Chromium, Linux Kernel, rclone, Django and more updates for SUSE

SUSE 5676 Published 2026-06-13 07:21 by Philipp Esselbach

News

openSUSE-SU-2026:0199-1: critical: Security update for rclone

openSUSE Security Update: Security update for rclone
_______________________________

Announcement ID: openSUSE-SU-2026:0199-1
Rating: critical
References: #1266210 #1267869
Cross-References: CVE-2026-25680 CVE-2026-25681 CVE-2026-27136
CVE-2026-27145 CVE-2026-33809 CVE-2026-39821
CVE-2026-39824 CVE-2026-39827 CVE-2026-39828
CVE-2026-39829 CVE-2026-39830 CVE-2026-39831
CVE-2026-39832 CVE-2026-39833 CVE-2026-39834
CVE-2026-39835 CVE-2026-42500 CVE-2026-42502
CVE-2026-42504 CVE-2026-42506 CVE-2026-42507
CVE-2026-42508 CVE-2026-44740 CVE-2026-46595
CVE-2026-46597 CVE-2026-46598 CVE-2026-49980

CVSS scores:
CVE-2026-25680 (SUSE): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
CVE-2026-25681 (SUSE): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N
CVE-2026-27136 (SUSE): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N
CVE-2026-27145 (SUSE): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
CVE-2026-39821 (SUSE): 9.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
CVE-2026-39827 (SUSE): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
CVE-2026-39828 (SUSE): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
CVE-2026-39829 (SUSE): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
CVE-2026-39830 (SUSE): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
CVE-2026-39831 (SUSE): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
CVE-2026-39832 (SUSE): 6.2 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N
CVE-2026-39833 (SUSE): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
CVE-2026-39834 (SUSE): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
CVE-2026-39835 (SUSE): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
CVE-2026-42502 (SUSE): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N
CVE-2026-42504 (SUSE): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
CVE-2026-42506 (SUSE): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N
CVE-2026-42507 (SUSE): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
CVE-2026-42508 (SUSE): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
CVE-2026-44740 (SUSE): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
CVE-2026-46595 (SUSE): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
CVE-2026-46597 (SUSE): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
CVE-2026-46598 (SUSE): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Products:
openSUSE Backports SLE-15-SP7
_______________________________

An update that fixes 27 vulnerabilities is now available.

Description:

This update for rclone fixes the following issues:

- Update to version 1.74.3: (boo#1267869)
- Bug Fixes
- rc
- Fix unauthenticated command execution via --rc-serve inline
remotes CVE-2026-49980 (Nick Craig-Wood)
- Stop global.* connection string options changing config
CVE-2026-49980 (Nick Craig-Wood)
- build: Fix multiple CVEs by upgrading to go1.26.4 (Nick Craig-Wood)
- CVE-2026-42504: mime: quadratic complexity in
WordDecoder.DecodeHeader
- CVE-2026-42507: net/textproto: arbitrary input are included in
errors without any escaping
- CVE-2026-27145: crypto/x509: split candidate hostname only
once
- log: Fix wrong source file:line in JSON logs from release builds
(Nick Craig-Wood)
- mount2: Fix empty directory listings on re-read (Janne Beate Bakeng)
- serve s3: Fix multipart ListParts pagination returning wrong part
numbers (Nick Craig-Wood)
- serve sftp
- Fix file corruption when a client resumes an upload (Nick
Craig-Wood)
- Fix truncate request being silently ignored (Nick Craig-Wood)
- Local
- Fix getXattr returning empty map instead of nil (Leon Brocard)
- Drime
- Fix server-side copy and move failing with Cloudflare 520 error
(Nick Craig-Wood)
- Fix files being uploaded to the wrong directory (Nick Craig-Wood)
- Remove duplicate upload_cutoff config option (Nick Craig-Wood)
- Fix directory rename leaving the renamed folder empty in VFS (Nick
Craig-Wood)
- Drive
- Fix server-side move failing on shared drives with duplicate dirs
(Nick Craig-Wood)
- Iclouddrive
- Fix ADP/PCS cookie acquisition for iCloud Drive (Yakov Till)
- Fix "Index has invalid data" error listing iCloud Photos (Nick
Craig-Wood)

- Update to version 1.74.2: (boo#1266210)
- Bug Fixes
- build
- Update golang.org/x/net to v0.55.0 to address:
- CVE-2026-42506: html: incorrect handling of namespaced elements
in foreign content
- CVE-2026-39821: idna: failure to reject ASCII-only
Punycode-encoded labels
- CVE-2026-42502: html: incorrect handling of HTML elements in
foreign content
- CVE-2026-25680: html: denial of service when parsing arbitrary
HTML
- CVE-2026-25681: html: incorrect handling of character references
in DOCTYPE nodes
- CVE-2026-27136: html: duplicate attributes can cause XSS
- Update golang.org/x/crypto to v0.52.0 to address:
- CVE-2026-46598: ssh/agent: pathological inputs can lead to
client panic
- CVE-2026-46597: ssh: byte arithmetic causes underflow and panic
- CVE-2026-39828: ssh: bypass of certificate restrictions
- CVE-2026-39835: ssh: server panic during
CheckHostKey/Authenticate
- CVE-2026-39833: ssh/agent: key constraints not enforced
- CVE-2026-39832: ssh/agent: agent constraints dropped when
forwarding keys
- CVE-2026-39827: ssh: memory leak when rejecting channels can
lead to DoS
- CVE-2026-39830: ssh: client can cause server deadlock on
unexpected responses
- CVE-2026-39829: ssh: pathological RSA/DSA parameters may cause
DoS
- CVE-2026-39831: ssh: bypass of FIDO/U2F security keys physical
interaction
- CVE-2026-39834: ssh: infinite loop on large channel writes
- CVE-2026-42508: ssh/knownhosts: auth bypass via unenforced
@revoked status
- CVE-2026-46595: ssh: VerifiedPublicKeyCallback permissions skip
enforcement
- update golang.org/x/image to v0.41.0 to address:
- CVE-2026-42500: bmp: panic when reading out of bound palette
index
- CVE-2026-33809: tiff: excessive resource consumption in PackBits
decompression
- Update golang.org/x/sys to version v0.45.0 to address:
- CVE-2026-39824: windows: integer overflow in NewNTUnicodeString
- Update github.com/go-git/go-billy/v5 to 5.9.0 to fix CVE-2026-44740
- bisync: Fix --conflict-loser pathname with
--conflict-resolve newer (nielash)
- gui: Update embedded release to 1.1.8 (Nick Craig-Wood)
- lib/http: Replace deprecated h2c.NewHandler with
http.Server.Protocols (Nick Craig-Wood)
- rc: Remove duplicate metrics_addr option registration (Nick
Craig-Wood)
- vfs/vfscache: Fix silent write failure when mounting with remote:.
(Lucky945H)
- doc fixes (FTCHD, Iizuki, Leon Brocard, Nick Craig-Wood)
- Drime
- Fix file doesn't exists error when trying to delete (John Volk)
- Fix 500 errors when listing shared folders (Alvinwylim)
- Jottacloud
- Support whitelabel service Phonero Sky (Tore Anderson)
- Protondrive
- Fix corrupted on transfer: sha1 hashes differ (William Tange)
- S3
- Add new MEGA S4 endpoints on megas4.com including Asia-Pacific
region (Nick Craig-Wood)
- WebDAV
- Honour auth_redirect on listAll PROPFIND (Sai Asish Y)

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP7:

zypper in -t patch openSUSE-2026-199=1

Package List:

- openSUSE Backports SLE-15-SP7 (aarch64 i586 ppc64le s390x x86_64):

rclone-1.74.3-bp157.2.9.1

- openSUSE Backports SLE-15-SP7 (noarch):

rclone-bash-completion-1.74.3-bp157.2.9.1
rclone-zsh-completion-1.74.3-bp157.2.9.1

References:

https://www.suse.com/security/cve/CVE-2026-25680.html
https://www.suse.com/security/cve/CVE-2026-25681.html
https://www.suse.com/security/cve/CVE-2026-27136.html
https://www.suse.com/security/cve/CVE-2026-27145.html
https://www.suse.com/security/cve/CVE-2026-33809.html
https://www.suse.com/security/cve/CVE-2026-39821.html
https://www.suse.com/security/cve/CVE-2026-39824.html
https://www.suse.com/security/cve/CVE-2026-39827.html
https://www.suse.com/security/cve/CVE-2026-39828.html
https://www.suse.com/security/cve/CVE-2026-39829.html
https://www.suse.com/security/cve/CVE-2026-39830.html
https://www.suse.com/security/cve/CVE-2026-39831.html
https://www.suse.com/security/cve/CVE-2026-39832.html
https://www.suse.com/security/cve/CVE-2026-39833.html
https://www.suse.com/security/cve/CVE-2026-39834.html
https://www.suse.com/security/cve/CVE-2026-39835.html
https://www.suse.com/security/cve/CVE-2026-42500.html
https://www.suse.com/security/cve/CVE-2026-42502.html
https://www.suse.com/security/cve/CVE-2026-42504.html
https://www.suse.com/security/cve/CVE-2026-42506.html
https://www.suse.com/security/cve/CVE-2026-42507.html
https://www.suse.com/security/cve/CVE-2026-42508.html
https://www.suse.com/security/cve/CVE-2026-44740.html
https://www.suse.com/security/cve/CVE-2026-46595.html
https://www.suse.com/security/cve/CVE-2026-46597.html
https://www.suse.com/security/cve/CVE-2026-46598.html
https://www.suse.com/security/cve/CVE-2026-49980.html
https://bugzilla.suse.com/1266210
https://bugzilla.suse.com/1267869

SUSE-SU-2026:2380-1: critical: Security update for hplip

# Security update for hplip

Announcement ID: SUSE-SU-2026:2380-1
Release Date: 2026-06-11T16:15:35Z
Rating: critical
References:

* bsc#1209401
* bsc#1234745
* bsc#1245358
* bsc#1250481
* bsc#1257529
* bsc#1266023
* bsc#1266024
* bsc#1266031

Cross-References:

* CVE-2025-43023
* CVE-2026-8631
* CVE-2026-8632

CVSS scores:

* CVE-2025-43023 ( SUSE ): 7.5
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-43023 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-43023 ( NVD ): 5.9
CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2025-43023 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
* CVE-2026-8631 ( SUSE ): 9.3
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-8631 ( SUSE ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-8631 ( NVD ): 9.3
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-8631 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-8632 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-8632 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-8632 ( NVD ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-8632 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* openSUSE Leap 15.4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves three vulnerabilities and has five security fixes can now
be installed.

## Description:

This update for hplip fixes the following issues

Update to HPLIP 3.26.4:

Security issues:

* CVE-2025-43023: weak code signing DSA key used to generate package
signatures can lead to key spoofing and malicious software installation
(bsc#1266031).
* CVE-2026-8631: escalation of privileges and/or arbitrary code execution via
an integer overflow in the hpcups processing path (bsc#1266023).
* CVE-2026-8632: escalation of privileges and/or arbitrary code execution via
operating system command injection (bsc#1266024).
* unauthenticated remote (LAN) denial-of-service in the SLP parser (ReDoS)
(bsc#1245358).
* URI parameter injection via unsanitized USB serial number (bsc#1209401).

Non security issues:

* Can't set up fax for HP OfficeJet 3830 (bsc#1257529).
* hplip requires foomatic-filters which does not exist in Leap 16
(bsc#1250481).

Changes:

* Add support for the following new printers:
* HP LaserJet Pro MFP 3106sdw
* HP LaserJet Pro MFP 3105sdw
* HP Envy 6500e series
* HP Envy 6500 series
* HP OfficeJet Pro 9730 Series
* HP OfficeJet Pro 9730e Series
* HP OfficeJet Pro 9720 Series
* HP OfficeJet Pro 9720e Series
* HP OfficeJet Pro 8130e All-in-One series
* HP OfficeJet Pro 8130 All-in-One series
* HP OfficeJet 8130e All-in-One series
* HP OfficeJet 8130 All-in-One series
* HP OfficeJet Pro 8120e All-in-One series
* HP OfficeJet Pro 8120 All-in-One series
* HP OfficeJet 8120e All-in-One series
* HP OfficeJet 8120 All-in-One series
* HP DeskJet Ink Advantage ultra 5800 All-in-One Printer series
* HP DeskJet Ink Advantage ultra 5100 All-in-One Printer series
* HP DeskJet 4300e All-in-One Printer series
* HP DeskJet Ink Advantage 4300 All-in-One Printer series
* HP DeskJet 4300 All-in-One Printer series
* HP DeskJet 2900e All-in-One Printer series
* HP DeskJet Ink Advantage 2900 All-in-One Printer series
* HP DeskJet 2900 All-in-One Printer series
* HP LaserJet Enterprise Flow MFP 8601z
* HP LaserJet Enterprise 5501
* HP LaserJet Enterprise MFP 5601dn
* HP LaserJet Enterprise 6500dn
* HP LaserJet Enterprise 5501n
* HP LaserJet Enterprise MFP 5601
* HP LaserJet Enterprise 6500
* HP LaserJet Enterprise 5502dn
* HP LaserJet Enterprise MFP 5602dn
* HP LaserJet Enterprise 6500n
* HP LaserJet Enterprise 5502
* HP LaserJet Enterprise MFP 5602f
* HP LaserJet Enterprise 6501dn
* HP LaserJet Enterprise X50452dn
* HP LaserJet Enterprise Flow MFP 5602zfw
* HP LaserJet Enterprise 6501
* HP LaserJet Enterprise X50452
* HP LaserJet Enterprise MFP 5602
* HP LaserJet Enterprise X60257dn
* HP LaserJet Enterprise MFP X53052dn
* HP LaserJet Enterprise Flow MFP X530
* HP LaserJet Enterprise X60257
* HP LaserJet Enterprise MFP X53052
* HP LaserJet Enterprise X60357dn
* HP LaserJet Enterprise X60357
* HP LaserJet Enterprise MFP 6600dn
* HP LaserJet Enterprise Flow MFP 6600zfw
* HP LaserJet Enterprise MFP 6600
* HP LaserJet Enterprise Flow MFP 6600zfsw
* HP LaserJet Enterprise MFP X62757dn
* HP LaserJet Enterprise Flow MFP X62757zs
* HP LaserJet Enterprise MFP X62757
* DEX D50452dn
* DEX MFP D53052dn
* HP LaserJet Pro MFP M126a plus
* HP LaserJet Pro MFP M126nw plus
* HP LaserJet Pro MFP M126snw plus
* HP Envy Photo 7200 series
* HP Envy Photo 7900 series
* HP OfficeJet Pro 9110 Series
* HP OfficeJet 9120 Series
* HP OfficeJet Pro 9120 Series
* HP OfficeJet Pro 9130 Series
* HP LaserJet Enterprise Flow MFP 8601z+
* HP LaserJet Enterprise MFP 8601dn
* HP Color LaserJet Enterprise MFP 8801dn
* HP Color LaserJet Enterprise Flow MFP 8801z
* HP Color LaserJet Enterprise Flow MFP 8801z+
* HP LaserJet Enterprise 8501dn
* HP LaserJet Enterprise 8501x
* HP LaserJet Enterprise 8501x+
* DEX MFP D826
* DEX MFP D82640
* DEX MFP D82650
* DEX MFP D82660
* DEX D50145
* DEX MFP D42540
* DEX MFP D52645
* DEX Color D55745
* DEX Color MFP D57945
* DEX Color MFP D677
* DEX Color MFP D67755
* DEX Color MFP D67765
* DEX Color MFP D877
* DEX Color MFP D87740
* DEX Color MFP D87750
* DEX Color MFP D87760
* DEX Color MFP D87770
* DEX Color MFP D786
* DEX Colour MFP D78625
* DEX Color MFP D78630
* DEX Color MFP D78635
* DEX MFP D731
* DEX MFP D73130
* DEX MFP D73135
* DEX MFP D73140

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2026-2380=1

* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2380=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2380=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2380=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2380=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2380=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2380=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2380=1

* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2380=1

## Package List:

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* hplip-debugsource-3.26.4-150400.3.22.1
* hplip-devel-3.26.4-150400.3.22.1
* hplip-udev-rules-3.26.4-150400.3.22.1
* hplip-sane-3.26.4-150400.3.22.1
* hplip-sane-debuginfo-3.26.4-150400.3.22.1
* hplip-hpijs-3.26.4-150400.3.22.1
* hplip-3.26.4-150400.3.22.1
* hplip-scan-utils-3.26.4-150400.3.22.1
* hplip-debuginfo-3.26.4-150400.3.22.1
* hplip-scan-utils-debuginfo-3.26.4-150400.3.22.1
* hplip-hpijs-debuginfo-3.26.4-150400.3.22.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* hplip-debugsource-3.26.4-150400.3.22.1
* hplip-devel-3.26.4-150400.3.22.1
* hplip-udev-rules-3.26.4-150400.3.22.1
* hplip-sane-debuginfo-3.26.4-150400.3.22.1
* hplip-sane-3.26.4-150400.3.22.1
* hplip-hpijs-3.26.4-150400.3.22.1
* hplip-3.26.4-150400.3.22.1
* hplip-debuginfo-3.26.4-150400.3.22.1
* hplip-hpijs-debuginfo-3.26.4-150400.3.22.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* hplip-debugsource-3.26.4-150400.3.22.1
* hplip-devel-3.26.4-150400.3.22.1
* hplip-sane-debuginfo-3.26.4-150400.3.22.1
* hplip-sane-3.26.4-150400.3.22.1
* hplip-udev-rules-3.26.4-150400.3.22.1
* hplip-hpijs-3.26.4-150400.3.22.1
* hplip-3.26.4-150400.3.22.1
* hplip-debuginfo-3.26.4-150400.3.22.1
* hplip-hpijs-debuginfo-3.26.4-150400.3.22.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* hplip-debugsource-3.26.4-150400.3.22.1
* hplip-devel-3.26.4-150400.3.22.1
* hplip-sane-debuginfo-3.26.4-150400.3.22.1
* hplip-sane-3.26.4-150400.3.22.1
* hplip-udev-rules-3.26.4-150400.3.22.1
* hplip-hpijs-3.26.4-150400.3.22.1
* hplip-3.26.4-150400.3.22.1
* hplip-debuginfo-3.26.4-150400.3.22.1
* hplip-hpijs-debuginfo-3.26.4-150400.3.22.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
x86_64)
* hplip-debugsource-3.26.4-150400.3.22.1
* hplip-devel-3.26.4-150400.3.22.1
* hplip-sane-debuginfo-3.26.4-150400.3.22.1
* hplip-sane-3.26.4-150400.3.22.1
* hplip-udev-rules-3.26.4-150400.3.22.1
* hplip-hpijs-3.26.4-150400.3.22.1
* hplip-3.26.4-150400.3.22.1
* hplip-debuginfo-3.26.4-150400.3.22.1
* hplip-hpijs-debuginfo-3.26.4-150400.3.22.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
x86_64)
* hplip-debugsource-3.26.4-150400.3.22.1
* hplip-devel-3.26.4-150400.3.22.1
* hplip-sane-debuginfo-3.26.4-150400.3.22.1
* hplip-sane-3.26.4-150400.3.22.1
* hplip-udev-rules-3.26.4-150400.3.22.1
* hplip-hpijs-3.26.4-150400.3.22.1
* hplip-3.26.4-150400.3.22.1
* hplip-debuginfo-3.26.4-150400.3.22.1
* hplip-hpijs-debuginfo-3.26.4-150400.3.22.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* hplip-debugsource-3.26.4-150400.3.22.1
* hplip-devel-3.26.4-150400.3.22.1
* hplip-sane-debuginfo-3.26.4-150400.3.22.1
* hplip-sane-3.26.4-150400.3.22.1
* hplip-udev-rules-3.26.4-150400.3.22.1
* hplip-hpijs-3.26.4-150400.3.22.1
* hplip-3.26.4-150400.3.22.1
* hplip-debuginfo-3.26.4-150400.3.22.1
* hplip-hpijs-debuginfo-3.26.4-150400.3.22.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* hplip-debugsource-3.26.4-150400.3.22.1
* hplip-devel-3.26.4-150400.3.22.1
* hplip-sane-debuginfo-3.26.4-150400.3.22.1
* hplip-sane-3.26.4-150400.3.22.1
* hplip-udev-rules-3.26.4-150400.3.22.1
* hplip-hpijs-3.26.4-150400.3.22.1
* hplip-3.26.4-150400.3.22.1
* hplip-debuginfo-3.26.4-150400.3.22.1
* hplip-hpijs-debuginfo-3.26.4-150400.3.22.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* hplip-debugsource-3.26.4-150400.3.22.1
* hplip-devel-3.26.4-150400.3.22.1
* hplip-sane-debuginfo-3.26.4-150400.3.22.1
* hplip-sane-3.26.4-150400.3.22.1
* hplip-udev-rules-3.26.4-150400.3.22.1
* hplip-hpijs-3.26.4-150400.3.22.1
* hplip-3.26.4-150400.3.22.1
* hplip-debuginfo-3.26.4-150400.3.22.1
* hplip-hpijs-debuginfo-3.26.4-150400.3.22.1

## References:

* https://www.suse.com/security/cve/CVE-2025-43023.html
* https://www.suse.com/security/cve/CVE-2026-8631.html
* https://www.suse.com/security/cve/CVE-2026-8632.html
* https://bugzilla.suse.com/show_bug.cgi?id=1209401
* https://bugzilla.suse.com/show_bug.cgi?id=1234745
* https://bugzilla.suse.com/show_bug.cgi?id=1245358
* https://bugzilla.suse.com/show_bug.cgi?id=1250481
* https://bugzilla.suse.com/show_bug.cgi?id=1257529
* https://bugzilla.suse.com/show_bug.cgi?id=1266023
* https://bugzilla.suse.com/show_bug.cgi?id=1266024
* https://bugzilla.suse.com/show_bug.cgi?id=1266031

SUSE-SU-2026:2381-1: important: Security update for libyang

# Security update for libyang

Announcement ID: SUSE-SU-2026:2381-1
Release Date: 2026-06-12T06:50:59Z
Rating: important
References:

* bsc#1265330

Cross-References:

* CVE-2026-44673

CVSS scores:

* CVE-2026-44673 ( SUSE ): 8.8
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2026-44673 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
* CVE-2026-44673 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP4

An update that solves one vulnerability can now be installed.

## Description:

This update for libyang fixes the following issue

* CVE-2026-44673: integer overflow in `lyb_read_string()` of
`src/parser_lyb.c` leads to heap buffer overflow when parsing a maliciously
crafted LYB binary blob (bsc#1265330).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.3
zypper in -t patch SUSE-2026-2381=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2381=1

* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2381=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2381=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2381=1

## Package List:

* openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586)
* libyang-devel-1.0.184-150300.3.9.1
* yang-tools-debuginfo-1.0.184-150300.3.9.1
* yang-tools-1.0.184-150300.3.9.1
* libyang-cpp-devel-1.0.184-150300.3.9.1
* libyang-extentions-debuginfo-1.0.184-150300.3.9.1
* libyang1-debuginfo-1.0.184-150300.3.9.1
* python3-yang-1.0.184-150300.3.9.1
* python3-yang-debuginfo-1.0.184-150300.3.9.1
* libyang-debuginfo-1.0.184-150300.3.9.1
* libyang-extentions-1.0.184-150300.3.9.1
* libyang-cpp1-1.0.184-150300.3.9.1
* libyang-cpp1-debuginfo-1.0.184-150300.3.9.1
* libyang1-1.0.184-150300.3.9.1
* libyang-debugsource-1.0.184-150300.3.9.1
* openSUSE Leap 15.3 (noarch)
* libyang-doc-1.0.184-150300.3.9.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* libyang-extentions-debuginfo-1.0.184-150300.3.9.1
* libyang1-debuginfo-1.0.184-150300.3.9.1
* libyang-debuginfo-1.0.184-150300.3.9.1
* libyang-extentions-1.0.184-150300.3.9.1
* libyang1-1.0.184-150300.3.9.1
* libyang-debugsource-1.0.184-150300.3.9.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* libyang-extentions-debuginfo-1.0.184-150300.3.9.1
* libyang1-debuginfo-1.0.184-150300.3.9.1
* libyang-debuginfo-1.0.184-150300.3.9.1
* libyang-extentions-1.0.184-150300.3.9.1
* libyang1-1.0.184-150300.3.9.1
* libyang-debugsource-1.0.184-150300.3.9.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* libyang-extentions-debuginfo-1.0.184-150300.3.9.1
* libyang1-debuginfo-1.0.184-150300.3.9.1
* libyang-debuginfo-1.0.184-150300.3.9.1
* libyang-extentions-1.0.184-150300.3.9.1
* libyang1-1.0.184-150300.3.9.1
* libyang-debugsource-1.0.184-150300.3.9.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* libyang-extentions-debuginfo-1.0.184-150300.3.9.1
* libyang1-debuginfo-1.0.184-150300.3.9.1
* libyang-debuginfo-1.0.184-150300.3.9.1
* libyang-extentions-1.0.184-150300.3.9.1
* libyang1-1.0.184-150300.3.9.1
* libyang-debugsource-1.0.184-150300.3.9.1

## References:

* https://www.suse.com/security/cve/CVE-2026-44673.html
* https://bugzilla.suse.com/show_bug.cgi?id=1265330

openSUSE-SU-2026:10994-1: moderate: cpp-httplib-devel-0.46.1-1.1 on GA media

# cpp-httplib-devel-0.46.1-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10994-1
Rating: moderate

Cross-References:

* CVE-2026-45372
* CVE-2026-46527

CVSS scores:

* CVE-2026-45372 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:L
* CVE-2026-46527 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Tumbleweed

An update that solves 2 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the cpp-httplib-devel-0.46.1-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* cpp-httplib-devel 0.46.1-1.1
* libcpp-httplib0_46 0.46.1-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-45372.html
* https://www.suse.com/security/cve/CVE-2026-46527.html

openSUSE-SU-2026:10999-1: moderate: logback-1.5.34-1.1 on GA media

# logback-1.5.34-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10999-1
Rating: moderate

Cross-References:

* CVE-2026-10532

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the logback-1.5.34-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* logback 1.5.34-1.1
* logback-access 1.5.34-1.1
* logback-examples 1.5.34-1.1
* logback-javadoc 1.5.34-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-10532.html

openSUSE-SU-2026:10998-1: moderate: ldns-1.9.2-1.1 on GA media

# ldns-1.9.2-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10998-1
Rating: moderate

Cross-References:

* CVE-2026-10846

CVSS scores:

* CVE-2026-10846 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
* CVE-2026-10846 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the ldns-1.9.2-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* ldns 1.9.2-1.1
* ldns-devel 1.9.2-1.1
* libldns3 1.9.2-1.1
* perl-DNS-LDNS 1.9.2-1.1
* python3-ldns 1.9.2-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-10846.html

openSUSE-SU-2026:20931-1: low: Security update for python-Pygments

openSUSE security update: security update for python-pygments
-------------------------------------------------------------

Announcement ID: openSUSE-SU-2026:20931-1
Rating: low
References:

* bsc#1260796

Cross-References:

* CVE-2026-4539

CVSS scores:

* CVE-2026-4539 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Affected Products:

openSUSE Leap 16.0

-------------------------------------------------------------

An update that solves one vulnerability and has one bug fix can now be installed.

Description:

This update for python-Pygments fixes the following issue:

- CVE-2026-4539: Denial of Service via inefficient regular expression processing in AdlLexer (bsc#1260796).

Patch instructions:

To install this openSUSE security update use the suse recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

- openSUSE Leap 16.0

zypper in -t patch openSUSE-Leap-16.0-911=1

Package List:

- openSUSE Leap 16.0:

python313-Pygments-2.19.1-160000.3.1

References:

* https://www.suse.com/security/cve/CVE-2026-4539.html

openSUSE-SU-2026:10997-1: moderate: golang-github-prometheus-prometheus-3.12.0-2.1 on GA media

# golang-github-prometheus-prometheus-3.12.0-2.1 on GA media

Announcement ID: openSUSE-SU-2026:10997-1
Rating: moderate

Cross-References:

* CVE-2026-39821

CVSS scores:

* CVE-2026-39821 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
* CVE-2026-39821 ( SUSE ): 9.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the golang-github-prometheus-prometheus-3.12.0-2.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* golang-github-prometheus-prometheus 3.12.0-2.1

## References:

* https://www.suse.com/security/cve/CVE-2026-39821.html

SUSE-SU-2026:2386-1: important: Security update for qemu

# Security update for qemu

Announcement ID: SUSE-SU-2026:2386-1
Release Date: 2026-06-12T13:54:10Z
Rating: important
References:

* bsc#1199023
* bsc#1255400
* bsc#1256484
* bsc#1258509
* bsc#1259079
* bsc#1259080
* bsc#1262089

Cross-References:

* CVE-2025-14876
* CVE-2026-0665
* CVE-2026-2243
* CVE-2026-3195
* CVE-2026-3196
* CVE-2026-3842

CVSS scores:

* CVE-2025-14876 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-14876 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-14876 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-0665 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2026-0665 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
* CVE-2026-0665 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
* CVE-2026-2243 ( SUSE ): 4.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2026-2243 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
* CVE-2026-2243 ( NVD ): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
* CVE-2026-3195 ( SUSE ): 7.1
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:H/SI:H/SA:H
* CVE-2026-3195 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
* CVE-2026-3196 ( SUSE ): 8.2
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
* CVE-2026-3196 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
* CVE-2026-3842 ( SUSE ): 5.1
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2026-3842 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

Affected Products:

* openSUSE Leap 15.6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP6 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves six vulnerabilities and has one security fix can now be
installed.

## Description:

This update for qemu fixes the following issues:

* CVE-2025-14876: qemu-kvm: Unbounded allocation in virtio-crypto
(bsc#1255400).
* CVE-2026-0665: out-of-bounds heap access can lead to a denial of service or
potential memory corruption (bsc#1256484).
* CVE-2026-2243: incorrect bounds check leads to heap out-of-bounds read and a
12-byte information leak when processing specially crafted VMDK files
(bsc#1258509).
* CVE-2026-3195: heap buffer overflow when reading input audio in the virtio-
snd device input callback due to insufficient checks in
`virtio_snd_pcm_in_cb` (bsc#1259080).
* CVE-2026-3196: integer overflow in the virtio-snd device via PCM_INFO
requests from the guest leads to unbounded memory allocation and host
denial-of-service (bsc#1259079).
* CVE-2026-3842: hyperv/syndbg: missing mapped-length guard after
cpu_physical_memory_map causes host OOB write (bsc#1262089).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2026-2386=1

* SUSE Linux Enterprise Server 15 SP6 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2386=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP6
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2386=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* qemu-extra-debuginfo-8.2.10-150600.3.49.1
* qemu-hw-usb-redirect-8.2.10-150600.3.49.1
* qemu-ui-spice-app-debuginfo-8.2.10-150600.3.49.1
* qemu-audio-pa-debuginfo-8.2.10-150600.3.49.1
* qemu-vhost-user-gpu-debuginfo-8.2.10-150600.3.49.1
* qemu-tools-8.2.10-150600.3.49.1
* qemu-ui-curses-debuginfo-8.2.10-150600.3.49.1
* qemu-audio-dbus-8.2.10-150600.3.49.1
* qemu-chardev-spice-debuginfo-8.2.10-150600.3.49.1
* qemu-guest-agent-8.2.10-150600.3.49.1
* qemu-debugsource-8.2.10-150600.3.49.1
* qemu-ksm-8.2.10-150600.3.49.1
* qemu-accel-qtest-8.2.10-150600.3.49.1
* qemu-linux-user-debugsource-8.2.10-150600.3.49.1
* qemu-audio-pipewire-8.2.10-150600.3.49.1
* qemu-block-ssh-8.2.10-150600.3.49.1
* qemu-hw-display-virtio-gpu-pci-8.2.10-150600.3.49.1
* qemu-chardev-spice-8.2.10-150600.3.49.1
* qemu-arm-8.2.10-150600.3.49.1
* qemu-ivshmem-tools-8.2.10-150600.3.49.1
* qemu-block-gluster-debuginfo-8.2.10-150600.3.49.1
* qemu-s390x-8.2.10-150600.3.49.1
* qemu-block-gluster-8.2.10-150600.3.49.1
* qemu-audio-alsa-debuginfo-8.2.10-150600.3.49.1
* qemu-ui-opengl-8.2.10-150600.3.49.1
* qemu-hw-usb-smartcard-debuginfo-8.2.10-150600.3.49.1
* qemu-vhost-user-gpu-8.2.10-150600.3.49.1
* qemu-spice-8.2.10-150600.3.49.1
* qemu-tools-debuginfo-8.2.10-150600.3.49.1
* qemu-block-nfs-debuginfo-8.2.10-150600.3.49.1
* qemu-ui-opengl-debuginfo-8.2.10-150600.3.49.1
* qemu-pr-helper-8.2.10-150600.3.49.1
* qemu-ui-spice-core-debuginfo-8.2.10-150600.3.49.1
* qemu-ppc-8.2.10-150600.3.49.1
* qemu-img-8.2.10-150600.3.49.1
* qemu-guest-agent-debuginfo-8.2.10-150600.3.49.1
* qemu-ui-spice-app-8.2.10-150600.3.49.1
* qemu-audio-pipewire-debuginfo-8.2.10-150600.3.49.1
* qemu-linux-user-8.2.10-150600.3.49.1
* qemu-s390x-debuginfo-8.2.10-150600.3.49.1
* qemu-img-debuginfo-8.2.10-150600.3.49.1
* qemu-hw-display-qxl-8.2.10-150600.3.49.1
* qemu-block-iscsi-debuginfo-8.2.10-150600.3.49.1
* qemu-block-ssh-debuginfo-8.2.10-150600.3.49.1
* qemu-8.2.10-150600.3.49.1
* qemu-hw-usb-redirect-debuginfo-8.2.10-150600.3.49.1
* qemu-ui-gtk-8.2.10-150600.3.49.1
* qemu-hw-display-virtio-vga-debuginfo-8.2.10-150600.3.49.1
* qemu-ui-gtk-debuginfo-8.2.10-150600.3.49.1
* qemu-audio-oss-8.2.10-150600.3.49.1
* qemu-x86-debuginfo-8.2.10-150600.3.49.1
* qemu-hw-usb-smartcard-8.2.10-150600.3.49.1
* qemu-block-nfs-8.2.10-150600.3.49.1
* qemu-debuginfo-8.2.10-150600.3.49.1
* qemu-hw-display-qxl-debuginfo-8.2.10-150600.3.49.1
* qemu-block-dmg-8.2.10-150600.3.49.1
* qemu-x86-8.2.10-150600.3.49.1
* qemu-hw-s390x-virtio-gpu-ccw-debuginfo-8.2.10-150600.3.49.1
* qemu-audio-alsa-8.2.10-150600.3.49.1
* qemu-audio-pa-8.2.10-150600.3.49.1
* qemu-accel-qtest-debuginfo-8.2.10-150600.3.49.1
* qemu-ui-curses-8.2.10-150600.3.49.1
* qemu-block-curl-8.2.10-150600.3.49.1
* qemu-pr-helper-debuginfo-8.2.10-150600.3.49.1
* qemu-audio-oss-debuginfo-8.2.10-150600.3.49.1
* qemu-ivshmem-tools-debuginfo-8.2.10-150600.3.49.1
* qemu-block-curl-debuginfo-8.2.10-150600.3.49.1
* qemu-hw-usb-host-8.2.10-150600.3.49.1
* qemu-ppc-debuginfo-8.2.10-150600.3.49.1
* qemu-hw-display-virtio-gpu-debuginfo-8.2.10-150600.3.49.1
* qemu-ui-spice-core-8.2.10-150600.3.49.1
* qemu-audio-dbus-debuginfo-8.2.10-150600.3.49.1
* qemu-block-dmg-debuginfo-8.2.10-150600.3.49.1
* qemu-extra-8.2.10-150600.3.49.1
* qemu-audio-spice-8.2.10-150600.3.49.1
* qemu-hw-usb-host-debuginfo-8.2.10-150600.3.49.1
* qemu-headless-8.2.10-150600.3.49.1
* qemu-ui-dbus-8.2.10-150600.3.49.1
* qemu-accel-tcg-x86-8.2.10-150600.3.49.1
* qemu-audio-spice-debuginfo-8.2.10-150600.3.49.1
* qemu-audio-jack-debuginfo-8.2.10-150600.3.49.1
* qemu-ui-dbus-debuginfo-8.2.10-150600.3.49.1
* qemu-hw-display-virtio-gpu-8.2.10-150600.3.49.1
* qemu-chardev-baum-debuginfo-8.2.10-150600.3.49.1
* qemu-accel-tcg-x86-debuginfo-8.2.10-150600.3.49.1
* qemu-hw-display-virtio-vga-8.2.10-150600.3.49.1
* qemu-block-iscsi-8.2.10-150600.3.49.1
* qemu-hw-s390x-virtio-gpu-ccw-8.2.10-150600.3.49.1
* qemu-chardev-baum-8.2.10-150600.3.49.1
* qemu-audio-jack-8.2.10-150600.3.49.1
* qemu-linux-user-debuginfo-8.2.10-150600.3.49.1
* qemu-arm-debuginfo-8.2.10-150600.3.49.1
* qemu-hw-display-virtio-gpu-pci-debuginfo-8.2.10-150600.3.49.1
* openSUSE Leap 15.6 (noarch)
* qemu-skiboot-8.2.10-150600.3.49.1
* qemu-vgabios-8.2.101.16.3_3_ga95067eb-150600.3.49.1
* qemu-SLOF-8.2.10-150600.3.49.1
* qemu-ipxe-8.2.10-150600.3.49.1
* qemu-microvm-8.2.10-150600.3.49.1
* qemu-seabios-8.2.101.16.3_3_ga95067eb-150600.3.49.1
* qemu-doc-8.2.10-150600.3.49.1
* qemu-lang-8.2.10-150600.3.49.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* qemu-block-rbd-8.2.10-150600.3.49.1
* qemu-block-rbd-debuginfo-8.2.10-150600.3.49.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64)
* qemu-ui-spice-core-8.2.10-150600.3.49.1
* qemu-ui-opengl-8.2.10-150600.3.49.1
* qemu-hw-usb-redirect-8.2.10-150600.3.49.1
* qemu-block-rbd-debuginfo-8.2.10-150600.3.49.1
* qemu-audio-dbus-debuginfo-8.2.10-150600.3.49.1
* qemu-block-nfs-8.2.10-150600.3.49.1
* qemu-debuginfo-8.2.10-150600.3.49.1
* qemu-audio-spice-8.2.10-150600.3.49.1
* qemu-spice-8.2.10-150600.3.49.1
* qemu-hw-usb-host-debuginfo-8.2.10-150600.3.49.1
* qemu-headless-8.2.10-150600.3.49.1
* qemu-tools-8.2.10-150600.3.49.1
* qemu-ui-curses-debuginfo-8.2.10-150600.3.49.1
* qemu-tools-debuginfo-8.2.10-150600.3.49.1
* qemu-ui-dbus-8.2.10-150600.3.49.1
* qemu-hw-display-qxl-debuginfo-8.2.10-150600.3.49.1
* qemu-audio-dbus-8.2.10-150600.3.49.1
* qemu-ui-opengl-debuginfo-8.2.10-150600.3.49.1
* qemu-audio-spice-debuginfo-8.2.10-150600.3.49.1
* qemu-guest-agent-8.2.10-150600.3.49.1
* qemu-chardev-spice-debuginfo-8.2.10-150600.3.49.1
* qemu-block-nfs-debuginfo-8.2.10-150600.3.49.1
* qemu-pr-helper-8.2.10-150600.3.49.1
* qemu-debugsource-8.2.10-150600.3.49.1
* qemu-ksm-8.2.10-150600.3.49.1
* qemu-ui-dbus-debuginfo-8.2.10-150600.3.49.1
* qemu-ui-spice-core-debuginfo-8.2.10-150600.3.49.1
* qemu-img-8.2.10-150600.3.49.1
* qemu-guest-agent-debuginfo-8.2.10-150600.3.49.1
* qemu-ui-curses-8.2.10-150600.3.49.1
* qemu-audio-pipewire-8.2.10-150600.3.49.1
* qemu-audio-pipewire-debuginfo-8.2.10-150600.3.49.1
* qemu-block-curl-8.2.10-150600.3.49.1
* qemu-pr-helper-debuginfo-8.2.10-150600.3.49.1
* qemu-block-ssh-8.2.10-150600.3.49.1
* qemu-chardev-baum-debuginfo-8.2.10-150600.3.49.1
* qemu-hw-display-qxl-8.2.10-150600.3.49.1
* qemu-img-debuginfo-8.2.10-150600.3.49.1
* qemu-block-ssh-debuginfo-8.2.10-150600.3.49.1
* qemu-8.2.10-150600.3.49.1
* qemu-hw-display-virtio-vga-8.2.10-150600.3.49.1
* qemu-hw-usb-redirect-debuginfo-8.2.10-150600.3.49.1
* qemu-block-iscsi-8.2.10-150600.3.49.1
* qemu-hw-display-virtio-vga-debuginfo-8.2.10-150600.3.49.1
* qemu-block-iscsi-debuginfo-8.2.10-150600.3.49.1
* qemu-chardev-baum-8.2.10-150600.3.49.1
* qemu-block-curl-debuginfo-8.2.10-150600.3.49.1
* qemu-hw-usb-host-8.2.10-150600.3.49.1
* qemu-chardev-spice-8.2.10-150600.3.49.1
* qemu-block-rbd-8.2.10-150600.3.49.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (noarch)
* qemu-skiboot-8.2.10-150600.3.49.1
* qemu-vgabios-8.2.101.16.3_3_ga95067eb-150600.3.49.1
* qemu-SLOF-8.2.10-150600.3.49.1
* qemu-ipxe-8.2.10-150600.3.49.1
* qemu-seabios-8.2.101.16.3_3_ga95067eb-150600.3.49.1
* qemu-lang-8.2.10-150600.3.49.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le x86_64)
* qemu-ui-spice-app-8.2.10-150600.3.49.1
* qemu-ui-gtk-debuginfo-8.2.10-150600.3.49.1
* qemu-ui-spice-app-debuginfo-8.2.10-150600.3.49.1
* qemu-ui-gtk-8.2.10-150600.3.49.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64)
* qemu-arm-debuginfo-8.2.10-150600.3.49.1
* qemu-arm-8.2.10-150600.3.49.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (s390x x86_64)
* qemu-hw-display-virtio-gpu-pci-8.2.10-150600.3.49.1
* qemu-hw-display-virtio-gpu-pci-debuginfo-8.2.10-150600.3.49.1
* qemu-hw-display-virtio-gpu-debuginfo-8.2.10-150600.3.49.1
* qemu-hw-display-virtio-gpu-8.2.10-150600.3.49.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (ppc64le)
* qemu-ppc-debuginfo-8.2.10-150600.3.49.1
* qemu-ppc-8.2.10-150600.3.49.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (s390x)
* qemu-s390x-8.2.10-150600.3.49.1
* qemu-hw-s390x-virtio-gpu-ccw-debuginfo-8.2.10-150600.3.49.1
* qemu-hw-s390x-virtio-gpu-ccw-8.2.10-150600.3.49.1
* qemu-s390x-debuginfo-8.2.10-150600.3.49.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (x86_64)
* qemu-audio-pa-8.2.10-150600.3.49.1
* qemu-audio-alsa-debuginfo-8.2.10-150600.3.49.1
* qemu-accel-tcg-x86-8.2.10-150600.3.49.1
* qemu-audio-pa-debuginfo-8.2.10-150600.3.49.1
* qemu-x86-debuginfo-8.2.10-150600.3.49.1
* qemu-x86-8.2.10-150600.3.49.1
* qemu-accel-tcg-x86-debuginfo-8.2.10-150600.3.49.1
* qemu-audio-alsa-8.2.10-150600.3.49.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64)
* qemu-ui-spice-core-8.2.10-150600.3.49.1
* qemu-ui-opengl-8.2.10-150600.3.49.1
* qemu-hw-usb-redirect-8.2.10-150600.3.49.1
* qemu-audio-dbus-debuginfo-8.2.10-150600.3.49.1
* qemu-block-rbd-debuginfo-8.2.10-150600.3.49.1
* qemu-ui-spice-app-debuginfo-8.2.10-150600.3.49.1
* qemu-block-nfs-8.2.10-150600.3.49.1
* qemu-debuginfo-8.2.10-150600.3.49.1
* qemu-audio-spice-8.2.10-150600.3.49.1
* qemu-spice-8.2.10-150600.3.49.1
* qemu-hw-usb-host-debuginfo-8.2.10-150600.3.49.1
* qemu-headless-8.2.10-150600.3.49.1
* qemu-tools-8.2.10-150600.3.49.1
* qemu-ui-curses-debuginfo-8.2.10-150600.3.49.1
* qemu-tools-debuginfo-8.2.10-150600.3.49.1
* qemu-ui-dbus-8.2.10-150600.3.49.1
* qemu-hw-display-qxl-debuginfo-8.2.10-150600.3.49.1
* qemu-audio-dbus-8.2.10-150600.3.49.1
* qemu-block-nfs-debuginfo-8.2.10-150600.3.49.1
* qemu-audio-spice-debuginfo-8.2.10-150600.3.49.1
* qemu-chardev-spice-debuginfo-8.2.10-150600.3.49.1
* qemu-guest-agent-8.2.10-150600.3.49.1
* qemu-ui-opengl-debuginfo-8.2.10-150600.3.49.1
* qemu-pr-helper-8.2.10-150600.3.49.1
* qemu-debugsource-8.2.10-150600.3.49.1
* qemu-ksm-8.2.10-150600.3.49.1
* qemu-ui-dbus-debuginfo-8.2.10-150600.3.49.1
* qemu-ui-spice-core-debuginfo-8.2.10-150600.3.49.1
* qemu-img-8.2.10-150600.3.49.1
* qemu-guest-agent-debuginfo-8.2.10-150600.3.49.1
* qemu-ui-curses-8.2.10-150600.3.49.1
* qemu-ui-spice-app-8.2.10-150600.3.49.1
* qemu-audio-pipewire-8.2.10-150600.3.49.1
* qemu-audio-pipewire-debuginfo-8.2.10-150600.3.49.1
* qemu-block-curl-8.2.10-150600.3.49.1
* qemu-pr-helper-debuginfo-8.2.10-150600.3.49.1
* qemu-block-ssh-8.2.10-150600.3.49.1
* qemu-chardev-baum-debuginfo-8.2.10-150600.3.49.1
* qemu-hw-display-qxl-8.2.10-150600.3.49.1
* qemu-block-iscsi-debuginfo-8.2.10-150600.3.49.1
* qemu-block-ssh-debuginfo-8.2.10-150600.3.49.1
* qemu-8.2.10-150600.3.49.1
* qemu-hw-display-virtio-vga-8.2.10-150600.3.49.1
* qemu-block-iscsi-8.2.10-150600.3.49.1
* qemu-hw-usb-redirect-debuginfo-8.2.10-150600.3.49.1
* qemu-hw-display-virtio-vga-debuginfo-8.2.10-150600.3.49.1
* qemu-img-debuginfo-8.2.10-150600.3.49.1
* qemu-block-curl-debuginfo-8.2.10-150600.3.49.1
* qemu-chardev-baum-8.2.10-150600.3.49.1
* qemu-ui-gtk-8.2.10-150600.3.49.1
* qemu-hw-usb-host-8.2.10-150600.3.49.1
* qemu-chardev-spice-8.2.10-150600.3.49.1
* qemu-ui-gtk-debuginfo-8.2.10-150600.3.49.1
* qemu-block-rbd-8.2.10-150600.3.49.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch)
* qemu-skiboot-8.2.10-150600.3.49.1
* qemu-vgabios-8.2.101.16.3_3_ga95067eb-150600.3.49.1
* qemu-SLOF-8.2.10-150600.3.49.1
* qemu-ipxe-8.2.10-150600.3.49.1
* qemu-seabios-8.2.101.16.3_3_ga95067eb-150600.3.49.1
* qemu-lang-8.2.10-150600.3.49.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le)
* qemu-ppc-debuginfo-8.2.10-150600.3.49.1
* qemu-ppc-8.2.10-150600.3.49.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (x86_64)
* qemu-audio-pa-8.2.10-150600.3.49.1
* qemu-hw-display-virtio-gpu-pci-8.2.10-150600.3.49.1
* qemu-audio-alsa-debuginfo-8.2.10-150600.3.49.1
* qemu-accel-tcg-x86-8.2.10-150600.3.49.1
* qemu-audio-pa-debuginfo-8.2.10-150600.3.49.1
* qemu-hw-display-virtio-gpu-debuginfo-8.2.10-150600.3.49.1
* qemu-x86-debuginfo-8.2.10-150600.3.49.1
* qemu-hw-display-virtio-gpu-8.2.10-150600.3.49.1
* qemu-hw-display-virtio-gpu-pci-debuginfo-8.2.10-150600.3.49.1
* qemu-x86-8.2.10-150600.3.49.1
* qemu-accel-tcg-x86-debuginfo-8.2.10-150600.3.49.1
* qemu-audio-alsa-8.2.10-150600.3.49.1

## References:

* https://www.suse.com/security/cve/CVE-2025-14876.html
* https://www.suse.com/security/cve/CVE-2026-0665.html
* https://www.suse.com/security/cve/CVE-2026-2243.html
* https://www.suse.com/security/cve/CVE-2026-3195.html
* https://www.suse.com/security/cve/CVE-2026-3196.html
* https://www.suse.com/security/cve/CVE-2026-3842.html
* https://bugzilla.suse.com/show_bug.cgi?id=1199023
* https://bugzilla.suse.com/show_bug.cgi?id=1255400
* https://bugzilla.suse.com/show_bug.cgi?id=1256484
* https://bugzilla.suse.com/show_bug.cgi?id=1258509
* https://bugzilla.suse.com/show_bug.cgi?id=1259079
* https://bugzilla.suse.com/show_bug.cgi?id=1259080
* https://bugzilla.suse.com/show_bug.cgi?id=1262089

openSUSE-SU-2026:20937-1: important: Security update for python-Django

openSUSE security update: security update for python-django
-------------------------------------------------------------

Announcement ID: openSUSE-SU-2026:20937-1
Rating: important
References:

* bsc#1267576
* bsc#1267577
* bsc#1267578
* bsc#1267579
* bsc#1267580

Cross-References:

* CVE-2026-35193
* CVE-2026-48587
* CVE-2026-6873
* CVE-2026-7666
* CVE-2026-8404

CVSS scores:

* CVE-2026-35193 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2026-35193 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2026-48587 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2026-48587 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2026-6873 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2026-6873 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2026-7666 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
* CVE-2026-7666 ( SUSE ): 9.1 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-8404 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2026-8404 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Affected Products:

openSUSE Leap 16.0

-------------------------------------------------------------

An update that solves 5 vulnerabilities and has 5 bug fixes can now be installed.

Description:

This update for python-Django fixes the following issues:

Changes in python-Django:

- CVE-2026-6873: Signed cookie salt namespace collision (bsc#1267578)
- CVE-2026-7666: Potential unencrypted email transmission via STARTTLS in the SMTP backend (bsc#1267579)
- CVE-2026-8404: Potential exposure of private data via case-sensitive Cache-Control directives (bsc#1267580)
- CVE-2026-35193: Potential exposure of private data via missing Vary: Authorization (bsc#1267576)
- CVE-2026-48587: Potential exposure of private data via whitespace padding in Vary header (bsc#1267577)

Patch instructions:

To install this openSUSE security update use the suse recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

- openSUSE Leap 16.0

zypper in -t patch openSUSE-Leap-16.0-packagehub-305=1

Package List:

- openSUSE Leap 16.0:

python313-Django-5.2.4-bp160.9.1

References:

* https://www.suse.com/security/cve/CVE-2026-35193.html
* https://www.suse.com/security/cve/CVE-2026-48587.html
* https://www.suse.com/security/cve/CVE-2026-6873.html
* https://www.suse.com/security/cve/CVE-2026-7666.html
* https://www.suse.com/security/cve/CVE-2026-8404.html

openSUSE-SU-2026:10995-1: moderate: enc-1.1.5-2.1 on GA media

# enc-1.1.5-2.1 on GA media

Announcement ID: openSUSE-SU-2026:10995-1
Rating: moderate

Cross-References:

* CVE-2026-1229

CVSS scores:

* CVE-2026-1229 ( SUSE ): 7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L
* CVE-2026-1229 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the enc-1.1.5-2.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* enc 1.1.5-2.1

## References:

* https://www.suse.com/security/cve/CVE-2026-1229.html

openSUSE-SU-2026:10992-1: moderate: alloy-1.16.1-2.1 on GA media

# alloy-1.16.1-2.1 on GA media

Announcement ID: openSUSE-SU-2026:10992-1
Rating: moderate

Cross-References:

* CVE-2026-41889

CVSS scores:

* CVE-2026-41889 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-41889 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the alloy-1.16.1-2.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* alloy 1.16.1-2.1

## References:

* https://www.suse.com/security/cve/CVE-2026-41889.html

openSUSE-SU-2026:20944-1: critical: Security update for chromium

openSUSE security update: security update for chromium
-------------------------------------------------------------

Announcement ID: openSUSE-SU-2026:20944-1
Rating: critical
References:

* bsc#1267911

Cross-References:

* CVE-2026-11628
* CVE-2026-11629
* CVE-2026-11630
* CVE-2026-11631
* CVE-2026-11632
* CVE-2026-11633
* CVE-2026-11634
* CVE-2026-11635
* CVE-2026-11636
* CVE-2026-11637
* CVE-2026-11638
* CVE-2026-11639
* CVE-2026-11640
* CVE-2026-11641
* CVE-2026-11642
* CVE-2026-11643
* CVE-2026-11644
* CVE-2026-11645
* CVE-2026-11646
* CVE-2026-11647
* CVE-2026-11648
* CVE-2026-11649
* CVE-2026-11650
* CVE-2026-11651
* CVE-2026-11652
* CVE-2026-11653
* CVE-2026-11654
* CVE-2026-11655
* CVE-2026-11656
* CVE-2026-11657
* CVE-2026-11658
* CVE-2026-11659
* CVE-2026-11660
* CVE-2026-11661
* CVE-2026-11662
* CVE-2026-11663
* CVE-2026-11664
* CVE-2026-11665
* CVE-2026-11666
* CVE-2026-11667
* CVE-2026-11668
* CVE-2026-11669
* CVE-2026-11670
* CVE-2026-11671
* CVE-2026-11672
* CVE-2026-11673
* CVE-2026-11674
* CVE-2026-11675
* CVE-2026-11676
* CVE-2026-11677
* CVE-2026-11678
* CVE-2026-11679
* CVE-2026-11680
* CVE-2026-11681
* CVE-2026-11682
* CVE-2026-11683
* CVE-2026-11684
* CVE-2026-11685
* CVE-2026-11686
* CVE-2026-11687
* CVE-2026-11688
* CVE-2026-11689
* CVE-2026-11690
* CVE-2026-11691
* CVE-2026-11692
* CVE-2026-11693
* CVE-2026-11694
* CVE-2026-11695
* CVE-2026-11696
* CVE-2026-11697
* CVE-2026-11698
* CVE-2026-11699
* CVE-2026-11700
* CVE-2026-11701

Affected Products:

openSUSE Leap 16.0

-------------------------------------------------------------

An update that solves 74 vulnerabilities and has one bug fix can now be installed.

Description:

This update for chromium fixes the following issues:

Changes in chromium:

- Chromium 149.0.7827.102 (boo#1267911):
* CVE-2026-11628: Use after free in Ozone
* CVE-2026-11629: Use after free in Ozone
* CVE-2026-11630: Use after free in File Input
* CVE-2026-11631: Use after free in Aura
* CVE-2026-11632: Use after free in TabStrip
* CVE-2026-11633: Use after free in Bluetooth
* CVE-2026-11634: Use after free in Gamepad
* CVE-2026-11635: Use after free in Bluetooth
* CVE-2026-11636: Use after free in Autofill
* CVE-2026-11637: Use after free in Views
* CVE-2026-11638: Use after free in Printing
* CVE-2026-11639: Use after free in Compositing
* CVE-2026-11640: Integer overflow in libyuv
* CVE-2026-11641: Use after free in Bluetooth
* CVE-2026-11642: Use after free in Web Apps
* CVE-2026-11643: Use after free in Proxy
* CVE-2026-11644: Use after free in Views
* CVE-2026-11645: Out of bounds memory access in V8
* CVE-2026-11646: Use after free in ViewTransitions
* CVE-2026-11647: Use after free in Printing
* CVE-2026-11648: Use after free in FullScreen
* CVE-2026-11649: Use after free in V8
* CVE-2026-11650: Use after free in V8
* CVE-2026-11651: Use after free in Network
* CVE-2026-11652: Use after free in Extensions
* CVE-2026-11653: Insufficient validation of untrusted input in Extensions
* CVE-2026-11654: Use after free in CameraCapture
* CVE-2026-11655: Integer overflow in Media
* CVE-2026-11656: Use after free in ServiceWorker
* CVE-2026-11657: Use after free in Payments
* CVE-2026-11658: Insufficient validation of untrusted input in Extensions
* CVE-2026-11659: Insufficient validation of untrusted input in UI
* CVE-2026-11660: Insufficient validation of untrusted input in New Tab Page
* CVE-2026-11661: Use after free in Views
* CVE-2026-11662: Type Confusion in Bindings
* CVE-2026-11663: Use after free in Skia
* CVE-2026-11664: Use after free in Payments
* CVE-2026-11665: Out of bounds read in Dawn
* CVE-2026-11666: Insufficient validation of untrusted input in Input
* CVE-2026-11667: Out of bounds read in WebRTC
* CVE-2026-11668: Uninitialized Use in Codecs
* CVE-2026-11669: Integer overflow in Media
* CVE-2026-11670: Use after free in PDF
* CVE-2026-11671: Use after free in Navigation
* CVE-2026-11672: Out of bounds write in GPU
* CVE-2026-11673: Use after free in InterestGroups
* CVE-2026-11674: Use after free in Guest View
* CVE-2026-11675: Insufficient validation of untrusted input in Skia
* CVE-2026-11676: Insufficient validation of untrusted input in Dawn
* CVE-2026-11677: Race in Network
* CVE-2026-11678: Integer overflow in libyuv
* CVE-2026-11679: Use after free in Codecs
* CVE-2026-11680: Use after free in Media
* CVE-2026-11681: Use after free in Ozone
* CVE-2026-11682: Insufficient validation of untrusted input in Views
* CVE-2026-11683: Use after free in WebCodecs
* CVE-2026-11684: Insufficient policy enforcement in Network
* CVE-2026-11685: Insufficient data validation in MediaCapture
* CVE-2026-11686: Insufficient validation of untrusted input in Dawn
* CVE-2026-11687: Use after free in Dawn
* CVE-2026-11688: Object lifecycle issue in SVG
* CVE-2026-11689: Insufficient validation of untrusted input in Passwords
* CVE-2026-11690: Out of bounds read and write in Media
* CVE-2026-11691: Insufficient validation of untrusted input in New Tab Page
* CVE-2026-11692: Use after free in Read Anything
* CVE-2026-11693: Inappropriate implementation in Plugins
* CVE-2026-11694: Use after free in ServiceWorker
* CVE-2026-11695: Inappropriate implementation in Passwords
* CVE-2026-11696: Uninitialized Use in Video
* CVE-2026-11697: Insufficient validation of untrusted input in UI
* CVE-2026-11698: Use after free in Bluetooth
* CVE-2026-11699: Use after free in Bluetooth
* CVE-2026-11700: Use after free in Tracing
* CVE-2026-11701: Insufficient validation of untrusted input in Guest View

Patch instructions:

To install this openSUSE security update use the suse recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

- openSUSE Leap 16.0

zypper in -t patch openSUSE-Leap-16.0-packagehub-312=1

Package List:

- openSUSE Leap 16.0:

chromedriver-149.0.7827.102-bp160.1.1
chromium-149.0.7827.102-bp160.1.1

References:

* https://www.suse.com/security/cve/CVE-2026-11628.html
* https://www.suse.com/security/cve/CVE-2026-11629.html
* https://www.suse.com/security/cve/CVE-2026-11630.html
* https://www.suse.com/security/cve/CVE-2026-11631.html
* https://www.suse.com/security/cve/CVE-2026-11632.html
* https://www.suse.com/security/cve/CVE-2026-11633.html
* https://www.suse.com/security/cve/CVE-2026-11634.html
* https://www.suse.com/security/cve/CVE-2026-11635.html
* https://www.suse.com/security/cve/CVE-2026-11636.html
* https://www.suse.com/security/cve/CVE-2026-11637.html
* https://www.suse.com/security/cve/CVE-2026-11638.html
* https://www.suse.com/security/cve/CVE-2026-11639.html
* https://www.suse.com/security/cve/CVE-2026-11640.html
* https://www.suse.com/security/cve/CVE-2026-11641.html
* https://www.suse.com/security/cve/CVE-2026-11642.html
* https://www.suse.com/security/cve/CVE-2026-11643.html
* https://www.suse.com/security/cve/CVE-2026-11644.html
* https://www.suse.com/security/cve/CVE-2026-11645.html
* https://www.suse.com/security/cve/CVE-2026-11646.html
* https://www.suse.com/security/cve/CVE-2026-11647.html
* https://www.suse.com/security/cve/CVE-2026-11648.html
* https://www.suse.com/security/cve/CVE-2026-11649.html
* https://www.suse.com/security/cve/CVE-2026-11650.html
* https://www.suse.com/security/cve/CVE-2026-11651.html
* https://www.suse.com/security/cve/CVE-2026-11652.html
* https://www.suse.com/security/cve/CVE-2026-11653.html
* https://www.suse.com/security/cve/CVE-2026-11654.html
* https://www.suse.com/security/cve/CVE-2026-11655.html
* https://www.suse.com/security/cve/CVE-2026-11656.html
* https://www.suse.com/security/cve/CVE-2026-11657.html
* https://www.suse.com/security/cve/CVE-2026-11658.html
* https://www.suse.com/security/cve/CVE-2026-11659.html
* https://www.suse.com/security/cve/CVE-2026-11660.html
* https://www.suse.com/security/cve/CVE-2026-11661.html
* https://www.suse.com/security/cve/CVE-2026-11662.html
* https://www.suse.com/security/cve/CVE-2026-11663.html
* https://www.suse.com/security/cve/CVE-2026-11664.html
* https://www.suse.com/security/cve/CVE-2026-11665.html
* https://www.suse.com/security/cve/CVE-2026-11666.html
* https://www.suse.com/security/cve/CVE-2026-11667.html
* https://www.suse.com/security/cve/CVE-2026-11668.html
* https://www.suse.com/security/cve/CVE-2026-11669.html
* https://www.suse.com/security/cve/CVE-2026-11670.html
* https://www.suse.com/security/cve/CVE-2026-11671.html
* https://www.suse.com/security/cve/CVE-2026-11672.html
* https://www.suse.com/security/cve/CVE-2026-11673.html
* https://www.suse.com/security/cve/CVE-2026-11674.html
* https://www.suse.com/security/cve/CVE-2026-11675.html
* https://www.suse.com/security/cve/CVE-2026-11676.html
* https://www.suse.com/security/cve/CVE-2026-11677.html
* https://www.suse.com/security/cve/CVE-2026-11678.html
* https://www.suse.com/security/cve/CVE-2026-11679.html
* https://www.suse.com/security/cve/CVE-2026-11680.html
* https://www.suse.com/security/cve/CVE-2026-11681.html
* https://www.suse.com/security/cve/CVE-2026-11682.html
* https://www.suse.com/security/cve/CVE-2026-11683.html
* https://www.suse.com/security/cve/CVE-2026-11684.html
* https://www.suse.com/security/cve/CVE-2026-11685.html
* https://www.suse.com/security/cve/CVE-2026-11686.html
* https://www.suse.com/security/cve/CVE-2026-11687.html
* https://www.suse.com/security/cve/CVE-2026-11688.html
* https://www.suse.com/security/cve/CVE-2026-11689.html
* https://www.suse.com/security/cve/CVE-2026-11690.html
* https://www.suse.com/security/cve/CVE-2026-11691.html
* https://www.suse.com/security/cve/CVE-2026-11692.html
* https://www.suse.com/security/cve/CVE-2026-11693.html
* https://www.suse.com/security/cve/CVE-2026-11694.html
* https://www.suse.com/security/cve/CVE-2026-11695.html
* https://www.suse.com/security/cve/CVE-2026-11696.html
* https://www.suse.com/security/cve/CVE-2026-11697.html
* https://www.suse.com/security/cve/CVE-2026-11698.html
* https://www.suse.com/security/cve/CVE-2026-11699.html
* https://www.suse.com/security/cve/CVE-2026-11700.html
* https://www.suse.com/security/cve/CVE-2026-11701.html

SUSE-SU-2026:2388-1: moderate: Security update for qemu

# Security update for qemu

Announcement ID: SUSE-SU-2026:2388-1
Release Date: 2026-06-12T13:59:31Z
Rating: moderate
References:

* bsc#1199023
* bsc#1258509
* bsc#1262089

Cross-References:

* CVE-2026-2243
* CVE-2026-3842

CVSS scores:

* CVE-2026-2243 ( SUSE ): 4.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2026-2243 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
* CVE-2026-2243 ( NVD ): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
* CVE-2026-3842 ( SUSE ): 5.1
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2026-3842 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

Affected Products:

* openSUSE Leap 15.5
* Server Applications Module 15-SP7
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP7

An update that solves two vulnerabilities and has one security fix can now be
installed.

## Description:

This update for qemu fixes the following issues:

Security fixes:

* CVE-2026-2243: incorrect bounds check leads to heap out-of-bounds read and a
12-byte information leak when processing specially crafted VMDK files
(bsc#1258509).
* CVE-2026-3842: hyperv/syndbg: missing mapped-length guard after
cpu_physical_memory_map causes host OOB write (bsc#1262089).

Other fixes:

* [openSUSE] qemu-ga: fix service file against no-autostart (bsc#1199023)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch SUSE-2026-2388=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2026-2388=1

* Server Applications Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2026-2388=1

## Package List:

* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
* qemu-ivshmem-tools-7.1.0-150500.49.42.1
* qemu-audio-dbus-debuginfo-7.1.0-150500.49.42.1
* qemu-ppc-debuginfo-7.1.0-150500.49.42.1
* qemu-chardev-spice-debuginfo-7.1.0-150500.49.42.1
* qemu-hw-s390x-virtio-gpu-ccw-7.1.0-150500.49.42.1
* qemu-hw-display-virtio-gpu-pci-7.1.0-150500.49.42.1
* qemu-ui-spice-core-7.1.0-150500.49.42.1
* qemu-ui-opengl-debuginfo-7.1.0-150500.49.42.1
* qemu-block-ssh-7.1.0-150500.49.42.1
* qemu-guest-agent-debuginfo-7.1.0-150500.49.42.1
* qemu-audio-alsa-7.1.0-150500.49.42.1
* qemu-accel-tcg-x86-debuginfo-7.1.0-150500.49.42.1
* qemu-ui-spice-core-debuginfo-7.1.0-150500.49.42.1
* qemu-hw-usb-smartcard-debuginfo-7.1.0-150500.49.42.1
* qemu-block-iscsi-7.1.0-150500.49.42.1
* qemu-audio-jack-7.1.0-150500.49.42.1
* qemu-audio-alsa-debuginfo-7.1.0-150500.49.42.1
* qemu-s390x-debuginfo-7.1.0-150500.49.42.1
* qemu-x86-7.1.0-150500.49.42.1
* qemu-extra-debuginfo-7.1.0-150500.49.42.1
* qemu-block-curl-debuginfo-7.1.0-150500.49.42.1
* qemu-extra-7.1.0-150500.49.42.1
* qemu-hw-usb-redirect-debuginfo-7.1.0-150500.49.42.1
* qemu-hw-display-virtio-gpu-debuginfo-7.1.0-150500.49.42.1
* qemu-arm-debuginfo-7.1.0-150500.49.42.1
* qemu-ui-spice-app-7.1.0-150500.49.42.1
* qemu-7.1.0-150500.49.42.1
* qemu-debuginfo-7.1.0-150500.49.42.1
* qemu-hw-display-qxl-debuginfo-7.1.0-150500.49.42.1
* qemu-block-nfs-7.1.0-150500.49.42.1
* qemu-block-nfs-debuginfo-7.1.0-150500.49.42.1
* qemu-chardev-spice-7.1.0-150500.49.42.1
* qemu-x86-debuginfo-7.1.0-150500.49.42.1
* qemu-block-iscsi-debuginfo-7.1.0-150500.49.42.1
* qemu-linux-user-debuginfo-7.1.0-150500.49.42.1
* qemu-block-dmg-7.1.0-150500.49.42.1
* qemu-hw-display-qxl-7.1.0-150500.49.42.1
* qemu-audio-jack-debuginfo-7.1.0-150500.49.42.1
* qemu-hw-display-virtio-gpu-7.1.0-150500.49.42.1
* qemu-accel-qtest-7.1.0-150500.49.42.1
* qemu-hw-s390x-virtio-gpu-ccw-debuginfo-7.1.0-150500.49.42.1
* qemu-headless-7.1.0-150500.49.42.1
* qemu-ui-curses-7.1.0-150500.49.42.1
* qemu-audio-pa-7.1.0-150500.49.42.1
* qemu-block-ssh-debuginfo-7.1.0-150500.49.42.1
* qemu-arm-7.1.0-150500.49.42.1
* qemu-accel-tcg-x86-7.1.0-150500.49.42.1
* qemu-guest-agent-7.1.0-150500.49.42.1
* qemu-ui-spice-app-debuginfo-7.1.0-150500.49.42.1
* qemu-hw-usb-smartcard-7.1.0-150500.49.42.1
* qemu-ui-dbus-7.1.0-150500.49.42.1
* qemu-debugsource-7.1.0-150500.49.42.1
* qemu-tools-debuginfo-7.1.0-150500.49.42.1
* qemu-ivshmem-tools-debuginfo-7.1.0-150500.49.42.1
* qemu-block-dmg-debuginfo-7.1.0-150500.49.42.1
* qemu-vhost-user-gpu-debuginfo-7.1.0-150500.49.42.1
* qemu-ui-dbus-debuginfo-7.1.0-150500.49.42.1
* qemu-audio-spice-debuginfo-7.1.0-150500.49.42.1
* qemu-block-gluster-debuginfo-7.1.0-150500.49.42.1
* qemu-s390x-7.1.0-150500.49.42.1
* qemu-ppc-7.1.0-150500.49.42.1
* qemu-linux-user-debugsource-7.1.0-150500.49.42.1
* qemu-hw-display-virtio-gpu-pci-debuginfo-7.1.0-150500.49.42.1
* qemu-ui-gtk-debuginfo-7.1.0-150500.49.42.1
* qemu-hw-usb-host-7.1.0-150500.49.42.1
* qemu-ui-curses-debuginfo-7.1.0-150500.49.42.1
* qemu-chardev-baum-debuginfo-7.1.0-150500.49.42.1
* qemu-vhost-user-gpu-7.1.0-150500.49.42.1
* qemu-accel-qtest-debuginfo-7.1.0-150500.49.42.1
* qemu-block-gluster-7.1.0-150500.49.42.1
* qemu-hw-display-virtio-vga-7.1.0-150500.49.42.1
* qemu-tools-7.1.0-150500.49.42.1
* qemu-audio-pa-debuginfo-7.1.0-150500.49.42.1
* qemu-ui-gtk-7.1.0-150500.49.42.1
* qemu-audio-oss-7.1.0-150500.49.42.1
* qemu-audio-oss-debuginfo-7.1.0-150500.49.42.1
* qemu-ksm-7.1.0-150500.49.42.1
* qemu-hw-usb-host-debuginfo-7.1.0-150500.49.42.1
* qemu-audio-spice-7.1.0-150500.49.42.1
* qemu-chardev-baum-7.1.0-150500.49.42.1
* qemu-block-curl-7.1.0-150500.49.42.1
* qemu-audio-dbus-7.1.0-150500.49.42.1
* qemu-hw-usb-redirect-7.1.0-150500.49.42.1
* qemu-linux-user-7.1.0-150500.49.42.1
* qemu-ui-opengl-7.1.0-150500.49.42.1
* qemu-hw-display-virtio-vga-debuginfo-7.1.0-150500.49.42.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* qemu-block-rbd-7.1.0-150500.49.42.1
* qemu-block-rbd-debuginfo-7.1.0-150500.49.42.1
* openSUSE Leap 15.5 (s390x x86_64 i586)
* qemu-kvm-7.1.0-150500.49.42.1
* openSUSE Leap 15.5 (noarch)
* qemu-vgabios-1.16.0_0_gd239552-150500.49.42.1
* qemu-sgabios-8-150500.49.42.1
* qemu-microvm-7.1.0-150500.49.42.1
* qemu-SLOF-7.1.0-150500.49.42.1
* qemu-seabios-1.16.0_0_gd239552-150500.49.42.1
* qemu-skiboot-7.1.0-150500.49.42.1
* qemu-ipxe-1.0.0+-150500.49.42.1
* qemu-lang-7.1.0-150500.49.42.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
* qemu-7.1.0-150500.49.42.1
* qemu-chardev-spice-debuginfo-7.1.0-150500.49.42.1
* qemu-debuginfo-7.1.0-150500.49.42.1
* qemu-hw-display-qxl-debuginfo-7.1.0-150500.49.42.1
* qemu-debugsource-7.1.0-150500.49.42.1
* qemu-tools-debuginfo-7.1.0-150500.49.42.1
* qemu-hw-display-virtio-gpu-pci-7.1.0-150500.49.42.1
* qemu-hw-display-virtio-vga-7.1.0-150500.49.42.1
* qemu-ui-spice-core-7.1.0-150500.49.42.1
* qemu-ui-opengl-debuginfo-7.1.0-150500.49.42.1
* qemu-guest-agent-debuginfo-7.1.0-150500.49.42.1
* qemu-chardev-spice-7.1.0-150500.49.42.1
* qemu-tools-7.1.0-150500.49.42.1
* qemu-ui-spice-core-debuginfo-7.1.0-150500.49.42.1
* qemu-hw-display-qxl-7.1.0-150500.49.42.1
* qemu-audio-spice-debuginfo-7.1.0-150500.49.42.1
* qemu-hw-display-virtio-gpu-7.1.0-150500.49.42.1
* qemu-audio-spice-7.1.0-150500.49.42.1
* qemu-block-curl-7.1.0-150500.49.42.1
* qemu-block-curl-debuginfo-7.1.0-150500.49.42.1
* qemu-hw-usb-redirect-7.1.0-150500.49.42.1
* qemu-ui-opengl-7.1.0-150500.49.42.1
* qemu-hw-usb-redirect-debuginfo-7.1.0-150500.49.42.1
* qemu-hw-display-virtio-gpu-debuginfo-7.1.0-150500.49.42.1
* qemu-hw-display-virtio-vga-debuginfo-7.1.0-150500.49.42.1
* qemu-hw-display-virtio-gpu-pci-debuginfo-7.1.0-150500.49.42.1
* qemu-guest-agent-7.1.0-150500.49.42.1
* SUSE Linux Enterprise Micro 5.5 (s390x)
* qemu-s390x-7.1.0-150500.49.42.1
* qemu-s390x-debuginfo-7.1.0-150500.49.42.1
* SUSE Linux Enterprise Micro 5.5 (x86_64)
* qemu-x86-debuginfo-7.1.0-150500.49.42.1
* qemu-accel-tcg-x86-debuginfo-7.1.0-150500.49.42.1
* qemu-x86-7.1.0-150500.49.42.1
* qemu-accel-tcg-x86-7.1.0-150500.49.42.1
* SUSE Linux Enterprise Micro 5.5 (noarch)
* qemu-vgabios-1.16.0_0_gd239552-150500.49.42.1
* qemu-sgabios-8-150500.49.42.1
* qemu-SLOF-7.1.0-150500.49.42.1
* qemu-seabios-1.16.0_0_gd239552-150500.49.42.1
* qemu-ipxe-1.0.0+-150500.49.42.1
* SUSE Linux Enterprise Micro 5.5 (aarch64)
* qemu-arm-debuginfo-7.1.0-150500.49.42.1
* qemu-arm-7.1.0-150500.49.42.1
* SUSE Linux Enterprise Micro 5.5 (ppc64le)
* qemu-ppc-debuginfo-7.1.0-150500.49.42.1
* qemu-ppc-7.1.0-150500.49.42.1
* Server Applications Module 15-SP7 (noarch)
* qemu-sgabios-8-150500.49.42.1

## References:

* https://www.suse.com/security/cve/CVE-2026-2243.html
* https://www.suse.com/security/cve/CVE-2026-3842.html
* https://bugzilla.suse.com/show_bug.cgi?id=1199023
* https://bugzilla.suse.com/show_bug.cgi?id=1258509
* https://bugzilla.suse.com/show_bug.cgi?id=1262089

openSUSE-SU-2026:10990-1: moderate: python-M2Crypto-doc-0.48.0-1.1 on GA media

# python-M2Crypto-doc-0.48.0-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10990-1
Rating: moderate

Cross-References:

* CVE-2026-0672

CVSS scores:

* CVE-2026-0672 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
* CVE-2026-0672 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the python-M2Crypto-doc-0.48.0-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* python-M2Crypto-doc 0.48.0-1.1
* python311-M2Crypto 0.48.0-1.1
* python313-M2Crypto 0.48.0-1.1
* python314-M2Crypto 0.48.0-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-0672.html

SUSE-SU-2026:2389-1: moderate: Security update for GraphicsMagick

# Security update for GraphicsMagick

Announcement ID: SUSE-SU-2026:2389-1
Release Date: 2026-06-12T14:00:31Z
Rating: moderate
References:

* bsc#1265048

Cross-References:

* CVE-2026-42050

CVSS scores:

* CVE-2026-42050 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2026-42050 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP7
* SUSE Package Hub 15 15-SP7

An update that solves one vulnerability can now be installed.

## Description:

This update for GraphicsMagick fixes the following issue

* CVE-2026-42050: stack buffer overflow in XTileImage (bsc#1265048).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2026-2389=1

* SUSE Package Hub 15 15-SP7
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-2389=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* perl-GraphicsMagick-debuginfo-1.3.42-150600.3.27.1
* GraphicsMagick-debugsource-1.3.42-150600.3.27.1
* GraphicsMagick-debuginfo-1.3.42-150600.3.27.1
* libGraphicsMagickWand-Q16-2-debuginfo-1.3.42-150600.3.27.1
* libGraphicsMagick-Q16-3-1.3.42-150600.3.27.1
* perl-GraphicsMagick-1.3.42-150600.3.27.1
* libGraphicsMagick++-Q16-12-debuginfo-1.3.42-150600.3.27.1
* GraphicsMagick-devel-1.3.42-150600.3.27.1
* libGraphicsMagick++-Q16-12-1.3.42-150600.3.27.1
* libGraphicsMagick++-devel-1.3.42-150600.3.27.1
* libGraphicsMagick-Q16-3-debuginfo-1.3.42-150600.3.27.1
* libGraphicsMagickWand-Q16-2-1.3.42-150600.3.27.1
* libGraphicsMagick3-config-1.3.42-150600.3.27.1
* GraphicsMagick-1.3.42-150600.3.27.1
* SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64)
* perl-GraphicsMagick-debuginfo-1.3.42-150600.3.27.1
* GraphicsMagick-debugsource-1.3.42-150600.3.27.1
* GraphicsMagick-debuginfo-1.3.42-150600.3.27.1
* libGraphicsMagickWand-Q16-2-debuginfo-1.3.42-150600.3.27.1
* libGraphicsMagick-Q16-3-1.3.42-150600.3.27.1
* perl-GraphicsMagick-1.3.42-150600.3.27.1
* libGraphicsMagick++-Q16-12-debuginfo-1.3.42-150600.3.27.1
* GraphicsMagick-devel-1.3.42-150600.3.27.1
* libGraphicsMagick++-Q16-12-1.3.42-150600.3.27.1
* libGraphicsMagick++-devel-1.3.42-150600.3.27.1
* libGraphicsMagick-Q16-3-debuginfo-1.3.42-150600.3.27.1
* libGraphicsMagickWand-Q16-2-1.3.42-150600.3.27.1
* libGraphicsMagick3-config-1.3.42-150600.3.27.1
* GraphicsMagick-1.3.42-150600.3.27.1

## References:

* https://www.suse.com/security/cve/CVE-2026-42050.html
* https://bugzilla.suse.com/show_bug.cgi?id=1265048

SUSE-SU-2026:2383-1: important: Security update for the Linux Kernel

# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2026:2383-1
Release Date: 2026-06-12T09:14:49Z
Rating: important
References:

* bsc#1261700
* bsc#1263790
* bsc#1263995
* bsc#1264093
* bsc#1264551
* bsc#1266001
* bsc#1266009
* bsc#1266238
* bsc#1266711
* bsc#1266901
* bsc#1266969
* bsc#1267205
* bsc#1267220

Cross-References:

* CVE-2026-31405
* CVE-2026-31629
* CVE-2026-31758
* CVE-2026-43037
* CVE-2026-43206
* CVE-2026-43499
* CVE-2026-43501
* CVE-2026-45852
* CVE-2026-45970
* CVE-2026-46021
* CVE-2026-46043
* CVE-2026-46113
* CVE-2026-46243

CVSS scores:

* CVE-2026-31405 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-31405 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-31405 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-31629 ( SUSE ): 8.7
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-31629 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-31629 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-31758 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-31758 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-31758 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-43037 ( SUSE ): 7.7
CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-43037 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-43037 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-43206 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-43206 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-43499 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-43499 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-43499 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-43501 ( SUSE ): 7.1
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2026-43501 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
* CVE-2026-43501 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-45852 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-45852 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-45852 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-45970 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-45970 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-45970 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-46021 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-46021 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-46043 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-46043 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-46043 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
* CVE-2026-46113 ( SUSE ): 9.3
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
* CVE-2026-46113 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
* CVE-2026-46113 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
* CVE-2026-46243 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-46243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-46243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-46243 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Affected Products:

* openSUSE Leap 15.4
* SUSE Linux Enterprise High Availability Extension 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Live Patching 15-SP4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Real Time 15 SP4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3

An update that solves 13 vulnerabilities can now be installed.

## Description:

The SUSE Linux Enterprise 15 SP4 kernel was updated to fix various security
issues

The following security issues were fixed:

* CVE-2026-31405: media: dvb-net: fix OOB access in ULE extension header
tables (bsc#1261700).
* CVE-2026-31629: nfc: llcp: add missing return after LLCP_CLOSED checks
(bsc#1263790).
* CVE-2026-31758: usb: usbtmc: Flush anchored URBs in usbtmc_release
(bsc#1264093).
* CVE-2026-43037: ip6_tunnel: clear skb2->cb in ip4ip6_err() (bsc#1263995).
* CVE-2026-43206: drm/amdkfd: Fix out-of-bounds write in kfd_event_page_set()
(bsc#1264551).
* CVE-2026-43499: rtmutex: Use waiter::task instead of current in
remove_waiter() (bsc#1266001).
* CVE-2026-43501: ipv6: rpl: reserve mac_len headroom when recompressed SRH
grows (bsc#1266009).
* CVE-2026-45852: RDMA/rxe: Fix double free in rxe_srq_from_init
(bsc#1266711).
* CVE-2026-45970: bonding: alb: fix UAF in rlb_arp_recv during bond up/down
(bsc#1267205).
* CVE-2026-46021: thermal: core: Fix thermal zone governor cleanup issues
(bsc#1267220).
* CVE-2026-46043: RDMA/rxe: Validate pad and ICRC before payload_size() in
rxe_rcv (bsc#1266901).
* CVE-2026-46113: KVM: x86: Fix shadow paging use-after-free due to unexpected
GFN (bsc#1266969).
* CVE-2026-46243: smb: client: reject userspace cifs.spnego descriptions
(bsc#1266238).

The following non security issues were fixed:

* arm64: tlb: Allow XZR argument to TLBI ops (git-fixes).
* arm64: tlb: Optimize ARM64_WORKAROUND_REPEAT_TLBI (git-fixes).

## Special Instructions and Notes:

* Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2026-2383=1

* SUSE Linux Enterprise High Availability Extension 15 SP4
zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2026-2383=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2383=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2383=1

* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2383=1

* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2026-2383=1

* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2026-2383=1

* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2026-2383=1

* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2026-2383=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2383=1

* SUSE Linux Enterprise Live Patching 15-SP4
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2026-2383=1

## Package List:

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64)
* kernel-default-optional-5.14.21-150400.24.222.1
* kselftests-kmp-default-debuginfo-5.14.21-150400.24.222.1
* ocfs2-kmp-default-debuginfo-5.14.21-150400.24.222.1
* cluster-md-kmp-default-debuginfo-5.14.21-150400.24.222.1
* kernel-default-livepatch-5.14.21-150400.24.222.1
* cluster-md-kmp-default-5.14.21-150400.24.222.1
* kernel-default-debuginfo-5.14.21-150400.24.222.1
* kselftests-kmp-default-5.14.21-150400.24.222.1
* dlm-kmp-default-debuginfo-5.14.21-150400.24.222.1
* kernel-obs-qa-5.14.21-150400.24.222.1
* kernel-obs-build-debugsource-5.14.21-150400.24.222.1
* gfs2-kmp-default-5.14.21-150400.24.222.1
* gfs2-kmp-default-debuginfo-5.14.21-150400.24.222.1
* kernel-default-extra-5.14.21-150400.24.222.1
* kernel-default-devel-debuginfo-5.14.21-150400.24.222.1
* kernel-syms-5.14.21-150400.24.222.1
* kernel-obs-build-5.14.21-150400.24.222.1
* reiserfs-kmp-default-debuginfo-5.14.21-150400.24.222.1
* kernel-default-debugsource-5.14.21-150400.24.222.1
* reiserfs-kmp-default-5.14.21-150400.24.222.1
* kernel-default-extra-debuginfo-5.14.21-150400.24.222.1
* ocfs2-kmp-default-5.14.21-150400.24.222.1
* kernel-default-devel-5.14.21-150400.24.222.1
* dlm-kmp-default-5.14.21-150400.24.222.1
* kernel-default-optional-debuginfo-5.14.21-150400.24.222.1
* openSUSE Leap 15.4 (nosrc s390x)
* kernel-zfcpdump-5.14.21-150400.24.222.1
* openSUSE Leap 15.4 (noarch nosrc)
* kernel-docs-5.14.21-150400.24.222.1
* openSUSE Leap 15.4 (noarch)
* kernel-docs-html-5.14.21-150400.24.222.1
* kernel-source-vanilla-5.14.21-150400.24.222.1
* kernel-macros-5.14.21-150400.24.222.1
* kernel-source-5.14.21-150400.24.222.1
* kernel-devel-5.14.21-150400.24.222.1
* openSUSE Leap 15.4 (aarch64 ppc64le x86_64)
* kernel-default-base-rebuild-5.14.21-150400.24.222.1.150400.24.112.1
* kernel-kvmsmall-devel-5.14.21-150400.24.222.1
* kernel-kvmsmall-debugsource-5.14.21-150400.24.222.1
* kernel-kvmsmall-debuginfo-5.14.21-150400.24.222.1
* kernel-kvmsmall-devel-debuginfo-5.14.21-150400.24.222.1
* kernel-default-base-5.14.21-150400.24.222.1.150400.24.112.1
* openSUSE Leap 15.4 (s390x)
* kernel-zfcpdump-debugsource-5.14.21-150400.24.222.1
* kernel-zfcpdump-debuginfo-5.14.21-150400.24.222.1
* openSUSE Leap 15.4 (aarch64)
* dtb-nvidia-5.14.21-150400.24.222.1
* kselftests-kmp-64kb-5.14.21-150400.24.222.1
* kernel-64kb-devel-debuginfo-5.14.21-150400.24.222.1
* kselftests-kmp-64kb-debuginfo-5.14.21-150400.24.222.1
* dtb-cavium-5.14.21-150400.24.222.1
* dtb-apple-5.14.21-150400.24.222.1
* dtb-allwinner-5.14.21-150400.24.222.1
* dlm-kmp-64kb-debuginfo-5.14.21-150400.24.222.1
* dtb-marvell-5.14.21-150400.24.222.1
* dtb-socionext-5.14.21-150400.24.222.1
* kernel-64kb-extra-debuginfo-5.14.21-150400.24.222.1
* dtb-amlogic-5.14.21-150400.24.222.1
* kernel-64kb-debugsource-5.14.21-150400.24.222.1
* cluster-md-kmp-64kb-5.14.21-150400.24.222.1
* dtb-amd-5.14.21-150400.24.222.1
* dtb-apm-5.14.21-150400.24.222.1
* dtb-lg-5.14.21-150400.24.222.1
* dtb-renesas-5.14.21-150400.24.222.1
* dtb-broadcom-5.14.21-150400.24.222.1
* kernel-64kb-devel-5.14.21-150400.24.222.1
* dtb-mediatek-5.14.21-150400.24.222.1
* dtb-hisilicon-5.14.21-150400.24.222.1
* kernel-64kb-optional-5.14.21-150400.24.222.1
* kernel-64kb-optional-debuginfo-5.14.21-150400.24.222.1
* dtb-qcom-5.14.21-150400.24.222.1
* dtb-amazon-5.14.21-150400.24.222.1
* dtb-exynos-5.14.21-150400.24.222.1
* dlm-kmp-64kb-5.14.21-150400.24.222.1
* ocfs2-kmp-64kb-debuginfo-5.14.21-150400.24.222.1
* dtb-rockchip-5.14.21-150400.24.222.1
* dtb-altera-5.14.21-150400.24.222.1
* reiserfs-kmp-64kb-5.14.21-150400.24.222.1
* dtb-xilinx-5.14.21-150400.24.222.1
* gfs2-kmp-64kb-5.14.21-150400.24.222.1
* kernel-64kb-debuginfo-5.14.21-150400.24.222.1
* dtb-arm-5.14.21-150400.24.222.1
* cluster-md-kmp-64kb-debuginfo-5.14.21-150400.24.222.1
* ocfs2-kmp-64kb-5.14.21-150400.24.222.1
* dtb-freescale-5.14.21-150400.24.222.1
* reiserfs-kmp-64kb-debuginfo-5.14.21-150400.24.222.1
* dtb-sprd-5.14.21-150400.24.222.1
* kernel-64kb-extra-5.14.21-150400.24.222.1
* gfs2-kmp-64kb-debuginfo-5.14.21-150400.24.222.1
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 nosrc)
* kernel-default-5.14.21-150400.24.222.1
* openSUSE Leap 15.4 (ppc64le s390x x86_64)
* kernel-default-livepatch-devel-5.14.21-150400.24.222.1
* kernel-livepatch-5_14_21-150400_24_222-default-debuginfo-1-150400.9.3.1
* kernel-livepatch-SLE15-SP4_Update_55-debugsource-1-150400.9.3.1
* kernel-livepatch-5_14_21-150400_24_222-default-1-150400.9.3.1
* openSUSE Leap 15.4 (aarch64 nosrc ppc64le x86_64)
* kernel-kvmsmall-5.14.21-150400.24.222.1
* openSUSE Leap 15.4 (nosrc)
* dtb-aarch64-5.14.21-150400.24.222.1
* openSUSE Leap 15.4 (aarch64 nosrc)
* kernel-64kb-5.14.21-150400.24.222.1
* SUSE Linux Enterprise High Availability Extension 15 SP4 (aarch64 ppc64le
s390x x86_64)
* kernel-default-debugsource-5.14.21-150400.24.222.1
* ocfs2-kmp-default-debuginfo-5.14.21-150400.24.222.1
* dlm-kmp-default-debuginfo-5.14.21-150400.24.222.1
* ocfs2-kmp-default-5.14.21-150400.24.222.1
* cluster-md-kmp-default-debuginfo-5.14.21-150400.24.222.1
* gfs2-kmp-default-debuginfo-5.14.21-150400.24.222.1
* gfs2-kmp-default-5.14.21-150400.24.222.1
* cluster-md-kmp-default-5.14.21-150400.24.222.1
* kernel-default-debuginfo-5.14.21-150400.24.222.1
* dlm-kmp-default-5.14.21-150400.24.222.1
* SUSE Linux Enterprise High Availability Extension 15 SP4 (nosrc)
* kernel-default-5.14.21-150400.24.222.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
nosrc)
* kernel-64kb-5.14.21-150400.24.222.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64)
* kernel-64kb-devel-5.14.21-150400.24.222.1
* kernel-64kb-debuginfo-5.14.21-150400.24.222.1
* kernel-64kb-devel-debuginfo-5.14.21-150400.24.222.1
* kernel-64kb-debugsource-5.14.21-150400.24.222.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 nosrc
x86_64)
* kernel-default-5.14.21-150400.24.222.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* kernel-default-debugsource-5.14.21-150400.24.222.1
* reiserfs-kmp-default-5.14.21-150400.24.222.1
* kernel-obs-build-5.14.21-150400.24.222.1
* kernel-syms-5.14.21-150400.24.222.1
* kernel-default-devel-5.14.21-150400.24.222.1
* kernel-obs-build-debugsource-5.14.21-150400.24.222.1
* kernel-default-debuginfo-5.14.21-150400.24.222.1
* kernel-default-devel-debuginfo-5.14.21-150400.24.222.1
* kernel-default-base-5.14.21-150400.24.222.1.150400.24.112.1
* reiserfs-kmp-default-debuginfo-5.14.21-150400.24.222.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
* kernel-source-5.14.21-150400.24.222.1
* kernel-macros-5.14.21-150400.24.222.1
* kernel-devel-5.14.21-150400.24.222.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch nosrc)
* kernel-docs-5.14.21-150400.24.222.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 nosrc)
* kernel-64kb-5.14.21-150400.24.222.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64)
* kernel-64kb-devel-5.14.21-150400.24.222.1
* kernel-64kb-debuginfo-5.14.21-150400.24.222.1
* kernel-64kb-devel-debuginfo-5.14.21-150400.24.222.1
* kernel-64kb-debugsource-5.14.21-150400.24.222.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 nosrc
x86_64)
* kernel-default-5.14.21-150400.24.222.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* kernel-default-debugsource-5.14.21-150400.24.222.1
* reiserfs-kmp-default-5.14.21-150400.24.222.1
* kernel-obs-build-5.14.21-150400.24.222.1
* kernel-syms-5.14.21-150400.24.222.1
* kernel-default-devel-5.14.21-150400.24.222.1
* kernel-obs-build-debugsource-5.14.21-150400.24.222.1
* kernel-default-debuginfo-5.14.21-150400.24.222.1
* kernel-default-devel-debuginfo-5.14.21-150400.24.222.1
* kernel-default-base-5.14.21-150400.24.222.1.150400.24.112.1
* reiserfs-kmp-default-debuginfo-5.14.21-150400.24.222.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
* kernel-source-5.14.21-150400.24.222.1
* kernel-macros-5.14.21-150400.24.222.1
* kernel-devel-5.14.21-150400.24.222.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch nosrc)
* kernel-docs-5.14.21-150400.24.222.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 nosrc)
* kernel-64kb-5.14.21-150400.24.222.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64)
* kernel-64kb-devel-5.14.21-150400.24.222.1
* kernel-64kb-debuginfo-5.14.21-150400.24.222.1
* kernel-64kb-devel-debuginfo-5.14.21-150400.24.222.1
* kernel-64kb-debugsource-5.14.21-150400.24.222.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64
nosrc)
* kernel-default-5.14.21-150400.24.222.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le x86_64)
* kernel-default-base-5.14.21-150400.24.222.1.150400.24.112.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* kernel-default-debugsource-5.14.21-150400.24.222.1
* reiserfs-kmp-default-5.14.21-150400.24.222.1
* kernel-obs-build-5.14.21-150400.24.222.1
* kernel-syms-5.14.21-150400.24.222.1
* kernel-default-devel-5.14.21-150400.24.222.1
* kernel-obs-build-debugsource-5.14.21-150400.24.222.1
* kernel-default-debuginfo-5.14.21-150400.24.222.1
* kernel-default-devel-debuginfo-5.14.21-150400.24.222.1
* reiserfs-kmp-default-debuginfo-5.14.21-150400.24.222.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
* kernel-source-5.14.21-150400.24.222.1
* kernel-macros-5.14.21-150400.24.222.1
* kernel-devel-5.14.21-150400.24.222.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (noarch nosrc)
* kernel-docs-5.14.21-150400.24.222.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (nosrc s390x)
* kernel-zfcpdump-5.14.21-150400.24.222.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (s390x)
* kernel-zfcpdump-debugsource-5.14.21-150400.24.222.1
* kernel-zfcpdump-debuginfo-5.14.21-150400.24.222.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 nosrc s390x x86_64)
* kernel-default-5.14.21-150400.24.222.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 x86_64)
* kernel-default-base-5.14.21-150400.24.222.1.150400.24.112.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* kernel-default-debuginfo-5.14.21-150400.24.222.1
* kernel-default-debugsource-5.14.21-150400.24.222.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (noarch)
* kernel-macros-5.14.21-150400.24.222.1
* kernel-source-5.14.21-150400.24.222.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 nosrc s390x x86_64)
* kernel-default-5.14.21-150400.24.222.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 x86_64)
* kernel-default-base-5.14.21-150400.24.222.1.150400.24.112.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* kernel-default-debuginfo-5.14.21-150400.24.222.1
* kernel-default-debugsource-5.14.21-150400.24.222.1
* SUSE Linux Enterprise Micro 5.3 (noarch)
* kernel-macros-5.14.21-150400.24.222.1
* kernel-source-5.14.21-150400.24.222.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 nosrc s390x x86_64)
* kernel-default-5.14.21-150400.24.222.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 x86_64)
* kernel-default-base-5.14.21-150400.24.222.1.150400.24.112.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* kernel-default-debuginfo-5.14.21-150400.24.222.1
* kernel-default-debugsource-5.14.21-150400.24.222.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (noarch)
* kernel-macros-5.14.21-150400.24.222.1
* kernel-source-5.14.21-150400.24.222.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 nosrc s390x x86_64)
* kernel-default-5.14.21-150400.24.222.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 x86_64)
* kernel-default-base-5.14.21-150400.24.222.1.150400.24.112.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* kernel-default-debuginfo-5.14.21-150400.24.222.1
* kernel-default-debugsource-5.14.21-150400.24.222.1
* SUSE Linux Enterprise Micro 5.4 (noarch)
* kernel-macros-5.14.21-150400.24.222.1
* kernel-source-5.14.21-150400.24.222.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (nosrc ppc64le
x86_64)
* kernel-default-5.14.21-150400.24.222.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* kernel-default-debugsource-5.14.21-150400.24.222.1
* reiserfs-kmp-default-5.14.21-150400.24.222.1
* kernel-obs-build-5.14.21-150400.24.222.1
* kernel-syms-5.14.21-150400.24.222.1
* kernel-default-devel-5.14.21-150400.24.222.1
* kernel-obs-build-debugsource-5.14.21-150400.24.222.1
* kernel-default-debuginfo-5.14.21-150400.24.222.1
* kernel-default-devel-debuginfo-5.14.21-150400.24.222.1
* kernel-default-base-5.14.21-150400.24.222.1.150400.24.112.1
* reiserfs-kmp-default-debuginfo-5.14.21-150400.24.222.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
* kernel-source-5.14.21-150400.24.222.1
* kernel-macros-5.14.21-150400.24.222.1
* kernel-devel-5.14.21-150400.24.222.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch nosrc)
* kernel-docs-5.14.21-150400.24.222.1
* SUSE Linux Enterprise Live Patching 15-SP4 (nosrc)
* kernel-default-5.14.21-150400.24.222.1
* SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64)
* kernel-default-debugsource-5.14.21-150400.24.222.1
* kernel-livepatch-5_14_21-150400_24_222-default-debuginfo-1-150400.9.3.1
* kernel-livepatch-5_14_21-150400_24_222-default-1-150400.9.3.1
* kernel-default-livepatch-devel-5.14.21-150400.24.222.1
* kernel-livepatch-SLE15-SP4_Update_55-debugsource-1-150400.9.3.1
* kernel-default-livepatch-5.14.21-150400.24.222.1
* kernel-default-debuginfo-5.14.21-150400.24.222.1

## References:

* https://www.suse.com/security/cve/CVE-2026-31405.html
* https://www.suse.com/security/cve/CVE-2026-31629.html
* https://www.suse.com/security/cve/CVE-2026-31758.html
* https://www.suse.com/security/cve/CVE-2026-43037.html
* https://www.suse.com/security/cve/CVE-2026-43206.html
* https://www.suse.com/security/cve/CVE-2026-43499.html
* https://www.suse.com/security/cve/CVE-2026-43501.html
* https://www.suse.com/security/cve/CVE-2026-45852.html
* https://www.suse.com/security/cve/CVE-2026-45970.html
* https://www.suse.com/security/cve/CVE-2026-46021.html
* https://www.suse.com/security/cve/CVE-2026-46043.html
* https://www.suse.com/security/cve/CVE-2026-46113.html
* https://www.suse.com/security/cve/CVE-2026-46243.html
* https://bugzilla.suse.com/show_bug.cgi?id=1261700
* https://bugzilla.suse.com/show_bug.cgi?id=1263790
* https://bugzilla.suse.com/show_bug.cgi?id=1263995
* https://bugzilla.suse.com/show_bug.cgi?id=1264093
* https://bugzilla.suse.com/show_bug.cgi?id=1264551
* https://bugzilla.suse.com/show_bug.cgi?id=1266001
* https://bugzilla.suse.com/show_bug.cgi?id=1266009
* https://bugzilla.suse.com/show_bug.cgi?id=1266238
* https://bugzilla.suse.com/show_bug.cgi?id=1266711
* https://bugzilla.suse.com/show_bug.cgi?id=1266901
* https://bugzilla.suse.com/show_bug.cgi?id=1266969
* https://bugzilla.suse.com/show_bug.cgi?id=1267205
* https://bugzilla.suse.com/show_bug.cgi?id=1267220

openSUSE-SU-2026:10996-1: moderate: git-bug-0.10.1-6.1 on GA media

# git-bug-0.10.1-6.1 on GA media

Announcement ID: openSUSE-SU-2026:10996-1
Rating: moderate

Cross-References:

* CVE-2026-44740

CVSS scores:

* CVE-2026-44740 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-44740 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the git-bug-0.10.1-6.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* git-bug 0.10.1-6.1
* git-bug-bash-completion 0.10.1-6.1
* git-bug-fish-completion 0.10.1-6.1
* git-bug-zsh-completion 0.10.1-6.1

## References:

* https://www.suse.com/security/cve/CVE-2026-44740.html

openSUSE-SU-2026:10991-1: moderate: afl-5.00c-1.1 on GA media

# afl-5.00c-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10991-1
Rating: moderate

Cross-References:

* CVE-2023-4863

CVSS scores:

* CVE-2023-4863 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the afl-5.00c-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* afl 5.00c-1.1
* afl-devel 5.00c-1.1

## References:

* https://www.suse.com/security/cve/CVE-2023-4863.html

.NET, Kernel, OpenSSL, and Core Packages updates for Rocky Linux

Apache HTTP Server and GStreamer Base Plugins updates for Ubuntu LTS

Chromium, Linux Kernel, rclone, Django and more updates for SUSE

openSUSE-SU-2026:0199-1: critical: Security update for rclone

SUSE-SU-2026:2380-1: critical: Security update for hplip

SUSE-SU-2026:2381-1: important: Security update for libyang

openSUSE-SU-2026:10994-1: moderate: cpp-httplib-devel-0.46.1-1.1 on GA media

openSUSE-SU-2026:10999-1: moderate: logback-1.5.34-1.1 on GA media

openSUSE-SU-2026:10998-1: moderate: ldns-1.9.2-1.1 on GA media

openSUSE-SU-2026:20931-1: low: Security update for python-Pygments

openSUSE-SU-2026:10997-1: moderate: golang-github-prometheus-prometheus-3.12.0-2.1 on GA media

SUSE-SU-2026:2386-1: important: Security update for qemu

openSUSE-SU-2026:20937-1: important: Security update for python-Django

openSUSE-SU-2026:10995-1: moderate: enc-1.1.5-2.1 on GA media

openSUSE-SU-2026:10992-1: moderate: alloy-1.16.1-2.1 on GA media

openSUSE-SU-2026:20944-1: critical: Security update for chromium

SUSE-SU-2026:2388-1: moderate: Security update for qemu

openSUSE-SU-2026:10990-1: moderate: python-M2Crypto-doc-0.48.0-1.1 on GA media

SUSE-SU-2026:2389-1: moderate: Security update for GraphicsMagick

SUSE-SU-2026:2383-1: important: Security update for the Linux Kernel

openSUSE-SU-2026:10996-1: moderate: git-bug-0.10.1-6.1 on GA media

openSUSE-SU-2026:10991-1: moderate: afl-5.00c-1.1 on GA media

Windows

Linux

macOS

Community