Corepack24, Nano, GraphicsMagick, Gvim, and Python updates for SUSE

SUSE 5691 Published 2026-06-28 07:15 by Philipp Esselbach

News

SUSE released a batch of moderate security updates for openSUSE Tumbleweed and the openSUSE Backports SLE-15-SP7 channel. The patches address thirty-three reported security flaws across corepack24, nano, GraphicsMagick, gvim, pypdf, py7zr, and openbabel.

openSUSE-SU-2026:11121-1: moderate: corepack24-24.17.0-1.1 on GA media
openSUSE-SU-2026:11120-1: moderate: nano-9.1-1.1 on GA media
openSUSE-SU-2026:11115-1: moderate: GraphicsMagick-1.3.47-3.1 on GA media
openSUSE-SU-2026:11112-1: moderate: python311-py7zr-1.1.3-1.1 on GA media
openSUSE-SU-2026:11114-1: moderate: gvim-9.2.0530-1.1 on GA media
openSUSE-SU-2026:11113-1: moderate: python311-pypdf-6.14.0-1.1 on GA media
openSUSE-SU-2026:0220-1: moderate: Security update for openbabel

openSUSE-SU-2026:11121-1: moderate: corepack24-24.17.0-1.1 on GA media

# corepack24-24.17.0-1.1 on GA media

Announcement ID: openSUSE-SU-2026:11121-1
Rating: moderate

Cross-References:

* CVE-2026-11525
* CVE-2026-12151
* CVE-2026-2581
* CVE-2026-27135
* CVE-2026-40170
* CVE-2026-42338
* CVE-2026-48615
* CVE-2026-48617
* CVE-2026-48618
* CVE-2026-48619
* CVE-2026-48928
* CVE-2026-48930
* CVE-2026-48931
* CVE-2026-48933
* CVE-2026-48934
* CVE-2026-48935
* CVE-2026-48937
* CVE-2026-6733
* CVE-2026-9496
* CVE-2026-9678
* CVE-2026-9679

CVSS scores:

* CVE-2026-11525 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
* CVE-2026-12151 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-2581 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-27135 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-27135 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-40170 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-40170 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-42338 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2026-42338 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-48615 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2026-48615 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2026-48617 ( SUSE ): 2.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:N
* CVE-2026-48617 ( SUSE ): 1.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2026-48618 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
* CVE-2026-48618 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-48619 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-48928 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N
* CVE-2026-48928 ( SUSE ): 6 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-48930 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
* CVE-2026-48930 ( SUSE ): 6 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-48931 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
* CVE-2026-48931 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2026-48933 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-48933 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-48934 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2026-48934 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2026-48935 ( SUSE ): 4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
* CVE-2026-48935 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2026-48937 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2026-6733 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
* CVE-2026-9496 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2026-9496 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-9678 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2026-9679 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

Affected Products:

* openSUSE Tumbleweed

An update that solves 21 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the corepack24-24.17.0-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* corepack24 24.17.0-1.1
* nodejs24 24.17.0-1.1
* nodejs24-devel 24.17.0-1.1
* nodejs24-docs 24.17.0-1.1
* npm24 24.17.0-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-11525.html
* https://www.suse.com/security/cve/CVE-2026-12151.html
* https://www.suse.com/security/cve/CVE-2026-2581.html
* https://www.suse.com/security/cve/CVE-2026-27135.html
* https://www.suse.com/security/cve/CVE-2026-40170.html
* https://www.suse.com/security/cve/CVE-2026-42338.html
* https://www.suse.com/security/cve/CVE-2026-48615.html
* https://www.suse.com/security/cve/CVE-2026-48617.html
* https://www.suse.com/security/cve/CVE-2026-48618.html
* https://www.suse.com/security/cve/CVE-2026-48619.html
* https://www.suse.com/security/cve/CVE-2026-48928.html
* https://www.suse.com/security/cve/CVE-2026-48930.html
* https://www.suse.com/security/cve/CVE-2026-48931.html
* https://www.suse.com/security/cve/CVE-2026-48933.html
* https://www.suse.com/security/cve/CVE-2026-48934.html
* https://www.suse.com/security/cve/CVE-2026-48935.html
* https://www.suse.com/security/cve/CVE-2026-48937.html
* https://www.suse.com/security/cve/CVE-2026-6733.html
* https://www.suse.com/security/cve/CVE-2026-9496.html
* https://www.suse.com/security/cve/CVE-2026-9678.html
* https://www.suse.com/security/cve/CVE-2026-9679.html

openSUSE-SU-2026:11120-1: moderate: nano-9.1-1.1 on GA media

# nano-9.1-1.1 on GA media

Announcement ID: openSUSE-SU-2026:11120-1
Rating: moderate

Cross-References:

* CVE-2026-40556

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the nano-9.1-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* nano 9.1-1.1
* nano-lang 9.1-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-40556.html

openSUSE-SU-2026:11115-1: moderate: GraphicsMagick-1.3.47-3.1 on GA media

# GraphicsMagick-1.3.47-3.1 on GA media

Announcement ID: openSUSE-SU-2026:11115-1
Rating: moderate

Cross-References:

* CVE-2026-46523

CVSS scores:

* CVE-2026-46523 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2026-46523 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the GraphicsMagick-1.3.47-3.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* GraphicsMagick 1.3.47-3.1
* GraphicsMagick-devel 1.3.47-3.1
* libGraphicsMagick++-Q16-12 1.3.47-3.1
* libGraphicsMagick++-devel 1.3.47-3.1
* libGraphicsMagick-Q16-3 1.3.47-3.1
* libGraphicsMagick3-config 1.3.47-3.1
* libGraphicsMagickWand-Q16-2 1.3.47-3.1
* perl-GraphicsMagick 1.3.47-3.1

## References:

* https://www.suse.com/security/cve/CVE-2026-46523.html

openSUSE-SU-2026:11112-1: moderate: python311-py7zr-1.1.3-1.1 on GA media

# python311-py7zr-1.1.3-1.1 on GA media

Announcement ID: openSUSE-SU-2026:11112-1
Rating: moderate

Cross-References:

* CVE-2026-23879
* CVE-2026-55195
* CVE-2026-55206

Affected Products:

* openSUSE Tumbleweed

An update that solves 3 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the python311-py7zr-1.1.3-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* python311-py7zr 1.1.3-1.1
* python313-py7zr 1.1.3-1.1
* python314-py7zr 1.1.3-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-23879.html
* https://www.suse.com/security/cve/CVE-2026-55195.html
* https://www.suse.com/security/cve/CVE-2026-55206.html

openSUSE-SU-2026:11114-1: moderate: gvim-9.2.0530-1.1 on GA media

# gvim-9.2.0530-1.1 on GA media

Announcement ID: openSUSE-SU-2026:11114-1
Rating: moderate

Cross-References:

* CVE-2026-42307
* CVE-2026-43961
* CVE-2026-44656
* CVE-2026-45130
* CVE-2026-46483

CVSS scores:

* CVE-2026-43961 ( SUSE ): 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
* CVE-2026-43961 ( SUSE ): 5.4 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-44656 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
* CVE-2026-44656 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-45130 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H
* CVE-2026-46483 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2026-46483 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves 5 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the gvim-9.2.0530-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* gvim 9.2.0530-1.1
* vim 9.2.0530-1.1
* vim-data 9.2.0530-1.1
* vim-data-common 9.2.0530-1.1
* vim-small 9.2.0530-1.1
* xxd 9.2.0530-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-42307.html
* https://www.suse.com/security/cve/CVE-2026-43961.html
* https://www.suse.com/security/cve/CVE-2026-44656.html
* https://www.suse.com/security/cve/CVE-2026-45130.html
* https://www.suse.com/security/cve/CVE-2026-46483.html

openSUSE-SU-2026:11113-1: moderate: python311-pypdf-6.14.0-1.1 on GA media

# python311-pypdf-6.14.0-1.1 on GA media

Announcement ID: openSUSE-SU-2026:11113-1
Rating: moderate

Cross-References:

* CVE-2026-54651

CVSS scores:

* CVE-2026-54651 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2026-54651 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the python311-pypdf-6.14.0-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* python311-pypdf 6.14.0-1.1
* python313-pypdf 6.14.0-1.1
* python314-pypdf 6.14.0-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-54651.html

openSUSE-SU-2026:0220-1: moderate: Security update for openbabel

openSUSE Security Update: Security update for openbabel
_______________________________

Announcement ID: openSUSE-SU-2026:0220-1
Rating: moderate
References: #1258501
Cross-References: CVE-2026-2704
Affected Products:
openSUSE Backports SLE-15-SP7
_______________________________

An update that fixes one vulnerability is now available.

Description:

This update for openbabel fixes the following issues:

- CVE-2026-2704: bounds-check the transform3d DescribeAsString() matrix
scan to fix an
out-of-bounds read on crafted CIF input (boo#1258501)

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP7:

zypper in -t patch openSUSE-2026-220=1

Package List:

- openSUSE Backports SLE-15-SP7 (aarch64 i586 ppc64le s390x x86_64):

libinchi0-2.4.1-bp157.2.3.1
libopenbabel5-2.4.1-bp157.2.3.1
openbabel-2.4.1-bp157.2.3.1
openbabel-devel-2.4.1-bp157.2.3.1
python3-openbabel-2.4.1-bp157.2.3.1

- openSUSE Backports SLE-15-SP7 (aarch64_ilp32):

libinchi0-64bit-2.4.1-bp157.2.3.1
libopenbabel5-64bit-2.4.1-bp157.2.3.1

- openSUSE Backports SLE-15-SP7 (x86_64):

libinchi0-32bit-2.4.1-bp157.2.3.1
libopenbabel5-32bit-2.4.1-bp157.2.3.1

References:

https://www.suse.com/security/cve/CVE-2026-2704.html
https://bugzilla.suse.com/1258501

Kernel, Python3.14, Autotrace, Lynx, Pandoc, Mysql ,Gcc, Libpq updates for Rocky Linux

Amethyst Mod Manager 1.3.12 Updates Linux Modding With Bethesda Wizards and Speed Fixes

Corepack24, Nano, GraphicsMagick, Gvim, and Python updates for SUSE

openSUSE-SU-2026:11121-1: moderate: corepack24-24.17.0-1.1 on GA media

openSUSE-SU-2026:11120-1: moderate: nano-9.1-1.1 on GA media

openSUSE-SU-2026:11115-1: moderate: GraphicsMagick-1.3.47-3.1 on GA media

openSUSE-SU-2026:11112-1: moderate: python311-py7zr-1.1.3-1.1 on GA media

openSUSE-SU-2026:11114-1: moderate: gvim-9.2.0530-1.1 on GA media

openSUSE-SU-2026:11113-1: moderate: python311-pypdf-6.14.0-1.1 on GA media

openSUSE-SU-2026:0220-1: moderate: Security update for openbabel

Windows

Linux

macOS

Community