Explore top 10 tips to secure your open-source projects now. Read More
×An update that solves nine vulnerabilities can now be installed.. # Security update for php-composer2 Announcement ID: SUSE-SU-2026:3105-1 Release Date: 2026-07-17T13:32:58Z Rating: important References: * bsc#1271122 * bsc#1271129 * bsc#1271151 * bsc#1271504 Cross-References: * CVE-2024-35241 * CVE-2024-35242 * CVE-2025-67746 * CVE-2026-40176 * CVE-2026-40261 * CVE-2026-45793 * CVE-2026-59946 * CVE-2026-59947 * CVE-2026-59948 CVSS scores: * CVE-2024-35241 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-35241 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-35242 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-35242 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-67746 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-67746 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-67746 ( NVD ): 1.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-67746 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-40176 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-40176 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-40176 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-40261 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-40261 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-40261 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-45793 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2026-45793 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-59946 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-59946 ( SUSE ): 5.5CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2026-59946 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N * CVE-2026-59947 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-59947 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2026-59947 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2026-59948 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-59948 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-59948 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * Web and Scripting Module 15-SP7 An update that solves nine vulnerabilities can now be installed. ## Description: This update for php-composer2 fixes the following issues: * CVE-2026-45793: Github Actions issued `GITHUB_TOKEN` disclosure in GitHub Actions logs (bsc#1271504). * CVE-2026-59946: path traversal in package `bin` field lets dependencies `chmod` arbitrary host files (bsc#1271151). * CVE-2026-59947: URL-embedded HTTP-Basic username leaks to verbose logs (bsc#1271129). * CVE-2026-59948: arbitrary file write outside `vendor`directory via malicious transitive package name (bsc#1271122). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-3105=1 * Web and Scripting Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP7-2026-3105=1 * SUSE Linux Enterprise Server forSAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-3105=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-3105=1 ## Package List: * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch) * php-composer2-2.6.4-150600.3.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch) * php-composer2-2.6.4-150600.3.12.1 * Web and Scripting Module 15-SP7 (noarch) * php-composer2-2.6.4-150600.3.12.1 * openSUSE Leap 15.6 (noarch) * php-composer2-2.6.4-150600.3.12.1 ## References: * https://www.suse.com/security/cve/CVE-2024-35241.html * https://www.suse.com/security/cve/CVE-2024-35242.html * https://www.suse.com/security/cve/CVE-2025-67746.html * https://www.suse.com/security/cve/CVE-2026-40176.html * https://www.suse.com/security/cve/CVE-2026-40261.html * https://www.suse.com/security/cve/CVE-2026-45793.html * https://www.suse.com/security/cve/CVE-2026-59946.html * https://www.suse.com/security/cve/CVE-2026-59947.html * https://www.suse.com/security/cve/CVE-2026-59948.html * https://bugzilla.suse.com/show_bug.cgi?id=1271122 * https://bugzilla.suse.com/show_bug.cgi?id=1271129 * https://bugzilla.suse.com/show_bug.cgi?id=1271151 * https://bugzilla.suse.com/show_bug.cgi?id=1271504 . OpenSUSE has released important updates for php-composer2 addressing multiple vulnerabilities in the software package.. php composer update, opensuse security, important updates, package vulnerabilities. . Severity: Important. LinuxSecurity.com Team
The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-19141 http://linux.oracle.com/errata/ELSA-2026-19141.html The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network: x86_64: PackageKit-1.2.8-8.0.1.el10_2.x86_64.rpm PackageKit-command-not-found-1.2.8-8.0.1.el10_2.x86_64.rpm PackageKit-glib-1.2.8-8.0.1.el10_2.x86_64.rpm PackageKit-glib-devel-1.2.8-8.0.1.el10_2.x86_64.rpm PackageKit-gstreamer-plugin-1.2.8-8.0.1.el10_2.x86_64.rpm PackageKit-gtk3-module-1.2.8-8.0.1.el10_2.x86_64.rpm aarch64: PackageKit-1.2.8-8.0.1.el10_2.aarch64.rpm PackageKit-command-not-found-1.2.8-8.0.1.el10_2.aarch64.rpm PackageKit-glib-1.2.8-8.0.1.el10_2.aarch64.rpm PackageKit-glib-devel-1.2.8-8.0.1.el10_2.aarch64.rpm PackageKit-gstreamer-plugin-1.2.8-8.0.1.el10_2.aarch64.rpm PackageKit-gtk3-module-1.2.8-8.0.1.el10_2.aarch64.rpm SRPMS: http://oss.oracle.com/ol10/SRPMS-updates/PackageKit-1.2.8-8.0.1.el10_2.src.rpm Related CVEs: CVE-2026-41651 Description of changes: [1.2.8-8.0.1] - remove RHEL vendor patch PackageKit-0.3.8-RHEL-Vendor.conf.patch _______________________________________________ El-errata mailing list
Update to upstream release 0.13.0; update PyO3 to 0.29, fixing RUSTSEC-2026-0176 and RUSTSEC-2026-0177.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-8abedbcc4f 2026-07-16 01:28:35.510726+00:00 -------------------------------------------------------------------------------- Name : python-tiktoken Product : Fedora 43 Version : 0.13.0 Release : 2.fc43 URL : https://pypi.org/project/tiktoken/ Summary : tiktoken is a fast BPE tokeniser for use with OpenAI's models Description : tiktoken is a fast BPE tokeniser for use with OpenAI's models. -------------------------------------------------------------------------------- Update Information: Update to upstream release 0.13.0; update PyO3 to 0.29, fixing RUSTSEC-2026-0176 and RUSTSEC-2026-0177. -------------------------------------------------------------------------------- ChangeLog: * Mon Jul 6 2026 Benjamin A. Beasley - 0.13.0-2 - Update PyO3 to 0.29 - Fixes RUSTSEC-2026-0176 and RUSTSEC-2026-0177 * Mon Jul 6 2026 Benjamin A. Beasley - 0.13.0-1 - Update to 0.13.0 (close RHBZ#2477785) * Mon Jul 6 2026 Benjamin A. Beasley - 0.12.0-6 - Add a comment to justify not running the tests * Mon Jul 6 2026 Benjamin A. Beasley - 0.12.0-5 - Avoid installing duplicate license files * Mon Jul 6 2026 Benjamin A. Beasley - 0.12.0-4 - Improve/simplify handling of Rust dependency licenses * Wed Jun 3 2026 Python Maint - 0.12.0-3 - Rebuilt for Python 3.15 * Sat Jan 17 2026 Fedora Release Engineering - 0.12.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Tue Oct 7 2025 Lumir Balhar - 0.12.0-1 - Update to 0.12.0 (rhbz#2402015) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2477785 - python-tiktoken-0.13.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2477785 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-8abedbcc4f' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
An update that solves one vulnerability can now be installed.. # Security update for php8 Announcement ID: SUSE-SU-2026:2880-1 Release Date: 2026-07-13T09:39:59Z Rating: moderate References: * bsc#1270351 Cross-References: * CVE-2026-14355 CVSS scores: * CVE-2026-14355 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-14355 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2026-14355 ( NVD ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2026-14355 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.4 An update that solves one vulnerability can now be installed. ## Description: This update for php8 fixes the following issue * CVE-2026-14355: The AES-WRAP-PAD algorithm implementation in OpenSSL extension contains a buffer allocation flaw (bsc#1270351). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2880=1 ## Package List: * openSUSE Leap 15.4 (aarch64 i586 ppc64le s390x x86_64) * php8-bcmath-debuginfo-8.0.30-150400.4.68.1 * php8-zip-debuginfo-8.0.30-150400.4.68.1 * php8-mysql-8.0.30-150400.4.68.1 * php8-pcntl-8.0.30-150400.4.68.1 * php8-bcmath-8.0.30-150400.4.68.1 * php8-embed-debuginfo-8.0.30-150400.4.68.1 * apache2-mod_php8-8.0.30-150400.4.68.1 * php8-openssl-debuginfo-8.0.30-150400.4.68.1 * php8-opcache-debuginfo-8.0.30-150400.4.68.1 * php8-sockets-debuginfo-8.0.30-150400.4.68.1 * php8-fileinfo-8.0.30-150400.4.68.1 * php8-phar-8.0.30-150400.4.68.1 * php8-ctype-debuginfo-8.0.30-150400.4.68.1 * php8-ftp-debuginfo-8.0.30-150400.4.68.1 * php8-fileinfo-debuginfo-8.0.30-150400.4.68.1 * php8-fpm-debuginfo-8.0.30-150400.4.68.1 *php8-bz2-debuginfo-8.0.30-150400.4.68.1 * php8-readline-debuginfo-8.0.30-150400.4.68.1 * php8-tidy-8.0.30-150400.4.68.1 * php8-phar-debuginfo-8.0.30-150400.4.68.1 * php8-calendar-8.0.30-150400.4.68.1 * php8-gettext-debuginfo-8.0.30-150400.4.68.1 * php8-xsl-8.0.30-150400.4.68.1 * php8-fastcgi-debugsource-8.0.30-150400.4.68.1 * php8-gmp-debuginfo-8.0.30-150400.4.68.1 * php8-shmop-debuginfo-8.0.30-150400.4.68.1 * php8-posix-debuginfo-8.0.30-150400.4.68.1 * php8-readline-8.0.30-150400.4.68.1 * php8-bz2-8.0.30-150400.4.68.1 * php8-debuginfo-8.0.30-150400.4.68.1 * php8-sysvmsg-debuginfo-8.0.30-150400.4.68.1 * php8-sysvshm-8.0.30-150400.4.68.1 * php8-zip-8.0.30-150400.4.68.1 * php8-pcntl-debuginfo-8.0.30-150400.4.68.1 * php8-enchant-debuginfo-8.0.30-150400.4.68.1 * php8-opcache-8.0.30-150400.4.68.1 * php8-test-8.0.30-150400.4.68.1 * php8-ldap-8.0.30-150400.4.68.1 * php8-tokenizer-8.0.30-150400.4.68.1 * php8-pdo-debuginfo-8.0.30-150400.4.68.1 * php8-sodium-debuginfo-8.0.30-150400.4.68.1 * php8-curl-debuginfo-8.0.30-150400.4.68.1 * php8-devel-8.0.30-150400.4.68.1 * php8-sqlite-debuginfo-8.0.30-150400.4.68.1 * apache2-mod_php8-debuginfo-8.0.30-150400.4.68.1 * php8-dba-8.0.30-150400.4.68.1 * php8-sockets-8.0.30-150400.4.68.1 * php8-calendar-debuginfo-8.0.30-150400.4.68.1 * php8-sysvsem-8.0.30-150400.4.68.1 * php8-xmlreader-debuginfo-8.0.30-150400.4.68.1 * php8-xmlwriter-debuginfo-8.0.30-150400.4.68.1 * php8-gd-debuginfo-8.0.30-150400.4.68.1 * php8-ftp-8.0.30-150400.4.68.1 * php8-enchant-8.0.30-150400.4.68.1 * php8-odbc-8.0.30-150400.4.68.1 * php8-pgsql-8.0.30-150400.4.68.1 * php8-soap-8.0.30-150400.4.68.1 * php8-dba-debuginfo-8.0.30-150400.4.68.1 * php8-gettext-8.0.30-150400.4.68.1 * php8-ctype-8.0.30-150400.4.68.1 * php8-snmp-8.0.30-150400.4.68.1 * php8-dom-debuginfo-8.0.30-150400.4.68.1 * php8-tidy-debuginfo-8.0.30-150400.4.68.1 *php8-tokenizer-debuginfo-8.0.30-150400.4.68.1 * php8-snmp-debuginfo-8.0.30-150400.4.68.1 * php8-dom-8.0.30-150400.4.68.1 * php8-xmlwriter-8.0.30-150400.4.68.1 * apache2-mod_php8-debugsource-8.0.30-150400.4.68.1 * php8-sysvsem-debuginfo-8.0.30-150400.4.68.1 * php8-xmlreader-8.0.30-150400.4.68.1 * php8-fastcgi-debuginfo-8.0.30-150400.4.68.1 * php8-pgsql-debuginfo-8.0.30-150400.4.68.1 * php8-sysvmsg-8.0.30-150400.4.68.1 * php8-xsl-debuginfo-8.0.30-150400.4.68.1 * php8-openssl-8.0.30-150400.4.68.1 * php8-fastcgi-8.0.30-150400.4.68.1 * php8-shmop-8.0.30-150400.4.68.1 * php8-8.0.30-150400.4.68.1 * php8-fpm-debugsource-8.0.30-150400.4.68.1 * php8-debugsource-8.0.30-150400.4.68.1 * php8-exif-8.0.30-150400.4.68.1 * php8-iconv-debuginfo-8.0.30-150400.4.68.1 * php8-odbc-debuginfo-8.0.30-150400.4.68.1 * php8-sqlite-8.0.30-150400.4.68.1 * php8-zlib-8.0.30-150400.4.68.1 * php8-sysvshm-debuginfo-8.0.30-150400.4.68.1 * php8-fpm-8.0.30-150400.4.68.1 * php8-sodium-8.0.30-150400.4.68.1 * php8-embed-8.0.30-150400.4.68.1 * php8-soap-debuginfo-8.0.30-150400.4.68.1 * php8-embed-debugsource-8.0.30-150400.4.68.1 * php8-exif-debuginfo-8.0.30-150400.4.68.1 * php8-mysql-debuginfo-8.0.30-150400.4.68.1 * php8-intl-debuginfo-8.0.30-150400.4.68.1 * php8-cli-8.0.30-150400.4.68.1 * php8-iconv-8.0.30-150400.4.68.1 * php8-ldap-debuginfo-8.0.30-150400.4.68.1 * php8-curl-8.0.30-150400.4.68.1 * php8-intl-8.0.30-150400.4.68.1 * php8-posix-8.0.30-150400.4.68.1 * php8-gmp-8.0.30-150400.4.68.1 * php8-gd-8.0.30-150400.4.68.1 * php8-mbstring-8.0.30-150400.4.68.1 * php8-zlib-debuginfo-8.0.30-150400.4.68.1 * php8-cli-debuginfo-8.0.30-150400.4.68.1 * php8-pdo-8.0.30-150400.4.68.1 * php8-mbstring-debuginfo-8.0.30-150400.4.68.1 ## References: * https://www.suse.com/security/cve/CVE-2026-14355.html * https://bugzilla.suse.com/show_bug.cgi?id=1270351 . # Security update for php8Announcement ID: SUSE-SU-2026:2880-1 Release Date: 2026-07-13T09:39:59Z R. update, solves, vulnerability, installed, security, announcemen. . Severity: Medium. LinuxSecurity.com Team
An update that solves 21 vulnerabilities can now be installed.. # Security update for the Linux Kernel (Live Patch 44 for SUSE Linux Enterprise 15 SP4) Announcement ID: SUSE-SU-2026:2889-1 Release Date: 2026-07-13T10:20:19Z Rating: important References: * bsc#1256615 * bsc#1260524 * bsc#1262759 * bsc#1263118 * bsc#1263177 * bsc#1263670 * bsc#1264094 * bsc#1264252 * bsc#1264253 * bsc#1264849 * bsc#1265127 * bsc#1265197 * bsc#1265945 * bsc#1266015 * bsc#1266265 * bsc#1267206 * bsc#1267698 * bsc#1267723 * bsc#1267893 * bsc#1268662 * bsc#1269023 Cross-References: * CVE-2025-71089 * CVE-2026-23393 * CVE-2026-31533 * CVE-2026-31570 * CVE-2026-31586 * CVE-2026-31685 * CVE-2026-31758 * CVE-2026-43025 * CVE-2026-43027 * CVE-2026-43037 * CVE-2026-43190 * CVE-2026-43437 * CVE-2026-43494 * CVE-2026-43501 * CVE-2026-45970 * CVE-2026-46120 * CVE-2026-46173 * CVE-2026-46227 * CVE-2026-46243 * CVE-2026-52909 * CVE-2026-52943 CVSS scores: * CVE-2025-71089 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-71089 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71089 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2025-71089 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23393 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23393 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23393 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31533 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31533 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31533 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31570 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:H/SI:N/SA:N * CVE-2026-31570 ( SUSE ): 7.0CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31570 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31586 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31586 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31586 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31685 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31685 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31685 ( NVD ): 9.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H * CVE-2026-31758 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31758 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31758 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43025 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43025 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H * CVE-2026-43027 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43027 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43037 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43037 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43037 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43037 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43190 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43190 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-43190 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-43437 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43437 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43437 ( NVD ): 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43494 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43494 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43494 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43494 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43501 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-43501 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-43501 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43501 ( NVD ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45970 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-45970 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45970 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46120 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46120 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46173 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46173 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46227 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46227 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46227 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46227 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46243 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46243 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46243 ( NVD ): 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-52909 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-52909 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-52909 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-52943 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-52943 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-52943 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-52943 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves 21 vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 5.14.21-150400.24.176 fixes various security issues The following security issues were fixed: * CVE-2025-71089: iommu: disable SVA when CONFIG_X86 is set (bsc#1256615). * CVE-2026-23393: bridge: cfm: Fix race condition in peer_mep deletion (bsc#1260524). * CVE-2026-31533: net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption (bsc#1262759). * CVE-2026-31570: can: gw: fix OOB heap access in cgw_csum_crc8_rel() (bsc#1263118). * CVE-2026-31586: mm: blk-cgroup: fix use-after-free in cgwb_release_workfn() (bsc#1263177). * CVE-2026-31685: netfilter: ip6t_eui64: reject invalid MAC header for all packets (bsc#1263670). * CVE-2026-31758: usb: usbtmc: Flush anchored URBs in usbtmc_release (bsc#1264094). * CVE-2026-43025: netfilter: ctnetlink: ignore explicithelper on new expectations (bsc#1264253). * CVE-2026-43027: netfilter: nf_conntrack_helper: pass helper to expect cleanup (bsc#1264252). * CVE-2026-43037: ip6_tunnel: clear skb2-> cb[] in ip4ip6_err() (bsc#1265197). * CVE-2026-43190: netfilter: xt_tcpmss: check remaining length before reading optlen (bsc#1264849). * CVE-2026-43437: ALSA: pcm: fix use-after-free on linked stream runtime in snd_pcm_drain() (bsc#1265127). * CVE-2026-43494: RDS zerocopy attack aka PinTheft (bsc#1265945). * CVE-2026-43501: ipv6: rpl: reserve mac_len headroom when recompressed SRH grows (bsc#1266015). * CVE-2026-45970: bonding: alb: fix UAF in rlb_arp_recv during bond up/down (bsc#1267206). * CVE-2026-46120: ip6_gre: Use cached t-> net in ip6erspan_changelink() (bsc#1267893). * CVE-2026-46173: exit: prevent preemption of oopsing TASK_DEAD task (bsc#1267723). * CVE-2026-46227: sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL (bsc#1267698). * CVE-2026-46243: smb: client: reject userspace cifs.spnego descriptions (CIFSwitch) (bsc#1266265). * CVE-2026-52909: ip6_vti: set netns_immutable on the fallback device (bsc#1268662). * CVE-2026-52943: net: skbuff: fix missing zerocopy reference in pskb_carve helpers (bsc#1269023). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2026-2889=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2889=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_44-debugsource-16-150400.2.1 * kernel-livepatch-5_14_21-150400_24_176-default-16-150400.2.1 * kernel-livepatch-5_14_21-150400_24_176-default-debuginfo-16-150400.2.1 * openSUSE Leap 15.4 (ppc64le s390xx86_64) * kernel-livepatch-SLE15-SP4_Update_44-debugsource-16-150400.2.1 * kernel-livepatch-5_14_21-150400_24_176-default-debuginfo-16-150400.2.1 * kernel-livepatch-5_14_21-150400_24_176-default-16-150400.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-71089.html * https://www.suse.com/security/cve/CVE-2026-23393.html * https://www.suse.com/security/cve/CVE-2026-31533.html * https://www.suse.com/security/cve/CVE-2026-31570.html * https://www.suse.com/security/cve/CVE-2026-31586.html * https://www.suse.com/security/cve/CVE-2026-31685.html * https://www.suse.com/security/cve/CVE-2026-31758.html * https://www.suse.com/security/cve/CVE-2026-43025.html * https://www.suse.com/security/cve/CVE-2026-43027.html * https://www.suse.com/security/cve/CVE-2026-43037.html * https://www.suse.com/security/cve/CVE-2026-43190.html * https://www.suse.com/security/cve/CVE-2026-43437.html * https://www.suse.com/security/cve/CVE-2026-43494.html * https://www.suse.com/security/cve/CVE-2026-43501.html * https://www.suse.com/security/cve/CVE-2026-45970.html * https://www.suse.com/security/cve/CVE-2026-46120.html * https://www.suse.com/security/cve/CVE-2026-46173.html * https://www.suse.com/security/cve/CVE-2026-46227.html * https://www.suse.com/security/cve/CVE-2026-46243.html * https://www.suse.com/security/cve/CVE-2026-52909.html * https://www.suse.com/security/cve/CVE-2026-52943.html * https://bugzilla.suse.com/show_bug.cgi?id=1256615 * https://bugzilla.suse.com/show_bug.cgi?id=1260524 * https://bugzilla.suse.com/show_bug.cgi?id=1262759 * https://bugzilla.suse.com/show_bug.cgi?id=1263118 * https://bugzilla.suse.com/show_bug.cgi?id=1263177 * https://bugzilla.suse.com/show_bug.cgi?id=1263670 * https://bugzilla.suse.com/show_bug.cgi?id=1264094 * https://bugzilla.suse.com/show_bug.cgi?id=1264252 * https://bugzilla.suse.com/show_bug.cgi?id=1264253 * https://bugzilla.suse.com/show_bug.cgi?id=1264849 *https://bugzilla.suse.com/show_bug.cgi?id=1265127 * https://bugzilla.suse.com/show_bug.cgi?id=1265197 * https://bugzilla.suse.com/show_bug.cgi?id=1265945 * https://bugzilla.suse.com/show_bug.cgi?id=1266015 * https://bugzilla.suse.com/show_bug.cgi?id=1266265 * https://bugzilla.suse.com/show_bug.cgi?id=1267206 * https://bugzilla.suse.com/show_bug.cgi?id=1267698 * https://bugzilla.suse.com/show_bug.cgi?id=1267723 * https://bugzilla.suse.com/show_bug.cgi?id=1267893 * https://bugzilla.suse.com/show_bug.cgi?id=1268662 * https://bugzilla.suse.com/show_bug.cgi?id=1269023 . # Security update for the Linux Kernel (Live Patch 44 for SUSE Linux Enterprise 15 SP4) Announcement. update, solves, vulnerabilities, installed, security, linux, kerne. . Severity: Important. LinuxSecurity.com Team
The following updated rpms for have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-50351 http://linux.oracle.com/errata/ELSA-2026-50351.html The following updated rpms for have been uploaded to the Unbreakable LinuxNetwork: x86_64: kernel-uek-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-core-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-devel-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-doc-6.12.0-203.76.7.6.el10uek.noarch.rpm kernel-uek-modules-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-modules-core-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-modules-deprecated-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-modules-desktop-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-modules-extra-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-modules-extra-netfilter-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-modules-usb-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-modules-wireless-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-tools-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-debug-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-debug-core-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-debug-devel-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-debug-modules-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-debug-modules-core-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-debug-modules-deprecated-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-debug-modules-desktop-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-debug-modules-extra-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-debug-modules-extra-netfilter-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-debug-modules-usb-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-debug-modules-wireless-6.12.0-203.76.7.6.el10uek.x86_64.rpm aarch64: kernel-uek-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-core-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-devel-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-doc-6.12.0-203.76.7.6.el10uek.noarch.rpm kernel-uek-modules-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-modules-core-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-modules-deprecated-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-modules-desktop-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-modules-extra-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-modules-extra-netfilter-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-modules-usb-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-modules-wireless-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-tools-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-debug-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-debug-core-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-debug-devel-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-debug-modules-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-debug-modules-core-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-debug-modules-deprecated-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-debug-modules-desktop-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-debug-modules-extra-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-debug-modules-extra-netfilter-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-debug-modules-usb-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-debug-modules-wireless-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek64k-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek64k-core-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek64k-devel-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek64k-modules-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek64k-modules-core-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek64k-modules-deprecated-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek64k-modules-desktop-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek64k-modules-extra-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek64k-modules-extra-netfilter-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek64k-modules-usb-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek64k-modules-wireless-6.12.0-203.76.7.6.el10uek.aarch64.rpm SRPMS: http://oss.oracle.com/ol10/SRPMS-updates/kernel-uek-6.12.0-203.76.7.6.el10uek.src.rpm Related CVEs: CVE-2026-52943 Description of changes: [6.12.0-203.76.7.6] - net: skbuff: fix missing zerocopy reference in pskb_carve helpers (Minh Nguyen) [Orabug: 39639984] {CVE-2026-52943} _______________________________________________ El-errata mailing list
An update that solves one vulnerability can now be installed.. # agama-web-ui-22+143.ee15dea20-46.1 on GA media Announcement ID: openSUSE-SU-2026:11128-1 Rating: moderate Cross-References: * CVE-2026-34077 CVSS scores: * CVE-2026-34077 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * openSUSE Tumbleweed An update that solves one vulnerability can now be installed. ## Description: These are all security issues fixed in the agama-web-ui-22+143.ee15dea20-46.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * agama-web-ui 22+143.ee15dea20-46.1 ## References: * https://www.suse.com/security/cve/CVE-2026-34077.html . An agama-web-ui update addresses a moderate risk vulnerability in openSUSE. Learn more about the security advisory details.. openSUSE updates, agama-web-ui security, moderate risk issue, vulnerability details. . Severity: moderate. LinuxSecurity.com Team
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-21381 http://linux.oracle.com/errata/ELSA-2026-21381.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: thunderbird-140.11.0-1.0.1.el9_8.x86_64.rpm aarch64: thunderbird-140.11.0-1.0.1.el9_8.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/thunderbird-140.11.0-1.0.1.el9_8.src.rpm Related CVEs: CVE-2026-8388 CVE-2026-8391 CVE-2026-8401 CVE-2026-8946 CVE-2026-8947 CVE-2026-8950 CVE-2026-8953 CVE-2026-8954 CVE-2026-8955 CVE-2026-8956 CVE-2026-8957 CVE-2026-8958 CVE-2026-8959 CVE-2026-8961 CVE-2026-8962 CVE-2026-8968 CVE-2026-8970 CVE-2026-8974 CVE-2026-8975 Description of changes: [140.11.0-1.0.1] - Fix prefs for new nss [Orabug: 37079813] - Add Oracle prefs [140.11.0] - Add OpenELA debranding [140.11.0-1] - Update to 140.11.0 ESR [140.10.1-1] - Update to 140.10.1 ESR _______________________________________________ El-errata mailing list
Get the latest Linux and open source security news straight to your inbox.