Curl, Vim, 389-DS, and more updates for SUSE Linux

SUSE 5593 Published by

SUSE distributed numerous important advisories targeting critical vulnerabilities within their Linux ecosystem. Some high priority patches address severe flaws like chromium security issues that could impact over thirty distinct CVEs, while others fix moderate risks in development tools such as vim and curl.

SUSE-SU-2026:0911-1: important: Security update for curl
SUSE-SU-2026:0910-1: moderate: Security update for vim
openSUSE-SU-2026:0088-1: critical: Security update for krb5-appl
openSUSE-SU-2026:0086-1: important: Security update for python-simpleeval
SUSE-SU-2026:0917-1: important: Security update for kubernetes
SUSE-SU-2026:0913-1: important: Security update for 389-ds
SUSE-SU-2026:0914-1: important: Security update for 389-ds
SUSE-SU-2026:0928-1: important: Security update for the Linux Kernel
openSUSE-SU-2026:20373-1: moderate: Security update for python-Django
openSUSE-SU-2026:20372-1: critical: Security update for chromium
openSUSE-SU-2026:20375-1: moderate: Security update for python-PyPDF2
openSUSE-SU-2026:20374-1: critical: Security update for krb5-appl
openSUSE-SU-2026:20366-1: important: Security update for docker-stable
openSUSE-SU-2026:10367-1: moderate: ruby4.0-rubygem-web-console-4.2.1-1.9 on GA media
openSUSE-SU-2026:10371-1: moderate: curl-8.19.0-1.1 on GA media
openSUSE-SU-2026:10369-1: moderate: skaffold-2.18.0-1.1 on GA media
openSUSE-SU-2026:10368-1: moderate: ruby4.0-rubygem-websocket-extensions-0.1.5-1.24 on GA media
openSUSE-SU-2026:10364-1: moderate: ruby4.0-rubygem-sprockets-4.2.1-1.9 on GA media
openSUSE-SU-2026:10366-1: moderate: ruby4.0-rubygem-thor-1.4.0-1.3 on GA media
openSUSE-SU-2026:10370-1: moderate: smb4k-4.0.5-1.2 on GA media
openSUSE-SU-2026:10365-1: moderate: ruby4.0-rubygem-sprockets-3.7-3.7.5-1.5 on GA media
SUSE-SU-2026:0923-1: important: Security update for gvfs




SUSE-SU-2026:0911-1: important: Security update for curl


# Security update for curl

Announcement ID: SUSE-SU-2026:0911-1
Release Date: 2026-03-17T19:57:02Z
Rating: important
References:

* bsc#1259362
* bsc#1259363
* bsc#1259364
* bsc#1259365

Cross-References:

* CVE-2026-1965
* CVE-2026-3783
* CVE-2026-3784
* CVE-2026-3805

CVSS scores:

* CVE-2026-1965 ( SUSE ): 6.9
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N
* CVE-2026-1965 ( SUSE ): 7.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N
* CVE-2026-1965 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
* CVE-2026-3783 ( SUSE ): 5.6
CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2026-3783 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
* CVE-2026-3783 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2026-3784 ( SUSE ): 1.0
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
* CVE-2026-3784 ( SUSE ): 4.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
* CVE-2026-3784 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2026-3805 ( SUSE ): 2.0
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2026-3805 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2026-3805 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.4
* SUSE Linux Enterprise Desktop 15 SP4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3

An update that solves four vulnerabilities can now be installed.

## Description:

This update for curl fixes the following issues:

* CVE-2026-1965: bad reuse of HTTP Negotiate connection (bsc#1259362).
* CVE-2026-3783: token leak with redirect and netrc (bsc#1259363).
* CVE-2026-3784: wrong proxy connection reuse with credentials (bsc#1259364).
* CVE-2026-3805: use after free in SMB connection reuse (bsc#1259365).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-911=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-911=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-911=1

* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-911=1

* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-911=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2026-911=1 SUSE-SLE-Product-
SLES_SAP-15-SP4-2026-911=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2026-911=1 SUSE-SLE-Product-
SLES_SAP-15-SP5-2026-911=1

* openSUSE Leap 15.4
zypper in -t patch SUSE-2026-911=1

* SUSE Linux Enterprise High Performance Computing 15 SP4
zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2026-911=1

* SUSE Linux Enterprise Server 15 SP4
zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2026-911=1

* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2026-911=1

* SUSE Linux Enterprise Desktop 15 SP4
zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2026-911=1

* SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2026-911=1

* SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2026-911=1

* SUSE Linux Enterprise High Performance Computing 15 SP5
zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2026-911=1

* SUSE Linux Enterprise Server 15 SP5
zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2026-911=1

* SUSE Linux Enterprise Desktop 15 SP5
zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2026-911=1

* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2026-911=1

* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2026-911=1

* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2026-911=1

* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2026-911=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2026-911=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-911=1

## Package List:

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* libcurl4-debuginfo-8.14.1-150400.5.80.1
* libcurl4-8.14.1-150400.5.80.1
* curl-debuginfo-8.14.1-150400.5.80.1
* curl-8.14.1-150400.5.80.1
* curl-debugsource-8.14.1-150400.5.80.1
* libcurl-devel-8.14.1-150400.5.80.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64)
* libcurl4-32bit-debuginfo-8.14.1-150400.5.80.1
* libcurl4-32bit-8.14.1-150400.5.80.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
x86_64)
* libcurl4-debuginfo-8.14.1-150400.5.80.1
* libcurl4-8.14.1-150400.5.80.1
* curl-debuginfo-8.14.1-150400.5.80.1
* curl-8.14.1-150400.5.80.1
* curl-debugsource-8.14.1-150400.5.80.1
* libcurl-devel-8.14.1-150400.5.80.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64)
* libcurl4-32bit-debuginfo-8.14.1-150400.5.80.1
* libcurl4-32bit-8.14.1-150400.5.80.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
x86_64)
* libcurl4-debuginfo-8.14.1-150400.5.80.1
* libcurl4-8.14.1-150400.5.80.1
* curl-debuginfo-8.14.1-150400.5.80.1
* curl-8.14.1-150400.5.80.1
* curl-debugsource-8.14.1-150400.5.80.1
* libcurl-devel-8.14.1-150400.5.80.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64)
* libcurl4-32bit-debuginfo-8.14.1-150400.5.80.1
* libcurl4-32bit-8.14.1-150400.5.80.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* libcurl4-debuginfo-8.14.1-150400.5.80.1
* libcurl4-8.14.1-150400.5.80.1
* curl-debuginfo-8.14.1-150400.5.80.1
* curl-8.14.1-150400.5.80.1
* curl-debugsource-8.14.1-150400.5.80.1
* libcurl-devel-8.14.1-150400.5.80.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64)
* libcurl4-32bit-debuginfo-8.14.1-150400.5.80.1
* libcurl4-32bit-8.14.1-150400.5.80.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* libcurl4-debuginfo-8.14.1-150400.5.80.1
* libcurl4-8.14.1-150400.5.80.1
* curl-debuginfo-8.14.1-150400.5.80.1
* curl-8.14.1-150400.5.80.1
* curl-debugsource-8.14.1-150400.5.80.1
* libcurl-devel-8.14.1-150400.5.80.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64)
* libcurl4-32bit-debuginfo-8.14.1-150400.5.80.1
* libcurl4-32bit-8.14.1-150400.5.80.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* libcurl4-debuginfo-8.14.1-150400.5.80.1
* libcurl4-8.14.1-150400.5.80.1
* curl-debuginfo-8.14.1-150400.5.80.1
* curl-8.14.1-150400.5.80.1
* curl-debugsource-8.14.1-150400.5.80.1
* libcurl-devel-8.14.1-150400.5.80.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
* libcurl4-32bit-debuginfo-8.14.1-150400.5.80.1
* libcurl4-32bit-8.14.1-150400.5.80.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* libcurl4-debuginfo-8.14.1-150400.5.80.1
* libcurl4-8.14.1-150400.5.80.1
* curl-debuginfo-8.14.1-150400.5.80.1
* curl-8.14.1-150400.5.80.1
* curl-debugsource-8.14.1-150400.5.80.1
* libcurl-devel-8.14.1-150400.5.80.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64)
* libcurl4-32bit-debuginfo-8.14.1-150400.5.80.1
* libcurl4-32bit-8.14.1-150400.5.80.1
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* libcurl4-debuginfo-8.14.1-150400.5.80.1
* libcurl4-8.14.1-150400.5.80.1
* curl-debuginfo-8.14.1-150400.5.80.1
* curl-8.14.1-150400.5.80.1
* libcurl-mini4-8.14.1-150400.5.80.1
* curl-debugsource-8.14.1-150400.5.80.1
* curl-mini-debugsource-8.14.1-150400.5.80.1
* libcurl-mini4-debuginfo-8.14.1-150400.5.80.1
* libcurl-devel-8.14.1-150400.5.80.1
* openSUSE Leap 15.4 (noarch)
* curl-zsh-completion-8.14.1-150400.5.80.1
* libcurl-devel-doc-8.14.1-150400.5.80.1
* curl-fish-completion-8.14.1-150400.5.80.1
* openSUSE Leap 15.4 (x86_64)
* libcurl4-32bit-debuginfo-8.14.1-150400.5.80.1
* libcurl-devel-32bit-8.14.1-150400.5.80.1
* libcurl4-32bit-8.14.1-150400.5.80.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* libcurl-devel-64bit-8.14.1-150400.5.80.1
* libcurl4-64bit-8.14.1-150400.5.80.1
* libcurl4-64bit-debuginfo-8.14.1-150400.5.80.1
* SUSE Linux Enterprise High Performance Computing 15 SP4 (aarch64 x86_64)
* libcurl4-8.14.1-150400.5.80.1
* SUSE Linux Enterprise Server 15 SP4 (aarch64 ppc64le s390x x86_64)
* libcurl4-8.14.1-150400.5.80.1
* SUSE Manager Server 4.3 (ppc64le s390x x86_64)
* libcurl4-8.14.1-150400.5.80.1
* SUSE Linux Enterprise Desktop 15 SP4 (x86_64)
* libcurl4-8.14.1-150400.5.80.1
* SUSE Manager Retail Branch Server 4.3 (x86_64)
* libcurl4-8.14.1-150400.5.80.1
* SUSE Manager Proxy 4.3 (x86_64)
* libcurl4-8.14.1-150400.5.80.1
* SUSE Linux Enterprise High Performance Computing 15 SP5 (aarch64 x86_64)
* libcurl4-8.14.1-150400.5.80.1
* SUSE Linux Enterprise Server 15 SP5 (aarch64 ppc64le s390x x86_64)
* libcurl4-8.14.1-150400.5.80.1
* SUSE Linux Enterprise Desktop 15 SP5 (x86_64)
* libcurl4-8.14.1-150400.5.80.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* libcurl4-debuginfo-8.14.1-150400.5.80.1
* libcurl4-8.14.1-150400.5.80.1
* curl-debuginfo-8.14.1-150400.5.80.1
* curl-8.14.1-150400.5.80.1
* curl-debugsource-8.14.1-150400.5.80.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* libcurl4-debuginfo-8.14.1-150400.5.80.1
* libcurl4-8.14.1-150400.5.80.1
* curl-debuginfo-8.14.1-150400.5.80.1
* curl-8.14.1-150400.5.80.1
* curl-debugsource-8.14.1-150400.5.80.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* libcurl4-debuginfo-8.14.1-150400.5.80.1
* libcurl4-8.14.1-150400.5.80.1
* curl-debuginfo-8.14.1-150400.5.80.1
* curl-8.14.1-150400.5.80.1
* curl-debugsource-8.14.1-150400.5.80.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* libcurl4-debuginfo-8.14.1-150400.5.80.1
* libcurl4-8.14.1-150400.5.80.1
* curl-debuginfo-8.14.1-150400.5.80.1
* curl-8.14.1-150400.5.80.1
* curl-debugsource-8.14.1-150400.5.80.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
* libcurl4-debuginfo-8.14.1-150400.5.80.1
* libcurl4-8.14.1-150400.5.80.1
* curl-debuginfo-8.14.1-150400.5.80.1
* curl-8.14.1-150400.5.80.1
* curl-debugsource-8.14.1-150400.5.80.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* libcurl4-debuginfo-8.14.1-150400.5.80.1
* libcurl4-8.14.1-150400.5.80.1
* curl-debuginfo-8.14.1-150400.5.80.1
* curl-8.14.1-150400.5.80.1
* curl-debugsource-8.14.1-150400.5.80.1
* libcurl-devel-8.14.1-150400.5.80.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64)
* libcurl4-32bit-debuginfo-8.14.1-150400.5.80.1
* libcurl4-32bit-8.14.1-150400.5.80.1

## References:

* https://www.suse.com/security/cve/CVE-2026-1965.html
* https://www.suse.com/security/cve/CVE-2026-3783.html
* https://www.suse.com/security/cve/CVE-2026-3784.html
* https://www.suse.com/security/cve/CVE-2026-3805.html
* https://bugzilla.suse.com/show_bug.cgi?id=1259362
* https://bugzilla.suse.com/show_bug.cgi?id=1259363
* https://bugzilla.suse.com/show_bug.cgi?id=1259364
* https://bugzilla.suse.com/show_bug.cgi?id=1259365



SUSE-SU-2026:0910-1: moderate: Security update for vim


# Security update for vim

Announcement ID: SUSE-SU-2026:0910-1
Release Date: 2026-03-17T19:34:41Z
Rating: moderate
References:

* bsc#1246602
* bsc#1258229
* bsc#1259051

Cross-References:

* CVE-2025-53906
* CVE-2026-26269
* CVE-2026-28417

CVSS scores:

* CVE-2025-53906 ( SUSE ): 1.8
CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L
* CVE-2025-53906 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:L
* CVE-2025-53906 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:L
* CVE-2026-26269 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
* CVE-2026-26269 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2026-26269 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
* CVE-2026-28417 ( SUSE ): 4.6
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2026-28417 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
* CVE-2026-28417 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
* CVE-2026-28417 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products:

* Basesystem Module 15-SP7
* Desktop Applications Module 15-SP7
* openSUSE Leap 15.5
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP6 LTSS
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7

An update that solves three vulnerabilities can now be installed.

## Description:

This update for vim fixes the following issues:

Update Vim to version 9.2.0110:

* CVE-2025-53906: malicious zip archive may cause a path traversal in Vim's
zip (bsc#1246602).
* CVE-2026-26269: Netbeans specialKeys stack buffer overflow (bsc#1258229).
* CVE-2026-28417: crafted URL parsed by netrw plugin can lead to execute
arbitrary shell commands (bsc#1259051).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch SUSE-2026-910=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2026-910=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2026-910=1

* Basesystem Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-910=1

* Desktop Applications Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP7-2026-910=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-910=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-910=1

* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-910=1

* SUSE Linux Enterprise Server 15 SP6 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-910=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-910=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP6
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-910=1

## Package List:

* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
* vim-debugsource-9.2.0110-150500.20.43.1
* vim-small-9.2.0110-150500.20.43.1
* gvim-9.2.0110-150500.20.43.1
* vim-debuginfo-9.2.0110-150500.20.43.1
* vim-9.2.0110-150500.20.43.1
* gvim-debuginfo-9.2.0110-150500.20.43.1
* vim-small-debuginfo-9.2.0110-150500.20.43.1
* openSUSE Leap 15.5 (noarch)
* vim-data-9.2.0110-150500.20.43.1
* vim-data-common-9.2.0110-150500.20.43.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* vim-debugsource-9.2.0110-150500.20.43.1
* vim-small-9.2.0110-150500.20.43.1
* gvim-9.2.0110-150500.20.43.1
* vim-debuginfo-9.2.0110-150500.20.43.1
* vim-9.2.0110-150500.20.43.1
* gvim-debuginfo-9.2.0110-150500.20.43.1
* vim-small-debuginfo-9.2.0110-150500.20.43.1
* openSUSE Leap 15.6 (noarch)
* vim-data-9.2.0110-150500.20.43.1
* vim-data-common-9.2.0110-150500.20.43.1
* SUSE Linux Enterprise Micro 5.5 (noarch)
* vim-data-common-9.2.0110-150500.20.43.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
* vim-debuginfo-9.2.0110-150500.20.43.1
* vim-small-debuginfo-9.2.0110-150500.20.43.1
* vim-debugsource-9.2.0110-150500.20.43.1
* vim-small-9.2.0110-150500.20.43.1
* Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* vim-debugsource-9.2.0110-150500.20.43.1
* vim-small-9.2.0110-150500.20.43.1
* vim-debuginfo-9.2.0110-150500.20.43.1
* vim-9.2.0110-150500.20.43.1
* vim-small-debuginfo-9.2.0110-150500.20.43.1
* Basesystem Module 15-SP7 (noarch)
* vim-data-9.2.0110-150500.20.43.1
* vim-data-common-9.2.0110-150500.20.43.1
* Desktop Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* gvim-debuginfo-9.2.0110-150500.20.43.1
* vim-debuginfo-9.2.0110-150500.20.43.1
* gvim-9.2.0110-150500.20.43.1
* vim-debugsource-9.2.0110-150500.20.43.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
x86_64)
* vim-debugsource-9.2.0110-150500.20.43.1
* vim-small-9.2.0110-150500.20.43.1
* gvim-9.2.0110-150500.20.43.1
* vim-debuginfo-9.2.0110-150500.20.43.1
* vim-9.2.0110-150500.20.43.1
* gvim-debuginfo-9.2.0110-150500.20.43.1
* vim-small-debuginfo-9.2.0110-150500.20.43.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
* vim-data-9.2.0110-150500.20.43.1
* vim-data-common-9.2.0110-150500.20.43.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
x86_64)
* vim-debugsource-9.2.0110-150500.20.43.1
* vim-small-9.2.0110-150500.20.43.1
* gvim-9.2.0110-150500.20.43.1
* vim-debuginfo-9.2.0110-150500.20.43.1
* vim-9.2.0110-150500.20.43.1
* gvim-debuginfo-9.2.0110-150500.20.43.1
* vim-small-debuginfo-9.2.0110-150500.20.43.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
* vim-data-9.2.0110-150500.20.43.1
* vim-data-common-9.2.0110-150500.20.43.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* vim-debugsource-9.2.0110-150500.20.43.1
* vim-small-9.2.0110-150500.20.43.1
* gvim-9.2.0110-150500.20.43.1
* vim-debuginfo-9.2.0110-150500.20.43.1
* vim-9.2.0110-150500.20.43.1
* gvim-debuginfo-9.2.0110-150500.20.43.1
* vim-small-debuginfo-9.2.0110-150500.20.43.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
* vim-data-9.2.0110-150500.20.43.1
* vim-data-common-9.2.0110-150500.20.43.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64)
* vim-debugsource-9.2.0110-150500.20.43.1
* vim-small-9.2.0110-150500.20.43.1
* gvim-9.2.0110-150500.20.43.1
* vim-debuginfo-9.2.0110-150500.20.43.1
* vim-9.2.0110-150500.20.43.1
* gvim-debuginfo-9.2.0110-150500.20.43.1
* vim-small-debuginfo-9.2.0110-150500.20.43.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (noarch)
* vim-data-9.2.0110-150500.20.43.1
* vim-data-common-9.2.0110-150500.20.43.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* vim-debugsource-9.2.0110-150500.20.43.1
* vim-small-9.2.0110-150500.20.43.1
* gvim-9.2.0110-150500.20.43.1
* vim-debuginfo-9.2.0110-150500.20.43.1
* vim-9.2.0110-150500.20.43.1
* gvim-debuginfo-9.2.0110-150500.20.43.1
* vim-small-debuginfo-9.2.0110-150500.20.43.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
* vim-data-9.2.0110-150500.20.43.1
* vim-data-common-9.2.0110-150500.20.43.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64)
* vim-debugsource-9.2.0110-150500.20.43.1
* vim-small-9.2.0110-150500.20.43.1
* gvim-9.2.0110-150500.20.43.1
* vim-debuginfo-9.2.0110-150500.20.43.1
* vim-9.2.0110-150500.20.43.1
* gvim-debuginfo-9.2.0110-150500.20.43.1
* vim-small-debuginfo-9.2.0110-150500.20.43.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch)
* vim-data-9.2.0110-150500.20.43.1
* vim-data-common-9.2.0110-150500.20.43.1

## References:

* https://www.suse.com/security/cve/CVE-2025-53906.html
* https://www.suse.com/security/cve/CVE-2026-26269.html
* https://www.suse.com/security/cve/CVE-2026-28417.html
* https://bugzilla.suse.com/show_bug.cgi?id=1246602
* https://bugzilla.suse.com/show_bug.cgi?id=1258229
* https://bugzilla.suse.com/show_bug.cgi?id=1259051



openSUSE-SU-2026:0088-1: critical: Security update for krb5-appl


openSUSE Security Update: Security update for krb5-appl
_______________________________

Announcement ID: openSUSE-SU-2026:0088-1
Rating: critical
References: #1259691
Cross-References: CVE-2026-32746
CVSS scores:
CVE-2026-32746 (SUSE): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products:
openSUSE Backports SLE-15-SP7
_______________________________

An update that fixes one vulnerability is now available.

Description:

This update for krb5-appl fixes the following issues:

- CVE-2026-32746: Remote Pre-Auth Buffer Overflow in GNU Inetutils telnetd
LINEMODE (boo#1259691)

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP7:

zypper in -t patch openSUSE-2026-88=1

Package List:

- openSUSE Backports SLE-15-SP7 (aarch64 i586 ppc64le s390x x86_64):

krb5-appl-clients-1.0.3-bp157.2.3.1
krb5-appl-servers-1.0.3-bp157.2.3.1

References:

https://www.suse.com/security/cve/CVE-2026-32746.html
https://bugzilla.suse.com/1259691



openSUSE-SU-2026:0086-1: important: Security update for python-simpleeval


openSUSE Security Update: Security update for python-simpleeval
_______________________________

Announcement ID: openSUSE-SU-2026:0086-1
Rating: important
References: #1259685
Cross-References: CVE-2026-32640
Affected Products:
openSUSE Backports SLE-15-SP6
_______________________________

An update that fixes one vulnerability is now available.

Description:

This update for python-simpleeval fixes the following issues:

- CVE-2026-32640: Objects (including modules) can leak dangerous modules
through to direct access inside the sandbox (boo#1259685)

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP6:

zypper in -t patch openSUSE-2026-86=1

Package List:

- openSUSE Backports SLE-15-SP6 (noarch):

python311-simpleeval-0.9.13-bp156.2.3.1

References:

https://www.suse.com/security/cve/CVE-2026-32640.html
https://bugzilla.suse.com/1259685



SUSE-SU-2026:0917-1: important: Security update for kubernetes


# Security update for kubernetes

Announcement ID: SUSE-SU-2026:0917-1
Release Date: 2026-03-18T07:47:11Z
Rating: important
References:

Affected Products:

* Containers Module 15-SP7
* openSUSE Leap 15.6
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP7

An update that can now be installed.

## Description:

This update for kubernetes rebuilds it against the current go 1.25 security
release.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2026-917=1 openSUSE-SLE-15.6-2026-917=1

* Containers Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Containers-15-SP7-2026-917=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* kubernetes1.35-client-common-1.35.0-150600.13.27.1
* kubernetes1.35-client-1.35.0-150600.13.27.1
* openSUSE Leap 15.6 (noarch)
* kubernetes1.35-client-bash-completion-1.35.0-150600.13.27.1
* kubernetes1.35-client-fish-completion-1.35.0-150600.13.27.1
* Containers Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* kubernetes1.35-client-common-1.35.0-150600.13.27.1
* kubernetes1.35-client-1.35.0-150600.13.27.1
* Containers Module 15-SP7 (noarch)
* kubernetes1.35-client-bash-completion-1.35.0-150600.13.27.1



SUSE-SU-2026:0913-1: important: Security update for 389-ds


# Security update for 389-ds

Announcement ID: SUSE-SU-2026:0913-1
Release Date: 2026-03-18T07:46:26Z
Rating: important
References:

* bsc#1258727

Cross-References:

* CVE-2025-14905

CVSS scores:

* CVE-2025-14905 ( SUSE ): 8.6
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-14905 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-14905 ( NVD ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* openSUSE Leap 15.5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves one vulnerability can now be installed.

## Description:

This update for 389-ds fixes the following issues:

* CVE-2025-14905: Fixed heap buffer overflow due to improper size calculation
in `schema_attr_enum_callback` callback (bsc#1258727).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-913=1

* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-913=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-913=1

* openSUSE Leap 15.5
zypper in -t patch SUSE-2026-913=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-913=1

## Package List:

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
x86_64)
* libsvrcore0-debuginfo-2.2.10~git200.96444f3c3-150500.3.42.1
* 389-ds-debugsource-2.2.10~git200.96444f3c3-150500.3.42.1
* 389-ds-2.2.10~git200.96444f3c3-150500.3.42.1
* 389-ds-debuginfo-2.2.10~git200.96444f3c3-150500.3.42.1
* lib389-2.2.10~git200.96444f3c3-150500.3.42.1
* libsvrcore0-2.2.10~git200.96444f3c3-150500.3.42.1
* 389-ds-devel-2.2.10~git200.96444f3c3-150500.3.42.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* libsvrcore0-debuginfo-2.2.10~git200.96444f3c3-150500.3.42.1
* 389-ds-debugsource-2.2.10~git200.96444f3c3-150500.3.42.1
* 389-ds-2.2.10~git200.96444f3c3-150500.3.42.1
* 389-ds-debuginfo-2.2.10~git200.96444f3c3-150500.3.42.1
* lib389-2.2.10~git200.96444f3c3-150500.3.42.1
* libsvrcore0-2.2.10~git200.96444f3c3-150500.3.42.1
* 389-ds-devel-2.2.10~git200.96444f3c3-150500.3.42.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* libsvrcore0-debuginfo-2.2.10~git200.96444f3c3-150500.3.42.1
* 389-ds-debugsource-2.2.10~git200.96444f3c3-150500.3.42.1
* 389-ds-2.2.10~git200.96444f3c3-150500.3.42.1
* 389-ds-debuginfo-2.2.10~git200.96444f3c3-150500.3.42.1
* lib389-2.2.10~git200.96444f3c3-150500.3.42.1
* libsvrcore0-2.2.10~git200.96444f3c3-150500.3.42.1
* 389-ds-devel-2.2.10~git200.96444f3c3-150500.3.42.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* libsvrcore0-debuginfo-2.2.10~git200.96444f3c3-150500.3.42.1
* 389-ds-debugsource-2.2.10~git200.96444f3c3-150500.3.42.1
* 389-ds-2.2.10~git200.96444f3c3-150500.3.42.1
* 389-ds-debuginfo-2.2.10~git200.96444f3c3-150500.3.42.1
* 389-ds-snmp-2.2.10~git200.96444f3c3-150500.3.42.1
* lib389-2.2.10~git200.96444f3c3-150500.3.42.1
* libsvrcore0-2.2.10~git200.96444f3c3-150500.3.42.1
* 389-ds-devel-2.2.10~git200.96444f3c3-150500.3.42.1
* 389-ds-snmp-debuginfo-2.2.10~git200.96444f3c3-150500.3.42.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
x86_64)
* libsvrcore0-debuginfo-2.2.10~git200.96444f3c3-150500.3.42.1
* 389-ds-debugsource-2.2.10~git200.96444f3c3-150500.3.42.1
* 389-ds-2.2.10~git200.96444f3c3-150500.3.42.1
* 389-ds-debuginfo-2.2.10~git200.96444f3c3-150500.3.42.1
* lib389-2.2.10~git200.96444f3c3-150500.3.42.1
* libsvrcore0-2.2.10~git200.96444f3c3-150500.3.42.1
* 389-ds-devel-2.2.10~git200.96444f3c3-150500.3.42.1

## References:

* https://www.suse.com/security/cve/CVE-2025-14905.html
* https://bugzilla.suse.com/show_bug.cgi?id=1258727



SUSE-SU-2026:0914-1: important: Security update for 389-ds


# Security update for 389-ds

Announcement ID: SUSE-SU-2026:0914-1
Release Date: 2026-03-18T07:46:38Z
Rating: important
References:

* bsc#1258727

Cross-References:

* CVE-2025-14905

CVSS scores:

* CVE-2025-14905 ( SUSE ): 8.6
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-14905 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-14905 ( NVD ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* openSUSE Leap 15.6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP6 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves one vulnerability can now be installed.

## Description:

This update for 389-ds fixes the following issues:

* CVE-2025-14905: Fixed heap buffer overflow due to improper size calculation
in `schema_attr_enum_callback` callback (bsc#1258727).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2026-914=1 openSUSE-SLE-15.6-2026-914=1

* SUSE Linux Enterprise Server 15 SP6 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-914=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP6
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-914=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* 389-ds-snmp-2.2.10~git200.96444f3c3-150600.8.26.1
* 389-ds-snmp-debuginfo-2.2.10~git200.96444f3c3-150600.8.26.1
* lib389-2.2.10~git200.96444f3c3-150600.8.26.1
* 389-ds-2.2.10~git200.96444f3c3-150600.8.26.1
* libsvrcore0-2.2.10~git200.96444f3c3-150600.8.26.1
* 389-ds-debugsource-2.2.10~git200.96444f3c3-150600.8.26.1
* libsvrcore0-debuginfo-2.2.10~git200.96444f3c3-150600.8.26.1
* 389-ds-devel-2.2.10~git200.96444f3c3-150600.8.26.1
* 389-ds-debuginfo-2.2.10~git200.96444f3c3-150600.8.26.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64)
* lib389-2.2.10~git200.96444f3c3-150600.8.26.1
* 389-ds-2.2.10~git200.96444f3c3-150600.8.26.1
* libsvrcore0-2.2.10~git200.96444f3c3-150600.8.26.1
* 389-ds-debugsource-2.2.10~git200.96444f3c3-150600.8.26.1
* libsvrcore0-debuginfo-2.2.10~git200.96444f3c3-150600.8.26.1
* 389-ds-devel-2.2.10~git200.96444f3c3-150600.8.26.1
* 389-ds-debuginfo-2.2.10~git200.96444f3c3-150600.8.26.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64)
* lib389-2.2.10~git200.96444f3c3-150600.8.26.1
* 389-ds-2.2.10~git200.96444f3c3-150600.8.26.1
* libsvrcore0-2.2.10~git200.96444f3c3-150600.8.26.1
* 389-ds-debugsource-2.2.10~git200.96444f3c3-150600.8.26.1
* libsvrcore0-debuginfo-2.2.10~git200.96444f3c3-150600.8.26.1
* 389-ds-devel-2.2.10~git200.96444f3c3-150600.8.26.1
* 389-ds-debuginfo-2.2.10~git200.96444f3c3-150600.8.26.1

## References:

* https://www.suse.com/security/cve/CVE-2025-14905.html
* https://bugzilla.suse.com/show_bug.cgi?id=1258727



SUSE-SU-2026:0928-1: important: Security update for the Linux Kernel


# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2026:0928-1
Release Date: 2026-03-18T13:32:23Z
Rating: important
References:

* bsc#1238917
* bsc#1246166
* bsc#1247177
* bsc#1255049
* bsc#1255163
* bsc#1255401
* bsc#1256645
* bsc#1257231
* bsc#1257735
* bsc#1257749
* bsc#1257790
* bsc#1258340
* bsc#1258395
* bsc#1258849
* jsc#PED-12836

Cross-References:

* CVE-2023-53794
* CVE-2023-53827
* CVE-2025-21738
* CVE-2025-38224
* CVE-2025-38375
* CVE-2025-68285
* CVE-2025-71066
* CVE-2026-23004
* CVE-2026-23060
* CVE-2026-23074
* CVE-2026-23089
* CVE-2026-23191
* CVE-2026-23204

CVSS scores:

* CVE-2023-53794 ( SUSE ): 7.7
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2023-53794 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-53827 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2023-53827 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-21738 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-21738 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-21738 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38224 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38224 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2025-38375 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38375 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38375 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-68285 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-68285 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-23004 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-23060 ( SUSE ): 7.1
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-23060 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-23060 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-23074 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-23074 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-23089 ( SUSE ): 5.2
CVSS:4.0/AV:P/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-23089 ( SUSE ): 5.9 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2026-23089 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-23191 ( SUSE ): 6.9
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-23191 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2026-23191 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-23204 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* openSUSE Leap 15.3
* SUSE Linux Enterprise Micro 5.2
* SUSE Linux Enterprise Micro for Rancher 5.2

An update that solves 13 vulnerabilities, contains one feature and has one
security fix can now be installed.

## Description:

The SUSE Linux Enterprise 15 SP3 kernel was updated to fix various security
issues

The following security issues were fixed:

* CVE-2023-53794: cifs: fix session state check in reconnect to avoid use-
after-free issue (bsc#1255163).
* CVE-2023-53827: Bluetooth: L2CAP: Fix use-after-free in
l2cap_disconnect_{req,rsp} (bsc#1255049).
* CVE-2025-21738: ata: libata-sff: Ensure that we cannot write outside the
allocated buffer (bsc#1238917).
* CVE-2025-38375: virtio-net: ensure the received length does not exceed
allocated size (bsc#1247177).
* CVE-2025-68285: libceph: fix potential use-after-free in
have_mon_and_osd_map() (bsc#1255401).
* CVE-2025-71066: net/sched: ets: Always remove class from active list before
deleting in ets_qdisc_change (bsc#1256645).
* CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and
rt_del_uncached_list() (bsc#1257231).
* CVE-2026-23060: crypto: authencesn - reject too-short AAD (assoclen

Expat security update for Slackware

Flask, Snapd, Valkey, and more updates for Ubuntu Linux

Windows

Linux

macOS

Community

  • Lexonight
    Hey everyone,Wanted to share a project I've been b ...
  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...