Explore top 10 tips to secure your open-source projects now. Read More
×An update that solves one vulnerability can now be installed.. # Security update for perl-DBI Announcement ID: SUSE-SU-2026:2750-1 Release Date: 2026-07-03T13:34:24Z Rating: important References: * bsc#1267957 Cross-References: * CVE-2026-9698 CVSS scores: * CVE-2026-9698 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-9698 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-9698 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-9698 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for perl-DBI fixes the following issue * CVE-2026-9698: DBI versions before 1.648 for Perl saved errors in a limited- sized buffer (bsc#1267957). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2750=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2750=1 * SUSE Linux Enterprise Server for SAPApplications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2750=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2750=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2750=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2750=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2750=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2750=1 ## Package List: * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * perl-DBI-debugsource-1.642-150200.3.12.1 * perl-DBI-1.642-150200.3.12.1 * perl-DBI-debuginfo-1.642-150200.3.12.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * perl-DBI-1.642-150200.3.12.1 * perl-DBI-debugsource-1.642-150200.3.12.1 * perl-DBI-debuginfo-1.642-150200.3.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * perl-DBI-debugsource-1.642-150200.3.12.1 * perl-DBI-1.642-150200.3.12.1 * perl-DBI-debuginfo-1.642-150200.3.12.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * perl-DBI-1.642-150200.3.12.1 * perl-DBI-debugsource-1.642-150200.3.12.1 * perl-DBI-debuginfo-1.642-150200.3.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * perl-DBI-1.642-150200.3.12.1 * perl-DBI-debugsource-1.642-150200.3.12.1 * perl-DBI-debuginfo-1.642-150200.3.12.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * perl-DBI-1.642-150200.3.12.1 * perl-DBI-debugsource-1.642-150200.3.12.1 * perl-DBI-debuginfo-1.642-150200.3.12.1 * SUSE Linux Enterprise HighPerformance Computing ESPOS 15 SP4 (aarch64 x86_64) * perl-DBI-debugsource-1.642-150200.3.12.1 * perl-DBI-1.642-150200.3.12.1 * perl-DBI-debuginfo-1.642-150200.3.12.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * perl-DBI-1.642-150200.3.12.1 * perl-DBI-debugsource-1.642-150200.3.12.1 * perl-DBI-debuginfo-1.642-150200.3.12.1 ## References: * https://www.suse.com/security/cve/CVE-2026-9698.html * https://bugzilla.suse.com/show_bug.cgi?id=1267957 . Install important security update for perl-DBI on SUSE to mitigate buffer overflow vulnerability.. SUSE perl-DBI update, important security patch, buffer overflow fix. . Severity: Important. LinuxSecurity.com Team
An update that solves 2 vulnerabilities and has 2 bug fixes can now be installed.. openSUSE security update: security update for python-pydata-sphinx-theme ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:21173-1 Rating: important References: * bsc#1264374 * bsc#1268957 Cross-References: * CVE-2026-48779 * CVE-2026-6321 CVSS scores: * CVE-2026-48779 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-48779 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-6321 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2026-6321 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N Affected Products: openSUSE Leap 16.0 ------------------------------------------------------------- An update that solves 2 vulnerabilities and has 2 bug fixes can now be installed. Description: This update for python-pydata-sphinx-theme fixes the following issues: Changes in python-pydata-sphinx-theme: - Refresh js dependencies: * ws to 7.5.11 (bsc#1268957, CVE-2026-48779) - Refresh vendored tarball (CVE-2026-6321, bsc#1264374) Patch instructions: To install this openSUSE security update use the suse recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 16.0 zypper in -t patch openSUSE-Leap-16.0-packagehub-368=1 Package List: - openSUSE Leap 16.0: python313-pydata-sphinx-theme-0.16.1-bp160.2.1 References: * https://www.suse.com/security/cve/CVE-2026-48779.html * https://www.suse.com/security/cve/CVE-2026-6321.html . This security update addresses issues for python-pydata-sphinx-theme in openSUSE and enhances system stability.. openSUSE security, python-pydata-sphinx-theme, CVE-2026-48779, CVE-2026-6321, vulnerability patch. . Severity: Important. LinuxSecurity.com Team
An update that solves 10 vulnerabilities, contains one feature and has five security fixes can now be installed.. # Security update for apache2 Announcement ID: SUSE-SU-2026:2641-1 Release Date: 2026-06-26T07:10:45Z Rating: important References: * bsc#1207327 * bsc#1208708 * bsc#1214357 * bsc#1263935 * bsc#1263950 * bsc#1263951 * bsc#1263952 * bsc#1263953 * bsc#1263954 * bsc#1263955 * bsc#1263956 * bsc#1263957 * bsc#1264150 * bsc#1264163 * bsc#690734 * jsc#PED-16334 Cross-References: * CVE-2026-24072 * CVE-2026-28780 * CVE-2026-29168 * CVE-2026-29169 * CVE-2026-33006 * CVE-2026-33007 * CVE-2026-33523 * CVE-2026-33857 * CVE-2026-34032 * CVE-2026-34059 CVSS scores: * CVE-2026-24072 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2026-24072 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-28780 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-28780 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-28780 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-29168 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-29168 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-29168 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2026-29169 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-29169 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-29169 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33006 ( SUSE ): 9.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-33006 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-33006 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-33007 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N *CVE-2026-33007 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-33007 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-33523 ( SUSE ): 9.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:H/SI:H/SA:N * CVE-2026-33523 ( SUSE ): 8.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N * CVE-2026-33523 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-33857 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-33857 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-33857 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-34032 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-34032 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-34032 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-34059 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-34059 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-34059 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves 10 vulnerabilities, contains one feature and has five security fixes can now be installed. ## Description: This update for apache2 fixes the following issues Update to 2.4.66 (jsc#PED-16334): Security issues: * CVE-2026-23918: http2: double free and possible RCE on early reset (bsc#1263957). * CVE-2026-24072: mod_rewrite elevation of privileges via ap_expr (bsc#1263935). * CVE-2026-28780: heap buffer overflow in `mod_proxy_ajp` via `ajp_msg_check_header()` (bsc#1264163). * CVE-2026-29168: allocation ofresources without limits in `mod_md` via OCSP response (bsc#1264150). * CVE-2026-29169: NULL pointer dereference in `mod_dav_lock` allows server crash via malicious requests (bsc#1263956). * CVE-2026-33006: `mod_auth_digest` timing attack allows bypass of Digest authentication (bsc#1263955). * CVE-2026-33007: NULL pointer dereference in `mod_authn_socache` allows unauthenticated remote user to crash a child processes (bsc#1263954). * CVE-2026-33523: HTTP response splitting forwarding malicious status line (bsc#1263953). * CVE-2026-33857: off-by-one OOB reads in AJP getter functions (bsc#1263952). * CVE-2026-34032: heap buffer overread in `mod_proxy_ajp` due to missing null- termination check (bsc#1263951). * CVE-2026-34059: heap buffer overread and memory disclosure via `ajp_parse_data()` (bsc#1263950). Non security issue: * Internal server error on very long URL (bsc#690734). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2026-2641=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-2641=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * apache2-example-pages-2.4.66-35.78.1 * apache2-prefork-debuginfo-2.4.66-35.78.1 * apache2-worker-2.4.66-35.78.1 * apache2-tls13-prefork-debuginfo-2.4.66-35.78.1 * apache2-prefork-2.4.66-35.78.1 * apache2-tls13-devel-2.4.66-35.78.1 * apache2-devel-2.4.66-35.78.1 * apache2-debugsource-2.4.66-35.78.1 * apache2-tls13-worker-debuginfo-2.4.66-35.78.1 * apache2-utils-debuginfo-2.4.66-35.78.1 * apache2-tls13-example-pages-2.4.66-35.78.1 * apache2-2.4.66-35.78.1 * apache2-debuginfo-2.4.66-35.78.1 * apache2-tls13-worker-2.4.66-35.78.1 * apache2-tls13-debugsource-2.4.66-35.78.1 * apache2-tls13-debuginfo-2.4.66-35.78.1 * apache2-tls13-2.4.66-35.78.1 * apache2-tls13-utils-debuginfo-2.4.66-35.78.1 * apache2-utils-2.4.66-35.78.1 * apache2-tls13-prefork-2.4.66-35.78.1 * apache2-tls13-utils-2.4.66-35.78.1 * apache2-worker-debuginfo-2.4.66-35.78.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * apache2-doc-2.4.66-35.78.1 * apache2-tls13-doc-2.4.66-35.78.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * apache2-example-pages-2.4.66-35.78.1 * apache2-prefork-debuginfo-2.4.66-35.78.1 * apache2-worker-2.4.66-35.78.1 * apache2-tls13-prefork-debuginfo-2.4.66-35.78.1 * apache2-prefork-2.4.66-35.78.1 * apache2-tls13-devel-2.4.66-35.78.1 * apache2-devel-2.4.66-35.78.1 * apache2-debugsource-2.4.66-35.78.1 * apache2-tls13-worker-debuginfo-2.4.66-35.78.1 * apache2-utils-debuginfo-2.4.66-35.78.1 * apache2-tls13-example-pages-2.4.66-35.78.1 * apache2-2.4.66-35.78.1 * apache2-debuginfo-2.4.66-35.78.1 * apache2-tls13-worker-2.4.66-35.78.1 * apache2-tls13-debugsource-2.4.66-35.78.1 * apache2-tls13-debuginfo-2.4.66-35.78.1 * apache2-tls13-2.4.66-35.78.1 * apache2-tls13-utils-debuginfo-2.4.66-35.78.1 * apache2-utils-2.4.66-35.78.1 * apache2-tls13-prefork-2.4.66-35.78.1 * apache2-tls13-utils-2.4.66-35.78.1 * apache2-worker-debuginfo-2.4.66-35.78.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * apache2-doc-2.4.66-35.78.1 * apache2-tls13-doc-2.4.66-35.78.1 ## References: * https://www.suse.com/security/cve/CVE-2026-24072.html * https://www.suse.com/security/cve/CVE-2026-28780.html * https://www.suse.com/security/cve/CVE-2026-29168.html * https://www.suse.com/security/cve/CVE-2026-29169.html * https://www.suse.com/security/cve/CVE-2026-33006.html * https://www.suse.com/security/cve/CVE-2026-33007.html *https://www.suse.com/security/cve/CVE-2026-33523.html * https://www.suse.com/security/cve/CVE-2026-33857.html * https://www.suse.com/security/cve/CVE-2026-34032.html * https://www.suse.com/security/cve/CVE-2026-34059.html * https://bugzilla.suse.com/show_bug.cgi?id=1207327 * https://bugzilla.suse.com/show_bug.cgi?id=1208708 * https://bugzilla.suse.com/show_bug.cgi?id=1214357 * https://bugzilla.suse.com/show_bug.cgi?id=1263935 * https://bugzilla.suse.com/show_bug.cgi?id=1263950 * https://bugzilla.suse.com/show_bug.cgi?id=1263951 * https://bugzilla.suse.com/show_bug.cgi?id=1263952 * https://bugzilla.suse.com/show_bug.cgi?id=1263953 * https://bugzilla.suse.com/show_bug.cgi?id=1263954 * https://bugzilla.suse.com/show_bug.cgi?id=1263955 * https://bugzilla.suse.com/show_bug.cgi?id=1263956 * https://bugzilla.suse.com/show_bug.cgi?id=1263957 * https://bugzilla.suse.com/show_bug.cgi?id=1264150 * https://bugzilla.suse.com/show_bug.cgi?id=1264163 * https://bugzilla.suse.com/show_bug.cgi?id=690734 * https://jira.suse.com/browse/PED-16334 . This update addresses five security issues in apache2 for SUSE, ensuring vital fixes to enhance system security.. SUSE Apache2 Security Update, Important Security Fixes, Remote Exploitation of Apache2, SUSE Linux Security Advisories. . Severity: Important. LinuxSecurity.com Team
An update that solves five vulnerabilities and contains two features can now be installed.. # Security update for golang-github-prometheus-prometheus Announcement ID: SUSE-SU-2026:2267-1 Release Date: 2026-06-03T18:06:35Z Rating: important References: * bsc#1258893 * bsc#1260267 * bsc#1262222 * bsc#1263986 * bsc#1263987 * jsc#MSQA-1052 * jsc#PED-14816 Cross-References: * CVE-2026-27606 * CVE-2026-33186 * CVE-2026-40179 * CVE-2026-42151 * CVE-2026-42154 CVSS scores: * CVE-2026-27606 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-27606 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-27606 ( NVD ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-27606 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-33186 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-33186 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-33186 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-40179 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-40179 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2026-40179 ( NVD ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-40179 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-42151 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-42151 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-42154 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42154 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H AffectedProducts: * Basesystem Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.0 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Manager Client Tools for SLE Micro 5 * SUSE Package Hub 15 15-SP7 An update that solves five vulnerabilities and contains two features can now be installed. ## Description: This update for golang-github-prometheus-prometheus to version 3.5.3 fixes the following issues: * Security issues fixed: * CVE-2026-42151: AzureAD remote write: Fixed OAuth client_secret being exposed in plaintext via /-/config endpoint (bsc#1263986) * CVE-2026-42154: Remote-read: Reject snappy-compressed requests whose declared decoded length exceeds the decode limit (bsc#1263987). * CVE-2026-40179: UI: Fixed stored XSS via unescaped le label values in old UI heatmap chart tick labels (bsc#1262222) * CVE-2026-33186: Fixed authorization bypass due to impropervalidation of the HTTP/2 :path pseudo-header (bsc#1260267) * Bump google.golang.org/grpc to version 1.79.3 * CVE-2026-27606: Fixed arbitrary file write via path traversal in rollup (bsc#1258893) * Bump rollup to version 4.59.0 * Other changes: * Remote-Write: Reject snappy-compressed requests whose declared decoded length exceeds the decode limit. * Use systemd tmpfiles.d to create /var/lib/prometheus hierarchy (jsc#PED-14816) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for SLE Micro 5 zypper in -t patch SUSE-SLE-Manager-Tools-For-Micro-5-2026-2267=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-2267=1 * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-2267=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2267=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2267=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2267=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2267=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2267=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2267=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2267=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2267=1 *SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2267=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2267=1 ## Package List: * SUSE Manager Client Tools for SLE Micro 5 (aarch64 s390x x86_64) * golang-github-prometheus-node_exporter-1.10.2-150100.3.42.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * golang-github-prometheus-node_exporter-1.10.2-150100.3.42.1 * golang-github-prometheus-node_exporter-debuginfo-1.10.2-150100.3.42.1 * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64) * golang-github-prometheus-prometheus-debuginfo-3.5.3-150100.4.34.1 * golang-github-prometheus-prometheus-3.5.3-150100.4.34.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * golang-github-prometheus-node_exporter-1.10.2-150100.3.42.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * golang-github-prometheus-node_exporter-1.10.2-150100.3.42.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * golang-github-prometheus-node_exporter-1.10.2-150100.3.42.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * golang-github-prometheus-node_exporter-1.10.2-150100.3.42.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * golang-github-prometheus-node_exporter-1.10.2-150100.3.42.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * golang-github-prometheus-node_exporter-1.10.2-150100.3.42.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * golang-github-prometheus-node_exporter-1.10.2-150100.3.42.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * golang-github-prometheus-node_exporter-1.10.2-150100.3.42.1 * SUSE Linux Enterprise Server for SAP Applications 15SP5 (ppc64le x86_64) * golang-github-prometheus-node_exporter-1.10.2-150100.3.42.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * golang-github-prometheus-node_exporter-1.10.2-150100.3.42.1 ## References: * https://www.suse.com/security/cve/CVE-2026-27606.html * https://www.suse.com/security/cve/CVE-2026-33186.html * https://www.suse.com/security/cve/CVE-2026-40179.html * https://www.suse.com/security/cve/CVE-2026-42151.html * https://www.suse.com/security/cve/CVE-2026-42154.html * https://bugzilla.suse.com/show_bug.cgi?id=1258893 * https://bugzilla.suse.com/show_bug.cgi?id=1260267 * https://bugzilla.suse.com/show_bug.cgi?id=1262222 * https://bugzilla.suse.com/show_bug.cgi?id=1263986 * https://bugzilla.suse.com/show_bug.cgi?id=1263987 * https://jira.suse.com/browse/MSQA-1052 * https://jira.suse.com/browse/PED-14816 . SUSE's golang-github-prometheus security update addresses important vulnerabilities and improves system features.. prometheus security patch, SUSE update, important vulnerabilities, system features. . Severity: Important. LinuxSecurity.com Team
An update that solves six vulnerabilities can now be installed.. # Security update for the Linux Kernel RT (Live Patch 7 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21910-1 Release Date: 2026-06-01T09:32:33Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.1 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-30.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-454=1 ## Package List: * SUSE Linux Micro 6.1 (x86_64) * kernel-livepatch-6_4_0-30-rt-debuginfo-19-1.3 * kernel-livepatch-MICRO-6-0-RT_Update_7-debugsource-19-1.3 * kernel-livepatch-6_4_0-30-rt-19-1.3 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 *https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 . This update addresses critical issues in SUSE Linux kernel RT, enhancing system security against exploits.. SUSE Linux Kernel Update, Live Patch Security, Remote Access Control. . Severity: Important. LinuxSecurity.com Team
Security update. Publication date: 02 Jun 2026 URL: https://advisories.mageia.org/MGASA-2026-0170.html Type: security Affected Mageia releases: 9 CVE: CVE-2025-2750, CVE-2025-2751, CVE-2025-2757, CVE-2025-3158, CVE-2025-3548, CVE-2025-11277, CVE-2025-70067 Description: CVE-2025-2750,- A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. This affects the function Assimp::CSMImporter::InternReadFile of the file code/AssetLib/CSM/CSMLoader.cpp of the component CSM File Handler. The manipulation leads to out-of-bounds write. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. CVE-2025-2757, A vulnerability classified as critical was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function AI_MD5_PARSE_STRING_IN_QUOTATION of the file code/AssetLib/MD5/MD5Parser.cpp of the component MD5 File Handler. The manipulation of the argument data leads to heap-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. CVE-2025-2757, A vulnerability classified as critical was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function AI_MD5_PARSE_STRING_IN_QUOTATION of the file code/AssetLib/MD5/MD5Parser.cpp of the component MD5 File Handler. The manipulation of the argument data leads to heap-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. CVE-2025-3158, A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp 5.4.3. Affected by this issue is the function Assimp::LWO::AnimResolver::UpdateAnimRangeSetup of the file code/AssetLib/LWO/LWOAnimation.cpp of the component LWO File Handler. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may beused. CVE-2025-3548, A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp up to 5.4.3. This issue affects the function aiString::Set in the library include/assimp/types.h of the component File Handler. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. CVE-2025-11277, A weakness has been identified in Open Asset Import Library Assimp 6.0.2. This affects the function Q3DImporter::InternReadFile of the file assimp/code/AssetLib/Q3D/Q3DLoader.cpp. Executing a manipulation can lead to heap-based buffer overflow. The attack needs to be launched locally. The exploit has been made available to the public and could be used for attacks. CVE-2025-70067, Buffer Overflow vulnerability exists in Assimp versions up to 6.0.2 in the FBX Importer. The vulnerability occurs in aiMaterial::AddBinaryProperty, where a property key string from a crafted FBX file is copied into a fixed-size heap buffer using strcpy() without runtime length validation References: - https://bugs.mageia.org/show_bug.cgi?id=34439 - https://lists.fedoraproject.org/archives/list/
Update to release v0.30.0 Resolves CVE-2026-39984: rhbz#2458929 Upstream new features and fixes. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-0adc4a8098 2026-05-23 16:00:29.000904+00:00 -------------------------------------------------------------------------------- Name : docker-buildkit Product : Fedora 42 Version : 0.30.0 Release : 1.fc42 URL : https://github.com/moby/buildkit Summary : Concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit Description : Concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit. -------------------------------------------------------------------------------- Update Information: Update to release v0.30.0 Resolves CVE-2026-39984: rhbz#2458929 Upstream new features and fixes -------------------------------------------------------------------------------- ChangeLog: * Wed May 13 2026 Bradley G Smith - 0.30.0-1 - Update to release v0.30.0 - Resolves CVE-2026-39984: rhbz#2458929 - Upstream new features and fixes -------------------------------------------------------------------------------- References: [ 1 ] Bug #2458929 - CVE-2026-39984 docker-buildkit: improper certificate validation in verifier [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2458929 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-0adc4a8098' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
An update that solves four vulnerabilities can now be installed.. # Security update for the Linux Kernel (Live Patch 67 for SUSE Linux Enterprise 12 SP5) Announcement ID: SUSE-SU-2026:1780-1 Release Date: 2026-05-08T17:04:05Z Rating: important References: * bsc#1258073 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-38375 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-38375 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38375 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38375 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise kernel 4.12.14-122.255 fixes various security issues The following security issues were fixed: * CVE-2025-38375: virtio-net: ensure thereceived length does not exceed allocated size (bsc#1258073). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2026-1780=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_255-default-17-2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-38375.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1258073 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 . Four vulnerabilities in SUSE Linux kernel now patched; critical update for kernel security.. SUSE Linux Enterprise, kernel update, security patch, remote access, Linux vulnerabilities. . Severity: Important. LinuxSecurity.com Team
Get the latest Linux and open source security news straight to your inbox.