug fix can now be installed. Description: This update for ignition fixes the following issue - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE (bsc#1265751). Patch instructions: To install this openSUSE security update use the suse recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 16.0 zypper in -t patch openSUSE-Leap-16.0-973=1 Package List: - openSUSE Leap 16.0: ignition-2.21.0-160000.4.1 References: * https://www.suse.com/security/cve/CVE-2026-33814.html . Security update for openSUSE fixes an important issue in ignition related to HTTP transport loops. Patch it now!. openSUSE security patch, ignition bug fix, HTTP transport update. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 30, 2026 Important OpenSUSE
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200