Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 524
Alerts This Week
Warning Icon 1 524

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 111 articles for you...
197

Debian 11 node-tar Critical Memory Crash and Access Flaws DLA-4552-1

Multiple vulnerabilities have been discovered in node-tar, a Node.js module to read and write portable tar archives. CVE-2024-28863 Generating a large number of sub-folders can consume memory on the system and even crash the Node.js client within a few seconds using. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4552-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Daniel Leidert April 29, 2026 https://wiki.debian.org/LTS ------------------------------------------------------------------------- Package : node-tar Version : 6.0.5+ds1+~cs11.3.9-1+deb11u3 CVE ID : CVE-2024-28863 CVE-2026-23745 CVE-2026-24842 CVE-2026-26960 CVE-2026-29786 CVE-2026-31802 Multiple vulnerabilities have been discovered in node-tar, a Node.js module to read and write portable tar archives. CVE-2024-28863 Generating a large number of sub-folders can consume memory on the system and even crash the Node.js client within a few seconds using a path with too many sub-folders inside. CVE-2026-23745 When preservePaths is false, the linkpath of Link (hardlink) and SymbolicLink entries fail to be sanitized, allowing malicious archives to bypass the extraction root restriction, leading to arbitrary file overwrites via hardlinks and symlink poisoning via absolute symlink targets. The fix for this issue introduces multiple of the following vulnerabilties. CVE-2026-24842 The security check for hardlink entries allows an attacker to craft a malicious TAR archive that bypasses path traversal protections and creates hardlinks to arbitrary files outside the extraction directory. CVE-2026-26960 An attacker-controlled archive can create a hardlink inside the extraction directory that points to a file outside the extraction root, enabling arbitrary file read and write as the extracting user. CVE-2026-29786 Anattacker-controlled archive can create a hardlink that points outside the extraction directory by using a drive-relative link target. CVE-2026-31802 An attacker-controlled archive can create a hardlink that points outside the extraction directory by using a drive-relative link target. For Debian 11 bullseye, these problems have been fixed in version 6.0.5+ds1+~cs11.3.9-1+deb11u3. We recommend that you upgrade your node-tar packages. For the detailed security status of node-tar please refer to its security tracker page at: https://security-tracker.debian.org/tracker/node-tar Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Multiple critical vulnerabilities in node-tar fixed to prevent memory issues and unauthorized file access in Debian.. node-tar vulnerabilities, Debian LTS, security update, tar archive security. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Apr 29, 2026 Critical Debian LTS
202

openSUSE 15-SP6 Keybase-client Important Memory Panic Fix 2026-0117-1

An update that fixes three vulnerabilities is now available.. openSUSE Security Update: Security update for keybase-client ______________________________________________________________________________ Announcement ID: openSUSE-SU-2026:0117-1 Rating: important References: #1253563 #1253864 #1254023 Cross-References: CVE-2025-47913 CVE-2025-47914 CVE-2025-58181 CVSS scores: CVE-2025-47913 (SUSE): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-47914 (SUSE): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N CVE-2025-58181 (SUSE): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N Affected Products: openSUSE Backports SLE-15-SP6 openSUSE Backports SLE-15-SP7 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: This update for keybase-client fixes the following issues: - CVE-2025-47914: golang.org/x/crypto/ssh/agent: non validated message size can cause a panic due to an out of bounds read (boo#1254023) - CVE-2025-47913: golang.org/x/crypto/ssh/agent: client process termination when receiving an unexpected message type in response to a key listing or signing request (boo#1253563) - CVE-2025-58181: golang.org/x/crypto/ssh: invalidated number of mechanisms can cause unbounded memory consumption (boo#1253864) Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP7: zypper in -t patch openSUSE-2026-117=1 - openSUSE Backports SLE-15-SP6: zypper in -t patch openSUSE-2026-117=1 Package List: - openSUSE Backports SLE-15-SP7 (aarch64 i586 ppc64les390x x86_64): kbfs-6.2.8-bp157.2.3.15 kbfs-debuginfo-6.2.8-bp157.2.3.15 kbfs-git-6.2.8-bp157.2.3.15 kbfs-git-debuginfo-6.2.8-bp157.2.3.15 kbfs-tool-6.2.8-bp157.2.3.15 kbfs-tool-debuginfo-6.2.8-bp157.2.3.15 keybase-client-6.2.8-bp157.2.3.15 keybase-client-debuginfo-6.2.8-bp157.2.3.15 - openSUSE Backports SLE-15-SP6 (aarch64 i586 ppc64le s390x x86_64): kbfs-6.2.8-bp156.2.9.16 kbfs-git-6.2.8-bp156.2.9.16 kbfs-tool-6.2.8-bp156.2.9.16 keybase-client-6.2.8-bp156.2.9.16 References: https://www.suse.com/security/cve/CVE-2025-47913.html https://www.suse.com/security/cve/CVE-2025-47914.html https://www.suse.com/security/cve/CVE-2025-58181.html https://bugzilla.suse.com/1253563 https://bugzilla.suse.com/1253864 https://bugzilla.suse.com/1254023 . Update for keybase-client addresses important issues in openSUSE systems, enhancing security and stability.. openSUSE update,keybase-client patch,security fix,important vulnerabilities. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Apr 03, 2026 Important OpenSUSE
100

SUSE 12 SP5 Docker Stable Important High Memory Issue Fix 2026-1118-1

An update that solves seven vulnerabilities can now be installed.. # Security update for docker-stable Announcement ID: SUSE-SU-2026:1118-1 Release Date: 2026-03-27T12:26:18Z Rating: important References: * bsc#1253904 Cross-References: * CVE-2024-2365 * CVE-2024-29018 * CVE-2024-41110 * CVE-2025-22868 * CVE-2025-22869 * CVE-2025-30204 * CVE-2025-58181 CVSS scores: * CVE-2024-29018 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-29018 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-29018 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-29018 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-41110 ( SUSE ): 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2025-22868 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22868 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22868 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22869 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22869 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22869 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-30204 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-30204 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-30204 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-58181 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-58181 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-58181 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves seven vulnerabilities can now be installed. ## Description: This update for docker-stable fixes the following issues: * CVE-2025-58181: golang.org/x/crypto/ssh: invalidated number of mechanisms can cause unbounded memory consumption (bsc#1253904). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-1118=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * docker-stable-debuginfo-24.0.9_ce-1.32.1 * docker-stable-24.0.9_ce-1.32.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * docker-stable-bash-completion-24.0.9_ce-1.32.1 ## References: * https://www.suse.com/security/cve/CVE-2024-2365.html * https://www.suse.com/security/cve/CVE-2024-29018.html * https://www.suse.com/security/cve/CVE-2024-41110.html * https://www.suse.com/security/cve/CVE-2025-22868.html * https://www.suse.com/security/cve/CVE-2025-22869.html * https://www.suse.com/security/cve/CVE-2025-30204.html * https://www.suse.com/security/cve/CVE-2025-58181.html * https://bugzilla.suse.com/show_bug.cgi?id=1253904 . A security update for docker-stable on SUSE resolves seven important issues. Immediate installation recommended to safeguard systems.. SUSE Linux, docker-stable, security update, software vulnerabilities. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Mar 27, 2026 Important SuSE
100

SUSE Container Significant RAM Consumption Issue 2026-0972-1

An update that solves seven vulnerabilities can now be installed.. # Security update for docker-stable Announcement ID: SUSE-SU-2026:0972-1 Release Date: 2026-03-23T15:21:50Z Rating: important References: * bsc#1253904 Cross-References: * CVE-2024-2365 * CVE-2024-29018 * CVE-2024-41110 * CVE-2025-22868 * CVE-2025-22869 * CVE-2025-30204 * CVE-2025-58181 CVSS scores: * CVE-2024-29018 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-29018 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-29018 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-29018 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-41110 ( SUSE ): 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2025-22868 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22868 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22868 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22869 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22869 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22869 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-30204 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-30204 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-30204 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-58181 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-58181 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-58181 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * Containers Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux EnterpriseServer for SAP Applications 15 SP7 An update that solves seven vulnerabilities can now be installed. ## Description: This update for docker-stable fixes the following issues: * CVE-2025-58181: golang.org/x/crypto/ssh: invalidated number of mechanisms can cause unbounded memory consumption (bsc#1253904). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2026-972=1 * Containers Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Containers-15-SP7-2026-972=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * docker-stable-debuginfo-24.0.9_ce-150000.1.39.1 * docker-stable-24.0.9_ce-150000.1.39.1 * openSUSE Leap 15.6 (noarch) * docker-stable-zsh-completion-24.0.9_ce-150000.1.39.1 * docker-stable-fish-completion-24.0.9_ce-150000.1.39.1 * docker-stable-bash-completion-24.0.9_ce-150000.1.39.1 * docker-stable-rootless-extras-24.0.9_ce-150000.1.39.1 * Containers Module 15-SP7 (aarch64 ppc64le s390x x86_64) * docker-stable-debuginfo-24.0.9_ce-150000.1.39.1 * docker-stable-24.0.9_ce-150000.1.39.1 * Containers Module 15-SP7 (noarch) * docker-stable-bash-completion-24.0.9_ce-150000.1.39.1 * docker-stable-zsh-completion-24.0.9_ce-150000.1.39.1 ## References: * https://www.suse.com/security/cve/CVE-2024-2365.html * https://www.suse.com/security/cve/CVE-2024-29018.html * https://www.suse.com/security/cve/CVE-2024-41110.html * https://www.suse.com/security/cve/CVE-2025-22868.html * https://www.suse.com/security/cve/CVE-2025-22869.html * https://www.suse.com/security/cve/CVE-2025-30204.html * https://www.suse.com/security/cve/CVE-2025-58181.html * https://bugzilla.suse.com/show_bug.cgi?id=1253904 . A crucial update for docker-stable addresses multiple issues, focusing on important vulnerabilities.Ensure your systems are patched.. SUSE Docker Security Update Memory Overflow Patch. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Mar 23, 2026 Important SuSE
100

SUSE Micro 7.0 Container Memory Usage Alert Notification for CVE-2025-78248

An update that solves one vulnerability can now be installed.. # Security update for docker Announcement ID: SUSE-SU-2026:20651-1 Release Date: 2026-03-04T06:47:58Z Rating: moderate References: * bsc#1253904 Cross-References: * CVE-2025-58181 CVSS scores: * CVE-2025-58181 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-58181 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-58181 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Micro 6.1 An update that solves one vulnerability can now be installed. ## Description: This update for docker fixes the following issues: * CVE-2025-58181: an invalid number of mechanisms may cause unbounded memory consumption (bcs#1253904). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-422=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * docker-debuginfo-28.5.1_ce-slfo.1.1_8.1 * docker-28.5.1_ce-slfo.1.1_8.1 * docker-buildx-debuginfo-0.29.0-slfo.1.1_8.1 * docker-buildx-0.29.0-slfo.1.1_8.1 ## References: * https://www.suse.com/security/cve/CVE-2025-58181.html * https://bugzilla.suse.com/show_bug.cgi?id=1253904 . Update for SUSE Docker fixes a moderate security issue that may lead to unbounded memory consumption. Install recommended patches!. SUSE Docker Security Update, Memory Consumption Risk, CVE-2025-58181. . LinuxSecurity.com Team

Calendar%202 Mar 18, 2026 SuSE
100

SUSE Linux Micro 6.0 Docker Moderate Memory Usage Flaw 2026-20694-1

An update that solves one vulnerability can now be installed.. # Security update for docker Announcement ID: SUSE-SU-2026:20694-1 Release Date: 2026-03-04T06:22:23Z Rating: moderate References: * bsc#1253904 Cross-References: * CVE-2025-58181 CVSS scores: * CVE-2025-58181 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-58181 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-58181 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Micro 6.0 An update that solves one vulnerability can now be installed. ## Description: This update for docker fixes the following issues: * CVE-2025-58181: an invalid number of mechanisms may cause unbounded memory consumption (bcs#1253904). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-602=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * docker-28.5.1_ce-9.1 * docker-buildx-debuginfo-0.29.0-9.1 * docker-debuginfo-28.5.1_ce-9.1 * docker-buildx-0.29.0-9.1 ## References: * https://www.suse.com/security/cve/CVE-2025-58181.html * https://bugzilla.suse.com/show_bug.cgi?id=1253904 . SUSE Linux Micro 6.0 docker update resolves memory consumption issue. Apply patch to mitigate moderate risk.. docker update SUSE Linux Micro memory consumption security advisory. . LinuxSecurity.com Team

Calendar%202 Mar 18, 2026 SuSE
202

openSUSE Leap 16.0 docker-stable Important Memory Issue Fix 2026-20366-1

An update that solves 2 vulnerabilities and has 3 bug fixes can now be installed.. openSUSE security update: security update for docker-stable ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20366-1 Rating: important References: * bsc#1240513 * bsc#1253904 * bsc#1254206 Cross-References: * CVE-2025-30204 * CVE-2025-58181 CVSS scores: * CVE-2025-30204 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-30204 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-58181 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-58181 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N Affected Products: openSUSE Leap 16.0 ------------------------------------------------------------- An update that solves 2 vulnerabilities and has 3 bug fixes can now be installed. Description: This update for docker-stable fixes the following issues: - CVE-2025-58181: Fixed unbounded memory consumption. (bsc#1253904) - CVE-2025-30204: Fixed a bug in jwt-go which allows excessive memory allocation during header parsing. (bsc#1240513) Patch instructions: To install this openSUSE security update use the suse recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 16.0 zypper in -t patch openSUSE-Leap-16.0-389=1 Package List: - openSUSE Leap 16.0: docker-stable-24.0.9_ce-160000.4.1 docker-stable-bash-completion-24.0.9_ce-160000.4.1 docker-stable-buildx-0.25.0-160000.4.1 docker-stable-fish-completion-24.0.9_ce-160000.4.1 docker-stable-rootless-extras-24.0.9_ce-160000.4.1 docker-stable-zsh-completion-24.0.9_ce-160000.4.1 References: * https://www.suse.com/security/cve/CVE-2025-30204.html * https://www.suse.com/security/cve/CVE-2025-58181.html . An important update for openSUSE fixes two security issues in docker-stable,addressing memory consumption risks.. openSUSE Docker security important patch. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Mar 18, 2026 Important OpenSUSE
202

openSUSE Leap 16.0 Helm Moderate Memory Consumption Fixes 2026-20327-1

An update that solves 2 vulnerabilities and has 2 bug fixes can now be installed.. openSUSE security update: security update for helm ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20327-1 Rating: moderate References: * bsc#1251442 * bsc#1251649 Cross-References: * CVE-2025-47911 * CVE-2025-58190 CVSS scores: * CVE-2025-47911 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-47911 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-58190 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-58190 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N Affected Products: openSUSE Leap 16.0 ------------------------------------------------------------- An update that solves 2 vulnerabilities and has 2 bug fixes can now be installed. Description: This update for helm fixes the following issues: - Update to version 3.19.1: * CVE-2025-47911: golang.org/x/net/html: Fixed various algorithms with quadratic complexity when parsing HTML documents (bsc#1251442) * CVE-2025-58190: golang.org/x/net/html: Fixed xcessive memory consumption by `html.ParseFragment` when processing specially crafted input (bsc#1251649) * jsonschema: warn and ignore unresolved URN $ref to match v3.18.4 * Avoid "panic: interface conversion: interface {} is nil" * Fix `helm pull` untar dir check with repo urls * Fix deprecation warning * Add timeout flag to repo add and update flags - Update to version 3.19.0: * bump version to v3.19.0 * fix: use username and password if provided * fix(helm-lint): fmt * fix(helm-lint): Add TLSClientConfig * fix(helm-lint): Add HTTP/HTTPS URL support for json schema references * chore(deps): bump the k8s-io group with 7 updates * fix: go mod tidy for v3 * fix Chart.yaml handling * Handle messy index files * json schema fix * fix: k8s version parsing to match original * Do notexplicitly set SNI in HTTPGetter * Disabling linter due to unknown issue * Updating link handling * fix: user username password for login * Update pkg/registry/transport.go * fix: add debug logging to oci transport * fix: legacy docker support broken for login * fix: plugin installer test with no Internet * Handle an empty registry config file. * Prevent fetching newReference again as we have in calling method * Prevent failure when resolving version tags in oras memory store * fix(client): skipnode utilization for PreCopy * test: Skip instead of returning early. looks more intentional * test: tests repo stripping functionality * test: include tests for Login based on different protocol prefixes * fix(client): layers now returns manifest - remove duplicate from descriptors * fix(client): return nil on non-allowed media types * Fix 3.18.0 regression: registry login with scheme * Update pkg/plugin/plugin.go * Wait for Helm v4 before raising when platformCommand and Command are set * Revert "fix (helm) : toToml` renders int as float [ backport to v3 ]" * build(deps): bump the k8s-io group with 7 updates * chore: update generalization warning message * fix: move warning to top of block * fix: govulncheck workflow * fix: replace fmt warning with slog * fix: add warning when ignore repo flag * feat: add httproute from gateway-api to create chart template - Update to version 3.18.6: * fix(helm-lint): fmt * fix(helm-lint): Add TLSClientConfig * fix(helm-lint): Add HTTP/HTTPS URL support for json schema references - Update to version 3.18.5: * fix Chart.yaml handling 7799b48 (Matt Farina) * Handle messy index files dd8502f (Matt Farina) * json schema fix cb8595b (Robert Sirchia) - Fix shell completion dependencies * Add BuildRequires to prevent inclusion of folders owned by shells. * Add Requires because installing completions without appropriate shell is questionable. - Fix zsh completion location Patch instructions: To install thisopenSUSE security update use the suse recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 16.0 zypper in -t patch openSUSE-Leap-16.0-360=1 Package List: - openSUSE Leap 16.0: helm-3.19.1-160000.1.1 helm-bash-completion-3.19.1-160000.1.1 helm-fish-completion-3.19.1-160000.1.1 helm-zsh-completion-3.19.1-160000.1.1 References: * https://www.suse.com/security/cve/CVE-2025-47911.html * https://www.suse.com/security/cve/CVE-2025-58190.html . Fix for 2 issues and 2 bug fixes in helm for openSUSE Leap 16.0. Install the latest updates to ensure system security.. openSUSE helm update security moderate threat. . LinuxSecurity.com Team

Calendar%202 Mar 07, 2026 OpenSUSE
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200