Chromium, Java, Trivy, and more updates for SUSE

SUSE 5636 Published by

SUSE has rolled out a batch of security patches addressing flaws across multiple Linux distributions and software packages. The highest priority fix targets Chromium with thirty-three critical vulnerabilities, including several dangerous use after free errors that could destabilize systems. OpenSUSE Tumbleweed users need to install moderate updates for core tools like OpenJDK, Vim, Trivy, and libtiff to patch known weaknesses. Lower severity adjustments also improve regex processing in python-Pygments across various SUSE Linux Enterprise modules.

openSUSE-SU-2026:0161-1: critical: Security update for chromium
SUSE-SU-2026:1666-1: low: Security update for python-Pygments
SUSE-SU-2026:1667-1: low: Security update for python-Pygments
openSUSE-SU-2026:10658-1: moderate: python311-pypdf-6.10.2-2.1 on GA media
openSUSE-SU-2026:10657-1: moderate: krb5-appl-clients-1.0.3-6.1 on GA media
openSUSE-SU-2026:10655-1: moderate: google-osconfig-agent-20260330.00-2.1 on GA media
openSUSE-SU-2026:10652-1: moderate: gvim-9.2.0398-1.1 on GA media
openSUSE-SU-2026:10656-1: moderate: java-1_8_0-openjdk-1.8.0.492-1.1 on GA media
openSUSE-SU-2026:10654-1: moderate: google-guest-agent-20260402.00-2.1 on GA media
openSUSE-SU-2026:10651-1: moderate: trivy-0.70.0-1.1 on GA media
openSUSE-SU-2026:10649-1: moderate: sed-4.10-1.1 on GA media
openSUSE-SU-2026:10650-1: moderate: libtiff-devel-32bit-4.7.1-5.1 on GA media




openSUSE-SU-2026:0161-1: critical: Security update for chromium


openSUSE Security Update: Security update for chromium
_______________________________

Announcement ID: openSUSE-SU-2026:0161-1
Rating: critical
References: #1263158
Cross-References: CVE-2026-6919 CVE-2026-6920 CVE-2026-6921
CVE-2026-7333 CVE-2026-7334 CVE-2026-7335
CVE-2026-7336 CVE-2026-7337 CVE-2026-7338
CVE-2026-7339 CVE-2026-7340 CVE-2026-7341
CVE-2026-7342 CVE-2026-7343 CVE-2026-7344
CVE-2026-7345 CVE-2026-7346 CVE-2026-7347
CVE-2026-7348 CVE-2026-7349 CVE-2026-7350
CVE-2026-7351 CVE-2026-7352 CVE-2026-7353
CVE-2026-7354 CVE-2026-7355 CVE-2026-7356
CVE-2026-7357 CVE-2026-7358 CVE-2026-7359
CVE-2026-7360 CVE-2026-7361 CVE-2026-7363

Affected Products:
openSUSE Backports SLE-15-SP6
openSUSE Backports SLE-15-SP7
_______________________________

An update that fixes 33 vulnerabilities is now available.

Description:

This update for chromium fixes the following issues:

- Chromium 147.0.7727.137 (boo#1263158)
* CVE-2026-7363: Use after free in Canvas
* CVE-2026-7361: Use after free in iOS
* CVE-2026-7344: Use after free in Accessibility
* CVE-2026-7343: Use after free in Views
* CVE-2026-7333: Use after free in GPU
* CVE-2026-7360: Insufficient validation of untrusted input in
Compositing
* CVE-2026-7359: Use after free in ANGLE
* CVE-2026-7358: Use after free in Animation
* CVE-2026-7334: Use after free in Views
* CVE-2026-7357: Use after free in GPU
* CVE-2026-7356: Use after free in Navigation
* CVE-2026-7354: Out of bounds read and write in Angle
* CVE-2026-7353: Heap buffer overflow in Skia
* CVE-2026-7352: Use after free in Media
* CVE-2026-7351: Race in MHTML
* CVE-2026-7350: Use after free in WebMIDI
* CVE-2026-7349: Use after free in Cast
* CVE-2026-7348: Use after free in Codecs
* CVE-2026-7335: Use after free in media
* CVE-2026-7336: Use after free in WebRTC
* CVE-2026-7337: Type Confusion in V8
* CVE-2026-7347: Use after free in Chromoting
* CVE-2026-7346: Inappropriate implementation in Tint
* CVE-2026-7345: Insufficient validation of untrusted input in Feedback
* CVE-2026-7338: Use after free in Cast
* CVE-2026-7342: Use after free in WebView
* CVE-2026-7341: Use after free in WebRTC
* CVE-2026-7339: Heap buffer overflow in WebRTC
* CVE-2026-7340: Integer overflow in ANGLE
* CVE-2026-7355: Use after free in Media

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP7:

zypper in -t patch openSUSE-2026-161=1

- openSUSE Backports SLE-15-SP6:

zypper in -t patch openSUSE-2026-161=1

Package List:

- openSUSE Backports SLE-15-SP7 (aarch64 ppc64le x86_64):

chromedriver-147.0.7727.137-bp157.2.154.1
chromium-147.0.7727.137-bp157.2.154.1

- openSUSE Backports SLE-15-SP6 (aarch64 ppc64le x86_64):

chromedriver-147.0.7727.137-bp156.2.269.1
chromium-147.0.7727.137-bp156.2.269.1

References:

https://www.suse.com/security/cve/CVE-2026-6919.html
https://www.suse.com/security/cve/CVE-2026-6920.html
https://www.suse.com/security/cve/CVE-2026-6921.html
https://www.suse.com/security/cve/CVE-2026-7333.html
https://www.suse.com/security/cve/CVE-2026-7334.html
https://www.suse.com/security/cve/CVE-2026-7335.html
https://www.suse.com/security/cve/CVE-2026-7336.html
https://www.suse.com/security/cve/CVE-2026-7337.html
https://www.suse.com/security/cve/CVE-2026-7338.html
https://www.suse.com/security/cve/CVE-2026-7339.html
https://www.suse.com/security/cve/CVE-2026-7340.html
https://www.suse.com/security/cve/CVE-2026-7341.html
https://www.suse.com/security/cve/CVE-2026-7342.html
https://www.suse.com/security/cve/CVE-2026-7343.html
https://www.suse.com/security/cve/CVE-2026-7344.html
https://www.suse.com/security/cve/CVE-2026-7345.html
https://www.suse.com/security/cve/CVE-2026-7346.html
https://www.suse.com/security/cve/CVE-2026-7347.html
https://www.suse.com/security/cve/CVE-2026-7348.html
https://www.suse.com/security/cve/CVE-2026-7349.html
https://www.suse.com/security/cve/CVE-2026-7350.html
https://www.suse.com/security/cve/CVE-2026-7351.html
https://www.suse.com/security/cve/CVE-2026-7352.html
https://www.suse.com/security/cve/CVE-2026-7353.html
https://www.suse.com/security/cve/CVE-2026-7354.html
https://www.suse.com/security/cve/CVE-2026-7355.html
https://www.suse.com/security/cve/CVE-2026-7356.html
https://www.suse.com/security/cve/CVE-2026-7357.html
https://www.suse.com/security/cve/CVE-2026-7358.html
https://www.suse.com/security/cve/CVE-2026-7359.html
https://www.suse.com/security/cve/CVE-2026-7360.html
https://www.suse.com/security/cve/CVE-2026-7361.html
https://www.suse.com/security/cve/CVE-2026-7363.html
https://bugzilla.suse.com/1263158



SUSE-SU-2026:1666-1: low: Security update for python-Pygments


# Security update for python-Pygments

Announcement ID: SUSE-SU-2026:1666-1
Release Date: 2026-04-30T17:22:22Z
Rating: low
References:

* bsc#1260796

Cross-References:

* CVE-2026-4539

CVSS scores:

* CVE-2026-4539 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2026-4539 ( NVD ): 1.9
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-4539 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Affected Products:

* openSUSE Leap 15.4
* openSUSE Leap 15.6
* Public Cloud Module 15-SP4
* Python 3 Module 15-SP7
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP7
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3

An update that solves one vulnerability can now be installed.

## Description:

This update for python-Pygments fixes the following issues:

* CVE-2026-4539: inefficient regex for GUID and ID pattern matching can lead
to archetype lexer ReDoS (bsc#1260796).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* Public Cloud Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2026-1666=1

* Python 3 Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Python3-15-SP7-2026-1666=1

* openSUSE Leap 15.4
zypper in -t patch SUSE-2026-1666=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2026-1666=1

## Package List:

* Public Cloud Module 15-SP4 (noarch)
* python311-Pygments-2.15.1-150400.7.10.1
* Python 3 Module 15-SP7 (noarch)
* python311-Pygments-2.15.1-150400.7.10.1
* openSUSE Leap 15.4 (noarch)
* python311-Pygments-2.15.1-150400.7.10.1
* openSUSE Leap 15.6 (noarch)
* python311-Pygments-2.15.1-150400.7.10.1

## References:

* https://www.suse.com/security/cve/CVE-2026-4539.html
* https://bugzilla.suse.com/show_bug.cgi?id=1260796



SUSE-SU-2026:1667-1: low: Security update for python-Pygments


# Security update for python-Pygments

Announcement ID: SUSE-SU-2026:1667-1
Release Date: 2026-04-30T17:22:44Z
Rating: low
References:

* bsc#1260796

Cross-References:

* CVE-2026-4539

CVSS scores:

* CVE-2026-4539 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2026-4539 ( NVD ): 1.9
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-4539 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Affected Products:

* Basesystem Module 15-SP7
* openSUSE Leap 15.3
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP7

An update that solves one vulnerability can now be installed.

## Description:

This update for python-Pygments fixes the following issues:

* CVE-2026-4539: inefficient regex for GUID and ID pattern matching can lead
to archetype lexer ReDoS (bsc#1260796).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.3
zypper in -t patch SUSE-2026-1667=1

* Basesystem Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-1667=1

## Package List:

* openSUSE Leap 15.3 (noarch)
* python3-Pygments-2.6.1-150300.4.6.1
* Basesystem Module 15-SP7 (noarch)
* python3-Pygments-2.6.1-150300.4.6.1

## References:

* https://www.suse.com/security/cve/CVE-2026-4539.html
* https://bugzilla.suse.com/show_bug.cgi?id=1260796



openSUSE-SU-2026:10658-1: moderate: python311-pypdf-6.10.2-2.1 on GA media


# python311-pypdf-6.10.2-2.1 on GA media

Announcement ID: openSUSE-SU-2026:10658-1
Rating: moderate

Cross-References:

* CVE-2026-41168
* CVE-2026-41312

Affected Products:

* openSUSE Tumbleweed

An update that solves 2 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the python311-pypdf-6.10.2-2.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* python311-pypdf 6.10.2-2.1
* python313-pypdf 6.10.2-2.1
* python314-pypdf 6.10.2-2.1

## References:

* https://www.suse.com/security/cve/CVE-2026-41168.html
* https://www.suse.com/security/cve/CVE-2026-41312.html



openSUSE-SU-2026:10657-1: moderate: krb5-appl-clients-1.0.3-6.1 on GA media


# krb5-appl-clients-1.0.3-6.1 on GA media

Announcement ID: openSUSE-SU-2026:10657-1
Rating: moderate

Cross-References:

* CVE-2026-32746

CVSS scores:

* CVE-2026-32746 ( SUSE ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the krb5-appl-clients-1.0.3-6.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* krb5-appl-clients 1.0.3-6.1
* krb5-appl-servers 1.0.3-6.1

## References:

* https://www.suse.com/security/cve/CVE-2026-32746.html



openSUSE-SU-2026:10655-1: moderate: google-osconfig-agent-20260330.00-2.1 on GA media


# google-osconfig-agent-20260330.00-2.1 on GA media

Announcement ID: openSUSE-SU-2026:10655-1
Rating: moderate

Cross-References:

* CVE-2026-34986

CVSS scores:

* CVE-2026-34986 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-34986 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the google-osconfig-agent-20260330.00-2.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* google-osconfig-agent 20260330.00-2.1

## References:

* https://www.suse.com/security/cve/CVE-2026-34986.html



openSUSE-SU-2026:10652-1: moderate: gvim-9.2.0398-1.1 on GA media


# gvim-9.2.0398-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10652-1
Rating: moderate

Cross-References:

* CVE-2026-33412
* CVE-2026-34714
* CVE-2026-34982
* CVE-2026-39881

CVSS scores:

* CVE-2026-33412 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N
* CVE-2026-33412 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:P/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-34714 ( SUSE ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
* CVE-2026-34714 ( SUSE ): 9.3 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
* CVE-2026-34982 ( SUSE ): 8.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
* CVE-2026-34982 ( SUSE ): 8.3 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-39881 ( SUSE ): 6 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N
* CVE-2026-39881 ( SUSE ): 5.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves 4 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the gvim-9.2.0398-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* gvim 9.2.0398-1.1
* vim 9.2.0398-1.1
* vim-data 9.2.0398-1.1
* vim-data-common 9.2.0398-1.1
* vim-small 9.2.0398-1.1
* xxd 9.2.0398-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-33412.html
* https://www.suse.com/security/cve/CVE-2026-34714.html
* https://www.suse.com/security/cve/CVE-2026-34982.html
* https://www.suse.com/security/cve/CVE-2026-39881.html



openSUSE-SU-2026:10656-1: moderate: java-1_8_0-openjdk-1.8.0.492-1.1 on GA media


# java-1_8_0-openjdk-1.8.0.492-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10656-1
Rating: moderate

Cross-References:

* CVE-2026-22007
* CVE-2026-22013
* CVE-2026-22016
* CVE-2026-22018
* CVE-2026-22021
* CVE-2026-23865
* CVE-2026-34268

CVSS scores:

* CVE-2026-22007 ( SUSE ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2026-22007 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2026-22013 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
* CVE-2026-22013 ( SUSE ): 6 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2026-22016 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2026-22016 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2026-22018 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2026-22018 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2026-22021 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2026-22021 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2026-23865 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
* CVE-2026-23865 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2026-34268 ( SUSE ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2026-34268 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves 7 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the java-1_8_0-openjdk-1.8.0.492-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* java-1_8_0-openjdk 1.8.0.492-1.1
* java-1_8_0-openjdk-accessibility 1.8.0.492-1.1
* java-1_8_0-openjdk-demo 1.8.0.492-1.1
* java-1_8_0-openjdk-devel 1.8.0.492-1.1
* java-1_8_0-openjdk-headless 1.8.0.492-1.1
* java-1_8_0-openjdk-javadoc 1.8.0.492-1.1
* java-1_8_0-openjdk-src 1.8.0.492-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-22007.html
* https://www.suse.com/security/cve/CVE-2026-22013.html
* https://www.suse.com/security/cve/CVE-2026-22016.html
* https://www.suse.com/security/cve/CVE-2026-22018.html
* https://www.suse.com/security/cve/CVE-2026-22021.html
* https://www.suse.com/security/cve/CVE-2026-23865.html
* https://www.suse.com/security/cve/CVE-2026-34268.html



openSUSE-SU-2026:10654-1: moderate: google-guest-agent-20260402.00-2.1 on GA media


# google-guest-agent-20260402.00-2.1 on GA media

Announcement ID: openSUSE-SU-2026:10654-1
Rating: moderate

Cross-References:

* CVE-2026-34986

CVSS scores:

* CVE-2026-34986 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-34986 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the google-guest-agent-20260402.00-2.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* google-guest-agent 20260402.00-2.1

## References:

* https://www.suse.com/security/cve/CVE-2026-34986.html



openSUSE-SU-2026:10651-1: moderate: trivy-0.70.0-1.1 on GA media


# trivy-0.70.0-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10651-1
Rating: moderate

Cross-References:

* CVE-2025-69725
* CVE-2026-25934
* CVE-2026-33186
* CVE-2026-33747
* CVE-2026-33748
* CVE-2026-34986
* CVE-2026-39984

CVSS scores:

* CVE-2025-69725 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2025-69725 ( SUSE ): 2.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:N/SA:N
* CVE-2026-25934 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
* CVE-2026-25934 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2026-33186 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
* CVE-2026-33186 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-33747 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-33747 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-33748 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2026-33748 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2026-34986 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-34986 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-39984 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
* CVE-2026-39984 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves 7 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the trivy-0.70.0-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* trivy 0.70.0-1.1

## References:

* https://www.suse.com/security/cve/CVE-2025-69725.html
* https://www.suse.com/security/cve/CVE-2026-25934.html
* https://www.suse.com/security/cve/CVE-2026-33186.html
* https://www.suse.com/security/cve/CVE-2026-33747.html
* https://www.suse.com/security/cve/CVE-2026-33748.html
* https://www.suse.com/security/cve/CVE-2026-34986.html
* https://www.suse.com/security/cve/CVE-2026-39984.html



openSUSE-SU-2026:10649-1: moderate: sed-4.10-1.1 on GA media


# sed-4.10-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10649-1
Rating: moderate

Cross-References:

* CVE-2026-5958

CVSS scores:

* CVE-2026-5958 ( SUSE ): 6.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:N
* CVE-2026-5958 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:P/VC:L/VI:L/VA:N/SC:H/SI:H/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the sed-4.10-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* sed 4.10-1.1
* sed-lang 4.10-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-5958.html



openSUSE-SU-2026:10650-1: moderate: libtiff-devel-32bit-4.7.1-5.1 on GA media


# libtiff-devel-32bit-4.7.1-5.1 on GA media

Announcement ID: openSUSE-SU-2026:10650-1
Rating: moderate

Cross-References:

* CVE-2026-4775

CVSS scores:

* CVE-2026-4775 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
* CVE-2026-4775 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the libtiff-devel-32bit-4.7.1-5.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* libtiff-devel 4.7.1-5.1
* libtiff-devel-32bit 4.7.1-5.1
* libtiff6 4.7.1-5.1
* libtiff6-32bit 4.7.1-5.1
* tiff 4.7.1-5.1

## References:

* https://www.suse.com/security/cve/CVE-2026-4775.html


Firefox update for Slackware

Wine 11.8 released

Windows

Linux

macOS

Community

  • Lexonight
    Hey everyone,Wanted to share a project I've been b ...
  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...