Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 496
Alerts This Week
Warning Icon 1 496

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 9 articles for you...
100

SUSE Linux Enterprise Server BCI 16.0 Poppler Loop Vulnerability Issue

An update that solves one vulnerability can now be installed.. # Security update for poppler Announcement ID: SUSE-SU-2026:20911-1 Release Date: 2026-03-19T08:11:15Z Rating: moderate References: * bsc#1252337 Cross-References: * CVE-2025-11896 CVSS scores: * CVE-2025-11896 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-11896 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-11896 ( NVD ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Linux Enterprise Server - BCI 16.0 An update that solves one vulnerability can now be installed. ## Description: This update for poppler fixes the following issues: * CVE-2025-11896: infinite recursion leading to stack overflow due to object loop in PDF CMap (bsc#1252337). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server - BCI 16.0 zypper in -t patch SUSE-SLES-16.0-411=1 ## Package List: * SUSE Linux Enterprise Server - BCI 16.0 (aarch64 ppc64le s390x x86_64) * libpoppler148-debuginfo-25.04.0-160000.4.1 * poppler-debugsource-25.04.0-160000.4.1 * libpoppler-glib8-debuginfo-25.04.0-160000.4.1 * typelib-1_0-Poppler-0_18-25.04.0-160000.4.1 * libpoppler-cpp2-25.04.0-160000.4.1 * libpoppler-qt6-devel-25.04.0-160000.4.1 * libpoppler-glib8-25.04.0-160000.4.1 * libpoppler-qt6-3-debuginfo-25.04.0-160000.4.1 * libpoppler-devel-25.04.0-160000.4.1 * libpoppler-qt6-3-25.04.0-160000.4.1 * libpoppler-cpp2-debuginfo-25.04.0-160000.4.1 * libpoppler148-25.04.0-160000.4.1 * poppler-tools-25.04.0-160000.4.1 * poppler-qt6-debugsource-25.04.0-160000.4.1 *poppler-tools-debuginfo-25.04.0-160000.4.1 ## References: * https://www.suse.com/security/cve/CVE-2025-11896.html * https://bugzilla.suse.com/show_bug.cgi?id=1252337 . Update available for SUSE addressing a moderate issue with poppler's infinite recursion leading to stack overflow vulnerability.. SUSE Update, Poppler Security, Moderate Risk, Infinite Recursion Fix. . LinuxSecurity.com Team

Calendar%202 Apr 01, 2026 SuSE
99

Debian GNU/Linux Security Update - DSA-2026-080-07 Released Today

New libxml2 packages are available for Slackware 15.0 and -current to fix security issues.. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] libxml2 (SSA:2026-070-02) New libxml2 packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: +--------------------------+ patches/packages/libxml2-2.11.9-i586-8_slack15.0.txz: Rebuilt. This update fixes security issues: CVE-2026-1757 fix: Memory leak in xmllint Shell - shell.c CVE-2026-0990 fix: Prevent infinite recursion in xmlCatalogListXMLResolve CVE-2026-0992 fix: Exponential behavior when handling parser: Fix infinite loop in xmlCtxtParseContent CVE-2025-10911 libxslt related: Ignore next/prev of documents when traversing XPath CVE-2026-0989 fix: Add RelaxNG include limit Thanks to r1w1s1 for locating the backported patches. For more information, see: https://www.cve.org/CVERecord?id=CVE-2026-1757 https://www.cve.org/CVERecord?id=CVE-2026-0990 https://www.cve.org/CVERecord?id=CVE-2026-0992 https://www.cve.org/CVERecord?id=CVE-2025-10911 https://www.cve.org/CVERecord?id=CVE-2026-0989 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you. Updated package for Slackware 15.0: ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/libxml2-2.11.9-i586-8_slack15.0.txz Updated package for Slackware x86_64 15.0: ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/libxml2-2.11.9-x86_64-8_slack15.0.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/libxml2-2.15.2-i686-1.txz Updated package for Slackware x86_64-current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/libxml2-2.15.2-x86_64-1.txz MD5 signatures: +-------------+ Slackware 15.0 package: 5868328f253dc7040729ef0b057a429c libxml2-2.11.9-i586-8_slack15.0.txz Slackware x86_64 15.0 package: 7969553fbdf9ffdce4bfec2619ff38a6 libxml2-2.11.9-x86_64-8_slack15.0.txz Slackware -current package: a474110a92bac5d51ac8fb62c270b10d l/libxml2-2.15.2-i686-1.txz Slackware x86_64 -current package: 484f22dfed7a7391119bd53bebf8480f l/libxml2-2.15.2-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg libxml2-2.11.9-i586-8_slack15.0.txz +-----+ . New libxml2 packages for Slackware address several security fixes including memory leaks and infinite loop issues.. libxml2 packages Slackware updates security fixes. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Mar 11, 2026 Important Slackware
100

SUSE: Poppler Low Security Update for Stack Overflow CVE-2025-11896

An update that solves one vulnerability can now be installed.. # Security update for poppler Announcement ID: SUSE-SU-2026:0081-1 Release Date: 2026-01-09T08:02:03Z Rating: low References: * bsc#1252337 Cross-References: * CVE-2025-11896 CVSS scores: * CVE-2025-11896 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-11896 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-11896 ( NVD ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for poppler fixes the following issues: * CVE-2025-11896: Fixed infinite recursion leading to stack overflow due to object loop in PDF CMap (bsc#1252337) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-81=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libpoppler-glib8-0.43.0-16.70.1 * libpoppler-qt4-4-debuginfo-0.43.0-16.70.1 * libpoppler-glib-devel-0.43.0-16.70.1 * poppler-tools-debuginfo-0.43.0-16.70.1 * poppler-tools-0.43.0-16.70.1 * poppler-debugsource-0.43.0-16.70.1 * libpoppler60-debuginfo-0.43.0-16.70.1 * libpoppler60-0.43.0-16.70.1 * libpoppler-glib8-debuginfo-0.43.0-16.70.1 * libpoppler-devel-0.43.0-16.70.1 * libpoppler-qt4-4-0.43.0-16.70.1 *libpoppler-qt4-devel-0.43.0-16.70.1 ## References: * https://www.suse.com/security/cve/CVE-2025-11896.html * https://bugzilla.suse.com/show_bug.cgi?id=1252337 . An update for SUSE Linux addresses a low severity issue in Poppler related to stack overflow vulnerability.. SUSE Linux, Poppler, Stack Overflow, Security Update, Infinite Recursion. . Severity: Low. LinuxSecurity.com Team

Calendar%202 Jan 09, 2026 Low SuSE
202

Fedora: libxml2 Critical Stack Overflow Issue 2025:5116-2

An update that solves two vulnerabilities can now be installed.. # Security update for libxml2 Announcement ID: SUSE-SU-2025:4115-1 Release Date: 2025-11-17T07:26:06Z Rating: moderate References: * bsc#1247850 * bsc#1249076 Cross-References: * CVE-2025-8732 * CVE-2025-9714 CVSS scores: * CVE-2025-8732 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-8732 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-8732 ( NVD ): 1.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-8732 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-9714 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-9714 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-9714 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-9714 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that solves two vulnerabilities can now be installed. ## Description: This update for libxml2 fixes the following issues: * CVE-2025-9714: Fixed inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c (bsc#1249076) * CVE-2025-8732: Fixed infinite recursion in catalog parsing functions when processing malformed SGML catalog files (bsc#1247850) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-4115=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-4115=1 * SUSE LinuxEnterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-4115=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python3-libxml2-python-2.9.7-150000.3.88.1 * python-libxml2-python-debugsource-2.9.7-150000.3.88.1 * python3-libxml2-python-debuginfo-2.9.7-150000.3.88.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * libxml2-tools-debuginfo-2.9.7-150000.3.88.1 * libxml2-debugsource-2.9.7-150000.3.88.1 * libxml2-2-debuginfo-2.9.7-150000.3.88.1 * python-libxml2-python-debugsource-2.9.7-150000.3.88.1 * python3-libxml2-python-debuginfo-2.9.7-150000.3.88.1 * python3-libxml2-python-2.9.7-150000.3.88.1 * libxml2-2-2.9.7-150000.3.88.1 * libxml2-tools-2.9.7-150000.3.88.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * libxml2-tools-debuginfo-2.9.7-150000.3.88.1 * libxml2-debugsource-2.9.7-150000.3.88.1 * libxml2-2-debuginfo-2.9.7-150000.3.88.1 * python-libxml2-python-debugsource-2.9.7-150000.3.88.1 * python3-libxml2-python-debuginfo-2.9.7-150000.3.88.1 * python3-libxml2-python-2.9.7-150000.3.88.1 * libxml2-2-2.9.7-150000.3.88.1 * libxml2-tools-2.9.7-150000.3.88.1 ## References: * https://www.suse.com/security/cve/CVE-2025-8732.html * https://www.suse.com/security/cve/CVE-2025-9714.html * https://bugzilla.suse.com/show_bug.cgi?id=1247850 * https://bugzilla.suse.com/show_bug.cgi?id=1249076 . Update for openSUSE fixes two moderate issues in libxml2 addressing infinite recursion vulnerabilities.. openSUSE update, libxml2 security, threat mitigation, moderate vulnerabilities. . LinuxSecurity.com Team

Calendar%202 Nov 17, 2025 OpenSUSE
100

SUSE: libxml2 Moderate Risk of Infinite Recursion - Advisory 2025:4115-1

* bsc#1247850 * bsc#1249076 Cross-References: * CVE-2025-8732 . # Security update for libxml2 Announcement ID: SUSE-SU-2025:4115-1 Release Date: 2025-11-17T07:26:06Z Rating: moderate References: * bsc#1247850 * bsc#1249076 Cross-References: * CVE-2025-8732 * CVE-2025-9714 CVSS scores: * CVE-2025-8732 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-8732 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-8732 ( NVD ): 1.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-8732 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-9714 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-9714 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-9714 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-9714 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that solves two vulnerabilities can now be installed. ## Description: This update for libxml2 fixes the following issues: * CVE-2025-9714: Fixed inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c (bsc#1249076) * CVE-2025-8732: Fixed infinite recursion in catalog parsing functions when processing malformed SGML catalog files (bsc#1247850) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-4115=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-4115=1 * SUSE LinuxEnterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-4115=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python3-libxml2-python-2.9.7-150000.3.88.1 * python-libxml2-python-debugsource-2.9.7-150000.3.88.1 * python3-libxml2-python-debuginfo-2.9.7-150000.3.88.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * libxml2-tools-debuginfo-2.9.7-150000.3.88.1 * libxml2-debugsource-2.9.7-150000.3.88.1 * libxml2-2-debuginfo-2.9.7-150000.3.88.1 * python-libxml2-python-debugsource-2.9.7-150000.3.88.1 * python3-libxml2-python-debuginfo-2.9.7-150000.3.88.1 * python3-libxml2-python-2.9.7-150000.3.88.1 * libxml2-2-2.9.7-150000.3.88.1 * libxml2-tools-2.9.7-150000.3.88.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * libxml2-tools-debuginfo-2.9.7-150000.3.88.1 * libxml2-debugsource-2.9.7-150000.3.88.1 * libxml2-2-debuginfo-2.9.7-150000.3.88.1 * python-libxml2-python-debugsource-2.9.7-150000.3.88.1 * python3-libxml2-python-debuginfo-2.9.7-150000.3.88.1 * python3-libxml2-python-2.9.7-150000.3.88.1 * libxml2-2-2.9.7-150000.3.88.1 * libxml2-tools-2.9.7-150000.3.88.1 ## References: * https://www.suse.com/security/cve/CVE-2025-8732.html * https://www.suse.com/security/cve/CVE-2025-9714.html * https://bugzilla.suse.com/show_bug.cgi?id=1247850 * https://bugzilla.suse.com/show_bug.cgi?id=1249076 . A security update for SUSE fixes critical issues in libxml2 with moderate severity affecting multiple versions.. libxml2 update, SUSE patch, security fix, moderate severity, infinite recursion. . LinuxSecurity.com Team

Calendar%202 Nov 17, 2025 SuSE
100

SUSE: libxml2 Moderate Infinite Recursion Fix CVE-2025-8732 2025:4116-1

* bsc#1247850 * bsc#1249076 Cross-References: * CVE-2025-8732 . # Security update for libxml2 Announcement ID: SUSE-SU-2025:4116-1 Release Date: 2025-11-17T07:26:18Z Rating: moderate References: * bsc#1247850 * bsc#1249076 Cross-References: * CVE-2025-8732 * CVE-2025-9714 CVSS scores: * CVE-2025-8732 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-8732 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-8732 ( NVD ): 1.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-8732 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-9714 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-9714 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-9714 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-9714 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves two vulnerabilities can now be installed. ## Description: This update for libxml2 fixes the following issues: * CVE-2025-9714: Fixed inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c (bsc#1249076) * CVE-2025-8732: Fixed infinite recursion in catalog parsing functions when processing malformed SGML catalog files (bsc#1247850) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-4116=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-4116=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-4116=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-4116=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-4116=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * python3-libxml2-debuginfo-2.9.14-150400.5.50.1 * libxml2-tools-debuginfo-2.9.14-150400.5.50.1 * libxml2-tools-2.9.14-150400.5.50.1 * python311-libxml2-2.9.14-150400.5.50.1 * python311-libxml2-debuginfo-2.9.14-150400.5.50.1 * libxml2-debugsource-2.9.14-150400.5.50.1 * libxml2-python-debugsource-2.9.14-150400.5.50.1 * libxml2-devel-2.9.14-150400.5.50.1 * libxml2-2-2.9.14-150400.5.50.1 * libxml2-2-debuginfo-2.9.14-150400.5.50.1 * python3-libxml2-2.9.14-150400.5.50.1 * openSUSE Leap 15.4 (x86_64) * libxml2-2-32bit-2.9.14-150400.5.50.1 * libxml2-2-32bit-debuginfo-2.9.14-150400.5.50.1 * libxml2-devel-32bit-2.9.14-150400.5.50.1 * openSUSE Leap 15.4 (noarch) * libxml2-doc-2.9.14-150400.5.50.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libxml2-2-64bit-2.9.14-150400.5.50.1 * libxml2-devel-64bit-2.9.14-150400.5.50.1 * libxml2-2-64bit-debuginfo-2.9.14-150400.5.50.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * python3-libxml2-debuginfo-2.9.14-150400.5.50.1 * libxml2-tools-debuginfo-2.9.14-150400.5.50.1 * libxml2-tools-2.9.14-150400.5.50.1 * libxml2-debugsource-2.9.14-150400.5.50.1 * libxml2-python-debugsource-2.9.14-150400.5.50.1 * libxml2-2-2.9.14-150400.5.50.1 * libxml2-2-debuginfo-2.9.14-150400.5.50.1 * python3-libxml2-2.9.14-150400.5.50.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * python3-libxml2-debuginfo-2.9.14-150400.5.50.1 * libxml2-tools-debuginfo-2.9.14-150400.5.50.1 * libxml2-tools-2.9.14-150400.5.50.1 *libxml2-debugsource-2.9.14-150400.5.50.1 * libxml2-python-debugsource-2.9.14-150400.5.50.1 * libxml2-2-2.9.14-150400.5.50.1 * libxml2-2-debuginfo-2.9.14-150400.5.50.1 * python3-libxml2-2.9.14-150400.5.50.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * python3-libxml2-debuginfo-2.9.14-150400.5.50.1 * libxml2-tools-debuginfo-2.9.14-150400.5.50.1 * libxml2-tools-2.9.14-150400.5.50.1 * libxml2-debugsource-2.9.14-150400.5.50.1 * libxml2-python-debugsource-2.9.14-150400.5.50.1 * libxml2-2-2.9.14-150400.5.50.1 * libxml2-2-debuginfo-2.9.14-150400.5.50.1 * python3-libxml2-2.9.14-150400.5.50.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * python3-libxml2-debuginfo-2.9.14-150400.5.50.1 * libxml2-tools-debuginfo-2.9.14-150400.5.50.1 * libxml2-tools-2.9.14-150400.5.50.1 * libxml2-debugsource-2.9.14-150400.5.50.1 * libxml2-python-debugsource-2.9.14-150400.5.50.1 * libxml2-2-2.9.14-150400.5.50.1 * libxml2-2-debuginfo-2.9.14-150400.5.50.1 * python3-libxml2-2.9.14-150400.5.50.1 ## References: * https://www.suse.com/security/cve/CVE-2025-8732.html * https://www.suse.com/security/cve/CVE-2025-9714.html * https://bugzilla.suse.com/show_bug.cgi?id=1247850 * https://bugzilla.suse.com/show_bug.cgi?id=1249076 . Explore the SUSE advisory for libxml2 addressing moderate security risks and recent exploits with updates available.. libxml2 security patch, moderate vulnerability SUSE, infinite recursion fix, buffer overflow issue, SUSE advisory. . LinuxSecurity.com Team

Calendar%202 Nov 17, 2025 SuSE
202

openSUSE: libxml2 Moderate Fix for Infinite Recursion Issues 2025:4116-1

An update that solves two vulnerabilities can now be installed.. # Security update for libxml2 Announcement ID: SUSE-SU-2025:4116-1 Release Date: 2025-11-17T07:26:18Z Rating: moderate References: * bsc#1247850 * bsc#1249076 Cross-References: * CVE-2025-8732 * CVE-2025-9714 CVSS scores: * CVE-2025-8732 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-8732 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-8732 ( NVD ): 1.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-8732 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-9714 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-9714 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-9714 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-9714 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves two vulnerabilities can now be installed. ## Description: This update for libxml2 fixes the following issues: * CVE-2025-9714: Fixed inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c (bsc#1249076) * CVE-2025-8732: Fixed infinite recursion in catalog parsing functions when processing malformed SGML catalog files (bsc#1247850) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-4116=1 * SUSE Linux Enterprise Micro for Rancher5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-4116=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-4116=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-4116=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-4116=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * python3-libxml2-debuginfo-2.9.14-150400.5.50.1 * libxml2-tools-debuginfo-2.9.14-150400.5.50.1 * libxml2-tools-2.9.14-150400.5.50.1 * python311-libxml2-2.9.14-150400.5.50.1 * python311-libxml2-debuginfo-2.9.14-150400.5.50.1 * libxml2-debugsource-2.9.14-150400.5.50.1 * libxml2-python-debugsource-2.9.14-150400.5.50.1 * libxml2-devel-2.9.14-150400.5.50.1 * libxml2-2-2.9.14-150400.5.50.1 * libxml2-2-debuginfo-2.9.14-150400.5.50.1 * python3-libxml2-2.9.14-150400.5.50.1 * openSUSE Leap 15.4 (x86_64) * libxml2-2-32bit-2.9.14-150400.5.50.1 * libxml2-2-32bit-debuginfo-2.9.14-150400.5.50.1 * libxml2-devel-32bit-2.9.14-150400.5.50.1 * openSUSE Leap 15.4 (noarch) * libxml2-doc-2.9.14-150400.5.50.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libxml2-2-64bit-2.9.14-150400.5.50.1 * libxml2-devel-64bit-2.9.14-150400.5.50.1 * libxml2-2-64bit-debuginfo-2.9.14-150400.5.50.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * python3-libxml2-debuginfo-2.9.14-150400.5.50.1 * libxml2-tools-debuginfo-2.9.14-150400.5.50.1 * libxml2-tools-2.9.14-150400.5.50.1 * libxml2-debugsource-2.9.14-150400.5.50.1 * libxml2-python-debugsource-2.9.14-150400.5.50.1 * libxml2-2-2.9.14-150400.5.50.1 * libxml2-2-debuginfo-2.9.14-150400.5.50.1 * python3-libxml2-2.9.14-150400.5.50.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * python3-libxml2-debuginfo-2.9.14-150400.5.50.1 * libxml2-tools-debuginfo-2.9.14-150400.5.50.1 * libxml2-tools-2.9.14-150400.5.50.1 *libxml2-debugsource-2.9.14-150400.5.50.1 * libxml2-python-debugsource-2.9.14-150400.5.50.1 * libxml2-2-2.9.14-150400.5.50.1 * libxml2-2-debuginfo-2.9.14-150400.5.50.1 * python3-libxml2-2.9.14-150400.5.50.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * python3-libxml2-debuginfo-2.9.14-150400.5.50.1 * libxml2-tools-debuginfo-2.9.14-150400.5.50.1 * libxml2-tools-2.9.14-150400.5.50.1 * libxml2-debugsource-2.9.14-150400.5.50.1 * libxml2-python-debugsource-2.9.14-150400.5.50.1 * libxml2-2-2.9.14-150400.5.50.1 * libxml2-2-debuginfo-2.9.14-150400.5.50.1 * python3-libxml2-2.9.14-150400.5.50.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * python3-libxml2-debuginfo-2.9.14-150400.5.50.1 * libxml2-tools-debuginfo-2.9.14-150400.5.50.1 * libxml2-tools-2.9.14-150400.5.50.1 * libxml2-debugsource-2.9.14-150400.5.50.1 * libxml2-python-debugsource-2.9.14-150400.5.50.1 * libxml2-2-2.9.14-150400.5.50.1 * libxml2-2-debuginfo-2.9.14-150400.5.50.1 * python3-libxml2-2.9.14-150400.5.50.1 ## References: * https://www.suse.com/security/cve/CVE-2025-8732.html * https://www.suse.com/security/cve/CVE-2025-9714.html * https://bugzilla.suse.com/show_bug.cgi?id=1247850 * https://bugzilla.suse.com/show_bug.cgi?id=1249076 . Update for libxml2 addresses two moderate issues in openSUSE with CVEs 2025-8732 and 2025-9714, ensuring system integrity.. libxml2 security update, openSUSE vulnerabilities, libxml2 patch, moderate severity update. . LinuxSecurity.com Team

Calendar%202 Nov 17, 2025 OpenSUSE
100

SUSE: libxml2 Moderate Infinite Recursion Issues Fixed 2025:4104-1

* bsc#1247850 * bsc#1249076 Cross-References: * CVE-2025-8732 . # Security update for libxml2 Announcement ID: SUSE-SU-2025:4104-1 Release Date: 2025-11-14T10:04:07Z Rating: moderate References: * bsc#1247850 * bsc#1249076 Cross-References: * CVE-2025-8732 * CVE-2025-9714 CVSS scores: * CVE-2025-8732 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-8732 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-8732 ( NVD ): 1.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-8732 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-9714 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-9714 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-9714 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-9714 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for libxml2 fixes the following issues: * CVE-2025-9714: Fixed infinite recursion at exsltDynMapFunction function in libexslt/dynamic.c (bsc#1249076) * CVE-2025-8732: Fixed infinite recursion in catalog parsing functions when processing malformed SGML catalog files (bsc#1247850) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patchSUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-4104=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libxml2-2-debuginfo-2.9.4-46.93.1 * libxml2-debugsource-2.9.4-46.93.1 * libxml2-tools-debuginfo-2.9.4-46.93.1 * libxml2-2-32bit-2.9.4-46.93.1 * libxml2-devel-2.9.4-46.93.1 * python-libxml2-2.9.4-46.93.1 * python-libxml2-debuginfo-2.9.4-46.93.1 * libxml2-2-debuginfo-32bit-2.9.4-46.93.1 * libxml2-2-2.9.4-46.93.1 * python-libxml2-debugsource-2.9.4-46.93.1 * libxml2-tools-2.9.4-46.93.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * libxml2-doc-2.9.4-46.93.1 ## References: * https://www.suse.com/security/cve/CVE-2025-8732.html * https://www.suse.com/security/cve/CVE-2025-9714.html * https://bugzilla.suse.com/show_bug.cgi?id=1247850 * https://bugzilla.suse.com/show_bug.cgi?id=1249076 . Update for libxml2 in SUSE addresses two issues, including infinite recursion vulnerabilities. Patching recommended.. libxml2 security update,SUSE advisory,system vulnerabilities,security patches,SUSE Release. . LinuxSecurity.com Team

Calendar%202 Nov 14, 2025 SuSE
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200