Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 12 articles for you...
100
security advisorymoderateSuSESUSE 16.0 libpng16 Moderate Buffer Over-read 2026-20127-1 CVE-2026-22695
An update that solves two vulnerabilities can now be installed.. # Security update for libpng16 Announcement ID: SUSE-SU-2026:20127-1 Release Date: 2026-01-22T14:29:42Z Rating: moderate References: * bsc#1256525 * bsc#1256526 Cross-References: * CVE-2026-22695 * CVE-2026-22801 CVSS scores: * CVE-2026-22695 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-22695 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H * CVE-2026-22695 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H * CVE-2026-22695 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H * CVE-2026-22801 ( SUSE ): 7.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-22801 ( SUSE ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-22801 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-22801 ( NVD ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP Applications 16.0 An update that solves two vulnerabilities can now be installed. ## Description: This update for libpng16 fixes the following issues: * CVE-2026-22695: Fixed heap buffer over-read in png_image_finish_read (bsc#1256525). * CVE-2026-22801: Fixed integer truncation causing heap buffer over-read in png_image_write_* (bsc#1256526). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-172=1 * SUSE Linux Enterprise Server for SAP Applications 16.0 zypper in -t patch SUSE-SLES-16.0-172=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * libpng16-debugsource-1.6.44-160000.4.1 * libpng16-tools-1.6.44-160000.4.1 *libpng16-16-1.6.44-160000.4.1 * libpng16-devel-1.6.44-160000.4.1 * libpng16-tools-debuginfo-1.6.44-160000.4.1 * libpng16-compat-devel-1.6.44-160000.4.1 * libpng16-16-debuginfo-1.6.44-160000.4.1 * SUSE Linux Enterprise Server 16.0 (x86_64) * libpng16-16-x86-64-v3-debuginfo-1.6.44-160000.4.1 * libpng16-devel-x86-64-v3-1.6.44-160000.4.1 * libpng16-16-x86-64-v3-1.6.44-160000.4.1 * libpng16-compat-devel-x86-64-v3-1.6.44-160000.4.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (ppc64le x86_64) * libpng16-debugsource-1.6.44-160000.4.1 * libpng16-tools-1.6.44-160000.4.1 * libpng16-16-1.6.44-160000.4.1 * libpng16-devel-1.6.44-160000.4.1 * libpng16-tools-debuginfo-1.6.44-160000.4.1 * libpng16-compat-devel-1.6.44-160000.4.1 * libpng16-16-debuginfo-1.6.44-160000.4.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (x86_64) * libpng16-16-x86-64-v3-debuginfo-1.6.44-160000.4.1 * libpng16-devel-x86-64-v3-1.6.44-160000.4.1 * libpng16-16-x86-64-v3-1.6.44-160000.4.1 * libpng16-compat-devel-x86-64-v3-1.6.44-160000.4.1 ## References: * https://www.suse.com/security/cve/CVE-2026-22695.html * https://www.suse.com/security/cve/CVE-2026-22801.html * https://bugzilla.suse.com/show_bug.cgi?id=1256525 * https://bugzilla.suse.com/show_bug.cgi?id=1256526 . Update for SUSE libpng16 addresses moderate security issues including buffer over-read vulnerabilities.. SUSE Security Update libpng16 Buffer Over-read Heap. . LinuxSecurity.com Team
Jan 28, 2026
SuSE
100
security advisorymoderateSuSESUSE Linux Micro 6.2 libpng16 Moderate Update Buffer Over-read 2026-20155-1
An update that solves two vulnerabilities can now be installed.. # Security update for libpng16 Announcement ID: SUSE-SU-2026:20155-1 Release Date: 2026-01-22T14:38:59Z Rating: moderate References: * bsc#1256525 * bsc#1256526 Cross-References: * CVE-2026-22695 * CVE-2026-22801 CVSS scores: * CVE-2026-22695 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-22695 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H * CVE-2026-22695 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H * CVE-2026-22695 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H * CVE-2026-22801 ( SUSE ): 7.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-22801 ( SUSE ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-22801 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-22801 ( NVD ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H Affected Products: * SUSE Linux Micro 6.2 An update that solves two vulnerabilities can now be installed. ## Description: This update for libpng16 fixes the following issues: * CVE-2026-22695: Fixed heap buffer over-read in png_image_finish_read (bsc#1256525). * CVE-2026-22801: Fixed integer truncation causing heap buffer over-read in png_image_write_* (bsc#1256526). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-172=1 ## Package List: * SUSE Linux Micro 6.2 (aarch64 ppc64le s390x x86_64) * libpng16-debugsource-1.6.44-160000.4.1 * libpng16-16-1.6.44-160000.4.1 * libpng16-16-debuginfo-1.6.44-160000.4.1 ## References: * https://www.suse.com/security/cve/CVE-2026-22695.html * https://www.suse.com/security/cve/CVE-2026-22801.html *https://bugzilla.suse.com/show_bug.cgi?id=1256525 * https://bugzilla.suse.com/show_bug.cgi?id=1256526 . A critical security update for SUSE addresses multiple vulnerabilities in libpng16, including a heap buffer over-read issue.. SUSE Linux, libpng16, security update, buffer over-read, integer truncation. . LinuxSecurity.com Team
Jan 28, 2026
SuSE
100
security advisorymoderateSuSESUSE libpng16 Moderate Security Fix CVE-2026-22695 2026-0234-1
An update that solves two vulnerabilities can now be installed.. # Security update for libpng16 Announcement ID: SUSE-SU-2026:0234-1 Release Date: 2026-01-22T12:24:52Z Rating: moderate References: * bsc#1256525 * bsc#1256526 Cross-References: * CVE-2026-22695 * CVE-2026-22801 CVSS scores: * CVE-2026-22695 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-22695 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H * CVE-2026-22695 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H * CVE-2026-22695 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H * CVE-2026-22801 ( SUSE ): 7.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-22801 ( SUSE ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-22801 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-22801 ( NVD ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H Affected Products: * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves two vulnerabilities can now be installed. ## Description: This update for libpng16 fixes the following issues: * CVE-2026-22695: Fixed heap buffer over-read in png_image_finish_read (bsc#1256525) * CVE-2026-22801: Fixed integer truncation causing heap buffer over-read in png_image_write_* (bsc#1256526). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-234=1 openSUSE-SLE-15.6-2026-234=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-234=1 ## Package List: * openSUSE Leap 15.6(aarch64 ppc64le s390x x86_64 i586) * libpng16-16-debuginfo-1.6.40-150600.3.6.1 * libpng16-devel-1.6.40-150600.3.6.1 * libpng16-tools-1.6.40-150600.3.6.1 * libpng16-16-1.6.40-150600.3.6.1 * libpng16-compat-devel-1.6.40-150600.3.6.1 * libpng16-tools-debuginfo-1.6.40-150600.3.6.1 * libpng16-debugsource-1.6.40-150600.3.6.1 * openSUSE Leap 15.6 (x86_64) * libpng16-16-32bit-debuginfo-1.6.40-150600.3.6.1 * libpng16-compat-devel-32bit-1.6.40-150600.3.6.1 * libpng16-devel-32bit-1.6.40-150600.3.6.1 * libpng16-16-32bit-1.6.40-150600.3.6.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libpng16-devel-64bit-1.6.40-150600.3.6.1 * libpng16-16-64bit-1.6.40-150600.3.6.1 * libpng16-16-64bit-debuginfo-1.6.40-150600.3.6.1 * libpng16-compat-devel-64bit-1.6.40-150600.3.6.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libpng16-16-debuginfo-1.6.40-150600.3.6.1 * libpng16-devel-1.6.40-150600.3.6.1 * libpng16-16-1.6.40-150600.3.6.1 * libpng16-compat-devel-1.6.40-150600.3.6.1 * libpng16-debugsource-1.6.40-150600.3.6.1 * Basesystem Module 15-SP7 (x86_64) * libpng16-16-32bit-debuginfo-1.6.40-150600.3.6.1 * libpng16-16-32bit-1.6.40-150600.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2026-22695.html * https://www.suse.com/security/cve/CVE-2026-22801.html * https://bugzilla.suse.com/show_bug.cgi?id=1256525 * https://bugzilla.suse.com/show_bug.cgi?id=1256526 . This update addresses two moderate vulnerabilities in libpng16 on SUSE systems. Immediate installation is recommended.. SUSE libpng16 security update moderate CVE. . LinuxSecurity.com Team
Jan 22, 2026
SuSE
202
security advisorymoderateOpenSUSEopenSUSE 15.6 libjpeg Significant Memory Overflow Concern SUSE-2026:0460-1
An update that solves two vulnerabilities can now be installed.. # Security update for libpng16 Announcement ID: SUSE-SU-2026:0234-1 Release Date: 2026-01-22T12:24:52Z Rating: moderate References: * bsc#1256525 * bsc#1256526 Cross-References: * CVE-2026-22695 * CVE-2026-22801 CVSS scores: * CVE-2026-22695 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-22695 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H * CVE-2026-22695 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H * CVE-2026-22695 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H * CVE-2026-22801 ( SUSE ): 7.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-22801 ( SUSE ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-22801 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-22801 ( NVD ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H Affected Products: * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves two vulnerabilities can now be installed. ## Description: This update for libpng16 fixes the following issues: * CVE-2026-22695: Fixed heap buffer over-read in png_image_finish_read (bsc#1256525) * CVE-2026-22801: Fixed integer truncation causing heap buffer over-read in png_image_write_* (bsc#1256526). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-234=1 openSUSE-SLE-15.6-2026-234=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-234=1 ## Package List: * openSUSE Leap 15.6(aarch64 ppc64le s390x x86_64 i586) * libpng16-16-debuginfo-1.6.40-150600.3.6.1 * libpng16-devel-1.6.40-150600.3.6.1 * libpng16-tools-1.6.40-150600.3.6.1 * libpng16-16-1.6.40-150600.3.6.1 * libpng16-compat-devel-1.6.40-150600.3.6.1 * libpng16-tools-debuginfo-1.6.40-150600.3.6.1 * libpng16-debugsource-1.6.40-150600.3.6.1 * openSUSE Leap 15.6 (x86_64) * libpng16-16-32bit-debuginfo-1.6.40-150600.3.6.1 * libpng16-compat-devel-32bit-1.6.40-150600.3.6.1 * libpng16-devel-32bit-1.6.40-150600.3.6.1 * libpng16-16-32bit-1.6.40-150600.3.6.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libpng16-devel-64bit-1.6.40-150600.3.6.1 * libpng16-16-64bit-1.6.40-150600.3.6.1 * libpng16-16-64bit-debuginfo-1.6.40-150600.3.6.1 * libpng16-compat-devel-64bit-1.6.40-150600.3.6.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libpng16-16-debuginfo-1.6.40-150600.3.6.1 * libpng16-devel-1.6.40-150600.3.6.1 * libpng16-16-1.6.40-150600.3.6.1 * libpng16-compat-devel-1.6.40-150600.3.6.1 * libpng16-debugsource-1.6.40-150600.3.6.1 * Basesystem Module 15-SP7 (x86_64) * libpng16-16-32bit-debuginfo-1.6.40-150600.3.6.1 * libpng16-16-32bit-1.6.40-150600.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2026-22695.html * https://www.suse.com/security/cve/CVE-2026-22801.html * https://bugzilla.suse.com/show_bug.cgi?id=1256525 * https://bugzilla.suse.com/show_bug.cgi?id=1256526 . Update for openSUSE addresses moderate issues in libpng16 affecting multiple versions.. openSUSE libpng16 vulnerabilities update buffer over-read integer truncation. . LinuxSecurity.com Team
Jan 22, 2026
OpenSUSE
203
security advisoryimportantlibpngMageia 9: libpng Important Heap Buffer Over-Read Issues MGASA-2026-0010
MGASA-2026-0010 - Updated libpng packages fix security vulnerabilities. MGASA-2026-0010 - Updated libpng packages fix security vulnerabilities Publication date: 17 Jan 2026 URL: https://advisories.mageia.org/MGASA-2026-0010.html Type: security Affected Mageia releases: 9 CVE: CVE-2026-22695, CVE-2026-22801 Description: LIBPNG has a heap buffer over-read in png_image_read_direct_scaled (regression from CVE-2025-65018 fix). (CVE-2026-22695) LIBPNG has an integer truncation causing heap buffer over-read in png_image_write_*. (CVE-2026-22801) References: - https://bugs.mageia.org/show_bug.cgi?id=34986 - https://www.openwall.com/lists/oss-security/2026/01/12/7 - https://www.cve.org/CVERecord?id=CVE-2026-22695 - https://www.cve.org/CVERecord?id=CVE-2026-22801 SRPMS: - 9/core/libpng-1.6.38-1.3.mga9 . Updated libpng packages for Mageia fix critical flaws affecting security. Immediate action recommended for users.. Mageia, libpng, buffer overflow, security patches, integer truncation. . Severity: Important. LinuxSecurity.com Team
Jan 17, 2026
•Important
Mageia
203
security advisoryimportantsqlite3Mageia 9: Critical Integer Truncation Fix for sqlite3 MGASA-2025-0267
MGASA-2025-0267 - Updated sqlite3 packages fix security vulnerability. MGASA-2025-0267 - Updated sqlite3 packages fix security vulnerability Publication date: 07 Nov 2025 URL: https://advisories.mageia.org/MGASA-2025-0267.html Type: security Affected Mageia releases: 9 CVE: CVE-2025-6965 Description: Integer Truncation on SQLite. (CVE-2025-6965) References: - https://bugs.mageia.org/show_bug.cgi?id=34626 - https://www.openwall.com/lists/oss-security/2025/09/06/1 - https://www.cve.org/CVERecord?id=CVE-2025-6965 SRPMS: - 9/core/sqlite3-3.40.1-1.3.mga9 . Updated sqlite3 packages in Mageia fix an important integer truncation security issue involving CVE-2025-6965.. Mageia sqlite3 security patch integer truncation CVE-2025-6965. . Severity: Important. LinuxSecurity.com Team
Nov 07, 2025
•Important
Mageia
100
security advisorySuSEremote accessSUSE: sqlite3 Important Integer Truncation Vulnerability 2025:20674-1
* bsc#1246597 Cross-References: * CVE-2025-6965 . # Security update for sqlite3 Announcement ID: SUSE-SU-2025:20674-1 Release Date: 2025-09-09T10:20:07Z Rating: important References: * bsc#1246597 Cross-References: * CVE-2025-6965 CVSS scores: * CVE-2025-6965 ( SUSE ): 7.7 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L * CVE-2025-6965 ( NVD ): 7.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Green * CVE-2025-6965 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves one vulnerability can now be installed. ## Description: This update for sqlite3 fixes the following issues: * CVE-2025-6965: Fixed integer truncation (bsc#1246597). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-253=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * libsqlite3-0-debuginfo-3.50.2-slfo.1.1_1.1 * sqlite3-debugsource-3.50.2-slfo.1.1_1.1 * libsqlite3-0-3.50.2-slfo.1.1_1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-6965.html * https://bugzilla.suse.com/show_bug.cgi?id=1246597 . Critical security patch released for sqlite3 resolves integer overflow vulnerability; apply the update via zypper or YaST.. SUSE, sqlite3, security update, patch instructions, integer truncation. . Severity: Important. LinuxSecurity.com Team
Sep 10, 2025
•Important
SuSE
100
security advisorySuSEremote accessSUSE Linux Micro 6.0: Sqlite3 Important Integer Truncation CVE-2025-6965
* bsc#1246597 Cross-References: * CVE-2025-6965 . # Security update for sqlite3 Announcement ID: SUSE-SU-2025:20561-1 Release Date: 2025-08-20T11:41:17Z Rating: important References: * bsc#1246597 Cross-References: * CVE-2025-6965 CVSS scores: * CVE-2025-6965 ( SUSE ): 7.7 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L * CVE-2025-6965 ( NVD ): 7.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Green * CVE-2025-6965 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves one vulnerability can now be installed. ## Description: This update for sqlite3 fixes the following issues: * Update to 3.50.2: * Fix the concat_ws() SQL function so that it includes empty strings in the concatenation. * Avoid writing frames with no checksums into the wal file if a savepoint is rolled back after dirty pages have already been spilled into the wal file. * Fix the Bitvec object to avoid stack overflow when the database is within 60 pages of its maximum size. * Fix a problem with UPDATEs on fts5 tables that contain BLOB values. * Fix an issue with transitive IS constraints on a RIGHT JOIN. * CVE-2025-6965: Fixed Integer Truncation in SQLite (bsc#1246597) * Ensure that sqlite3_setlk_timeout() holds the database mutex. * Update to 3.50 (3.50.1): * Improved handling and robust output of control characters * sqlite3_rsync no longer requires WAL mode and needs less bandwidth * Bug fixes and optimized JSON handling * Performance optimizations and developer visible fixes * Update to release 3.49.2: * Fix a bug in the NOT NULL optimization of version 3.40.0 that can lead to a memory error if abused. * Fix the count-of-view optimization so that it does not give an incorrect answer for a DISTINCT query. * Fix a possible incorrect answer that canresult if a UNIQUE constraint of a table contains the PRIMARY KEY column and that UNIQUE constraint is used by an IN operator. * Fix obscure problems with the generate_series() extension function. * Incremental improvements to the configure/make. * Add subpackage for the lemon parser generator. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-428=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * libsqlite3-0-debuginfo-3.50.2-1.1 * sqlite3-debugsource-3.50.2-1.1 * libsqlite3-0-3.50.2-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-6965.html * https://bugzilla.suse.com/show_bug.cgi?id=1246597 . SUSE security notice regarding sqlite3 covering significant integer truncation vulnerabilities, notably CVE-2025-6966, assessed at a severity level of 7.8.. SUSE sqlite3 security integer truncation CVE-2025-6965 patch. . Severity: Important. LinuxSecurity.com Team
Aug 28, 2025
•Important
SuSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!