Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 488
Alerts This Week
Warning Icon 1 488

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 306 articles for you...
202

openSUSE openSSL-3 Moderate CMS Forged Message NULL Pointer 2026-3094-1

An update that solves two vulnerabilities can now be installed.. # Security update for openssl-3 Announcement ID: SUSE-SU-2026:3094-1 Release Date: 2026-07-17T09:54:11Z Rating: moderate References: * bsc#1266344 * bsc#1266350 Cross-References: * CVE-2026-34182 * CVE-2026-42767 CVSS scores: * CVE-2026-34182 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-34182 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-34182 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-42767 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-42767 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42767 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves two vulnerabilities can now be installed. ## Description: This update for openssl-3 fixes the following issues * CVE-2026-34182: CMS AuthEnvelopedData Processing May Accept Forged Messages (bsc#1266344). * CVE-2026-42767: NULL Pointer Dereference in CRMF EncryptedValue Decryption (bsc#1266350). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-3094=1 *SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-3094=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-3094=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-3094=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-3094=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-3094=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-3094=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-3094=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-3094=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libopenssl-3-devel-3.0.8-150400.4.90.1 * openssl-3-3.0.8-150400.4.90.1 * openssl-3-debuginfo-3.0.8-150400.4.90.1 * openssl-3-debugsource-3.0.8-150400.4.90.1 * libopenssl3-3.0.8-150400.4.90.1 * libopenssl3-debuginfo-3.0.8-150400.4.90.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * libopenssl-3-devel-3.0.8-150400.4.90.1 * openssl-3-3.0.8-150400.4.90.1 * openssl-3-debuginfo-3.0.8-150400.4.90.1 * openssl-3-debugsource-3.0.8-150400.4.90.1 * libopenssl3-3.0.8-150400.4.90.1 * libopenssl3-debuginfo-3.0.8-150400.4.90.1 * openSUSE Leap 15.4 (aarch64 i586 ppc64le s390x x86_64) * libopenssl-3-devel-3.0.8-150400.4.90.1 * openssl-3-3.0.8-150400.4.90.1 * openssl-3-debuginfo-3.0.8-150400.4.90.1 * openssl-3-debugsource-3.0.8-150400.4.90.1 * libopenssl3-3.0.8-150400.4.90.1 * libopenssl3-debuginfo-3.0.8-150400.4.90.1 * openSUSE Leap 15.4 (x86_64) * libopenssl3-32bit-3.0.8-150400.4.90.1 * libopenssl-3-devel-32bit-3.0.8-150400.4.90.1 *libopenssl3-32bit-debuginfo-3.0.8-150400.4.90.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libopenssl3-64bit-3.0.8-150400.4.90.1 * libopenssl3-64bit-debuginfo-3.0.8-150400.4.90.1 * libopenssl-3-devel-64bit-3.0.8-150400.4.90.1 * openSUSE Leap 15.4 (noarch) * openssl-3-doc-3.0.8-150400.4.90.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libopenssl-3-devel-3.0.8-150400.4.90.1 * openssl-3-3.0.8-150400.4.90.1 * libopenssl3-debuginfo-3.0.8-150400.4.90.1 * openssl-3-debugsource-3.0.8-150400.4.90.1 * libopenssl3-3.0.8-150400.4.90.1 * openssl-3-debuginfo-3.0.8-150400.4.90.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libopenssl-3-devel-3.0.8-150400.4.90.1 * openssl-3-3.0.8-150400.4.90.1 * libopenssl3-debuginfo-3.0.8-150400.4.90.1 * openssl-3-debugsource-3.0.8-150400.4.90.1 * libopenssl3-3.0.8-150400.4.90.1 * openssl-3-debuginfo-3.0.8-150400.4.90.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * openssl-3-debugsource-3.0.8-150400.4.90.1 * libopenssl3-3.0.8-150400.4.90.1 * libopenssl3-debuginfo-3.0.8-150400.4.90.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * openssl-3-debugsource-3.0.8-150400.4.90.1 * libopenssl3-3.0.8-150400.4.90.1 * libopenssl3-debuginfo-3.0.8-150400.4.90.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * openssl-3-debugsource-3.0.8-150400.4.90.1 * libopenssl3-3.0.8-150400.4.90.1 * libopenssl3-debuginfo-3.0.8-150400.4.90.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * openssl-3-debugsource-3.0.8-150400.4.90.1 * libopenssl3-3.0.8-150400.4.90.1 * libopenssl3-debuginfo-3.0.8-150400.4.90.1 ## References: * https://www.suse.com/security/cve/CVE-2026-34182.html * https://www.suse.com/security/cve/CVE-2026-42767.html * https://bugzilla.suse.com/show_bug.cgi?id=1266344 * https://bugzilla.suse.com/show_bug.cgi?id=1266350 . Criticalissues in openssl-3 addressed by the latest openSUSE security advisory, ensuring system integrity and user safety.. openSUSE security, openssl update, software security patch. . Severity: moderate. LinuxSecurity.com Team

Calendar%202 Jul 17, 2026 moderate OpenSUSE
100

SUSE dhcpcd Moderate NULL Pointer Issue Vuln 2026-22542-1

An update that solves one vulnerability can now be installed.. # Security update for dhcpcd Announcement ID: SUSE-SU-2026:22542-1 Release Date: 2026-07-06T20:10:31Z Rating: moderate References: * bsc#1268761 Cross-References: * CVE-2025-70102 CVSS scores: * CVE-2025-70102 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-70102 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-70102 ( NVD ): 6.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Affected Products: * SUSE Linux Micro 6.2 An update that solves one vulnerability can now be installed. ## Description: This update for dhcpcd fixes the following issue Update to 10.3.2: * CVE-2025-70102: NULL pointer dereference in `parse_option()` when processing a specially crafted configuration input (bsc#1268761). Changes for dhcpcd: * options: Ensure ldop is not NULL dereferenced * DHCP: Don't run double EXPIRE hooks on carrier loss * DHCP: free the state when dropping on state NONE * BSD: don't send uninitialised memory using ps_root_indirectioctl * Fix fallback_time option * IPv4: Ignore DHCP state when building routes * route: Routes may not have an interface assinged * options: Ensure that an overly long bitflag string does not crash * options: Don't assume vsio options have an argument * common: Cast via uintptr_t rather than unsigned long in UNCONST * privsep: Ensure we recv for real after a successful recv MSG_PEEK * DHCP: Add parentheses to macro definitions * ipv6nd: empty IPV6RA_EXPIRE eloop queue when dropping * privsep: enforce message boundaries with MSG_EOR on our messages * Protocols will notify when dhcpcd can exit * DHCP: Don't request T1 and T2 * DHCP: Don't request a lease time * DHCP6: Don't exit if using DHCP4 INFORM in non manager mode * ND: Route Information Option prefix is optional * ipv6: respect slaac hwaddr to really use the hwaddr * When stopping all interfaces at exit andreleasing, remove persistance * NetBSD: Delete RTF_CONNECTED route when changing it * privsep: Drain the log when the root process is exiting * eloop: vastly reworked, kqueue and epoll support on by default ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-1147=1 ## Package List: * SUSE Linux Micro 6.2 (aarch64 ppc64le s390x x86_64) * dhcpcd-debugsource-10.3.2-160000.1.2 * dhcpcd-10.3.2-160000.1.2 * dhcpcd-debuginfo-10.3.2-160000.1.2 ## References: * https://www.suse.com/security/cve/CVE-2025-70102.html * https://bugzilla.suse.com/show_bug.cgi?id=1268761 . Enhance security with the latest SUSE update for dhcpcd, addressing a NULL pointer issue and strengthening system stability.. SUSE updates, dhcpcd patch, system security, moderate threat. . Severity: moderate. LinuxSecurity.com Team

Calendar%202 Jul 13, 2026 moderate SuSE
100

SUSE haproxy Important Buffer Overflow Null Pointer Vuln 2026-22515-1

An update that solves two vulnerabilities can now be installed.. # Security update for haproxy Announcement ID: SUSE-SU-2026:22515-1 Release Date: 2026-07-03T12:51:57Z Rating: important References: * bsc#1268557 * bsc#1268558 Cross-References: * CVE-2026-55203 * CVE-2026-55204 CVSS scores: * CVE-2026-55203 ( SUSE ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2026-55203 ( NVD ): 9.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:L/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-55203 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H * CVE-2026-55203 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:N * CVE-2026-55204 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-55204 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-55204 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves two vulnerabilities can now be installed. ## Description: This update for haproxy fixes the following issues * CVE-2026-55203: integer overflow vulnerability in the fcgi_conn structure's drl field that allows buffer misparse as new FCGI record headers (bsc#1268557). * CVE-2026-55204: null pointer dereference vulnerability in hpack_dht_insert() within src/hpack-tbl.c (bsc#1268558). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-781=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * haproxy-debugsource-2.8.11+git0.01c1056a4-4.1 *haproxy-debuginfo-2.8.11+git0.01c1056a4-4.1 * haproxy-2.8.11+git0.01c1056a4-4.1 ## References: * https://www.suse.com/security/cve/CVE-2026-55203.html * https://www.suse.com/security/cve/CVE-2026-55204.html * https://bugzilla.suse.com/show_bug.cgi?id=1268557 * https://bugzilla.suse.com/show_bug.cgi?id=1268558 . An important security update for haproxy addresses two vulnerabilities, ensuring stability and protection for SUSE users.. SUSE security update, haproxy patch, important vulnerabilities. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 08, 2026 Important SuSE
202

openSUSE dhcpcd Moderate NULL Pointer Issue Fix 2026-21220-1

An update that solves one vulnerability and has one bug fix can now be installed.. openSUSE security update: security update for dhcpcd ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:21220-1 Rating: moderate References: * bsc#1268761 Cross-References: * CVE-2025-70102 CVSS scores: * CVE-2025-70102 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-70102 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N Affected Products: openSUSE Leap 16.0 ------------------------------------------------------------- An update that solves one vulnerability and has one bug fix can now be installed. Description: This update for dhcpcd fixes the following issue Update to 10.3.2: - CVE-2025-70102: NULL pointer dereference in `parse_option()` when processing a specially crafted configuration input (bsc#1268761). Changes for dhcpcd: * options: Ensure ldop is not NULL dereferenced * DHCP: Don't run double EXPIRE hooks on carrier loss * DHCP: free the state when dropping on state NONE * BSD: don't send uninitialised memory using ps_root_indirectioctl * Fix fallback_time option * IPv4: Ignore DHCP state when building routes * route: Routes may not have an interface assinged * options: Ensure that an overly long bitflag string does not crash * options: Don't assume vsio options have an argument * common: Cast via uintptr_t rather than unsigned long in UNCONST * privsep: Ensure we recv for real after a successful recv MSG_PEEK * DHCP: Add parentheses to macro definitions * ipv6nd: empty IPV6RA_EXPIRE eloop queue when dropping * privsep: enforce message boundaries with MSG_EOR on our messages * Protocols will notify when dhcpcd can exit * DHCP: Don't request T1 and T2 * DHCP: Don't request a lease time * DHCP6: Don't exit if using DHCP4 INFORM in non manager mode * ND: Route Information Option prefix is optional * ipv6: respect slaac hwaddr to really use the hwaddr * When stoppingall interfaces at exit and releasing, remove persistance * NetBSD: Delete RTF_CONNECTED route when changing it * privsep: Drain the log when the root process is exiting * eloop: vastly reworked, kqueue and epoll support on by default Patch instructions: To install this openSUSE security update use the suse recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 16.0 zypper in -t patch openSUSE-Leap-16.0-1147=1 Package List: - openSUSE Leap 16.0: dhcpcd-10.3.2-160000.1.1 References: * https://www.suse.com/security/cve/CVE-2025-70102.html . Update for openSUSE dhcpcd addresses moderate flaws to protect network configurations against exploitation.. openSUSE dhcpcd patch NULL security update. . Severity: moderate. LinuxSecurity.com Team

Calendar%202 Jul 03, 2026 moderate OpenSUSE
202

openSUSE haproxy Important Buffer Misparse Null Pointer 2026-2651-1

An update that solves two vulnerabilities can now be installed.. # Security update for haproxy Announcement ID: SUSE-SU-2026:2651-1 Release Date: 2026-06-26T12:18:44Z Rating: important References: * bsc#1268557 * bsc#1268558 Cross-References: * CVE-2026-55203 * CVE-2026-55204 CVSS scores: * CVE-2026-55203 ( SUSE ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2026-55203 ( NVD ): 9.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:L/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-55203 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H * CVE-2026-55203 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:N * CVE-2026-55204 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-55204 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-55204 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Availability Extension 15 SP4 * SUSE Linux Enterprise High Availability Extension 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves two vulnerabilities can now be installed. ## Description: This update for haproxy fixesthe following issues * CVE-2026-55203: integer overflow vulnerability in the fcgi_conn structure's drl field that allows buffer misparse as new FCGI record headers (bsc#1268557). * CVE-2026-55204: null pointer dereference vulnerability in hpack_dht_insert() within src/hpack-tbl.c (bsc#1268558). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-2651=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2651=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2651=1 * SUSE Linux Enterprise High Availability Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-HA-15-SP5-2026-2651=1 * SUSE Linux Enterprise High Availability Extension 15 SP4 zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2026-2651=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2651=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2651=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2651=1 ## Package List: * SUSE Linux Enterprise High Availability Extension 15 SP4 (aarch64 ppc64le s390x x86_64) * haproxy-2.4.22+git0.f8e3218e2-150400.3.28.1 * haproxy-debuginfo-2.4.22+git0.f8e3218e2-150400.3.28.1 * haproxy-debugsource-2.4.22+git0.f8e3218e2-150400.3.28.1 * openSUSE Leap 15.4 (aarch64 i586 ppc64le s390x x86_64) * haproxy-2.4.22+git0.f8e3218e2-150400.3.28.1 * haproxy-debuginfo-2.4.22+git0.f8e3218e2-150400.3.28.1 * haproxy-debugsource-2.4.22+git0.f8e3218e2-150400.3.28.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * haproxy-2.4.22+git0.f8e3218e2-150400.3.28.1 * haproxy-debuginfo-2.4.22+git0.f8e3218e2-150400.3.28.1 *haproxy-debugsource-2.4.22+git0.f8e3218e2-150400.3.28.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * haproxy-2.4.22+git0.f8e3218e2-150400.3.28.1 * haproxy-debuginfo-2.4.22+git0.f8e3218e2-150400.3.28.1 * haproxy-debugsource-2.4.22+git0.f8e3218e2-150400.3.28.1 * SUSE Linux Enterprise High Availability Extension 15 SP5 (aarch64 ppc64le s390x x86_64) * haproxy-2.4.22+git0.f8e3218e2-150400.3.28.1 * haproxy-debuginfo-2.4.22+git0.f8e3218e2-150400.3.28.1 * haproxy-debugsource-2.4.22+git0.f8e3218e2-150400.3.28.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * haproxy-2.4.22+git0.f8e3218e2-150400.3.28.1 * haproxy-debuginfo-2.4.22+git0.f8e3218e2-150400.3.28.1 * haproxy-debugsource-2.4.22+git0.f8e3218e2-150400.3.28.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * haproxy-2.4.22+git0.f8e3218e2-150400.3.28.1 * haproxy-debuginfo-2.4.22+git0.f8e3218e2-150400.3.28.1 * haproxy-debugsource-2.4.22+git0.f8e3218e2-150400.3.28.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * haproxy-2.4.22+git0.f8e3218e2-150400.3.28.1 * haproxy-debuginfo-2.4.22+git0.f8e3218e2-150400.3.28.1 * haproxy-debugsource-2.4.22+git0.f8e3218e2-150400.3.28.1 ## References: * https://www.suse.com/security/cve/CVE-2026-55203.html * https://www.suse.com/security/cve/CVE-2026-55204.html * https://bugzilla.suse.com/show_bug.cgi?id=1268557 * https://bugzilla.suse.com/show_bug.cgi?id=1268558 . # Security update for haproxy Announcement ID: SUSE-SU-2026:2651-1 Release Date: 2026-06-26T12:18:44. update, solves, vulnerabilities, installed, security, haproxy, announ. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 26, 2026 Important OpenSUSE
100

SUSE haproxy Important Integer Overflow Null Pointer 2026-2651-1

An update that solves two vulnerabilities can now be installed.. # Security update for haproxy Announcement ID: SUSE-SU-2026:2651-1 Release Date: 2026-06-26T12:18:44Z Rating: important References: * bsc#1268557 * bsc#1268558 Cross-References: * CVE-2026-55203 * CVE-2026-55204 CVSS scores: * CVE-2026-55203 ( SUSE ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2026-55203 ( NVD ): 9.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:L/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-55203 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H * CVE-2026-55203 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:N * CVE-2026-55204 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-55204 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-55204 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Availability Extension 15 SP4 * SUSE Linux Enterprise High Availability Extension 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves two vulnerabilities can now be installed. ## Description: This update for haproxy fixesthe following issues * CVE-2026-55203: integer overflow vulnerability in the fcgi_conn structure's drl field that allows buffer misparse as new FCGI record headers (bsc#1268557). * CVE-2026-55204: null pointer dereference vulnerability in hpack_dht_insert() within src/hpack-tbl.c (bsc#1268558). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-2651=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2651=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2651=1 * SUSE Linux Enterprise High Availability Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-HA-15-SP5-2026-2651=1 * SUSE Linux Enterprise High Availability Extension 15 SP4 zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2026-2651=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2651=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2651=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2651=1 ## Package List: * SUSE Linux Enterprise High Availability Extension 15 SP4 (aarch64 ppc64le s390x x86_64) * haproxy-2.4.22+git0.f8e3218e2-150400.3.28.1 * haproxy-debuginfo-2.4.22+git0.f8e3218e2-150400.3.28.1 * haproxy-debugsource-2.4.22+git0.f8e3218e2-150400.3.28.1 * openSUSE Leap 15.4 (aarch64 i586 ppc64le s390x x86_64) * haproxy-2.4.22+git0.f8e3218e2-150400.3.28.1 * haproxy-debuginfo-2.4.22+git0.f8e3218e2-150400.3.28.1 * haproxy-debugsource-2.4.22+git0.f8e3218e2-150400.3.28.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * haproxy-2.4.22+git0.f8e3218e2-150400.3.28.1 * haproxy-debuginfo-2.4.22+git0.f8e3218e2-150400.3.28.1 *haproxy-debugsource-2.4.22+git0.f8e3218e2-150400.3.28.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * haproxy-2.4.22+git0.f8e3218e2-150400.3.28.1 * haproxy-debuginfo-2.4.22+git0.f8e3218e2-150400.3.28.1 * haproxy-debugsource-2.4.22+git0.f8e3218e2-150400.3.28.1 * SUSE Linux Enterprise High Availability Extension 15 SP5 (aarch64 ppc64le s390x x86_64) * haproxy-2.4.22+git0.f8e3218e2-150400.3.28.1 * haproxy-debuginfo-2.4.22+git0.f8e3218e2-150400.3.28.1 * haproxy-debugsource-2.4.22+git0.f8e3218e2-150400.3.28.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * haproxy-2.4.22+git0.f8e3218e2-150400.3.28.1 * haproxy-debuginfo-2.4.22+git0.f8e3218e2-150400.3.28.1 * haproxy-debugsource-2.4.22+git0.f8e3218e2-150400.3.28.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * haproxy-2.4.22+git0.f8e3218e2-150400.3.28.1 * haproxy-debuginfo-2.4.22+git0.f8e3218e2-150400.3.28.1 * haproxy-debugsource-2.4.22+git0.f8e3218e2-150400.3.28.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * haproxy-2.4.22+git0.f8e3218e2-150400.3.28.1 * haproxy-debuginfo-2.4.22+git0.f8e3218e2-150400.3.28.1 * haproxy-debugsource-2.4.22+git0.f8e3218e2-150400.3.28.1 ## References: * https://www.suse.com/security/cve/CVE-2026-55203.html * https://www.suse.com/security/cve/CVE-2026-55204.html * https://bugzilla.suse.com/show_bug.cgi?id=1268557 * https://bugzilla.suse.com/show_bug.cgi?id=1268558 . Security update addresses two vulnerabilities in haproxy for SUSE distributions, offering essential patches for system safety.. SUSE haproxy vulnerabilities security patch update. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 26, 2026 Important SuSE
100

SUSE Haproxy Important Security Issues Modeled 2026-2652-1

An update that solves two vulnerabilities can now be installed.. # Security update for haproxy Announcement ID: SUSE-SU-2026:2652-1 Release Date: 2026-06-26T12:21:07Z Rating: important References: * bsc#1268557 * bsc#1268558 Cross-References: * CVE-2026-55203 * CVE-2026-55204 CVSS scores: * CVE-2026-55203 ( SUSE ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2026-55203 ( NVD ): 9.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:L/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-55203 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H * CVE-2026-55203 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:N * CVE-2026-55204 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-55204 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-55204 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise High Availability Extension 15 SP6 * SUSE Linux Enterprise High Availability Extension 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves two vulnerabilities can now be installed. ## Description: This update for haproxy fixes the following issues * CVE-2026-55203: integer overflow vulnerability in the fcgi_conn structure's drl field that allows buffer misparse as new FCGI record headers (bsc#1268557). * CVE-2026-55204: null pointer dereference vulnerability in hpack_dht_insert() within src/hpack-tbl.c (bsc#1268558). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaSTonline_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Availability Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-HA-15-SP6-2026-2652=1 * SUSE Linux Enterprise High Availability Extension 15 SP7 zypper in -t patch SUSE-SLE-Product-HA-15-SP7-2026-2652=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-2652=1 ## Package List: * SUSE Linux Enterprise High Availability Extension 15 SP6 (aarch64 ppc64le s390x x86_64) * haproxy-debugsource-2.8.11+git0.01c1056a4-150600.3.15.1 * haproxy-debuginfo-2.8.11+git0.01c1056a4-150600.3.15.1 * haproxy-2.8.11+git0.01c1056a4-150600.3.15.1 * openSUSE Leap 15.6 (aarch64 i586 ppc64le s390x x86_64) * haproxy-debugsource-2.8.11+git0.01c1056a4-150600.3.15.1 * haproxy-debuginfo-2.8.11+git0.01c1056a4-150600.3.15.1 * haproxy-2.8.11+git0.01c1056a4-150600.3.15.1 * SUSE Linux Enterprise High Availability Extension 15 SP7 (aarch64 ppc64le s390x x86_64) * haproxy-debugsource-2.8.11+git0.01c1056a4-150600.3.15.1 * haproxy-debuginfo-2.8.11+git0.01c1056a4-150600.3.15.1 * haproxy-2.8.11+git0.01c1056a4-150600.3.15.1 ## References: * https://www.suse.com/security/cve/CVE-2026-55203.html * https://www.suse.com/security/cve/CVE-2026-55204.html * https://bugzilla.suse.com/show_bug.cgi?id=1268557 * https://bugzilla.suse.com/show_bug.cgi?id=1268558 . Haproxy update resolves two issues affecting multiple SUSE platforms. Ensure your system is secured from these vulnerabilities.. SUSE Updates, Haproxy Security, SUSE Vulnerabilities, Linux Security, System Patch Management. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 26, 2026 Important SuSE
202

openSUSE haproxy Important Buffer Overflow Null Pointer Attack 2026-2652-1

An update that solves two vulnerabilities can now be installed.. # Security update for haproxy Announcement ID: SUSE-SU-2026:2652-1 Release Date: 2026-06-26T12:21:07Z Rating: important References: * bsc#1268557 * bsc#1268558 Cross-References: * CVE-2026-55203 * CVE-2026-55204 CVSS scores: * CVE-2026-55203 ( SUSE ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2026-55203 ( NVD ): 9.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:L/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-55203 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H * CVE-2026-55203 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:N * CVE-2026-55204 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-55204 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-55204 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise High Availability Extension 15 SP6 * SUSE Linux Enterprise High Availability Extension 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves two vulnerabilities can now be installed. ## Description: This update for haproxy fixes the following issues * CVE-2026-55203: integer overflow vulnerability in the fcgi_conn structure's drl field that allows buffer misparse as new FCGI record headers (bsc#1268557). * CVE-2026-55204: null pointer dereference vulnerability in hpack_dht_insert() within src/hpack-tbl.c (bsc#1268558). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaSTonline_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Availability Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-HA-15-SP6-2026-2652=1 * SUSE Linux Enterprise High Availability Extension 15 SP7 zypper in -t patch SUSE-SLE-Product-HA-15-SP7-2026-2652=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-2652=1 ## Package List: * SUSE Linux Enterprise High Availability Extension 15 SP6 (aarch64 ppc64le s390x x86_64) * haproxy-debugsource-2.8.11+git0.01c1056a4-150600.3.15.1 * haproxy-debuginfo-2.8.11+git0.01c1056a4-150600.3.15.1 * haproxy-2.8.11+git0.01c1056a4-150600.3.15.1 * openSUSE Leap 15.6 (aarch64 i586 ppc64le s390x x86_64) * haproxy-debugsource-2.8.11+git0.01c1056a4-150600.3.15.1 * haproxy-debuginfo-2.8.11+git0.01c1056a4-150600.3.15.1 * haproxy-2.8.11+git0.01c1056a4-150600.3.15.1 * SUSE Linux Enterprise High Availability Extension 15 SP7 (aarch64 ppc64le s390x x86_64) * haproxy-debugsource-2.8.11+git0.01c1056a4-150600.3.15.1 * haproxy-debuginfo-2.8.11+git0.01c1056a4-150600.3.15.1 * haproxy-2.8.11+git0.01c1056a4-150600.3.15.1 ## References: * https://www.suse.com/security/cve/CVE-2026-55203.html * https://www.suse.com/security/cve/CVE-2026-55204.html * https://bugzilla.suse.com/show_bug.cgi?id=1268557 * https://bugzilla.suse.com/show_bug.cgi?id=1268558 . A security update for openSUSE fixes critical issues in haproxy due to vulnerabilities. Immediate installation advised.. openSUSE security, haproxy vulnerabilities, SUSE update instruction, Linux patch management. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 26, 2026 Important OpenSUSE
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200