SUSE 5702 Published by

SUSE Linux distributions released a batch of security patches addressing hundreds of vulnerabilities across popular software like Chromium, Apache2, Podman, and OpenSSL. The announcements classify most updates as important or critical, with the Chromium patch resolving 433 distinct security flaws and the Apache2 update fixing thirteen separate buffer overflow and privilege escalation risks. Additional corrections target media players, container tools, and networking libraries to patch memory corruption issues, input validation bypasses, and denial-of-service conditions.

openSUSE-SU-2026:21267-1: moderate: Recommended update for mpv, libKPipeWireRecord6, ffmpegthumbs-kf5
openSUSE-SU-2026:21266-1: important: Security update for openQA, os-autoinst
openSUSE-SU-2026:21262-1: important: Security update for hauler
openSUSE-SU-2026:21254-1: important: Security update for go1.26-openssl
openSUSE-SU-2026:21252-1: important: Security update for clamav
openSUSE-SU-2026:21251-1: important: Security update for alloy
openSUSE-SU-2026:21249-1: important: Security update for trivy
openSUSE-SU-2026:21247-1: important: Security update for docker-compose
openSUSE-SU-2026:21242-1: important: Security update for assimp
openSUSE-SU-2026:21244-1: important: Security update for podman
openSUSE-SU-2026:21240-1: important: Security update for gstreamer-plugins-good
openSUSE-SU-2026:21239-1: important: Security update for python-msgpack
openSUSE-SU-2026:21238-1: important: Security update for krb5
openSUSE-SU-2026:21235-1: important: Security update for apache2
openSUSE-SU-2026:0232-1: important: Security update for go-sendxmpp
openSUSE-SU-2026:0231-1: important: Security update for radare2
SUSE-SU-2026:2785-1: moderate: Security update for systemd, systemd-mini
SUSE-SU-2026:2789-1: important: Security update for xorg-x11-server
SUSE-SU-2026:2791-1: important: Security update for xorg-x11-server
SUSE-SU-2026:2786-1: important: Security update for xorg-x11-server
openSUSE-SU-2026:0233-1: critical: Security update for chromium
openSUSE-SU-2026:11197-1: moderate: apptainer-1.5.1-3.1 on GA media
openSUSE-SU-2026:11196-1: moderate: python313-yt-dlp-2026.07.04-1.1 on GA media
openSUSE-SU-2026:11195-1: moderate: tomcat11-11.0.23-1.1 on GA media




openSUSE-SU-2026:21267-1: moderate: Recommended update for mpv, libKPipeWireRecord6, ffmpegthumbs-kf5


openSUSE security update: recommended update for mpv, libkpipewirerecord6, ffmpegthumbs-kf5
-------------------------------------------------------------

Announcement ID: openSUSE-SU-2026:21267-1
Rating: moderate

Affected Products:

openSUSE Leap 16.0

-------------------------------------------------------------

An update that solves various issues can now be installed.

Description:

This update for mpv, libKPipeWireRecord6, ffmpegthumbs-kf5 fixes the following issues:

Patch instructions:

To install this openSUSE security update use the suse recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

- openSUSE Leap 16.0

zypper in -t patch openSUSE-Leap-16.0-packagehub-396=1

Package List:

- openSUSE Leap 16.0:

ffmpegthumbs-25.04.3-bp160.1.2
ffmpegthumbs-kf5-25.04.3-bp160.1.3
kpipewire6-devel-6.4.2-bp160.1.3
kpipewire6-imports-6.4.2-bp160.1.3
libKPipeWire6-6.4.2-bp160.1.3
libKPipeWire6-lang-6.4.2-bp160.1.3
libKPipeWireDmaBuf6-6.4.2-bp160.1.3
libKPipeWireRecord6-6.4.2-bp160.1.3
libmpv2-0.40.0+git20250325.97cb16d68340-bp160.1.4
mpv-0.40.0+git20250325.97cb16d68340-bp160.1.4
mpv-bash-completion-0.40.0+git20250325.97cb16d68340-bp160.1.4
mpv-devel-0.40.0+git20250325.97cb16d68340-bp160.1.4
mpv-fish-completion-0.40.0+git20250325.97cb16d68340-bp160.1.4
mpv-zsh-completion-0.40.0+git20250325.97cb16d68340-bp160.1.4



openSUSE-SU-2026:21266-1: important: Security update for openQA, os-autoinst


openSUSE security update: security update for openqa, os-autoinst
-------------------------------------------------------------

Announcement ID: openSUSE-SU-2026:21266-1
Rating: important
References:

* bsc#1258632
* bsc#1259005
* bsc#1264376

Cross-References:

* CVE-2026-26996
* CVE-2026-27904
* CVE-2026-6321

CVSS scores:

* CVE-2026-26996 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-26996 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-27904 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-27904 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-6321 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
* CVE-2026-6321 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

Affected Products:

openSUSE Leap 16.0

-------------------------------------------------------------

An update that solves 3 vulnerabilities and has 3 bug fixes can now be installed.

Description:

This update for openQA, os-autoinst fixes the following issues:

Changes in openQA:

- Update to version 5.1783076943.6691832d:
* test: Stabilize `t/05-scheduler-full.t`

- Clarify resolution of three CVEs
* The following CVEs have been fixed (see previous changelog
entries that mentioned only the according Bugzilla tickets):
- bsc#1259005 - CVE-2026-27904
- bsc#1264376 - CVE-2026-6321
- bsc#1258632 - CVE-2026-26996

- Update to version 5.1782995932.ffeb09be:
* feat: throw 404 for nonexistent groups in overview
* feat: Avoid logwarn notifications for non-critical auth error
* chore(deps): Dependency cron 2026-07-02
* git subrepo pull (merge) external/os-autoinst-common
* fix: Check also hidden files in checklist plugin
* test: Enable faster re-connects in full scheduler test consistently
* test: Avoid silent daemons in verbose mode
* test: Allow running `t/43-???-scalability.t` in parallel
* test: Allow running `t/05-scheduler-full.t` in parallel
* test: Avoid race condition when generating ports in `25-cache.t`
* test: Avoid wasting seconds in `40-script_load_dump_templates.t`
* refactor: Remove disabled code in `openqa-load-templates`
* test: Avoid race condition when generating ports in many tests
* chore(deps): Dependency cron 2026-07-01
* fix(ci): format inline comments in workflows to pass yamllint
* test: Avoid running into "Address already in use" in fullstack test
* feat(ci): pin GitHub Actions by commit hash

Changes in os-autoinst:

- Update to version 5.1783082953.c3cb41d:
* test: Disable unstable `t/28-signalblocker.t` on ppc64le OBS builds
* fix: Check also hidden files in checklist plugin
* feat(ci): disable Mergify interactive queue controls in PR comments
* test: assert pipe size adjustment dynamically
* test: assert terminal session boundary safety
* refactor: support pretty markers in script_sudo and become_root
* fix: mmapi test failures and infinite loop hangs
* test: simplify Level 3 pretty marker detection
* fix: exclude virt-firmware on all older Leap archs

- Update to version 5.1782917048.dcc97e9:
* fix: Check also hidden files in checklist plugin
* feat(ci): disable Mergify interactive queue controls in PR comments
* fix(ci): format inline comments in workflows to pass yamllint
* feat(ci): pin GitHub Actions by commit hash
* test: assert pipe size adjustment dynamically
* test: assert terminal session boundary safety
* refactor: support pretty markers in script_sudo and become_root
* fix: mmapi test failures and infinite loop hangs
* test: simplify Level 3 pretty marker detection
* fix: exclude virt-firmware on all older Leap archs

Patch instructions:

To install this openSUSE security update use the suse recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

- openSUSE Leap 16.0

zypper in -t patch openSUSE-Leap-16.0-packagehub-395=1

Package List:

- openSUSE Leap 16.0:

openQA-5.1783076943.6691832d-bp160.1.1
openQA-auto-update-5.1783076943.6691832d-bp160.1.1
openQA-bootstrap-5.1783076943.6691832d-bp160.1.1
openQA-client-5.1783076943.6691832d-bp160.1.1
openQA-client-bash-completion-5.1783076943.6691832d-bp160.1.1
openQA-client-zsh-completion-5.1783076943.6691832d-bp160.1.1
openQA-common-5.1783076943.6691832d-bp160.1.1
openQA-continuous-update-5.1783076943.6691832d-bp160.1.1
openQA-devel-5.1783076943.6691832d-bp160.1.1
openQA-doc-5.1783076943.6691832d-bp160.1.1
openQA-llm-server-5.1783076943.6691832d-bp160.1.1
openQA-local-db-5.1783076943.6691832d-bp160.1.1
openQA-mcp-5.1783076943.6691832d-bp160.1.1
openQA-munin-5.1783076943.6691832d-bp160.1.1
openQA-python-scripts-5.1783076943.6691832d-bp160.1.1
openQA-single-instance-5.1783076943.6691832d-bp160.1.1
openQA-single-instance-nginx-5.1783076943.6691832d-bp160.1.1
openQA-worker-5.1783076943.6691832d-bp160.1.1
os-autoinst-5.1783082953.c3cb41d-bp160.1.1
os-autoinst-devel-5.1783082953.c3cb41d-bp160.1.1
os-autoinst-ipmi-deps-5.1783082953.c3cb41d-bp160.1.1
os-autoinst-openvswitch-5.1783082953.c3cb41d-bp160.1.1
os-autoinst-qemu-kvm-5.1783082953.c3cb41d-bp160.1.1
os-autoinst-qemu-x86-5.1783082953.c3cb41d-bp160.1.1
os-autoinst-s390-deps-5.1783082953.c3cb41d-bp160.1.1
os-autoinst-swtpm-5.1783082953.c3cb41d-bp160.1.1

References:

* https://www.suse.com/security/cve/CVE-2026-26996.html
* https://www.suse.com/security/cve/CVE-2026-27904.html
* https://www.suse.com/security/cve/CVE-2026-6321.html



openSUSE-SU-2026:21262-1: important: Security update for hauler


openSUSE security update: security update for hauler
-------------------------------------------------------------

Announcement ID: openSUSE-SU-2026:21262-1
Rating: important
References:

* bsc#1267150
* bsc#1269433

Cross-References:

* CVE-2026-25680
* CVE-2026-25681
* CVE-2026-27136
* CVE-2026-42502
* CVE-2026-42506
* CVE-2026-48702

CVSS scores:

* CVE-2026-25680 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-25680 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-25681 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2026-25681 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N
* CVE-2026-27136 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2026-27136 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N
* CVE-2026-42502 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2026-42502 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N
* CVE-2026-42506 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2026-42506 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N
* CVE-2026-48702 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-48702 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Products:

openSUSE Leap 16.0

-------------------------------------------------------------

An update that solves 6 vulnerabilities and has 2 bug fixes can now be installed.

Description:

This update for hauler fixes the following issues:

Changes in hauler:

- update to 2.0.1 (bsc#1269433, CVE-2026-48702):
* bump go to 1.26.4 to squash CVE noise
* Full v2 Release notes: https://github.com/hauler-
dev/hauler/releases/tag/v2.0.0

- update to 2.0.0:
* `v2.0.0` is a **major** release. It replaces Hauler's entire
OCI plumbing... the ORAS v1 dependency and the in-house
cosign fork with a native containerd based implementation,
drops the deprecated `v1alpha1` API, and layers on a
meaningful set of new capabilities and reliability fixes on
top of that new foundation.
* **Removed the ORAS v1 dependency** - push/pull is now driven
directly by containerd's docker resolver and `google/go-
containerregistry`, new `pkg/content/registry.go`
(`RegistryTarget`) and `pkg/content/types.go` (`Target`
interface, `IoContentWriter`) replaces what ORAS used to own.
* **Removed the hauler-maintained cosign fork** - `pkg/cosign`
is now a thin verify only wrapper around upstream
`sigstore/cosign/v3`. Images are added through a native
`s.AddImage()` path in `pkg/store`
* **Added OCI 1.1 Referrers support** - signatures,
attestations, and SBOMs are discovered both via the classic
cosign tag convention (`sha256-.sig` / `.att` / `.sbom`) and
the modern Referrers API, then correctly through the OCI
layout

- update x/net to v0.55.0 (bsc#1266602, CVE-2026-39821,
bsc#1267150, CVE-2026-25680, CVE-2026-42502, CVE-2026-27136,
CVE-2026-25681, CVE-2026-42506)

Patch instructions:

To install this openSUSE security update use the suse recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

- openSUSE Leap 16.0

zypper in -t patch openSUSE-Leap-16.0-packagehub-391=1

Package List:

- openSUSE Leap 16.0:

hauler-2.0.1-bp160.1.1

References:

* https://www.suse.com/security/cve/CVE-2026-25680.html
* https://www.suse.com/security/cve/CVE-2026-25681.html
* https://www.suse.com/security/cve/CVE-2026-27136.html
* https://www.suse.com/security/cve/CVE-2026-42502.html
* https://www.suse.com/security/cve/CVE-2026-42506.html
* https://www.suse.com/security/cve/CVE-2026-48702.html



openSUSE-SU-2026:21254-1: important: Security update for go1.26-openssl


openSUSE security update: security update for go1.26-openssl
-------------------------------------------------------------

Announcement ID: openSUSE-SU-2026:21254-1
Rating: important
References:

* bsc#1170826
* bsc#1245878
* bsc#1255111
* bsc#1261653
* bsc#1261654
* bsc#1261655
* bsc#1261656
* bsc#1261657
* bsc#1261658
* bsc#1261659
* bsc#1261660
* bsc#1261661
* bsc#1261662
* bsc#1264395
* bsc#1264499
* bsc#1264500
* bsc#1264501
* bsc#1264502
* bsc#1264503
* bsc#1264504
* bsc#1264505
* bsc#1264506
* bsc#1264507
* bsc#1264508
* bsc#1264509
* bsc#1267442
* bsc#1267444
* bsc#1267450

Cross-References:

* CVE-2026-27140
* CVE-2026-27143
* CVE-2026-27144
* CVE-2026-27145
* CVE-2026-32280
* CVE-2026-32281
* CVE-2026-32282
* CVE-2026-32283
* CVE-2026-32288
* CVE-2026-32289
* CVE-2026-33810
* CVE-2026-33811
* CVE-2026-33814
* CVE-2026-39817
* CVE-2026-39819
* CVE-2026-39820
* CVE-2026-39823
* CVE-2026-39825
* CVE-2026-39826
* CVE-2026-39836
* CVE-2026-42499
* CVE-2026-42501
* CVE-2026-42504
* CVE-2026-42507

CVSS scores:

* CVE-2026-27140 ( SUSE ): 7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2026-27143 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
* CVE-2026-27144 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
* CVE-2026-27145 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2026-27145 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2026-32280 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-32281 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-32282 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
* CVE-2026-32283 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-32288 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2026-32289 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
* CVE-2026-33810 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
* CVE-2026-33811 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-33814 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-39817 ( SUSE ): 5.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:N
* CVE-2026-39819 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N
* CVE-2026-39820 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-39823 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2026-39825 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2026-39826 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2026-39836 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-42499 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-42501 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2026-42504 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2026-42504 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-42507 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
* CVE-2026-42507 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Affected Products:

openSUSE Leap 16.0

-------------------------------------------------------------

An update that solves 24 vulnerabilities and has 28 bug fixes can now be installed.

Description:

This update for go1.26-openssl fixes the following issues:

Update to go1.26.4 (bsc#1255111).

Security issues fixed:

- CVE-2026-27140: cmd/go: trust layer bypass when using cgo and SWIG (bsc#1261653).
- CVE-2026-27143: cmd/compile: possible memory corruption after bound check elimination (bsc#1261654).
- CVE-2026-27144: cmd/compile: no-op interface conversion bypasses overlap checking (bsc#1261655).
- CVE-2026-27145: crypto/x509: split candidate hostname only once (bsc#1267450).
- CVE-2026-32280: crypto/x509: unexpected work during chain building (bsc#1261656).
- CVE-2026-32281: crypto/x509: inefficient policy validation (bsc#1261657).
- CVE-2026-32282: os: `Root.Chmod` can follow symlinks out of the root on Linux (bsc#1261658).
- CVE-2026-32283: crypto/tls: multiple key update handshake messages can cause connection to deadlock (bsc#1261659).
- CVE-2026-32288: archive/tar: unbounded allocation when parsing old format GNU sparse map (bsc#1261660).
- CVE-2026-32289: html/template: JS template literal context incorrectly tracked (bsc#1261661).
- CVE-2026-33810: crypto/x509: excluded DNS constraints not properly applied to wildcard domains (bsc#1261662).
- CVE-2026-33811: net: crash when handling long `CNAME` response (bsc#1264508).
- CVE-2026-33814: net/http: infinite loop in HTTP/2 transport when given bad `SETTINGS_MAX_FRAME_SIZE` (bsc#1264506).
- CVE-2026-39817: cmd/go: `go tool pack` does not sanitize output paths (bsc#1264505).
- CVE-2026-39819: cmd/go: `go bug` follows symlinks in predictable temporary filenames (bsc#1264504).
- CVE-2026-39820: net/mail: quadratic string concatentation in `consumeComment` (bsc#1264503).
- CVE-2026-39823: html/template: bypass of meta content URL escaping causes XSS (bsc#1264509).
- CVE-2026-39825: net/http/httputil: `ReverseProxy` forwards queries with more than `urlmaxqueryparams` parameters
(bsc#1264500).
- CVE-2026-39826: html/template: escaper bypass leads to XSS (bsc#1264507).
- CVE-2026-39836: net: panic in `Dial` and `LookupPort` when handling `NUL` byte on Windows (bsc#1264501).
- CVE-2026-42499: net/mail: quadratic string concatenation in `consumePhrase` (bsc#1264502).
- CVE-2026-42501: cmd/go: malicious module proxy can bypass checksum database (bsc#1264499).
- CVE-2026-42504: mime: quadratic complexity in `WordDecoder.DecodeHeader` (bsc#1267442).
- CVE-2026-42507: net/textproto: arbitrary input is included in errors without any escaping (bsc#1267444).

Other updates and security fixes:

- Go packages miss `binutils-gold` dependency (bsc#1170826).
- Drop subpackage `go1.x-libstd` `std` library `.so` refs (jsc#PED-1962).
- Use `libalternatives` only on `suse_version >= 1610` and keep `update-alternatives` support for older
distributions.
- Drop the `update-alternatives` migration path for `libalternatives` builds.
- Enable `libalternatives` for SLE16.1 and Tumbleweed (bsc#1245878).
- Drop go1.26 dependency on `update-alternatives` (bsc#1264395)
- Update to version 1.26.3 cut from the `go1.25-fips-release` branch at the revision tagged `go1.26.3-1-openssl-fips`
(jsc#SLE-18320).

Patch instructions:

To install this openSUSE security update use the suse recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

- openSUSE Leap 16.0

zypper in -t patch openSUSE-Leap-16.0-1175=1

Package List:

- openSUSE Leap 16.0:

go1.26-openssl-1.26.4-160000.1.1
go1.26-openssl-doc-1.26.4-160000.1.1
go1.26-openssl-race-1.26.4-160000.1.1

References:

* https://www.suse.com/security/cve/CVE-2026-27140.html
* https://www.suse.com/security/cve/CVE-2026-27143.html
* https://www.suse.com/security/cve/CVE-2026-27144.html
* https://www.suse.com/security/cve/CVE-2026-27145.html
* https://www.suse.com/security/cve/CVE-2026-32280.html
* https://www.suse.com/security/cve/CVE-2026-32281.html
* https://www.suse.com/security/cve/CVE-2026-32282.html
* https://www.suse.com/security/cve/CVE-2026-32283.html
* https://www.suse.com/security/cve/CVE-2026-32288.html
* https://www.suse.com/security/cve/CVE-2026-32289.html
* https://www.suse.com/security/cve/CVE-2026-33810.html
* https://www.suse.com/security/cve/CVE-2026-33811.html
* https://www.suse.com/security/cve/CVE-2026-33814.html
* https://www.suse.com/security/cve/CVE-2026-39817.html
* https://www.suse.com/security/cve/CVE-2026-39819.html
* https://www.suse.com/security/cve/CVE-2026-39820.html
* https://www.suse.com/security/cve/CVE-2026-39823.html
* https://www.suse.com/security/cve/CVE-2026-39825.html
* https://www.suse.com/security/cve/CVE-2026-39826.html
* https://www.suse.com/security/cve/CVE-2026-39836.html
* https://www.suse.com/security/cve/CVE-2026-42499.html
* https://www.suse.com/security/cve/CVE-2026-42501.html
* https://www.suse.com/security/cve/CVE-2026-42504.html
* https://www.suse.com/security/cve/CVE-2026-42507.html



openSUSE-SU-2026:21252-1: important: Security update for clamav


openSUSE security update: security update for clamav
-------------------------------------------------------------

Announcement ID: openSUSE-SU-2026:21252-1
Rating: important
References:

* bsc#1270085
* bsc#1270088
* bsc#1270089
* bsc#1270091
* bsc#1270092
* bsc#1270106
* bsc#1270107
* bsc#1270138

Cross-References:

* CVE-2026-20213
* CVE-2026-20214
* CVE-2026-20215
* CVE-2026-20216
* CVE-2026-20217
* CVE-2026-20243
* CVE-2026-20244
* CVE-2026-41676

CVSS scores:

* CVE-2026-20213 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-20214 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-20215 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-20216 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-20217 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-20243 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-20244 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-41676 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
* CVE-2026-41676 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N

Affected Products:

openSUSE Leap 16.0

-------------------------------------------------------------

An update that solves 8 vulnerabilities and has 8 bug fixes can now be installed.

Description:

This update for clamav fixes the following issues:

Update to version 1.5.3.

Security issues fixed:

- CVE-2026-20213: out-of-bounds write due to improper boundary checks for content in PE files during scanning
(bsc#1270107).
- CVE-2026-20214: out-of-bounds write due to improper boundary checks for content in FSG files during scanning
(bsc#1270085).
- CVE-2026-20215: out-of-bounds write due to improper boundary checks for content in 7z files during scanning
(bsc#1270088).
- CVE-2026-20216: denial of service due to improper handling of temporary resources during InstallShield file scanning
(bsc#1270089).
- CVE-2026-20217: out-of-bounds write due to improper boundary checks for content in PESpin files during scanning
(bsc#1270091).
- CVE-2026-20243: out-of-bounds write due to improper boundary checks for content in ALZ files during scanning
(bsc#1270092).
- CVE-2026-20244: integer overflow and DoS due to improper boundary checks for content in DMG files during scanning
(bsc#1270106).
- CVE-2026-41676: buffer overflow due to missing checks via `Deriver:derive`, `PkeyCtxRef:derive` and OpenSSL 1.1.1
(bsc#1270138).

Other updates and bugfixes:

- Version 1.5.3:
* Fixed a bug in the PESpin unpacker cleanup path that could free pointers into the scanned file buffer and crash the
scanner.
* Fixed an integer overflow in PE rebuild size calculations that could be reached through a malformed Aspack-packed PE
file and lead to a heap buffer overflow write.
* Fixed an InstallShield archive extraction limit bypass that could write far more temporary data than intended and
exhaust temporary storage.
* Fixed an FSG unpacker loop underflow that could write past the section array while scanning a malformed PE file.
* Fixed ALZ parser size handling bugs that could cause malformed ALZ archives to panic, abort the scanner, or skip
expected scan-limit handling.
* Fixed a 7z parser substream count overflow that could under-allocate parser metadata arrays and write past them
while reading a malformed archive.
* Fixed 32-bit DMG parser size checks that could let a short mish stripe table pass validation and crash 32-bit
scanner builds.
* Hardened clamscan, clamdscan, and clamonacc quarantine actions against time-of-check/time-of-use races that could
redirect copied, moved, or removed files under unsafe quarantine directory configurations.
* Upgraded the Rust tar dependency to resolve the RUSTSEC-2026-0067 and RUSTSEC-2026-0068 advisories, and upgraded the
Rust openssl dependency to resolve CVE-2026-41676.
* Raised the minimum required CMake version to 3.17 to fix Linux builds with libcurl v8.21.0 when linking static
library dependencies.
* Metadata preclass scans now run before the final scan verdict.
* ClamOnAcc: Fixed errors when recursively excluded paths are children of an included path.
* ClamOnAcc: Fixed hash bucket list corruption when two watched paths collide in the same bucket.

Patch instructions:

To install this openSUSE security update use the suse recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

- openSUSE Leap 16.0

zypper in -t patch openSUSE-Leap-16.0-1173=1

Package List:

- openSUSE Leap 16.0:

clamav-1.5.3-160000.1.1
clamav-devel-1.5.3-160000.1.1
clamav-docs-html-1.5.3-160000.1.1
clamav-milter-1.5.3-160000.1.1
libclamav12-1.5.3-160000.1.1
libclammspack0-1.5.3-160000.1.1
libfreshclam4-1.5.3-160000.1.1

References:

* https://www.suse.com/security/cve/CVE-2026-20213.html
* https://www.suse.com/security/cve/CVE-2026-20214.html
* https://www.suse.com/security/cve/CVE-2026-20215.html
* https://www.suse.com/security/cve/CVE-2026-20216.html
* https://www.suse.com/security/cve/CVE-2026-20217.html
* https://www.suse.com/security/cve/CVE-2026-20243.html
* https://www.suse.com/security/cve/CVE-2026-20244.html
* https://www.suse.com/security/cve/CVE-2026-41676.html



openSUSE-SU-2026:21251-1: important: Security update for alloy


openSUSE security update: security update for alloy
-------------------------------------------------------------

Announcement ID: openSUSE-SU-2026:21251-1
Rating: important
References:

* bsc#1260981
* bsc#1265440
* bsc#1266196
* bsc#1266654
* bsc#1267185
* bsc#1267333
* bsc#1267481
* bsc#1267485
* bsc#1267488
* bsc#1267489

Cross-References:

* CVE-2026-25680
* CVE-2026-25681
* CVE-2026-27136
* CVE-2026-33532
* CVE-2026-39821
* CVE-2026-39827
* CVE-2026-39828
* CVE-2026-39829
* CVE-2026-39830
* CVE-2026-39831
* CVE-2026-39832
* CVE-2026-39833
* CVE-2026-39834
* CVE-2026-39835
* CVE-2026-41889
* CVE-2026-42502
* CVE-2026-42506
* CVE-2026-42508
* CVE-2026-44740
* CVE-2026-45678
* CVE-2026-45682
* CVE-2026-45685
* CVE-2026-45686
* CVE-2026-46595
* CVE-2026-46597
* CVE-2026-46598

CVSS scores:

* CVE-2026-25680 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-25680 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-25681 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2026-25681 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N
* CVE-2026-27136 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2026-27136 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N
* CVE-2026-33532 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2026-33532 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2026-39821 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
* CVE-2026-39821 ( SUSE ): 9.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-39827 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-39827 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-39828 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
* CVE-2026-39828 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-39829 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-39829 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-39830 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-39830 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-39831 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
* CVE-2026-39831 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-39832 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N
* CVE-2026-39832 ( SUSE ): 6.2 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N
* CVE-2026-39833 ( SUSE ): 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
* CVE-2026-39833 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-39834 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-39834 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-39835 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-39835 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-41889 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-41889 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-42502 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2026-42502 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N
* CVE-2026-42506 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2026-42506 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N
* CVE-2026-42508 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
* CVE-2026-42508 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-44740 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-44740 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-45678 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-45678 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-45682 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-45682 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-45685 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-45685 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-45686 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-45686 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-46595 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
* CVE-2026-46595 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-46597 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-46597 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-46598 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-46598 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Products:

openSUSE Leap 16.0

-------------------------------------------------------------

An update that solves 26 vulnerabilities and has 10 bug fixes can now be installed.

Description:

This update for alloy fixes the following issues:

Update to version 1.17.0.

Security issues fixed:

- CVE-2026-25680: golang.org/x/net/html: parsing arbitrary HTML can consume excessive CPU time, possibly leading to
denial of service (bsc#1267185).
- CVE-2026-25681: golang.org/x/net/html: parsing arbitrary HTML which is then rendered using Render can result in an
unexpected HTML tree and allows for XSS (bsc#1267185).
- CVE-2026-27136: golang.org/x/net/html: parsing arbitrary HTML which is then rendered using Render can result in an
unexpected HTML tree and allows for XSS (bsc#1267185).
- CVE-2026-33532: yaml: parsing input with deeply nestes collections may throw a `RangeError` due to a stack overflow
and cause to a denial of service (bsc#1260981).
- CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded labels allows for validation
bypass and privilege escalation (bsc#1266654).
- CVE-2026-39827: golang.org/x/crypto/ssh: authenticated SSH clients that repeatedly open channels which were rejected
by the server can cause unbounded memory growth and a crash (bsc#1266196).
- CVE-2026-39828: golang.org/x/crypto/ssh: permissions discarded when an SSH server authentication callback returns
`PartialSuccessError` with non-`nil` permissions (bsc#1266196).
- CVE-2026-39829: golang.org/x/crypto/ssh: unenforced size limits on key parameters by the the RSA and DSA public key
parsers can lead to excessive CPU consumption when processing a crafted public key (bsc#1266196).
- CVE-2026-39830: golang.org/x/crypto/ssh: malicious SSH peers sending unsolicited global request responses can block a
connection's read loop and cause a resource leak (bsc#1266196).
- CVE-2026-39831: golang.org/x/crypto/ssh: missing `User Presence` flag checks in the `Verify()` method for FIDO/U2F
security key types cause signatures generated without physical touch to be accepted (bsc#1266196).
- CVE-2026-39832: golang.org/x/crypto/ssh: destination restrictions are silently stripped when forwarding keys and
allow for unrestricted use of a key on a remote host (bsc#1266196).
- CVE-2026-39833: golang.org/x/crypto/ssh: in-memory keyring returned by `NewKeyring()` silently accepts keys with the
`ConfirmBeforeUse` constraint but never enforces it (bsc#1266196).
- CVE-2026-39834: golang.org/x/crypto/ssh: writing data larger than 4GB in a single `Write` call on an SSH channel
leads to an integer overflow and an infinite loop that sends empty packets (bsc#1266196).
- CVE-2026-39835: golang.org/x/crypto/ssh: processing of certificates by SSH servers using `CertChecker` as a public
key callback without setting `IsUserAuthority` or `IsHostAuthority` can lead to a panic (bsc#1266196).
- CVE-2026-41889: github.com/jackc/pgx/v5/internal/sanitize: use placeholders in dollar-quoted string literals in an
SQL query can lead to a SQL injection (bsc#1265440).
- CVE-2026-42502: golang.org/x/net/html: parsing arbitrary HTML which is then rendered using Render can result in an
unexpected HTML tree and allows for XSS (bsc#1267185).
- CVE-2026-42506: golang.org/x/net/html: parsing arbitrary HTML which is then rendered using Render can result in an
unexpected HTML tree and allows for XSS (bsc#1267185).
- CVE-2026-42508: golang.org/x/crypto/ssh: revoked `SignatureKey`s belonging to a CA are not correctly checked for
revocation (bsc#1266196).
- CVE-2026-44740: github.com/go-git/go-billy/v5: improper input handling in many components can lead to DoS via
infinite loops, panics or resource consumption (bsc#1267333).
- CVE-2026-45678: go.opentelemetry.io/obi: Postgres BIND parsing can lead to a panic when malformed payloads are
processed (bsc#1267481).
- CVE-2026-45682: go.opentelemetry.io/obi: keys not deleted by `CappedConcurrentHashMap` after removals allows repeated
connection churn to grow the queue without bound and exhaust heap memory (bsc#1267485).
- CVE-2026-45685: go.opentelemetry.io/obi: MongoDB TCP parser panics on malformed wire messages and causes a DoS
(bsc#1267488).
- CVE-2026-45686: go.opentelemetry.io/obi: integer overflow in memcached text protocol parser can crash the OBI process
and cause denial of service (bsc#1267489).
- CVE-2026-46595: golang.org/x/crypto/ssh: source-address validation is skipped if any other type of callback is passed
other than public key (bsc#1266196).
- CVE-2026-46597: golang.org/x/crypto/ssh: incorrectly placed cast from bytes to int in the AES-GCM packet decoder when
processing specially crafted input can lead to for server-side panic (bsc#1266196).
- CVE-2026-46598: golang.org/x/crypto/ssh: `ed25519.PrivateKey` created by casting malformed wire bytes due to
processing of certain crafted inputs can lead to panic when used (bsc#1266196).

Other updates and bugfixes:

- Version 1.17.0:
* Features
* Add GraphQL server and `gql` subcommand.
* `otelcol`: Add Nginx receiver.
* `otelcol.exporter.prometheus`: Convert classic histograms to NHCB.
* `database_observability`: Various enhancements for MySQL and Postgres.
* `faro.receiver`: Support gzip-compressed request bodies.
* Update to Beyla 3.9.8.
* Bug Fixes
* security: Update `x/crypto`, `x/net`, `jackc/pgx/v5`, and `obi`.
* cluster: Fix nodes failing to join the cluster with TLS enabled.
* `loki.process`: Fix potential deadlocks and limit stage shutdown.
* Update Go to v1.26.4.
- Version 1.16.3:
* cluster: Fix nodes failing to join the cluster when TLS is enabled.
- Version 1.16.2:
* `loki.process`: No longer mutate rules in `stage.truncate` causing every config update to reload pipeline when this
stage is used.
* `loki.process`: Potential deadlock on update with stage and receiver changes.
* `otelcol.exporter.awss3`: Add missing `unique_key_func_name` attribute.
- Remove dependency on vulnerable `yaml` library.

Patch instructions:

To install this openSUSE security update use the suse recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

- openSUSE Leap 16.0

zypper in -t patch openSUSE-Leap-16.0-1172=1

Package List:

- openSUSE Leap 16.0:

alloy-1.17.0-160000.1.1

References:

* https://www.suse.com/security/cve/CVE-2026-25680.html
* https://www.suse.com/security/cve/CVE-2026-25681.html
* https://www.suse.com/security/cve/CVE-2026-27136.html
* https://www.suse.com/security/cve/CVE-2026-33532.html
* https://www.suse.com/security/cve/CVE-2026-39821.html
* https://www.suse.com/security/cve/CVE-2026-39827.html
* https://www.suse.com/security/cve/CVE-2026-39828.html
* https://www.suse.com/security/cve/CVE-2026-39829.html
* https://www.suse.com/security/cve/CVE-2026-39830.html
* https://www.suse.com/security/cve/CVE-2026-39831.html
* https://www.suse.com/security/cve/CVE-2026-39832.html
* https://www.suse.com/security/cve/CVE-2026-39833.html
* https://www.suse.com/security/cve/CVE-2026-39834.html
* https://www.suse.com/security/cve/CVE-2026-39835.html
* https://www.suse.com/security/cve/CVE-2026-41889.html
* https://www.suse.com/security/cve/CVE-2026-42502.html
* https://www.suse.com/security/cve/CVE-2026-42506.html
* https://www.suse.com/security/cve/CVE-2026-42508.html
* https://www.suse.com/security/cve/CVE-2026-44740.html
* https://www.suse.com/security/cve/CVE-2026-45678.html
* https://www.suse.com/security/cve/CVE-2026-45682.html
* https://www.suse.com/security/cve/CVE-2026-45685.html
* https://www.suse.com/security/cve/CVE-2026-45686.html
* https://www.suse.com/security/cve/CVE-2026-46595.html
* https://www.suse.com/security/cve/CVE-2026-46597.html
* https://www.suse.com/security/cve/CVE-2026-46598.html



openSUSE-SU-2026:21249-1: important: Security update for trivy


openSUSE security update: security update for trivy
-------------------------------------------------------------

Announcement ID: openSUSE-SU-2026:21249-1
Rating: important
References:

* bsc#1269269
* bsc#1269271

Cross-References:

* CVE-2026-54448
* CVE-2026-55092

CVSS scores:

* CVE-2026-54448 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2026-54448 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-55092 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2026-55092 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Products:

openSUSE Leap 16.0

-------------------------------------------------------------

An update that solves 2 vulnerabilities and has 2 bug fixes can now be installed.

Description:

This update for trivy fixes the following issues

Update to version 0.72.0.

- CVE-2026-54448: tar unpacker reads scanned Helm chart archives (.tgz) with `io.ReadAll(tr)` and defines no size
limit, which can lead to a DoS (bsc#1269271).
- CVE-2026-55092: `org.opencontainers.image.title` annotation from OCI artifact manifest is used as a destination
filename without validation and can lead to arbitrary file writes (bsc#1269269).

Other updates and bugfixes:

- Version 0.72.0:
* feat(bottlerocket): add vulnerability matching for Bottlerocket OS (#10893)
* fix(misconf): support github_repository_vulnerability_alerts resource (#10680)
* feat(java): detect JAR licenses from packaged LICENSE files (#10856)
* fix(nodejs): parse project dependencies from multi-document pnpm-lock.yaml (#10861)
* fix(server): propagate package repository class in client/server mode (#10874)
* chore(deps): bump github.com/containerd/containerd/v2 from 2.3.1 to 2.3.2 (#10888)
* fix(vuln): fall back to UNKNOWN severity when vulnerability details are missing (#10795)
* feat(java): detect JAR licenses from the embedded pom.xml (#10851)
* chore(deps): Upgrade github.com/cenkalti/backoff to v6 (#10863)
* ci(helm): bump Trivy version to 0.71.2 for Trivy Helm Chart 0.23.2 (#10873)
* chore(deps): bump alpine to 3.24.1 (#10868)
* docs: fix article typo in plugin developer guide (#10860)
* feat(misconf): Adds CloudFront standard logging v2 support to AVD-AWS-0010 (#10848)
* docs: fix typos (#10857)
* fix(terraform): avoid data race on global getter.Getters in remote module resolver (#10843)
* feat(secret): support new stateless format for GitHub App installation tokens (#10826)
* fix: correct format verbs in diagnostic messages (#10805)
* ci(helm): bump Trivy version to 0.71.1 for Trivy Helm Chart 0.23.1 (#10845)
* refactor: use ParseErrorsAllowlist instead of ParseErrorsWhitelist (#10830)
* docs: fix repository scan heading typo (#10828)
* fix: forward ospkg detector options through ospkg.NewScanner (#10811)
* chore(deps): bump github.com/bufbuild/buf to v1.70.0 (#10801)
* fix(vex): load VEX documents from within the repository directory (#10820)
* ci!: migrate docker config to dockers_v2 (#10783)
* feat(dotnet): detect bundled runtime in self-contained deployments (#10786)
* feat(secret): add OpenAI secret detection rules (#10798)
* ci: expect GitHub App bot as backport PR author (#10813)
* fix: surface the original analysis error instead of context cancellation (#10793)
* chore(deps): bump the github-actions group across 1 directory with 11 updates (#10803)
* chore(deps): bump the common group with 4 updates (#10797)
* chore(deps): bump the aws group with 4 updates (#10796)
* fix: use random suffix for process temp directory instead of PID (#10431)
* docs: update signature verification for deb and rpm packages (#10784)
* fix(image): lookup origin layer for custom resources in merged layers (#10788)
* ci: bump GoReleaser to v2.16.0 (#10774)
* docs: fix broken nixpkgs reference link in installation guide (#10776)
* fix(image): deterministic OS package deduplication for images with embedded SBOMs (#10777)
* fix(spdx): guard against nil root component in SPDX marshaler (#10771)
* ci(helm): bump Trivy version to 0.71.0 for Trivy Helm Chart 0.23.0 (#10768)

Patch instructions:

To install this openSUSE security update use the suse recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

- openSUSE Leap 16.0

zypper in -t patch openSUSE-Leap-16.0-1170=1

Package List:

- openSUSE Leap 16.0:

trivy-0.72.0-160000.1.1

References:

* https://www.suse.com/security/cve/CVE-2026-54448.html
* https://www.suse.com/security/cve/CVE-2026-55092.html



openSUSE-SU-2026:21247-1: important: Security update for docker-compose


openSUSE security update: security update for docker-compose
-------------------------------------------------------------

Announcement ID: openSUSE-SU-2026:21247-1
Rating: important
References:

* bsc#1239340
* bsc#1239766
* bsc#1265782
* bsc#1266625

Cross-References:

* CVE-2025-0495
* CVE-2025-22869
* CVE-2026-33814
* CVE-2026-39821

CVSS scores:

* CVE-2025-0495 ( SUSE ): 5.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N
* CVE-2025-0495 ( SUSE ): 4.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:L/VI:N/VA:N/SC:H/SI:N/SA:N
* CVE-2025-22869 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-22869 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-33814 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-39821 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
* CVE-2026-39821 ( SUSE ): 9.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Affected Products:

openSUSE Leap 16.0

-------------------------------------------------------------

An update that solves 4 vulnerabilities and has 4 bug fixes can now be installed.

Description:

This update for docker-compose fixes the following issues

- CVE-2025-0495: buildx: credential leakage to telemetry endpoints when credentials allowed to be set as attribute
values in cache-to/cache-from configuration (bsc#1239766).
- CVE-2025-22869: golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh
(bsc#1239340).
- CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE
(bsc#1265782).
- CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded labels allows for validation
bypass and privilege escalation (bsc#1266625).

Patch instructions:

To install this openSUSE security update use the suse recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

- openSUSE Leap 16.0

zypper in -t patch openSUSE-Leap-16.0-1168=1

Package List:

- openSUSE Leap 16.0:

docker-compose-2.33.1-160000.5.1

References:

* https://www.suse.com/security/cve/CVE-2025-0495.html
* https://www.suse.com/security/cve/CVE-2025-22869.html
* https://www.suse.com/security/cve/CVE-2026-33814.html
* https://www.suse.com/security/cve/CVE-2026-39821.html



openSUSE-SU-2026:21242-1: important: Security update for assimp


openSUSE security update: security update for assimp
-------------------------------------------------------------

Announcement ID: openSUSE-SU-2026:21242-1
Rating: important
References:

* bsc#1251019
* bsc#1266996
* bsc#1266998
* bsc#1266999
* bsc#1267037

Cross-References:

* CVE-2025-11277
* CVE-2026-10197
* CVE-2026-10199
* CVE-2026-10200
* CVE-2026-10232

CVSS scores:

* CVE-2025-11277 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2025-11277 ( SUSE ): 1.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-10197 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2026-10197 ( SUSE ): 1.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-10199 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2026-10199 ( SUSE ): 1.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-10200 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2026-10200 ( SUSE ): 1.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-10232 ( SUSE ): 7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2026-10232 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Products:

openSUSE Leap 16.0

-------------------------------------------------------------

An update that solves 5 vulnerabilities and has 5 bug fixes can now be installed.

Description:

This update for assimp fixes the following issues

- CVE-2025-11277: large mWidth and mHeight dimensions can lead to integer overflow and a heap-based buffer overflow
(bsc#1251019).
- CVE-2026-10197: NULL pointer dereference in ImportEmbeddedTextures when mimeType lacks '/' (bsc#1266996).
- CVE-2026-10199: NULL pointer dereference in glTF2::LazyDict::operator[] due to unchecked node access in
ImportAnimations (bsc#1266998).
- CVE-2026-10200: [glTF] Heap-buffer-overflow in CopyValue() when parsing invalid 4x4 matrix with insufficient data
(bsc#1266999).
- CVE-2026-10232: heap use-after-free in aiNode::~aiNode due to invalid node tree when processing malformed ASE files
(bsc#1267037).

Patch instructions:

To install this openSUSE security update use the suse recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

- openSUSE Leap 16.0

zypper in -t patch openSUSE-Leap-16.0-1163=1

Package List:

- openSUSE Leap 16.0:

assimp-devel-5.4.3-160000.4.1
libassimp5-5.4.3-160000.4.1

References:

* https://www.suse.com/security/cve/CVE-2025-11277.html
* https://www.suse.com/security/cve/CVE-2026-10197.html
* https://www.suse.com/security/cve/CVE-2026-10199.html
* https://www.suse.com/security/cve/CVE-2026-10200.html
* https://www.suse.com/security/cve/CVE-2026-10232.html



openSUSE-SU-2026:21244-1: important: Security update for podman


openSUSE security update: security update for podman
-------------------------------------------------------------

Announcement ID: openSUSE-SU-2026:21244-1
Rating: important
References:

* bsc#1262856
* bsc#1266125

Cross-References:

* CVE-2025-22869
* CVE-2025-47913
* CVE-2025-47914
* CVE-2025-52881
* CVE-2025-6032
* CVE-2025-9566
* CVE-2026-34986
* CVE-2026-39827
* CVE-2026-39828
* CVE-2026-39829
* CVE-2026-39830
* CVE-2026-39831
* CVE-2026-39832
* CVE-2026-39833
* CVE-2026-39834
* CVE-2026-39835
* CVE-2026-42508
* CVE-2026-46595
* CVE-2026-46597
* CVE-2026-46598

CVSS scores:

* CVE-2025-22869 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-22869 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-47913 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-47913 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-47914 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-47914 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-52881 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-52881 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
* CVE-2025-6032 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
* CVE-2025-6032 ( SUSE ): 9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
* CVE-2025-9566 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
* CVE-2025-9566 ( SUSE ): 7.2 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-34986 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-34986 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-39827 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-39827 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-39828 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
* CVE-2026-39828 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-39829 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-39829 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-39830 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-39830 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-39831 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
* CVE-2026-39831 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-39832 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N
* CVE-2026-39832 ( SUSE ): 6.2 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N
* CVE-2026-39833 ( SUSE ): 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
* CVE-2026-39833 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-39834 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-39834 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-39835 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-39835 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-42508 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
* CVE-2026-42508 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-46595 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
* CVE-2026-46595 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-46597 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-46597 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-46598 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-46598 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Products:

openSUSE Leap 16.0

-------------------------------------------------------------

An update that solves 20 vulnerabilities and has 2 bug fixes can now be installed.

Description:

This update for podman fixes the following issues

- CVE-2026-34986: github.com/go-jose/go-jose/v4,github.com/go-jose/go-jose/v3: crafted JWE input with a missing
encrypted key can lead to a denial of service (bsc#1262856).
- CVE-2026-39827: Invoking memory leak when rejecting channels can lead to DoS in golang.org/x/crypto/ssh (bsc#1266125).
- CVE-2026-39828: Invoking bypass of certificate restrictions in golang.org/x/crypto/ssh (bsc#1266125).
- CVE-2026-39829: Invoking pathological RSA/DSA parameters may cause DoS in golang.org/x/crypto/ssh (bsc#1266125).
- CVE-2026-39830: Invoking client can cause server deadlock on unexpected responses in golang.org/x/crypto/ssh
(bsc#1266125).
- CVE-2026-39831: Invoking bypass of FIDO/U2F security keys physical interaction in golang.org/x/crypto/ssh
(bsc#1266125).
- CVE-2026-39832: Invoking agent constraints dropped when forwarding keys in golang.org/x/crypto/ssh/agent
(bsc#1266125).
- CVE-2026-39833: Invoking key constraints not enforced in golang.org/x/crypto/ssh/agent (bsc#1266125).
- CVE-2026-39834: Invoking infinite loop on large channel writes in golang.org/x/crypto/ssh (bsc#1266125).
- CVE-2026-39835: Invoking server panic during CheckHostKey/Authenticate in golang.org/x/crypto/ssh (bsc#1266125).
- CVE-2026-42508: Invoking auth bypass via unenforced @revoked status in golang.org/x/crypto/ssh/knownhosts
(bsc#1266125).
- CVE-2026-46595: Invoking VerifiedPublicKeyCallback permissions skip enforcement in golang.org/x/crypto/ssh
(bsc#1266125).
- CVE-2026-46597: Invoking byte arithmetic causes underflow and panic in golang.org/x/crypto/ssh (bsc#1266125).
- CVE-2026-46598: Invoking pathological inputs can lead to client panic in golang.org/x/crypto/ssh/agent (bsc#1266125).

Patch instructions:

To install this openSUSE security update use the suse recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

- openSUSE Leap 16.0

zypper in -t patch openSUSE-Leap-16.0-1165=1

Package List:

- openSUSE Leap 16.0:

podman-5.4.2-160000.5.1
podman-docker-5.4.2-160000.5.1
podman-remote-5.4.2-160000.5.1
podmansh-5.4.2-160000.5.1

References:

* https://www.suse.com/security/cve/CVE-2025-22869.html
* https://www.suse.com/security/cve/CVE-2025-47913.html
* https://www.suse.com/security/cve/CVE-2025-47914.html
* https://www.suse.com/security/cve/CVE-2025-52881.html
* https://www.suse.com/security/cve/CVE-2025-6032.html
* https://www.suse.com/security/cve/CVE-2025-9566.html
* https://www.suse.com/security/cve/CVE-2026-34986.html
* https://www.suse.com/security/cve/CVE-2026-39827.html
* https://www.suse.com/security/cve/CVE-2026-39828.html
* https://www.suse.com/security/cve/CVE-2026-39829.html
* https://www.suse.com/security/cve/CVE-2026-39830.html
* https://www.suse.com/security/cve/CVE-2026-39831.html
* https://www.suse.com/security/cve/CVE-2026-39832.html
* https://www.suse.com/security/cve/CVE-2026-39833.html
* https://www.suse.com/security/cve/CVE-2026-39834.html
* https://www.suse.com/security/cve/CVE-2026-39835.html
* https://www.suse.com/security/cve/CVE-2026-42508.html
* https://www.suse.com/security/cve/CVE-2026-46595.html
* https://www.suse.com/security/cve/CVE-2026-46597.html
* https://www.suse.com/security/cve/CVE-2026-46598.html



openSUSE-SU-2026:21240-1: important: Security update for gstreamer-plugins-good


openSUSE security update: security update for gstreamer-plugins-good
-------------------------------------------------------------

Announcement ID: openSUSE-SU-2026:21240-1
Rating: important
References:

* bsc#1268449

Cross-References:

* CVE-2026-53705

CVSS scores:

* CVE-2026-53705 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H

Affected Products:

openSUSE Leap 16.0

-------------------------------------------------------------

An update that solves one vulnerability and has one bug fix can now be installed.

Description:

This update for gstreamer-plugins-good fixes the following issues:

- CVE-2026-53705: wavpackdec: Avoid integer overflow when calculating output buffer size and related fixes (bsc#1268449).

Patch instructions:

To install this openSUSE security update use the suse recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

- openSUSE Leap 16.0

zypper in -t patch openSUSE-Leap-16.0-1161=1

Package List:

- openSUSE Leap 16.0:

gstreamer-plugins-good-1.26.7-160000.2.1
gstreamer-plugins-good-extra-1.26.7-160000.2.1
gstreamer-plugins-good-gtk-1.26.7-160000.2.1
gstreamer-plugins-good-jack-1.26.7-160000.2.1
gstreamer-plugins-good-lang-1.26.7-160000.2.1
gstreamer-plugins-good-qtqml6-1.26.7-160000.2.1

References:

* https://www.suse.com/security/cve/CVE-2026-53705.html



openSUSE-SU-2026:21239-1: important: Security update for python-msgpack


openSUSE security update: security update for python-msgpack
-------------------------------------------------------------

Announcement ID: openSUSE-SU-2026:21239-1
Rating: important
References:

* bsc#1269947

Cross-References:

* CVE-2026-57585

CVSS scores:

* CVE-2026-57585 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

openSUSE Leap 16.0

-------------------------------------------------------------

An update that solves one vulnerability and has one bug fix can now be installed.

Description:

This update for python-msgpack fixes the following issue

- CVE-2026-57585: reusing an Unpacker instance after an error has been caught can lead to an out-of-bounds read
(bsc#1269947).

Patch instructions:

To install this openSUSE security update use the suse recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

- openSUSE Leap 16.0

zypper in -t patch openSUSE-Leap-16.0-1160=1

Package List:

- openSUSE Leap 16.0:

python313-msgpack-1.1.0-160000.3.1

References:

* https://www.suse.com/security/cve/CVE-2026-57585.html



openSUSE-SU-2026:21238-1: important: Security update for krb5


openSUSE security update: security update for krb5
-------------------------------------------------------------

Announcement ID: openSUSE-SU-2026:21238-1
Rating: important
References:

* bsc#1268131

Cross-References:

* CVE-2026-11850

CVSS scores:

* CVE-2026-11850 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:H

Affected Products:

openSUSE Leap 16.0

-------------------------------------------------------------

An update that solves one vulnerability and has one bug fix can now be installed.

Description:

This update for krb5 fixes the following issue

- CVE-2026-11850: integer underflow in berval2tl_data() leads to heap out-of-bounds read (bsc#1268131).

Patch instructions:

To install this openSUSE security update use the suse recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

- openSUSE Leap 16.0

zypper in -t patch openSUSE-Leap-16.0-1159=1

Package List:

- openSUSE Leap 16.0:

krb5-1.21.3-160000.4.1
krb5-client-1.21.3-160000.4.1
krb5-devel-1.21.3-160000.4.1
krb5-plugin-kdb-ldap-1.21.3-160000.4.1
krb5-plugin-preauth-otp-1.21.3-160000.4.1
krb5-plugin-preauth-pkinit-1.21.3-160000.4.1
krb5-plugin-preauth-spake-1.21.3-160000.4.1
krb5-server-1.21.3-160000.4.1

References:

* https://www.suse.com/security/cve/CVE-2026-11850.html



openSUSE-SU-2026:21235-1: important: Security update for apache2


openSUSE security update: security update for apache2
-------------------------------------------------------------

Announcement ID: openSUSE-SU-2026:21235-1
Rating: important
References:

* bsc#1267503
* bsc#1267955
* bsc#1267956
* bsc#1267962
* bsc#1267963
* bsc#1267965
* bsc#1267969
* bsc#1267970
* bsc#1267971
* bsc#1267972
* bsc#1267976
* bsc#1267977
* bsc#1267978

Cross-References:

* CVE-2026-29167
* CVE-2026-29170
* CVE-2026-34355
* CVE-2026-34356
* CVE-2026-42535
* CVE-2026-42536
* CVE-2026-43951
* CVE-2026-44119
* CVE-2026-44185
* CVE-2026-44186
* CVE-2026-44631
* CVE-2026-48913
* CVE-2026-49975

CVSS scores:

* CVE-2026-29167 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2026-29170 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
* CVE-2026-34355 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2026-34356 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-34356 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-42535 ( SUSE ): 5.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H
* CVE-2026-42535 ( SUSE ): 7 CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2026-42536 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2026-42536 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2026-43951 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
* CVE-2026-43951 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2026-44119 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2026-44119 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2026-44185 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
* CVE-2026-44185 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2026-44186 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2026-44186 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-44631 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H
* CVE-2026-44631 ( SUSE ): 5.9 CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-48913 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-48913 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-49975 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-49975 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H

Affected Products:

openSUSE Leap 16.0

-------------------------------------------------------------

An update that solves 13 vulnerabilities and has 13 bug fixes can now be installed.

Description:

This update for apache2 fixes the following issues

- CVE-2026-29167: mod_ldap per-dir use-after-free (bsc#1267976).
- CVE-2026-29170: mod_proxy_ftp XSS (bsc#1267977).
- CVE-2026-34355: mod_proxy_html buffer overflow (bsc#1267978).
- CVE-2026-34356: malicious backend servers can lead to a heap-based buffer overflow (bsc#1267955).
- CVE-2026-42535: malicious path manipulation can lead to child process crashes (bsc#1267956).
- CVE-2026-42536: processing untrusted content can lead to a heap-based buffer overflow (bsc#1267962).
- CVE-2026-43951: out-of-bound read in `merge_response_headers` can cause crash (bsc#1267963).
- CVE-2026-44119: improper privilege management can lead to an unauthorized read (bsc#1267965).
- CVE-2026-44185: Stack Buffer Over-Read in mod_ssl OCSP `send_request` (bsc#1267969).
- CVE-2026-44186: responses from an attacker-controlled FTP backend can lead to resource exhaustion and a denial of
service (bsc#1267970).
- CVE-2026-44631: crafted regular expression can lead to a buffer underwrite (bsc#1267971).
- CVE-2026-48913: file handle exhaustion during request processing in mod_http2 can lead to a use-after-free
(bsc#1267972).
- CVE-2026-49975: Fix cookie header accounting against LimitRequestFields (bsc#1267503).

Patch instructions:

To install this openSUSE security update use the suse recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

- openSUSE Leap 16.0

zypper in -t patch openSUSE-Leap-16.0-1149=1

Package List:

- openSUSE Leap 16.0:

apache2-2.4.66-160000.3.1
apache2-devel-2.4.66-160000.3.1
apache2-event-2.4.66-160000.3.1
apache2-manual-2.4.66-160000.3.1
apache2-prefork-2.4.66-160000.3.1
apache2-utils-2.4.66-160000.3.1
apache2-worker-2.4.66-160000.3.1

References:

* https://www.suse.com/security/cve/CVE-2026-29167.html
* https://www.suse.com/security/cve/CVE-2026-29170.html
* https://www.suse.com/security/cve/CVE-2026-34355.html
* https://www.suse.com/security/cve/CVE-2026-34356.html
* https://www.suse.com/security/cve/CVE-2026-42535.html
* https://www.suse.com/security/cve/CVE-2026-42536.html
* https://www.suse.com/security/cve/CVE-2026-43951.html
* https://www.suse.com/security/cve/CVE-2026-44119.html
* https://www.suse.com/security/cve/CVE-2026-44185.html
* https://www.suse.com/security/cve/CVE-2026-44186.html
* https://www.suse.com/security/cve/CVE-2026-44631.html
* https://www.suse.com/security/cve/CVE-2026-48913.html
* https://www.suse.com/security/cve/CVE-2026-49975.html



openSUSE-SU-2026:0232-1: important: Security update for go-sendxmpp


openSUSE Security Update: Security update for go-sendxmpp
_______________________________

Announcement ID: openSUSE-SU-2026:0232-1
Rating: important
References: #1265538 #1266617
Cross-References: CVE-2026-1229 CVE-2026-39821
CVSS scores:
CVE-2026-1229 (SUSE): 8.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N
CVE-2026-39821 (SUSE): 9.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Affected Products:
openSUSE Backports SLE-15-SP7
_______________________________

An update that fixes two vulnerabilities is now available.

Description:

This update for go-sendxmpp fixes the following issues:

Update to 0.16.0:

- CVE-2026-1229: circl: The CombinedMult function produces an incorrect
value (boo#1265538).
- CVE-2026-39821: net: Failure to reject ASCII-only Punycode-encoded
labels allows for validation bypass and privilege escalation
(boo#1266617).

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP7:

zypper in -t patch openSUSE-2026-232=1

Package List:

- openSUSE Backports SLE-15-SP7 (aarch64 i586 ppc64le s390x x86_64):

go-sendxmpp-0.16.0-bp157.2.9.1

References:

https://www.suse.com/security/cve/CVE-2026-1229.html
https://www.suse.com/security/cve/CVE-2026-39821.html
https://bugzilla.suse.com/1265538
https://bugzilla.suse.com/1266617



openSUSE-SU-2026:0231-1: important: Security update for radare2


openSUSE Security Update: Security update for radare2
_______________________________

Announcement ID: openSUSE-SU-2026:0231-1
Rating: important
References: #1244121 #1262142 #1265403
Cross-References: CVE-2025-1378 CVE-2025-1744 CVE-2025-1864
CVE-2025-5641 CVE-2026-40499 CVE-2026-8695

CVSS scores:
CVE-2025-1378 (SUSE): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
CVE-2025-1744 (SUSE): 10 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CVE-2025-5641 (SUSE): 2 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Affected Products:
openSUSE Backports SLE-15-SP7
_______________________________

An update that fixes 6 vulnerabilities is now available.

Description:

This update for radare2 fixes the following issues:

- switch to python311 for sle15 build

- CVE-2026-8695: Fix use-after-free in gdbr_threads_list() (boo#1265403)

- Update to version 6.1.4 (boo#1262142, CVE-2026-40499):
* Analysis: improve autoname scoring, jmptbl detection, and performance
* Add callargs modifier, rnum expressions, and typed function context
* Refactor autoname into plugin; extend RAnalPlugin hooks
* Fix leaks, overflows, and command injection in analysis scripts
* Improve string detection, wide strings, and switch/case analysis
* Arch: fix v850/nds32 ESIL, optimize to O(1), improve pseudo support
* Cache capstone options and improve multi-arch disassembly
* ASM: add camel syntax support, unify via RArch API
* Bin: major parser fixes (ELF, Mach-O, PE, DEX, PDB, WAD, XCOFF)
* Fix leaks, OOB reads/writes, overflows, and improve bounds checks
* Improve Swift demangling, ARM hints, relocations, and imports
* Add nds32 reloc support and optimize kernelcache parsing
* Build: install to lib64, fix illumos and packaging issues
* CI: add GitHub Actions and FilC builds
* Console: fix multiple overflows, OOB issues, and improve performance
* Core: API renames, plugin load order, sandbox/config fixes
* Crash: extensive fixes (UAF, OOB, overflows, injections, fuzz bugs)
* Harden ELF, PDB, kernelcache, regex, disassemblers, and webserver
* Debug: improve ptrace, winkd support, breakpoints, checkpoints
* Disasm: cache flag lookups for performance
* FS/IO: fix leaks, bounds, sparse IO, and device handling
* HTTP/socket: webserver fixes and SSL fallback handling
* Print/projects: improve formatting, endian handling, project metadata
* Pseudo: add while/switch support and cleaner control flow
* Search/shell: improve commands, parsing, and usability
* Security: fix widespread command injection and sandbox escapes
* Tests/tools: improve r2r, CLI tools, fuzzing, and plugin support
* Types/util: parsing improvements, JSON/base64 updates, optimizations
* Visual: fix UAF/leaks, improve panels and UX
* Full changelog is available at:
https://github.com/radareorg/radare2/releases/tag/6.1.4

- Update to version 6.1.2:
* Analysis: preserve timeouts, improve bb/jmptbl validation and limits
* Optimize string detection and hot-path functions
* Add APIs for function signatures, vars limits, and instruction hints
* Fix overlapped functions, invalid code checks, and large bb handling
* API: remove deprecated librmagic/filetype APIs and name filter
* Arch: fix Thumb/endianness issues, add Python pseudo plugin
* ASM: unify settings via RArch, fix directives, add bf pseudo plugin
* Bin: improve ELF/Mach-O stripped detection and parsing safety
* Harden Mach-O bounds, optimize kernelcache and XNU parsing
* Fix many leaks (DEX, demangler, parsers) and infinite loops
* Improve DWARF handling and symbol/type extraction
* Build: improve meson, toolchains, and add ISO/docker support
* Console: preserve timeout, fix themes and UTF-8 handling
* Core: fix config bugs, improve startup and addressing support
* Crash: fix UAF, OOB, race conditions, regex bugs, and overflows
* Add safety checks across dotnet, Mach-O, DWARF, and webserver
* Debug/ESIL: safer execution and divide-by-zero handling
* FS/IO: fix HFS+, dyldcache speedups, safer zip handling
* Graph: add bb size limit option
* Print: merge commands, improve UTF-8 and formatting
* Projects/tools: new configs, plugin support, CLI improvements
* Search: faster analysis search and block buffering
* Shell: improve grep/macros and file operations
* Types: lazy-load, cache, and improve parsing (varargs, structs)
* Tests: expand fuzzing and test suites
* General cleanup, performance tuning, and safety improvements
* Full changelog is available at:
https://github.com/radareorg/radare2/releases/tag/6.1.4

- Update to version 6.1.0:
* Reimplement RBufRef using RRef; fix RLibDelHandler API
* Remove stale JAY code; improve analysis performance and CI speed
* Optimize type propagation, jump tables, and plugin integration
* Fix infinite loops, antidisasm tricks, and function autonaming
* Add new analysis options and trace import plugin (DRCOV)
* Improve RCore seek operations and naming APIs
* API: add RNum.getErr, enforce safe alloc macros, new helpers
* Arch: update ARC disasm, refactor sessions, remove unsafe string ops
* ASM: improve x86 validation, add CIL and ARC pseudo plugins
* Bin: major fixes for PE, ELF, Java, MDMP, LE, DEX; reduce memory use
* Add/import DWARF types, improve relocations and symbol handling
* Extensive memory leak fixes and parser hardening across formats
* Improve string handling, caching, and zero-copy optimizations
* Build: improve meson, remove zip deps, add 3rd-party plugin support
* Console: fix UTF-8 graphs and color propagation
* Core: improve plugin handling and background task stability
* Crash: fix multiple UAF, OOB, overflows, and injection issues
* Sanitize inputs (function names, demangler, callconv)
* Debug: add source breakpoints, ARM64/XNU support, FPU regs
* Disasm: improve string handling, comments, and color logic
* ESIL: extend x86 FPU emulation
* FS/IO: fixes and plugin reorganizations
* HTTP: fix sandbox webserver issues
* Hash/tools: minor fixes and output improvements
* General cleanup, safety checks, and performance optimizations
* Full changelog is available at:
https://github.com/radareorg/radare2/releases/tag/6.1.0

- Update to version 6.0.8:
* Migrate r_vector to RVec across core components
* Refactor and optimize type propagation (now plugin-based)
* Remove redundant anal.a2f and related duplication
* Improve caching, memoization, and performance in analysis
* Fix file corruption, null asserts, and command issues
* Enhance x86 (AT&T syntax, enter instruction) and z80 support
* Add initial .NET (CIL) disasm/asm support
* Improve Java, ELF, Mach-O, APK, and PDB handling
* Fix demangling, symbols, and relocation issues
* Resolve multiple memory leaks and parser bugs
* Fix UAF, OOB, overflows, and command injection vulnerabilities
* Improve GDB debugging and breakpoint handling
* Enhance disassembly visuals and color options
* Update ESIL operators and behavior
* Add support for APFS, GPT, BSD, APM partitions
* Improve IO handling and add new plugins
* Optimize performance (strbuf, memory usage)
* Improve console UI, themes, and terminal handling
* Refine SDK builds and CI pipelines
* Improve CLI tools (rabin2, rasm2, rafs2)
* Add JSON support and better help/version info
* Expand type parsing (typedef, enum, union)
* Improve socket/HTTP handling and downloads
* Add and refine tests and reporting
* General cleanup, safety checks, and code modernization
* Full changelog is available at:
https://github.com/radareorg/radare2/releases/tag/6.0.8
- Expand %{bindir}/*

- Rename sdb.1 man page to r2sdb.1 to avoid conflict with snobol4

- Fix patch pkgconfig.patch to be -p1-able
- Update to version 6.0.7:
* shell: Fix parsing r2 -H$(VARNAME) without a space
- Update to version 6.0.6:
* Full changelog is available at:
https://github.com/radareorg/radare2/releases/tag/6.0.6
- Update to version 6.0.4:
* Full changelog is available at:
https://github.com/radareorg/radare2/releases/tag/6.0.4
- Update to version 6.0.2:
* Full changelog is available at:
https://github.com/radareorg/radare2/releases/tag/6.0.2

- Add missing sub directories for r_util.h and r_muta.h
otherwise it might fails in calling r2pm -ci

- Correct library package nameing scheme to make it build also on x86_64
on 15.6 and 15.7

- Update to version 6.0.0:
* ABI changes: ~ RCorePlugins now have a session ~ Finish the RKons
refactoring, all r_cons calls take instance instead of global ~ Rename
RCrypto to RMuta ~ Use RCons instance from RLine ~ Rename
RIOPlugin.widget to RIOPlugin.data ~ Refactor the RRegAlias api ~
Camelcase all the RCoreBind methods
* Breaking API changes: ~ Boolify r_cons_rgb_parse ~ Add
RLogLevel.fromString() and use it from -e log.level=? ~ Deprecate
r_bin_addr2line ~ Rename RBinDbgItem into RBinAddrline ~ RNumCalc is
now known as RNumMath ~ Move RFlagItem.alias into the Meta ~ Rename
core->offset into core->addr (asm.offset and more!) ~ Rename
RFlagItem.offset -> addr
* API changes: ~ Boolify r_cons_rgb_parse ~ Add RLogLevel.fromString()
and use it from -e log.level=? ~ Deprecate r_bin_addr2line ~ Rename
RBinDbgItem into RBinAddrline ~ RNumCalc is now known as RNumMath ~
Move RFlagItem.alias into the Meta ~ Rename core->offset into
core->addr (asm.offset and more!) ~ Rename RFlagItem.offset -> addr ~
Deprecate RLang.list() ~ Unified function to jsonify the plugin meta +
more fields ~ Redesign the REvent API
* Full changelog is available at:
https://github.com/radareorg/radare2/releases/tag/6.0.0

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP7:

zypper in -t patch openSUSE-2026-231=1

Package List:

- openSUSE Backports SLE-15-SP7 (aarch64 ppc64le s390x x86_64):

libsdb2_4_2-6.1.4-bp157.5.3.5
radare2-6.1.4-bp157.5.3.5
radare2-devel-6.1.4-bp157.5.3.5

- openSUSE Backports SLE-15-SP7 (noarch):

radare2-zsh-completion-6.1.4-bp157.5.3.5

References:

https://www.suse.com/security/cve/CVE-2025-1378.html
https://www.suse.com/security/cve/CVE-2025-1744.html
https://www.suse.com/security/cve/CVE-2025-1864.html
https://www.suse.com/security/cve/CVE-2025-5641.html
https://www.suse.com/security/cve/CVE-2026-40499.html
https://www.suse.com/security/cve/CVE-2026-8695.html
https://bugzilla.suse.com/1244121
https://bugzilla.suse.com/1262142
https://bugzilla.suse.com/1265403



SUSE-SU-2026:2785-1: moderate: Security update for systemd, systemd-mini


# Security update for systemd, systemd-mini

Announcement ID: SUSE-SU-2026:2785-1
Release Date: 2026-07-08T06:48:14Z
Rating: moderate
References:

* bsc#1261400
* bsc#1261982
* bsc#1261983
* bsc#1267647

Cross-References:

* CVE-2026-40226

CVSS scores:

* CVE-2026-40226 ( SUSE ): 7.1
CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-40226 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-40226 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* openSUSE Leap 15.3
* SUSE Linux Enterprise Micro 5.2
* SUSE Linux Enterprise Micro for Rancher 5.2

An update that solves one vulnerability and has three security fixes can now be
installed.

## Description:

This update for systemd, systemd-mini fixes the following issue

Security issues fixed:

* CVE-2026-40226: nspawn: escape-to-host via malformed optional config file
(bsc#1261400).

Other updates and bugfixes:

* Import commit eba1930de8 (bsc#1267647).
* Import commit 5d46cdd987 (bsc#1261982 bsc#1261983).
* Import commit ac1173932c (bsc#1261982).
* Import commit c7f3e89374 (bsc#1261983).

## Special Instructions and Notes:

* Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Linux Enterprise Micro 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2026-2785=1

* SUSE Linux Enterprise Micro for Rancher 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2026-2785=1

* openSUSE Leap 15.3
zypper in -t patch SUSE-2026-2785=1

## Package List:

* openSUSE Leap 15.3 (aarch64 i586 ppc64le s390x x86_64)
* systemd-sysvinit-246.16-150300.7.74.1
* systemd-mini-246.16-150300.7.74.1
* udev-mini-246.16-150300.7.74.1
* systemd-portable-246.16-150300.7.74.1
* systemd-mini-devel-246.16-150300.7.74.1
* systemd-coredump-debuginfo-246.16-150300.7.74.1
* systemd-container-246.16-150300.7.74.1
* nss-mymachines-debuginfo-246.16-150300.7.74.1
* udev-mini-debuginfo-246.16-150300.7.74.1
* udev-debuginfo-246.16-150300.7.74.1
* systemd-network-debuginfo-246.16-150300.7.74.1
* systemd-mini-debuginfo-246.16-150300.7.74.1
* nss-systemd-debuginfo-246.16-150300.7.74.1
* libudev1-debuginfo-246.16-150300.7.74.1
* systemd-coredump-246.16-150300.7.74.1
* libsystemd0-mini-246.16-150300.7.74.1
* systemd-devel-246.16-150300.7.74.1
* nss-resolve-246.16-150300.7.74.1
* libudev-devel-246.16-150300.7.74.1
* libsystemd0-mini-debuginfo-246.16-150300.7.74.1
* nss-myhostname-246.16-150300.7.74.1
* systemd-246.16-150300.7.74.1
* libsystemd0-debuginfo-246.16-150300.7.74.1
* systemd-mini-sysvinit-246.16-150300.7.74.1
* systemd-doc-246.16-150300.7.74.1
* systemd-mini-container-246.16-150300.7.74.1
* udev-246.16-150300.7.74.1
* nss-systemd-246.16-150300.7.74.1
* libudev-mini1-246.16-150300.7.74.1
* systemd-network-246.16-150300.7.74.1
* nss-resolve-debuginfo-246.16-150300.7.74.1
* systemd-debuginfo-246.16-150300.7.74.1
* nss-mymachines-246.16-150300.7.74.1
* systemd-journal-remote-246.16-150300.7.74.1
* nss-myhostname-debuginfo-246.16-150300.7.74.1
* libudev-mini-devel-246.16-150300.7.74.1
* systemd-debugsource-246.16-150300.7.74.1
* systemd-mini-container-debuginfo-246.16-150300.7.74.1
* systemd-logger-246.16-150300.7.74.1
* libudev-mini1-debuginfo-246.16-150300.7.74.1
* libsystemd0-246.16-150300.7.74.1
* systemd-journal-remote-debuginfo-246.16-150300.7.74.1
* libudev1-246.16-150300.7.74.1
* systemd-container-debuginfo-246.16-150300.7.74.1
* systemd-mini-debugsource-246.16-150300.7.74.1
* systemd-portable-debuginfo-246.16-150300.7.74.1
* openSUSE Leap 15.3 (aarch64_ilp32)
* libsystemd0-64bit-debuginfo-246.16-150300.7.74.1
* libsystemd0-64bit-246.16-150300.7.74.1
* libudev-devel-64bit-246.16-150300.7.74.1
* nss-mymachines-64bit-246.16-150300.7.74.1
* nss-myhostname-64bit-246.16-150300.7.74.1
* nss-mymachines-64bit-debuginfo-246.16-150300.7.74.1
* systemd-64bit-246.16-150300.7.74.1
* nss-myhostname-64bit-debuginfo-246.16-150300.7.74.1
* libudev1-64bit-debuginfo-246.16-150300.7.74.1
* libudev1-64bit-246.16-150300.7.74.1
* systemd-64bit-debuginfo-246.16-150300.7.74.1
* openSUSE Leap 15.3 (x86_64)
* libsystemd0-32bit-246.16-150300.7.74.1
* libudev1-32bit-246.16-150300.7.74.1
* libudev-devel-32bit-246.16-150300.7.74.1
* nss-mymachines-32bit-246.16-150300.7.74.1
* nss-myhostname-32bit-246.16-150300.7.74.1
* systemd-32bit-debuginfo-246.16-150300.7.74.1
* libsystemd0-32bit-debuginfo-246.16-150300.7.74.1
* nss-mymachines-32bit-debuginfo-246.16-150300.7.74.1
* systemd-32bit-246.16-150300.7.74.1
* nss-myhostname-32bit-debuginfo-246.16-150300.7.74.1
* libudev1-32bit-debuginfo-246.16-150300.7.74.1
* openSUSE Leap 15.3 (noarch)
* systemd-lang-246.16-150300.7.74.1
* SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
* systemd-sysvinit-246.16-150300.7.74.1
* systemd-debugsource-246.16-150300.7.74.1
* systemd-246.16-150300.7.74.1
* libsystemd0-debuginfo-246.16-150300.7.74.1
* libsystemd0-246.16-150300.7.74.1
* udev-246.16-150300.7.74.1
* systemd-container-246.16-150300.7.74.1
* systemd-journal-remote-debuginfo-246.16-150300.7.74.1
* libudev1-246.16-150300.7.74.1
* udev-debuginfo-246.16-150300.7.74.1
* systemd-container-debuginfo-246.16-150300.7.74.1
* systemd-debuginfo-246.16-150300.7.74.1
* libudev1-debuginfo-246.16-150300.7.74.1
* systemd-journal-remote-246.16-150300.7.74.1
* SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
* systemd-sysvinit-246.16-150300.7.74.1
* systemd-debugsource-246.16-150300.7.74.1
* systemd-246.16-150300.7.74.1
* libsystemd0-debuginfo-246.16-150300.7.74.1
* libsystemd0-246.16-150300.7.74.1
* udev-246.16-150300.7.74.1
* systemd-container-246.16-150300.7.74.1
* systemd-journal-remote-debuginfo-246.16-150300.7.74.1
* libudev1-246.16-150300.7.74.1
* udev-debuginfo-246.16-150300.7.74.1
* systemd-container-debuginfo-246.16-150300.7.74.1
* systemd-debuginfo-246.16-150300.7.74.1
* libudev1-debuginfo-246.16-150300.7.74.1
* systemd-journal-remote-246.16-150300.7.74.1

## References:

* https://www.suse.com/security/cve/CVE-2026-40226.html
* https://bugzilla.suse.com/show_bug.cgi?id=1261400
* https://bugzilla.suse.com/show_bug.cgi?id=1261982
* https://bugzilla.suse.com/show_bug.cgi?id=1261983
* https://bugzilla.suse.com/show_bug.cgi?id=1267647



SUSE-SU-2026:2789-1: important: Security update for xorg-x11-server


# Security update for xorg-x11-server

Announcement ID: SUSE-SU-2026:2789-1
Release Date: 2026-07-08T07:29:10Z
Rating: important
References:

* bsc#1268893
* bsc#1268894

Cross-References:

* CVE-2026-55999
* CVE-2026-56000

CVSS scores:

* CVE-2026-55999 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-55999 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-55999 ( NVD ): 8.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
* CVE-2026-56000 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-56000 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-56000 ( NVD ): 9.0
CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Affected Products:

* openSUSE Leap 15.4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP4

An update that solves two vulnerabilities can now be installed.

## Description:

This update for xorg-x11-server fixes the following issues

* CVE-2026-55999: missing bounds check in `glamor_font_get` can lead to a heap
buffer overflow when a font loaded from a malicious PCF file is processed
(bsc#1268893).
* CVE-2026-56000: improper memory management in `CommonMakeCurrent` can lead
to a heap use-after-free when an interaction with a malicious client
creating GLX contexts happens (bsc#1268894).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2789=1

* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2789=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2789=1

* openSUSE Leap 15.4
zypper in -t patch SUSE-2026-2789=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2789=1

## Package List:

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* xorg-x11-server-extra-debuginfo-1.20.3-150400.38.74.1
* xorg-x11-server-1.20.3-150400.38.74.1
* xorg-x11-server-sdk-1.20.3-150400.38.74.1
* xorg-x11-server-debuginfo-1.20.3-150400.38.74.1
* xorg-x11-server-extra-1.20.3-150400.38.74.1
* xorg-x11-server-debugsource-1.20.3-150400.38.74.1
* openSUSE Leap 15.4 (aarch64 i586 ppc64le s390x x86_64)
* xorg-x11-server-source-1.20.3-150400.38.74.1
* xorg-x11-server-extra-debuginfo-1.20.3-150400.38.74.1
* xorg-x11-server-1.20.3-150400.38.74.1
* xorg-x11-server-sdk-1.20.3-150400.38.74.1
* xorg-x11-server-debuginfo-1.20.3-150400.38.74.1
* xorg-x11-server-extra-1.20.3-150400.38.74.1
* xorg-x11-server-debugsource-1.20.3-150400.38.74.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* xorg-x11-server-extra-debuginfo-1.20.3-150400.38.74.1
* xorg-x11-server-1.20.3-150400.38.74.1
* xorg-x11-server-sdk-1.20.3-150400.38.74.1
* xorg-x11-server-debuginfo-1.20.3-150400.38.74.1
* xorg-x11-server-extra-1.20.3-150400.38.74.1
* xorg-x11-server-debugsource-1.20.3-150400.38.74.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* xorg-x11-server-extra-debuginfo-1.20.3-150400.38.74.1
* xorg-x11-server-1.20.3-150400.38.74.1
* xorg-x11-server-sdk-1.20.3-150400.38.74.1
* xorg-x11-server-debuginfo-1.20.3-150400.38.74.1
* xorg-x11-server-extra-1.20.3-150400.38.74.1
* xorg-x11-server-debugsource-1.20.3-150400.38.74.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* xorg-x11-server-extra-debuginfo-1.20.3-150400.38.74.1
* xorg-x11-server-1.20.3-150400.38.74.1
* xorg-x11-server-sdk-1.20.3-150400.38.74.1
* xorg-x11-server-debuginfo-1.20.3-150400.38.74.1
* xorg-x11-server-extra-1.20.3-150400.38.74.1
* xorg-x11-server-debugsource-1.20.3-150400.38.74.1

## References:

* https://www.suse.com/security/cve/CVE-2026-55999.html
* https://www.suse.com/security/cve/CVE-2026-56000.html
* https://bugzilla.suse.com/show_bug.cgi?id=1268893
* https://bugzilla.suse.com/show_bug.cgi?id=1268894



SUSE-SU-2026:2791-1: important: Security update for xorg-x11-server


# Security update for xorg-x11-server

Announcement ID: SUSE-SU-2026:2791-1
Release Date: 2026-07-08T07:33:14Z
Rating: important
References:

* bsc#1268893
* bsc#1268894

Cross-References:

* CVE-2026-55999
* CVE-2026-56000

CVSS scores:

* CVE-2026-55999 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-55999 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-55999 ( NVD ): 8.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
* CVE-2026-56000 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-56000 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-56000 ( NVD ): 9.0
CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Affected Products:

* openSUSE Leap 15.5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves two vulnerabilities can now be installed.

## Description:

This update for xorg-x11-server fixes the following issues

* CVE-2026-55999: missing bounds check in `glamor_font_get` can lead to a heap
buffer overflow when a font loaded from a malicious PCF file is processed
(bsc#1268893).
* CVE-2026-56000: improper memory management in `CommonMakeCurrent` can lead
to a heap use-after-free when an interaction with a malicious client
creating GLX contexts happens (bsc#1268894).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2791=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2791=1

* openSUSE Leap 15.5
zypper in -t patch SUSE-2026-2791=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2791=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2791=1

## Package List:

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
x86_64)
* xorg-x11-server-Xvfb-debuginfo-21.1.4-150500.7.52.1
* xorg-x11-server-Xvfb-21.1.4-150500.7.52.1
* xorg-x11-server-debuginfo-21.1.4-150500.7.52.1
* xorg-x11-server-sdk-21.1.4-150500.7.52.1
* xorg-x11-server-debugsource-21.1.4-150500.7.52.1
* xorg-x11-server-extra-21.1.4-150500.7.52.1
* xorg-x11-server-extra-debuginfo-21.1.4-150500.7.52.1
* xorg-x11-server-21.1.4-150500.7.52.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* xorg-x11-server-Xvfb-debuginfo-21.1.4-150500.7.52.1
* xorg-x11-server-Xvfb-21.1.4-150500.7.52.1
* xorg-x11-server-debuginfo-21.1.4-150500.7.52.1
* xorg-x11-server-debugsource-21.1.4-150500.7.52.1
* xorg-x11-server-sdk-21.1.4-150500.7.52.1
* xorg-x11-server-extra-21.1.4-150500.7.52.1
* xorg-x11-server-extra-debuginfo-21.1.4-150500.7.52.1
* xorg-x11-server-21.1.4-150500.7.52.1
* openSUSE Leap 15.5 (aarch64 i586 ppc64le s390x x86_64)
* xorg-x11-server-Xvfb-debuginfo-21.1.4-150500.7.52.1
* xorg-x11-server-Xvfb-21.1.4-150500.7.52.1
* xorg-x11-server-debuginfo-21.1.4-150500.7.52.1
* xorg-x11-server-debugsource-21.1.4-150500.7.52.1
* xorg-x11-server-sdk-21.1.4-150500.7.52.1
* xorg-x11-server-source-21.1.4-150500.7.52.1
* xorg-x11-server-extra-21.1.4-150500.7.52.1
* xorg-x11-server-extra-debuginfo-21.1.4-150500.7.52.1
* xorg-x11-server-21.1.4-150500.7.52.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
x86_64)
* xorg-x11-server-Xvfb-debuginfo-21.1.4-150500.7.52.1
* xorg-x11-server-Xvfb-21.1.4-150500.7.52.1
* xorg-x11-server-debuginfo-21.1.4-150500.7.52.1
* xorg-x11-server-sdk-21.1.4-150500.7.52.1
* xorg-x11-server-debugsource-21.1.4-150500.7.52.1
* xorg-x11-server-extra-21.1.4-150500.7.52.1
* xorg-x11-server-extra-debuginfo-21.1.4-150500.7.52.1
* xorg-x11-server-21.1.4-150500.7.52.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* xorg-x11-server-Xvfb-debuginfo-21.1.4-150500.7.52.1
* xorg-x11-server-Xvfb-21.1.4-150500.7.52.1
* xorg-x11-server-debuginfo-21.1.4-150500.7.52.1
* xorg-x11-server-sdk-21.1.4-150500.7.52.1
* xorg-x11-server-debugsource-21.1.4-150500.7.52.1
* xorg-x11-server-extra-21.1.4-150500.7.52.1
* xorg-x11-server-extra-debuginfo-21.1.4-150500.7.52.1
* xorg-x11-server-21.1.4-150500.7.52.1

## References:

* https://www.suse.com/security/cve/CVE-2026-55999.html
* https://www.suse.com/security/cve/CVE-2026-56000.html
* https://bugzilla.suse.com/show_bug.cgi?id=1268893
* https://bugzilla.suse.com/show_bug.cgi?id=1268894



SUSE-SU-2026:2786-1: important: Security update for xorg-x11-server


# Security update for xorg-x11-server

Announcement ID: SUSE-SU-2026:2786-1
Release Date: 2026-07-08T07:16:51Z
Rating: important
References:

* bsc#1268893
* bsc#1268894

Cross-References:

* CVE-2026-55999
* CVE-2026-56000

CVSS scores:

* CVE-2026-55999 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-55999 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-55999 ( NVD ): 8.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
* CVE-2026-56000 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-56000 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-56000 ( NVD ): 9.0
CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Affected Products:

* openSUSE Leap 15.6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP6 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves two vulnerabilities can now be installed.

## Description:

This update for xorg-x11-server fixes the following issues

* CVE-2026-55999: missing bounds check in `glamor_font_get` can lead to a heap
buffer overflow when a font loaded from a malicious PCF file is processed
(bsc#1268893).
* CVE-2026-56000: improper memory management in `CommonMakeCurrent` can lead
to a heap use-after-free when an interaction with a malicious client
creating GLX contexts happens (bsc#1268894).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Linux Enterprise Server for SAP Applications 15 SP6
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2786=1

* openSUSE Leap 15.6
zypper in -t patch SUSE-2026-2786=1

* SUSE Linux Enterprise Server 15 SP6 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2786=1

## Package List:

* SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64)
* xorg-x11-server-sdk-21.1.11-150600.5.31.1
* xorg-x11-server-extra-debuginfo-21.1.11-150600.5.31.1
* xorg-x11-server-extra-21.1.11-150600.5.31.1
* xorg-x11-server-Xvfb-debuginfo-21.1.11-150600.5.31.1
* xorg-x11-server-debugsource-21.1.11-150600.5.31.1
* xorg-x11-server-debuginfo-21.1.11-150600.5.31.1
* xorg-x11-server-21.1.11-150600.5.31.1
* xorg-x11-server-Xvfb-21.1.11-150600.5.31.1
* openSUSE Leap 15.6 (aarch64 i586 ppc64le s390x x86_64)
* xorg-x11-server-sdk-21.1.11-150600.5.31.1
* xorg-x11-server-extra-debuginfo-21.1.11-150600.5.31.1
* xorg-x11-server-extra-21.1.11-150600.5.31.1
* xorg-x11-server-Xvfb-debuginfo-21.1.11-150600.5.31.1
* xorg-x11-server-debugsource-21.1.11-150600.5.31.1
* xorg-x11-server-debuginfo-21.1.11-150600.5.31.1
* xorg-x11-server-21.1.11-150600.5.31.1
* xorg-x11-server-source-21.1.11-150600.5.31.1
* xorg-x11-server-Xvfb-21.1.11-150600.5.31.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64)
* xorg-x11-server-sdk-21.1.11-150600.5.31.1
* xorg-x11-server-extra-debuginfo-21.1.11-150600.5.31.1
* xorg-x11-server-Xvfb-debuginfo-21.1.11-150600.5.31.1
* xorg-x11-server-extra-21.1.11-150600.5.31.1
* xorg-x11-server-debugsource-21.1.11-150600.5.31.1
* xorg-x11-server-debuginfo-21.1.11-150600.5.31.1
* xorg-x11-server-21.1.11-150600.5.31.1
* xorg-x11-server-Xvfb-21.1.11-150600.5.31.1

## References:

* https://www.suse.com/security/cve/CVE-2026-55999.html
* https://www.suse.com/security/cve/CVE-2026-56000.html
* https://bugzilla.suse.com/show_bug.cgi?id=1268893
* https://bugzilla.suse.com/show_bug.cgi?id=1268894



openSUSE-SU-2026:0233-1: critical: Security update for chromium


openSUSE Security Update: Security update for chromium
_______________________________

Announcement ID: openSUSE-SU-2026:0233-1
Rating: critical
References: #1269061 #1270051
Cross-References: CVE-2026-13774 CVE-2026-13775 CVE-2026-13776
CVE-2026-13777 CVE-2026-13778 CVE-2026-13779
CVE-2026-13780 CVE-2026-13781 CVE-2026-13782
CVE-2026-13783 CVE-2026-13784 CVE-2026-13785
CVE-2026-13786 CVE-2026-13787 CVE-2026-13788
CVE-2026-13790 CVE-2026-13791 CVE-2026-13792
CVE-2026-13793 CVE-2026-13794 CVE-2026-13795
CVE-2026-13796 CVE-2026-13797 CVE-2026-13798
CVE-2026-13799 CVE-2026-13800 CVE-2026-13801
CVE-2026-13802 CVE-2026-13803 CVE-2026-13804
CVE-2026-13805 CVE-2026-13806 CVE-2026-13807
CVE-2026-13808 CVE-2026-13809 CVE-2026-13810
CVE-2026-13811 CVE-2026-13812 CVE-2026-13813
CVE-2026-13814 CVE-2026-13815 CVE-2026-13816
CVE-2026-13817 CVE-2026-13818 CVE-2026-13819
CVE-2026-13820 CVE-2026-13821 CVE-2026-13822
CVE-2026-13823 CVE-2026-13824 CVE-2026-13825
CVE-2026-13826 CVE-2026-13827 CVE-2026-13828
CVE-2026-13829 CVE-2026-13830 CVE-2026-13831
CVE-2026-13832 CVE-2026-13833 CVE-2026-13834
CVE-2026-13835 CVE-2026-13836 CVE-2026-13837
CVE-2026-13838 CVE-2026-13839 CVE-2026-13840
CVE-2026-13841 CVE-2026-13842 CVE-2026-13843
CVE-2026-13844 CVE-2026-13845 CVE-2026-13846
CVE-2026-13847 CVE-2026-13848 CVE-2026-13849
CVE-2026-13850 CVE-2026-13851 CVE-2026-13852
CVE-2026-13853 CVE-2026-13854 CVE-2026-13855
CVE-2026-13856 CVE-2026-13857 CVE-2026-13858
CVE-2026-13859 CVE-2026-13860 CVE-2026-13861
CVE-2026-13862 CVE-2026-13863 CVE-2026-13864
CVE-2026-13865 CVE-2026-13866 CVE-2026-13867
CVE-2026-13868 CVE-2026-13869 CVE-2026-13870
CVE-2026-13871 CVE-2026-13872 CVE-2026-13873
CVE-2026-13874 CVE-2026-13875 CVE-2026-13876
CVE-2026-13877 CVE-2026-13878 CVE-2026-13879
CVE-2026-13880 CVE-2026-13881 CVE-2026-13882
CVE-2026-13883 CVE-2026-13884 CVE-2026-13885
CVE-2026-13886 CVE-2026-13887 CVE-2026-13888
CVE-2026-13889 CVE-2026-13890 CVE-2026-13891
CVE-2026-13892 CVE-2026-13893 CVE-2026-13894
CVE-2026-13895 CVE-2026-13896 CVE-2026-13897
CVE-2026-13898 CVE-2026-13899 CVE-2026-13900
CVE-2026-13901 CVE-2026-13902 CVE-2026-13903
CVE-2026-13904 CVE-2026-13905 CVE-2026-13906
CVE-2026-13907 CVE-2026-13908 CVE-2026-13909
CVE-2026-13910 CVE-2026-13911 CVE-2026-13912
CVE-2026-13913 CVE-2026-13914 CVE-2026-13915
CVE-2026-13916 CVE-2026-13917 CVE-2026-13918
CVE-2026-13919 CVE-2026-13920 CVE-2026-13921
CVE-2026-13922 CVE-2026-13923 CVE-2026-13924
CVE-2026-13925 CVE-2026-13926 CVE-2026-13927
CVE-2026-13928 CVE-2026-13929 CVE-2026-13930
CVE-2026-13931 CVE-2026-13932 CVE-2026-13933
CVE-2026-13934 CVE-2026-13935 CVE-2026-13936
CVE-2026-13937 CVE-2026-13938 CVE-2026-13939
CVE-2026-13940 CVE-2026-13941 CVE-2026-13942
CVE-2026-13943 CVE-2026-13944 CVE-2026-13945
CVE-2026-13946 CVE-2026-13947 CVE-2026-13948
CVE-2026-13949 CVE-2026-13950 CVE-2026-13951
CVE-2026-13952 CVE-2026-13953 CVE-2026-13954
CVE-2026-13955 CVE-2026-13956 CVE-2026-13957
CVE-2026-13958 CVE-2026-13959 CVE-2026-13960
CVE-2026-13961 CVE-2026-13962 CVE-2026-13963
CVE-2026-13964 CVE-2026-13965 CVE-2026-13966
CVE-2026-13967 CVE-2026-13968 CVE-2026-13969
CVE-2026-13970 CVE-2026-13971 CVE-2026-13972
CVE-2026-13973 CVE-2026-13974 CVE-2026-13975
CVE-2026-13976 CVE-2026-13977 CVE-2026-13978
CVE-2026-13979 CVE-2026-13980 CVE-2026-13981
CVE-2026-13982 CVE-2026-13983 CVE-2026-13984
CVE-2026-13985 CVE-2026-13986 CVE-2026-13987
CVE-2026-13988 CVE-2026-13989 CVE-2026-13990
CVE-2026-13991 CVE-2026-13992 CVE-2026-13993
CVE-2026-13994 CVE-2026-13995 CVE-2026-13996
CVE-2026-13997 CVE-2026-13998 CVE-2026-13999
CVE-2026-14000 CVE-2026-14001 CVE-2026-14002
CVE-2026-14003 CVE-2026-14004 CVE-2026-14005
CVE-2026-14006 CVE-2026-14007 CVE-2026-14008
CVE-2026-14009 CVE-2026-14010 CVE-2026-14011
CVE-2026-14012 CVE-2026-14013 CVE-2026-14014
CVE-2026-14015 CVE-2026-14016 CVE-2026-14017
CVE-2026-14018 CVE-2026-14019 CVE-2026-14020
CVE-2026-14021 CVE-2026-14022 CVE-2026-14023
CVE-2026-14024 CVE-2026-14025 CVE-2026-14026
CVE-2026-14027 CVE-2026-14028 CVE-2026-14030
CVE-2026-14031 CVE-2026-14032 CVE-2026-14033
CVE-2026-14034 CVE-2026-14035 CVE-2026-14036
CVE-2026-14037 CVE-2026-14038 CVE-2026-14039
CVE-2026-14040 CVE-2026-14041 CVE-2026-14042
CVE-2026-14043 CVE-2026-14044 CVE-2026-14045
CVE-2026-14046 CVE-2026-14047 CVE-2026-14048
CVE-2026-14049 CVE-2026-14050 CVE-2026-14051
CVE-2026-14052 CVE-2026-14053 CVE-2026-14054
CVE-2026-14055 CVE-2026-14056 CVE-2026-14057
CVE-2026-14058 CVE-2026-14059 CVE-2026-14060
CVE-2026-14061 CVE-2026-14062 CVE-2026-14063
CVE-2026-14064 CVE-2026-14065 CVE-2026-14066
CVE-2026-14067 CVE-2026-14068 CVE-2026-14069
CVE-2026-14070 CVE-2026-14071 CVE-2026-14072
CVE-2026-14073 CVE-2026-14074 CVE-2026-14075
CVE-2026-14076 CVE-2026-14077 CVE-2026-14078
CVE-2026-14079 CVE-2026-14080 CVE-2026-14081
CVE-2026-14082 CVE-2026-14083 CVE-2026-14084
CVE-2026-14085 CVE-2026-14086 CVE-2026-14087
CVE-2026-14088 CVE-2026-14089 CVE-2026-14090
CVE-2026-14091 CVE-2026-14092 CVE-2026-14093
CVE-2026-14094 CVE-2026-14095 CVE-2026-14096
CVE-2026-14097 CVE-2026-14098 CVE-2026-14099
CVE-2026-14100 CVE-2026-14101 CVE-2026-14102
CVE-2026-14103 CVE-2026-14104 CVE-2026-14105
CVE-2026-14106 CVE-2026-14107 CVE-2026-14108
CVE-2026-14109 CVE-2026-14110 CVE-2026-14111
CVE-2026-14112 CVE-2026-14113 CVE-2026-14114
CVE-2026-14115 CVE-2026-14116 CVE-2026-14117
CVE-2026-14118 CVE-2026-14119 CVE-2026-14120
CVE-2026-14121 CVE-2026-14122 CVE-2026-14123
CVE-2026-14124 CVE-2026-14125 CVE-2026-14126
CVE-2026-14127 CVE-2026-14128 CVE-2026-14129
CVE-2026-14130 CVE-2026-14131 CVE-2026-14132
CVE-2026-14133 CVE-2026-14134 CVE-2026-14135
CVE-2026-14136 CVE-2026-14137 CVE-2026-14138
CVE-2026-14139 CVE-2026-14140 CVE-2026-14141
CVE-2026-14142 CVE-2026-14143 CVE-2026-14144
CVE-2026-14145 CVE-2026-14146 CVE-2026-14147
CVE-2026-14148 CVE-2026-14149 CVE-2026-14150
CVE-2026-14151 CVE-2026-14152 CVE-2026-14153
CVE-2026-14154 CVE-2026-14155 CVE-2026-14156
CVE-2026-14381 CVE-2026-14382 CVE-2026-14383
CVE-2026-14384 CVE-2026-14385 CVE-2026-14386
CVE-2026-14387 CVE-2026-14388 CVE-2026-14389
CVE-2026-14390 CVE-2026-14391 CVE-2026-14392
CVE-2026-14393 CVE-2026-14394 CVE-2026-14395
CVE-2026-14396 CVE-2026-14397 CVE-2026-14398
CVE-2026-14399 CVE-2026-14400 CVE-2026-14401
CVE-2026-14402 CVE-2026-14403 CVE-2026-14404
CVE-2026-14405 CVE-2026-14406 CVE-2026-14407
CVE-2026-14408 CVE-2026-14409 CVE-2026-14410
CVE-2026-14411 CVE-2026-14412 CVE-2026-14413
CVE-2026-14414 CVE-2026-14415 CVE-2026-14416
CVE-2026-14417 CVE-2026-14418 CVE-2026-14419
CVE-2026-14420 CVE-2026-14421 CVE-2026-14422
CVE-2026-14423 CVE-2026-14424 CVE-2026-14425
CVE-2026-14426 CVE-2026-14427 CVE-2026-14428
CVE-2026-14429 CVE-2026-14430 CVE-2026-14431
CVE-2026-14432
Affected Products:
openSUSE Backports SLE-15-SP7
_______________________________

An update that fixes 433 vulnerabilities is now available.

Description:

This update for chromium fixes the following issues:

- promote Chromium 150 (150.0.7871.46) to stable (boo#1270051)
* CVE-2026-13774: Use after free in Extensions
* CVE-2026-13775: Use after free in GPU
* CVE-2026-14398: Use after free in ANGLE
* CVE-2026-13776: Type Confusion in Dawn
* CVE-2026-13777: Insufficient validation of untrusted input in iOSWeb
* CVE-2026-13778: Use after free in WebUSB
* CVE-2026-13779: Use after free in Chromoting
* CVE-2026-13780: Insufficient validation of untrusted input in ANGLE
* CVE-2026-13781: Insufficient validation of untrusted input in Skia
* CVE-2026-14417: Use after free in Dawn
* CVE-2026-13782: Use after free in Browser
* CVE-2026-13783: Use after free in Views
* CVE-2026-13784: Use after free in Views
* CVE-2026-14419: Use after free in Skia
* CVE-2026-13785: Use after free in Bluetooth
* CVE-2026-14420: Out of bounds read and write in Dawn
* CVE-2026-13786: Use after free in Ozone
* CVE-2026-14427: Heap buffer overflow in Skia
* CVE-2026-13787: Use after free in Chromoting
* CVE-2026-13788: Use after free in Fullscreen
* CVE-2026-14382: Insufficient validation of untrusted input in ANGLE
* CVE-2026-13790: Side-channel information leakage in Scroll
* CVE-2026-14385: Heap buffer overflow in ANGLE
* CVE-2026-13791: Insufficient validation of untrusted input in Downloads
* CVE-2026-13792: Use after free in Touchbar
* CVE-2026-13793: Insufficient policy enforcement in SVG
* CVE-2026-14392: Out of bounds write in Tint
* CVE-2026-13794: Insufficient validation of untrusted input in
WebAppInstalls
* CVE-2026-14422: Out of bounds read and write in Tint
* CVE-2026-13795: Insufficient policy enforcement in Chrome for iOS
* CVE-2026-14426: Use after free in V8
* CVE-2026-13796: Integer overflow in Chromecast
* CVE-2026-13797: Insufficient validation of untrusted input in
Chromecast
* CVE-2026-14386: Out of bounds read in ANGLE
* CVE-2026-13798: Heap buffer overflow in Chromecast
* CVE-2026-13799: Use after free in QUIC
* CVE-2026-13800: Inappropriate implementation in Updater
* CVE-2026-13801: Integer overflow in Chromecast
* CVE-2026-13802: Use after free in Views
* CVE-2026-13803: Type Confusion in Chrome Tabs
* CVE-2026-13804: Use after free in Chromecast
* CVE-2026-13805: Use after free in GFX
* CVE-2026-14390: Use after free in ANGLE
* CVE-2026-13806: Insufficient validation of untrusted input in
Accessibility
* CVE-2026-13807: Use after free in Import
* CVE-2026-13808: Insufficient data validation in Chrome for iOS
* CVE-2026-13809: Side-channel information leakage in Safe Browsing
* CVE-2026-13810: Inappropriate implementation in Input
* CVE-2026-13811: Use after free in IME
* CVE-2026-13812: Insufficient validation of untrusted input in Chrome
for iOS
* CVE-2026-13813: Insufficient validation of untrusted input in Chrome
for iOS
* CVE-2026-13814: Use after free in Views
* CVE-2026-13815: Use after free in Blink
* CVE-2026-13816: Insufficient validation of untrusted input in File
Input
* CVE-2026-14396: Out of bounds read in ANGLE
* CVE-2026-13817: Insufficient validation of untrusted input in Glic
* CVE-2026-13818: Inappropriate implementation in Passwords
* CVE-2026-13819: Out of bounds read in ANGLE
* CVE-2026-13820: Out of bounds read in Skia
* CVE-2026-14400: Out of bounds write in ANGLE
* CVE-2026-14401: Insufficient validation of untrusted input in ANGLE
* CVE-2026-14402: Uninitialized Use in ANGLE
* CVE-2026-13821: Use after free in Canvas
* CVE-2026-13822: Inappropriate implementation in Extensions
* CVE-2026-13823: Use after free in Glic
* CVE-2026-13824: Insufficient validation of untrusted input in
Extensions
* CVE-2026-13825: Uninitialized Use in Dawn
* CVE-2026-13826: Inappropriate implementation in Autofill
* CVE-2026-13827: Use after free in Updater
* CVE-2026-13828: Inappropriate implementation in Enterprise
* CVE-2026-13829: Insufficient validation of untrusted input in Settings
* CVE-2026-13830: Use after free in Chromoting
* CVE-2026-13831: Use after free in GPU
* CVE-2026-13832: Use after free in Headless
* CVE-2026-14411: Insufficient validation of untrusted input in ANGLE
* CVE-2026-13833: Uninitialized Use in ANGLE
* CVE-2026-14412: Insufficient validation of untrusted input in ANGLE
* CVE-2026-14413: Uninitialized Use in ANGLE
* CVE-2026-13834: Insufficient validation of untrusted input in ANGLE
* CVE-2026-13835: Inappropriate implementation in XML
* CVE-2026-13836: Inappropriate implementation in CSS
* CVE-2026-13837: Inappropriate implementation in CSS
* CVE-2026-13838: Inappropriate implementation in CSS
* CVE-2026-13839: Inappropriate implementation in CSS
* CVE-2026-13840: Insufficient policy enforcement in Canvas
* CVE-2026-13841: Integer overflow in Skia
* CVE-2026-13842: Incorrect security UI in Chrome for iOS
* CVE-2026-14418: Uninitialized Use in ANGLE
* CVE-2026-13843: Insufficient validation of untrusted input in Chrome
for iOS
* CVE-2026-13844: Use after free in Updater
* CVE-2026-13845: Use after free in DOM
* CVE-2026-13846: Use after free in USB
* CVE-2026-13847: Insufficient validation of untrusted input in Chrome
for iOS
* CVE-2026-13848: Use after free in Forms
* CVE-2026-13849: Insufficient validation of untrusted input in
Chromoting
* CVE-2026-14423: Type Confusion in Tint
* CVE-2026-13850: Insufficient validation of untrusted input in Chrome
for iOS
* CVE-2026-14424: Use after free in Dawn
* CVE-2026-14425: Use after free in ANGLE
* CVE-2026-13851: Insufficient validation of untrusted input in
WebAppInstalls
* CVE-2026-14428: Insufficient validation of untrusted input in Dawn
* CVE-2026-14429: Insufficient validation of untrusted input in Skia
* CVE-2026-14430: Integer overflow in V8
* CVE-2026-13852: Insufficient validation of untrusted input in
WebAppInstalls
* CVE-2026-13853: Use after free in Journeys
* CVE-2026-13854: Use after free in Ozone
* CVE-2026-14431: Type Confusion in V8
* CVE-2026-13855: Use after free in Ozone
* CVE-2026-13856: Insufficient validation of untrusted input in Speech
* CVE-2026-13857: Inappropriate implementation in Geometry
* CVE-2026-13858: Out of bounds read in FFmpeg
* CVE-2026-13859: Inappropriate implementation in ANGLE
* CVE-2026-14391: Integer overflow in ANGLE
* CVE-2026-13860: Incorrect security UI in Autofill
* CVE-2026-14408: Uninitialized Use in Dawn
* CVE-2026-14381: Incorrect security UI in WebAppInstalls
* CVE-2026-14383: Inappropriate implementation in V8
* CVE-2026-13861: Use after free in Core
* CVE-2026-13862: Insufficient policy enforcement in Web Authentication
(Passkeys & Security Keys)
* CVE-2026-13863: Insufficient validation of untrusted input in
CustomTabs
* CVE-2026-13864: Insufficient policy enforcement in WebHID
* CVE-2026-13865: Insufficient validation of untrusted input in
Enterprise
* CVE-2026-13866: Insufficient validation of untrusted input in Input
* CVE-2026-13867: Inappropriate implementation in Geolocation
* CVE-2026-13868: Inappropriate implementation in Network
* CVE-2026-14384: Out of bounds read in ANGLE
* CVE-2026-13869: Use after free in Device
* CVE-2026-13870: Use after free in WebView
* CVE-2026-13871: Insufficient data validation in GuestView
* CVE-2026-13872: Insufficient validation of untrusted input in
WebAppInstalls
* CVE-2026-13873: Out of bounds memory access in Layout
* CVE-2026-13874: Inappropriate implementation in DataTransfer
* CVE-2026-13875: Insufficient validation of untrusted input in GPU
* CVE-2026-13876: Inappropriate implementation in Network
* CVE-2026-13877: Insufficient validation of untrusted input in ANGLE
* CVE-2026-13878: Use after free in Bluetooth
* CVE-2026-13879: Use after free in Bluetooth
* CVE-2026-13880: Use after free in USB
* CVE-2026-13881: Insufficient data validation in WebAppInstalls
* CVE-2026-13882: Inappropriate implementation in USB
* CVE-2026-13883: Type Confusion in ANGLE
* CVE-2026-13884: Heap buffer overflow in Chromecast
* CVE-2026-14387: Integer overflow in Skia
* CVE-2026-13885: Use after free in Skia
* CVE-2026-13886: Policy bypass in Isolated Web Apps
* CVE-2026-14388: Out of bounds read in ANGLE
* CVE-2026-14389: Integer overflow in Skia
* CVE-2026-13887: Insufficient policy enforcement in NFC
* CVE-2026-13888: Use after free in Extensions
* CVE-2026-13889: Insufficient validation of untrusted input in
WebAuthentication
* CVE-2026-13890: Out of bounds read in Chromecast
* CVE-2026-13891: Insufficient validation of untrusted input in
Extensions
* CVE-2026-13892: Inappropriate implementation in Chrome for iOS
* CVE-2026-13893: Insufficient validation of untrusted input in WebUI
* CVE-2026-13894: Insufficient policy enforcement in Network
* CVE-2026-13895: Inappropriate implementation in Autofill
* CVE-2026-13896: Insufficient policy enforcement in Glic
* CVE-2026-13897: Insufficient policy enforcement in Chromecast
* CVE-2026-13898: Use after free in Cast Receiver
* CVE-2026-13899: Use after free in HTML
* CVE-2026-13900: Insufficient validation of untrusted input in
Chromecast
* CVE-2026-13901: Insufficient validation of untrusted input in Serial
* CVE-2026-13902: Inappropriate implementation in Chrome for iOS
* CVE-2026-13903: Insufficient policy enforcement in Bluetooth
* CVE-2026-13904: Incorrect security UI in Safe Browsing
* CVE-2026-13905: Incorrect security UI in Chrome for iOS
* CVE-2026-13906: Out of bounds read in Codecs
* CVE-2026-13907: Inappropriate implementation in iOSWeb
* CVE-2026-13908: Insufficient validation of untrusted input in Omnibox
* CVE-2026-13909: Insufficient policy enforcement in DevTools
* CVE-2026-13910: Insufficient policy enforcement in WebXR
* CVE-2026-13911: Insufficient data validation in Spellcheck
* CVE-2026-13912: Incorrect security UI in Safe Browsing
* CVE-2026-13913: Insufficient policy enforcement in Autofill
* CVE-2026-13914: Inappropriate implementation in Passwords
* CVE-2026-13915: Use after free in Chrome for iOS
* CVE-2026-13916: Inappropriate implementation in Chrome for iOS
* CVE-2026-13917: Insufficient validation of untrusted input in Chrome
for iOS
* CVE-2026-13918: Use after free in Chrome for iOS
* CVE-2026-13919: Insufficient data validation in Extensions
* CVE-2026-14393: Use after free in V8
* CVE-2026-13920: Insufficient validation of untrusted input in Media
* CVE-2026-13921: Insufficient validation of untrusted input in
DeviceBoundSessionCredentials
* CVE-2026-13922: Side-channel information leakage in Paint
* CVE-2026-13923: Uninitialized Use in GPU
* CVE-2026-14397: Out of bounds write in ANGLE
* CVE-2026-13924: Insufficient validation of untrusted input in WebView
* CVE-2026-13925: Inappropriate implementation in Downloads
* CVE-2026-13926: Insufficient validation of untrusted input in Network
* CVE-2026-13927: Insufficient validation of untrusted input in UI
* CVE-2026-13928: Insufficient validation of untrusted input in
Enterprise
* CVE-2026-13929: Insufficient validation of untrusted input in DevTools
* CVE-2026-13930: Insufficient policy enforcement in Actor
* CVE-2026-13931: Inappropriate implementation in Media
* CVE-2026-13932: Inappropriate implementation in Sharing
* CVE-2026-13933: Insufficient policy enforcement in Passwords
* CVE-2026-13934: Insufficient validation of untrusted input in Dawn
* CVE-2026-14399: Uninitialized Use in Dawn
* CVE-2026-13935: Side-channel information leakage in ComputePressure
* CVE-2026-13936: Inappropriate implementation in Passwords
* CVE-2026-13937: Insufficient policy enforcement in Passwords
* CVE-2026-13938: Integer overflow in Fonts
* CVE-2026-13939: Insufficient validation of untrusted input in WebShare
* CVE-2026-13940: Uninitialized Use in Cast
* CVE-2026-13941: Inappropriate implementation in SiteSettings
* CVE-2026-13942: Insufficient validation of untrusted input in Video
Capture
* CVE-2026-13943: Uninitialized Use in CSS
* CVE-2026-13944: Inappropriate implementation in DataTransfer
* CVE-2026-13945: Insufficient policy enforcement in Extensions
* CVE-2026-13946: Inappropriate implementation in ScriptInjections
* CVE-2026-13947: Uninitialized Use in XR
* CVE-2026-13948: Insufficient policy enforcement in Extensions
* CVE-2026-13949: Insufficient policy enforcement in Payments
* CVE-2026-14404: Inappropriate implementation in PDFium
* CVE-2026-13950: Uninitialized Use in GPU
* CVE-2026-13951: Policy bypass in USB
* CVE-2026-13952: Inappropriate implementation in PerformanceAPIs
* CVE-2026-14406: Out of bounds read in V8
* CVE-2026-13953: Inappropriate implementation in SplitView
* CVE-2026-13954: Insufficient policy enforcement in XML
* CVE-2026-13955: Insufficient validation of untrusted input in
CustomTabs
* CVE-2026-13956: Incorrect security UI in PageInfo
* CVE-2026-13957: Incorrect security UI in Extensions
* CVE-2026-13958: Uninitialized Use in Codecs
* CVE-2026-14407: Inappropriate implementation in V8
* CVE-2026-13959: Insufficient validation of untrusted input in Blink
* CVE-2026-13960: Inappropriate implementation in Passwords
* CVE-2026-13961: Insufficient validation of untrusted input in DevTools
* CVE-2026-13962: Insufficient data validation in PDF
* CVE-2026-13963: Inappropriate implementation in DevTools
* CVE-2026-13964: Insufficient policy enforcement in WebView
* CVE-2026-13965: Use after free in Oilpan
* CVE-2026-13966: Inappropriate implementation in History
* CVE-2026-13967: Type Confusion in V8
* CVE-2026-13968: Insufficient validation of untrusted input in DevTools
* CVE-2026-13969: Uninitialized Use in UI
* CVE-2026-13970: Uninitialized Use in Media
* CVE-2026-13971: Uninitialized Use in Skia
* CVE-2026-13972: Inappropriate implementation in Paint
* CVE-2026-13973: Inappropriate implementation in UI
* CVE-2026-13974: Integer overflow in Safe Browsing
* CVE-2026-13975: Out of bounds read in ANGLE
* CVE-2026-13976: Heap buffer overflow in Storage
* CVE-2026-13977: Inappropriate implementation in HTMLParser
* CVE-2026-13978: Insufficient policy enforcement in PageInfo
* CVE-2026-14414: Insufficient validation of untrusted input in Skia
* CVE-2026-13979: Inappropriate implementation in Paint
* CVE-2026-13980: Incorrect security UI in Chrome for iOS
* CVE-2026-13981: Inappropriate implementation in Chrome for iOS
* CVE-2026-13982: Incorrect security UI in Passwords
* CVE-2026-13983: Incorrect security UI in Chrome for iOS
* CVE-2026-13984: Incorrect security UI in TabStrip
* CVE-2026-13985: Inappropriate implementation in MediaCapture
* CVE-2026-13986: Inappropriate implementation in Media UI
* CVE-2026-13987: Incorrect security UI in Mobile
* CVE-2026-13988: Inappropriate implementation in Paint
* CVE-2026-13989: Insufficient policy enforcement in PageInfo
* CVE-2026-13990: Insufficient validation of untrusted input in
DataTransfer
* CVE-2026-13991: Insufficient validation of untrusted input in Chrome
for iOS
* CVE-2026-13992: Inappropriate implementation in UI
* CVE-2026-13993: Incorrect security UI in WebAppInstalls
* CVE-2026-13994: Inappropriate implementation in Credential Management
* CVE-2026-13995: Insufficient validation of untrusted input in Autofill
* CVE-2026-13996: Incorrect security UI in Permissions
* CVE-2026-13997: Incorrect security UI in Extensions
* CVE-2026-13998: Incorrect security UI in File Input
* CVE-2026-13999: Inappropriate implementation in Extensions
* CVE-2026-14000: Inappropriate implementation in XML
* CVE-2026-14001: Inappropriate implementation in Network
* CVE-2026-14002: Inappropriate implementation in Geolocation
* CVE-2026-14003: Insufficient policy enforcement in Extensions
* CVE-2026-14004: Inappropriate implementation in CSS
* CVE-2026-14005: Use after free in Omnibox
* CVE-2026-14006: Use after free in Navigation
* CVE-2026-14007: Insufficient policy enforcement in PermissionsPolicy
* CVE-2026-14008: Uninitialized Use in WebXR
* CVE-2026-14009: Insufficient data validation in Passwords
* CVE-2026-14010: Uninitialized Use in Codecs
* CVE-2026-14011: Out of bounds read in SurfaceCapture
* CVE-2026-14421: Uninitialized Use in Dawn
* CVE-2026-14012: Side-channel information leakage in CSS
* CVE-2026-14013: Inappropriate implementation in SVG
* CVE-2026-14014: Inappropriate implementation in Paint
* CVE-2026-14015: Inappropriate implementation in WebRTC
* CVE-2026-14016: Insufficient policy enforcement in SVG
* CVE-2026-14017: Inappropriate implementation in Navigation
* CVE-2026-14018: Use after free in Updater
* CVE-2026-14019: Inappropriate implementation in Passwords
* CVE-2026-14020: Insufficient validation of untrusted input in WebXR
* CVE-2026-14021: Insufficient validation of untrusted input in
StorageAccessAPI
* CVE-2026-14022: Insufficient validation of untrusted input in Network
* CVE-2026-14023: Insufficient validation of untrusted input in
SanitizerAPI
* CVE-2026-14024: Use after free in Ozone
* CVE-2026-14432: Use after free in V8
* CVE-2026-14025: Use after free in Views
* CVE-2026-14026: Incorrect security UI in SplitView
* CVE-2026-14027: Use after free in SignIn
* CVE-2026-14028: Incorrect security UI in Chrome for iOS
* CVE-2026-14030: Incorrect security UI in SplitView
* CVE-2026-14031: Incorrect security UI in File Input
* CVE-2026-14032: Use after free in Bluetooth
* CVE-2026-14033: Insufficient policy enforcement in Media
* CVE-2026-14034: Inappropriate implementation in WebXR
* CVE-2026-14035: Insufficient policy enforcement in Bluetooth
* CVE-2026-14036: Insufficient policy enforcement in Bluetooth
* CVE-2026-14037: Insufficient policy enforcement in GPU
* CVE-2026-14038: Insufficient validation of untrusted input in New Tab
Page
* CVE-2026-14039: Insufficient policy enforcement in GetUserMedia
* CVE-2026-14040: Use after free in BrowserTag
* CVE-2026-14041: Insufficient policy enforcement in Serial
* CVE-2026-14042: Inappropriate implementation in Isolated Web Apps
* CVE-2026-14043: Use after free in GetUserMedia
* CVE-2026-14044: Use after free in ANGLE
* CVE-2026-14045: Insufficient validation of untrusted input in Network
* CVE-2026-14046: Inappropriate implementation in CustomTabs
* CVE-2026-14047: Insufficient policy enforcement in Extensions
* CVE-2026-14048: Use after free in Chromecast
* CVE-2026-14049: Inappropriate implementation in GPU
* CVE-2026-14050: Insufficient policy enforcement in Passwords
* CVE-2026-14051: Uninitialized Use in GamepadAPI
* CVE-2026-14052: Insufficient policy enforcement in FileSystem
* CVE-2026-14053: Insufficient policy enforcement in Extensions
* CVE-2026-14054: Insufficient policy enforcement in Network
* CVE-2026-14055: Insufficient validation of untrusted input in Device
Trust
* CVE-2026-14056: Insufficient validation of untrusted input in Media
* CVE-2026-14057: Insufficient policy enforcement in FedCM
* CVE-2026-14058: Policy bypass in Parser
* CVE-2026-14059: Insufficient policy enforcement in Related-Website-Sets
* CVE-2026-14060: Insufficient validation of untrusted input in
Chromoting
* CVE-2026-14061: Inappropriate implementation in Dawn
* CVE-2026-14062: Inappropriate implementation in Views
* CVE-2026-14063: Out of bounds memory access in Chromecast
* CVE-2026-14064: Use after free in PageInfo
* CVE-2026-14065: Insufficient validation of untrusted input in PageInfo
* CVE-2026-14066: Insufficient validation of untrusted input in Chrome
for iOS
* CVE-2026-14067: Use after free in Chrome for iOS
* CVE-2026-14068: Inappropriate implementation in Omnibox
* CVE-2026-14069: Integer overflow in WebNN
* CVE-2026-14070: Uninitialized Use in WebNN
* CVE-2026-14071: Side-channel information leakage in WebAudio
* CVE-2026-14072: Incorrect security UI in SplitView
* CVE-2026-14073: Insufficient policy enforcement in WebXR
* CVE-2026-14394: Use after free in V8
* CVE-2026-14395: Out of bounds write in V8
* CVE-2026-14074: Side-channel information leakage in WebAuthentication
* CVE-2026-14075: Policy bypass in Chrome for iOS
* CVE-2026-14076: Policy bypass in Network
* CVE-2026-14077: Incorrect security UI in Select
* CVE-2026-14078: Policy bypass in WebRTC
* CVE-2026-14079: Policy bypass in Network
* CVE-2026-14080: Insufficient validation of untrusted input in
TabSwitcher
* CVE-2026-14081: Insufficient policy enforcement in DevTools
* CVE-2026-14082: Race in Storage
* CVE-2026-14083: Insufficient validation of untrusted input in HTML
* CVE-2026-14084: Insufficient validation of untrusted input in
Chromoting
* CVE-2026-14085: Side-channel information leakage in CSS
* CVE-2026-14086: Insufficient policy enforcement in HID
* CVE-2026-14087: Insufficient validation of untrusted input in WebNN
* CVE-2026-14088: Uninitialized Use in Canvas
* CVE-2026-14089: Insufficient validation of untrusted input in
PopupBlocker
* CVE-2026-14090: Out of bounds read in CameraCapture
* CVE-2026-14091: Use after free in DevTools
* CVE-2026-14092: Insufficient policy enforcement in Privacy
* CVE-2026-14093: Use after free in Cast
* CVE-2026-14094: Use after free in Installer
* CVE-2026-14095: Insufficient validation of untrusted input in Browser
* CVE-2026-14403: Use after free in V8
* CVE-2026-14096: Object lifecycle issue in Input
* CVE-2026-14097: Inappropriate implementation in WebAppInstalls
* CVE-2026-14098: Inappropriate implementation in CSS
* CVE-2026-14405: Uninitialized Use in V8
* CVE-2026-14099: Use after free in Chrome for iOS
* CVE-2026-14100: Insufficient data validation in NetworkCache
* CVE-2026-14101: Insufficient policy enforcement in Sandbox
* CVE-2026-14102: Use after free in Passwords
* CVE-2026-14103: Use after free in SSL
* CVE-2026-14104: Insufficient validation of untrusted input in
WebAppInstalls
* CVE-2026-14105: Insufficient policy enforcement in Speech
* CVE-2026-14106: Insufficient validation of untrusted input in Text
* CVE-2026-14107: Use after free in Scheduling
* CVE-2026-14108: Use after free in PDFium
* CVE-2026-14109: Insufficient policy enforcement in Mojo
* CVE-2026-14110: Inappropriate implementation in DarkMode
* CVE-2026-14111: Use after free in WebProtect
* CVE-2026-14112: Inappropriate implementation in Enterprise
* CVE-2026-14113: Use after free in Updater
* CVE-2026-14114: Inappropriate implementation in WebAppInstalls
* CVE-2026-14115: Insufficient validation of untrusted input in Cast
* CVE-2026-14116: Insufficient validation of untrusted input in DevTools
* CVE-2026-14117: Insufficient validation of untrusted input in DevTools
* CVE-2026-14118: Insufficient data validation in DevTools
* CVE-2026-14119: Type Confusion in Bluetooth
* CVE-2026-14120: Inappropriate implementation in DevTools
* CVE-2026-14121: Use after free in Chromoting
* CVE-2026-14409: Inappropriate implementation in V8
* CVE-2026-14122: Insufficient validation of untrusted input in
WebAppInstalls
* CVE-2026-14410: Inappropriate implementation in Skia
* CVE-2026-14123: Incorrect security UI in Chrome for iOS
* CVE-2026-14124: Inappropriate implementation in CredentialProvider
* CVE-2026-14125: Uninitialized Use in ANGLE
* CVE-2026-14126: Incorrect security UI in UI
* CVE-2026-14127: Inappropriate implementation in Printing
* CVE-2026-14128: Insufficient data validation in Chrome for iOS
* CVE-2026-14129: Incorrect security UI in PreviewTab
* CVE-2026-14130: Incorrect security UI in Omnibox
* CVE-2026-14131: Insufficient validation of untrusted input in
WebAppInstalls
* CVE-2026-14132: Inappropriate implementation in WebXR
* CVE-2026-14133: Race in History Embeddings
* CVE-2026-14134: Inappropriate implementation in Autofill
* CVE-2026-14135: Insufficient validation of untrusted input in Network
* CVE-2026-14136: Incorrect security UI in Chrome for iOS
* CVE-2026-14137: Insufficient validation of untrusted input in Chrome
for iOS
* CVE-2026-14138: Inappropriate implementation in WebAppInstalls
* CVE-2026-14139: Inappropriate implementation in TabStrip
* CVE-2026-14140: Insufficient validation of untrusted input in Input
* CVE-2026-14141: Incorrect security UI in Document Picture-in-Picture
* CVE-2026-14142: Inappropriate implementation in Extensions
* CVE-2026-14143: Incorrect security UI in Passwords
* CVE-2026-14144: Incorrect security UI in Views
* CVE-2026-14145: Inappropriate implementation in CSS
* CVE-2026-14146: Inappropriate implementation in CSS
* CVE-2026-14147: Inappropriate implementation in CSS
* CVE-2026-14415: Inappropriate implementation in V8
* CVE-2026-14148: Type Confusion in CSS
* CVE-2026-14149: Use after free in Audio
* CVE-2026-14416: Out of bounds read in Dawn
* CVE-2026-14150: Insufficient validation of untrusted input in Speech
* CVE-2026-14151: Inappropriate implementation in AI
* CVE-2026-14152: Out of bounds write in ANGLE
* CVE-2026-14153: Inappropriate implementation in Glic
* CVE-2026-14154: Inappropriate implementation in DevTools
* CVE-2026-14155: Insufficient policy enforcement in StorageAccessAPI
* CVE-2026-14156: Policy bypass in StorageAccessAPI

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP7:

zypper in -t patch openSUSE-2026-233=1

Package List:

- openSUSE Backports SLE-15-SP7 (aarch64 ppc64le x86_64):

chromedriver-150.0.7871.46-bp157.2.181.1
chromium-150.0.7871.46-bp157.2.181.1

References:

https://www.suse.com/security/cve/CVE-2026-13774.html
https://www.suse.com/security/cve/CVE-2026-13775.html
https://www.suse.com/security/cve/CVE-2026-13776.html
https://www.suse.com/security/cve/CVE-2026-13777.html
https://www.suse.com/security/cve/CVE-2026-13778.html
https://www.suse.com/security/cve/CVE-2026-13779.html
https://www.suse.com/security/cve/CVE-2026-13780.html
https://www.suse.com/security/cve/CVE-2026-13781.html
https://www.suse.com/security/cve/CVE-2026-13782.html
https://www.suse.com/security/cve/CVE-2026-13783.html
https://www.suse.com/security/cve/CVE-2026-13784.html
https://www.suse.com/security/cve/CVE-2026-13785.html
https://www.suse.com/security/cve/CVE-2026-13786.html
https://www.suse.com/security/cve/CVE-2026-13787.html
https://www.suse.com/security/cve/CVE-2026-13788.html
https://www.suse.com/security/cve/CVE-2026-13790.html
https://www.suse.com/security/cve/CVE-2026-13791.html
https://www.suse.com/security/cve/CVE-2026-13792.html
https://www.suse.com/security/cve/CVE-2026-13793.html
https://www.suse.com/security/cve/CVE-2026-13794.html
https://www.suse.com/security/cve/CVE-2026-13795.html
https://www.suse.com/security/cve/CVE-2026-13796.html
https://www.suse.com/security/cve/CVE-2026-13797.html
https://www.suse.com/security/cve/CVE-2026-13798.html
https://www.suse.com/security/cve/CVE-2026-13799.html
https://www.suse.com/security/cve/CVE-2026-13800.html
https://www.suse.com/security/cve/CVE-2026-13801.html
https://www.suse.com/security/cve/CVE-2026-13802.html
https://www.suse.com/security/cve/CVE-2026-13803.html
https://www.suse.com/security/cve/CVE-2026-13804.html
https://www.suse.com/security/cve/CVE-2026-13805.html
https://www.suse.com/security/cve/CVE-2026-13806.html
https://www.suse.com/security/cve/CVE-2026-13807.html
https://www.suse.com/security/cve/CVE-2026-13808.html
https://www.suse.com/security/cve/CVE-2026-13809.html
https://www.suse.com/security/cve/CVE-2026-13810.html
https://www.suse.com/security/cve/CVE-2026-13811.html
https://www.suse.com/security/cve/CVE-2026-13812.html
https://www.suse.com/security/cve/CVE-2026-13813.html
https://www.suse.com/security/cve/CVE-2026-13814.html
https://www.suse.com/security/cve/CVE-2026-13815.html
https://www.suse.com/security/cve/CVE-2026-13816.html
https://www.suse.com/security/cve/CVE-2026-13817.html
https://www.suse.com/security/cve/CVE-2026-13818.html
https://www.suse.com/security/cve/CVE-2026-13819.html
https://www.suse.com/security/cve/CVE-2026-13820.html
https://www.suse.com/security/cve/CVE-2026-13821.html
https://www.suse.com/security/cve/CVE-2026-13822.html
https://www.suse.com/security/cve/CVE-2026-13823.html
https://www.suse.com/security/cve/CVE-2026-13824.html
https://www.suse.com/security/cve/CVE-2026-13825.html
https://www.suse.com/security/cve/CVE-2026-13826.html
https://www.suse.com/security/cve/CVE-2026-13827.html
https://www.suse.com/security/cve/CVE-2026-13828.html
https://www.suse.com/security/cve/CVE-2026-13829.html
https://www.suse.com/security/cve/CVE-2026-13830.html
https://www.suse.com/security/cve/CVE-2026-13831.html
https://www.suse.com/security/cve/CVE-2026-13832.html
https://www.suse.com/security/cve/CVE-2026-13833.html
https://www.suse.com/security/cve/CVE-2026-13834.html
https://www.suse.com/security/cve/CVE-2026-13835.html
https://www.suse.com/security/cve/CVE-2026-13836.html
https://www.suse.com/security/cve/CVE-2026-13837.html
https://www.suse.com/security/cve/CVE-2026-13838.html
https://www.suse.com/security/cve/CVE-2026-13839.html
https://www.suse.com/security/cve/CVE-2026-13840.html
https://www.suse.com/security/cve/CVE-2026-13841.html
https://www.suse.com/security/cve/CVE-2026-13842.html
https://www.suse.com/security/cve/CVE-2026-13843.html
https://www.suse.com/security/cve/CVE-2026-13844.html
https://www.suse.com/security/cve/CVE-2026-13845.html
https://www.suse.com/security/cve/CVE-2026-13846.html
https://www.suse.com/security/cve/CVE-2026-13847.html
https://www.suse.com/security/cve/CVE-2026-13848.html
https://www.suse.com/security/cve/CVE-2026-13849.html
https://www.suse.com/security/cve/CVE-2026-13850.html
https://www.suse.com/security/cve/CVE-2026-13851.html
https://www.suse.com/security/cve/CVE-2026-13852.html
https://www.suse.com/security/cve/CVE-2026-13853.html
https://www.suse.com/security/cve/CVE-2026-13854.html
https://www.suse.com/security/cve/CVE-2026-13855.html
https://www.suse.com/security/cve/CVE-2026-13856.html
https://www.suse.com/security/cve/CVE-2026-13857.html
https://www.suse.com/security/cve/CVE-2026-13858.html
https://www.suse.com/security/cve/CVE-2026-13859.html
https://www.suse.com/security/cve/CVE-2026-13860.html
https://www.suse.com/security/cve/CVE-2026-13861.html
https://www.suse.com/security/cve/CVE-2026-13862.html
https://www.suse.com/security/cve/CVE-2026-13863.html
https://www.suse.com/security/cve/CVE-2026-13864.html
https://www.suse.com/security/cve/CVE-2026-13865.html
https://www.suse.com/security/cve/CVE-2026-13866.html
https://www.suse.com/security/cve/CVE-2026-13867.html
https://www.suse.com/security/cve/CVE-2026-13868.html
https://www.suse.com/security/cve/CVE-2026-13869.html
https://www.suse.com/security/cve/CVE-2026-13870.html
https://www.suse.com/security/cve/CVE-2026-13871.html
https://www.suse.com/security/cve/CVE-2026-13872.html
https://www.suse.com/security/cve/CVE-2026-13873.html
https://www.suse.com/security/cve/CVE-2026-13874.html
https://www.suse.com/security/cve/CVE-2026-13875.html
https://www.suse.com/security/cve/CVE-2026-13876.html
https://www.suse.com/security/cve/CVE-2026-13877.html
https://www.suse.com/security/cve/CVE-2026-13878.html
https://www.suse.com/security/cve/CVE-2026-13879.html
https://www.suse.com/security/cve/CVE-2026-13880.html
https://www.suse.com/security/cve/CVE-2026-13881.html
https://www.suse.com/security/cve/CVE-2026-13882.html
https://www.suse.com/security/cve/CVE-2026-13883.html
https://www.suse.com/security/cve/CVE-2026-13884.html
https://www.suse.com/security/cve/CVE-2026-13885.html
https://www.suse.com/security/cve/CVE-2026-13886.html
https://www.suse.com/security/cve/CVE-2026-13887.html
https://www.suse.com/security/cve/CVE-2026-13888.html
https://www.suse.com/security/cve/CVE-2026-13889.html
https://www.suse.com/security/cve/CVE-2026-13890.html
https://www.suse.com/security/cve/CVE-2026-13891.html
https://www.suse.com/security/cve/CVE-2026-13892.html
https://www.suse.com/security/cve/CVE-2026-13893.html
https://www.suse.com/security/cve/CVE-2026-13894.html
https://www.suse.com/security/cve/CVE-2026-13895.html
https://www.suse.com/security/cve/CVE-2026-13896.html
https://www.suse.com/security/cve/CVE-2026-13897.html
https://www.suse.com/security/cve/CVE-2026-13898.html
https://www.suse.com/security/cve/CVE-2026-13899.html
https://www.suse.com/security/cve/CVE-2026-13900.html
https://www.suse.com/security/cve/CVE-2026-13901.html
https://www.suse.com/security/cve/CVE-2026-13902.html
https://www.suse.com/security/cve/CVE-2026-13903.html
https://www.suse.com/security/cve/CVE-2026-13904.html
https://www.suse.com/security/cve/CVE-2026-13905.html
https://www.suse.com/security/cve/CVE-2026-13906.html
https://www.suse.com/security/cve/CVE-2026-13907.html
https://www.suse.com/security/cve/CVE-2026-13908.html
https://www.suse.com/security/cve/CVE-2026-13909.html
https://www.suse.com/security/cve/CVE-2026-13910.html
https://www.suse.com/security/cve/CVE-2026-13911.html
https://www.suse.com/security/cve/CVE-2026-13912.html
https://www.suse.com/security/cve/CVE-2026-13913.html
https://www.suse.com/security/cve/CVE-2026-13914.html
https://www.suse.com/security/cve/CVE-2026-13915.html
https://www.suse.com/security/cve/CVE-2026-13916.html
https://www.suse.com/security/cve/CVE-2026-13917.html
https://www.suse.com/security/cve/CVE-2026-13918.html
https://www.suse.com/security/cve/CVE-2026-13919.html
https://www.suse.com/security/cve/CVE-2026-13920.html
https://www.suse.com/security/cve/CVE-2026-13921.html
https://www.suse.com/security/cve/CVE-2026-13922.html
https://www.suse.com/security/cve/CVE-2026-13923.html
https://www.suse.com/security/cve/CVE-2026-13924.html
https://www.suse.com/security/cve/CVE-2026-13925.html
https://www.suse.com/security/cve/CVE-2026-13926.html
https://www.suse.com/security/cve/CVE-2026-13927.html
https://www.suse.com/security/cve/CVE-2026-13928.html
https://www.suse.com/security/cve/CVE-2026-13929.html
https://www.suse.com/security/cve/CVE-2026-13930.html
https://www.suse.com/security/cve/CVE-2026-13931.html
https://www.suse.com/security/cve/CVE-2026-13932.html
https://www.suse.com/security/cve/CVE-2026-13933.html
https://www.suse.com/security/cve/CVE-2026-13934.html
https://www.suse.com/security/cve/CVE-2026-13935.html
https://www.suse.com/security/cve/CVE-2026-13936.html
https://www.suse.com/security/cve/CVE-2026-13937.html
https://www.suse.com/security/cve/CVE-2026-13938.html
https://www.suse.com/security/cve/CVE-2026-13939.html
https://www.suse.com/security/cve/CVE-2026-13940.html
https://www.suse.com/security/cve/CVE-2026-13941.html
https://www.suse.com/security/cve/CVE-2026-13942.html
https://www.suse.com/security/cve/CVE-2026-13943.html
https://www.suse.com/security/cve/CVE-2026-13944.html
https://www.suse.com/security/cve/CVE-2026-13945.html
https://www.suse.com/security/cve/CVE-2026-13946.html
https://www.suse.com/security/cve/CVE-2026-13947.html
https://www.suse.com/security/cve/CVE-2026-13948.html
https://www.suse.com/security/cve/CVE-2026-13949.html
https://www.suse.com/security/cve/CVE-2026-13950.html
https://www.suse.com/security/cve/CVE-2026-13951.html
https://www.suse.com/security/cve/CVE-2026-13952.html
https://www.suse.com/security/cve/CVE-2026-13953.html
https://www.suse.com/security/cve/CVE-2026-13954.html
https://www.suse.com/security/cve/CVE-2026-13955.html
https://www.suse.com/security/cve/CVE-2026-13956.html
https://www.suse.com/security/cve/CVE-2026-13957.html
https://www.suse.com/security/cve/CVE-2026-13958.html
https://www.suse.com/security/cve/CVE-2026-13959.html
https://www.suse.com/security/cve/CVE-2026-13960.html
https://www.suse.com/security/cve/CVE-2026-13961.html
https://www.suse.com/security/cve/CVE-2026-13962.html
https://www.suse.com/security/cve/CVE-2026-13963.html
https://www.suse.com/security/cve/CVE-2026-13964.html
https://www.suse.com/security/cve/CVE-2026-13965.html
https://www.suse.com/security/cve/CVE-2026-13966.html
https://www.suse.com/security/cve/CVE-2026-13967.html
https://www.suse.com/security/cve/CVE-2026-13968.html
https://www.suse.com/security/cve/CVE-2026-13969.html
https://www.suse.com/security/cve/CVE-2026-13970.html
https://www.suse.com/security/cve/CVE-2026-13971.html
https://www.suse.com/security/cve/CVE-2026-13972.html
https://www.suse.com/security/cve/CVE-2026-13973.html
https://www.suse.com/security/cve/CVE-2026-13974.html
https://www.suse.com/security/cve/CVE-2026-13975.html
https://www.suse.com/security/cve/CVE-2026-13976.html
https://www.suse.com/security/cve/CVE-2026-13977.html
https://www.suse.com/security/cve/CVE-2026-13978.html
https://www.suse.com/security/cve/CVE-2026-13979.html
https://www.suse.com/security/cve/CVE-2026-13980.html
https://www.suse.com/security/cve/CVE-2026-13981.html
https://www.suse.com/security/cve/CVE-2026-13982.html
https://www.suse.com/security/cve/CVE-2026-13983.html
https://www.suse.com/security/cve/CVE-2026-13984.html
https://www.suse.com/security/cve/CVE-2026-13985.html
https://www.suse.com/security/cve/CVE-2026-13986.html
https://www.suse.com/security/cve/CVE-2026-13987.html
https://www.suse.com/security/cve/CVE-2026-13988.html
https://www.suse.com/security/cve/CVE-2026-13989.html
https://www.suse.com/security/cve/CVE-2026-13990.html
https://www.suse.com/security/cve/CVE-2026-13991.html
https://www.suse.com/security/cve/CVE-2026-13992.html
https://www.suse.com/security/cve/CVE-2026-13993.html
https://www.suse.com/security/cve/CVE-2026-13994.html
https://www.suse.com/security/cve/CVE-2026-13995.html
https://www.suse.com/security/cve/CVE-2026-13996.html
https://www.suse.com/security/cve/CVE-2026-13997.html
https://www.suse.com/security/cve/CVE-2026-13998.html
https://www.suse.com/security/cve/CVE-2026-13999.html
https://www.suse.com/security/cve/CVE-2026-14000.html
https://www.suse.com/security/cve/CVE-2026-14001.html
https://www.suse.com/security/cve/CVE-2026-14002.html
https://www.suse.com/security/cve/CVE-2026-14003.html
https://www.suse.com/security/cve/CVE-2026-14004.html
https://www.suse.com/security/cve/CVE-2026-14005.html
https://www.suse.com/security/cve/CVE-2026-14006.html
https://www.suse.com/security/cve/CVE-2026-14007.html
https://www.suse.com/security/cve/CVE-2026-14008.html
https://www.suse.com/security/cve/CVE-2026-14009.html
https://www.suse.com/security/cve/CVE-2026-14010.html
https://www.suse.com/security/cve/CVE-2026-14011.html
https://www.suse.com/security/cve/CVE-2026-14012.html
https://www.suse.com/security/cve/CVE-2026-14013.html
https://www.suse.com/security/cve/CVE-2026-14014.html
https://www.suse.com/security/cve/CVE-2026-14015.html
https://www.suse.com/security/cve/CVE-2026-14016.html
https://www.suse.com/security/cve/CVE-2026-14017.html
https://www.suse.com/security/cve/CVE-2026-14018.html
https://www.suse.com/security/cve/CVE-2026-14019.html
https://www.suse.com/security/cve/CVE-2026-14020.html
https://www.suse.com/security/cve/CVE-2026-14021.html
https://www.suse.com/security/cve/CVE-2026-14022.html
https://www.suse.com/security/cve/CVE-2026-14023.html
https://www.suse.com/security/cve/CVE-2026-14024.html
https://www.suse.com/security/cve/CVE-2026-14025.html
https://www.suse.com/security/cve/CVE-2026-14026.html
https://www.suse.com/security/cve/CVE-2026-14027.html
https://www.suse.com/security/cve/CVE-2026-14028.html
https://www.suse.com/security/cve/CVE-2026-14030.html
https://www.suse.com/security/cve/CVE-2026-14031.html
https://www.suse.com/security/cve/CVE-2026-14032.html
https://www.suse.com/security/cve/CVE-2026-14033.html
https://www.suse.com/security/cve/CVE-2026-14034.html
https://www.suse.com/security/cve/CVE-2026-14035.html
https://www.suse.com/security/cve/CVE-2026-14036.html
https://www.suse.com/security/cve/CVE-2026-14037.html
https://www.suse.com/security/cve/CVE-2026-14038.html
https://www.suse.com/security/cve/CVE-2026-14039.html
https://www.suse.com/security/cve/CVE-2026-14040.html
https://www.suse.com/security/cve/CVE-2026-14041.html
https://www.suse.com/security/cve/CVE-2026-14042.html
https://www.suse.com/security/cve/CVE-2026-14043.html
https://www.suse.com/security/cve/CVE-2026-14044.html
https://www.suse.com/security/cve/CVE-2026-14045.html
https://www.suse.com/security/cve/CVE-2026-14046.html
https://www.suse.com/security/cve/CVE-2026-14047.html
https://www.suse.com/security/cve/CVE-2026-14048.html
https://www.suse.com/security/cve/CVE-2026-14049.html
https://www.suse.com/security/cve/CVE-2026-14050.html
https://www.suse.com/security/cve/CVE-2026-14051.html
https://www.suse.com/security/cve/CVE-2026-14052.html
https://www.suse.com/security/cve/CVE-2026-14053.html
https://www.suse.com/security/cve/CVE-2026-14054.html
https://www.suse.com/security/cve/CVE-2026-14055.html
https://www.suse.com/security/cve/CVE-2026-14056.html
https://www.suse.com/security/cve/CVE-2026-14057.html
https://www.suse.com/security/cve/CVE-2026-14058.html
https://www.suse.com/security/cve/CVE-2026-14059.html
https://www.suse.com/security/cve/CVE-2026-14060.html
https://www.suse.com/security/cve/CVE-2026-14061.html
https://www.suse.com/security/cve/CVE-2026-14062.html
https://www.suse.com/security/cve/CVE-2026-14063.html
https://www.suse.com/security/cve/CVE-2026-14064.html
https://www.suse.com/security/cve/CVE-2026-14065.html
https://www.suse.com/security/cve/CVE-2026-14066.html
https://www.suse.com/security/cve/CVE-2026-14067.html
https://www.suse.com/security/cve/CVE-2026-14068.html
https://www.suse.com/security/cve/CVE-2026-14069.html
https://www.suse.com/security/cve/CVE-2026-14070.html
https://www.suse.com/security/cve/CVE-2026-14071.html
https://www.suse.com/security/cve/CVE-2026-14072.html
https://www.suse.com/security/cve/CVE-2026-14073.html
https://www.suse.com/security/cve/CVE-2026-14074.html
https://www.suse.com/security/cve/CVE-2026-14075.html
https://www.suse.com/security/cve/CVE-2026-14076.html
https://www.suse.com/security/cve/CVE-2026-14077.html
https://www.suse.com/security/cve/CVE-2026-14078.html
https://www.suse.com/security/cve/CVE-2026-14079.html
https://www.suse.com/security/cve/CVE-2026-14080.html
https://www.suse.com/security/cve/CVE-2026-14081.html
https://www.suse.com/security/cve/CVE-2026-14082.html
https://www.suse.com/security/cve/CVE-2026-14083.html
https://www.suse.com/security/cve/CVE-2026-14084.html
https://www.suse.com/security/cve/CVE-2026-14085.html
https://www.suse.com/security/cve/CVE-2026-14086.html
https://www.suse.com/security/cve/CVE-2026-14087.html
https://www.suse.com/security/cve/CVE-2026-14088.html
https://www.suse.com/security/cve/CVE-2026-14089.html
https://www.suse.com/security/cve/CVE-2026-14090.html
https://www.suse.com/security/cve/CVE-2026-14091.html
https://www.suse.com/security/cve/CVE-2026-14092.html
https://www.suse.com/security/cve/CVE-2026-14093.html
https://www.suse.com/security/cve/CVE-2026-14094.html
https://www.suse.com/security/cve/CVE-2026-14095.html
https://www.suse.com/security/cve/CVE-2026-14096.html
https://www.suse.com/security/cve/CVE-2026-14097.html
https://www.suse.com/security/cve/CVE-2026-14098.html
https://www.suse.com/security/cve/CVE-2026-14099.html
https://www.suse.com/security/cve/CVE-2026-14100.html
https://www.suse.com/security/cve/CVE-2026-14101.html
https://www.suse.com/security/cve/CVE-2026-14102.html
https://www.suse.com/security/cve/CVE-2026-14103.html
https://www.suse.com/security/cve/CVE-2026-14104.html
https://www.suse.com/security/cve/CVE-2026-14105.html
https://www.suse.com/security/cve/CVE-2026-14106.html
https://www.suse.com/security/cve/CVE-2026-14107.html
https://www.suse.com/security/cve/CVE-2026-14108.html
https://www.suse.com/security/cve/CVE-2026-14109.html
https://www.suse.com/security/cve/CVE-2026-14110.html
https://www.suse.com/security/cve/CVE-2026-14111.html
https://www.suse.com/security/cve/CVE-2026-14112.html
https://www.suse.com/security/cve/CVE-2026-14113.html
https://www.suse.com/security/cve/CVE-2026-14114.html
https://www.suse.com/security/cve/CVE-2026-14115.html
https://www.suse.com/security/cve/CVE-2026-14116.html
https://www.suse.com/security/cve/CVE-2026-14117.html
https://www.suse.com/security/cve/CVE-2026-14118.html
https://www.suse.com/security/cve/CVE-2026-14119.html
https://www.suse.com/security/cve/CVE-2026-14120.html
https://www.suse.com/security/cve/CVE-2026-14121.html
https://www.suse.com/security/cve/CVE-2026-14122.html
https://www.suse.com/security/cve/CVE-2026-14123.html
https://www.suse.com/security/cve/CVE-2026-14124.html
https://www.suse.com/security/cve/CVE-2026-14125.html
https://www.suse.com/security/cve/CVE-2026-14126.html
https://www.suse.com/security/cve/CVE-2026-14127.html
https://www.suse.com/security/cve/CVE-2026-14128.html
https://www.suse.com/security/cve/CVE-2026-14129.html
https://www.suse.com/security/cve/CVE-2026-14130.html
https://www.suse.com/security/cve/CVE-2026-14131.html
https://www.suse.com/security/cve/CVE-2026-14132.html
https://www.suse.com/security/cve/CVE-2026-14133.html
https://www.suse.com/security/cve/CVE-2026-14134.html
https://www.suse.com/security/cve/CVE-2026-14135.html
https://www.suse.com/security/cve/CVE-2026-14136.html
https://www.suse.com/security/cve/CVE-2026-14137.html
https://www.suse.com/security/cve/CVE-2026-14138.html
https://www.suse.com/security/cve/CVE-2026-14139.html
https://www.suse.com/security/cve/CVE-2026-14140.html
https://www.suse.com/security/cve/CVE-2026-14141.html
https://www.suse.com/security/cve/CVE-2026-14142.html
https://www.suse.com/security/cve/CVE-2026-14143.html
https://www.suse.com/security/cve/CVE-2026-14144.html
https://www.suse.com/security/cve/CVE-2026-14145.html
https://www.suse.com/security/cve/CVE-2026-14146.html
https://www.suse.com/security/cve/CVE-2026-14147.html
https://www.suse.com/security/cve/CVE-2026-14148.html
https://www.suse.com/security/cve/CVE-2026-14149.html
https://www.suse.com/security/cve/CVE-2026-14150.html
https://www.suse.com/security/cve/CVE-2026-14151.html
https://www.suse.com/security/cve/CVE-2026-14152.html
https://www.suse.com/security/cve/CVE-2026-14153.html
https://www.suse.com/security/cve/CVE-2026-14154.html
https://www.suse.com/security/cve/CVE-2026-14155.html
https://www.suse.com/security/cve/CVE-2026-14156.html
https://www.suse.com/security/cve/CVE-2026-14381.html
https://www.suse.com/security/cve/CVE-2026-14382.html
https://www.suse.com/security/cve/CVE-2026-14383.html
https://www.suse.com/security/cve/CVE-2026-14384.html
https://www.suse.com/security/cve/CVE-2026-14385.html
https://www.suse.com/security/cve/CVE-2026-14386.html
https://www.suse.com/security/cve/CVE-2026-14387.html
https://www.suse.com/security/cve/CVE-2026-14388.html
https://www.suse.com/security/cve/CVE-2026-14389.html
https://www.suse.com/security/cve/CVE-2026-14390.html
https://www.suse.com/security/cve/CVE-2026-14391.html
https://www.suse.com/security/cve/CVE-2026-14392.html
https://www.suse.com/security/cve/CVE-2026-14393.html
https://www.suse.com/security/cve/CVE-2026-14394.html
https://www.suse.com/security/cve/CVE-2026-14395.html
https://www.suse.com/security/cve/CVE-2026-14396.html
https://www.suse.com/security/cve/CVE-2026-14397.html
https://www.suse.com/security/cve/CVE-2026-14398.html
https://www.suse.com/security/cve/CVE-2026-14399.html
https://www.suse.com/security/cve/CVE-2026-14400.html
https://www.suse.com/security/cve/CVE-2026-14401.html
https://www.suse.com/security/cve/CVE-2026-14402.html
https://www.suse.com/security/cve/CVE-2026-14403.html
https://www.suse.com/security/cve/CVE-2026-14404.html
https://www.suse.com/security/cve/CVE-2026-14405.html
https://www.suse.com/security/cve/CVE-2026-14406.html
https://www.suse.com/security/cve/CVE-2026-14407.html
https://www.suse.com/security/cve/CVE-2026-14408.html
https://www.suse.com/security/cve/CVE-2026-14409.html
https://www.suse.com/security/cve/CVE-2026-14410.html
https://www.suse.com/security/cve/CVE-2026-14411.html
https://www.suse.com/security/cve/CVE-2026-14412.html
https://www.suse.com/security/cve/CVE-2026-14413.html
https://www.suse.com/security/cve/CVE-2026-14414.html
https://www.suse.com/security/cve/CVE-2026-14415.html
https://www.suse.com/security/cve/CVE-2026-14416.html
https://www.suse.com/security/cve/CVE-2026-14417.html
https://www.suse.com/security/cve/CVE-2026-14418.html
https://www.suse.com/security/cve/CVE-2026-14419.html
https://www.suse.com/security/cve/CVE-2026-14420.html
https://www.suse.com/security/cve/CVE-2026-14421.html
https://www.suse.com/security/cve/CVE-2026-14422.html
https://www.suse.com/security/cve/CVE-2026-14423.html
https://www.suse.com/security/cve/CVE-2026-14424.html
https://www.suse.com/security/cve/CVE-2026-14425.html
https://www.suse.com/security/cve/CVE-2026-14426.html
https://www.suse.com/security/cve/CVE-2026-14427.html
https://www.suse.com/security/cve/CVE-2026-14428.html
https://www.suse.com/security/cve/CVE-2026-14429.html
https://www.suse.com/security/cve/CVE-2026-14430.html
https://www.suse.com/security/cve/CVE-2026-14431.html
https://www.suse.com/security/cve/CVE-2026-14432.html
https://bugzilla.suse.com/1269061
https://bugzilla.suse.com/1270051



openSUSE-SU-2026:11197-1: moderate: apptainer-1.5.1-3.1 on GA media


# apptainer-1.5.1-3.1 on GA media

Announcement ID: openSUSE-SU-2026:11197-1
Rating: moderate

Cross-References:

* CVE-2026-2303

CVSS scores:

* CVE-2026-2303 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the apptainer-1.5.1-3.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* apptainer 1.5.1-3.1
* apptainer-leap 1.5.1-3.1

## References:

* https://www.suse.com/security/cve/CVE-2026-2303.html



openSUSE-SU-2026:11196-1: moderate: python313-yt-dlp-2026.07.04-1.1 on GA media


# python313-yt-dlp-2026.07.04-1.1 on GA media

Announcement ID: openSUSE-SU-2026:11196-1
Rating: moderate

Cross-References:

* CVE-2026-55404

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the python313-yt-dlp-2026.07.04-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* python313-yt-dlp 2026.07.04-1.1
* yt-dlp 2026.07.04-1.1
* yt-dlp-youtube-dl 2026.07.04-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-55404.html



openSUSE-SU-2026:11195-1: moderate: tomcat11-11.0.23-1.1 on GA media


# tomcat11-11.0.23-1.1 on GA media

Announcement ID: openSUSE-SU-2026:11195-1
Rating: moderate

Cross-References:

* CVE-2026-50229
* CVE-2026-53404
* CVE-2026-53434
* CVE-2026-55276
* CVE-2026-55955
* CVE-2026-55956

CVSS scores:

* CVE-2026-50229 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2026-50229 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
* CVE-2026-53404 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2026-53404 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2026-53434 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2026-53434 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2026-55276 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
* CVE-2026-55276 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2026-55955 ( SUSE ): 4.2 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2026-55955 ( SUSE ): 2.3 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2026-55956 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2026-55956 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves 6 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the tomcat11-11.0.23-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* tomcat11 11.0.23-1.1
* tomcat11-admin-webapps 11.0.23-1.1
* tomcat11-doc 11.0.23-1.1
* tomcat11-docs-webapp 11.0.23-1.1
* tomcat11-el-6_0-api 11.0.23-1.1
* tomcat11-embed 11.0.23-1.1
* tomcat11-jsp-4_0-api 11.0.23-1.1
* tomcat11-jsvc 11.0.23-1.1
* tomcat11-lib 11.0.23-1.1
* tomcat11-servlet-6_1-api 11.0.23-1.1
* tomcat11-webapps 11.0.23-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-50229.html
* https://www.suse.com/security/cve/CVE-2026-53404.html
* https://www.suse.com/security/cve/CVE-2026-53434.html
* https://www.suse.com/security/cve/CVE-2026-55276.html
* https://www.suse.com/security/cve/CVE-2026-55955.html
* https://www.suse.com/security/cve/CVE-2026-55956.html