Explore top 10 tips to secure your open-source projects now. Read More
×An update that solves 3 vulnerabilities can now be installed.. # nginx-1.31.3-1.1 on GA media Announcement ID: openSUSE-SU-2026:11295-1 Rating: moderate Cross-References: * CVE-2026-42533 * CVE-2026-56434 * CVE-2026-60005 CVSS scores: * CVE-2026-42533 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-42533 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-56434 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-56434 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-60005 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-60005 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N Affected Products: * openSUSE Tumbleweed An update that solves 3 vulnerabilities can now be installed. ## Description: These are all security issues fixed in the nginx-1.31.3-1.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * nginx 1.31.3-1.1 * nginx-source 1.31.3-1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-42533.html * https://www.suse.com/security/cve/CVE-2026-56434.html * https://www.suse.com/security/cve/CVE-2026-60005.html . An update for openSUSE addresses three security issues in nginx-1.31.3-1.1 with moderate severity ratings.. openSUSE security update, nginx issues, security vulnerabilities, software patching. . Severity: moderate. LinuxSecurity.com Team
An update that solves one vulnerability can now be installed.. # oras-1.3.3-2.1 on GA media Announcement ID: openSUSE-SU-2026:11297-1 Rating: moderate Cross-References: * CVE-2026-50163 CVSS scores: * CVE-2026-50163 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N Affected Products: * openSUSE Tumbleweed An update that solves one vulnerability can now be installed. ## Description: These are all security issues fixed in the oras-1.3.3-2.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * oras 1.3.3-2.1 * oras-bash-completion 1.3.3-2.1 * oras-fish-completion 1.3.3-2.1 * oras-zsh-completion 1.3.3-2.1 ## References: * https://www.suse.com/security/cve/CVE-2026-50163.html . An important update for openSUSE Tumbleweed resolves a moderate security issue in the oras package. Learn more here.. openSUSE security update, oras package, moderate risk advisory, CVE-2026-50163, threat guidance. . Severity: moderate. LinuxSecurity.com Team
An update that solves 3 vulnerabilities can now be installed.. # blender-5.2-5.2.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:11288-1 Rating: moderate Cross-References: * CVE-2022-0544 * CVE-2022-0545 * CVE-2022-0546 Affected Products: * openSUSE Tumbleweed An update that solves 3 vulnerabilities can now be installed. ## Description: These are all security issues fixed in the blender-5.2-5.2.0-1.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * blender-5.2 5.2.0-1.1 * blender-5.2-demo 5.2.0-1.1 * blender-5.2-lang 5.2.0-1.1 ## References: * https://www.suse.com/security/cve/CVE-2022-0544.html * https://www.suse.com/security/cve/CVE-2022-0545.html * https://www.suse.com/security/cve/CVE-2022-0546.html . An update for openSUSE addresses three security issues in Blender, enhancing system protection and stability.. Blender security update, openSUSE vulnerabilities, software patch, package management. . Severity: moderate. LinuxSecurity.com Team
An update that solves 6 vulnerabilities can now be installed.. # gomuks-26.03+git.1780250926.564a8707-1.1 on GA media Announcement ID: openSUSE-SU-2026:11290-1 Rating: moderate Cross-References: * CVE-2026-25681 * CVE-2026-27136 * CVE-2026-33809 * CVE-2026-39821 * CVE-2026-42502 * CVE-2026-42506 CVSS scores: * CVE-2026-25681 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-25681 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N * CVE-2026-27136 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-27136 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N * CVE-2026-39821 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-39821 ( SUSE ): 9.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-42502 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-42502 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N * CVE-2026-42506 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-42506 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N Affected Products: * openSUSE Tumbleweed An update that solves 6 vulnerabilities can now be installed. ## Description: These are all security issues fixed in the gomuks-26.03+git.1780250926.564a8707-1.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * gomuks 26.03+git.1780250926.564a8707-1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-25681.html * https://www.suse.com/security/cve/CVE-2026-27136.html * https://www.suse.com/security/cve/CVE-2026-33809.html * https://www.suse.com/security/cve/CVE-2026-39821.html * https://www.suse.com/security/cve/CVE-2026-42502.html * https://www.suse.com/security/cve/CVE-2026-42506.html . Explore the openSUSE update solving six vulnerabilities in the gomuks package for improved security management.. openSUSEUpdate, gomuks, security issues, software vulnerability, installation guidance. . Severity: moderate. LinuxSecurity.com Team
An update that solves 9 vulnerabilities and has 9 bug fixes can now be installed.. openSUSE security update: security update for cyrus-imapd ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:21368-1 Rating: moderate References: * bsc#1271617 * bsc#1271618 * bsc#1271619 * bsc#1271620 * bsc#1271621 * bsc#1271622 * bsc#1271623 * bsc#1271624 * bsc#1271625 Cross-References: * CVE-2026-47081 * CVE-2026-47082 * CVE-2026-47083 * CVE-2026-47084 * CVE-2026-47085 * CVE-2026-47086 * CVE-2026-47087 * CVE-2026-47088 * CVE-2026-47089 Affected Products: openSUSE Leap 16.0 ------------------------------------------------------------- An update that solves 9 vulnerabilities and has 9 bug fixes can now be installed. Description: This update for cyrus-imapd fixes the following issues: Changes in cyrus-imapd: - Update to 3.8.7 (bugfix release) - CVE-2026-47081: XAPPLEPUSHSERVICE folder existence oracle and push hijack (bsc#1271617) - CVE-2026-47083: ESEARCH cross-user content oracle (bsc#1271619) - CVE-2026-47082: Vacation "fcc" skips destination-mailbox ACL (bsc#1271618) - CVE-2026-47084: LOCALDELETE bypassed ACL checks (bsc#1271620) - CVE-2026-47085: URLAUTH token forgery via missing mboxkey (bsc#1271621) - CVE-2026-47086: GENURLAUTH issued tokens bypassing ACLs (bsc#1271622) - CVE-2026-47087: URLAUTH does not honor revoked authorizer access (bsc#1271623) - CVE-2026-47088: Heap exposure in nested MIME comment parsing (bsc#1271624) - CVE-2026-47089: LISTRIGHTS not limited to users with admin access (bsc#1271625) Patch instructions: To install this openSUSE security update use the suse recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 16.0 zypper in -t patch openSUSE-Leap-16.0-packagehub-428=1 Package List: - openSUSE Leap 16.0: cyradm-3.8.7-bp160.1.1 cyrus-imapd-3.8.7-bp160.1.1 cyrus-imapd-devel-3.8.7-bp160.1.1 cyrus-imapd-snmp-3.8.7-bp160.1.1 cyrus-imapd-snmp-mibs-3.8.7-bp160.1.1 cyrus-imapd-utils-3.8.7-bp160.1.1 libcyrus0-3.8.7-bp160.1.1 perl-Cyrus-Annotator-3.8.7-bp160.1.1 perl-Cyrus-IMAP-3.8.7-bp160.1.1 perl-Cyrus-SIEVE-managesieve-3.8.7-bp160.1.1 References: * https://www.suse.com/security/cve/CVE-2026-47081.html * https://www.suse.com/security/cve/CVE-2026-47082.html * https://www.suse.com/security/cve/CVE-2026-47083.html * https://www.suse.com/security/cve/CVE-2026-47084.html * https://www.suse.com/security/cve/CVE-2026-47085.html * https://www.suse.com/security/cve/CVE-2026-47086.html * https://www.suse.com/security/cve/CVE-2026-47087.html * https://www.suse.com/security/cve/CVE-2026-47088.html * https://www.suse.com/security/cve/CVE-2026-47089.html . An update for openSUSE for cyrus-imapd resolving 9 issues now available for installation via zypper or YaST methods.. cyrus-imapd update, openSUSE security, moderate severity, Linux patch management. . Severity: moderate. LinuxSecurity.com Team
An update that solves one vulnerability can now be installed.. # Security update for python-paramiko Announcement ID: SUSE-SU-2026:3093-1 Release Date: 2026-07-17T09:48:50Z Rating: moderate References: * bsc#1264225 Cross-References: * CVE-2026-44405 CVSS scores: * CVE-2026-44405 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-44405 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-44405 ( NVD ): 3.4 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N Affected Products: * openSUSE Leap 15.4 * Public Cloud Module 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for python-paramiko fixes the following issue * CVE-2026-44405: data integrity compromise due to allowed SHA-1 algorithm use (bsc#1264225). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-3093=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2026-3093=1 ## Package List: * openSUSE Leap 15.4 (noarch) * python-paramiko-doc-3.4.0-150400.13.13.1 * python311-paramiko-3.4.0-150400.13.13.1 * Public Cloud Module 15-SP4 (noarch) * python-paramiko-doc-3.4.0-150400.13.13.1 * python311-paramiko-3.4.0-150400.13.13.1 ## References: * https://www.suse.com/security/cve/CVE-2026-44405.html * https://bugzilla.suse.com/show_bug.cgi?id=1264225 . Critical software update for openSUSE fixes data integrity risk in python-paramiko; steps to install included.. openSUSE,python-paramiko, data integrity, software update, security advisory. . Severity: moderate. LinuxSecurity.com Team
An update that solves two vulnerabilities can now be installed.. # Security update for openssl-3 Announcement ID: SUSE-SU-2026:3094-1 Release Date: 2026-07-17T09:54:11Z Rating: moderate References: * bsc#1266344 * bsc#1266350 Cross-References: * CVE-2026-34182 * CVE-2026-42767 CVSS scores: * CVE-2026-34182 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-34182 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-34182 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-42767 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-42767 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42767 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves two vulnerabilities can now be installed. ## Description: This update for openssl-3 fixes the following issues * CVE-2026-34182: CMS AuthEnvelopedData Processing May Accept Forged Messages (bsc#1266344). * CVE-2026-42767: NULL Pointer Dereference in CRMF EncryptedValue Decryption (bsc#1266350). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-3094=1 *SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-3094=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-3094=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-3094=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-3094=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-3094=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-3094=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-3094=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-3094=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libopenssl-3-devel-3.0.8-150400.4.90.1 * openssl-3-3.0.8-150400.4.90.1 * openssl-3-debuginfo-3.0.8-150400.4.90.1 * openssl-3-debugsource-3.0.8-150400.4.90.1 * libopenssl3-3.0.8-150400.4.90.1 * libopenssl3-debuginfo-3.0.8-150400.4.90.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * libopenssl-3-devel-3.0.8-150400.4.90.1 * openssl-3-3.0.8-150400.4.90.1 * openssl-3-debuginfo-3.0.8-150400.4.90.1 * openssl-3-debugsource-3.0.8-150400.4.90.1 * libopenssl3-3.0.8-150400.4.90.1 * libopenssl3-debuginfo-3.0.8-150400.4.90.1 * openSUSE Leap 15.4 (aarch64 i586 ppc64le s390x x86_64) * libopenssl-3-devel-3.0.8-150400.4.90.1 * openssl-3-3.0.8-150400.4.90.1 * openssl-3-debuginfo-3.0.8-150400.4.90.1 * openssl-3-debugsource-3.0.8-150400.4.90.1 * libopenssl3-3.0.8-150400.4.90.1 * libopenssl3-debuginfo-3.0.8-150400.4.90.1 * openSUSE Leap 15.4 (x86_64) * libopenssl3-32bit-3.0.8-150400.4.90.1 * libopenssl-3-devel-32bit-3.0.8-150400.4.90.1 *libopenssl3-32bit-debuginfo-3.0.8-150400.4.90.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libopenssl3-64bit-3.0.8-150400.4.90.1 * libopenssl3-64bit-debuginfo-3.0.8-150400.4.90.1 * libopenssl-3-devel-64bit-3.0.8-150400.4.90.1 * openSUSE Leap 15.4 (noarch) * openssl-3-doc-3.0.8-150400.4.90.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libopenssl-3-devel-3.0.8-150400.4.90.1 * openssl-3-3.0.8-150400.4.90.1 * libopenssl3-debuginfo-3.0.8-150400.4.90.1 * openssl-3-debugsource-3.0.8-150400.4.90.1 * libopenssl3-3.0.8-150400.4.90.1 * openssl-3-debuginfo-3.0.8-150400.4.90.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libopenssl-3-devel-3.0.8-150400.4.90.1 * openssl-3-3.0.8-150400.4.90.1 * libopenssl3-debuginfo-3.0.8-150400.4.90.1 * openssl-3-debugsource-3.0.8-150400.4.90.1 * libopenssl3-3.0.8-150400.4.90.1 * openssl-3-debuginfo-3.0.8-150400.4.90.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * openssl-3-debugsource-3.0.8-150400.4.90.1 * libopenssl3-3.0.8-150400.4.90.1 * libopenssl3-debuginfo-3.0.8-150400.4.90.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * openssl-3-debugsource-3.0.8-150400.4.90.1 * libopenssl3-3.0.8-150400.4.90.1 * libopenssl3-debuginfo-3.0.8-150400.4.90.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * openssl-3-debugsource-3.0.8-150400.4.90.1 * libopenssl3-3.0.8-150400.4.90.1 * libopenssl3-debuginfo-3.0.8-150400.4.90.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * openssl-3-debugsource-3.0.8-150400.4.90.1 * libopenssl3-3.0.8-150400.4.90.1 * libopenssl3-debuginfo-3.0.8-150400.4.90.1 ## References: * https://www.suse.com/security/cve/CVE-2026-34182.html * https://www.suse.com/security/cve/CVE-2026-42767.html * https://bugzilla.suse.com/show_bug.cgi?id=1266344 * https://bugzilla.suse.com/show_bug.cgi?id=1266350 . Criticalissues in openssl-3 addressed by the latest openSUSE security advisory, ensuring system integrity and user safety.. openSUSE security, openssl update, software security patch. . Severity: moderate. LinuxSecurity.com Team
The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-34355 http://linux.oracle.com/errata/ELSA-2026-34355.html The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network: x86_64: mod_http2-2.0.29-4.el10_2.2.x86_64.rpm aarch64: mod_http2-2.0.29-4.el10_2.2.aarch64.rpm SRPMS: http://oss.oracle.com/ol10/SRPMS-updates/mod_http2-2.0.29-4.el10_2.2.src.rpm Related CVEs: CVE-2026-43951 CVE-2026-48913 Description of changes: [2.0.29-4.2] - Resolves: RHEL-188008 - address CVE-2026-43951, CVE-2026-48913 [2.0.29-4.1] - Resolves: RHEL-182410 - mod_http2: HTTP/2: Remote Denial of Service via compression bomb and Slowloris-style attack (CVE-2026-49975) [2.0.29-4] - Resolves: RHEL-166269 - httpd: Apache HTTP Server: HTTP/2 DoS by Memory Increase (CVE-2025-53020) _______________________________________________ El-errata mailing list
Get the latest Linux and open source security news straight to your inbox.