SUSE-SU-2026:1753-1: important: Security update for 389-ds
SUSE-SU-2026:1755-1: important: Security update for freeipmi
SUSE-SU-2026:1744-1: moderate: Security update for python-pytest
SUSE-SU-2026:1732-1: important: Security update for java-17-openjdk
SUSE-SU-2026:1740-1: moderate: Security update for python-Django
SUSE-SU-2026:1749-1: moderate: Security update for webkit2gtk3
SUSE-SU-2026:1750-1: important: Security update for librsvg
SUSE-SU-2026:1735-1: important: Security update for the Linux Kernel (Live Patch 20 for SUSE Linux Enterprise 15 SP6)
SUSE-SU-2026:1728-1: important: Security update for the Linux Kernel (Live Patch 17 for SUSE Linux Enterprise 15 SP6)
SUSE-SU-2026:1736-1: important: Security update for the Linux Kernel (Live Patch 22 for SUSE Linux Enterprise 15 SP6)
SUSE-SU-2026:1733-1: important: Security update for the Linux Kernel (Live Patch 30 for SUSE Linux Enterprise 15 SP5)
openSUSE-SU-2026:10691-1: moderate: gnutls-3.8.13-1.1 on GA media
openSUSE-SU-2026:10690-1: moderate: cri-tools-1.36.0-1.1 on GA media
openSUSE-SU-2026:10696-1: moderate: nix-2.34.7-1.1 on GA media
openSUSE-SU-2026:10692-1: moderate: grafana-11.6.14+security01-3.1 on GA media
openSUSE-SU-2026:10694-1: moderate: libmariadbd-devel-11.8.6-1.1 on GA media
openSUSE-SU-2026:10695-1: moderate: mutt-2.3.2-1.1 on GA media
openSUSE-SU-2026:10689-1: moderate: chromedriver-148.0.7778.96-1.1 on GA media
openSUSE-SU-2026:10688-1: moderate: cf-cli-8.18.3+git.0.83ce51d9c-1.1 on GA media
openSUSE-SU-2026:10697-1: moderate: traefik-3.6.15-1.1 on GA media
SUSE-SU-2026:1753-1: important: Security update for 389-ds
# Security update for 389-ds
Announcement ID: SUSE-SU-2026:1753-1
Release Date: 2026-05-07T13:54:19Z
Rating: important
References:
* bsc#1258727
Cross-References:
* CVE-2025-14905
CVSS scores:
* CVE-2025-14905 ( SUSE ): 8.6
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-14905 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-14905 ( NVD ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Affected Products:
* openSUSE Leap 15.4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
An update that solves one vulnerability can now be installed.
## Description:
This update for 389-ds fixes the following issues:
Update to version 2.0.20~git89.937b1f291.
Security issues fixed:
* CVE-2025-14905: heap buffer overflow due to improper size calculation in
`schema_attr_enum_callback` callback (bsc#1258727).
Other updates and bugfixes:
* Issue 7224 - CI Test - Simplify `test_reserve_descriptor_validation`
(#7225).
* Issue 7189 - DSBLE0007 generates incorrect remediation commands for scan
limits.
* Issue 7172 - (2nd) Index ordering mismatch after upgrade (#7180).
* Issue 7172 - Index ordering mismatch after upgrade (#7173).
* Issue 7096 - During replication online total init the function
idl_id_is_in_idlist is not scaling with large database (#7145).
* Issue 7091 - Duplicate local password policy entries listed (#7092).
* Issue 7124 - BDB cursor race condition with transaction isolation (#7125).
* Issue 7121 - LeakSanitizer: various leaks during replication (#7122).
* Issue 7115 - LeakSanitizer: leak in `slapd_bind_local_user()` (#7116).
* Issue 7109 - AddressSanitizer: SEGV `ldap/servers/slapd/csnset.c:302` in
`csnset_dup` (#7114).
* Issue 7056 - DSBLE0007 doesn't generate remediation steps for missing
indexes.
* Issue 6846 - Attribute uniqueness is not enforced with modrdn (#7026).
* Issue 7055 - Online initialization of consumers fails with error `-23`
(#7075).
* Issue 7065 - A search filter containing a non normalized DN assertion does
not return matching entries (#7068).
* Issue 7032 - The new ipahealthcheck test
ipahealthcheck.ds.backends.BackendsCheck raises CRITICAL issue (#7036).
* Issue 6966 - On large DB, unlimited IDL scan limit reduce the SRCH
performance (#6967).
* Issue 6848 - AddressSanitizer: leak in `do_search`.
* Issue 6928 - The `parentId` attribute is indexed with improper matching
rule.
* Issue 6933 - When deferred `memberof` update is enabled after the server
crashed it should not launch memberof fixup task by default (#6935).
* Issue 6929 - Compilation failure with `rust-1.89` on Fedora ELN.
* Issue 6859 - `str2filter` is not fully applying matching rules.
* Issue 6857 - `uiduniq`: allow specifying match rules in the filter.
* Issue 6893 - Log user that is updated during password modify extended
operation.
* Issue 6680 - instance read-only mode is broken (#6681).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.4
zypper in -t patch SUSE-2026-1753=1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-1753=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-1753=1
* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-1753=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-1753=1
## Package List:
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64)
* 389-ds-devel-2.0.20~git89.937b1f291-150400.3.48.1
* libsvrcore0-debuginfo-2.0.20~git89.937b1f291-150400.3.48.1
* 389-ds-snmp-debuginfo-2.0.20~git89.937b1f291-150400.3.48.1
* 389-ds-debugsource-2.0.20~git89.937b1f291-150400.3.48.1
* lib389-2.0.20~git89.937b1f291-150400.3.48.1
* 389-ds-2.0.20~git89.937b1f291-150400.3.48.1
* 389-ds-debuginfo-2.0.20~git89.937b1f291-150400.3.48.1
* libsvrcore0-2.0.20~git89.937b1f291-150400.3.48.1
* 389-ds-snmp-2.0.20~git89.937b1f291-150400.3.48.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* 389-ds-devel-2.0.20~git89.937b1f291-150400.3.48.1
* libsvrcore0-debuginfo-2.0.20~git89.937b1f291-150400.3.48.1
* 389-ds-debugsource-2.0.20~git89.937b1f291-150400.3.48.1
* lib389-2.0.20~git89.937b1f291-150400.3.48.1
* 389-ds-2.0.20~git89.937b1f291-150400.3.48.1
* 389-ds-debuginfo-2.0.20~git89.937b1f291-150400.3.48.1
* libsvrcore0-2.0.20~git89.937b1f291-150400.3.48.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* 389-ds-devel-2.0.20~git89.937b1f291-150400.3.48.1
* libsvrcore0-debuginfo-2.0.20~git89.937b1f291-150400.3.48.1
* 389-ds-debugsource-2.0.20~git89.937b1f291-150400.3.48.1
* lib389-2.0.20~git89.937b1f291-150400.3.48.1
* 389-ds-2.0.20~git89.937b1f291-150400.3.48.1
* 389-ds-debuginfo-2.0.20~git89.937b1f291-150400.3.48.1
* libsvrcore0-2.0.20~git89.937b1f291-150400.3.48.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* 389-ds-devel-2.0.20~git89.937b1f291-150400.3.48.1
* libsvrcore0-debuginfo-2.0.20~git89.937b1f291-150400.3.48.1
* 389-ds-debugsource-2.0.20~git89.937b1f291-150400.3.48.1
* lib389-2.0.20~git89.937b1f291-150400.3.48.1
* 389-ds-2.0.20~git89.937b1f291-150400.3.48.1
* 389-ds-debuginfo-2.0.20~git89.937b1f291-150400.3.48.1
* libsvrcore0-2.0.20~git89.937b1f291-150400.3.48.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* 389-ds-devel-2.0.20~git89.937b1f291-150400.3.48.1
* libsvrcore0-debuginfo-2.0.20~git89.937b1f291-150400.3.48.1
* 389-ds-debugsource-2.0.20~git89.937b1f291-150400.3.48.1
* lib389-2.0.20~git89.937b1f291-150400.3.48.1
* 389-ds-2.0.20~git89.937b1f291-150400.3.48.1
* 389-ds-debuginfo-2.0.20~git89.937b1f291-150400.3.48.1
* libsvrcore0-2.0.20~git89.937b1f291-150400.3.48.1
## References:
* https://www.suse.com/security/cve/CVE-2025-14905.html
* https://bugzilla.suse.com/show_bug.cgi?id=1258727
SUSE-SU-2026:1755-1: important: Security update for freeipmi
# Security update for freeipmi
Announcement ID: SUSE-SU-2026:1755-1
Release Date: 2026-05-07T13:55:17Z
Rating: important
References:
* bsc#1260414
Cross-References:
* CVE-2026-33554
CVSS scores:
* CVE-2026-33554 ( SUSE ): 5.9
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2026-33554 ( SUSE ): 7.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H
* CVE-2026-33554 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
* Basesystem Module 15-SP7
* openSUSE Leap 15.4
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP6 LTSS
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7
An update that solves one vulnerability can now be installed.
## Description:
This update for freeipmi fixes the following issue:
* CVE-2026-33554: improper memory handling and data validation can lead to
stack buffer overflows and acceptance of malformed payloads/responses
(bsc#1260414).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.4
zypper in -t patch SUSE-2026-1755=1
* Basesystem Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-1755=1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-1755=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-1755=1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-1755=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-1755=1
* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-1755=1
* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-1755=1
* SUSE Linux Enterprise Server 15 SP6 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-1755=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-1755=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-1755=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-1755=1
## Package List:
* openSUSE Leap 15.4 (aarch64 x86_64 i586)
* freeipmi-1.6.8-150400.3.3.1
* freeipmi-ipmiseld-1.6.8-150400.3.3.1
* freeipmi-devel-1.6.8-150400.3.3.1
* freeipmi-debuginfo-1.6.8-150400.3.3.1
* libipmidetect0-1.6.8-150400.3.3.1
* libipmiconsole2-debuginfo-1.6.8-150400.3.3.1
* freeipmi-debugsource-1.6.8-150400.3.3.1
* libipmidetect0-debuginfo-1.6.8-150400.3.3.1
* libfreeipmi17-1.6.8-150400.3.3.1
* freeipmi-ipmiseld-debuginfo-1.6.8-150400.3.3.1
* libipmimonitoring6-debuginfo-1.6.8-150400.3.3.1
* freeipmi-bmc-watchdog-1.6.8-150400.3.3.1
* libipmiconsole2-1.6.8-150400.3.3.1
* freeipmi-ipmidetectd-debuginfo-1.6.8-150400.3.3.1
* freeipmi-bmc-watchdog-debuginfo-1.6.8-150400.3.3.1
* freeipmi-ipmidetectd-1.6.8-150400.3.3.1
* libipmimonitoring6-1.6.8-150400.3.3.1
* libfreeipmi17-debuginfo-1.6.8-150400.3.3.1
* Basesystem Module 15-SP7 (aarch64 x86_64)
* freeipmi-1.6.8-150400.3.3.1
* freeipmi-ipmiseld-1.6.8-150400.3.3.1
* freeipmi-devel-1.6.8-150400.3.3.1
* freeipmi-debuginfo-1.6.8-150400.3.3.1
* libipmidetect0-1.6.8-150400.3.3.1
* libipmiconsole2-debuginfo-1.6.8-150400.3.3.1
* freeipmi-debugsource-1.6.8-150400.3.3.1
* libipmidetect0-debuginfo-1.6.8-150400.3.3.1
* libfreeipmi17-1.6.8-150400.3.3.1
* libipmimonitoring6-debuginfo-1.6.8-150400.3.3.1
* libipmiconsole2-1.6.8-150400.3.3.1
* freeipmi-ipmiseld-debuginfo-1.6.8-150400.3.3.1
* libipmimonitoring6-1.6.8-150400.3.3.1
* libfreeipmi17-debuginfo-1.6.8-150400.3.3.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* freeipmi-1.6.8-150400.3.3.1
* freeipmi-ipmiseld-1.6.8-150400.3.3.1
* freeipmi-devel-1.6.8-150400.3.3.1
* freeipmi-debuginfo-1.6.8-150400.3.3.1
* libipmidetect0-1.6.8-150400.3.3.1
* libipmiconsole2-debuginfo-1.6.8-150400.3.3.1
* freeipmi-debugsource-1.6.8-150400.3.3.1
* libipmidetect0-debuginfo-1.6.8-150400.3.3.1
* libfreeipmi17-1.6.8-150400.3.3.1
* libipmimonitoring6-debuginfo-1.6.8-150400.3.3.1
* libipmiconsole2-1.6.8-150400.3.3.1
* freeipmi-ipmiseld-debuginfo-1.6.8-150400.3.3.1
* libipmimonitoring6-1.6.8-150400.3.3.1
* libfreeipmi17-debuginfo-1.6.8-150400.3.3.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* freeipmi-1.6.8-150400.3.3.1
* freeipmi-ipmiseld-1.6.8-150400.3.3.1
* freeipmi-devel-1.6.8-150400.3.3.1
* freeipmi-debuginfo-1.6.8-150400.3.3.1
* libipmidetect0-1.6.8-150400.3.3.1
* libipmiconsole2-debuginfo-1.6.8-150400.3.3.1
* freeipmi-debugsource-1.6.8-150400.3.3.1
* libipmidetect0-debuginfo-1.6.8-150400.3.3.1
* libfreeipmi17-1.6.8-150400.3.3.1
* libipmimonitoring6-debuginfo-1.6.8-150400.3.3.1
* libipmiconsole2-1.6.8-150400.3.3.1
* freeipmi-ipmiseld-debuginfo-1.6.8-150400.3.3.1
* libipmimonitoring6-1.6.8-150400.3.3.1
* libfreeipmi17-debuginfo-1.6.8-150400.3.3.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
x86_64)
* freeipmi-1.6.8-150400.3.3.1
* freeipmi-ipmiseld-1.6.8-150400.3.3.1
* freeipmi-devel-1.6.8-150400.3.3.1
* freeipmi-debuginfo-1.6.8-150400.3.3.1
* libipmidetect0-1.6.8-150400.3.3.1
* libipmiconsole2-debuginfo-1.6.8-150400.3.3.1
* freeipmi-debugsource-1.6.8-150400.3.3.1
* libipmidetect0-debuginfo-1.6.8-150400.3.3.1
* libfreeipmi17-1.6.8-150400.3.3.1
* libipmimonitoring6-debuginfo-1.6.8-150400.3.3.1
* libipmiconsole2-1.6.8-150400.3.3.1
* freeipmi-ipmiseld-debuginfo-1.6.8-150400.3.3.1
* libipmimonitoring6-1.6.8-150400.3.3.1
* libfreeipmi17-debuginfo-1.6.8-150400.3.3.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
x86_64)
* freeipmi-1.6.8-150400.3.3.1
* freeipmi-ipmiseld-1.6.8-150400.3.3.1
* freeipmi-devel-1.6.8-150400.3.3.1
* freeipmi-debuginfo-1.6.8-150400.3.3.1
* libipmidetect0-1.6.8-150400.3.3.1
* libipmiconsole2-debuginfo-1.6.8-150400.3.3.1
* freeipmi-debugsource-1.6.8-150400.3.3.1
* libipmidetect0-debuginfo-1.6.8-150400.3.3.1
* libfreeipmi17-1.6.8-150400.3.3.1
* libipmimonitoring6-debuginfo-1.6.8-150400.3.3.1
* libipmiconsole2-1.6.8-150400.3.3.1
* freeipmi-ipmiseld-debuginfo-1.6.8-150400.3.3.1
* libipmimonitoring6-1.6.8-150400.3.3.1
* libfreeipmi17-debuginfo-1.6.8-150400.3.3.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 x86_64)
* freeipmi-1.6.8-150400.3.3.1
* freeipmi-ipmiseld-1.6.8-150400.3.3.1
* freeipmi-devel-1.6.8-150400.3.3.1
* freeipmi-debuginfo-1.6.8-150400.3.3.1
* libipmidetect0-1.6.8-150400.3.3.1
* libipmiconsole2-debuginfo-1.6.8-150400.3.3.1
* freeipmi-debugsource-1.6.8-150400.3.3.1
* libipmidetect0-debuginfo-1.6.8-150400.3.3.1
* libfreeipmi17-1.6.8-150400.3.3.1
* libipmimonitoring6-debuginfo-1.6.8-150400.3.3.1
* libipmiconsole2-1.6.8-150400.3.3.1
* freeipmi-ipmiseld-debuginfo-1.6.8-150400.3.3.1
* libipmimonitoring6-1.6.8-150400.3.3.1
* libfreeipmi17-debuginfo-1.6.8-150400.3.3.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 x86_64)
* freeipmi-1.6.8-150400.3.3.1
* freeipmi-ipmiseld-1.6.8-150400.3.3.1
* freeipmi-devel-1.6.8-150400.3.3.1
* freeipmi-debuginfo-1.6.8-150400.3.3.1
* libipmidetect0-1.6.8-150400.3.3.1
* libipmiconsole2-debuginfo-1.6.8-150400.3.3.1
* freeipmi-debugsource-1.6.8-150400.3.3.1
* libipmidetect0-debuginfo-1.6.8-150400.3.3.1
* libfreeipmi17-1.6.8-150400.3.3.1
* libipmimonitoring6-debuginfo-1.6.8-150400.3.3.1
* libipmiconsole2-1.6.8-150400.3.3.1
* freeipmi-ipmiseld-debuginfo-1.6.8-150400.3.3.1
* libipmimonitoring6-1.6.8-150400.3.3.1
* libfreeipmi17-debuginfo-1.6.8-150400.3.3.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 x86_64)
* freeipmi-1.6.8-150400.3.3.1
* freeipmi-ipmiseld-1.6.8-150400.3.3.1
* freeipmi-devel-1.6.8-150400.3.3.1
* freeipmi-debuginfo-1.6.8-150400.3.3.1
* libipmidetect0-1.6.8-150400.3.3.1
* libipmiconsole2-debuginfo-1.6.8-150400.3.3.1
* freeipmi-debugsource-1.6.8-150400.3.3.1
* libipmidetect0-debuginfo-1.6.8-150400.3.3.1
* libfreeipmi17-1.6.8-150400.3.3.1
* libipmimonitoring6-debuginfo-1.6.8-150400.3.3.1
* libipmiconsole2-1.6.8-150400.3.3.1
* freeipmi-ipmiseld-debuginfo-1.6.8-150400.3.3.1
* libipmimonitoring6-1.6.8-150400.3.3.1
* libfreeipmi17-debuginfo-1.6.8-150400.3.3.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
* freeipmi-1.6.8-150400.3.3.1
* freeipmi-ipmiseld-1.6.8-150400.3.3.1
* freeipmi-devel-1.6.8-150400.3.3.1
* freeipmi-debuginfo-1.6.8-150400.3.3.1
* libipmidetect0-1.6.8-150400.3.3.1
* libipmiconsole2-debuginfo-1.6.8-150400.3.3.1
* freeipmi-debugsource-1.6.8-150400.3.3.1
* libipmidetect0-debuginfo-1.6.8-150400.3.3.1
* libfreeipmi17-1.6.8-150400.3.3.1
* libipmimonitoring6-debuginfo-1.6.8-150400.3.3.1
* libipmiconsole2-1.6.8-150400.3.3.1
* freeipmi-ipmiseld-debuginfo-1.6.8-150400.3.3.1
* libipmimonitoring6-1.6.8-150400.3.3.1
* libfreeipmi17-debuginfo-1.6.8-150400.3.3.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64)
* freeipmi-1.6.8-150400.3.3.1
* freeipmi-ipmiseld-1.6.8-150400.3.3.1
* freeipmi-devel-1.6.8-150400.3.3.1
* freeipmi-debuginfo-1.6.8-150400.3.3.1
* libipmidetect0-1.6.8-150400.3.3.1
* libipmiconsole2-debuginfo-1.6.8-150400.3.3.1
* freeipmi-debugsource-1.6.8-150400.3.3.1
* libipmidetect0-debuginfo-1.6.8-150400.3.3.1
* libfreeipmi17-1.6.8-150400.3.3.1
* libipmimonitoring6-debuginfo-1.6.8-150400.3.3.1
* libipmiconsole2-1.6.8-150400.3.3.1
* freeipmi-ipmiseld-debuginfo-1.6.8-150400.3.3.1
* libipmimonitoring6-1.6.8-150400.3.3.1
* libfreeipmi17-debuginfo-1.6.8-150400.3.3.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (x86_64)
* freeipmi-1.6.8-150400.3.3.1
* freeipmi-ipmiseld-1.6.8-150400.3.3.1
* freeipmi-devel-1.6.8-150400.3.3.1
* freeipmi-debuginfo-1.6.8-150400.3.3.1
* libipmidetect0-1.6.8-150400.3.3.1
* libipmiconsole2-debuginfo-1.6.8-150400.3.3.1
* freeipmi-debugsource-1.6.8-150400.3.3.1
* libipmidetect0-debuginfo-1.6.8-150400.3.3.1
* libfreeipmi17-1.6.8-150400.3.3.1
* libipmimonitoring6-debuginfo-1.6.8-150400.3.3.1
* libipmiconsole2-1.6.8-150400.3.3.1
* freeipmi-ipmiseld-debuginfo-1.6.8-150400.3.3.1
* libipmimonitoring6-1.6.8-150400.3.3.1
* libfreeipmi17-debuginfo-1.6.8-150400.3.3.1
## References:
* https://www.suse.com/security/cve/CVE-2026-33554.html
* https://bugzilla.suse.com/show_bug.cgi?id=1260414
SUSE-SU-2026:1744-1: moderate: Security update for python-pytest
# Security update for python-pytest
Announcement ID: SUSE-SU-2026:1744-1
Release Date: 2026-05-07T07:17:07Z
Rating: moderate
References:
* bsc#1257090
Cross-References:
* CVE-2025-71176
CVSS scores:
* CVE-2025-71176 ( SUSE ): 2.0
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:L
* CVE-2025-71176 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
* CVE-2025-71176 ( NVD ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
Affected Products:
* openSUSE Leap 15.4
* Python 3 Module 15-SP7
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP7
An update that solves one vulnerability can now be installed.
## Description:
This update for python-pytest fixes the following issue
* CVE-2025-71176: a TOCTOU race condition can cause a denial of service or
possibly gain privileges (bsc#1257090).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.4
zypper in -t patch SUSE-2026-1744=1
* Python 3 Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Python3-15-SP7-2026-1744=1
## Package List:
* openSUSE Leap 15.4 (noarch)
* python311-pytest-8.3.5-150400.3.15.1
* Python 3 Module 15-SP7 (noarch)
* python311-pytest-8.3.5-150400.3.15.1
## References:
* https://www.suse.com/security/cve/CVE-2025-71176.html
* https://bugzilla.suse.com/show_bug.cgi?id=1257090
SUSE-SU-2026:1732-1: important: Security update for java-17-openjdk
# Security update for java-17-openjdk
Announcement ID: SUSE-SU-2026:1732-1
Release Date: 2026-05-07T00:43:53Z
Rating: important
References:
* bsc#1259118
* bsc#1262490
* bsc#1262494
* bsc#1262495
* bsc#1262496
* bsc#1262497
* bsc#1262500
* bsc#1262501
* jsc#PED-15898
Cross-References:
* CVE-2026-22007
* CVE-2026-22013
* CVE-2026-22016
* CVE-2026-22018
* CVE-2026-22021
* CVE-2026-23865
* CVE-2026-34268
* CVE-2026-34282
CVSS scores:
* CVE-2026-22007 ( SUSE ): 2.1
CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2026-22007 ( SUSE ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2026-22007 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2026-22013 ( SUSE ): 6.0
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2026-22013 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
* CVE-2026-22013 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
* CVE-2026-22016 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2026-22016 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2026-22016 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2026-22018 ( SUSE ): 6.3
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2026-22018 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2026-22018 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2026-22021 ( SUSE ): 6.9
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2026-22021 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2026-22021 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2026-23865 ( SUSE ): 4.6
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2026-23865 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
* CVE-2026-23865 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
* CVE-2026-34268 ( SUSE ): 2.1
CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2026-34268 ( SUSE ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2026-34268 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2026-34282 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-34282 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-34282 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
* Legacy Module 15-SP7
* openSUSE Leap 15.4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP6 LTSS
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7
An update that solves eight vulnerabilities and contains one feature can now be
installed.
## Description:
This update for java-17-openjdk fixes the following issues:
Upgrade to upstream tag jdk-17.0.19+10 (April 2026 CPU).
Security issues fixed:
* CVE-2026-22007: Security: unauthenticated attacker with logon to the
infrastructure where java executes can gain unauthorized read access to a
subset of accessible data (bsc#1262490).
* CVE-2026-22013: JGSS: unauthenticated attacker with network access via
multiple protocols can gain unauthorized access to critical data
(bsc#1262494).
* CVE-2026-22016: JAXP: unauthenticated attacker with network access via
multiple protocols can gain unauthorized to access critical data
(bsc#1262495).
* CVE-2026-22018: Libraries: unauthenticated attacker with network access via
multiple protocols can cause a partial denial of service (bsc#1262496).
* CVE-2026-22021: JSSE: unauthenticated attacker with network access via HTTPS
can cause a partial denial of service (bsc#1262497).
* CVE-2026-23865: freetype2: integer overflow in the
`tt_var_load_item_variation_store` function allows for an out-of-bounds read
when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts(bsc#1259118).
* CVE-2026-34268: Security: unauthenticated attacker with logon to the
infrastructure where java executes can gain unauthorized read access to a
subset of data (bsc#1262500).
* CVE-2026-34282: Networking: unauthenticated attacker with network access via
multiple protocols can cause a hang or frequently repeatable crash
(bsc#1262501).
Other updates and bugfixes:
* Provide the timezone-java and tzdata-java (jsc#PED-15898).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.4
zypper in -t patch SUSE-2026-1732=1
* Legacy Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Legacy-15-SP7-2026-1732=1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-1732=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-1732=1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-1732=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-1732=1
* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-1732=1
* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-1732=1
* SUSE Linux Enterprise Server 15 SP6 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-1732=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-1732=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-1732=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-1732=1
## Package List:
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* java-17-openjdk-debugsource-17.0.19.0-150400.3.66.2
* java-17-openjdk-debuginfo-17.0.19.0-150400.3.66.2
* java-17-openjdk-headless-debuginfo-17.0.19.0-150400.3.66.2
* java-17-openjdk-devel-debuginfo-17.0.19.0-150400.3.66.2
* java-17-openjdk-src-17.0.19.0-150400.3.66.2
* java-17-openjdk-devel-17.0.19.0-150400.3.66.2
* java-17-openjdk-jmods-17.0.19.0-150400.3.66.2
* java-17-openjdk-17.0.19.0-150400.3.66.2
* java-17-openjdk-demo-17.0.19.0-150400.3.66.2
* java-17-openjdk-headless-17.0.19.0-150400.3.66.2
* openSUSE Leap 15.4 (noarch)
* java-17-openjdk-javadoc-17.0.19.0-150400.3.66.2
* Legacy Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* java-17-openjdk-debugsource-17.0.19.0-150400.3.66.2
* java-17-openjdk-debuginfo-17.0.19.0-150400.3.66.2
* java-17-openjdk-headless-debuginfo-17.0.19.0-150400.3.66.2
* java-17-openjdk-devel-debuginfo-17.0.19.0-150400.3.66.2
* java-17-openjdk-devel-17.0.19.0-150400.3.66.2
* java-17-openjdk-17.0.19.0-150400.3.66.2
* java-17-openjdk-demo-17.0.19.0-150400.3.66.2
* java-17-openjdk-headless-17.0.19.0-150400.3.66.2
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* java-17-openjdk-debugsource-17.0.19.0-150400.3.66.2
* java-17-openjdk-debuginfo-17.0.19.0-150400.3.66.2
* java-17-openjdk-headless-debuginfo-17.0.19.0-150400.3.66.2
* java-17-openjdk-devel-debuginfo-17.0.19.0-150400.3.66.2
* java-17-openjdk-devel-17.0.19.0-150400.3.66.2
* java-17-openjdk-17.0.19.0-150400.3.66.2
* java-17-openjdk-demo-17.0.19.0-150400.3.66.2
* java-17-openjdk-headless-17.0.19.0-150400.3.66.2
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* java-17-openjdk-debugsource-17.0.19.0-150400.3.66.2
* java-17-openjdk-debuginfo-17.0.19.0-150400.3.66.2
* java-17-openjdk-headless-debuginfo-17.0.19.0-150400.3.66.2
* java-17-openjdk-devel-debuginfo-17.0.19.0-150400.3.66.2
* java-17-openjdk-devel-17.0.19.0-150400.3.66.2
* java-17-openjdk-17.0.19.0-150400.3.66.2
* java-17-openjdk-demo-17.0.19.0-150400.3.66.2
* java-17-openjdk-headless-17.0.19.0-150400.3.66.2
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
x86_64)
* java-17-openjdk-debugsource-17.0.19.0-150400.3.66.2
* java-17-openjdk-debuginfo-17.0.19.0-150400.3.66.2
* java-17-openjdk-headless-debuginfo-17.0.19.0-150400.3.66.2
* java-17-openjdk-devel-debuginfo-17.0.19.0-150400.3.66.2
* java-17-openjdk-devel-17.0.19.0-150400.3.66.2
* java-17-openjdk-17.0.19.0-150400.3.66.2
* java-17-openjdk-demo-17.0.19.0-150400.3.66.2
* java-17-openjdk-headless-17.0.19.0-150400.3.66.2
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
x86_64)
* java-17-openjdk-debugsource-17.0.19.0-150400.3.66.2
* java-17-openjdk-debuginfo-17.0.19.0-150400.3.66.2
* java-17-openjdk-headless-debuginfo-17.0.19.0-150400.3.66.2
* java-17-openjdk-devel-debuginfo-17.0.19.0-150400.3.66.2
* java-17-openjdk-devel-17.0.19.0-150400.3.66.2
* java-17-openjdk-17.0.19.0-150400.3.66.2
* java-17-openjdk-demo-17.0.19.0-150400.3.66.2
* java-17-openjdk-headless-17.0.19.0-150400.3.66.2
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* java-17-openjdk-debugsource-17.0.19.0-150400.3.66.2
* java-17-openjdk-debuginfo-17.0.19.0-150400.3.66.2
* java-17-openjdk-headless-debuginfo-17.0.19.0-150400.3.66.2
* java-17-openjdk-devel-debuginfo-17.0.19.0-150400.3.66.2
* java-17-openjdk-devel-17.0.19.0-150400.3.66.2
* java-17-openjdk-17.0.19.0-150400.3.66.2
* java-17-openjdk-demo-17.0.19.0-150400.3.66.2
* java-17-openjdk-headless-17.0.19.0-150400.3.66.2
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* java-17-openjdk-debugsource-17.0.19.0-150400.3.66.2
* java-17-openjdk-debuginfo-17.0.19.0-150400.3.66.2
* java-17-openjdk-headless-debuginfo-17.0.19.0-150400.3.66.2
* java-17-openjdk-devel-debuginfo-17.0.19.0-150400.3.66.2
* java-17-openjdk-devel-17.0.19.0-150400.3.66.2
* java-17-openjdk-17.0.19.0-150400.3.66.2
* java-17-openjdk-demo-17.0.19.0-150400.3.66.2
* java-17-openjdk-headless-17.0.19.0-150400.3.66.2
* SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64)
* java-17-openjdk-debugsource-17.0.19.0-150400.3.66.2
* java-17-openjdk-debuginfo-17.0.19.0-150400.3.66.2
* java-17-openjdk-headless-debuginfo-17.0.19.0-150400.3.66.2
* java-17-openjdk-devel-debuginfo-17.0.19.0-150400.3.66.2
* java-17-openjdk-devel-17.0.19.0-150400.3.66.2
* java-17-openjdk-17.0.19.0-150400.3.66.2
* java-17-openjdk-demo-17.0.19.0-150400.3.66.2
* java-17-openjdk-headless-17.0.19.0-150400.3.66.2
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* java-17-openjdk-debugsource-17.0.19.0-150400.3.66.2
* java-17-openjdk-debuginfo-17.0.19.0-150400.3.66.2
* java-17-openjdk-headless-debuginfo-17.0.19.0-150400.3.66.2
* java-17-openjdk-devel-debuginfo-17.0.19.0-150400.3.66.2
* java-17-openjdk-devel-17.0.19.0-150400.3.66.2
* java-17-openjdk-17.0.19.0-150400.3.66.2
* java-17-openjdk-demo-17.0.19.0-150400.3.66.2
* java-17-openjdk-headless-17.0.19.0-150400.3.66.2
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* java-17-openjdk-debugsource-17.0.19.0-150400.3.66.2
* java-17-openjdk-debuginfo-17.0.19.0-150400.3.66.2
* java-17-openjdk-headless-debuginfo-17.0.19.0-150400.3.66.2
* java-17-openjdk-devel-debuginfo-17.0.19.0-150400.3.66.2
* java-17-openjdk-devel-17.0.19.0-150400.3.66.2
* java-17-openjdk-17.0.19.0-150400.3.66.2
* java-17-openjdk-demo-17.0.19.0-150400.3.66.2
* java-17-openjdk-headless-17.0.19.0-150400.3.66.2
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64)
* java-17-openjdk-debugsource-17.0.19.0-150400.3.66.2
* java-17-openjdk-debuginfo-17.0.19.0-150400.3.66.2
* java-17-openjdk-headless-debuginfo-17.0.19.0-150400.3.66.2
* java-17-openjdk-devel-debuginfo-17.0.19.0-150400.3.66.2
* java-17-openjdk-devel-17.0.19.0-150400.3.66.2
* java-17-openjdk-17.0.19.0-150400.3.66.2
* java-17-openjdk-demo-17.0.19.0-150400.3.66.2
* java-17-openjdk-headless-17.0.19.0-150400.3.66.2
## References:
* https://www.suse.com/security/cve/CVE-2026-22007.html
* https://www.suse.com/security/cve/CVE-2026-22013.html
* https://www.suse.com/security/cve/CVE-2026-22016.html
* https://www.suse.com/security/cve/CVE-2026-22018.html
* https://www.suse.com/security/cve/CVE-2026-22021.html
* https://www.suse.com/security/cve/CVE-2026-23865.html
* https://www.suse.com/security/cve/CVE-2026-34268.html
* https://www.suse.com/security/cve/CVE-2026-34282.html
* https://bugzilla.suse.com/show_bug.cgi?id=1259118
* https://bugzilla.suse.com/show_bug.cgi?id=1262490
* https://bugzilla.suse.com/show_bug.cgi?id=1262494
* https://bugzilla.suse.com/show_bug.cgi?id=1262495
* https://bugzilla.suse.com/show_bug.cgi?id=1262496
* https://bugzilla.suse.com/show_bug.cgi?id=1262497
* https://bugzilla.suse.com/show_bug.cgi?id=1262500
* https://bugzilla.suse.com/show_bug.cgi?id=1262501
* https://jira.suse.com/browse/PED-15898
SUSE-SU-2026:1740-1: moderate: Security update for python-Django
# Security update for python-Django
Announcement ID: SUSE-SU-2026:1740-1
Release Date: 2026-05-07T07:00:33Z
Rating: moderate
References:
* bsc#1261722
* bsc#1261724
* bsc#1261729
* bsc#1261731
* bsc#1261732
* bsc#1264152
* bsc#1264153
* bsc#1264154
Cross-References:
* CVE-2026-33033
* CVE-2026-33034
* CVE-2026-35192
* CVE-2026-3902
* CVE-2026-4277
* CVE-2026-4292
* CVE-2026-5766
* CVE-2026-6907
CVSS scores:
* CVE-2026-33033 ( SUSE ): 6.9
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2026-33033 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2026-33033 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-33034 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2026-33034 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-35192 ( SUSE ): 2.3
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2026-35192 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N
* CVE-2026-35192 ( NVD ): 2.3
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-35192 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
* CVE-2026-3902 ( SUSE ): 6.9
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2026-3902 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
* CVE-2026-3902 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
* CVE-2026-4277 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
* CVE-2026-4277 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-4292 ( SUSE ): 2.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
* CVE-2026-4292 ( NVD ): 2.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
* CVE-2026-5766 ( SUSE ): 6.9
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2026-5766 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2026-5766 ( NVD ): 6.3
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-5766 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2026-6907 ( SUSE ): 5.3
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2026-6907 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
* CVE-2026-6907 ( NVD ): 2.3
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-6907 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
* CVE-2026-6907 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Affected Products:
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP7
* SUSE Package Hub 15 15-SP7
An update that solves eight vulnerabilities can now be installed.
## Description:
This update for python-Django fixes the following issues
* CVE-2026-3902: headers spoofing by exploiting an ambiguous mapping of two
header variants in `ASGIRequest` requests (bsc#1261729).
* CVE-2026-4277: permissions on inline model instances were not validated on
submission of forged POST data in GenericInlineModelAdmin (bsc#1261731).
* CVE-2026-4292: admin changelist forms using ModelAdmin.list_editable
incorrectly allowed new instances to be created via forged POST data
(bsc#1261732).
* CVE-2026-5766: potential denial-of-service vulnerability in ASGI requests
via file upload limit bypass (bsc#1264153).
* CVE-2026-6907: potential exposure of private data due to incorrect handling
of `Vary: *` in `UpdateCacheMiddleware` (bsc#1264152).
* CVE-2026-33033: denial of service via missing or understated Content-Length
header in ASGI requests (bsc#1261722).
* CVE-2026-33034: ASGI requests with a missing or understated Content-Length
header could bypass the `DATA_UPLOAD_MAX_MEMORY_SIZE` limit when reading
HttpRequest.body (bsc#1261724).
* CVE-2026-35192: session fixation via public cached pages and
`SESSION_SAVE_EVERY_REQUEST` (bsc#1264154).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.6
zypper in -t patch SUSE-2026-1740=1
* SUSE Package Hub 15 15-SP7
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-1740=1
## Package List:
* openSUSE Leap 15.6 (noarch)
* python311-Django-4.2.11-150600.3.56.1
* SUSE Package Hub 15 15-SP7 (noarch)
* python311-Django-4.2.11-150600.3.56.1
## References:
* https://www.suse.com/security/cve/CVE-2026-33033.html
* https://www.suse.com/security/cve/CVE-2026-33034.html
* https://www.suse.com/security/cve/CVE-2026-35192.html
* https://www.suse.com/security/cve/CVE-2026-3902.html
* https://www.suse.com/security/cve/CVE-2026-4277.html
* https://www.suse.com/security/cve/CVE-2026-4292.html
* https://www.suse.com/security/cve/CVE-2026-5766.html
* https://www.suse.com/security/cve/CVE-2026-6907.html
* https://bugzilla.suse.com/show_bug.cgi?id=1261722
* https://bugzilla.suse.com/show_bug.cgi?id=1261724
* https://bugzilla.suse.com/show_bug.cgi?id=1261729
* https://bugzilla.suse.com/show_bug.cgi?id=1261731
* https://bugzilla.suse.com/show_bug.cgi?id=1261732
* https://bugzilla.suse.com/show_bug.cgi?id=1264152
* https://bugzilla.suse.com/show_bug.cgi?id=1264153
* https://bugzilla.suse.com/show_bug.cgi?id=1264154
SUSE-SU-2026:1749-1: moderate: Security update for webkit2gtk3
# Security update for webkit2gtk3
Announcement ID: SUSE-SU-2026:1749-1
Release Date: 2026-05-07T10:49:01Z
Rating: moderate
References:
* bsc#1261172
* bsc#1261173
* bsc#1261174
* bsc#1261175
* bsc#1261176
* bsc#1261177
* bsc#1261178
* bsc#1261179
Cross-References:
* CVE-2026-20643
* CVE-2026-20664
* CVE-2026-20665
* CVE-2026-20691
* CVE-2026-28857
* CVE-2026-28859
* CVE-2026-28861
* CVE-2026-28871
CVSS scores:
* CVE-2026-20643 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
* CVE-2026-20643 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
* CVE-2026-20664 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2026-20664 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2026-20665 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
* CVE-2026-20665 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
* CVE-2026-20691 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
* CVE-2026-20691 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
* CVE-2026-28857 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2026-28857 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2026-28859 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
* CVE-2026-28859 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
* CVE-2026-28861 ( SUSE ): 4.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N
* CVE-2026-28861 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
* CVE-2026-28871 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
* CVE-2026-28871 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Affected Products:
* openSUSE Leap 15.4
An update that solves eight vulnerabilities can now be installed.
## Description:
This update for webkit2gtk3 fixes the following issues:
Update to version 2.52.1.
Security issues fixed:
* CVE-2026-20643: processing maliciously crafted web content may bypass Same
Origin Policy (bsc#1261172).
* CVE-2026-20664: processing maliciously crafted web content may lead to an
unexpected process crash (bsc#1261173).
* CVE-2026-20665: processing maliciously crafted web content may prevent
Content Security Policy from being enforced (bsc#1261174).
* CVE-2026-20691: a maliciously crafted webpage may be able to fingerprint the
user (bsc#1261175).
* CVE-2026-28857: processing maliciously crafted web content may lead to an
unexpected process crash (bsc#1261176).
* CVE-2026-28859: a malicious website may be able to process restricted web
content outside the sandbox (bsc#1261177).
* CVE-2026-28861: a malicious website may be able to access script message
handlers intended for other origins (bsc#1261178).
* CVE-2026-28871: visiting a maliciously crafted website may lead to a cross-
site scripting attack (bsc#1261179).
Other updates and bugfixes:
* Reduce the amount of useless MPRIS notifications produced by MediaSession
when the information about media being played is incomplete.
* Support turning off USE_GSTREAMER to configure the build with all multimedia
features disabled.
* Add Sysprof marks for mouse events.
* Fix MediaSession icon for iheart.com not being displayed.
* Fix the build with USE_GSTREAMER_GL disabled.
* Fix the build with librice version 0.3.0 or newer.
* Fix several crashes and rendering issues.
* Translation updates: Georgian.
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.4
zypper in -t patch SUSE-2026-1749=1
## Package List:
* openSUSE Leap 15.4 (noarch)
* WebKitGTK-4.1-lang-2.52.1-150400.4.140.2
* WebKitGTK-6.0-lang-2.52.1-150400.4.140.2
* WebKitGTK-4.0-lang-2.52.1-150400.4.140.2
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* webkit-jsc-4-debuginfo-2.52.1-150400.4.140.2
* typelib-1_0-JavaScriptCore-4_0-2.52.1-150400.4.140.2
* webkit2gtk4-minibrowser-2.52.1-150400.4.140.2
* webkit2gtk-4_0-injected-bundles-2.52.1-150400.4.140.2
* libwebkitgtk-6_0-4-debuginfo-2.52.1-150400.4.140.2
* webkit2gtk4-debugsource-2.52.1-150400.4.140.2
* typelib-1_0-WebKit2-4_0-2.52.1-150400.4.140.2
* webkit2gtk4-devel-2.52.1-150400.4.140.2
* webkit-jsc-4-2.52.1-150400.4.140.2
* webkit2gtk3-soup2-minibrowser-debuginfo-2.52.1-150400.4.140.2
* typelib-1_0-JavaScriptCore-6_0-2.52.1-150400.4.140.2
* webkit2gtk-4_1-injected-bundles-debuginfo-2.52.1-150400.4.140.2
* webkit2gtk3-soup2-minibrowser-2.52.1-150400.4.140.2
* typelib-1_0-JavaScriptCore-4_1-2.52.1-150400.4.140.2
* libjavascriptcoregtk-4_1-0-2.52.1-150400.4.140.2
* libjavascriptcoregtk-6_0-1-2.52.1-150400.4.140.2
* webkit2gtk3-devel-2.52.1-150400.4.140.2
* typelib-1_0-WebKit2WebExtension-4_1-2.52.1-150400.4.140.2
* libwebkit2gtk-4_0-37-debuginfo-2.52.1-150400.4.140.2
* libjavascriptcoregtk-4_1-0-debuginfo-2.52.1-150400.4.140.2
* libjavascriptcoregtk-6_0-1-debuginfo-2.52.1-150400.4.140.2
* webkitgtk-6_0-injected-bundles-debuginfo-2.52.1-150400.4.140.2
* webkit-jsc-4.1-debuginfo-2.52.1-150400.4.140.2
* webkit-jsc-6.0-debuginfo-2.52.1-150400.4.140.2
* webkit2gtk3-soup2-debugsource-2.52.1-150400.4.140.2
* libjavascriptcoregtk-4_0-18-2.52.1-150400.4.140.2
* libwebkitgtk-6_0-4-2.52.1-150400.4.140.2
* libwebkit2gtk-4_1-0-2.52.1-150400.4.140.2
* webkit2gtk4-minibrowser-debuginfo-2.52.1-150400.4.140.2
* libwebkit2gtk-4_0-37-2.52.1-150400.4.140.2
* libwebkit2gtk-4_1-0-debuginfo-2.52.1-150400.4.140.2
* webkit2gtk-4_1-injected-bundles-2.52.1-150400.4.140.2
* typelib-1_0-WebKit2-4_1-2.52.1-150400.4.140.2
* typelib-1_0-WebKit-6_0-2.52.1-150400.4.140.2
* typelib-1_0-WebKitWebProcessExtension-6_0-2.52.1-150400.4.140.2
* webkitgtk-6_0-injected-bundles-2.52.1-150400.4.140.2
* libjavascriptcoregtk-4_0-18-debuginfo-2.52.1-150400.4.140.2
* webkit2gtk3-minibrowser-2.52.1-150400.4.140.2
* typelib-1_0-WebKit2WebExtension-4_0-2.52.1-150400.4.140.2
* webkit2gtk-4_0-injected-bundles-debuginfo-2.52.1-150400.4.140.2
* webkit-jsc-4.1-2.52.1-150400.4.140.2
* webkit2gtk3-debugsource-2.52.1-150400.4.140.2
* webkit2gtk3-minibrowser-debuginfo-2.52.1-150400.4.140.2
* webkit2gtk3-soup2-devel-2.52.1-150400.4.140.2
* webkit-jsc-6.0-2.52.1-150400.4.140.2
* openSUSE Leap 15.4 (x86_64)
* libwebkit2gtk-4_0-37-32bit-debuginfo-2.52.1-150400.4.140.2
* libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.52.1-150400.4.140.2
* libwebkit2gtk-4_1-0-32bit-2.52.1-150400.4.140.2
* libjavascriptcoregtk-4_0-18-32bit-2.52.1-150400.4.140.2
* libwebkit2gtk-4_1-0-32bit-debuginfo-2.52.1-150400.4.140.2
* libjavascriptcoregtk-4_1-0-32bit-2.52.1-150400.4.140.2
* libjavascriptcoregtk-4_1-0-32bit-debuginfo-2.52.1-150400.4.140.2
* libwebkit2gtk-4_0-37-32bit-2.52.1-150400.4.140.2
* openSUSE Leap 15.4 (aarch64_ilp32)
* libwebkit2gtk-4_0-37-64bit-2.52.1-150400.4.140.2
* libjavascriptcoregtk-4_1-0-64bit-2.52.1-150400.4.140.2
* libjavascriptcoregtk-4_0-18-64bit-debuginfo-2.52.1-150400.4.140.2
* libwebkit2gtk-4_0-37-64bit-debuginfo-2.52.1-150400.4.140.2
* libjavascriptcoregtk-4_0-18-64bit-2.52.1-150400.4.140.2
* libjavascriptcoregtk-4_1-0-64bit-debuginfo-2.52.1-150400.4.140.2
* libwebkit2gtk-4_1-0-64bit-2.52.1-150400.4.140.2
* libwebkit2gtk-4_1-0-64bit-debuginfo-2.52.1-150400.4.140.2
## References:
* https://www.suse.com/security/cve/CVE-2026-20643.html
* https://www.suse.com/security/cve/CVE-2026-20664.html
* https://www.suse.com/security/cve/CVE-2026-20665.html
* https://www.suse.com/security/cve/CVE-2026-20691.html
* https://www.suse.com/security/cve/CVE-2026-28857.html
* https://www.suse.com/security/cve/CVE-2026-28859.html
* https://www.suse.com/security/cve/CVE-2026-28861.html
* https://www.suse.com/security/cve/CVE-2026-28871.html
* https://bugzilla.suse.com/show_bug.cgi?id=1261172
* https://bugzilla.suse.com/show_bug.cgi?id=1261173
* https://bugzilla.suse.com/show_bug.cgi?id=1261174
* https://bugzilla.suse.com/show_bug.cgi?id=1261175
* https://bugzilla.suse.com/show_bug.cgi?id=1261176
* https://bugzilla.suse.com/show_bug.cgi?id=1261177
* https://bugzilla.suse.com/show_bug.cgi?id=1261178
* https://bugzilla.suse.com/show_bug.cgi?id=1261179
SUSE-SU-2026:1750-1: important: Security update for librsvg
# Security update for librsvg
Announcement ID: SUSE-SU-2026:1750-1
Release Date: 2026-05-07T11:52:26Z
Rating: important
References:
* bsc#1257922
Cross-References:
* CVE-2026-25727
CVSS scores:
* CVE-2026-25727 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-25727 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-25727 ( NVD ): 6.8
CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-25727 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products:
* Basesystem Module 15-SP7
* Desktop Applications Module 15-SP7
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP6 LTSS
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7
An update that solves one vulnerability can now be installed.
## Description:
This update for librsvg fixes the following issue:
* CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date
parser can lead to stack exhaustion (bsc#1257922).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.6
zypper in -t patch SUSE-2026-1750=1
* Basesystem Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-1750=1
* Desktop Applications Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP7-2026-1750=1
* SUSE Linux Enterprise Server 15 SP6 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-1750=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-1750=1
## Package List:
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* rsvg-convert-debuginfo-2.57.4-150600.3.8.2
* rsvg-convert-2.57.4-150600.3.8.2
* librsvg-debugsource-2.57.4-150600.3.8.2
* gdk-pixbuf-loader-rsvg-2.57.4-150600.3.8.2
* librsvg-2-2-debuginfo-2.57.4-150600.3.8.2
* gdk-pixbuf-loader-rsvg-debuginfo-2.57.4-150600.3.8.2
* librsvg-devel-2.57.4-150600.3.8.2
* typelib-1_0-Rsvg-2_0-2.57.4-150600.3.8.2
* librsvg-2-2-2.57.4-150600.3.8.2
* openSUSE Leap 15.6 (noarch)
* rsvg-thumbnailer-2.57.4-150600.3.8.2
* openSUSE Leap 15.6 (aarch64_ilp32)
* librsvg-2-2-64bit-debuginfo-2.57.4-150600.3.8.2
* gdk-pixbuf-loader-rsvg-64bit-debuginfo-2.57.4-150600.3.8.2
* gdk-pixbuf-loader-rsvg-64bit-2.57.4-150600.3.8.2
* librsvg-2-2-64bit-2.57.4-150600.3.8.2
* Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* librsvg-debugsource-2.57.4-150600.3.8.2
* gdk-pixbuf-loader-rsvg-2.57.4-150600.3.8.2
* librsvg-2-2-debuginfo-2.57.4-150600.3.8.2
* gdk-pixbuf-loader-rsvg-debuginfo-2.57.4-150600.3.8.2
* librsvg-2-2-2.57.4-150600.3.8.2
* Desktop Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* typelib-1_0-Rsvg-2_0-2.57.4-150600.3.8.2
* librsvg-devel-2.57.4-150600.3.8.2
* librsvg-debugsource-2.57.4-150600.3.8.2
* SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64)
* librsvg-debugsource-2.57.4-150600.3.8.2
* gdk-pixbuf-loader-rsvg-2.57.4-150600.3.8.2
* librsvg-2-2-debuginfo-2.57.4-150600.3.8.2
* gdk-pixbuf-loader-rsvg-debuginfo-2.57.4-150600.3.8.2
* librsvg-devel-2.57.4-150600.3.8.2
* typelib-1_0-Rsvg-2_0-2.57.4-150600.3.8.2
* librsvg-2-2-2.57.4-150600.3.8.2
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64)
* librsvg-debugsource-2.57.4-150600.3.8.2
* gdk-pixbuf-loader-rsvg-2.57.4-150600.3.8.2
* librsvg-2-2-debuginfo-2.57.4-150600.3.8.2
* gdk-pixbuf-loader-rsvg-debuginfo-2.57.4-150600.3.8.2
* librsvg-devel-2.57.4-150600.3.8.2
* typelib-1_0-Rsvg-2_0-2.57.4-150600.3.8.2
* librsvg-2-2-2.57.4-150600.3.8.2
## References:
* https://www.suse.com/security/cve/CVE-2026-25727.html
* https://bugzilla.suse.com/show_bug.cgi?id=1257922
SUSE-SU-2026:1735-1: important: Security update for the Linux Kernel (Live Patch 20 for SUSE Linux Enterprise 15 SP6)
# Security update for the Linux Kernel (Live Patch 20 for SUSE Linux Enterprise
15 SP6)
Announcement ID: SUSE-SU-2026:1735-1
Release Date: 2026-05-07T02:34:47Z
Rating: important
References:
* bsc#1258005
* bsc#1258655
* bsc#1259126
* bsc#1263689
Cross-References:
* CVE-2025-71066
* CVE-2026-23004
* CVE-2026-23204
* CVE-2026-31431
CVSS scores:
* CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-23004 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-23204 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
* openSUSE Leap 15.4
* openSUSE Leap 15.6
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise Live Patching 15-SP4
* SUSE Linux Enterprise Live Patching 15-SP6
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Real Time 15 SP4
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
An update that solves four vulnerabilities can now be installed.
## Description:
This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.87 fixes
various security issues
The following security issues were fixed:
* CVE-2025-71066: net/sched: ets: Always remove class from active list before
deleting in ets_qdisc_change (bsc#1258005).
* CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and
rt_del_uncached_list() (bsc#1258655).
* CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful()
(bsc#1259126).
* CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place
(bsc#1263689).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* SUSE Linux Enterprise Live Patching 15-SP6
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2026-1727=1
* openSUSE Leap 15.4
zypper in -t patch SUSE-2026-1735=1
* SUSE Linux Enterprise Live Patching 15-SP4
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2026-1735=1
* openSUSE Leap 15.6
zypper in -t patch SUSE-2026-1727=1
## Package List:
* SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64)
* kernel-livepatch-SLE15-SP6_Update_20-debugsource-4-150600.2.1
* kernel-livepatch-6_4_0-150600_23_87-default-4-150600.2.1
* kernel-livepatch-6_4_0-150600_23_87-default-debuginfo-4-150600.2.1
* openSUSE Leap 15.4 (ppc64le s390x x86_64)
* kernel-livepatch-5_14_21-150400_24_194-default-debuginfo-4-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_48-debugsource-4-150400.2.1
* kernel-livepatch-5_14_21-150400_24_194-default-4-150400.2.1
* SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64)
* kernel-livepatch-5_14_21-150400_24_194-default-debuginfo-4-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_48-debugsource-4-150400.2.1
* kernel-livepatch-5_14_21-150400_24_194-default-4-150400.2.1
* openSUSE Leap 15.6 (ppc64le s390x x86_64)
* kernel-livepatch-SLE15-SP6_Update_20-debugsource-4-150600.2.1
* kernel-livepatch-6_4_0-150600_23_87-default-4-150600.2.1
* kernel-livepatch-6_4_0-150600_23_87-default-debuginfo-4-150600.2.1
## References:
* https://www.suse.com/security/cve/CVE-2025-71066.html
* https://www.suse.com/security/cve/CVE-2026-23004.html
* https://www.suse.com/security/cve/CVE-2026-23204.html
* https://www.suse.com/security/cve/CVE-2026-31431.html
* https://bugzilla.suse.com/show_bug.cgi?id=1258005
* https://bugzilla.suse.com/show_bug.cgi?id=1258655
* https://bugzilla.suse.com/show_bug.cgi?id=1259126
* https://bugzilla.suse.com/show_bug.cgi?id=1263689
SUSE-SU-2026:1728-1: important: Security update for the Linux Kernel (Live Patch 17 for SUSE Linux Enterprise 15 SP6)
# Security update for the Linux Kernel (Live Patch 17 for SUSE Linux Enterprise
15 SP6)
Announcement ID: SUSE-SU-2026:1728-1
Release Date: 2026-05-06T21:38:02Z
Rating: important
References:
* bsc#1252048
* bsc#1258005
* bsc#1258655
* bsc#1259126
* bsc#1263689
Cross-References:
* CVE-2025-39977
* CVE-2025-71066
* CVE-2026-23004
* CVE-2026-23204
* CVE-2026-31431
CVSS scores:
* CVE-2025-39977 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-23004 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-23204 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
* openSUSE Leap 15.6
* SUSE Linux Enterprise Live Patching 15-SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
An update that solves five vulnerabilities can now be installed.
## Description:
This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.78 fixes
various security issues
The following security issues were fixed:
* CVE-2025-39977: futex: Prevent use-after-free during requeue-PI
(bsc#1252048).
* CVE-2025-71066: net/sched: ets: Always remove class from active list before
deleting in ets_qdisc_change (bsc#1258005).
* CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and
rt_del_uncached_list() (bsc#1258655).
* CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful()
(bsc#1259126).
* CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place
(bsc#1263689).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.6
zypper in -t patch SUSE-2026-1728=1 SUSE-2026-1729=1
* SUSE Linux Enterprise Live Patching 15-SP6
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2026-1728=1 SUSE-SLE-
Module-Live-Patching-15-SP6-2026-1729=1
## Package List:
* openSUSE Leap 15.6 (ppc64le s390x x86_64)
* kernel-livepatch-6_4_0-150600_23_73-default-debuginfo-7-150600.2.1
* kernel-livepatch-6_4_0-150600_23_78-default-5-150600.2.1
* kernel-livepatch-SLE15-SP6_Update_17-debugsource-5-150600.2.1
* kernel-livepatch-SLE15-SP6_Update_16-debugsource-7-150600.2.1
* kernel-livepatch-6_4_0-150600_23_73-default-7-150600.2.1
* kernel-livepatch-6_4_0-150600_23_78-default-debuginfo-5-150600.2.1
* SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64)
* kernel-livepatch-6_4_0-150600_23_73-default-debuginfo-7-150600.2.1
* kernel-livepatch-6_4_0-150600_23_78-default-5-150600.2.1
* kernel-livepatch-SLE15-SP6_Update_17-debugsource-5-150600.2.1
* kernel-livepatch-SLE15-SP6_Update_16-debugsource-7-150600.2.1
* kernel-livepatch-6_4_0-150600_23_73-default-7-150600.2.1
* kernel-livepatch-6_4_0-150600_23_78-default-debuginfo-5-150600.2.1
## References:
* https://www.suse.com/security/cve/CVE-2025-39977.html
* https://www.suse.com/security/cve/CVE-2025-71066.html
* https://www.suse.com/security/cve/CVE-2026-23004.html
* https://www.suse.com/security/cve/CVE-2026-23204.html
* https://www.suse.com/security/cve/CVE-2026-31431.html
* https://bugzilla.suse.com/show_bug.cgi?id=1252048
* https://bugzilla.suse.com/show_bug.cgi?id=1258005
* https://bugzilla.suse.com/show_bug.cgi?id=1258655
* https://bugzilla.suse.com/show_bug.cgi?id=1259126
* https://bugzilla.suse.com/show_bug.cgi?id=1263689
SUSE-SU-2026:1736-1: important: Security update for the Linux Kernel (Live Patch 22 for SUSE Linux Enterprise 15 SP6)
# Security update for the Linux Kernel (Live Patch 22 for SUSE Linux Enterprise
15 SP6)
Announcement ID: SUSE-SU-2026:1736-1
Release Date: 2026-05-07T02:35:14Z
Rating: important
References:
* bsc#1263689
Cross-References:
* CVE-2026-31431
CVSS scores:
* CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
* openSUSE Leap 15.4
* openSUSE Leap 15.6
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise Live Patching 15-SP4
* SUSE Linux Enterprise Live Patching 15-SP6
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Real Time 15 SP4
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
An update that solves one vulnerability can now be installed.
## Description:
This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.95 fixes one
security issue
The following security issue was fixed:
* CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place
(bsc#1263689).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* SUSE Linux Enterprise Live Patching 15-SP4
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2026-1737=1 SUSE-SLE-
Module-Live-Patching-15-SP4-2026-1736=1
* openSUSE Leap 15.6
zypper in -t patch SUSE-2026-1730=1
* SUSE Linux Enterprise Live Patching 15-SP6
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2026-1730=1
* openSUSE Leap 15.4
zypper in -t patch SUSE-2026-1736=1 SUSE-2026-1737=1
## Package List:
* SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64)
* kernel-livepatch-5_14_21-150400_24_197-default-2-150400.2.1
* kernel-livepatch-5_14_21-150400_24_197-default-debuginfo-2-150400.2.1
* kernel-livepatch-5_14_21-150400_24_200-default-2-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_50-debugsource-2-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_49-debugsource-2-150400.2.1
* kernel-livepatch-5_14_21-150400_24_200-default-debuginfo-2-150400.2.1
* openSUSE Leap 15.6 (ppc64le s390x x86_64)
* kernel-livepatch-6_4_0-150600_23_95-default-debuginfo-2-150600.2.1
* kernel-livepatch-6_4_0-150600_23_95-default-2-150600.2.1
* kernel-livepatch-SLE15-SP6_Update_22-debugsource-2-150600.2.1
* SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64)
* kernel-livepatch-6_4_0-150600_23_95-default-debuginfo-2-150600.2.1
* kernel-livepatch-6_4_0-150600_23_95-default-2-150600.2.1
* kernel-livepatch-SLE15-SP6_Update_22-debugsource-2-150600.2.1
* openSUSE Leap 15.4 (ppc64le s390x x86_64)
* kernel-livepatch-5_14_21-150400_24_197-default-2-150400.2.1
* kernel-livepatch-5_14_21-150400_24_197-default-debuginfo-2-150400.2.1
* kernel-livepatch-5_14_21-150400_24_200-default-2-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_50-debugsource-2-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_49-debugsource-2-150400.2.1
* kernel-livepatch-5_14_21-150400_24_200-default-debuginfo-2-150400.2.1
## References:
* https://www.suse.com/security/cve/CVE-2026-31431.html
* https://bugzilla.suse.com/show_bug.cgi?id=1263689
SUSE-SU-2026:1733-1: important: Security update for the Linux Kernel (Live Patch 30 for SUSE Linux Enterprise 15 SP5)
# Security update for the Linux Kernel (Live Patch 30 for SUSE Linux Enterprise
15 SP5)
Announcement ID: SUSE-SU-2026:1733-1
Release Date: 2026-05-07T09:04:22Z
Rating: important
References:
* bsc#1252048
* bsc#1258005
* bsc#1258073
* bsc#1258655
* bsc#1259126
* bsc#1263689
Cross-References:
* CVE-2025-38375
* CVE-2025-39977
* CVE-2025-71066
* CVE-2026-23004
* CVE-2026-23204
* CVE-2026-31431
CVSS scores:
* CVE-2025-38375 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38375 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38375 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-39977 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-23004 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-23204 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
* openSUSE Leap 15.4
* openSUSE Leap 15.5
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Live Patching 15-SP4
* SUSE Linux Enterprise Live Patching 15-SP5
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
An update that solves six vulnerabilities can now be installed.
## Description:
This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.121 fixes
various security issues
The following security issues were fixed:
* CVE-2025-38375: virtio-net: ensure the received length does not exceed
allocated size (bsc#1258073).
* CVE-2025-39977: futex: Prevent use-after-free during requeue-PI
(bsc#1252048).
* CVE-2025-71066: net/sched: ets: Always remove class from active list before
deleting in ets_qdisc_change (bsc#1258005).
* CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and
rt_del_uncached_list() (bsc#1258655).
* CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful()
(bsc#1259126).
* CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place
(bsc#1263689).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.4
zypper in -t patch SUSE-2026-1733=1 SUSE-2026-1734=1
* SUSE Linux Enterprise Live Patching 15-SP4
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2026-1733=1 SUSE-SLE-
Module-Live-Patching-15-SP4-2026-1734=1
* openSUSE Leap 15.5
zypper in -t patch SUSE-2026-1739=1 SUSE-2026-1746=1 SUSE-2026-1747=1
SUSE-2026-1738=1
* SUSE Linux Enterprise Live Patching 15-SP5
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2026-1738=1 SUSE-SLE-
Module-Live-Patching-15-SP5-2026-1739=1 SUSE-SLE-Module-Live-
Patching-15-SP5-2026-1746=1 SUSE-SLE-Module-Live-Patching-15-SP5-2026-1747=1
## Package List:
* openSUSE Leap 15.4 (ppc64le s390x x86_64)
* kernel-livepatch-5_14_21-150400_24_184-default-6-150400.2.1
* kernel-livepatch-5_14_21-150400_24_176-default-12-150400.2.1
* kernel-livepatch-5_14_21-150400_24_184-default-debuginfo-6-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_46-debugsource-6-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_44-debugsource-12-150400.2.1
* kernel-livepatch-5_14_21-150400_24_176-default-debuginfo-12-150400.2.1
* SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64)
* kernel-livepatch-5_14_21-150400_24_184-default-6-150400.2.1
* kernel-livepatch-5_14_21-150400_24_176-default-12-150400.2.1
* kernel-livepatch-5_14_21-150400_24_184-default-debuginfo-6-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_46-debugsource-6-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_44-debugsource-12-150400.2.1
* kernel-livepatch-5_14_21-150400_24_176-default-debuginfo-12-150400.2.1
* openSUSE Leap 15.5 (ppc64le s390x x86_64)
* kernel-livepatch-5_14_21-150500_55_103-default-debuginfo-18-150500.2.1
* kernel-livepatch-SLE15-SP5_Update_29-debugsource-14-150500.2.1
* kernel-livepatch-SLE15-SP5_Update_26-debugsource-18-150500.2.1
* kernel-livepatch-5_14_21-150500_55_121-default-11-150500.2.1
* kernel-livepatch-SLE15-SP5_Update_27-debugsource-17-150500.2.1
* kernel-livepatch-5_14_21-150500_55_121-default-debuginfo-11-150500.2.1
* kernel-livepatch-5_14_21-150500_55_110-default-debuginfo-17-150500.2.1
* kernel-livepatch-5_14_21-150500_55_116-default-debuginfo-14-150500.2.1
* kernel-livepatch-SLE15-SP5_Update_30-debugsource-11-150500.2.1
* kernel-livepatch-5_14_21-150500_55_110-default-17-150500.2.1
* kernel-livepatch-5_14_21-150500_55_103-default-18-150500.2.1
* kernel-livepatch-5_14_21-150500_55_116-default-14-150500.2.1
* SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64)
* kernel-livepatch-5_14_21-150500_55_103-default-debuginfo-18-150500.2.1
* kernel-livepatch-SLE15-SP5_Update_26-debugsource-18-150500.2.1
* kernel-livepatch-5_14_21-150500_55_121-default-11-150500.2.1
* kernel-livepatch-SLE15-SP5_Update_27-debugsource-17-150500.2.1
* kernel-livepatch-5_14_21-150500_55_121-default-debuginfo-11-150500.2.1
* kernel-livepatch-5_14_21-150500_55_110-default-debuginfo-17-150500.2.1
* kernel-livepatch-5_14_21-150500_55_116-default-debuginfo-14-150500.2.1
* kernel-livepatch-SLE15-SP5_Update_30-debugsource-11-150500.2.1
* kernel-livepatch-5_14_21-150500_55_110-default-17-150500.2.1
* kernel-livepatch-5_14_21-150500_55_103-default-18-150500.2.1
* kernel-livepatch-5_14_21-150500_55_116-default-14-150500.2.1
* SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x)
* kernel-livepatch-SLE15-SP5_Update_29-debugsource-14-150500.2.1
## References:
* https://www.suse.com/security/cve/CVE-2025-38375.html
* https://www.suse.com/security/cve/CVE-2025-39977.html
* https://www.suse.com/security/cve/CVE-2025-71066.html
* https://www.suse.com/security/cve/CVE-2026-23004.html
* https://www.suse.com/security/cve/CVE-2026-23204.html
* https://www.suse.com/security/cve/CVE-2026-31431.html
* https://bugzilla.suse.com/show_bug.cgi?id=1252048
* https://bugzilla.suse.com/show_bug.cgi?id=1258005
* https://bugzilla.suse.com/show_bug.cgi?id=1258073
* https://bugzilla.suse.com/show_bug.cgi?id=1258655
* https://bugzilla.suse.com/show_bug.cgi?id=1259126
* https://bugzilla.suse.com/show_bug.cgi?id=1263689
openSUSE-SU-2026:10691-1: moderate: gnutls-3.8.13-1.1 on GA media
# gnutls-3.8.13-1.1 on GA media
Announcement ID: openSUSE-SU-2026:10691-1
Rating: moderate
Cross-References:
* CVE-2026-33845
* CVE-2026-33846
* CVE-2026-3832
* CVE-2026-3833
* CVE-2026-42009
* CVE-2026-42010
* CVE-2026-42011
* CVE-2026-42012
* CVE-2026-42013
* CVE-2026-42014
* CVE-2026-42015
* CVE-2026-5260
* CVE-2026-5419
Affected Products:
* openSUSE Tumbleweed
An update that solves 13 vulnerabilities can now be installed.
## Description:
These are all security issues fixed in the gnutls-3.8.13-1.1 package on the GA media of openSUSE Tumbleweed.
## Package List:
* openSUSE Tumbleweed:
* gnutls 3.8.13-1.1
* libgnutls-dane-devel 3.8.13-1.1
* libgnutls-dane0 3.8.13-1.1
* libgnutls-devel 3.8.13-1.1
* libgnutls-devel-32bit 3.8.13-1.1
* libgnutls-devel-doc 3.8.13-1.1
* libgnutls30 3.8.13-1.1
* libgnutls30-32bit 3.8.13-1.1
* libgnutlsxx-devel 3.8.13-1.1
* libgnutlsxx30 3.8.13-1.1
## References:
* https://www.suse.com/security/cve/CVE-2026-33845.html
* https://www.suse.com/security/cve/CVE-2026-33846.html
* https://www.suse.com/security/cve/CVE-2026-3832.html
* https://www.suse.com/security/cve/CVE-2026-3833.html
* https://www.suse.com/security/cve/CVE-2026-42009.html
* https://www.suse.com/security/cve/CVE-2026-42010.html
* https://www.suse.com/security/cve/CVE-2026-42011.html
* https://www.suse.com/security/cve/CVE-2026-42012.html
* https://www.suse.com/security/cve/CVE-2026-42013.html
* https://www.suse.com/security/cve/CVE-2026-42014.html
* https://www.suse.com/security/cve/CVE-2026-42015.html
* https://www.suse.com/security/cve/CVE-2026-5260.html
* https://www.suse.com/security/cve/CVE-2026-5419.html
openSUSE-SU-2026:10690-1: moderate: cri-tools-1.36.0-1.1 on GA media
# cri-tools-1.36.0-1.1 on GA media
Announcement ID: openSUSE-SU-2026:10690-1
Rating: moderate
Cross-References:
* CVE-2026-33186
CVSS scores:
* CVE-2026-33186 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
* CVE-2026-33186 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
Affected Products:
* openSUSE Tumbleweed
An update that solves one vulnerability can now be installed.
## Description:
These are all security issues fixed in the cri-tools-1.36.0-1.1 package on the GA media of openSUSE Tumbleweed.
## Package List:
* openSUSE Tumbleweed:
* cri-tools 1.36.0-1.1
## References:
* https://www.suse.com/security/cve/CVE-2026-33186.html
openSUSE-SU-2026:10696-1: moderate: nix-2.34.7-1.1 on GA media
# nix-2.34.7-1.1 on GA media
Announcement ID: openSUSE-SU-2026:10696-1
Rating: moderate
Cross-References:
* CVE-2026-44028
CVSS scores:
* CVE-2026-44028 ( SUSE ): 7.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N
Affected Products:
* openSUSE Tumbleweed
An update that solves one vulnerability can now be installed.
## Description:
These are all security issues fixed in the nix-2.34.7-1.1 package on the GA media of openSUSE Tumbleweed.
## Package List:
* openSUSE Tumbleweed:
* nix 2.34.7-1.1
* nix-bash-completion 2.34.7-1.1
* nix-devel 2.34.7-1.1
* nix-fish-completion 2.34.7-1.1
* nix-zsh-completion 2.34.7-1.1
## References:
* https://www.suse.com/security/cve/CVE-2026-44028.html
openSUSE-SU-2026:10692-1: moderate: grafana-11.6.14+security01-3.1 on GA media
# grafana-11.6.14+security01-3.1 on GA media
Announcement ID: openSUSE-SU-2026:10692-1
Rating: moderate
Cross-References:
* CVE-2026-41602
CVSS scores:
* CVE-2026-41602 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-41602 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Affected Products:
* openSUSE Tumbleweed
An update that solves one vulnerability can now be installed.
## Description:
These are all security issues fixed in the grafana-11.6.14+security01-3.1 package on the GA media of openSUSE Tumbleweed.
## Package List:
* openSUSE Tumbleweed:
* grafana 11.6.14+security01-3.1
## References:
* https://www.suse.com/security/cve/CVE-2026-41602.html
openSUSE-SU-2026:10694-1: moderate: libmariadbd-devel-11.8.6-1.1 on GA media
# libmariadbd-devel-11.8.6-1.1 on GA media
Announcement ID: openSUSE-SU-2026:10694-1
Rating: moderate
Cross-References:
* CVE-2026-32710
CVSS scores:
* CVE-2026-32710 ( SUSE ): 8.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
* CVE-2026-32710 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected Products:
* openSUSE Tumbleweed
An update that solves one vulnerability can now be installed.
## Description:
These are all security issues fixed in the libmariadbd-devel-11.8.6-1.1 package on the GA media of openSUSE Tumbleweed.
## Package List:
* openSUSE Tumbleweed:
* libmariadbd-devel 11.8.6-1.1
* libmariadbd19 11.8.6-1.1
* mariadb 11.8.6-1.1
* mariadb-bench 11.8.6-1.1
* mariadb-client 11.8.6-1.1
* mariadb-errormessages 11.8.6-1.1
* mariadb-galera 11.8.6-1.1
* mariadb-rpm-macros 11.8.6-1.1
* mariadb-test 11.8.6-1.1
* mariadb-tools 11.8.6-1.1
## References:
* https://www.suse.com/security/cve/CVE-2026-32710.html
openSUSE-SU-2026:10695-1: moderate: mutt-2.3.2-1.1 on GA media
# mutt-2.3.2-1.1 on GA media
Announcement ID: openSUSE-SU-2026:10695-1
Rating: moderate
Cross-References:
* CVE-2026-43859
* CVE-2026-43861
* CVE-2026-43862
* CVE-2026-43863
CVSS scores:
* CVE-2026-43859 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2026-43859 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2026-43861 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
* CVE-2026-43861 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2026-43862 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2026-43862 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2026-43863 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2026-43863 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
Affected Products:
* openSUSE Tumbleweed
An update that solves 4 vulnerabilities can now be installed.
## Description:
These are all security issues fixed in the mutt-2.3.2-1.1 package on the GA media of openSUSE Tumbleweed.
## Package List:
* openSUSE Tumbleweed:
* mutt 2.3.2-1.1
* mutt-doc 2.3.2-1.1
* mutt-lang 2.3.2-1.1
## References:
* https://www.suse.com/security/cve/CVE-2026-43859.html
* https://www.suse.com/security/cve/CVE-2026-43861.html
* https://www.suse.com/security/cve/CVE-2026-43862.html
* https://www.suse.com/security/cve/CVE-2026-43863.html
openSUSE-SU-2026:10689-1: moderate: chromedriver-148.0.7778.96-1.1 on GA media
# chromedriver-148.0.7778.96-1.1 on GA media
Announcement ID: openSUSE-SU-2026:10689-1
Rating: moderate
Cross-References:
* CVE-2026-7333
* CVE-2026-7334
* CVE-2026-7335
* CVE-2026-7336
* CVE-2026-7337
* CVE-2026-7338
* CVE-2026-7339
* CVE-2026-7340
* CVE-2026-7341
* CVE-2026-7342
* CVE-2026-7343
* CVE-2026-7344
* CVE-2026-7345
* CVE-2026-7346
* CVE-2026-7347
* CVE-2026-7348
* CVE-2026-7349
* CVE-2026-7350
* CVE-2026-7351
* CVE-2026-7352
* CVE-2026-7353
* CVE-2026-7354
* CVE-2026-7355
* CVE-2026-7356
* CVE-2026-7357
* CVE-2026-7358
* CVE-2026-7359
* CVE-2026-7360
* CVE-2026-7361
* CVE-2026-7363
Affected Products:
* openSUSE Tumbleweed
An update that solves 30 vulnerabilities can now be installed.
## Description:
These are all security issues fixed in the chromedriver-148.0.7778.96-1.1 package on the GA media of openSUSE Tumbleweed.
## Package List:
* openSUSE Tumbleweed:
* chromedriver 148.0.7778.96-1.1
* chromium 148.0.7778.96-1.1
## References:
* https://www.suse.com/security/cve/CVE-2026-7333.html
* https://www.suse.com/security/cve/CVE-2026-7334.html
* https://www.suse.com/security/cve/CVE-2026-7335.html
* https://www.suse.com/security/cve/CVE-2026-7336.html
* https://www.suse.com/security/cve/CVE-2026-7337.html
* https://www.suse.com/security/cve/CVE-2026-7338.html
* https://www.suse.com/security/cve/CVE-2026-7339.html
* https://www.suse.com/security/cve/CVE-2026-7340.html
* https://www.suse.com/security/cve/CVE-2026-7341.html
* https://www.suse.com/security/cve/CVE-2026-7342.html
* https://www.suse.com/security/cve/CVE-2026-7343.html
* https://www.suse.com/security/cve/CVE-2026-7344.html
* https://www.suse.com/security/cve/CVE-2026-7345.html
* https://www.suse.com/security/cve/CVE-2026-7346.html
* https://www.suse.com/security/cve/CVE-2026-7347.html
* https://www.suse.com/security/cve/CVE-2026-7348.html
* https://www.suse.com/security/cve/CVE-2026-7349.html
* https://www.suse.com/security/cve/CVE-2026-7350.html
* https://www.suse.com/security/cve/CVE-2026-7351.html
* https://www.suse.com/security/cve/CVE-2026-7352.html
* https://www.suse.com/security/cve/CVE-2026-7353.html
* https://www.suse.com/security/cve/CVE-2026-7354.html
* https://www.suse.com/security/cve/CVE-2026-7355.html
* https://www.suse.com/security/cve/CVE-2026-7356.html
* https://www.suse.com/security/cve/CVE-2026-7357.html
* https://www.suse.com/security/cve/CVE-2026-7358.html
* https://www.suse.com/security/cve/CVE-2026-7359.html
* https://www.suse.com/security/cve/CVE-2026-7360.html
* https://www.suse.com/security/cve/CVE-2026-7361.html
* https://www.suse.com/security/cve/CVE-2026-7363.html
openSUSE-SU-2026:10688-1: moderate: cf-cli-8.18.3+git.0.83ce51d9c-1.1 on GA media
# cf-cli-8.18.3+git.0.83ce51d9c-1.1 on GA media
Announcement ID: openSUSE-SU-2026:10688-1
Rating: moderate
Cross-References:
* CVE-2025-61729
CVSS scores:
* CVE-2025-61729 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-61729 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Affected Products:
* openSUSE Tumbleweed
An update that solves one vulnerability can now be installed.
## Description:
These are all security issues fixed in the cf-cli-8.18.3+git.0.83ce51d9c-1.1 package on the GA media of openSUSE Tumbleweed.
## Package List:
* openSUSE Tumbleweed:
* cf-cli 8.18.3+git.0.83ce51d9c-1.1
## References:
* https://www.suse.com/security/cve/CVE-2025-61729.html
openSUSE-SU-2026:10697-1: moderate: traefik-3.6.15-1.1 on GA media
# traefik-3.6.15-1.1 on GA media
Announcement ID: openSUSE-SU-2026:10697-1
Rating: moderate
Cross-References:
* CVE-2026-34986
* CVE-2026-35051
* CVE-2026-39858
* CVE-2026-40912
* CVE-2026-41174
* CVE-2026-41263
CVSS scores:
* CVE-2026-34986 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-34986 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Affected Products:
* openSUSE Tumbleweed
An update that solves 6 vulnerabilities can now be installed.
## Description:
These are all security issues fixed in the traefik-3.6.15-1.1 package on the GA media of openSUSE Tumbleweed.
## Package List:
* openSUSE Tumbleweed:
* traefik 3.6.15-1.1
## References:
* https://www.suse.com/security/cve/CVE-2026-34986.html
* https://www.suse.com/security/cve/CVE-2026-35051.html
* https://www.suse.com/security/cve/CVE-2026-39858.html
* https://www.suse.com/security/cve/CVE-2026-40912.html
* https://www.suse.com/security/cve/CVE-2026-41174.html
* https://www.suse.com/security/cve/CVE-2026-41263.html
