Explore top 10 tips to secure your open-source projects now. Read More
×An update that solves seven vulnerabilities can now be installed.. # Security update for gstreamer-plugins-bad Announcement ID: SUSE-SU-2026:3058-1 Release Date: 2026-07-15T13:32:28Z Rating: important References: * bsc#1268168 * bsc#1268406 * bsc#1268408 * bsc#1268410 * bsc#1268971 * bsc#1271051 * bsc#1271168 Cross-References: * CVE-2026-12892 * CVE-2026-14935 * CVE-2026-52720 * CVE-2026-52721 * CVE-2026-52722 * CVE-2026-53702 * CVE-2026-59692 CVSS scores: * CVE-2026-12892 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-12892 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2026-12892 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L * CVE-2026-14935 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-14935 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-14935 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-52720 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-52720 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-52720 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-52721 ( SUSE ): 3.6 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L * CVE-2026-52721 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:H * CVE-2026-52722 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H * CVE-2026-52722 ( NVD ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H * CVE-2026-52722 ( NVD ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H * CVE-2026-53702 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-53702 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-59692 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-59692 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-59692 ( NVD ): 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP7 * Desktop Applications Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves seven vulnerabilities can now be installed. ## Description: This update for gstreamer-plugins-bad fixes the following issues * CVE-2026-12892: 1-byte heap out-of-bounds read in H.264 NAL extension slice parser (bsc#1268971). * CVE-2026-14935: webrtcbin accepts remote SDP without a=fingerprint due to inverted presence check (bsc#1271051). * CVE-2026-52720: invalid check of total area instead of individual dimensions could trigger a heap out-of-bounds write (bsc#1268406). * CVE-2026-52721: crafted PCAP records during IPv4 or TCP header parsing could cause an out-of-bounds read (bsc#1268408). * CVE-2026-52722: crafted VMnc stream with large cursor dimensions can overflow signed integer (bsc#1268410). * CVE-2026-53702: incorrect loop bound during H.265 SEI message parsing could result in a stack buffer overflow (bsc#1268168). * CVE-2026-59692: unvalidated peer certificate Subject DN printed during a DTLS handshake could cause a stack buffer overflow (bsc#1271168). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-3058=1 * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-3058=1 * SUSE Linux Enterprise Server forSAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-3058=1 * Desktop Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP7-2026-3058=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-3058=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-3058=1 ## Package List: * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * libgstmse-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstvulkan-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstisoff-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstwebrtcnice-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstwebrtc-1_0-0-1.24.0-150600.4.9.1 * libgstcodecs-1_0-0-1.24.0-150600.4.9.1 * libgstcuda-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstmpegts-1_0-0-1.24.0-150600.4.9.1 * typelib-1_0-GstPlay-1_0-1.24.0-150600.4.9.1 * typelib-1_0-GstVa-1_0-1.24.0-150600.4.9.1 * typelib-1_0-CudaGst-1_0-1.24.0-150600.4.9.1 * libgstisoff-1_0-0-1.24.0-150600.4.9.1 * typelib-1_0-GstCodecs-1_0-1.24.0-150600.4.9.1 * gstreamer-plugins-bad-debugsource-1.24.0-150600.4.9.1 * libgstcodecparsers-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgsttranscoder-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstplay-1_0-0-1.24.0-150600.4.9.1 * typelib-1_0-GstBadAudio-1_0-1.24.0-150600.4.9.1 * libgstcuda-1_0-0-1.24.0-150600.4.9.1 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.24.0-150600.4.9.1 * typelib-1_0-GstMpegts-1_0-1.24.0-150600.4.9.1 * typelib-1_0-GstWebRTC-1_0-1.24.0-150600.4.9.1 * libgsttranscoder-1_0-0-1.24.0-150600.4.9.1 * gstreamer-plugins-bad-1.24.0-150600.4.9.1 * typelib-1_0-GstInsertBin-1_0-1.24.0-150600.4.9.1 * libgstdxva-1_0-0-1.24.0-150600.4.9.1 * libgstcodecparsers-1_0-0-1.24.0-150600.4.9.1 * libgstsctp-1_0-0-1.24.0-150600.4.9.1 * libgstmse-1_0-0-1.24.0-150600.4.9.1 * libgstinsertbin-1_0-0-debuginfo-1.24.0-150600.4.9.1 *libgstphotography-1_0-0-1.24.0-150600.4.9.1 * libgstmpegts-1_0-0-debuginfo-1.24.0-150600.4.9.1 * typelib-1_0-GstPlayer-1_0-1.24.0-150600.4.9.1 * libgstphotography-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstbadaudio-1_0-0-debuginfo-1.24.0-150600.4.9.1 * typelib-1_0-GstMse-1_0-1.24.0-150600.4.9.1 * libgstanalytics-1_0-0-1.24.0-150600.4.9.1 * libgstva-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstinsertbin-1_0-0-1.24.0-150600.4.9.1 * libgstplay-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstva-1_0-0-1.24.0-150600.4.9.1 * libgstwayland-1_0-0-debuginfo-1.24.0-150600.4.9.1 * typelib-1_0-GstCuda-1_0-1.24.0-150600.4.9.1 * libgstwayland-1_0-0-1.24.0-150600.4.9.1 * libgstadaptivedemux-1_0-0-1.24.0-150600.4.9.1 * libgsturidownloader-1_0-0-debuginfo-1.24.0-150600.4.9.1 * gstreamer-plugins-bad-devel-1.24.0-150600.4.9.1 * libgstanalytics-1_0-0-debuginfo-1.24.0-150600.4.9.1 * gstreamer-plugins-bad-debuginfo-1.24.0-150600.4.9.1 * libgsturidownloader-1_0-0-1.24.0-150600.4.9.1 * libgstcodecs-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstwebrtcnice-1_0-0-1.24.0-150600.4.9.1 * typelib-1_0-GstAnalytics-1_0-1.24.0-150600.4.9.1 * libgstadaptivedemux-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstplayer-1_0-0-1.24.0-150600.4.9.1 * libgstsctp-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstplayer-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstvulkan-1_0-0-1.24.0-150600.4.9.1 * libgstbasecamerabinsrc-1_0-0-1.24.0-150600.4.9.1 * libgstbadaudio-1_0-0-1.24.0-150600.4.9.1 * libgstdxva-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstwebrtc-1_0-0-debuginfo-1.24.0-150600.4.9.1 * typelib-1_0-GstDxva-1_0-1.24.0-150600.4.9.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch) * gstreamer-plugins-bad-lang-1.24.0-150600.4.9.1 * openSUSE Leap 15.6 (aarch64 i586 ppc64le s390x x86_64) * libgstmse-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstisoff-1_0-0-debuginfo-1.24.0-150600.4.9.1 *libgstvulkan-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstwebrtcnice-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstwebrtc-1_0-0-1.24.0-150600.4.9.1 * libgstcodecs-1_0-0-1.24.0-150600.4.9.1 * libgstcuda-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstmpegts-1_0-0-1.24.0-150600.4.9.1 * typelib-1_0-GstPlay-1_0-1.24.0-150600.4.9.1 * typelib-1_0-GstVa-1_0-1.24.0-150600.4.9.1 * typelib-1_0-CudaGst-1_0-1.24.0-150600.4.9.1 * libgstisoff-1_0-0-1.24.0-150600.4.9.1 * typelib-1_0-GstCodecs-1_0-1.24.0-150600.4.9.1 * gstreamer-plugins-bad-debugsource-1.24.0-150600.4.9.1 * libgstcodecparsers-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgsttranscoder-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstplay-1_0-0-1.24.0-150600.4.9.1 * gstreamer-plugins-bad-chromaprint-1.24.0-150600.4.9.1 * libgstcuda-1_0-0-1.24.0-150600.4.9.1 * typelib-1_0-GstBadAudio-1_0-1.24.0-150600.4.9.1 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.24.0-150600.4.9.1 * gstreamer-transcoder-1.24.0-150600.4.9.1 * typelib-1_0-GstMpegts-1_0-1.24.0-150600.4.9.1 * typelib-1_0-GstWebRTC-1_0-1.24.0-150600.4.9.1 * libgsttranscoder-1_0-0-1.24.0-150600.4.9.1 * gstreamer-plugins-bad-1.24.0-150600.4.9.1 * typelib-1_0-GstInsertBin-1_0-1.24.0-150600.4.9.1 * libgstdxva-1_0-0-1.24.0-150600.4.9.1 * libgstcodecparsers-1_0-0-1.24.0-150600.4.9.1 * typelib-1_0-GstVulkanXCB-1_0-1.24.0-150600.4.9.1 * libgstsctp-1_0-0-1.24.0-150600.4.9.1 * libgstmse-1_0-0-1.24.0-150600.4.9.1 * libgstinsertbin-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstphotography-1_0-0-1.24.0-150600.4.9.1 * libgstmpegts-1_0-0-debuginfo-1.24.0-150600.4.9.1 * typelib-1_0-GstPlayer-1_0-1.24.0-150600.4.9.1 * libgstphotography-1_0-0-debuginfo-1.24.0-150600.4.9.1 * typelib-1_0-GstTranscoder-1_0-1.24.0-150600.4.9.1 * libgstbadaudio-1_0-0-debuginfo-1.24.0-150600.4.9.1 * gstreamer-transcoder-debuginfo-1.24.0-150600.4.9.1 * typelib-1_0-GstMse-1_0-1.24.0-150600.4.9.1 *libgstanalytics-1_0-0-1.24.0-150600.4.9.1 * libgstva-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstinsertbin-1_0-0-1.24.0-150600.4.9.1 * gstreamer-plugins-bad-chromaprint-debuginfo-1.24.0-150600.4.9.1 * gstreamer-transcoder-devel-1.24.0-150600.4.9.1 * libgstplay-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstwayland-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstva-1_0-0-1.24.0-150600.4.9.1 * typelib-1_0-GstCuda-1_0-1.24.0-150600.4.9.1 * libgstwayland-1_0-0-1.24.0-150600.4.9.1 * libgsturidownloader-1_0-0-debuginfo-1.24.0-150600.4.9.1 * gstreamer-plugins-bad-devel-1.24.0-150600.4.9.1 * libgstadaptivedemux-1_0-0-1.24.0-150600.4.9.1 * libgstanalytics-1_0-0-debuginfo-1.24.0-150600.4.9.1 * gstreamer-plugins-bad-debuginfo-1.24.0-150600.4.9.1 * typelib-1_0-GstVulkanWayland-1_0-1.24.0-150600.4.9.1 * libgsturidownloader-1_0-0-1.24.0-150600.4.9.1 * libgstcodecs-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstwebrtcnice-1_0-0-1.24.0-150600.4.9.1 * libgstadaptivedemux-1_0-0-debuginfo-1.24.0-150600.4.9.1 * typelib-1_0-GstAnalytics-1_0-1.24.0-150600.4.9.1 * libgstplayer-1_0-0-1.24.0-150600.4.9.1 * typelib-1_0-GstVulkan-1_0-1.24.0-150600.4.9.1 * libgstsctp-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstplayer-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstvulkan-1_0-0-1.24.0-150600.4.9.1 * libgstbadaudio-1_0-0-1.24.0-150600.4.9.1 * libgstbasecamerabinsrc-1_0-0-1.24.0-150600.4.9.1 * libgstdxva-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstwebrtc-1_0-0-debuginfo-1.24.0-150600.4.9.1 * typelib-1_0-GstDxva-1_0-1.24.0-150600.4.9.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libgstwayland-1_0-0-64bit-debuginfo-1.24.0-150600.4.9.1 * gstreamer-plugins-bad-64bit-debuginfo-1.24.0-150600.4.9.1 * gstreamer-plugins-bad-chromaprint-64bit-1.24.0-150600.4.9.1 * libgsttranscoder-1_0-0-64bit-1.24.0-150600.4.9.1 * libgstbadaudio-1_0-0-64bit-1.24.0-150600.4.9.1 * libgstplayer-1_0-0-64bit-1.24.0-150600.4.9.1 *libgstcodecparsers-1_0-0-64bit-debuginfo-1.24.0-150600.4.9.1 * libgstvulkan-1_0-0-64bit-1.24.0-150600.4.9.1 * libgstanalytics-1_0-0-64bit-1.24.0-150600.4.9.1 * gstreamer-plugins-bad-chromaprint-64bit-debuginfo-1.24.0-150600.4.9.1 * libgstadaptivedemux-1_0-0-64bit-1.24.0-150600.4.9.1 * libgstphotography-1_0-0-64bit-1.24.0-150600.4.9.1 * libgstva-1_0-0-64bit-1.24.0-150600.4.9.1 * libgstmse-1_0-0-64bit-1.24.0-150600.4.9.1 * libgstplay-1_0-0-64bit-debuginfo-1.24.0-150600.4.9.1 * libgstbasecamerabinsrc-1_0-0-64bit-debuginfo-1.24.0-150600.4.9.1 * libgstbadaudio-1_0-0-64bit-debuginfo-1.24.0-150600.4.9.1 * libgstdxva-1_0-0-64bit-debuginfo-1.24.0-150600.4.9.1 * libgstisoff-1_0-0-64bit-1.24.0-150600.4.9.1 * libgstvulkan-1_0-0-64bit-debuginfo-1.24.0-150600.4.9.1 * libgstdxva-1_0-0-64bit-1.24.0-150600.4.9.1 * libgsturidownloader-1_0-0-64bit-debuginfo-1.24.0-150600.4.9.1 * libgstva-1_0-0-64bit-debuginfo-1.24.0-150600.4.9.1 * libgstcodecparsers-1_0-0-64bit-1.24.0-150600.4.9.1 * libgstcodecs-1_0-0-64bit-debuginfo-1.24.0-150600.4.9.1 * libgstisoff-1_0-0-64bit-debuginfo-1.24.0-150600.4.9.1 * libgstcuda-1_0-0-64bit-debuginfo-1.24.0-150600.4.9.1 * libgstcodecs-1_0-0-64bit-1.24.0-150600.4.9.1 * libgstadaptivedemux-1_0-0-64bit-debuginfo-1.24.0-150600.4.9.1 * libgstbasecamerabinsrc-1_0-0-64bit-1.24.0-150600.4.9.1 * libgstmpegts-1_0-0-64bit-1.24.0-150600.4.9.1 * libgstplayer-1_0-0-64bit-debuginfo-1.24.0-150600.4.9.1 * libgstwebrtc-1_0-0-64bit-debuginfo-1.24.0-150600.4.9.1 * libgstwayland-1_0-0-64bit-1.24.0-150600.4.9.1 * libgstplay-1_0-0-64bit-1.24.0-150600.4.9.1 * libgstwebrtcnice-1_0-0-64bit-debuginfo-1.24.0-150600.4.9.1 * libgstwebrtcnice-1_0-0-64bit-1.24.0-150600.4.9.1 * libgsturidownloader-1_0-0-64bit-1.24.0-150600.4.9.1 * libgstsctp-1_0-0-64bit-debuginfo-1.24.0-150600.4.9.1 * libgstanalytics-1_0-0-64bit-debuginfo-1.24.0-150600.4.9.1 * libgstcuda-1_0-0-64bit-1.24.0-150600.4.9.1 *libgsttranscoder-1_0-0-64bit-debuginfo-1.24.0-150600.4.9.1 * libgstsctp-1_0-0-64bit-1.24.0-150600.4.9.1 * libgstphotography-1_0-0-64bit-debuginfo-1.24.0-150600.4.9.1 * libgstmse-1_0-0-64bit-debuginfo-1.24.0-150600.4.9.1 * libgstwebrtc-1_0-0-64bit-1.24.0-150600.4.9.1 * libgstmpegts-1_0-0-64bit-debuginfo-1.24.0-150600.4.9.1 * gstreamer-plugins-bad-64bit-1.24.0-150600.4.9.1 * libgstinsertbin-1_0-0-64bit-1.24.0-150600.4.9.1 * libgstinsertbin-1_0-0-64bit-debuginfo-1.24.0-150600.4.9.1 * openSUSE Leap 15.6 (x86_64) * libgstwayland-1_0-0-32bit-1.24.0-150600.4.9.1 * libgstwebrtc-1_0-0-32bit-1.24.0-150600.4.9.1 * libgstcodecparsers-1_0-0-32bit-1.24.0-150600.4.9.1 * libgstanalytics-1_0-0-32bit-debuginfo-1.24.0-150600.4.9.1 * libgstwebrtcnice-1_0-0-32bit-1.24.0-150600.4.9.1 * libgstcodecs-1_0-0-32bit-1.24.0-150600.4.9.1 * libgstdxva-1_0-0-32bit-1.24.0-150600.4.9.1 * libgstbadaudio-1_0-0-32bit-1.24.0-150600.4.9.1 * libgstinsertbin-1_0-0-32bit-debuginfo-1.24.0-150600.4.9.1 * libgstwayland-1_0-0-32bit-debuginfo-1.24.0-150600.4.9.1 * libgstbadaudio-1_0-0-32bit-debuginfo-1.24.0-150600.4.9.1 * libgstanalytics-1_0-0-32bit-1.24.0-150600.4.9.1 * gstreamer-plugins-bad-32bit-debuginfo-1.24.0-150600.4.9.1 * libgstmpegts-1_0-0-32bit-debuginfo-1.24.0-150600.4.9.1 * libgstcuda-1_0-0-32bit-debuginfo-1.24.0-150600.4.9.1 * libgstmse-1_0-0-32bit-1.24.0-150600.4.9.1 * libgsttranscoder-1_0-0-32bit-1.24.0-150600.4.9.1 * libgstvulkan-1_0-0-32bit-debuginfo-1.24.0-150600.4.9.1 * libgstadaptivedemux-1_0-0-32bit-debuginfo-1.24.0-150600.4.9.1 * libgstplayer-1_0-0-32bit-1.24.0-150600.4.9.1 * libgstwebrtc-1_0-0-32bit-debuginfo-1.24.0-150600.4.9.1 * libgstcodecparsers-1_0-0-32bit-debuginfo-1.24.0-150600.4.9.1 * gstreamer-plugins-bad-chromaprint-32bit-debuginfo-1.24.0-150600.4.9.1 * libgsturidownloader-1_0-0-32bit-1.24.0-150600.4.9.1 * libgstvulkan-1_0-0-32bit-1.24.0-150600.4.9.1 *libgstdxva-1_0-0-32bit-debuginfo-1.24.0-150600.4.9.1 * libgstbasecamerabinsrc-1_0-0-32bit-debuginfo-1.24.0-150600.4.9.1 * libgstcuda-1_0-0-32bit-1.24.0-150600.4.9.1 * libgsttranscoder-1_0-0-32bit-debuginfo-1.24.0-150600.4.9.1 * libgstplay-1_0-0-32bit-1.24.0-150600.4.9.1 * libgstsctp-1_0-0-32bit-debuginfo-1.24.0-150600.4.9.1 * libgstinsertbin-1_0-0-32bit-1.24.0-150600.4.9.1 * libgsturidownloader-1_0-0-32bit-debuginfo-1.24.0-150600.4.9.1 * libgstbasecamerabinsrc-1_0-0-32bit-1.24.0-150600.4.9.1 * libgstcodecs-1_0-0-32bit-debuginfo-1.24.0-150600.4.9.1 * libgstadaptivedemux-1_0-0-32bit-1.24.0-150600.4.9.1 * libgstphotography-1_0-0-32bit-debuginfo-1.24.0-150600.4.9.1 * libgstmpegts-1_0-0-32bit-1.24.0-150600.4.9.1 * libgstva-1_0-0-32bit-1.24.0-150600.4.9.1 * libgstplay-1_0-0-32bit-debuginfo-1.24.0-150600.4.9.1 * gstreamer-plugins-bad-32bit-1.24.0-150600.4.9.1 * libgstphotography-1_0-0-32bit-1.24.0-150600.4.9.1 * libgstsctp-1_0-0-32bit-1.24.0-150600.4.9.1 * libgstisoff-1_0-0-32bit-1.24.0-150600.4.9.1 * libgstwebrtcnice-1_0-0-32bit-debuginfo-1.24.0-150600.4.9.1 * libgstmse-1_0-0-32bit-debuginfo-1.24.0-150600.4.9.1 * libgstplayer-1_0-0-32bit-debuginfo-1.24.0-150600.4.9.1 * gstreamer-plugins-bad-chromaprint-32bit-1.24.0-150600.4.9.1 * libgstva-1_0-0-32bit-debuginfo-1.24.0-150600.4.9.1 * libgstisoff-1_0-0-32bit-debuginfo-1.24.0-150600.4.9.1 * openSUSE Leap 15.6 (noarch) * gstreamer-plugins-bad-lang-1.24.0-150600.4.9.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * gstreamer-plugins-bad-debuginfo-1.24.0-150600.4.9.1 * libgstphotography-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgsttranscoder-1_0-0-1.24.0-150600.4.9.1 * libgstplayer-1_0-0-1.24.0-150600.4.9.1 * libgstplayer-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstplay-1_0-0-debuginfo-1.24.0-150600.4.9.1 * gstreamer-plugins-bad-debugsource-1.24.0-150600.4.9.1 * libgsttranscoder-1_0-0-debuginfo-1.24.0-150600.4.9.1 *libgstplay-1_0-0-1.24.0-150600.4.9.1 * libgstphotography-1_0-0-1.24.0-150600.4.9.1 * Desktop Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libgstmse-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstisoff-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstwebrtcnice-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstvulkan-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstwebrtc-1_0-0-1.24.0-150600.4.9.1 * libgstcodecs-1_0-0-1.24.0-150600.4.9.1 * libgstcuda-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstmpegts-1_0-0-1.24.0-150600.4.9.1 * typelib-1_0-GstPlay-1_0-1.24.0-150600.4.9.1 * typelib-1_0-GstVa-1_0-1.24.0-150600.4.9.1 * typelib-1_0-CudaGst-1_0-1.24.0-150600.4.9.1 * libgstisoff-1_0-0-1.24.0-150600.4.9.1 * typelib-1_0-GstCodecs-1_0-1.24.0-150600.4.9.1 * gstreamer-plugins-bad-debugsource-1.24.0-150600.4.9.1 * libgstcodecparsers-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstcuda-1_0-0-1.24.0-150600.4.9.1 * typelib-1_0-GstBadAudio-1_0-1.24.0-150600.4.9.1 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.24.0-150600.4.9.1 * typelib-1_0-GstMpegts-1_0-1.24.0-150600.4.9.1 * typelib-1_0-GstWebRTC-1_0-1.24.0-150600.4.9.1 * gstreamer-plugins-bad-1.24.0-150600.4.9.1 * typelib-1_0-GstInsertBin-1_0-1.24.0-150600.4.9.1 * libgstdxva-1_0-0-1.24.0-150600.4.9.1 * libgstcodecparsers-1_0-0-1.24.0-150600.4.9.1 * libgstsctp-1_0-0-1.24.0-150600.4.9.1 * libgstmse-1_0-0-1.24.0-150600.4.9.1 * libgstinsertbin-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstmpegts-1_0-0-debuginfo-1.24.0-150600.4.9.1 * typelib-1_0-GstPlayer-1_0-1.24.0-150600.4.9.1 * libgstbadaudio-1_0-0-debuginfo-1.24.0-150600.4.9.1 * typelib-1_0-GstMse-1_0-1.24.0-150600.4.9.1 * libgstanalytics-1_0-0-1.24.0-150600.4.9.1 * libgstva-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstinsertbin-1_0-0-1.24.0-150600.4.9.1 * libgstva-1_0-0-1.24.0-150600.4.9.1 * libgstwayland-1_0-0-debuginfo-1.24.0-150600.4.9.1 * typelib-1_0-GstCuda-1_0-1.24.0-150600.4.9.1 * libgstwayland-1_0-0-1.24.0-150600.4.9.1 * libgstadaptivedemux-1_0-0-1.24.0-150600.4.9.1 * gstreamer-plugins-bad-devel-1.24.0-150600.4.9.1 * gstreamer-plugins-bad-debuginfo-1.24.0-150600.4.9.1 * libgstanalytics-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgsturidownloader-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgsturidownloader-1_0-0-1.24.0-150600.4.9.1 * libgstcodecs-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstadaptivedemux-1_0-0-debuginfo-1.24.0-150600.4.9.1 * typelib-1_0-GstAnalytics-1_0-1.24.0-150600.4.9.1 * libgstwebrtcnice-1_0-0-1.24.0-150600.4.9.1 * libgstbadaudio-1_0-0-1.24.0-150600.4.9.1 * libgstsctp-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstbasecamerabinsrc-1_0-0-1.24.0-150600.4.9.1 * libgstvulkan-1_0-0-1.24.0-150600.4.9.1 * libgstdxva-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstwebrtc-1_0-0-debuginfo-1.24.0-150600.4.9.1 * typelib-1_0-GstDxva-1_0-1.24.0-150600.4.9.1 * Desktop Applications Module 15-SP7 (noarch) * gstreamer-plugins-bad-lang-1.24.0-150600.4.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * libgstmse-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstisoff-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstwebrtcnice-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstvulkan-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstwebrtc-1_0-0-1.24.0-150600.4.9.1 * libgstcuda-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstmpegts-1_0-0-1.24.0-150600.4.9.1 * typelib-1_0-GstPlay-1_0-1.24.0-150600.4.9.1 * typelib-1_0-GstVa-1_0-1.24.0-150600.4.9.1 * typelib-1_0-CudaGst-1_0-1.24.0-150600.4.9.1 * libgstisoff-1_0-0-1.24.0-150600.4.9.1 * typelib-1_0-GstCodecs-1_0-1.24.0-150600.4.9.1 * gstreamer-plugins-bad-debugsource-1.24.0-150600.4.9.1 * libgstcodecparsers-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgsttranscoder-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstplay-1_0-0-1.24.0-150600.4.9.1 * libgstcuda-1_0-0-1.24.0-150600.4.9.1 *typelib-1_0-GstBadAudio-1_0-1.24.0-150600.4.9.1 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.24.0-150600.4.9.1 * typelib-1_0-GstMpegts-1_0-1.24.0-150600.4.9.1 * typelib-1_0-GstWebRTC-1_0-1.24.0-150600.4.9.1 * libgsttranscoder-1_0-0-1.24.0-150600.4.9.1 * gstreamer-plugins-bad-1.24.0-150600.4.9.1 * libgstdxva-1_0-0-1.24.0-150600.4.9.1 * typelib-1_0-GstInsertBin-1_0-1.24.0-150600.4.9.1 * libgstcodecparsers-1_0-0-1.24.0-150600.4.9.1 * libgstsctp-1_0-0-1.24.0-150600.4.9.1 * libgstmse-1_0-0-1.24.0-150600.4.9.1 * libgstinsertbin-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstphotography-1_0-0-1.24.0-150600.4.9.1 * libgstmpegts-1_0-0-debuginfo-1.24.0-150600.4.9.1 * typelib-1_0-GstPlayer-1_0-1.24.0-150600.4.9.1 * libgstphotography-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstbadaudio-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstanalytics-1_0-0-1.24.0-150600.4.9.1 * typelib-1_0-GstMse-1_0-1.24.0-150600.4.9.1 * libgstva-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstinsertbin-1_0-0-1.24.0-150600.4.9.1 * libgstplay-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstwayland-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstva-1_0-0-1.24.0-150600.4.9.1 * typelib-1_0-GstCuda-1_0-1.24.0-150600.4.9.1 * libgstwayland-1_0-0-1.24.0-150600.4.9.1 * libgsturidownloader-1_0-0-debuginfo-1.24.0-150600.4.9.1 * gstreamer-plugins-bad-devel-1.24.0-150600.4.9.1 * gstreamer-plugins-bad-debuginfo-1.24.0-150600.4.9.1 * libgstanalytics-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstadaptivedemux-1_0-0-1.24.0-150600.4.9.1 * libgsturidownloader-1_0-0-1.24.0-150600.4.9.1 * libgstcodecs-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstadaptivedemux-1_0-0-debuginfo-1.24.0-150600.4.9.1 * typelib-1_0-GstAnalytics-1_0-1.24.0-150600.4.9.1 * libgstwebrtcnice-1_0-0-1.24.0-150600.4.9.1 * libgstplayer-1_0-0-1.24.0-150600.4.9.1 * libgstplayer-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstbadaudio-1_0-0-1.24.0-150600.4.9.1 *libgstvulkan-1_0-0-1.24.0-150600.4.9.1 * libgstcodecs-1_0-0-1.24.0-150600.4.9.1 * libgstbasecamerabinsrc-1_0-0-1.24.0-150600.4.9.1 * libgstdxva-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstsctp-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgstwebrtc-1_0-0-debuginfo-1.24.0-150600.4.9.1 * typelib-1_0-GstDxva-1_0-1.24.0-150600.4.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch) * gstreamer-plugins-bad-lang-1.24.0-150600.4.9.1 * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64) * libgsttranscoder-1_0-0-debuginfo-1.24.0-150600.4.9.1 * libgsttranscoder-1_0-0-1.24.0-150600.4.9.1 * gstreamer-plugins-bad-debuginfo-1.24.0-150600.4.9.1 * gstreamer-plugins-bad-debugsource-1.24.0-150600.4.9.1 ## References: * https://www.suse.com/security/cve/CVE-2026-12892.html * https://www.suse.com/security/cve/CVE-2026-14935.html * https://www.suse.com/security/cve/CVE-2026-52720.html * https://www.suse.com/security/cve/CVE-2026-52721.html * https://www.suse.com/security/cve/CVE-2026-52722.html * https://www.suse.com/security/cve/CVE-2026-53702.html * https://www.suse.com/security/cve/CVE-2026-59692.html * https://bugzilla.suse.com/show_bug.cgi?id=1268168 * https://bugzilla.suse.com/show_bug.cgi?id=1268406 * https://bugzilla.suse.com/show_bug.cgi?id=1268408 * https://bugzilla.suse.com/show_bug.cgi?id=1268410 * https://bugzilla.suse.com/show_bug.cgi?id=1268971 * https://bugzilla.suse.com/show_bug.cgi?id=1271051 * https://bugzilla.suse.com/show_bug.cgi?id=1271168 . Update available for gstreamer-plugins-bad addressing seven important issues including multiple heap and stack overflows.. gstreamer plugins, opensuse advisory, security updates, important vulnerabilities. . Severity: Important. LinuxSecurity.com Team
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-38512 http://linux.oracle.com/errata/ELSA-2026-38512.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: perl-DBI-1.643-9.el9_8.1.x86_64.rpm aarch64: perl-DBI-1.643-9.el9_8.1.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/perl-DBI-1.643-9.el9_8.1.src.rpm Related CVEs: CVE-2026-9698 Description of changes: [1.643-9.1] - Fix possible stack overflow and buffer overflow in DBI.xs (CVE-2026-9698) - Resolves: RHEL-184984 _______________________________________________ El-errata mailing list
New p11-kit packages are available for Slackware 15.0 and -current to fix a security issue.. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] p11-kit (SSA:2026-191-01) New p11-kit packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: +--------------------------+ patches/packages/p11-kit-0.26.4-i586-1_slack15.0.txz: Upgraded. This update fixes a security issue: server: fixed stack exhaustion via unbounded recursion in RPC attribute parsing by enforcing a recursion depth limit. For more information, see: https://www.cve.org/CVERecord?id=CVE-2026-13757 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated package for Slackware 15.0: ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/p11-kit-0.26.4-i586-1_slack15.0.txz Updated package for Slackware x86_64 15.0: ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/p11-kit-0.26.4-x86_64-1_slack15.0.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/p11-kit-0.26.4-i686-1.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/p11-kit-0.26.4-x86_64-1.txz MD5 signatures: +-------------+ Slackware 15.0 package: 0ea4b7fff6ae3b2ba9333b0d61189ea3 p11-kit-0.26.4-i586-1_slack15.0.txz Slackware x86_64 15.0 package: ac5289607feefa65ab55ef94a9b7b646 p11-kit-0.26.4-x86_64-1_slack15.0.txz Slackware -current package: 02718b552cbe3ce1a0eeabdabeb926e3 n/p11-kit-0.26.4-i686-1.txz Slackware x86_64 -current package: 04faf2f2c84fc10f785affdb42e85914 n/p11-kit-0.26.4-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg p11-kit-0.26.4-i586-1_slack15.0.txz +-----+ . New p11-kit packages for Slackware address a stack exhaustion issue, enhancing system security and performance.. Slackware p11-kit stack exhaustion security fix. . Severity: Critical. LinuxSecurity.com Team
New proftpd packages are available for Slackware 15.0 and -current to fix security issues.. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] proftpd (SSA:2026-189-02) New proftpd packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: +--------------------------+ patches/packages/proftpd-1.3.9c-i586-1_slack15.0.txz: Upgraded. This update fixes bugs and security issues: ExecEnviron values not passed due to regression since 1.3.8.d. Stack buffer overflow in MLSD/MLST handling for long path names. MaxTransfersPerUser no longer enforces configured limits. AdminControlsACLs for config, get actions not honored as they should be. Memcached/Redis-cached JSON TLS session/OCSP entries decoded into fixed buffers without bounds checking. RewriteMap unescape builtin use causes one-byte out-of-bounds write, fails to reject illegal characters. SQL group name lookup concatenates client-provided group names without escaping. Authenticated SFTP sessions can overflow the SFTP packet buffer. Default Controls socket ACLs unintentionally allow all users access for sending Controls requests. (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated package for Slackware 15.0: ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/proftpd-1.3.9c-i586-1_slack15.0.txz Updated package for Slackware x86_64 15.0: ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/proftpd-1.3.9c-x86_64-1_slack15.0.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/proftpd-1.3.9c-i686-1.txz Updated package for Slackware x86_64-current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/proftpd-1.3.9c-x86_64-1.txz MD5 signatures: +-------------+ Slackware 15.0 package: 5e957bcf4abf13fc957520d6987eb954 proftpd-1.3.9c-i586-1_slack15.0.txz Slackware x86_64 15.0 package: 7506a63751fc4996465a2c83e9174eae proftpd-1.3.9c-x86_64-1_slack15.0.txz Slackware -current package: eb1aa81c4db3a984dc39f9e75438e067 n/proftpd-1.3.9c-i686-1.txz Slackware x86_64 -current package: d28ec7ff480ab4121deb30c59c73e9ca n/proftpd-1.3.9c-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg proftpd-1.3.9c-i586-1_slack15.0.txz +-----+ . Upgrade to the latest proftpd package for Slackware to address significant security issues and bugs in the software.. proftpd security issues, Slackware package updates, buffer overflow fix. . Severity: Critical. LinuxSecurity.com Team
An update that solves one vulnerability can now be installed.. # Security update for editorconfig-core-c Announcement ID: SUSE-SU-2026:2731-1 Release Date: 2026-07-02T17:36:35Z Rating: moderate References: * bsc#1262131 Cross-References: * CVE-2026-40489 CVSS scores: * CVE-2026-40489 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-40489 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-40489 ( NVD ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * Development Tools Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for editorconfig-core-c fixes the following issue: * CVE-2026-40489: improper use of `strcpy` can lead to a stack buffer overflow (bsc#1262131). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Development Tools Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP7-2026-2731=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-2731=1 ## Package List: * openSUSE Leap 15.6 (aarch64 i586 ppc64le s390x x86_64) * libeditorconfig-devel-0.12.6-150600.3.6.1 * editorconfig-core-c-debugsource-0.12.6-150600.3.6.1 * editorconfig-debuginfo-0.12.6-150600.3.6.1 * editorconfig-0.12.6-150600.3.6.1 * libeditorconfig0-debuginfo-0.12.6-150600.3.6.1 * libeditorconfig0-0.12.6-150600.3.6.1 * openSUSE Leap 15.6 (aarch64_ilp32) *libeditorconfig-devel-64bit-0.12.6-150600.3.6.1 * libeditorconfig0-64bit-debuginfo-0.12.6-150600.3.6.1 * libeditorconfig0-64bit-0.12.6-150600.3.6.1 * openSUSE Leap 15.6 (x86_64) * libeditorconfig-devel-32bit-0.12.6-150600.3.6.1 * libeditorconfig0-32bit-debuginfo-0.12.6-150600.3.6.1 * libeditorconfig0-32bit-0.12.6-150600.3.6.1 * Development Tools Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libeditorconfig0-debuginfo-0.12.6-150600.3.6.1 * editorconfig-core-c-debugsource-0.12.6-150600.3.6.1 * libeditorconfig0-0.12.6-150600.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2026-40489.html * https://bugzilla.suse.com/show_bug.cgi?id=1262131 . SUSE updates editorconfig-core-c to fix stack overflow vulnerability CVE-2026-40489 with moderate severity.. editorconfig-core-c stack buffer overflow SUSE patch. . Severity: moderate. LinuxSecurity.com Team
An update that solves eight vulnerabilities can now be installed.. # Security update for tiff Announcement ID: SUSE-SU-2026:22306-1 Release Date: 2026-06-21T02:12:54Z Rating: important References: * bsc#1248278 * bsc#1257123 * bsc#1260411 Cross-References: * CVE-2018-7456 * CVE-2023-0800 * CVE-2023-0801 * CVE-2023-0802 * CVE-2023-0803 * CVE-2023-0804 * CVE-2025-8851 * CVE-2026-4775 CVSS scores: * CVE-2018-7456 ( SUSE ): 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2018-7456 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-0800 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-0800 ( NVD ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2023-0800 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-0801 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-0801 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-0801 ( NVD ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2023-0802 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-0802 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-0802 ( NVD ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2023-0803 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-0803 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-0803 ( NVD ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2023-0804 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-0804 ( NVD ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2023-0804 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-8851 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-8851 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-8851 ( NVD ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-8851 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2026-4775 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-4775 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2026-4775 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-4775 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves eight vulnerabilities can now be installed. ## Description: This update for tiff fixes the following issues Security issues: * CVE-2025-8851: libtiff: LibTIFF Stack-based buffer overflow (bsc#1248278). * CVE-2026-4775: signed integer overflow in the `putcontig8bitYCbCr44tile` function (bsc#1260411). Non security issue: * QGIS can't export with GDAL- LERC codec, LERC library not found anywhere in the system (bsc#1257123). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-1007=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-1007=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * libtiff6-4.7.1-160000.2.1 * libtiff-devel-4.7.1-160000.2.1 * libtiff6-debuginfo-4.7.1-160000.2.1 * tiff-debugsource-4.7.1-160000.2.1 * tiff-debuginfo-4.7.1-160000.2.1 * tiff-4.7.1-160000.2.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * libtiff6-4.7.1-160000.2.1 * libtiff-devel-4.7.1-160000.2.1 *libtiff6-debuginfo-4.7.1-160000.2.1 * tiff-debugsource-4.7.1-160000.2.1 * tiff-debuginfo-4.7.1-160000.2.1 * tiff-4.7.1-160000.2.1 ## References: * https://www.suse.com/security/cve/CVE-2018-7456.html * https://www.suse.com/security/cve/CVE-2023-0800.html * https://www.suse.com/security/cve/CVE-2023-0801.html * https://www.suse.com/security/cve/CVE-2023-0802.html * https://www.suse.com/security/cve/CVE-2023-0803.html * https://www.suse.com/security/cve/CVE-2023-0804.html * https://www.suse.com/security/cve/CVE-2025-8851.html * https://www.suse.com/security/cve/CVE-2026-4775.html * https://bugzilla.suse.com/show_bug.cgi?id=1248278 * https://bugzilla.suse.com/show_bug.cgi?id=1257123 * https://bugzilla.suse.com/show_bug.cgi?id=1260411 . SUSE releases important security update for tiff fixing eight issues, including stack overflow and integer overflow.. tiff security update, SUSE tiff vulnerabilities, important security advisory. . Severity: Important. LinuxSecurity.com Team
An update that solves three vulnerabilities can now be installed.. # Security update for opensc Announcement ID: SUSE-SU-2026:2678-1 Release Date: 2026-06-29T10:57:19Z Rating: important References: * bsc#1261214 * bsc#1261220 * bsc#1267246 Cross-References: * CVE-2025-49010 * CVE-2025-66215 * CVE-2026-10275 CVSS scores: * CVE-2025-49010 ( SUSE ): 1.0 CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-49010 ( SUSE ): 3.8 CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2025-49010 ( NVD ): 3.8 CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2025-49010 ( NVD ): 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-66215 ( SUSE ): 1.0 CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-66215 ( SUSE ): 3.8 CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2025-66215 ( NVD ): 3.8 CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2025-66215 ( NVD ): 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-10275 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-10275 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-10275 ( NVD ): 1.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-10275 ( NVD ): 5.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for opensc fixes the following issues * CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device responses (bsc#1261214). *CVE-2025-66215: crafted smart card or USB device can cause a stack-buffer- overflow write (bsc#1261220). * CVE-2026-10275: global buffer overflow during key pair generation tests due to missing input validation (bsc#1267246). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-2678=1 * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2026-2678=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * opensc-0.13.0-3.36.1 * opensc-debugsource-0.13.0-3.36.1 * opensc-debuginfo-0.13.0-3.36.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * opensc-0.13.0-3.36.1 * opensc-debugsource-0.13.0-3.36.1 * opensc-debuginfo-0.13.0-3.36.1 ## References: * https://www.suse.com/security/cve/CVE-2025-49010.html * https://www.suse.com/security/cve/CVE-2025-66215.html * https://www.suse.com/security/cve/CVE-2026-10275.html * https://bugzilla.suse.com/show_bug.cgi?id=1261214 * https://bugzilla.suse.com/show_bug.cgi?id=1261220 * https://bugzilla.suse.com/show_bug.cgi?id=1267246 . Three important vulnerabilities in SUSE’s opensc are addressed by this security update. Install it now for protection!. SUSE Security Update, opensc Issues, Buffer Overflow Patches, SUSE Vulnerabilities. . Severity: Important. LinuxSecurity.com Team
An update that solves six vulnerabilities can now be installed.. # Security update for opensc Announcement ID: SUSE-SU-2026:2657-1 Release Date: 2026-06-26T12:25:12Z Rating: important References: * bsc#1261214 * bsc#1261218 * bsc#1261219 * bsc#1261220 * bsc#1266963 * bsc#1267246 Cross-References: * CVE-2025-49010 * CVE-2025-66037 * CVE-2025-66038 * CVE-2025-66215 * CVE-2026-10275 * CVE-2026-40528 CVSS scores: * CVE-2025-49010 ( SUSE ): 1.0 CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-49010 ( SUSE ): 3.8 CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2025-49010 ( NVD ): 3.8 CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2025-49010 ( NVD ): 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-66037 ( SUSE ): 1.0 CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-66037 ( SUSE ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-66037 ( NVD ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-66037 ( NVD ): 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-66038 ( SUSE ): 1.0 CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-66038 ( SUSE ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-66038 ( NVD ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-66038 ( NVD ): 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-66215 ( SUSE ): 1.0 CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-66215 ( SUSE ): 3.8 CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2025-66215 ( NVD ): 3.8 CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2025-66215 ( NVD ): 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-10275 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-10275 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-10275 ( NVD ): 1.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-10275 ( NVD ): 5.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2026-40528 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-40528 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-40528 ( NVD ): 1.0 CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-40528 ( NVD ): 3.8 CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2026-40528 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves six vulnerabilities can now be installed. ## Description: This update for opensc fixes the following issues * CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device responses (bsc#1261214). * CVE-2025-66037: crafted input can cause an out-of-bounds read(bsc#1261218). * CVE-2025-66038: improper compact-TLV length validation can lead to crash or unexpected behavior (bsc#1261219). * CVE-2025-66215: crafted smart card or USB device can cause a stack-buffer- overflow write (bsc#1261220). * CVE-2026-10275: global buffer overflow during key pair generation tests due to missing input validation (bsc#1267246). * CVE-2026-40528: stack and heap buffer overrun in the `do_key_value()` function due to missing length check allows for memory corruption via a crafted profile configuration file (bsc#1266963). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2657=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2657=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2657=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2657=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2657=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2657=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2657=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2657=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2657=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2657=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-2657=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2657=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2657=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2657=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * opensc-debugsource-0.22.0-150400.3.17.1 * opensc-0.22.0-150400.3.17.1 * opensc-debuginfo-0.22.0-150400.3.17.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * opensc-debugsource-0.22.0-150400.3.17.1 * opensc-0.22.0-150400.3.17.1 * opensc-debuginfo-0.22.0-150400.3.17.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * opensc-debugsource-0.22.0-150400.3.17.1 * opensc-0.22.0-150400.3.17.1 * opensc-debuginfo-0.22.0-150400.3.17.1 * openSUSE Leap 15.4 (aarch64 i586 ppc64le s390x x86_64) * opensc-debugsource-0.22.0-150400.3.17.1 * opensc-0.22.0-150400.3.17.1 * opensc-debuginfo-0.22.0-150400.3.17.1 * openSUSE Leap 15.4 (x86_64) * opensc-32bit-0.22.0-150400.3.17.1 * opensc-32bit-debuginfo-0.22.0-150400.3.17.1 * openSUSE Leap 15.4 (aarch64_ilp32) * opensc-64bit-debuginfo-0.22.0-150400.3.17.1 * opensc-64bit-0.22.0-150400.3.17.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * opensc-debugsource-0.22.0-150400.3.17.1 * opensc-0.22.0-150400.3.17.1 * opensc-debuginfo-0.22.0-150400.3.17.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * opensc-debugsource-0.22.0-150400.3.17.1 * opensc-0.22.0-150400.3.17.1 * opensc-debuginfo-0.22.0-150400.3.17.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * opensc-debugsource-0.22.0-150400.3.17.1 * opensc-0.22.0-150400.3.17.1 * opensc-debuginfo-0.22.0-150400.3.17.1 * SUSE Linux Enterprise High Performance ComputingESPOS 15 SP5 (aarch64 x86_64) * opensc-debugsource-0.22.0-150400.3.17.1 * opensc-0.22.0-150400.3.17.1 * opensc-debuginfo-0.22.0-150400.3.17.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * opensc-debugsource-0.22.0-150400.3.17.1 * opensc-0.22.0-150400.3.17.1 * opensc-debuginfo-0.22.0-150400.3.17.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * opensc-debugsource-0.22.0-150400.3.17.1 * opensc-0.22.0-150400.3.17.1 * opensc-debuginfo-0.22.0-150400.3.17.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * opensc-debugsource-0.22.0-150400.3.17.1 * opensc-0.22.0-150400.3.17.1 * opensc-debuginfo-0.22.0-150400.3.17.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * opensc-debugsource-0.22.0-150400.3.17.1 * opensc-0.22.0-150400.3.17.1 * opensc-debuginfo-0.22.0-150400.3.17.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * opensc-debugsource-0.22.0-150400.3.17.1 * opensc-0.22.0-150400.3.17.1 * opensc-debuginfo-0.22.0-150400.3.17.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * opensc-debugsource-0.22.0-150400.3.17.1 * opensc-0.22.0-150400.3.17.1 * opensc-debuginfo-0.22.0-150400.3.17.1 ## References: * https://www.suse.com/security/cve/CVE-2025-49010.html * https://www.suse.com/security/cve/CVE-2025-66037.html * https://www.suse.com/security/cve/CVE-2025-66038.html * https://www.suse.com/security/cve/CVE-2025-66215.html * https://www.suse.com/security/cve/CVE-2026-10275.html * https://www.suse.com/security/cve/CVE-2026-40528.html * https://bugzilla.suse.com/show_bug.cgi?id=1261214 * https://bugzilla.suse.com/show_bug.cgi?id=1261218 * https://bugzilla.suse.com/show_bug.cgi?id=1261219 * https://bugzilla.suse.com/show_bug.cgi?id=1261220 * https://bugzilla.suse.com/show_bug.cgi?id=1266963 * https://bugzilla.suse.com/show_bug.cgi?id=1267246 . # Securityupdate for opensc Announcement ID: SUSE-SU-2026:2657-1 Release Date: 2026-06-26T12:25:12Z. update, solves, vulnerabilities, installed, security, opensc, announc. . Severity: Important. LinuxSecurity.com Team
Get the latest Linux and open source security news straight to your inbox.