Chromium, Rekor, Cockpit, and more updates for SUSE

SUSE 5655 Published by

SUSE has released multiple security updates across its Linux distributions to patch critical flaws in several popular applications. The highest priority fix addresses sixteen vulnerabilities in Chromium, including memory corruption issues and weak policy enforcement that could lead to unauthorized access. You should also install important patches for Cockpit to prevent remote command execution, while Rekor and Rootlesskit receive necessary rebuilds tied to recent Go security improvements. Finally, openSUSE Tumbleweed users can apply moderate updates to harden PostgreSQL components and the Oracle Cloud Infrastructure CLI against various exploits.

openSUSE-SU-2026:0175-1: critical: Security update for chromium
SUSE-SU-2026:2043-1: important: Security update for rekor
SUSE-SU-2026:2044-1: important: Security update for rootlesskit
openSUSE-SU-2026:10828-1: moderate: libecpg6-18.4-1.1 on GA media
openSUSE-SU-2026:10827-1: moderate: oci-cli-3.83.0-1.1 on GA media
openSUSE-SU-2026:0176-1: important: Security update for cockpit




openSUSE-SU-2026:0175-1: critical: Security update for chromium


openSUSE Security Update: Security update for chromium
_______________________________

Announcement ID: openSUSE-SU-2026:0175-1
Rating: critical
References: #1265848
Cross-References: CVE-2026-9110 CVE-2026-9111 CVE-2026-9112
CVE-2026-9113 CVE-2026-9114 CVE-2026-9115
CVE-2026-9116 CVE-2026-9117 CVE-2026-9118
CVE-2026-9119 CVE-2026-9120 CVE-2026-9121
CVE-2026-9122 CVE-2026-9123 CVE-2026-9124
CVE-2026-9126
Affected Products:
openSUSE Backports SLE-15-SP7
_______________________________

An update that fixes 16 vulnerabilities is now available.

Description:

This update for chromium fixes the following issues:

- Chromium 148.0.7778.178 (boo#1265848)
* CVE-2026-9111: Use after free in WebRTC
* CVE-2026-9110: Inappropriate implementation in UI
* CVE-2026-9112: Use after free in GPU
* CVE-2026-9113: Out of bounds read in GPU
* CVE-2026-9114: Use after free in QUIC
* CVE-2026-9115: Insufficient policy enforcement in Service Worker
* CVE-2026-9116: Insufficient policy enforcement in ServiceWorker
* CVE-2026-9117: Type Confusion in GFX
* CVE-2026-9118: Use after free in XR
* CVE-2026-9119: Heap buffer overflow in WebRTC
* CVE-2026-9120: Use after free in WebRTC
* CVE-2026-9126: Use after free in DOM
* CVE-2026-9121: Out of bounds read in GPU
* CVE-2026-9122: Out of bounds read in GPU
* CVE-2026-9123: Heap buffer overflow in Chromecast
* CVE-2026-9124: Insufficient validation of untrusted input in Input

- add system-wide chromium.conf as in fedora package enable several
features by default and disable ai features allow to override via
setting CHROMIUM_USER_FLAGS

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP7:

zypper in -t patch openSUSE-2026-175=1

Package List:

- openSUSE Backports SLE-15-SP7 (aarch64 ppc64le x86_64):

chromedriver-148.0.7778.178-bp157.2.160.1
chromium-148.0.7778.178-bp157.2.160.1

References:

https://www.suse.com/security/cve/CVE-2026-9110.html
https://www.suse.com/security/cve/CVE-2026-9111.html
https://www.suse.com/security/cve/CVE-2026-9112.html
https://www.suse.com/security/cve/CVE-2026-9113.html
https://www.suse.com/security/cve/CVE-2026-9114.html
https://www.suse.com/security/cve/CVE-2026-9115.html
https://www.suse.com/security/cve/CVE-2026-9116.html
https://www.suse.com/security/cve/CVE-2026-9117.html
https://www.suse.com/security/cve/CVE-2026-9118.html
https://www.suse.com/security/cve/CVE-2026-9119.html
https://www.suse.com/security/cve/CVE-2026-9120.html
https://www.suse.com/security/cve/CVE-2026-9121.html
https://www.suse.com/security/cve/CVE-2026-9122.html
https://www.suse.com/security/cve/CVE-2026-9123.html
https://www.suse.com/security/cve/CVE-2026-9124.html
https://www.suse.com/security/cve/CVE-2026-9126.html
https://bugzilla.suse.com/1265848



SUSE-SU-2026:2043-1: important: Security update for rekor


# Security update for rekor

Announcement ID: SUSE-SU-2026:2043-1
Release Date: 2026-05-22T05:54:19Z
Rating: important
References:

Affected Products:

* Basesystem Module 15-SP7
* openSUSE Leap 15.4
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP6 LTSS
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7

An update that can now be installed.

## Description:

This update for rekor rebuilds it against the current go security release.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2043=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2043=1

* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2043=1

* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2043=1

* SUSE Linux Enterprise Server 15 SP6 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2043=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2043=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2043=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP6
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2043=1

* openSUSE Leap 15.4
zypper in -t patch SUSE-2026-2043=1

* Basesystem Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-2043=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2043=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2043=1

## Package List:

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
x86_64)
* rekor-1.4.3-150400.4.32.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
x86_64)
* rekor-1.4.3-150400.4.32.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* rekor-1.4.3-150400.4.32.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* rekor-1.4.3-150400.4.32.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64)
* rekor-debuginfo-1.4.3-150400.4.32.1
* rekor-1.4.3-150400.4.32.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* rekor-1.4.3-150400.4.32.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* rekor-1.4.3-150400.4.32.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64)
* rekor-debuginfo-1.4.3-150400.4.32.1
* rekor-1.4.3-150400.4.32.1
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* rekor-debuginfo-1.4.3-150400.4.32.1
* rekor-1.4.3-150400.4.32.1
* Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* rekor-debuginfo-1.4.3-150400.4.32.1
* rekor-1.4.3-150400.4.32.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* rekor-1.4.3-150400.4.32.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* rekor-1.4.3-150400.4.32.1



SUSE-SU-2026:2044-1: important: Security update for rootlesskit


# Security update for rootlesskit

Announcement ID: SUSE-SU-2026:2044-1
Release Date: 2026-05-22T05:54:39Z
Rating: important
References:

Affected Products:

* Containers Module 15-SP7
* openSUSE Leap 15.6
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP6 LTSS
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7

An update that can now be installed.

## Description:

This update for rootlesskit rebuilds it against the current go security release.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2026-2044=1

* Containers Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Containers-15-SP7-2026-2044=1

* SUSE Linux Enterprise Server 15 SP6 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2044=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP6
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2044=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* rootlesskit-1.1.1-150600.3.4.1
* rootlesskit-debuginfo-1.1.1-150600.3.4.1
* Containers Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* rootlesskit-1.1.1-150600.3.4.1
* rootlesskit-debuginfo-1.1.1-150600.3.4.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64)
* rootlesskit-1.1.1-150600.3.4.1
* rootlesskit-debuginfo-1.1.1-150600.3.4.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64)
* rootlesskit-1.1.1-150600.3.4.1
* rootlesskit-debuginfo-1.1.1-150600.3.4.1



openSUSE-SU-2026:10828-1: moderate: libecpg6-18.4-1.1 on GA media


# libecpg6-18.4-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10828-1
Rating: moderate

Cross-References:

* CVE-2026-6472
* CVE-2026-6473
* CVE-2026-6474
* CVE-2026-6475
* CVE-2026-6476
* CVE-2026-6477
* CVE-2026-6478
* CVE-2026-6479
* CVE-2026-6575
* CVE-2026-6637
* CVE-2026-6638

CVSS scores:

* CVE-2026-6472 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
* CVE-2026-6473 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-6474 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2026-6475 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2026-6476 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-6477 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2026-6478 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2026-6479 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-6575 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2026-6637 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-6638 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N

Affected Products:

* openSUSE Tumbleweed

An update that solves 11 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the libecpg6-18.4-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* libecpg6 18.4-1.1
* libecpg6-32bit 18.4-1.1
* libpq5 18.4-1.1
* libpq5-32bit 18.4-1.1
* postgresql18 18.4-1.1
* postgresql18-contrib 18.4-1.1
* postgresql18-devel 18.4-1.1
* postgresql18-docs 18.4-1.1
* postgresql18-llvmjit 18.4-1.1
* postgresql18-llvmjit-devel 18.4-1.1
* postgresql18-plperl 18.4-1.1
* postgresql18-plpython 18.4-1.1
* postgresql18-pltcl 18.4-1.1
* postgresql18-server 18.4-1.1
* postgresql18-server-devel 18.4-1.1
* postgresql18-test 18.4-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-6472.html
* https://www.suse.com/security/cve/CVE-2026-6473.html
* https://www.suse.com/security/cve/CVE-2026-6474.html
* https://www.suse.com/security/cve/CVE-2026-6475.html
* https://www.suse.com/security/cve/CVE-2026-6476.html
* https://www.suse.com/security/cve/CVE-2026-6477.html
* https://www.suse.com/security/cve/CVE-2026-6478.html
* https://www.suse.com/security/cve/CVE-2026-6479.html
* https://www.suse.com/security/cve/CVE-2026-6575.html
* https://www.suse.com/security/cve/CVE-2026-6637.html
* https://www.suse.com/security/cve/CVE-2026-6638.html



openSUSE-SU-2026:10827-1: moderate: oci-cli-3.83.0-1.1 on GA media


# oci-cli-3.83.0-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10827-1
Rating: moderate

Cross-References:

* CVE-2026-35254

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the oci-cli-3.83.0-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* oci-cli 3.83.0-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-35254.html



openSUSE-SU-2026:0176-1: important: Security update for cockpit


openSUSE Security Update: Security update for cockpit
_______________________________

Announcement ID: openSUSE-SU-2026:0176-1
Rating: important
References: #1265040
Cross-References: CVE-2026-4802
CVSS scores:
CVE-2026-4802 (SUSE): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Products:
openSUSE Backports SLE-15-SP7
_______________________________

An update that fixes one vulnerability is now available.

Description:

This update for cockpit fixes the following issues:

- CVE-2026-4802: Fixed a remote command execution via unsanitized
user-controlled parameters within crafted links in system logs UI
(boo#1265040).

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP7:

zypper in -t patch openSUSE-2026-176=1

Package List:

- openSUSE Backports SLE-15-SP7 (aarch64 ppc64le s390x x86_64):

cockpit-321-bp157.2.3.2
cockpit-bridge-321-bp157.2.3.2
cockpit-devel-321-bp157.2.3.2
cockpit-pcp-321-bp157.2.3.2
cockpit-ws-321-bp157.2.3.2

- openSUSE Backports SLE-15-SP7 (noarch):

cockpit-doc-321-bp157.2.3.2
cockpit-kdump-321-bp157.2.3.2
cockpit-networkmanager-321-bp157.2.3.2
cockpit-packagekit-321-bp157.2.3.2
cockpit-selinux-321-bp157.2.3.2
cockpit-storaged-321-bp157.2.3.2
cockpit-system-321-bp157.2.3.2

References:

https://www.suse.com/security/cve/CVE-2026-4802.html
https://bugzilla.suse.com/1265040


Kernel, KRB5, Libsndfile, and more updates for Oracle Linux

Kernel, Evince, Path-to-Regex and more updates for Ubuntu

Windows

Linux

macOS

Community

  • Lexonight
    Hey everyone,Wanted to share a project I've been b ...
  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...