Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 496
Alerts This Week
Warning Icon 1 496

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 104 articles for you...
217

Oracle Linux 9 libxslt Moderate Memory Leak Fix ELSA-2026-28243

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-28243 http://linux.oracle.com/errata/ELSA-2026-28243.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: libxslt-1.1.34-14.0.1.el9_8.1.i686.rpm libxslt-1.1.34-14.0.1.el9_8.1.x86_64.rpm libxslt-devel-1.1.34-14.0.1.el9_8.1.i686.rpm libxslt-devel-1.1.34-14.0.1.el9_8.1.x86_64.rpm aarch64: libxslt-1.1.34-14.0.1.el9_8.1.aarch64.rpm libxslt-devel-1.1.34-14.0.1.el9_8.1.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/libxslt-1.1.34-14.0.1.el9_8.1.src.rpm Related CVEs: CVE-2025-10911 Description of changes: [1.1.34-14.0.1.el9_8.1] - Fix memory leak in exclPrefixPush [Orabug: 37871881] - Added libxslt-oracle-enterprise.patch and replaced doc/redhat.gif in tarball [1.1.34-14.1] - Fix CVE-2025-10911 (RHEL-171991) [1.1.34-14.1] - Fix upgrade path for CVE-2023-40403 (RHEL-82213) [1.1.34-12.1] - Fix CVE-2023-40403 (RHEL-82213) [1.1.34-12] - Include alloc changes into previous patch (RHEL-83514) [1.1.34-11] - Fix CVE-2024-55549 (RHEL-83514) [1.1.34-10] - Fix CVE-2025-24855 (RHEL-83500) _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux 9 security advisory for libxslt addressing memory leaks and related CVEs. Updates are available now.. Oracle Linux 9, libxslt update, security advisory, ELSA-2026-28243. . Severity: moderate. LinuxSecurity.com Team

Calendar%202 Jun 26, 2026 moderate Oracle
219

Rocky Linux libxslt Moderate Security Fix RLSA-2026-28584 CVE-2025-10911

Moderate: libxslt security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:28584", "synopsis": "Moderate: libxslt security update", "severity": "SEVERITY_MODERATE", "topic": "An update is available for libxslt.\nThis update affects Rocky Linux 10.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "libxslt is a library for transforming XML files into other textual formats (including HTML, plain text, and other XML representations of the underlying data) using the standard XSLT stylesheet transformation mechanism. \n\nSecurity Fix(es):\n\n* libxslt: use-after-free with key data stored cross-RVT (CVE-2025-10911)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 10"], "fixes": [{"ticket": "2397838", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2397838", "description": ""}], "cves": [{"name": "CVE-2025-10911", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10911", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "cvss3BaseScore": "5.5", "cwe": "CWE-825"}], "references": [], "publishedAt": "2026-06-25T12:05:27.708216Z", "rpms": {"Rocky Linux 10": {"nvras": ["libxslt-0:1.1.39-8.el10_2.1.s390x.rpm", "libxslt-debugsource-0:1.1.39-8.el10_2.1.s390x.rpm", "libxslt-0:1.1.39-8.el10_2.1.aarch64.rpm", "libxslt-debuginfo-0:1.1.39-8.el10_2.1.x86_64.rpm", "libxslt-debugsource-0:1.1.39-8.el10_2.1.aarch64.rpm", "libxslt-0:1.1.39-8.el10_2.1.x86_64.rpm", "libxslt-debuginfo-0:1.1.39-8.el10_2.1.aarch64.rpm", "libxslt-debugsource-0:1.1.39-8.el10_2.1.x86_64.rpm", "libxslt-debugsource-0:1.1.39-8.el10_2.1.ppc64le.rpm", "libxslt-debuginfo-0:1.1.39-8.el10_2.1.s390x.rpm", "libxslt-0:1.1.39-8.el10_2.1.src.rpm","libxslt-debuginfo-0:1.1.39-8.el10_2.1.ppc64le.rpm", "libxslt-devel-0:1.1.39-8.el10_2.1.x86_64.rpm", "libxslt-devel-0:1.1.39-8.el10_2.1.s390x.rpm", "libxslt-devel-0:1.1.39-8.el10_2.1.ppc64le.rpm", "libxslt-0:1.1.39-8.el10_2.1.ppc64le.rpm", "libxslt-devel-0:1.1.39-8.el10_2.1.aarch64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Rocky Linux libxslt receives moderate security update addressing use-after-free issue. Get detailed information now.. Rocky Linux security update, libxslt issue, moderate CVE 2025-10911. . Severity: moderate. LinuxSecurity.com Team

Calendar%202 Jun 25, 2026 moderate Rocky Linux
219

Rocky Linux RLSA-2026-28243 libxslt Moderate Update Use-After-Free

Moderate: libxslt security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:28243", "synopsis": "Moderate: libxslt security update", "severity": "SEVERITY_MODERATE", "topic": "An update is available for libxslt.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "libxslt is a library for transforming XML files into other textual formats (including HTML, plain text, and other XML representations of the underlying data) using the standard XSLT stylesheet transformation mechanism. \n\nSecurity Fix(es):\n\n* libxslt: use-after-free with key data stored cross-RVT (CVE-2025-10911)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9"], "fixes": [{"ticket": "2397838", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2397838", "description": ""}], "cves": [{"name": "CVE-2025-10911", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10911", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "cvss3BaseScore": "5.5", "cwe": "CWE-825"}], "references": [], "publishedAt": "2026-06-24T06:03:14.237933Z", "rpms": {"Rocky Linux 9": {"nvras": ["libxslt-0:1.1.34-14.el9_7.1.aarch64.rpm", "libxslt-0:1.1.34-14.el9_7.1.i686.rpm", "libxslt-0:1.1.34-14.el9_7.1.ppc64le.rpm", "libxslt-0:1.1.34-14.el9_7.1.s390x.rpm", "libxslt-0:1.1.34-14.el9_7.1.src.rpm", "libxslt-0:1.1.34-14.el9_7.1.x86_64.rpm", "libxslt-debuginfo-0:1.1.34-14.el9_7.1.aarch64.rpm", "libxslt-debuginfo-0:1.1.34-14.el9_7.1.i686.rpm", "libxslt-debuginfo-0:1.1.34-14.el9_7.1.ppc64le.rpm", "libxslt-debuginfo-0:1.1.34-14.el9_7.1.s390x.rpm", "libxslt-debuginfo-0:1.1.34-14.el9_7.1.x86_64.rpm","libxslt-debugsource-0:1.1.34-14.el9_7.1.aarch64.rpm", "libxslt-debugsource-0:1.1.34-14.el9_7.1.i686.rpm", "libxslt-debugsource-0:1.1.34-14.el9_7.1.ppc64le.rpm", "libxslt-debugsource-0:1.1.34-14.el9_7.1.s390x.rpm", "libxslt-debugsource-0:1.1.34-14.el9_7.1.x86_64.rpm", "libxslt-devel-0:1.1.34-14.el9_7.1.aarch64.rpm", "libxslt-devel-0:1.1.34-14.el9_7.1.i686.rpm", "libxslt-devel-0:1.1.34-14.el9_7.1.ppc64le.rpm", "libxslt-devel-0:1.1.34-14.el9_7.1.s390x.rpm", "libxslt-devel-0:1.1.34-14.el9_7.1.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Moderate libxslt update for Rocky Linux addresses use-after-free issue with CVE-2025-10911. Crucial patch recommendation.. libxslt update, Rocky Linux security, security patch, CVE-2025-10911, use-after-free. . Severity: moderate. LinuxSecurity.com Team

Calendar%202 Jun 24, 2026 moderate Rocky Linux
100

SUSE Linux Enterprise 12 SP5 Moderate libxslt Info Leak Patch 2026-2585-1

An update that solves one vulnerability can now be installed.. # Security update for libxslt Announcement ID: SUSE-SU-2026:2585-1 Release Date: 2026-06-23T13:28:00Z Rating: moderate References: * bsc#1238591 Cross-References: * CVE-2023-40403 CVSS scores: * CVE-2023-40403 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2023-40403 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for libxslt fixes the following issue * CVE-2023-40403: Processing web content may disclose sensitive information (bsc#1238591). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-2585=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libxslt1-32bit-1.1.28-17.24.1 * libxslt1-1.1.28-17.24.1 * libxslt-devel-1.1.28-17.24.1 * libxslt-tools-1.1.28-17.24.1 * libxslt-tools-debuginfo-1.1.28-17.24.1 * libxslt1-debuginfo-1.1.28-17.24.1 * libxslt1-debuginfo-32bit-1.1.28-17.24.1 * libxslt-debugsource-1.1.28-17.24.1 ## References: * https://www.suse.com/security/cve/CVE-2023-40403.html * https://bugzilla.suse.com/show_bug.cgi?id=1238591 . SUSE Linux update fixes a moderate issue in libxslt allowing potential information disclosure. Install to mitigate risk.. SUSE Linux, libxslt Security, moderate update, information disclosure, security patch. . Severity: moderate. LinuxSecurity.com Team

Calendar%202 Jun 23, 2026 moderate SuSE
217

Oracle Linux 8 libxslt Moderate DoS Advisory ELSA-2026-26355

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-26355 http://linux.oracle.com/errata/ELSA-2026-26355.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: libxslt-1.1.32-6.4.0.1.el8_10.i686.rpm libxslt-1.1.32-6.4.0.1.el8_10.x86_64.rpm libxslt-devel-1.1.32-6.4.0.1.el8_10.i686.rpm libxslt-devel-1.1.32-6.4.0.1.el8_10.x86_64.rpm aarch64: libxslt-1.1.32-6.4.0.1.el8_10.aarch64.rpm libxslt-devel-1.1.32-6.4.0.1.el8_10.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/libxslt-1.1.32-6.4.0.1.el8_10.src.rpm Related CVEs: CVE-2025-10911 Description of changes: [1.1.32-6.4.0.1] - Added libxslt-oracle-enterprise.patch and replaced doc/redhat.gif in tarball [1.1.32-6.4] - Fix CVE-2025-10911 (RHEL-171739) _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux 8 has released an advisory for libxslt with moderate severity. Update details and patch available.. Oracle Linux libxslt advisory moderate CVE-2025-10911. . Severity: moderate. LinuxSecurity.com Team

Calendar%202 Jun 18, 2026 moderate Oracle
219

Rocky Linux 9 RLSA-2026-6401 libxml Moderate Vulnerability Discovered

Moderate: libxslt security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:6266", "synopsis": "Moderate: libxslt security update", "severity": "SEVERITY_MODERATE", "topic": "An update is available for libxslt.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "libxslt is a library for transforming XML files into other textual formats (including HTML, plain text, and other XML representations of the underlying data) using the standard XSLT stylesheet transformation mechanism. \n\nSecurity Fix(es):\n\n* libxslt: Processing web content may disclose sensitive information (CVE-2023-40403)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9"], "fixes": [{"ticket": "2349766", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2349766", "description": ""}], "cves": [{"name": "CVE-2023-40403", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2023-40403", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "cvss3BaseScore": "6.5", "cwe": "CWE-200"}], "references": [], "publishedAt": "2026-04-07T12:03:55.701474Z", "rpms": {"Rocky Linux 9": {"nvras": ["libxslt-0:1.1.34-14.el9_7.1.aarch64.rpm", "libxslt-0:1.1.34-14.el9_7.1.i686.rpm", "libxslt-0:1.1.34-14.el9_7.1.ppc64le.rpm", "libxslt-0:1.1.34-14.el9_7.1.s390x.rpm", "libxslt-0:1.1.34-14.el9_7.1.src.rpm", "libxslt-0:1.1.34-14.el9_7.1.x86_64.rpm", "libxslt-debuginfo-0:1.1.34-14.el9_7.1.aarch64.rpm", "libxslt-debuginfo-0:1.1.34-14.el9_7.1.i686.rpm", "libxslt-debuginfo-0:1.1.34-14.el9_7.1.ppc64le.rpm", "libxslt-debuginfo-0:1.1.34-14.el9_7.1.s390x.rpm", "libxslt-debuginfo-0:1.1.34-14.el9_7.1.x86_64.rpm","libxslt-debugsource-0:1.1.34-14.el9_7.1.aarch64.rpm", "libxslt-debugsource-0:1.1.34-14.el9_7.1.i686.rpm", "libxslt-debugsource-0:1.1.34-14.el9_7.1.ppc64le.rpm", "libxslt-debugsource-0:1.1.34-14.el9_7.1.s390x.rpm", "libxslt-debugsource-0:1.1.34-14.el9_7.1.x86_64.rpm", "libxslt-devel-0:1.1.34-14.el9_7.1.aarch64.rpm", "libxslt-devel-0:1.1.34-14.el9_7.1.i686.rpm", "libxslt-devel-0:1.1.34-14.el9_7.1.ppc64le.rpm", "libxslt-devel-0:1.1.34-14.el9_7.1.s390x.rpm", "libxslt-devel-0:1.1.34-14.el9_7.1.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. A moderate libxslt security update is now available for Rocky Linux 9. Update to prevent information disclosure risks.. libxslt security update, Rocky Linux advisory, CVE-2023-40403. . LinuxSecurity.com Team

Calendar%202 Apr 07, 2026 Rocky Linux
217

Oracle Linux 9 ELSA-2026-6266 libxslt Moderate Memory Leak Fix

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-6266 http://linux.oracle.com/errata/ELSA-2026-6266.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: libxslt-1.1.34-14.0.1.el9_7.1.i686.rpm libxslt-1.1.34-14.0.1.el9_7.1.x86_64.rpm libxslt-devel-1.1.34-14.0.1.el9_7.1.i686.rpm libxslt-devel-1.1.34-14.0.1.el9_7.1.x86_64.rpm aarch64: libxslt-1.1.34-14.0.1.el9_7.1.aarch64.rpm libxslt-devel-1.1.34-14.0.1.el9_7.1.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/libxslt-1.1.34-14.0.1.el9_7.1.src.rpm Related CVEs: CVE-2023-40403 Description of changes: [1.1.34-14.0.1.el9_7.1] - Fix memory leak in exclPrefixPush [Orabug: 37871881] - Added libxslt-oracle-enterprise.patch and replaced doc/redhat.gif in tarball [1.1.34-14.1] - Fix upgrade path for CVE-2023-40403 (RHEL-82213) [1.1.34-12.1] - Fix CVE-2023-40403 (RHEL-82213) [1.1.34-12] - Include alloc changes into previous patch (RHEL-83514) [1.1.34-11] - Fix CVE-2024-55549 (RHEL-83514) [1.1.34-10] - Fix CVE-2025-24855 (RHEL-83500) _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux 9 libxslt update addresses memory leak and CVE-2023-40403. Important patch for security enhancements.. Oracle Linux libxslt update memory leak CVE-2023-40403. . LinuxSecurity.com Team

Calendar%202 Apr 01, 2026 Oracle
100

SUSE Linux Micro 6.2 Libxml2 Libxslt Moderate Resource Issues 2026-20647-1

An update that solves five vulnerabilities and has eight fixes can now be installed.. # Security update for libxml2, libxslt Announcement ID: SUSE-SU-2026:20647-1 Release Date: 2026-03-04T10:48:20Z Rating: moderate References: * bsc#1247850 * bsc#1247858 * bsc#1250553 * bsc#1256804 * bsc#1256807 * bsc#1256808 * bsc#1256809 * bsc#1256810 * bsc#1256811 * bsc#1256812 * bsc#1257593 * bsc#1257594 * bsc#1257595 Cross-References: * CVE-2025-10911 * CVE-2025-8732 * CVE-2026-0990 * CVE-2026-0992 * CVE-2026-1757 CVSS scores: * CVE-2025-10911 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-10911 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-10911 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-8732 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-8732 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-8732 ( NVD ): 1.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-8732 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-0990 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-0990 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-0990 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-0992 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-0992 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-0992 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-1757 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-1757 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-1757 ( NVD ): 6.2CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.2 An update that solves five vulnerabilities and has eight fixes can now be installed. ## Description: This update for libxml2, libxslt fixes the following issues: Changes in libxml2: * CVE-2026-0990: call stack overflow may lead to application crash due to infinite recursion in `xmlCatalogXMLResolveURI` (bsc#1256807, bsc#1256811). * CVE-2026-0992: excessive resource consumption when processing XML catalogs due to exponential behavior when handling `nextCatalog` elements (bsc#1256809, bsc#1256812). * CVE-2025-8732: infinite recursion in catalog parsing functions when processing malformed SGML catalog files (bsc#1247858). * CVE-2026-1757: memory leak in the `xmllint` interactive shell (bsc#1257594, bsc#1257595). * CVE-2025-10911: parsing xsl nodes may lead to use-after-free with key data stored cross-RVT (bsc#1250553) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-353=1 ## Package List: * SUSE Linux Micro 6.2 (aarch64 ppc64le s390x x86_64) * libxml2-tools-debuginfo-2.13.8-160000.4.1 * libxslt1-1.1.43-160000.4.1 * python313-libxml2-debuginfo-2.13.8-160000.4.1 * libxml2-python-debugsource-2.13.8-160000.4.1 * libxslt1-debuginfo-1.1.43-160000.4.1 * libexslt0-debuginfo-1.1.43-160000.4.1 * python313-libxml2-2.13.8-160000.4.1 * libxml2-2-debuginfo-2.13.8-160000.4.1 * libxslt-debugsource-1.1.43-160000.4.1 * libexslt0-1.1.43-160000.4.1 * libxml2-debugsource-2.13.8-160000.4.1 * libxml2-2-2.13.8-160000.4.1 * libxml2-tools-2.13.8-160000.4.1 ## References: * https://www.suse.com/security/cve/CVE-2025-10911.html * https://www.suse.com/security/cve/CVE-2025-8732.html *https://www.suse.com/security/cve/CVE-2026-0990.html * https://www.suse.com/security/cve/CVE-2026-0992.html * https://www.suse.com/security/cve/CVE-2026-1757.html * https://bugzilla.suse.com/show_bug.cgi?id=1247850 * https://bugzilla.suse.com/show_bug.cgi?id=1247858 * https://bugzilla.suse.com/show_bug.cgi?id=1250553 * https://bugzilla.suse.com/show_bug.cgi?id=1256804 * https://bugzilla.suse.com/show_bug.cgi?id=1256807 * https://bugzilla.suse.com/show_bug.cgi?id=1256808 * https://bugzilla.suse.com/show_bug.cgi?id=1256809 * https://bugzilla.suse.com/show_bug.cgi?id=1256810 * https://bugzilla.suse.com/show_bug.cgi?id=1256811 * https://bugzilla.suse.com/show_bug.cgi?id=1256812 * https://bugzilla.suse.com/show_bug.cgi?id=1257593 * https://bugzilla.suse.com/show_bug.cgi?id=1257594 * https://bugzilla.suse.com/show_bug.cgi?id=1257595 . Update for SUSE libxml2 and libxslt addresses multiple issues including resource consumption and potential crashes.. libxml2 updates, SUSE patch, XML parsing issues, security updates. . LinuxSecurity.com Team

Calendar%202 Mar 09, 2026 SuSE
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200