Explore top 10 tips to secure your open-source projects now. Read More
×An update that solves one vulnerability can now be installed.. # Security update for glib-networking Announcement ID: SUSE-SU-2026:3032-1 Release Date: 2026-07-15T09:53:56Z Rating: moderate References: * bsc#1267979 Cross-References: * CVE-2026-10028 CVSS scores: * CVE-2026-10028 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-10028 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-10028 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L Affected Products: * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for glib-networking fixes the following issue * CVE-2026-10028: two certificates which are each signed by the other can lead to an infinite loop (bsc#1267979). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-3032=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-3032=1 ## Package List: * openSUSE Leap 15.6 (aarch64 i586 ppc64le s390x x86_64) * glib-networking-debugsource-2.78.0-150600.3.3.1 * glib-networking-2.78.0-150600.3.3.1 * glib-networking-debuginfo-2.78.0-150600.3.3.1 * openSUSE Leap 15.6 (x86_64) * glib-networking-32bit-debuginfo-2.78.0-150600.3.3.1 * glib-networking-32bit-2.78.0-150600.3.3.1 * openSUSE Leap 15.6 (aarch64_ilp32) * glib-networking-64bit-debuginfo-2.78.0-150600.3.3.1 * glib-networking-64bit-2.78.0-150600.3.3.1 * openSUSE Leap 15.6 (noarch) * glib-networking-lang-2.78.0-150600.3.3.1 *Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * glib-networking-debugsource-2.78.0-150600.3.3.1 * glib-networking-2.78.0-150600.3.3.1 * glib-networking-debuginfo-2.78.0-150600.3.3.1 * Basesystem Module 15-SP7 (noarch) * glib-networking-lang-2.78.0-150600.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-10028.html * https://bugzilla.suse.com/show_bug.cgi?id=1267979 . Update available for glib-networking on openSUSE addressing a moderate issue involving an infinite loop from certificates.. glib-networking update opensuse CVE-2026-10028 security patch. . Severity: moderate. LinuxSecurity.com Team
An update that solves one vulnerability and has one security fix can now be installed.. # Security update for terraform-provider-aws, terraform-provider-azurerm, terraform-provider-external, terraform-provider-google, terraform-provider-helm, terraform-provider-kubernetes, terraform-provid Announcement ID: SUSE-SU-2026:2850-1 Release Date: 2026-07-10T12:48:09Z Rating: important References: * bsc#1265678 * bsc#1265700 Cross-References: * CVE-2026-33814 CVSS scores: * CVE-2026-33814 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Public Cloud Module 15-SP4 * Public Cloud Module 15-SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for terraform-provider-aws, terraform-provider-azurerm, terraform- provider-external, terraform-provider-google, terraform-provider-helm, terraform-provider-kubernetes, terraform-provider-random, terraform-provider- susepubliccloud, terraform-provider-tls fixes the following issue * CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE (bsc#1265678, bsc#1265700). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run thecommand listed for your product: * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2026-2850=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2026-2850=1 ## Package List: * Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64) * terraform-provider-kubernetes-1.13.2-150200.6.9.1 * terraform-provider-susepubliccloud-0.0.1-150100.3.11.1 * terraform-provider-random-3.0.0-150200.6.12.1 * terraform-provider-tls-3.0.0-150200.5.12.1 * terraform-provider-aws-3.11.0-150200.6.15.2 * terraform-provider-google-3.43.0-150200.6.9.2 * terraform-provider-helm-2.9.0-150200.6.20.2 * terraform-provider-azurerm-2.32.0-150200.6.9.2 * terraform-provider-external-2.0.0-150200.6.9.2 * Public Cloud Module 15-SP5 (aarch64 ppc64le s390x x86_64) * terraform-provider-kubernetes-1.13.2-150200.6.9.1 * terraform-provider-susepubliccloud-0.0.1-150100.3.11.1 * terraform-provider-random-3.0.0-150200.6.12.1 * terraform-provider-tls-3.0.0-150200.5.12.1 * terraform-provider-aws-3.11.0-150200.6.15.2 * terraform-provider-google-3.43.0-150200.6.9.2 * terraform-provider-helm-2.9.0-150200.6.20.2 * terraform-provider-azurerm-2.32.0-150200.6.9.2 * terraform-provider-external-2.0.0-150200.6.9.2 ## References: * https://www.suse.com/security/cve/CVE-2026-33814.html * https://bugzilla.suse.com/show_bug.cgi?id=1265678 * https://bugzilla.suse.com/show_bug.cgi?id=1265700 . Resolve an infinite loop issue in Terraform providers with this important security update for SUSE systems.. terraform providers, SUSE updates, security patch, cloud infrastructure, system vulnerabilities. . Severity: Important. LinuxSecurity.com Team
An update that solves one vulnerability can now be installed.. # Security update for glib-networking Announcement ID: SUSE-SU-2026:2810-1 Release Date: 2026-07-09T06:14:47Z Rating: moderate References: * bsc#1267979 Cross-References: * CVE-2026-10028 CVSS scores: * CVE-2026-10028 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-10028 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-10028 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves one vulnerability can now be installed. ## Description: This update for glib-networking fixes the following issue * CVE-2026-10028: two certificates which are each signed by the other can lead to an infinite loop (bsc#1267979). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-2810=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2810=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2810=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2810=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2810=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2810=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * glib-networking-2.70.1-150400.3.3.1 * glib-networking-debuginfo-2.70.1-150400.3.3.1 *glib-networking-debugsource-2.70.1-150400.3.3.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * glib-networking-2.70.1-150400.3.3.1 * glib-networking-debuginfo-2.70.1-150400.3.3.1 * glib-networking-debugsource-2.70.1-150400.3.3.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * glib-networking-2.70.1-150400.3.3.1 * glib-networking-debuginfo-2.70.1-150400.3.3.1 * glib-networking-debugsource-2.70.1-150400.3.3.1 * openSUSE Leap 15.4 (aarch64 i586 ppc64le s390x x86_64) * glib-networking-2.70.1-150400.3.3.1 * glib-networking-debuginfo-2.70.1-150400.3.3.1 * glib-networking-debugsource-2.70.1-150400.3.3.1 * openSUSE Leap 15.4 (aarch64_ilp32) * glib-networking-64bit-2.70.1-150400.3.3.1 * glib-networking-64bit-debuginfo-2.70.1-150400.3.3.1 * openSUSE Leap 15.4 (x86_64) * glib-networking-32bit-debuginfo-2.70.1-150400.3.3.1 * glib-networking-32bit-2.70.1-150400.3.3.1 * openSUSE Leap 15.4 (noarch) * glib-networking-lang-2.70.1-150400.3.3.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * glib-networking-2.70.1-150400.3.3.1 * glib-networking-debuginfo-2.70.1-150400.3.3.1 * glib-networking-debugsource-2.70.1-150400.3.3.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * glib-networking-2.70.1-150400.3.3.1 * glib-networking-debuginfo-2.70.1-150400.3.3.1 * glib-networking-debugsource-2.70.1-150400.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-10028.html * https://bugzilla.suse.com/show_bug.cgi?id=1267979 . Update for glib-networking addresses CVE-2026-10028 with moderate severity, fix infinite loop issues in SUSE products.. openSUSE update, glib-networking patch, security fix, moderate severity, CVE-2026-10028. . Severity: moderate. LinuxSecurity.com Team
An update that solves one vulnerability can now be installed.. # Security update for glib-networking Announcement ID: SUSE-SU-2026:2810-1 Release Date: 2026-07-09T06:14:47Z Rating: moderate References: * bsc#1267979 Cross-References: * CVE-2026-10028 CVSS scores: * CVE-2026-10028 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-10028 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-10028 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves one vulnerability can now be installed. ## Description: This update for glib-networking fixes the following issue * CVE-2026-10028: two certificates which are each signed by the other can lead to an infinite loop (bsc#1267979). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-2810=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2810=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2810=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2810=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2810=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2810=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * glib-networking-2.70.1-150400.3.3.1 * glib-networking-debuginfo-2.70.1-150400.3.3.1 *glib-networking-debugsource-2.70.1-150400.3.3.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * glib-networking-2.70.1-150400.3.3.1 * glib-networking-debuginfo-2.70.1-150400.3.3.1 * glib-networking-debugsource-2.70.1-150400.3.3.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * glib-networking-2.70.1-150400.3.3.1 * glib-networking-debuginfo-2.70.1-150400.3.3.1 * glib-networking-debugsource-2.70.1-150400.3.3.1 * openSUSE Leap 15.4 (aarch64 i586 ppc64le s390x x86_64) * glib-networking-2.70.1-150400.3.3.1 * glib-networking-debuginfo-2.70.1-150400.3.3.1 * glib-networking-debugsource-2.70.1-150400.3.3.1 * openSUSE Leap 15.4 (aarch64_ilp32) * glib-networking-64bit-2.70.1-150400.3.3.1 * glib-networking-64bit-debuginfo-2.70.1-150400.3.3.1 * openSUSE Leap 15.4 (x86_64) * glib-networking-32bit-debuginfo-2.70.1-150400.3.3.1 * glib-networking-32bit-2.70.1-150400.3.3.1 * openSUSE Leap 15.4 (noarch) * glib-networking-lang-2.70.1-150400.3.3.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * glib-networking-2.70.1-150400.3.3.1 * glib-networking-debuginfo-2.70.1-150400.3.3.1 * glib-networking-debugsource-2.70.1-150400.3.3.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * glib-networking-2.70.1-150400.3.3.1 * glib-networking-debuginfo-2.70.1-150400.3.3.1 * glib-networking-debugsource-2.70.1-150400.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-10028.html * https://bugzilla.suse.com/show_bug.cgi?id=1267979 . A moderate security update for glib-networking addresses a critical infinite loop issue in SUSE distributions.. SUSE Linux glib-networking security patch infinite loop. . Severity: moderate. LinuxSecurity.com Team
An update that solves one vulnerability can now be installed.. # Security update for glib-networking Announcement ID: SUSE-SU-2026:22297-1 Release Date: 2026-06-20T18:14:55Z Rating: moderate References: * bsc#1267979 Cross-References: * CVE-2026-10028 CVSS scores: * CVE-2026-10028 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-10028 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-10028 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves one vulnerability can now be installed. ## Description: This update for glib-networking fixes the following issue * CVE-2026-10028: two certificates which are each signed by the other can lead to an infinite loop (bsc#1267979). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-995=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-995=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * glib-networking-debugsource-2.80.1-160000.3.1 * glib-networking-2.80.1-160000.3.1 * glib-networking-debuginfo-2.80.1-160000.3.1 * SUSE Linux Enterprise Server 16.0 (noarch) * glib-networking-lang-2.80.1-160000.3.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (noarch) * glib-networking-lang-2.80.1-160000.3.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * glib-networking-debugsource-2.80.1-160000.3.1 * glib-networking-2.80.1-160000.3.1 * glib-networking-debuginfo-2.80.1-160000.3.1 ## References: *https://www.suse.com/security/cve/CVE-2026-10028.html * https://bugzilla.suse.com/show_bug.cgi?id=1267979 . Update addresses a critical flaw in glib-networking for SUSE Linux Enterprise Server, improving system stability and security functions.. glib-networking update, security flaws SUSE, moderate threat assessment, SUSE advisory 2026. . Severity: moderate. LinuxSecurity.com Team
An update that solves two vulnerabilities can now be installed.. # Security update for amazon-ecs-init Announcement ID: SUSE-SU-2026:22320-1 Release Date: 2026-06-22T14:30:37Z Rating: important References: * bsc#1265843 * bsc#1266652 Cross-References: * CVE-2026-33814 * CVE-2026-39821 CVSS scores: * CVE-2026-33814 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-39821 ( SUSE ): 9.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-39821 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-39821 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N * CVE-2026-39821 ( NVD ): 9.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves two vulnerabilities can now be installed. ## Description: This update for amazon-ecs-init fixes the following issues Update to version 1.103.2: * CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE (bsc#1265843). * CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded labels allows for validation bypass and privilege escalation (bsc#1266652). Changes: * Enhancement - Bump github.com/aws/aws-sdk-go-v2/service/fsx from 1.53.1 to 1.65.10 in /agent (#4966) * Enhancement - Add semgrep security scan for command injection (#4959) * Enhancement - Bump golang.org/x/tools from 0.39.0 to 0.45.0 in /ecs-agent (#4965), also updates x/net to 0.54.0 (bsc#1266652, CVE-2026-39821) * Enhancement - Add integration test for credential refresher (#4961) * Enhancement - Bump golang.org/x/tools from0.42.0 to 0.45.0 in /agent (#4873) * Enhancement - Update Go version to 1.25.10 (#4960) * Enhancement - Bump go.etcd.io/bbolt from 1.3.9 to 1.4.3 in /ecs-agent (#4872) * Enhancement - update credentials-fetcher retry comments/tests (#4954) * Enhancement - Enhancement - Add retry mechanism to credentialsfetcher (#4948) * Enhancement - Add IMDS credential refresher (#4953) * Bugfix - fix flaky tests depending on timers (#4955) * Feature - Implement IMDS scanner for task credential retrieval, in the shared library (#4945) * Feature - Add config/capability for IMDS-based task credential retrieval (disabled for now) (#4938) * Feature - Add IMDS credential scanner interface and capability constant for IMDS-based task credential retrieval (#4937) * Enhancement - Bump github.com/aws/aws-sdk-go-v2/service/cloudwatchlogs from 1.47.3 to 1.65.0 in /agent (#4921) * Enhancement - Bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.63.1 to 1.97.3 in /ecs-init (#4923) from 1.79.2 to 1.97.3 in /agent (#4924) * Enhancement - Bump go.opentelemetry.io/otel/exporters/otlp/ otlptrace/ otlptracehttp from 1.32.0 to 1.43.0 in /agent (#4926) * Enhancement - Truncate log values to make agent logs less verbose (#4940) * Enhancement - Golang bump: 1.25.9 (#4935) * Enhancement - Use env variable to read user input when mounting FSx volumes (#4934) * Enhancement - Enhancement - Replace SSM Dualstack endpoint resolution logic with UseDualStackEndpoint (#4931) * Enhancement - Emit duration metrics for TACS connect/disconnect (#4928) * Enhancement - Bump github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream from 1.6.10 to 1.7.8 in /agent (#4922) from 1.6.5 to 1.7.8 in /ecs-init (#4925) * Enhancement - Track and emit metric for disconnect time from ACS (#4920) * Enhancement - engine: skip execution role checks when task desired status is stopped (#4918) * Enhancement - Add NeuronDevices type and sysfs-based device discovery (#4919) * Bugfix -Fix release workflow branch handling and add GitHub App token (#4929) * Bugfix - fix(netlib): Conditionally add IPv6 subnet to IPAM config when IPv6 (#4916) * Enhancement - Update SSM exec agent version to 3.3.4108.0 (#4912) * Enhancement - Update Go version to 1.25.8 (#4894) * Enhancement - Apply skip-gpg-check to both ecs-init and ssm agent (#4901) * Enhancement - Bump google.golang.org/grpc from 1.78.0 to 1.79.3 (#4906) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-1025=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-1025=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (aarch64 x86_64) * amazon-ecs-init-1.103.2-160000.1.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (x86_64) * amazon-ecs-init-1.103.2-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-33814.html * https://www.suse.com/security/cve/CVE-2026-39821.html * https://bugzilla.suse.com/show_bug.cgi?id=1265843 * https://bugzilla.suse.com/show_bug.cgi?id=1266652 . SUSE security update addresses critical issues in amazon-ecs-init to prevent potential privilege escalations and service disruptions.. SUSE Security Update, amazon-ecs-init, privilege escalation, infinite loop, update patch. . Severity: Important. LinuxSecurity.com Team
An update that solves one vulnerability and has one bug fix can now be installed.. openSUSE security update: security update for glib-networking ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:21130-1 Rating: moderate References: * bsc#1267979 Cross-References: * CVE-2026-10028 CVSS scores: * CVE-2026-10028 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-10028 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N Affected Products: openSUSE Leap 16.0 ------------------------------------------------------------- An update that solves one vulnerability and has one bug fix can now be installed. Description: This update for glib-networking fixes the following issue - CVE-2026-10028: two certificates which are each signed by the other can lead to an infinite loop (bsc#1267979). Patch instructions: To install this openSUSE security update use the suse recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 16.0 zypper in -t patch openSUSE-Leap-16.0-995=1 Package List: - openSUSE Leap 16.0: glib-networking-2.80.1-160000.3.1 glib-networking-lang-2.80.1-160000.3.1 References: * https://www.suse.com/security/cve/CVE-2026-10028.html . OpenSUSE issues a security update for glib-networking, addressing one bug and a moderate severity issue.. openSUSE security, glib-networking CVE, updates, security vulnerabilities, software patches. . Severity: moderate. LinuxSecurity.com Team
An update that solves one vulnerability and has one bug fix can now be installed.. openSUSE security update: security update for ignition ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:21108-1 Rating: important References: * bsc#1265751 Cross-References: * CVE-2026-33814 CVSS scores: * CVE-2026-33814 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Leap 16.0 ------------------------------------------------------------- An update that solves one vulnerability and has one bug fix can now be installed. Description: This update for ignition fixes the following issue - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE (bsc#1265751). Patch instructions: To install this openSUSE security update use the suse recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 16.0 zypper in -t patch openSUSE-Leap-16.0-973=1 Package List: - openSUSE Leap 16.0: ignition-2.21.0-160000.4.1 References: * https://www.suse.com/security/cve/CVE-2026-33814.html . Security update for openSUSE fixes an important issue in ignition related to HTTP transport loops. Patch it now!. openSUSE security patch, ignition bug fix, HTTP transport update. . Severity: Important. LinuxSecurity.com Team
Get the latest Linux and open source security news straight to your inbox.