Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 5 articles for you...
100
security advisorySuSElowSUSE Opensc Low Addressing Stack Buffer Overflow and More 21283-1
An update that solves four vulnerabilities can now be installed.. # Security update for opensc Announcement ID: SUSE-SU-2026:21283-1 Release Date: 2026-04-22T11:13:04Z Rating: low References: * bsc#1261214 * bsc#1261218 * bsc#1261219 * bsc#1261220 Cross-References: * CVE-2025-49010 * CVE-2025-66037 * CVE-2025-66038 * CVE-2025-66215 CVSS scores: * CVE-2025-49010 ( SUSE ): 1.0 CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-49010 ( SUSE ): 3.8 CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2025-49010 ( NVD ): 3.8 CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2025-49010 ( NVD ): 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-66037 ( SUSE ): 1.0 CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-66037 ( SUSE ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-66037 ( NVD ): 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-66037 ( NVD ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-66038 ( SUSE ): 1.0 CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-66038 ( SUSE ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-66038 ( NVD ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-66038 ( NVD ): 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-66215 ( SUSE ): 1.0 CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-66215 ( SUSE ): 3.8 CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2025-66215 ( NVD ): 3.8 CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2025-66215 ( NVD ): 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves four vulnerabilities can now be installed. ## Description: This update for opensc fixes the following issues: * CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device responses (bsc#1261214). *CVE-2025-66037: crafted input can cause an out-of-bounds read (bsc#1261218). * CVE-2025-66038: improper compact-TLV length validation can lead to crash or unexpected behavior (bsc#1261219). * CVE-2025-66215: crafted smart card or USB device can cause a stack-buffer- overflow write (bsc#1261220). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-501=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * opensc-0.24.0-slfo.1.1_3.1 * opensc-debuginfo-0.24.0-slfo.1.1_3.1 * opensc-debugsource-0.24.0-slfo.1.1_3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-49010.html * https://www.suse.com/security/cve/CVE-2025-66037.html * https://www.suse.com/security/cve/CVE-2025-66038.html * https://www.suse.com/security/cve/CVE-2025-66215.html * https://bugzilla.suse.com/show_bug.cgi?id=1261214 * https://bugzilla.suse.com/show_bug.cgi?id=1261218 * https://bugzilla.suse.com/show_bug.cgi?id=1261219 * https://bugzilla.suse.com/show_bug.cgi?id=1261220 . An essential update for opensc addresses multiple security concerns including low risk vulnerabilities.. opensc security update, SUSE Linux Micro, buffer overflow fix, security vulnerabilities, patch instructions. . Severity: Low. LinuxSecurity.com Team
Apr 27, 2026
•Low
SuSE
89
security advisoryfedoramemory corruptionFedora 42 OpenSC Important Memory Issues Stack Overflow CVE-2025-66038
New upstream release (#2442363) fixing various security issues. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-de85b06438 2026-04-10 01:10:26.730915+00:00 -------------------------------------------------------------------------------- Name : opensc Product : Fedora 42 Version : 0.27.1 Release : 1.fc42 URL : https://github.com/OpenSC/OpenSC/wiki Summary : Smart card library and applications Description : OpenSC provides a set of libraries and utilities to work with smart cards. Its main focus is on cards that support cryptographic operations, and facilitate their use in security applications such as authentication, mail encryption and digital signatures. OpenSC implements the PKCS#11 API so applications supporting this API (such as Mozilla Firefox and Thunderbird) can use it. On the card OpenSC implements the PKCS#15 standard and aims to be compatible with every software/card that does so, too. -------------------------------------------------------------------------------- Update Information: New upstream release (#2442363) fixing various security issues -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 31 2026 Jakub Jelen - 0.27.1-1 - New upstream release (#2442363) fixing various security issues: - CVE-2025-66038 Memory corruption via improper compact-TLV length validation - CVE-2025-66215 Stack-buffer-overflow with physical access via crafted smart card or USB device - CVE-2025-49010 Stack-buffer-overflow via crafted smart card or USB device responses - CVE-2025-66037 Out-of-bounds read via crafted input - CVE-2025-13763 Several uses of potentially uninitialized memory detected by fuzzers * Fri Jan 16 2026 Michael Catanzaro - 0.26.1-6 - Fix crash when loaded by p11-kit - SoftHSM 2.7.0 compatibility * Fri Jan 16 2026 Fedora Release Engineering - 0.26.1-5 - Rebuilt forhttps://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Wed Dec 17 2025 Jakub Jelen - 0.26.1-4 - Avoid const discard to unbreak eln build -------------------------------------------------------------------------------- References: [ 1 ] Bug #2442363 - opensc-0.27.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2442363 [ 2 ] Bug #2453188 - CVE-2025-66037 opensc: OpenSC: Out-of-bounds read via crafted input [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2453188 [ 3 ] Bug #2453189 - CVE-2025-49010 opensc: OpenSC: Stack-buffer-overflow via crafted smart card or USB device responses [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2453189 [ 4 ] Bug #2453190 - CVE-2025-66215 opensc: OpenSC: Stack-buffer-overflow with physical access via crafted smart card or USB device [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2453190 [ 5 ] Bug #2453191 - CVE-2025-66038 opensc: OpenSC: Memory corruption via improper compact-TLV length validation [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2453191 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-de85b06438' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Apr 10, 2026
•Important
Fedora
202
security advisorymoderatesoftware updateopenSUSE 15.6: jq Moderate Stack Buffer Overflow Advisory 2025:02915-1
An update that solves one vulnerability can now be installed.. # Security update for jq Announcement ID: SUSE-SU-2025:02915-1 Release Date: 2025-08-19T12:57:02Z Rating: moderate References: * bsc#1244116 Cross-References: * CVE-2025-48060 CVSS scores: * CVE-2025-48060 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-48060 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2025-48060 ( NVD ): 7.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-48060 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for jq fixes the following issues: * CVE-2025-48060: Fixed stack-buffer-overflow in jq_fuzz_execute (bsc#1244116) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patchopenSUSE-SLE-15.6-2025-2915=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2915=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2915=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2915=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2915=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-2915=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-2915=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-2915=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-2915=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-2915=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-2915=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * libjq1-debuginfo-1.6-150000.3.9.1 * libjq-devel-1.6-150000.3.9.1 * jq-1.6-150000.3.9.1 * libjq1-1.6-150000.3.9.1 * jq-debugsource-1.6-150000.3.9.1 * jq-debuginfo-1.6-150000.3.9.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libjq1-debuginfo-1.6-150000.3.9.1 * jq-1.6-150000.3.9.1 * libjq1-1.6-150000.3.9.1 * jq-debugsource-1.6-150000.3.9.1 * jq-debuginfo-1.6-150000.3.9.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libjq1-debuginfo-1.6-150000.3.9.1 * jq-1.6-150000.3.9.1 * libjq1-1.6-150000.3.9.1 * jq-debugsource-1.6-150000.3.9.1 * jq-debuginfo-1.6-150000.3.9.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libjq1-debuginfo-1.6-150000.3.9.1 * jq-1.6-150000.3.9.1 * libjq1-1.6-150000.3.9.1 * jq-debugsource-1.6-150000.3.9.1 * jq-debuginfo-1.6-150000.3.9.1 * SUSE Linux Enterprise Micro 5.4(aarch64 s390x x86_64) * libjq1-debuginfo-1.6-150000.3.9.1 * jq-1.6-150000.3.9.1 * libjq1-1.6-150000.3.9.1 * jq-debugsource-1.6-150000.3.9.1 * jq-debuginfo-1.6-150000.3.9.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libjq1-debuginfo-1.6-150000.3.9.1 * jq-1.6-150000.3.9.1 * libjq1-1.6-150000.3.9.1 * jq-debugsource-1.6-150000.3.9.1 * jq-debuginfo-1.6-150000.3.9.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libjq1-debuginfo-1.6-150000.3.9.1 * libjq-devel-1.6-150000.3.9.1 * jq-1.6-150000.3.9.1 * libjq1-1.6-150000.3.9.1 * jq-debugsource-1.6-150000.3.9.1 * jq-debuginfo-1.6-150000.3.9.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libjq1-debuginfo-1.6-150000.3.9.1 * libjq-devel-1.6-150000.3.9.1 * jq-1.6-150000.3.9.1 * libjq1-1.6-150000.3.9.1 * jq-debugsource-1.6-150000.3.9.1 * jq-debuginfo-1.6-150000.3.9.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * libjq1-debuginfo-1.6-150000.3.9.1 * jq-1.6-150000.3.9.1 * libjq1-1.6-150000.3.9.1 * jq-debugsource-1.6-150000.3.9.1 * jq-debuginfo-1.6-150000.3.9.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * libjq1-debuginfo-1.6-150000.3.9.1 * jq-1.6-150000.3.9.1 * libjq1-1.6-150000.3.9.1 * jq-debugsource-1.6-150000.3.9.1 * jq-debuginfo-1.6-150000.3.9.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * libjq1-debuginfo-1.6-150000.3.9.1 * jq-1.6-150000.3.9.1 * libjq1-1.6-150000.3.9.1 * jq-debugsource-1.6-150000.3.9.1 * jq-debuginfo-1.6-150000.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2025-48060.html * https://bugzilla.suse.com/show_bug.cgi?id=1244116 . Important openSUSE patch for jq addresses a significant stack buffer overflow vulnerability; safeguard your system now.. openSUSE Patch jq Security Fix Stack Buffer. . LinuxSecurity.com Team
Aug 19, 2025
OpenSUSE
89
security advisoryfedoraimportantFedora 42: minidlna Important Stack-Buffer Overflow CVE-2023-47430
Avoid restarting minidlna.service when rotating logs if it's not running. Fix CVE-2023-47430 . . -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-9fb8ee63fb 2025-07-18 01:05:30.483965+00:00 -------------------------------------------------------------------------------- Name : minidlna Product : Fedora 42 Version : 1.3.3 Release : 13.fc42 URL : http://sourceforge.net/projects/minidlna/ Summary : Lightweight DLNA/UPnP-AV server targeted at embedded systems Description : MiniDLNA (aka ReadyDLNA) is server software with the aim of being fully compliant with DLNA/UPnP-AV clients. The minidlna daemon serves media files (music, pictures, and video) to clients on your local network. Example clients include applications such as Totem and XBMC, and devices such as portable media players, smartphones, and televisions. -------------------------------------------------------------------------------- Update Information: Avoid restarting minidlna.service when rotating logs if it's not running. Fix CVE-2023-47430 . -------------------------------------------------------------------------------- ChangeLog: * Mon Jul 7 2025 Dominik Mierzejewski - 1.3.3-13 - use systemctl try-restart in postrotate script (resolves rhbz#2372859) - attempt to fix CVE-2023-47430 (resolves rhbz#2271621) * Tue May 27 2025 Jitka Plesnikova - 1.3.3-12 - Rebuilt for flac 1.5.0 * Tue Feb 11 2025 Zbigniew J\u0119drzejewski-Szmek - 1.3.3-11 - Drop call to %sysusers_create_compat -------------------------------------------------------------------------------- References: [ 1 ] Bug #2271621 - CVE-2023-47430 minidlna: Stack-buffer-overflow vulnerability in ReadyMedia [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2271621 [ 2 ] Bug #2372859 - Use `systemctl try-restart` in logrotate postrotate script https://bugzilla.redhat.com/show_bug.cgi?id=2372859 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-9fb8ee63fb' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- . Debian 12's rdiff-backup upgrade addresses significant memory-corruption vulnerability CVE-2023-57420 with improved operational safeguards.. Fedora Update,minidlna security,service restart fix,minidlna vulnerability,security patch. . Severity: Important. LinuxSecurity.com Team
Jul 18, 2025
•Important
Fedora
202
security advisoryimportantout-of-bounds readopenSUSE 15.5: SUSE-SU-2025:0054-1 critical gstreamer-plugins-base overflow
An update that solves seven vulnerabilities can now be installed.. # Security update for gstreamer-plugins-base Announcement ID: SUSE-SU-2025:0054-1 Release Date: 2025-01-09T16:36:42Z Rating: important References: * bsc#1234415 * bsc#1234450 * bsc#1234453 * bsc#1234455 * bsc#1234456 * bsc#1234459 * bsc#1234460 Cross-References: * CVE-2024-47538 * CVE-2024-47541 * CVE-2024-47542 * CVE-2024-47600 * CVE-2024-47607 * CVE-2024-47615 * CVE-2024-47835 CVSS scores: * CVE-2024-47538 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47538 ( NVD ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47538 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47541 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47541 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-47541 ( NVD ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47541 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47542 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47542 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47542 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47600 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-47600 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47600 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2024-47607 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47607 ( NVD ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47607 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47615 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47615 ( NVD ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47615 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47835 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47835 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47835 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves seven vulnerabilities can now be installed. ## Description: This update for gstreamer-plugins-base fixes the following issues: * CVE-2024-47538: Fixed a stack-buffer overflow in vorbis_handle_identification_packet. (bsc#1234415) * CVE-2024-47835: Fixed a NULL-pointer dereference in LRC subtitle parser. (bsc#1234450) * CVE-2024-47600: Fixed an out-of-bounds read in gst-discoverer-1.0 commandline tool. (bsc#1234453) * CVE-2024-47615: Fixed an out-of-bounds write in Ogg demuxer. (bsc#1234456) * CVE-2024-47541: Fixed an out-of-bounds write in SSA subtitle parser. (bsc#1234459) * CVE-2024-47542: Fixed an ID3v2 parser out-of-bounds read and NULL-pointer dereference. (bsc#1234460) * CVE-2024-47607: Fixed a stack buffer-overflow in Opus decoder. (bsc#1234455) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-54=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-54=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-54=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-54=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-54=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-54=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * libgstvideo-1_0-0-1.22.0-150500.3.11.1 * typelib-1_0-GstAllocators-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstRtp-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstGL-1_0-1.22.0-150500.3.11.1 * libgstriff-1_0-0-1.22.0-150500.3.11.1 * libgstrtsp-1_0-0-1.22.0-150500.3.11.1 * typelib-1_0-GstGLWayland-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstVideo-1_0-1.22.0-150500.3.11.1 * libgstrtp-1_0-0-1.22.0-150500.3.11.1 * libgstriff-1_0-0-debuginfo-1.22.0-150500.3.11.1 *libgstallocators-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgsttag-1_0-0-1.22.0-150500.3.11.1 * libgstapp-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstfft-1_0-0-1.22.0-150500.3.11.1 * libgstaudio-1_0-0-1.22.0-150500.3.11.1 * typelib-1_0-GstPbutils-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstTag-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstSdp-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstApp-1_0-1.22.0-150500.3.11.1 * libgstaudio-1_0-0-debuginfo-1.22.0-150500.3.11.1 * gstreamer-plugins-base-debugsource-1.22.0-150500.3.11.1 * libgstvideo-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstrtsp-1_0-0-debuginfo-1.22.0-150500.3.11.1 * gstreamer-plugins-base-debuginfo-1.22.0-150500.3.11.1 * typelib-1_0-GstRtsp-1_0-1.22.0-150500.3.11.1 * libgstsdp-1_0-0-debuginfo-1.22.0-150500.3.11.1 * typelib-1_0-GstGLX11-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstAudio-1_0-1.22.0-150500.3.11.1 * gstreamer-plugins-base-devel-1.22.0-150500.3.11.1 * libgstapp-1_0-0-1.22.0-150500.3.11.1 * libgstsdp-1_0-0-1.22.0-150500.3.11.1 * gstreamer-plugins-base-1.22.0-150500.3.11.1 * libgstpbutils-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstgl-1_0-0-1.22.0-150500.3.11.1 * libgstallocators-1_0-0-1.22.0-150500.3.11.1 * libgsttag-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstpbutils-1_0-0-1.22.0-150500.3.11.1 * libgstfft-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstrtp-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstgl-1_0-0-debuginfo-1.22.0-150500.3.11.1 * typelib-1_0-GstGLEGL-1_0-1.22.0-150500.3.11.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * gstreamer-plugins-base-lang-1.22.0-150500.3.11.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * libgstvideo-1_0-0-1.22.0-150500.3.11.1 * typelib-1_0-GstAllocators-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstRtp-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstGL-1_0-1.22.0-150500.3.11.1 * libgstriff-1_0-0-1.22.0-150500.3.11.1 *libgstrtsp-1_0-0-1.22.0-150500.3.11.1 * typelib-1_0-GstGLWayland-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstVideo-1_0-1.22.0-150500.3.11.1 * libgstrtp-1_0-0-1.22.0-150500.3.11.1 * libgstriff-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstallocators-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgsttag-1_0-0-1.22.0-150500.3.11.1 * libgstapp-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstfft-1_0-0-1.22.0-150500.3.11.1 * libgstaudio-1_0-0-1.22.0-150500.3.11.1 * typelib-1_0-GstPbutils-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstTag-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstSdp-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstApp-1_0-1.22.0-150500.3.11.1 * libgstaudio-1_0-0-debuginfo-1.22.0-150500.3.11.1 * gstreamer-plugins-base-debugsource-1.22.0-150500.3.11.1 * libgstvideo-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstrtsp-1_0-0-debuginfo-1.22.0-150500.3.11.1 * gstreamer-plugins-base-debuginfo-1.22.0-150500.3.11.1 * typelib-1_0-GstRtsp-1_0-1.22.0-150500.3.11.1 * libgstsdp-1_0-0-debuginfo-1.22.0-150500.3.11.1 * typelib-1_0-GstGLX11-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstAudio-1_0-1.22.0-150500.3.11.1 * gstreamer-plugins-base-devel-1.22.0-150500.3.11.1 * libgstapp-1_0-0-1.22.0-150500.3.11.1 * libgstsdp-1_0-0-1.22.0-150500.3.11.1 * gstreamer-plugins-base-1.22.0-150500.3.11.1 * libgstpbutils-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstgl-1_0-0-1.22.0-150500.3.11.1 * libgstallocators-1_0-0-1.22.0-150500.3.11.1 * libgsttag-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstpbutils-1_0-0-1.22.0-150500.3.11.1 * libgstfft-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstrtp-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstgl-1_0-0-debuginfo-1.22.0-150500.3.11.1 * typelib-1_0-GstGLEGL-1_0-1.22.0-150500.3.11.1 * openSUSE Leap 15.5 (x86_64) * libgstgl-1_0-0-32bit-debuginfo-1.22.0-150500.3.11.1 * libgstaudio-1_0-0-32bit-debuginfo-1.22.0-150500.3.11.1 * libgstsdp-1_0-0-32bit-debuginfo-1.22.0-150500.3.11.1 * libgsttag-1_0-0-32bit-1.22.0-150500.3.11.1 * libgstrtp-1_0-0-32bit-debuginfo-1.22.0-150500.3.11.1 * libgstallocators-1_0-0-32bit-1.22.0-150500.3.11.1 * gstreamer-plugins-base-devel-32bit-1.22.0-150500.3.11.1 * libgstapp-1_0-0-32bit-1.22.0-150500.3.11.1 * libgstapp-1_0-0-32bit-debuginfo-1.22.0-150500.3.11.1 * libgstvideo-1_0-0-32bit-1.22.0-150500.3.11.1 * gstreamer-plugins-base-32bit-1.22.0-150500.3.11.1 * libgstfft-1_0-0-32bit-1.22.0-150500.3.11.1 * libgstpbutils-1_0-0-32bit-debuginfo-1.22.0-150500.3.11.1 * libgstaudio-1_0-0-32bit-1.22.0-150500.3.11.1 * libgstrtp-1_0-0-32bit-1.22.0-150500.3.11.1 * libgsttag-1_0-0-32bit-debuginfo-1.22.0-150500.3.11.1 * libgstfft-1_0-0-32bit-debuginfo-1.22.0-150500.3.11.1 * libgstgl-1_0-0-32bit-1.22.0-150500.3.11.1 * libgstrtsp-1_0-0-32bit-debuginfo-1.22.0-150500.3.11.1 * libgstrtsp-1_0-0-32bit-1.22.0-150500.3.11.1 * gstreamer-plugins-base-32bit-debuginfo-1.22.0-150500.3.11.1 * libgstallocators-1_0-0-32bit-debuginfo-1.22.0-150500.3.11.1 * libgstsdp-1_0-0-32bit-1.22.0-150500.3.11.1 * libgstpbutils-1_0-0-32bit-1.22.0-150500.3.11.1 * libgstriff-1_0-0-32bit-debuginfo-1.22.0-150500.3.11.1 * libgstriff-1_0-0-32bit-1.22.0-150500.3.11.1 * libgstvideo-1_0-0-32bit-debuginfo-1.22.0-150500.3.11.1 * openSUSE Leap 15.5 (noarch) * gstreamer-plugins-base-lang-1.22.0-150500.3.11.1 * openSUSE Leap 15.5 (aarch64_ilp32) * libgstvideo-1_0-0-64bit-1.22.0-150500.3.11.1 * libgstfft-1_0-0-64bit-debuginfo-1.22.0-150500.3.11.1 * libgstriff-1_0-0-64bit-debuginfo-1.22.0-150500.3.11.1 * libgsttag-1_0-0-64bit-1.22.0-150500.3.11.1 * libgstapp-1_0-0-64bit-1.22.0-150500.3.11.1 * libgstgl-1_0-0-64bit-debuginfo-1.22.0-150500.3.11.1 * gstreamer-plugins-base-64bit-1.22.0-150500.3.11.1 * gstreamer-plugins-base-64bit-debuginfo-1.22.0-150500.3.11.1 * libgstpbutils-1_0-0-64bit-debuginfo-1.22.0-150500.3.11.1 * libgstsdp-1_0-0-64bit-1.22.0-150500.3.11.1 *libgstapp-1_0-0-64bit-debuginfo-1.22.0-150500.3.11.1 * libgstrtp-1_0-0-64bit-debuginfo-1.22.0-150500.3.11.1 * libgstgl-1_0-0-64bit-1.22.0-150500.3.11.1 * libgstrtp-1_0-0-64bit-1.22.0-150500.3.11.1 * libgstaudio-1_0-0-64bit-debuginfo-1.22.0-150500.3.11.1 * libgstrtsp-1_0-0-64bit-1.22.0-150500.3.11.1 * libgstfft-1_0-0-64bit-1.22.0-150500.3.11.1 * gstreamer-plugins-base-devel-64bit-1.22.0-150500.3.11.1 * libgstpbutils-1_0-0-64bit-1.22.0-150500.3.11.1 * libgstallocators-1_0-0-64bit-1.22.0-150500.3.11.1 * libgstaudio-1_0-0-64bit-1.22.0-150500.3.11.1 * libgstvideo-1_0-0-64bit-debuginfo-1.22.0-150500.3.11.1 * libgstrtsp-1_0-0-64bit-debuginfo-1.22.0-150500.3.11.1 * libgstsdp-1_0-0-64bit-debuginfo-1.22.0-150500.3.11.1 * libgstallocators-1_0-0-64bit-debuginfo-1.22.0-150500.3.11.1 * libgsttag-1_0-0-64bit-debuginfo-1.22.0-150500.3.11.1 * libgstriff-1_0-0-64bit-1.22.0-150500.3.11.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libgstvideo-1_0-0-1.22.0-150500.3.11.1 * libgstriff-1_0-0-1.22.0-150500.3.11.1 * libgstaudio-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstapp-1_0-0-1.22.0-150500.3.11.1 * libgstallocators-1_0-0-1.22.0-150500.3.11.1 * gstreamer-plugins-base-1.22.0-150500.3.11.1 * gstreamer-plugins-base-debugsource-1.22.0-150500.3.11.1 * libgstpbutils-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstgl-1_0-0-1.22.0-150500.3.11.1 * libgstriff-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstvideo-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstallocators-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgsttag-1_0-0-1.22.0-150500.3.11.1 * libgstapp-1_0-0-debuginfo-1.22.0-150500.3.11.1 * gstreamer-plugins-base-debuginfo-1.22.0-150500.3.11.1 * libgsttag-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstpbutils-1_0-0-1.22.0-150500.3.11.1 * libgstaudio-1_0-0-1.22.0-150500.3.11.1 * libgstgl-1_0-0-debuginfo-1.22.0-150500.3.11.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15SP5 (aarch64 x86_64) * libgstvideo-1_0-0-1.22.0-150500.3.11.1 * typelib-1_0-GstAllocators-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstRtp-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstGL-1_0-1.22.0-150500.3.11.1 * libgstriff-1_0-0-1.22.0-150500.3.11.1 * libgstrtsp-1_0-0-1.22.0-150500.3.11.1 * typelib-1_0-GstGLWayland-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstVideo-1_0-1.22.0-150500.3.11.1 * libgstrtp-1_0-0-1.22.0-150500.3.11.1 * libgstriff-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstallocators-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgsttag-1_0-0-1.22.0-150500.3.11.1 * libgstapp-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstfft-1_0-0-1.22.0-150500.3.11.1 * libgstaudio-1_0-0-1.22.0-150500.3.11.1 * typelib-1_0-GstPbutils-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstTag-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstSdp-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstApp-1_0-1.22.0-150500.3.11.1 * libgstaudio-1_0-0-debuginfo-1.22.0-150500.3.11.1 * gstreamer-plugins-base-debugsource-1.22.0-150500.3.11.1 * libgstvideo-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstrtsp-1_0-0-debuginfo-1.22.0-150500.3.11.1 * gstreamer-plugins-base-debuginfo-1.22.0-150500.3.11.1 * typelib-1_0-GstRtsp-1_0-1.22.0-150500.3.11.1 * libgstsdp-1_0-0-debuginfo-1.22.0-150500.3.11.1 * typelib-1_0-GstGLX11-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstAudio-1_0-1.22.0-150500.3.11.1 * gstreamer-plugins-base-devel-1.22.0-150500.3.11.1 * libgstapp-1_0-0-1.22.0-150500.3.11.1 * libgstsdp-1_0-0-1.22.0-150500.3.11.1 * gstreamer-plugins-base-1.22.0-150500.3.11.1 * libgstpbutils-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstgl-1_0-0-1.22.0-150500.3.11.1 * libgstallocators-1_0-0-1.22.0-150500.3.11.1 * libgsttag-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstpbutils-1_0-0-1.22.0-150500.3.11.1 * libgstfft-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstrtp-1_0-0-debuginfo-1.22.0-150500.3.11.1 *libgstgl-1_0-0-debuginfo-1.22.0-150500.3.11.1 * typelib-1_0-GstGLEGL-1_0-1.22.0-150500.3.11.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * gstreamer-plugins-base-lang-1.22.0-150500.3.11.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * libgstvideo-1_0-0-1.22.0-150500.3.11.1 * typelib-1_0-GstAllocators-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstRtp-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstGL-1_0-1.22.0-150500.3.11.1 * libgstriff-1_0-0-1.22.0-150500.3.11.1 * libgstrtsp-1_0-0-1.22.0-150500.3.11.1 * typelib-1_0-GstGLWayland-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstVideo-1_0-1.22.0-150500.3.11.1 * libgstrtp-1_0-0-1.22.0-150500.3.11.1 * libgstriff-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstallocators-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgsttag-1_0-0-1.22.0-150500.3.11.1 * libgstapp-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstfft-1_0-0-1.22.0-150500.3.11.1 * libgstaudio-1_0-0-1.22.0-150500.3.11.1 * typelib-1_0-GstPbutils-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstTag-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstSdp-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstApp-1_0-1.22.0-150500.3.11.1 * libgstaudio-1_0-0-debuginfo-1.22.0-150500.3.11.1 * gstreamer-plugins-base-debugsource-1.22.0-150500.3.11.1 * libgstvideo-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstrtsp-1_0-0-debuginfo-1.22.0-150500.3.11.1 * gstreamer-plugins-base-debuginfo-1.22.0-150500.3.11.1 * typelib-1_0-GstRtsp-1_0-1.22.0-150500.3.11.1 * libgstsdp-1_0-0-debuginfo-1.22.0-150500.3.11.1 * typelib-1_0-GstGLX11-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstAudio-1_0-1.22.0-150500.3.11.1 * gstreamer-plugins-base-devel-1.22.0-150500.3.11.1 * libgstapp-1_0-0-1.22.0-150500.3.11.1 * libgstsdp-1_0-0-1.22.0-150500.3.11.1 * gstreamer-plugins-base-1.22.0-150500.3.11.1 * libgstpbutils-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstgl-1_0-0-1.22.0-150500.3.11.1 *libgstallocators-1_0-0-1.22.0-150500.3.11.1 * libgsttag-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstpbutils-1_0-0-1.22.0-150500.3.11.1 * libgstfft-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstrtp-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstgl-1_0-0-debuginfo-1.22.0-150500.3.11.1 * typelib-1_0-GstGLEGL-1_0-1.22.0-150500.3.11.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * gstreamer-plugins-base-lang-1.22.0-150500.3.11.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libgstvideo-1_0-0-1.22.0-150500.3.11.1 * typelib-1_0-GstAllocators-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstRtp-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstGL-1_0-1.22.0-150500.3.11.1 * libgstriff-1_0-0-1.22.0-150500.3.11.1 * libgstrtsp-1_0-0-1.22.0-150500.3.11.1 * typelib-1_0-GstGLWayland-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstVideo-1_0-1.22.0-150500.3.11.1 * libgstrtp-1_0-0-1.22.0-150500.3.11.1 * libgstriff-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstallocators-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgsttag-1_0-0-1.22.0-150500.3.11.1 * libgstapp-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstfft-1_0-0-1.22.0-150500.3.11.1 * libgstaudio-1_0-0-1.22.0-150500.3.11.1 * typelib-1_0-GstPbutils-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstTag-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstSdp-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstApp-1_0-1.22.0-150500.3.11.1 * libgstaudio-1_0-0-debuginfo-1.22.0-150500.3.11.1 * gstreamer-plugins-base-debugsource-1.22.0-150500.3.11.1 * libgstvideo-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstrtsp-1_0-0-debuginfo-1.22.0-150500.3.11.1 * gstreamer-plugins-base-debuginfo-1.22.0-150500.3.11.1 * typelib-1_0-GstRtsp-1_0-1.22.0-150500.3.11.1 * libgstsdp-1_0-0-debuginfo-1.22.0-150500.3.11.1 * typelib-1_0-GstGLX11-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstAudio-1_0-1.22.0-150500.3.11.1 *gstreamer-plugins-base-devel-1.22.0-150500.3.11.1 * libgstapp-1_0-0-1.22.0-150500.3.11.1 * libgstsdp-1_0-0-1.22.0-150500.3.11.1 * gstreamer-plugins-base-1.22.0-150500.3.11.1 * libgstpbutils-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstgl-1_0-0-1.22.0-150500.3.11.1 * libgstallocators-1_0-0-1.22.0-150500.3.11.1 * libgsttag-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstpbutils-1_0-0-1.22.0-150500.3.11.1 * libgstfft-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstrtp-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstgl-1_0-0-debuginfo-1.22.0-150500.3.11.1 * typelib-1_0-GstGLEGL-1_0-1.22.0-150500.3.11.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * gstreamer-plugins-base-lang-1.22.0-150500.3.11.1 ## References: * https://www.suse.com/security/cve/CVE-2024-47538.html * https://www.suse.com/security/cve/CVE-2024-47541.html * https://www.suse.com/security/cve/CVE-2024-47542.html * https://www.suse.com/security/cve/CVE-2024-47600.html * https://www.suse.com/security/cve/CVE-2024-47607.html * https://www.suse.com/security/cve/CVE-2024-47615.html * https://www.suse.com/security/cve/CVE-2024-47835.html * https://bugzilla.suse.com/show_bug.cgi?id=1234415 * https://bugzilla.suse.com/show_bug.cgi?id=1234450 * https://bugzilla.suse.com/show_bug.cgi?id=1234453 * https://bugzilla.suse.com/show_bug.cgi?id=1234455 * https://bugzilla.suse.com/show_bug.cgi?id=1234456 * https://bugzilla.suse.com/show_bug.cgi?id=1234459 * https://bugzilla.suse.com/show_bug.cgi?id=1234460 . The gstreamer-plugins-base upgrade addresses significant security vulnerabilities in openSUSE. Ensure you install the newest patch promptly for your protection.. gstreamer plugins base security, openSUSE patches, security updates, SUSE vulnerabilities, important security advisory. . Severity: Important. LinuxSecurity.com Team
Jan 09, 2025
•Important
OpenSUSE
203
security advisorydenial of servicecritical issueMageia 9 MGASA-2024-0289 Critical: zziplib Denial of Service
A Stack Buffer Overflow vulnerability in zziplibv 0.13.77 allows attackers to cause a denial of service via the __zzip_fetch_disk_trailer() function at /zzip/zip.c. (CVE-2024-39134) References: . MGASA-2024-0289 - Updated zziplib packages fix security vulnerability Publication date: 10 Sep 2024 URL: https://advisories.mageia.org/MGASA-2024-0289.html Type: security Affected Mageia releases: 9 CVE: CVE-2024-39134 A Stack Buffer Overflow vulnerability in zziplibv 0.13.77 allows attackers to cause a denial of service via the __zzip_fetch_disk_trailer() function at /zzip/zip.c. (CVE-2024-39134) References: - https://bugs.mageia.org/show_bug.cgi?id=33527 - https://lists.suse.com/pipermail/sle-security-updates/2024-August/019205.html - https://www.cve.org/CVERecord?id=CVE-2024-39134 SRPMS: - 9/core/zziplib-0.13.72-2.2.mga9 . The Mageia security advisory MGASA-2024-0290 tackles a critical vulnerability in zziplib, which involves a stack buffer overflow, aiming to prevent potential denial of service incidents.. zziplib security, buffer overflow fix, mageia advisory, dos threat, security update. . Severity: Critical. LinuxSecurity.com Team
Sep 10, 2024
•Critical
Mageia
100
security advisorysecurity enhancementimportantSUSE: 2023:1247-2 Critical Update for bci/dotnet-aspnet Container
The container bci/dotnet-aspnet was updated. The following patches have been included in this update:. SUSE Container Update Advisory: bci/dotnet-aspnet ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2023:3243-1 Container Tags : bci/dotnet-aspnet:7.0 , bci/dotnet-aspnet:7.0-15.3 , bci/dotnet-aspnet:7.0.11 , bci/dotnet-aspnet:7.0.11-15.3 , bci/dotnet-aspnet:latest Container Release : 15.3 Severity : important Type : security References : 1211078 CVE-2023-22652 CVE-2023-30078 CVE-2023-30079 CVE-2023-32181 ----------------------------------------------------------------- The container bci/dotnet-aspnet was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:3954-1 Released: Tue Oct 3 20:09:47 2023 Summary: Security update for libeconf Type: security Severity: important References: 1211078,CVE-2023-22652,CVE-2023-30078,CVE-2023-30079,CVE-2023-32181 This update for libeconf fixes the following issues: Update to version 0.5.2. - CVE-2023-30078, CVE-2023-32181: Fixed a stack-buffer-overflow vulnerability in 'econf_writeFile' function (bsc#1211078). - CVE-2023-30079, CVE-2023-22652: Fixed a stack-buffer-overflow vulnerability in 'read_file' function. (bsc#1211078) The following package changes have been done: - libeconf0-0.5.2-150400.3.6.1 updated - container:sles15-image-15.0.0-36.5.38 updated . Boost the protection of your container by integrating the recent update for SUSE on bci/dotnet-core, which tackles essential security flaws.. SUSE Container Update, dotnet-aspnet, security patches, buffer overflow fix. . Severity: Important. LinuxSecurity.com Team
Oct 05, 2023
•Important
SuSE
197
security advisorycriticalsoftware updateDebian 8 Jessie: DLA-1893-1 Critical CUPS Stack Buffer Overflow
Two issues have been found in cups, the Common UNIX Printing System(tm). Basically both CVEs (CVE-2019-8675 and CVE-2019-8696) are about . Package : cups Version : 1.7.5-11+deb8u5 CVE ID : CVE-2019-8675 CVE-2019-8696 Two issues have been found in cups, the Common UNIX Printing System(tm). Basically both CVEs (CVE-2019-8675 and CVE-2019-8696) are about stack-buffer-overflow in two functions of libcup. One happens in asn1_get_type() the other one in asn1_get_packed(). For Debian 8 "Jessie", these problems have been fixed in version 1.7.5-11+deb8u5. We recommend that you upgrade your cups packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . The latest CUPS security patch resolves urgent vulnerabilities in Debian 8 Jessie, aimed at reducing the potential for stack overflow exploits.. Cups Security Update, Debian Jessie, Stack Buffer Overflow, Critical Security Fix, Software Upgrade. . Severity: Critical. LinuxSecurity.com Team
Aug 22, 2019
•Critical
Debian LTS
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!