Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 414
Alerts This Week
Warning Icon 1 414

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is application sandboxing truly safe?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/155-is-application-sandboxing-truly-safe?task=poll.vote&format=json
155
radio
0
[{"id":500,"title":"Malware still escapes container walls.","votes":1,"type":"x","order":1,"pct":25,"resources":[]},{"id":501,"title":"Supply chains corrupt trusted packages.","votes":1,"type":"x","order":2,"pct":25,"resources":[]},{"id":502,"title":"Convenience consistently compromises strict security.","votes":2,"type":"x","order":3,"pct":50,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 51 articles for you...
100

SUSE Linux Micro 6.0 Kernel RT Key Memory Bug Patch 20807-1

An update that solves seven vulnerabilities can now be installed.. # Security update for the Linux Kernel RT (Live Patch 13 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:20807-1 Release Date: 2026-03-23T10:24:40Z Rating: important References: * bsc#1255053 * bsc#1255378 * bsc#1255402 * bsc#1255895 * bsc#1256624 * bsc#1256644 * bsc#1257669 Cross-References: * CVE-2025-40258 * CVE-2025-40284 * CVE-2025-40297 * CVE-2025-68284 * CVE-2025-68285 * CVE-2025-68813 * CVE-2025-71085 CVSS scores: * CVE-2025-40258 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40258 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40284 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40284 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40297 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40297 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-68284 ( SUSE ): 7.0 CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-68284 ( SUSE ): 7.3 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-68285 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-68285 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-68813 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68813 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-71085 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-71085 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves seven vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-37.1 fixesvarious security issues The following security issues were fixed: * CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1255053). * CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed (bsc#1257669). * CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255895). * CVE-2025-68284: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (bsc#1255378). * CVE-2025-68285: libceph: fix potential use-after-free in have_mon_and_osd_map() (bsc#1255402). * CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644). * CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE- Micro-6.0-SUSE_SLFO_Kernel_1.0_Build__patchinfo.20260319170218820827.216358544319405=1 ## Package List: * SUSE Linux Micro 6.0 (x86_64) * kernel-livepatch-6_4_0-37-rt-debuginfo-2-1.1 * kernel-livepatch-MICRO-6-0-RT_Update_13-debugsource-2-1.1 * kernel-livepatch-6_4_0-37-rt-2-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-40258.html * https://www.suse.com/security/cve/CVE-2025-40284.html * https://www.suse.com/security/cve/CVE-2025-40297.html * https://www.suse.com/security/cve/CVE-2025-68284.html * https://www.suse.com/security/cve/CVE-2025-68285.html * https://www.suse.com/security/cve/CVE-2025-68813.html * https://www.suse.com/security/cve/CVE-2025-71085.html * https://bugzilla.suse.com/show_bug.cgi?id=1255053 * https://bugzilla.suse.com/show_bug.cgi?id=1255378 * https://bugzilla.suse.com/show_bug.cgi?id=1255402 * https://bugzilla.suse.com/show_bug.cgi?id=1255895 * https://bugzilla.suse.com/show_bug.cgi?id=1256624 *https://bugzilla.suse.com/show_bug.cgi?id=1256644 * https://bugzilla.suse.com/show_bug.cgi?id=1257669 . An update for SUSE Linux Kernel RT fixes seven important issues enhancing system security and stability. Stay protected!. SUSE Kernel RT Security Update, Linux Kernel Patch, Important Security Fixes. . LinuxSecurity.com Team

Calendar%202 Mar 24, 2026 SuSE
100

SUSE Linux Micro 6.0 glibc Important Memory Error Fix Advisory 20527-1

An update that solves four vulnerabilities can now be installed.. # Security update for glibc Announcement ID: SUSE-SU-2026:20527-1 Release Date: 2026-02-26T11:23:28Z Rating: important References: * bsc#1246965 * bsc#1256766 * bsc#1256822 * bsc#1257005 Cross-References: * CVE-2025-15281 * CVE-2025-8058 * CVE-2026-0861 * CVE-2026-0915 CVSS scores: * CVE-2025-15281 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-15281 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-15281 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-8058 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:P/VC:L/VI:L/VA:H/SC:L/SI:L/SA:H * CVE-2025-8058 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:H * CVE-2025-8058 ( NVD ): 5.9 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:P/VC:L/VI:L/VA:H/SC:L/SI:L/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-0861 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-0861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-0861 ( NVD ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-0915 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-0915 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-0915 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.0 An update that solves four vulnerabilities can now be installed. ## Description: This update for glibc fixes the following issues: * CVE-2026-0861: inadequate size check in the memalign suite may result in an integer overflow (bsc#1256766). * CVE-2026-0915: uninitialized stack buffer used as DNS query name when net==0 in _nss_dns_getnetbyaddr_r (bsc#1256822). * CVE-2025-15281: uninitialized memory may cause the processabort (bsc#1257005). * CVE-2025-8058: a malloc failure in regcomp function can lead to a double free (bsc#1246965). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-597=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * glibc-devel-debuginfo-2.38-11.1 * glibc-locale-base-2.38-11.1 * glibc-devel-2.38-11.1 * glibc-debuginfo-2.38-11.1 * glibc-locale-2.38-11.1 * glibc-2.38-11.1 * glibc-locale-base-debuginfo-2.38-11.1 * glibc-debugsource-2.38-11.1 ## References: * https://www.suse.com/security/cve/CVE-2025-15281.html * https://www.suse.com/security/cve/CVE-2025-8058.html * https://www.suse.com/security/cve/CVE-2026-0861.html * https://www.suse.com/security/cve/CVE-2026-0915.html * https://bugzilla.suse.com/show_bug.cgi?id=1246965 * https://bugzilla.suse.com/show_bug.cgi?id=1256766 * https://bugzilla.suse.com/show_bug.cgi?id=1256822 * https://bugzilla.suse.com/show_bug.cgi?id=1257005 . An important security update for SUSE glibc addresses four vulnerabilities ensuring system reliability.. SUSE security update, glibc vulnerabilities, installation instructions. . LinuxSecurity.com Team

Calendar%202 Feb 27, 2026 SuSE
172

Ubuntu 25.04: libtiff Moderate DoS Vulnerabilities USN-7707-1 CVE-2025-8176

Several security issues were fixed in LibTIFF.. ========================================================================== Ubuntu Security Notice USN-7707-1 August 20, 2025 tiff vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.04 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS Summary: Several security issues were fixed in LibTIFF. Software Description: - tiff: Tag Image File Format (TIFF) library Details: It was discovered that LibTIFF incorrectly handled certain memory operations when using tiffmedian tool. An attacker could trick a user into processing a specially crafted tiff image file and potentially use this issue to cause a denial of service. (CVE-2025-8176) It was discovered that LibTIFF did not properly perform bounds checking in certain operations when using thumbnail tool. An attacker could trick a user into processing a specially crafted tiff image file and potentially use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2025-8177) It was discovered that LibTIFF incorrectly handled certain memory operations when using tiff2ps tool. An attacker could trick a user into processing a specially crafted tiff image file and potentially use this issue to cause a denial of service. (CVE-2025-8534) It was discovered that LibTIFF did not properly perform bounds checking in certain operations when using tiffcrop tool. An attacker could trick a user into processing a specially crafted tiff image file and potentially use this issue to cause a denial of service. (CVE-2025-8851) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 25.04 libtiff-tools 4.5.1+git230720-4ubuntu4.1 libtiff6 4.5.1+git230720-4ubuntu4.1 Ubuntu24.04 LTS libtiff-tools 4.5.1+git230720-4ubuntu2.3 libtiff6 4.5.1+git230720-4ubuntu2.3 Ubuntu 22.04 LTS libtiff-tools 4.3.0-6ubuntu0.11 libtiff5 4.3.0-6ubuntu0.11 Ubuntu 20.04 LTS libtiff-tools 4.1.0+git191117-2ubuntu0.20.04.14+esm1 Available with Ubuntu Pro libtiff5 4.1.0+git191117-2ubuntu0.20.04.14+esm1 Available with Ubuntu Pro Ubuntu 18.04 LTS libtiff-tools 4.0.9-5ubuntu0.10+esm8 Available with Ubuntu Pro libtiff5 4.0.9-5ubuntu0.10+esm8 Available with Ubuntu Pro Ubuntu 16.04 LTS libtiff-tools 4.0.6-1ubuntu0.8+esm18 Available with Ubuntu Pro libtiff5 4.0.6-1ubuntu0.8+esm18 Available with Ubuntu Pro Ubuntu 14.04 LTS libtiff-tools 4.0.3-7ubuntu0.11+esm15 Available with Ubuntu Pro libtiff5 4.0.3-7ubuntu0.11+esm15 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7707-1 CVE-2025-8176, CVE-2025-8177, CVE-2025-8534, CVE-2025-8851 Package Information: https://launchpad.net/ubuntu/+source/tiff/4.5.1+git230720-4ubuntu4.1 https://launchpad.net/ubuntu/+source/tiff/4.5.1+git230720-4ubuntu2.3 https://launchpad.net/ubuntu/+source/tiff/4.3.0-6ubuntu0.11 . Numerous Ubuntu releases updated to fix security flaws in LibTIFF, resolving multiple serious concerns.. LibTIFF Updates Ubuntu Denial of Service. . LinuxSecurity.com Team

Calendar%202 Aug 21, 2025 Ubuntu
100

SUSE Linux Micro: 2025:20277-1 important: libxslt memory safety

* bsc#1238591 * bsc#1239625 * bsc#1239637 Cross-References: . # Security update for libxslt Announcement ID: SUSE-SU-2025:20277-1 Release Date: 2025-04-22T13:46:13Z Rating: important References: * bsc#1238591 * bsc#1239625 * bsc#1239637 Cross-References: * CVE-2023-40403 * CVE-2024-55549 * CVE-2025-24855 CVSS scores: * CVE-2023-40403 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2023-40403 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-55549 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H * CVE-2024-55549 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H * CVE-2025-24855 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H * CVE-2025-24855 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves three vulnerabilities can now be installed. ## Description: This update for libxslt fixes the following issues: * CVE-2025-24855: Fix use-after-free of XPath context node (bsc#1239625) * CVE-2024-55549: Fix UAF related to excluded namespaces (bsc#1239637) * CVE-2023-40403: Make generate-id() deterministic (bsc#1238591) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-77=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * libxslt1-1.1.38-slfo.1.1_2.1 * libexslt0-debuginfo-1.1.38-slfo.1.1_2.1 * libxslt-debugsource-1.1.38-slfo.1.1_2.1 * libexslt0-1.1.38-slfo.1.1_2.1 * libxslt1-debuginfo-1.1.38-slfo.1.1_2.1 ## References: * https://www.suse.com/security/cve/CVE-2023-40403.html * https://www.suse.com/security/cve/CVE-2024-55549.html * https://www.suse.com/security/cve/CVE-2025-24855.html * https://bugzilla.suse.com/show_bug.cgi?id=1238591 *https://bugzilla.suse.com/show_bug.cgi?id=1239625 * https://bugzilla.suse.com/show_bug.cgi?id=1239637 . Discover the crucial SUSE upgrade for libxslt that tackles various vulnerabilities. Ensure your systems are protected with the most recent patches!. SUSE Linux Micro, libxslt, security patch, software update. . LinuxSecurity.com Team

Calendar%202 Jun 04, 2025 SuSE
100

SUSE Linux Micro 6.0: 2025:20323-1 Moderate: sqlite3 Memory Fix

* bsc#1241020 * bsc#1241078 Cross-References: * CVE-2025-29087 . # Security update for sqlite3 Announcement ID: SUSE-SU-2025:20323-1 Release Date: May 16, 2025, 12:51 p.m. Rating: moderate References: * bsc#1241020 * bsc#1241078 Cross-References: * CVE-2025-29087 * CVE-2025-29088 CVSS scores: * CVE-2025-29087 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2025-29087 ( SUSE ): 5.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L * CVE-2025-29087 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-29087 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-29087 ( NVD ): 3.2 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L * CVE-2025-29088 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-29088 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-29088 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-29088 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L Affected Products: * SUSE Linux Micro 6.0 An update that solves two vulnerabilities can now be installed. ## Description: This update for sqlite3 fixes the following issues: * Update to release 3.49.1: * Improve portability of makefiles and configure scripts. * CVE-2025-29087, bsc#1241020: Fix a bug in the concat_ws() function, introduced in version 3.44.0, that could lead to a memory error if the separator string is very large (hundreds of megabytes). * CVE-2025-29088, bsc#1241078: Enhanced the SQLITE_DBCONFIG_LOOKASIDE interface to make it more robust against misuse. * Update to release 3.49.0: * Enhancements to the query planner: * Improve the query-time index optimization so that it works on WITHOUT ROWID tables. * Better query plans for large star-query joins. This fixes three different performance regressions that were reported on the SQLite Forum. * When two or more queries have the sameestimated cost, use the one with the fewer bytes per row. * Enhance the iif() SQL function so that it can accept any number of arguments greater than or equal to two. * Enhance the session extension so that it works on databases that make use of generated columns. * Omit the SQLITE_USE_STDIO_FOR_CONSOLE compile-time option which was not implemented correctly and never worked right. In its place add the SQLITE_USE_W32_FOR_CONSOLE_IO compile-time option. This option applies to command-line tools like the CLI only, not to the SQLite core. It causes Win32 APIs to be used for console I/O instead of stdio. This option affects Windows builds only. * Three new options to sqlite3_db_config(). All default "on". SQLITE_DBCONFIG_ENABLE_ATTACH_CREATE SQLITE_DBCONFIG_ENABLE_ATTACH_WRITE SQLITE_DBCONFIG_ENABLE_COMMENTS * Re-enable SONAME which got disabled by default in 3.48.0. * https://www.sqlite.org/src/login?g=forumpost/5a3b44f510df8ded * https://sqlite.org/forum/forumpost/ab8f15697a * Update to release 3.48.0: * Improved EXPLAIN QUERY PLAN output for covering indexes. * Allow a two-argument version of the iif() SQL function. * Also allow if() as an alternative spelling for iif(). * Add the ".dbtotxt" command to the CLI. * Add the SQLITE_IOCAP_SUBPAGE_READ property to the xDeviceCharacteristics method of the sqlite3_io_methods object. * Add the SQLITE_PREPARE_DONT_LOG option to sqlite3_prepare_v3() that prevents warning messages being sent to the error log if the SQL is ill-formed. This allows sqlite3_prepare_v3() to be used to do test compiles of SQL to check for validity without polluting the error log with false messages. * Increase the minimum allowed value of SQLITE_LIMIT_LENGTH from 1 to 30. * Added the SQLITE_FCNTL_NULL_IO file control. * Extend the FTS5 auxiliary API xInstToken() to work with prefix queries via the insttoken configuration option and the fts5_insttoken() SQL function. * Increase the maximum number ofarguments to an SQL function from 127 to 1000. * Update to release 3.47.2: * Fix a problem in text-to-floating-point conversion that affects text values where the first 16 significant digits are '1844674407370955'. This issue was introduced in 3.47.0 and only arises on x64 and i386 hardware. * Other minor bug fixes. * Enable the session extension, because NodeJS 22 needs it. * Update to release 3.47.1: * Fix the makefiles so that they once again honored DESTDIR for the "install" target. * Add the SQLITE_IOCAP_SUBPAGE_READ capability to the VFS, to work around issues on some non-standard VFSes caused by making SQLITE_DIRECT_OVERFLOW_READ the default in version 3.45.0. * Fix incorrect answers to certain obscure IN queries caused by new query optimizations added in the 3.47.0 release. * Other minor bug fixes. * Update to release 3.47.0: * Allow arbitrary expressions in the second argument to the RAISE function. * If the RHS of the -> > operator is negative, then access array elements counting from the right. * Fix a problem with rolling back hot journal files in the seldom-used unix- dotfile VFS. * FTS5 tables can now be dropped even if they use a non-standard tokenizer that has not been registered. * Fix the group_concat() aggregate function so that it returns an empty string, not a NULL, if it receives a single input value which is an empty string. * Enhance the generate_series() table-valued function so that it is able to recognize and use constraints on its output value. Preupdate hooks now recognize when a column added by ALTER TABLE ADD COLUMN has a non-null default value. * Improved reuse of subqueries associated with the IN operator, especially when the IN operator has been duplicated due to predicate push-down. * Use a Bloom filter on subqueries on the right-hand side of the IN operator, in cases where that seems likely to improve performance. * Ensure that queries like "SELECT func(a) FROMtab GROUP BY 1" only invoke the func() function once per row. * No attempt is made to create automatic indexes on a column that is known to be non-selective because of its use in other indexes that have been analyzed. * Adjustments to the query planner so that it produces better plans for star queries with a large number of dimension tables. * Add the "order-by-subquery" optimization, that seeks to disable sort operations in outer queries if the desired order is obtained naturally due to ORDER BY clauses in subqueries. * The "indexed-subtype-expr" optimization strives to use expressions that are part of an index rather than recomputing the expression based on table values, as long as the query planner can prove that the subtype of the expression will never be used. * Miscellaneous coding tweaks for faster runtimes. * Add the experimental sqlite3_rsync program. * Add extension functions median(), percentile(), percentile_cont(), and percentile_disc() to the CLI. * Add the .www dot-command to the CLI. * The sqlite3_analyzer utility now provides a break-out of statistics for WITHOUT ROWID tables. * The sqldiff utility avoids creating an empty database if its second argument does not exist. * Enhance the sqlite_dbpage table-valued function such that INSERT can be used to increase or decrease the size of the database file. * SQLite no longer makes any use of the "long double" data type, as hardware support for long double is becoming less common and long double creates challenges for some compiler tool chains. Instead, SQLite uses Dekker's algorithm when extended precision is needed. * The TCL Interface for SQLite supports TCL9. Everything probably still works for TCL 8.5 and later, though this is not guaranteed. Users are encouraged to upgrade to TCL9. * Fix a corruption-causing bug in the JavaScript "opfs" VFS. Correct "mode=ro" handling for the "opfs" VFS. Work around a couple of browser-specific OPFS quirks. * Add the fts5_tokenizer_v2 API and the locale=1 option, for creating custom locale-aware tokenizers and fts5 tables that may take advantage of them. * Add the contentless_unindexed=1 option, for creating contentless fts5 tables that store the values of any UNINDEXED columns persistently in the database. * Allow an FTS5 table to be dropped even if it uses a custom tokenizer whose implementation is not available. * Update to release 3.46.1: * Improved robustness while parsing the tokenize= arguments in FTS5. * Enhancements to covering index prediction in the query planner. * Do not let the number of terms on a VALUES clause be limited by SQLITE_LIMIT_COMPOUND_SELECT, even if the VALUES clause contains elements that appear to be variables due to double-quoted string literals. * Fix the window function version of group_concat() so that it returns an empty string if it has one or more empty string inputs. * In FTS5 secure-delete mode, fix false-positive integrity-check reports about corrupt indexes. * Syntax errors in ALTER TABLE should always return SQLITE_ERROR. In some cases, they were formerly returning SQLITE_INTERNAL. * Other minor fixes. * Update to release 3.46.0: * https://sqlite.org/releaselog/3_46_0.html * Enhance PRAGMA optimize in multiple ways. * Enhancements to the date and time functions. * Add support for underscore ("_") characters between digits in numeric literals. * Add the json_pretty() SQL function. * Query planner improvements. * Allocate additional memory from the heap for the SQL parser stack if that stack overflows, rather than reporting a "parser stack overflow" error. * Allow ASCII control characters within JSON5 string literals. * Fix the -> and -> > JSON operators so that when the right-hand side operand is a string that looks like an integer it is still treated as a string, because that is what PostgreSQL does. * Update to release 3.45.3: * Fix a long-standing bug (goingback to version 3.24.0) that might (rarely) cause the "old.*" values of an UPDATE trigger to be incorrect if that trigger fires in response to an UPSERT. * Reduce the scope of the NOT NULL strength reduction optimization that was added as item 8e in version 3.35.0. The optimization was being attempted in some contexts where it did not work, resulting in incorrect query results. * Add SQLITE_STRICT_SUBTYPE=1 as recommended by upstream. * Update to release 3.45.2: * Added the SQLITE_RESULT_SUBTYPE property for application- defined SQL functions. * Enhancements to the JSON SQL functions * Add the FTS5 tokendata option to the FTS5 virtual table. * The SQLITE_DIRECT_OVERFLOW_READ optimization is now enabled by default. * Query planner improvements * Increase the default value for SQLITE_MAX_PAGE_COUNT from 1073741824 to 4294967294. * Enhancements to the CLI * Restore the JSON BLOB input bug, and promise to support the anomaly in subsequent releases, for backward compatibility. * Fix the PRAGMA integrity_check command so that it works on read-only databases that contain FTS3 and FTS5 tables. * Fix issues associated with processing corrupt JSONB inputs. * Fix a long-standing bug in which a read of a few bytes past the end of a memory-mapped segment might occur when accessing a craftily corrupted database using memory-mapped database. * Fix a long-standing bug in which a NULL pointer dereference might occur in the bytecode engine due to incorrect bytecode being generated for a class of SQL statements that are deliberately designed to stress the query planner but which are otherwise pointless. * Fix an error in UPSERT, introduced in version 3.35.0. * Reduce the scope of the NOT NULL strength reduction optimization that was added in version 3.35.0. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the commandlisted for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-325=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * sqlite3-debugsource-3.49.1-1.1 * libsqlite3-0-3.49.1-1.1 * libsqlite3-0-debuginfo-3.49.1-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-29087.html * https://www.suse.com/security/cve/CVE-2025-29088.html * https://bugzilla.suse.com/show_bug.cgi?id=1241020 * https://bugzilla.suse.com/show_bug.cgi?id=1241078 . A security patch for sqlite3 resolves memory issues and optimizes settings. Ensure you upgrade now for better efficiency.. sqlite3 security update,SUSE vulnerabilities,sqlite3 software patch,moderate security advisory. . LinuxSecurity.com Team

Calendar%202 May 28, 2025 SuSE
202

openSUSE 15 SP6: 2025:0263-1 important: kernel live patch security issue

An update that solves six vulnerabilities can now be installed.. # Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:0263-1 Release Date: 2025-01-27T14:33:31Z Rating: important References: * bsc#1226184 * bsc#1226324 * bsc#1227369 * bsc#1227781 * bsc#1227784 * bsc#1229275 Cross-References: * CVE-2024-27029 * CVE-2024-36971 * CVE-2024-36979 * CVE-2024-40920 * CVE-2024-40921 * CVE-2024-41057 CVSS scores: * CVE-2024-27029 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27029 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-36971 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36979 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36979 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40920 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40921 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41057 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41057 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41057 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves six vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_21 fixes several issues. The following security issues were fixed: * CVE-2024-40921: net: bridge: mst: pass vlan group directly to br_mst_vlan_set_state (bsc#1227784). * CVE-2024-40920: net: bridge: mst: fix suspicious rcu usage in br_mst_set_state (bsc#1227781). *CVE-2024-36979: net: bridge: mst: fix vlan use-after-free (bsc#1227369). * CVE-2024-41057: cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie() (bsc#1229275). * CVE-2024-27029: drm/amdgpu: fix mmhub client id out-of-bounds access Properly handle cid 0x140 (bsc#1226184). * CVE-2024-36971: Fixed __dst_negative_advice() race (bsc#1226324). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-263=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-263=1 ## Package List: * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_21-default-9-150600.4.19.1 * kernel-livepatch-6_4_0-150600_21-default-debuginfo-9-150600.4.19.1 * kernel-livepatch-SLE15-SP6_Update_0-debugsource-9-150600.4.19.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_21-default-9-150600.4.19.1 * kernel-livepatch-6_4_0-150600_21-default-debuginfo-9-150600.4.19.1 * kernel-livepatch-SLE15-SP6_Update_0-debugsource-9-150600.4.19.1 ## References: * https://www.suse.com/security/cve/CVE-2024-27029.html * https://www.suse.com/security/cve/CVE-2024-36971.html * https://www.suse.com/security/cve/CVE-2024-36979.html * https://www.suse.com/security/cve/CVE-2024-40920.html * https://www.suse.com/security/cve/CVE-2024-40921.html * https://www.suse.com/security/cve/CVE-2024-41057.html * https://bugzilla.suse.com/show_bug.cgi?id=1226184 * https://bugzilla.suse.com/show_bug.cgi?id=1226324 * https://bugzilla.suse.com/show_bug.cgi?id=1227369 * https://bugzilla.suse.com/show_bug.cgi?id=1227781 * https://bugzilla.suse.com/show_bug.cgi?id=1227784 * https://bugzilla.suse.com/show_bug.cgi?id=1229275 . The recent enhancement of the Linux Kernelbrings significant corrections to Live Patch 0 for SLE 15 SP6, focusing on critical security upgrades.. openSUSE Live Patch, Linux Kernel Update, SUSE Security Advisory. . LinuxSecurity.com Team

Calendar%202 Jan 27, 2025 OpenSUSE
100

SUSE: 2024:2305-1 Important: KRB5 Security Updates for Memory Errors

* bsc#1227186 * bsc#1227187 Cross-References: * CVE-2024-37370 . # Security update for krb5 Announcement ID: SUSE-SU-2024:2305-1 Rating: important References: * bsc#1227186 * bsc#1227187 Cross-References: * CVE-2024-37370 * CVE-2024-37371 CVSS scores: * CVE-2024-37370 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H * CVE-2024-37371 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that solves two vulnerabilities can now be installed. ## Description: This update for krb5 fixes the following issues: * CVE-2024-37370: Fixed confidential GSS krb5 wrap tokens with invalid fields were errouneously accepted (bsc#1227186). * CVE-2024-37371: Fixed invalid memory read when processing message tokens with invalid length fields (bsc#1227187). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-2305=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-2305=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-2305=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * krb5-plugin-preauth-otp-1.16.3-150100.3.36.1 * krb5-debugsource-1.16.3-150100.3.36.1 * krb5-plugin-preauth-otp-debuginfo-1.16.3-150100.3.36.1 *krb5-plugin-kdb-ldap-1.16.3-150100.3.36.1 * krb5-plugin-preauth-pkinit-debuginfo-1.16.3-150100.3.36.1 * krb5-plugin-kdb-ldap-debuginfo-1.16.3-150100.3.36.1 * krb5-server-debuginfo-1.16.3-150100.3.36.1 * krb5-client-1.16.3-150100.3.36.1 * krb5-1.16.3-150100.3.36.1 * krb5-plugin-preauth-pkinit-1.16.3-150100.3.36.1 * krb5-client-debuginfo-1.16.3-150100.3.36.1 * krb5-devel-1.16.3-150100.3.36.1 * krb5-server-1.16.3-150100.3.36.1 * krb5-debuginfo-1.16.3-150100.3.36.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (x86_64) * krb5-32bit-debuginfo-1.16.3-150100.3.36.1 * krb5-32bit-1.16.3-150100.3.36.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * krb5-plugin-preauth-otp-1.16.3-150100.3.36.1 * krb5-debugsource-1.16.3-150100.3.36.1 * krb5-plugin-preauth-otp-debuginfo-1.16.3-150100.3.36.1 * krb5-plugin-kdb-ldap-1.16.3-150100.3.36.1 * krb5-plugin-preauth-pkinit-debuginfo-1.16.3-150100.3.36.1 * krb5-plugin-kdb-ldap-debuginfo-1.16.3-150100.3.36.1 * krb5-server-debuginfo-1.16.3-150100.3.36.1 * krb5-client-1.16.3-150100.3.36.1 * krb5-1.16.3-150100.3.36.1 * krb5-plugin-preauth-pkinit-1.16.3-150100.3.36.1 * krb5-client-debuginfo-1.16.3-150100.3.36.1 * krb5-devel-1.16.3-150100.3.36.1 * krb5-server-1.16.3-150100.3.36.1 * krb5-debuginfo-1.16.3-150100.3.36.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (x86_64) * krb5-32bit-debuginfo-1.16.3-150100.3.36.1 * krb5-32bit-1.16.3-150100.3.36.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * krb5-plugin-preauth-otp-1.16.3-150100.3.36.1 * krb5-debugsource-1.16.3-150100.3.36.1 * krb5-plugin-preauth-otp-debuginfo-1.16.3-150100.3.36.1 * krb5-plugin-kdb-ldap-1.16.3-150100.3.36.1 * krb5-plugin-preauth-pkinit-debuginfo-1.16.3-150100.3.36.1 * krb5-plugin-kdb-ldap-debuginfo-1.16.3-150100.3.36.1 * krb5-server-debuginfo-1.16.3-150100.3.36.1 *krb5-client-1.16.3-150100.3.36.1 * krb5-1.16.3-150100.3.36.1 * krb5-plugin-preauth-pkinit-1.16.3-150100.3.36.1 * krb5-client-debuginfo-1.16.3-150100.3.36.1 * krb5-devel-1.16.3-150100.3.36.1 * krb5-server-1.16.3-150100.3.36.1 * krb5-debuginfo-1.16.3-150100.3.36.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (x86_64) * krb5-32bit-debuginfo-1.16.3-150100.3.36.1 * krb5-32bit-1.16.3-150100.3.36.1 ## References: * https://www.suse.com/security/cve/CVE-2024-37370.html * https://www.suse.com/security/cve/CVE-2024-37371.html * https://bugzilla.suse.com/show_bug.cgi?id=1227186 * https://bugzilla.suse.com/show_bug.cgi?id=1227187 . Crucial enhancements for krb5 tackling significant vulnerabilities in SUSE environments. Verify that your deployments are up-to-date.. krb5 patches, SUSE security, authentication vulnerabilities. . LinuxSecurity.com Team

Calendar%202 Jul 05, 2024 SuSE
100

SUSE: 2024:2303-1 Important: krb5 Memory Error And Confidentiality Issue

* bsc#1227186 * bsc#1227187 Cross-References: * CVE-2024-37370 . # Security update for krb5 Announcement ID: SUSE-SU-2024:2303-1 Rating: important References: * bsc#1227186 * bsc#1227187 Cross-References: * CVE-2024-37370 * CVE-2024-37371 CVSS scores: * CVE-2024-37370 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H * CVE-2024-37371 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves two vulnerabilities can now be installed. ## Description: This update for krb5 fixes the following issues: * CVE-2024-37370: Fixed confidential GSS krb5 wrap tokens with invalid fields were errouneously accepted (bsc#1227186). * CVE-2024-37371: Fixed invalid memory read when processing message tokens with invalid length fields (bsc#1227187). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-2303=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-2303=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-2303=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-2303=1 * SUSE Enterprise Storage 7.1 zypper in -t patchSUSE-Storage-7.1-2024-2303=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-2303=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-2303=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-2303=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150300.19.1 * krb5-plugin-preauth-otp-1.19.2-150300.19.1 * krb5-1.19.2-150300.19.1 * krb5-debugsource-1.19.2-150300.19.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150300.19.1 * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150300.19.1 * krb5-plugin-kdb-ldap-1.19.2-150300.19.1 * krb5-server-1.19.2-150300.19.1 * krb5-client-1.19.2-150300.19.1 * krb5-server-debuginfo-1.19.2-150300.19.1 * krb5-mini-debuginfo-1.19.2-150300.19.1 * krb5-plugin-preauth-spake-1.19.2-150300.19.1 * krb5-debuginfo-1.19.2-150300.19.1 * krb5-plugin-preauth-spake-debuginfo-1.19.2-150300.19.1 * krb5-mini-debugsource-1.19.2-150300.19.1 * krb5-mini-devel-1.19.2-150300.19.1 * krb5-devel-1.19.2-150300.19.1 * krb5-mini-1.19.2-150300.19.1 * krb5-plugin-preauth-pkinit-1.19.2-150300.19.1 * krb5-client-debuginfo-1.19.2-150300.19.1 * openSUSE Leap 15.3 (x86_64) * krb5-devel-32bit-1.19.2-150300.19.1 * krb5-32bit-1.19.2-150300.19.1 * krb5-32bit-debuginfo-1.19.2-150300.19.1 * openSUSE Leap 15.3 (aarch64_ilp32) * krb5-64bit-debuginfo-1.19.2-150300.19.1 * krb5-devel-64bit-1.19.2-150300.19.1 * krb5-64bit-1.19.2-150300.19.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150300.19.1 * krb5-plugin-preauth-otp-1.19.2-150300.19.1 * krb5-debugsource-1.19.2-150300.19.1 * krb5-1.19.2-150300.19.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150300.19.1 * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150300.19.1 *krb5-plugin-kdb-ldap-1.19.2-150300.19.1 * krb5-server-1.19.2-150300.19.1 * krb5-client-1.19.2-150300.19.1 * krb5-server-debuginfo-1.19.2-150300.19.1 * krb5-plugin-preauth-spake-1.19.2-150300.19.1 * krb5-plugin-preauth-spake-debuginfo-1.19.2-150300.19.1 * krb5-debuginfo-1.19.2-150300.19.1 * krb5-devel-1.19.2-150300.19.1 * krb5-plugin-preauth-pkinit-1.19.2-150300.19.1 * krb5-client-debuginfo-1.19.2-150300.19.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64) * krb5-32bit-1.19.2-150300.19.1 * krb5-32bit-debuginfo-1.19.2-150300.19.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150300.19.1 * krb5-plugin-preauth-otp-1.19.2-150300.19.1 * krb5-debugsource-1.19.2-150300.19.1 * krb5-1.19.2-150300.19.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150300.19.1 * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150300.19.1 * krb5-plugin-kdb-ldap-1.19.2-150300.19.1 * krb5-server-1.19.2-150300.19.1 * krb5-client-1.19.2-150300.19.1 * krb5-server-debuginfo-1.19.2-150300.19.1 * krb5-plugin-preauth-spake-1.19.2-150300.19.1 * krb5-plugin-preauth-spake-debuginfo-1.19.2-150300.19.1 * krb5-debuginfo-1.19.2-150300.19.1 * krb5-devel-1.19.2-150300.19.1 * krb5-plugin-preauth-pkinit-1.19.2-150300.19.1 * krb5-client-debuginfo-1.19.2-150300.19.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (x86_64) * krb5-32bit-1.19.2-150300.19.1 * krb5-32bit-debuginfo-1.19.2-150300.19.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150300.19.1 * krb5-plugin-preauth-otp-1.19.2-150300.19.1 * krb5-debugsource-1.19.2-150300.19.1 * krb5-1.19.2-150300.19.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150300.19.1 * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150300.19.1 * krb5-plugin-kdb-ldap-1.19.2-150300.19.1 * krb5-server-1.19.2-150300.19.1 * krb5-client-1.19.2-150300.19.1 * krb5-server-debuginfo-1.19.2-150300.19.1 * krb5-plugin-preauth-spake-1.19.2-150300.19.1 * krb5-plugin-preauth-spake-debuginfo-1.19.2-150300.19.1 * krb5-debuginfo-1.19.2-150300.19.1 * krb5-devel-1.19.2-150300.19.1 * krb5-plugin-preauth-pkinit-1.19.2-150300.19.1 * krb5-client-debuginfo-1.19.2-150300.19.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * krb5-32bit-1.19.2-150300.19.1 * krb5-32bit-debuginfo-1.19.2-150300.19.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150300.19.1 * krb5-plugin-preauth-otp-1.19.2-150300.19.1 * krb5-debugsource-1.19.2-150300.19.1 * krb5-1.19.2-150300.19.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150300.19.1 * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150300.19.1 * krb5-plugin-kdb-ldap-1.19.2-150300.19.1 * krb5-server-1.19.2-150300.19.1 * krb5-client-1.19.2-150300.19.1 * krb5-server-debuginfo-1.19.2-150300.19.1 * krb5-plugin-preauth-spake-1.19.2-150300.19.1 * krb5-plugin-preauth-spake-debuginfo-1.19.2-150300.19.1 * krb5-debuginfo-1.19.2-150300.19.1 * krb5-devel-1.19.2-150300.19.1 * krb5-plugin-preauth-pkinit-1.19.2-150300.19.1 * krb5-client-debuginfo-1.19.2-150300.19.1 * SUSE Enterprise Storage 7.1 (x86_64) * krb5-32bit-1.19.2-150300.19.1 * krb5-32bit-debuginfo-1.19.2-150300.19.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * krb5-debugsource-1.19.2-150300.19.1 * krb5-1.19.2-150300.19.1 * krb5-debuginfo-1.19.2-150300.19.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * krb5-debugsource-1.19.2-150300.19.1 * krb5-1.19.2-150300.19.1 * krb5-debuginfo-1.19.2-150300.19.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * krb5-debugsource-1.19.2-150300.19.1 * krb5-1.19.2-150300.19.1 * krb5-debuginfo-1.19.2-150300.19.1 ## References: * https://www.suse.com/security/cve/CVE-2024-37370.html *https://www.suse.com/security/cve/CVE-2024-37371.html * https://bugzilla.suse.com/show_bug.cgi?id=1227186 * https://bugzilla.suse.com/show_bug.cgi?id=1227187 . Significant upgrade for krb5 focusing on crucial vulnerabilities in SUSE platforms. Users are required to implement updates without delay.. SUSE Security Update, krb5 Security Advisory, SUSE Patch Management. . LinuxSecurity.com Team

Calendar%202 Jul 04, 2024 SuSE
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is application sandboxing truly safe?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/155-is-application-sandboxing-truly-safe?task=poll.vote&format=json
155
radio
0
[{"id":500,"title":"Malware still escapes container walls.","votes":1,"type":"x","order":1,"pct":25,"resources":[]},{"id":501,"title":"Supply chains corrupt trusted packages.","votes":1,"type":"x","order":2,"pct":25,"resources":[]},{"id":502,"title":"Convenience consistently compromises strict security.","votes":2,"type":"x","order":3,"pct":50,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200