Explore top 10 tips to secure your open-source projects now. Read More
×# Security update for cosign Announcement ID: SUSE-SU-2026:1098-1 Release Date: 2026-03-26T21:24:08Z Rating: important References:. # Security update for cosign Announcement ID: SUSE-SU-2026:1098-1 Release Date: 2026-03-26T21:24:08Z Rating: important References: Affected Products: * Basesystem Module 15-SP7 * openSUSE Leap 15.4 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that can now be installed. ## Description: This update for cosign rebuilds it against the current go 1.25 security release. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-1098=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2026-1098=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-1098=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-1098=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-1098=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-1098=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-1098=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-1098=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-1098=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-1098=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-1098=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-1098=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-1098=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * cosign-debuginfo-3.0.5-150400.3.37.1 * cosign-3.0.5-150400.3.37.1 * openSUSE Leap 15.4 (noarch) * cosign-bash-completion-3.0.5-150400.3.37.1 * cosign-zsh-completion-3.0.5-150400.3.37.1 * cosign-fish-completion-3.0.5-150400.3.37.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * cosign-debuginfo-3.0.5-150400.3.37.1 * cosign-3.0.5-150400.3.37.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * cosign-debuginfo-3.0.5-150400.3.37.1 * cosign-3.0.5-150400.3.37.1 * Basesystem Module 15-SP7 (noarch) * cosign-bash-completion-3.0.5-150400.3.37.1 * cosign-zsh-completion-3.0.5-150400.3.37.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) *cosign-3.0.5-150400.3.37.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * cosign-3.0.5-150400.3.37.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * cosign-3.0.5-150400.3.37.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * cosign-3.0.5-150400.3.37.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * cosign-3.0.5-150400.3.37.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * cosign-3.0.5-150400.3.37.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * cosign-debuginfo-3.0.5-150400.3.37.1 * cosign-3.0.5-150400.3.37.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * cosign-3.0.5-150400.3.37.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * cosign-3.0.5-150400.3.37.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * cosign-debuginfo-3.0.5-150400.3.37.1 * cosign-3.0.5-150400.3.37.1 . Explore the important security update for Cosign in SUSE. Ensure your system is compliant with the latest security measures.. SUSE Cosign Update, Important Security Advisory, Linux Security Patch. . Severity: Important. LinuxSecurity.com Team
The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-2914 http://linux.oracle.com/errata/ELSA-2026-2914.html The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network: x86_64: grafana-10.2.6-22.el10_1.x86_64.rpm grafana-selinux-10.2.6-22.el10_1.x86_64.rpm aarch64: grafana-10.2.6-22.el10_1.aarch64.rpm grafana-selinux-10.2.6-22.el10_1.aarch64.rpm SRPMS: http://oss.oracle.com/ol10/SRPMS-updates/grafana-10.2.6-22.el10_1.src.rpm Related CVEs: CVE-2025-61726 CVE-2025-61728 CVE-2025-61729 CVE-2025-68121 CVE-2026-21721 Description of changes: [10.2.6-22] - Resolves RHEL-144948: CVE-2026-21721 - Resolves RHEL-146721: CVE-2025-61726 - Resolves RHEL-146926: CVE-2025-61729 - Resolves RHEL-147351: CVE-2025-61728 - Resolves RHEL-149227: CVE-2025-68121 _______________________________________________ El-errata mailing list
An update that solves one vulnerability can now be installed.. # cosign-2.5.3-1.1 on GA media Announcement ID: openSUSE-SU-2025:15355-1 Rating: moderate Cross-References: * CVE-2025-46569 CVSS scores: * CVE-2025-46569 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L * CVE-2025-46569 ( SUSE ): 7.6 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N Affected Products: * openSUSE Tumbleweed An update that solves one vulnerability can now be installed. ## Description: These are all security issues fixed in the cosign-2.5.3-1.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * cosign 2.5.3-1.1 * cosign-bash-completion 2.5.3-1.1 * cosign-fish-completion 2.5.3-1.1 * cosign-zsh-completion 2.5.3-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-46569.html . An updated openSUSE notification describes a significant security patch for cosign related to CVE-2025-46570 aimed at bolstering system integrity.. openSUSE,Tumbleweed,cosign,security update,moderate threat. . LinuxSecurity.com Team
* bsc#1237467 Cross-References: * CVE-2025-26618 . # Security update for erlang26 Announcement ID: SUSE-SU-2025:1051-1 Release Date: 2025-03-28T14:50:28Z Rating: important References: * bsc#1237467 Cross-References: * CVE-2025-26618 CVSS scores: * CVE-2025-26618 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-26618 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-26618 ( NVD ): 7.0 CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for erlang26 fixes the following issues: * CVE-2025-26618: Fixed incorrect verification of SSH SFTP packet size in Erlang OTP (bsc#1237467) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-1051=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1051=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-1051=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * erlang26-debugsource-26.2.1-150300.7.8.1 * erlang26-26.2.1-150300.7.8.1 * erlang26-debugger-26.2.1-150300.7.8.1 * erlang26-dialyzer-debuginfo-26.2.1-150300.7.8.1 * erlang26-epmd-26.2.1-150300.7.8.1 * erlang26-et-src-26.2.1-150300.7.8.1 * erlang26-et-26.2.1-150300.7.8.1 *erlang26-doc-26.2.1-150300.7.8.1 * erlang26-src-26.2.1-150300.7.8.1 * erlang26-observer-26.2.1-150300.7.8.1 * erlang26-wx-debuginfo-26.2.1-150300.7.8.1 * erlang26-dialyzer-src-26.2.1-150300.7.8.1 * erlang26-diameter-26.2.1-150300.7.8.1 * erlang26-diameter-src-26.2.1-150300.7.8.1 * erlang26-dialyzer-26.2.1-150300.7.8.1 * erlang26-observer-src-26.2.1-150300.7.8.1 * erlang26-reltool-src-26.2.1-150300.7.8.1 * erlang26-jinterface-26.2.1-150300.7.8.1 * erlang26-wx-src-26.2.1-150300.7.8.1 * erlang26-epmd-debuginfo-26.2.1-150300.7.8.1 * erlang26-jinterface-src-26.2.1-150300.7.8.1 * erlang26-debuginfo-26.2.1-150300.7.8.1 * erlang26-wx-26.2.1-150300.7.8.1 * erlang26-debugger-src-26.2.1-150300.7.8.1 * erlang26-reltool-26.2.1-150300.7.8.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * erlang26-debugsource-26.2.1-150300.7.8.1 * erlang26-26.2.1-150300.7.8.1 * erlang26-debugger-26.2.1-150300.7.8.1 * erlang26-dialyzer-debuginfo-26.2.1-150300.7.8.1 * erlang26-epmd-26.2.1-150300.7.8.1 * erlang26-et-src-26.2.1-150300.7.8.1 * erlang26-et-26.2.1-150300.7.8.1 * erlang26-doc-26.2.1-150300.7.8.1 * erlang26-src-26.2.1-150300.7.8.1 * erlang26-observer-26.2.1-150300.7.8.1 * erlang26-wx-debuginfo-26.2.1-150300.7.8.1 * erlang26-dialyzer-src-26.2.1-150300.7.8.1 * erlang26-diameter-26.2.1-150300.7.8.1 * erlang26-diameter-src-26.2.1-150300.7.8.1 * erlang26-dialyzer-26.2.1-150300.7.8.1 * erlang26-observer-src-26.2.1-150300.7.8.1 * erlang26-reltool-src-26.2.1-150300.7.8.1 * erlang26-jinterface-26.2.1-150300.7.8.1 * erlang26-wx-src-26.2.1-150300.7.8.1 * erlang26-epmd-debuginfo-26.2.1-150300.7.8.1 * erlang26-jinterface-src-26.2.1-150300.7.8.1 * erlang26-debuginfo-26.2.1-150300.7.8.1 * erlang26-wx-26.2.1-150300.7.8.1 * erlang26-debugger-src-26.2.1-150300.7.8.1 * erlang26-reltool-26.2.1-150300.7.8.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) *erlang26-epmd-debuginfo-26.2.1-150300.7.8.1 * erlang26-debugsource-26.2.1-150300.7.8.1 * erlang26-26.2.1-150300.7.8.1 * erlang26-epmd-26.2.1-150300.7.8.1 * erlang26-debuginfo-26.2.1-150300.7.8.1 ## References: * https://www.suse.com/security/cve/CVE-2025-26618.html * https://bugzilla.suse.com/show_bug.cgi?id=1237467 . The SUSE 2025:1051-1 patch for erlang26 has been released to address serious SSH vulnerabilities, enhancing security protocols to combat evolving cyber threats. SUSE Security Advisory, erlang26, SSH Packet Size Issue, SUSE Updates. . Severity: Important. LinuxSecurity.com Team
* bsc#1216109 * bsc#1216123 * bsc#1221400 * bsc#1226136 * bsc#1229858 . # Security update for kubernetes1.24 Announcement ID: SUSE-SU-2024:3342-1 Rating: important References: * bsc#1216109 * bsc#1216123 * bsc#1221400 * bsc#1226136 * bsc#1229858 * bsc#1229867 * bsc#1229869 * bsc#1230323 Cross-References: * CVE-2023-39325 * CVE-2023-44487 * CVE-2023-45288 * CVE-2024-24786 CVSS scores: * CVE-2023-39325 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-39325 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-44487 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-44487 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-45288 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24786 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Containers Module 15-SP5 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves four vulnerabilities and has four security fixes can now be installed. ## Description: This update for kubernetes1.24 fixes the following issues: * CVE-2023-39325: go1.20: excessive resource consumption when dealing with rapid stream resets. (bsc#1229869) * CVE-2023-44487: google.golang.org/grpc, kube-apiserver: HTTP/2 rapid reset vulnerability. (bsc#1229869) * CVE-2023-45288: golang.org/x/net: excessive CPU consumption when processing unlimited sets of headers. (bsc#1229869) * CVE-2024-24786: github.com/golang/protobuf: infinite loop when unmarshaling invalid JSON. (bsc#1229867) Bug fixes: * Update go to version 1.22.5 in build requirements. (bsc#1229858) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaSTonline_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-3342=1 openSUSE-SLE-15.5-2024-3342=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3342=1 * Containers Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2024-3342=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * kubernetes1.24-apiserver-1.24.17-150500.3.22.1 * kubernetes1.24-proxy-1.24.17-150500.3.22.1 * kubernetes1.24-kubelet-1.24.17-150500.3.22.1 * kubernetes1.24-kubelet-common-1.24.17-150500.3.22.1 * kubernetes1.24-client-common-1.24.17-150500.3.22.1 * kubernetes1.24-kubeadm-1.24.17-150500.3.22.1 * kubernetes1.24-scheduler-1.24.17-150500.3.22.1 * kubernetes1.24-client-1.24.17-150500.3.22.1 * kubernetes1.24-controller-manager-1.24.17-150500.3.22.1 * openSUSE Leap 15.5 (noarch) * kubernetes1.24-client-fish-completion-1.24.17-150500.3.22.1 * kubernetes1.24-client-bash-completion-1.24.17-150500.3.22.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * kubernetes1.24-apiserver-1.24.17-150500.3.22.1 * kubernetes1.24-proxy-1.24.17-150500.3.22.1 * kubernetes1.24-kubelet-1.24.17-150500.3.22.1 * kubernetes1.24-kubelet-common-1.24.17-150500.3.22.1 * kubernetes1.24-client-common-1.24.17-150500.3.22.1 * kubernetes1.24-kubeadm-1.24.17-150500.3.22.1 * kubernetes1.24-scheduler-1.24.17-150500.3.22.1 * kubernetes1.24-client-1.24.17-150500.3.22.1 * kubernetes1.24-controller-manager-1.24.17-150500.3.22.1 * openSUSE Leap 15.6 (noarch) * kubernetes1.24-client-fish-completion-1.24.17-150500.3.22.1 * kubernetes1.24-client-bash-completion-1.24.17-150500.3.22.1 * Containers Module 15-SP5 (aarch64 ppc64le s390x x86_64) * kubernetes1.24-client-1.24.17-150500.3.22.1 * kubernetes1.24-client-common-1.24.17-150500.3.22.1 ## References: * https://www.suse.com/security/cve/CVE-2023-39325.html *https://www.suse.com/security/cve/CVE-2023-44487.html * https://www.suse.com/security/cve/CVE-2023-45288.html * https://www.suse.com/security/cve/CVE-2024-24786.html * https://bugzilla.suse.com/show_bug.cgi?id=1216109 * https://bugzilla.suse.com/show_bug.cgi?id=1216123 * https://bugzilla.suse.com/show_bug.cgi?id=1221400 * https://bugzilla.suse.com/show_bug.cgi?id=1226136 * https://bugzilla.suse.com/show_bug.cgi?id=1229858 * https://bugzilla.suse.com/show_bug.cgi?id=1229867 * https://bugzilla.suse.com/show_bug.cgi?id=1229869 * https://bugzilla.suse.com/show_bug.cgi?id=1230323 . Ubuntu Linux releases a critical security update for docker 20.10, addressing numerous security concerns and weaknesses.. Kubernetes Remediation, SUSE Security Fixes, OpenSUSE Updates. . Severity: Important. LinuxSecurity.com Team
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2024-4624 http://linux.oracle.com/errata/ELSA-2024-4624.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: thunderbird-115.13.0-3.0.1.el9_4.x86_64.rpm aarch64: thunderbird-115.13.0-3.0.1.el9_4.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//thunderbird-115.13.0-3.0.1.el9_4.src.rpm Related CVEs: CVE-2024-6601 CVE-2024-6603 CVE-2024-6604 Description of changes: [115.13.0-3.0.1] - Add Oracle prefs [115.13.0] - Add OpenELA debranding [115.13.0-3] - Update to 115.13.0 build5 [115.13.0-2] - Update to 115.13.0 build3 [115.13.0-1] - Update to 115.13.0 build1 _______________________________________________ El-errata mailing list
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2024-2758 http://linux.oracle.com/errata/ELSA-2024-2758.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable LinuxNetwork: x86_64: bpftool-7.3.0-427.16.1.el9_4.x86_64.rpm kernel-5.14.0-427.16.1.el9_4.x86_64.rpm kernel-abi-stablelists-5.14.0-427.16.1.el9_4.noarch.rpm kernel-core-5.14.0-427.16.1.el9_4.x86_64.rpm kernel-debug-5.14.0-427.16.1.el9_4.x86_64.rpm kernel-debug-core-5.14.0-427.16.1.el9_4.x86_64.rpm kernel-debug-devel-5.14.0-427.16.1.el9_4.x86_64.rpm kernel-debug-devel-matched-5.14.0-427.16.1.el9_4.x86_64.rpm kernel-debug-modules-5.14.0-427.16.1.el9_4.x86_64.rpm kernel-debug-modules-core-5.14.0-427.16.1.el9_4.x86_64.rpm kernel-debug-modules-extra-5.14.0-427.16.1.el9_4.x86_64.rpm kernel-devel-5.14.0-427.16.1.el9_4.x86_64.rpm kernel-devel-matched-5.14.0-427.16.1.el9_4.x86_64.rpm kernel-doc-5.14.0-427.16.1.el9_4.noarch.rpm kernel-headers-5.14.0-427.16.1.el9_4.x86_64.rpm kernel-modules-5.14.0-427.16.1.el9_4.x86_64.rpm kernel-modules-core-5.14.0-427.16.1.el9_4.x86_64.rpm kernel-modules-extra-5.14.0-427.16.1.el9_4.x86_64.rpm kernel-tools-5.14.0-427.16.1.el9_4.x86_64.rpm kernel-tools-libs-5.14.0-427.16.1.el9_4.x86_64.rpm perf-5.14.0-427.16.1.el9_4.x86_64.rpm python3-perf-5.14.0-427.16.1.el9_4.x86_64.rpm rtla-5.14.0-427.16.1.el9_4.x86_64.rpm rv-5.14.0-427.16.1.el9_4.x86_64.rpm kernel-cross-headers-5.14.0-427.16.1.el9_4.x86_64.rpm kernel-tools-libs-devel-5.14.0-427.16.1.el9_4.x86_64.rpm libperf-5.14.0-427.16.1.el9_4.x86_64.rpm aarch64: bpftool-7.3.0-427.16.1.el9_4.aarch64.rpm kernel-headers-5.14.0-427.16.1.el9_4.aarch64.rpm kernel-tools-5.14.0-427.16.1.el9_4.aarch64.rpm kernel-tools-libs-5.14.0-427.16.1.el9_4.aarch64.rpm perf-5.14.0-427.16.1.el9_4.aarch64.rpm python3-perf-5.14.0-427.16.1.el9_4.aarch64.rpm kernel-cross-headers-5.14.0-427.16.1.el9_4.aarch64.rpm kernel-tools-libs-devel-5.14.0-427.16.1.el9_4.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//kernel-5.14.0-427.16.1.el9_4.src.rpm Related CVEs: CVE-2023-6240 CVE-2024-25742 CVE-2024-25743 Description of changes: [5.14.0-427.16.1.el9_4.OL9] - Disable UKI signing [Orabug: 36571828] - Update Oracle Linux certificates (Kevin Lyons) - Disable signingfor aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64
Important: postgresql:15 security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2024:0950", "synopsis": "Important: postgresql:15 security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for module.pgaudit, pgaudit, module.pg_repack, module.postgres-decoderbufs, pg_repack, postgres-decoderbufs.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "PostgreSQL is an advanced object-relational database management system (DBMS).\n\nSecurity Fix(es):\n\n* postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL (CVE-2024-0985)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9"], "fixes": [{"ticket": "2263384", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2263384", "description": ""}], "cves": [{"name": "CVE-2024-0985", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2024-0985", "cvss3ScoringVector": "UNKNOWN", "cvss3BaseScore": "UNKNOWN", "cwe": "UNKNOWN"}], "references": [], "publishedAt": "2024-03-12T15:42:50.027135Z", "rpms": {"Rocky Linux 9": {"nvras": ["pgaudit-0:1.7.0-1.module+el9.2.0+14925+a515b28a.ppc64le.rpm", "pgaudit-0:1.7.0-1.module+el9.2.0+14925+a515b28a.src.rpm", "pgaudit-0:1.7.0-1.module+el9.2.0+14925+a515b28a.x86_64.rpm", "pgaudit-debuginfo-0:1.7.0-1.module+el9.2.0+14925+a515b28a.ppc64le.rpm", "pgaudit-debuginfo-0:1.7.0-1.module+el9.2.0+14925+a515b28a.x86_64.rpm", "pgaudit-debugsource-0:1.7.0-1.module+el9.2.0+14925+a515b28a.ppc64le.rpm", "pgaudit-debugsource-0:1.7.0-1.module+el9.2.0+14925+a515b28a.x86_64.rpm", "pg_repack-0:1.4.8-1.module+el9.2.0+14925+a515b28a.ppc64le.rpm","pg_repack-0:1.4.8-1.module+el9.2.0+14925+a515b28a.src.rpm", "pg_repack-0:1.4.8-1.module+el9.2.0+14925+a515b28a.x86_64.rpm", "pg_repack-debuginfo-0:1.4.8-1.module+el9.2.0+14925+a515b28a.ppc64le.rpm", "pg_repack-debuginfo-0:1.4.8-1.module+el9.2.0+14925+a515b28a.x86_64.rpm", "pg_repack-debugsource-0:1.4.8-1.module+el9.2.0+14925+a515b28a.ppc64le.rpm", "pg_repack-debugsource-0:1.4.8-1.module+el9.2.0+14925+a515b28a.x86_64.rpm", "postgres-decoderbufs-0:1.9.7-1.Final.module+el9.2.0+14925+a515b28a.ppc64le.rpm", "postgres-decoderbufs-0:1.9.7-1.Final.module+el9.2.0+14925+a515b28a.src.rpm", "postgres-decoderbufs-0:1.9.7-1.Final.module+el9.2.0+14925+a515b28a.x86_64.rpm", "postgres-decoderbufs-debuginfo-0:1.9.7-1.Final.module+el9.2.0+14925+a515b28a.ppc64le.rpm", "postgres-decoderbufs-debuginfo-0:1.9.7-1.Final.module+el9.2.0+14925+a515b28a.x86_64.rpm", "postgres-decoderbufs-debugsource-0:1.9.7-1.Final.module+el9.2.0+14925+a515b28a.ppc64le.rpm", "postgres-decoderbufs-debugsource-0:1.9.7-1.Final.module+el9.2.0+14925+a515b28a.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. A crucial patch for PostgreSQL 15 on Rocky Linux tackling critical risks and weaknesses has been released.. PostgreSQL Security Update, Rocky Linux Advisory, Database Threat Management. . Severity: Important. LinuxSecurity.com Team
Get the latest Linux and open source security news straight to your inbox.