Gitea-Tea, Chromium, Python311-Nltk, and more updates for SUSE

SUSE 5582 Published by

Several security updates have been released for SUSE Linux, including fixes for gitea-tea and chromium, which were labeled as moderate and important respectively. Additionally, multiple moderate-severity security updates address various packages such as kubeshark-cli, coredns, NetworkManager-applet-strongswan, chromedriver, and jetty-annotations on GA media. The release of these updates suggests that users should take action to ensure their system remains secure. It is essential for SUSE Linux users to review the available security patches and apply them promptly to protect against potential vulnerabilities.

openSUSE-SU-2026:0074-1: moderate: Security update for gitea-tea
openSUSE-SU-2026:0073-1: moderate: Security update for gitea-tea
openSUSE-SU-2026:0078-1: important: Security update for chromium
openSUSE-SU-2026:0077-1: important: Security update for chromium
openSUSE-SU-2026:10304-1: moderate: python311-nltk-3.9.3-1.1 on GA media
openSUSE-SU-2026:10302-1: moderate: kubeshark-cli-53.1.0-1.1 on GA media
openSUSE-SU-2026:10297-1: moderate: coredns-1.14.2-1.1 on GA media
openSUSE-SU-2026:10295-1: moderate: NetworkManager-applet-strongswan-1.6.4-1.1 on GA media
openSUSE-SU-2026:10296-1: moderate: chromedriver-145.0.7632.159-1.1 on GA media
openSUSE-SU-2026:10300-1: moderate: jetty-annotations-9.4.58-3.1 on GA media




openSUSE-SU-2026:0074-1: moderate: Security update for gitea-tea


openSUSE Security Update: Security update for gitea-tea
_______________________________

Announcement ID: openSUSE-SU-2026:0074-1
Rating: moderate
References:
Cross-References: CVE-2025-47911 CVE-2025-58190
CVSS scores:
CVE-2025-47911 (SUSE): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
CVE-2025-58190 (SUSE): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Affected Products:
openSUSE Backports SLE-15-SP7
_______________________________

An update that fixes two vulnerabilities is now available.

Description:

This update for gitea-tea fixes the following issues:

- update to 0.12.0:
* New Features
- Add tea actions commands for managing workflow runs and workflows in
#880, #796
- Add tea api subcommand for arbitrary API calls not covered by
existing commands in #879
- Add repository webhook management commands in #798
- Add JSON output support for single PR view in #864
- Add JSON output and file redirection for issue detail view in #841
- Support creating AGit flow pull requests in #867
* Bug Fixes
- Fix authentication via environment variables when specifying repo
argument in #809
- Fix issue detail view ignoring --owner flag in #899
- Fix PR create crash in #823
- Fix TTY prompt handling in #897
- Fix termenv OSC RGBA handling in #907
- Fix labels delete command and --id flag type in #865
- Fix delete repo command description in #858
- Fix pagination flags for secrets list, webhooks list, and pull
requests list in #853, #852,
- #851
- Enable git worktree support and improve PR create error handling in
#850
- Only prompt for SSH passphrase when necessary in #844
- Only prompt for login confirmation when no default login is set in
#839
- Skip token uniqueness check when using SSH authentication in #898
- Require non-empty token in GetLoginByToken in #895
- Fix config file permissions to remove group read/write in #856
* Improvements
- Add file locking for safe concurrent access to config file in #881
- Improve error messages throughout the CLI in #871
- Send consistent HTTP request headers in #888
- Revert requiring HTTP/HTTPS login URLs; restore SSH as a login
method in #891
- Refactor context into dedicated subpackages in #873, #888
- General code cleanup and improvements in #869, #870
- Add test coverage for login matching in #820
* Build & Dependencies
- Build with Go 1.25 in #886
- Build for Windows aarch64
- Update Gitea SDK version in #868
- Update Nix flake in #872
- Update dependencies including lipgloss v2, urfave/cli v3.6.2, go-git
v5.16.5, and various Go modules in #849, #875, #876, #878, #884,
#885, #900, #901, #904, #905
- Update CI actions (checkout v6, setup-go v6) in #882, #883

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP7:

zypper in -t patch openSUSE-2026-74=1

Package List:

- openSUSE Backports SLE-15-SP7 (aarch64 i586 ppc64le s390x x86_64):

gitea-tea-0.12.0-bp157.2.15.1

- openSUSE Backports SLE-15-SP7 (noarch):

gitea-tea-bash-completion-0.12.0-bp157.2.15.1
gitea-tea-zsh-completion-0.12.0-bp157.2.15.1

References:

https://www.suse.com/security/cve/CVE-2025-47911.html
https://www.suse.com/security/cve/CVE-2025-58190.html



openSUSE-SU-2026:0073-1: moderate: Security update for gitea-tea


openSUSE Security Update: Security update for gitea-tea
_______________________________

Announcement ID: openSUSE-SU-2026:0073-1
Rating: moderate
References:
Cross-References: CVE-2025-47911 CVE-2025-58190
CVSS scores:
CVE-2025-47911 (SUSE): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
CVE-2025-58190 (SUSE): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Affected Products:
openSUSE Backports SLE-15-SP6
_______________________________

An update that fixes two vulnerabilities is now available.

Description:

This update for gitea-tea fixes the following issues:

- update to 0.12.0:
* New Features
- Add tea actions commands for managing workflow runs and workflows in
#880, #796
- Add tea api subcommand for arbitrary API calls not covered by
existing commands in #879
- Add repository webhook management commands in #798
- Add JSON output support for single PR view in #864
- Add JSON output and file redirection for issue detail view in #841
- Support creating AGit flow pull requests in #867
* Bug Fixes
- Fix authentication via environment variables when specifying repo
argument in #809
- Fix issue detail view ignoring --owner flag in #899
- Fix PR create crash in #823
- Fix TTY prompt handling in #897
- Fix termenv OSC RGBA handling in #907
- Fix labels delete command and --id flag type in #865
- Fix delete repo command description in #858
- Fix pagination flags for secrets list, webhooks list, and pull
requests list in #853, #852,
- #851
- Enable git worktree support and improve PR create error handling in
#850
- Only prompt for SSH passphrase when necessary in #844
- Only prompt for login confirmation when no default login is set in
#839
- Skip token uniqueness check when using SSH authentication in #898
- Require non-empty token in GetLoginByToken in #895
- Fix config file permissions to remove group read/write in #856
* Improvements
- Add file locking for safe concurrent access to config file in #881
- Improve error messages throughout the CLI in #871
- Send consistent HTTP request headers in #888
- Revert requiring HTTP/HTTPS login URLs; restore SSH as a login
method in #891
- Refactor context into dedicated subpackages in #873, #888
- General code cleanup and improvements in #869, #870
- Add test coverage for login matching in #820
* Build & Dependencies
- Build with Go 1.25 in #886
- Build for Windows aarch64
- Update Gitea SDK version in #868
- Update Nix flake in #872
- Update dependencies including lipgloss v2, urfave/cli v3.6.2, go-git
v5.16.5, and various Go modules in #849, #875, #876, #878, #884,
#885, #900, #901, #904, #905
- Update CI actions (checkout v6, setup-go v6) in #882, #883

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP6:

zypper in -t patch openSUSE-2026-73=1

Package List:

- openSUSE Backports SLE-15-SP6 (aarch64 i586 ppc64le s390x x86_64):

gitea-tea-0.12.0-bp156.23.1

- openSUSE Backports SLE-15-SP6 (noarch):

gitea-tea-bash-completion-0.12.0-bp156.23.1
gitea-tea-zsh-completion-0.12.0-bp156.23.1

References:

https://www.suse.com/security/cve/CVE-2025-47911.html
https://www.suse.com/security/cve/CVE-2025-58190.html



openSUSE-SU-2026:0078-1: important: Security update for chromium


openSUSE Security Update: Security update for chromium
_______________________________

Announcement ID: openSUSE-SU-2026:0078-1
Rating: important
References: #1259213
Cross-References: CVE-2026-3536 CVE-2026-3537 CVE-2026-3538
CVE-2026-3539 CVE-2026-3540 CVE-2026-3541
CVE-2026-3542 CVE-2026-3543 CVE-2026-3544
CVE-2026-3545
Affected Products:
openSUSE Backports SLE-15-SP7
_______________________________

An update that fixes 10 vulnerabilities is now available.

Description:

This update for chromium fixes the following issues:

Chromium 145.0.7632.159 (boo#1259213)

* CVE-2026-3536: Integer overflow in ANGLE
* CVE-2026-3537: Object lifecycle issue in PowerVR
* CVE-2026-3538: Integer overflow in Skia
* CVE-2026-3539: Object lifecycle issue in DevTools
* CVE-2026-3540: Inappropriate implementation in WebAudio
* CVE-2026-3541: Inappropriate implementation in CSS
* CVE-2026-3542: Inappropriate implementation in WebAssembly
* CVE-2026-3543: Inappropriate implementation in V8
* CVE-2026-3544: Heap buffer overflow in WebCodecs
* CVE-2026-3545: Insufficient data validation in Navigation

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP7:

zypper in -t patch openSUSE-2026-78=1

Package List:

- openSUSE Backports SLE-15-SP7 (aarch64 ppc64le x86_64):

chromedriver-145.0.7632.159-bp157.2.130.1
chromium-145.0.7632.159-bp157.2.130.1

References:

https://www.suse.com/security/cve/CVE-2026-3536.html
https://www.suse.com/security/cve/CVE-2026-3537.html
https://www.suse.com/security/cve/CVE-2026-3538.html
https://www.suse.com/security/cve/CVE-2026-3539.html
https://www.suse.com/security/cve/CVE-2026-3540.html
https://www.suse.com/security/cve/CVE-2026-3541.html
https://www.suse.com/security/cve/CVE-2026-3542.html
https://www.suse.com/security/cve/CVE-2026-3543.html
https://www.suse.com/security/cve/CVE-2026-3544.html
https://www.suse.com/security/cve/CVE-2026-3545.html
https://bugzilla.suse.com/1259213



openSUSE-SU-2026:0077-1: important: Security update for chromium


openSUSE Security Update: Security update for chromium
_______________________________

Announcement ID: openSUSE-SU-2026:0077-1
Rating: important
References: #1259213
Cross-References: CVE-2026-3536 CVE-2026-3537 CVE-2026-3538
CVE-2026-3539 CVE-2026-3540 CVE-2026-3541
CVE-2026-3542 CVE-2026-3543 CVE-2026-3544
CVE-2026-3545
Affected Products:
openSUSE Backports SLE-15-SP6
_______________________________

An update that fixes 10 vulnerabilities is now available.

Description:

This update for chromium fixes the following issues:

Chromium 145.0.7632.159 (boo#1259213)

* CVE-2026-3536: Integer overflow in ANGLE
* CVE-2026-3537: Object lifecycle issue in PowerVR
* CVE-2026-3538: Integer overflow in Skia
* CVE-2026-3539: Object lifecycle issue in DevTools
* CVE-2026-3540: Inappropriate implementation in WebAudio
* CVE-2026-3541: Inappropriate implementation in CSS
* CVE-2026-3542: Inappropriate implementation in WebAssembly
* CVE-2026-3543: Inappropriate implementation in V8
* CVE-2026-3544: Heap buffer overflow in WebCodecs
* CVE-2026-3545: Insufficient data validation in Navigation

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP6:

zypper in -t patch openSUSE-2026-77=1

Package List:

- openSUSE Backports SLE-15-SP6 (aarch64 ppc64le x86_64):

chromedriver-145.0.7632.159-bp156.2.245.1
chromium-145.0.7632.159-bp156.2.245.1

References:

https://www.suse.com/security/cve/CVE-2026-3536.html
https://www.suse.com/security/cve/CVE-2026-3537.html
https://www.suse.com/security/cve/CVE-2026-3538.html
https://www.suse.com/security/cve/CVE-2026-3539.html
https://www.suse.com/security/cve/CVE-2026-3540.html
https://www.suse.com/security/cve/CVE-2026-3541.html
https://www.suse.com/security/cve/CVE-2026-3542.html
https://www.suse.com/security/cve/CVE-2026-3543.html
https://www.suse.com/security/cve/CVE-2026-3544.html
https://www.suse.com/security/cve/CVE-2026-3545.html
https://bugzilla.suse.com/1259213



openSUSE-SU-2026:10304-1: moderate: python311-nltk-3.9.3-1.1 on GA media


# python311-nltk-3.9.3-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10304-1
Rating: moderate

Cross-References:

* CVE-2026-0847

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the python311-nltk-3.9.3-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* python311-nltk 3.9.3-1.1
* python313-nltk 3.9.3-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-0847.html



openSUSE-SU-2026:10302-1: moderate: kubeshark-cli-53.1.0-1.1 on GA media


# kubeshark-cli-53.1.0-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10302-1
Rating: moderate

Cross-References:

* CVE-2025-30204
* CVE-2025-47914

CVSS scores:

* CVE-2025-30204 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-30204 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-47914 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-47914 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves 2 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the kubeshark-cli-53.1.0-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* kubeshark-cli 53.1.0-1.1
* kubeshark-cli-bash-completion 53.1.0-1.1
* kubeshark-cli-fish-completion 53.1.0-1.1
* kubeshark-cli-zsh-completion 53.1.0-1.1

## References:

* https://www.suse.com/security/cve/CVE-2025-30204.html
* https://www.suse.com/security/cve/CVE-2025-47914.html



openSUSE-SU-2026:10297-1: moderate: coredns-1.14.2-1.1 on GA media


# coredns-1.14.2-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10297-1
Rating: moderate

Cross-References:

* CVE-2026-26017
* CVE-2026-26018

Affected Products:

* openSUSE Tumbleweed

An update that solves 2 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the coredns-1.14.2-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* coredns 1.14.2-1.1
* coredns-extras 1.14.2-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-26017.html
* https://www.suse.com/security/cve/CVE-2026-26018.html



openSUSE-SU-2026:10295-1: moderate: NetworkManager-applet-strongswan-1.6.4-1.1 on GA media


# NetworkManager-applet-strongswan-1.6.4-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10295-1
Rating: moderate

Cross-References:

* CVE-2025-9615

CVSS scores:

* CVE-2025-9615 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the NetworkManager-applet-strongswan-1.6.4-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* NetworkManager-applet-strongswan 1.6.4-1.1
* NetworkManager-strongswan 1.6.4-1.1
* NetworkManager-strongswan-lang 1.6.4-1.1

## References:

* https://www.suse.com/security/cve/CVE-2025-9615.html



openSUSE-SU-2026:10296-1: moderate: chromedriver-145.0.7632.159-1.1 on GA media


# chromedriver-145.0.7632.159-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10296-1
Rating: moderate

Cross-References:

* CVE-2026-3536
* CVE-2026-3537
* CVE-2026-3538
* CVE-2026-3539
* CVE-2026-3540
* CVE-2026-3541
* CVE-2026-3542
* CVE-2026-3543
* CVE-2026-3544
* CVE-2026-3545

Affected Products:

* openSUSE Tumbleweed

An update that solves 10 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the chromedriver-145.0.7632.159-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* chromedriver 145.0.7632.159-1.1
* chromium 145.0.7632.159-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-3536.html
* https://www.suse.com/security/cve/CVE-2026-3537.html
* https://www.suse.com/security/cve/CVE-2026-3538.html
* https://www.suse.com/security/cve/CVE-2026-3539.html
* https://www.suse.com/security/cve/CVE-2026-3540.html
* https://www.suse.com/security/cve/CVE-2026-3541.html
* https://www.suse.com/security/cve/CVE-2026-3542.html
* https://www.suse.com/security/cve/CVE-2026-3543.html
* https://www.suse.com/security/cve/CVE-2026-3544.html
* https://www.suse.com/security/cve/CVE-2026-3545.html



openSUSE-SU-2026:10300-1: moderate: jetty-annotations-9.4.58-3.1 on GA media


# jetty-annotations-9.4.58-3.1 on GA media

Announcement ID: openSUSE-SU-2026:10300-1
Rating: moderate

Cross-References:

* CVE-2025-11143

CVSS scores:

* CVE-2025-11143 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
* CVE-2025-11143 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the jetty-annotations-9.4.58-3.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* jetty-annotations 9.4.58-3.1
* jetty-ant 9.4.58-3.1
* jetty-cdi 9.4.58-3.1
* jetty-client 9.4.58-3.1
* jetty-continuation 9.4.58-3.1
* jetty-deploy 9.4.58-3.1
* jetty-fcgi 9.4.58-3.1
* jetty-http 9.4.58-3.1
* jetty-http-spi 9.4.58-3.1
* jetty-io 9.4.58-3.1
* jetty-jaas 9.4.58-3.1
* jetty-jmx 9.4.58-3.1
* jetty-jndi 9.4.58-3.1
* jetty-jsp 9.4.58-3.1
* jetty-minimal-javadoc 9.4.58-3.1
* jetty-openid 9.4.58-3.1
* jetty-plus 9.4.58-3.1
* jetty-project 9.4.58-3.1
* jetty-proxy 9.4.58-3.1
* jetty-quickstart 9.4.58-3.1
* jetty-rewrite 9.4.58-3.1
* jetty-security 9.4.58-3.1
* jetty-server 9.4.58-3.1
* jetty-servlet 9.4.58-3.1
* jetty-servlets 9.4.58-3.1
* jetty-start 9.4.58-3.1
* jetty-util 9.4.58-3.1
* jetty-util-ajax 9.4.58-3.1
* jetty-webapp 9.4.58-3.1
* jetty-xml 9.4.58-3.1

## References:

* https://www.suse.com/security/cve/CVE-2025-11143.html


Thunderbird, Kpatch-Patch, GIT-LFS, and more updates for RHEL

OBS Studio 32.1.0 Adds a Fresh Audio Mixer, WebRTC Simulcast, and Key Crash Fixes for Streamers

Windows

Linux

macOS

Community

  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...