Glibc, Python-Django, Protobuf, and more updates for SUSE

SUSE 5551 Published by

Several security updates have been released for SUSE Linux, addressing vulnerabilities in various packages. These updates include fixes for glibc, python-Django, protobuf, libheif, libvirt, rekor, and other software components. Some of these updates are classified as "important" while others are considered "moderate". The list includes multiple security patches from both SUSE and openSUSE sources, targeting different parts of the system.

SUSE-SU-2026:0371-1: important: Security update for glibc
openSUSE-SU-2026:0037-1: important: Security update for python-Django
SUSE-SU-2026:0374-1: moderate: Security update for protobuf
SUSE-SU-2026:0373-1: important: Security update for glib2
SUSE-SU-2026:0377-1: moderate: Security update for libheif
SUSE-SU-2026:0375-1: moderate: Security update for libvirt
SUSE-SU-2026:0383-1: moderate: Security update for rekor
openSUSE-SU-2026:10139-1: moderate: libsoup-3_0-0-3.6.5-12.1 on GA media
openSUSE-SU-2026:10140-1: moderate: patch-2.8-2.1 on GA media
openSUSE-SU-2026:10135-1: moderate: java-1_8_0-openj9-1.8.0.482-1.1 on GA media
openSUSE-SU-2026:10141-1: moderate: rizin-0.8.2-1.1 on GA media
openSUSE-SU-2026:10136-1: moderate: java-1_8_0-openjdk-1.8.0.482-1.1 on GA media
openSUSE-SU-2026:10134-1: moderate: java-17-openj9-17.0.18.0-1.1 on GA media
openSUSE-SU-2026:10133-1: moderate: java-11-openj9-11.0.30.0-1.1 on GA media
openSUSE-SU-2026:10137-1: moderate: java-21-openj9-21.0.10.0-1.1 on GA media
openSUSE-SU-2026:10132-1: moderate: freerdp-3.22.0-1.1 on GA media
SUSE-SU-2026:0381-1: moderate: Security update for abseil-cpp
openSUSE-SU-2026:20167-1: important: Security update for xrdp




SUSE-SU-2026:0371-1: important: Security update for glibc


# Security update for glibc

Announcement ID: SUSE-SU-2026:0371-1
Release Date: 2026-02-03T18:09:03Z
Rating: important
References:

* bsc#1256437
* bsc#1256766
* bsc#1256822
* bsc#1257005

Cross-References:

* CVE-2025-15281
* CVE-2026-0861
* CVE-2026-0915

CVSS scores:

* CVE-2025-15281 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-15281 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-15281 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-0861 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-0861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-0861 ( NVD ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-0915 ( SUSE ): 6.3
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2026-0915 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2026-0915 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected Products:

* Basesystem Module 15-SP7
* Development Tools Module 15-SP7
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP6 LTSS
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7

An update that solves three vulnerabilities and has one security fix can now be
installed.

## Description:

This update for glibc fixes the following issues:

Security fixes:

* CVE-2026-0861: Fixed inadequate size check in the memalign suite may result
in an integer overflow (bsc#1256766).
* CVE-2026-0915: Fixed uninitialized stack buffer used as DNS query name when
net==0 in _nss_dns_getnetbyaddr_r (bsc#1256822).
* CVE-2025-15281: Fixed uninitialized memory may cause the process abort
(bsc#1257005).

Other fixes:

* NPTL: Optimize trylock for high cache contention workloads (bsc#1256437).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2026-371=1 openSUSE-SLE-15.6-2026-371=1

* Basesystem Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-371=1

* Development Tools Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP7-2026-371=1

* SUSE Linux Enterprise Server 15 SP6 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-371=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP6
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-371=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586 i686)
* glibc-2.38-150600.14.40.1
* glibc-debuginfo-2.38-150600.14.40.1
* glibc-devel-static-2.38-150600.14.40.1
* glibc-locale-2.38-150600.14.40.1
* glibc-locale-base-debuginfo-2.38-150600.14.40.1
* glibc-profile-2.38-150600.14.40.1
* libnsl1-debuginfo-2.38-150600.14.40.1
* glibc-devel-debuginfo-2.38-150600.14.40.1
* glibc-devel-2.38-150600.14.40.1
* libnsl1-2.38-150600.14.40.1
* glibc-locale-base-2.38-150600.14.40.1
* glibc-debugsource-2.38-150600.14.40.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* glibc-extra-2.38-150600.14.40.1
* nscd-2.38-150600.14.40.1
* glibc-utils-src-debugsource-2.38-150600.14.40.1
* nscd-debuginfo-2.38-150600.14.40.1
* glibc-utils-2.38-150600.14.40.1
* glibc-extra-debuginfo-2.38-150600.14.40.1
* glibc-utils-debuginfo-2.38-150600.14.40.1
* openSUSE Leap 15.6 (noarch)
* glibc-info-2.38-150600.14.40.1
* glibc-html-2.38-150600.14.40.1
* glibc-i18ndata-2.38-150600.14.40.1
* glibc-lang-2.38-150600.14.40.1
* openSUSE Leap 15.6 (x86_64)
* glibc-devel-32bit-debuginfo-2.38-150600.14.40.1
* glibc-devel-static-32bit-2.38-150600.14.40.1
* libnsl1-32bit-debuginfo-2.38-150600.14.40.1
* glibc-devel-32bit-2.38-150600.14.40.1
* glibc-utils-32bit-debuginfo-2.38-150600.14.40.1
* glibc-locale-base-32bit-debuginfo-2.38-150600.14.40.1
* glibc-profile-32bit-2.38-150600.14.40.1
* glibc-locale-base-32bit-2.38-150600.14.40.1
* glibc-32bit-2.38-150600.14.40.1
* libnsl1-32bit-2.38-150600.14.40.1
* glibc-utils-32bit-2.38-150600.14.40.1
* glibc-32bit-debuginfo-2.38-150600.14.40.1
* openSUSE Leap 15.6 (aarch64_ilp32)
* glibc-64bit-debuginfo-2.38-150600.14.40.1
* glibc-devel-64bit-2.38-150600.14.40.1
* glibc-devel-64bit-debuginfo-2.38-150600.14.40.1
* glibc-64bit-2.38-150600.14.40.1
* libnsl1-64bit-debuginfo-2.38-150600.14.40.1
* glibc-devel-static-64bit-2.38-150600.14.40.1
* glibc-locale-base-64bit-2.38-150600.14.40.1
* glibc-profile-64bit-2.38-150600.14.40.1
* glibc-utils-64bit-debuginfo-2.38-150600.14.40.1
* glibc-locale-base-64bit-debuginfo-2.38-150600.14.40.1
* glibc-utils-64bit-2.38-150600.14.40.1
* libnsl1-64bit-2.38-150600.14.40.1
* Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* glibc-2.38-150600.14.40.1
* glibc-debuginfo-2.38-150600.14.40.1
* glibc-locale-2.38-150600.14.40.1
* glibc-locale-base-debuginfo-2.38-150600.14.40.1
* glibc-profile-2.38-150600.14.40.1
* libnsl1-debuginfo-2.38-150600.14.40.1
* glibc-extra-2.38-150600.14.40.1
* glibc-devel-debuginfo-2.38-150600.14.40.1
* nscd-2.38-150600.14.40.1
* glibc-devel-2.38-150600.14.40.1
* nscd-debuginfo-2.38-150600.14.40.1
* libnsl1-2.38-150600.14.40.1
* glibc-locale-base-2.38-150600.14.40.1
* glibc-debugsource-2.38-150600.14.40.1
* glibc-extra-debuginfo-2.38-150600.14.40.1
* Basesystem Module 15-SP7 (noarch)
* glibc-info-2.38-150600.14.40.1
* glibc-i18ndata-2.38-150600.14.40.1
* glibc-lang-2.38-150600.14.40.1
* Basesystem Module 15-SP7 (x86_64)
* libnsl1-32bit-debuginfo-2.38-150600.14.40.1
* glibc-locale-base-32bit-debuginfo-2.38-150600.14.40.1
* glibc-locale-base-32bit-2.38-150600.14.40.1
* glibc-32bit-2.38-150600.14.40.1
* libnsl1-32bit-2.38-150600.14.40.1
* glibc-32bit-debuginfo-2.38-150600.14.40.1
* Development Tools Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* glibc-debuginfo-2.38-150600.14.40.1
* glibc-devel-static-2.38-150600.14.40.1
* glibc-utils-src-debugsource-2.38-150600.14.40.1
* glibc-debugsource-2.38-150600.14.40.1
* glibc-utils-2.38-150600.14.40.1
* glibc-utils-debuginfo-2.38-150600.14.40.1
* Development Tools Module 15-SP7 (x86_64)
* glibc-devel-32bit-2.38-150600.14.40.1
* glibc-devel-32bit-debuginfo-2.38-150600.14.40.1
* glibc-32bit-debuginfo-2.38-150600.14.40.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64)
* glibc-2.38-150600.14.40.1
* glibc-debuginfo-2.38-150600.14.40.1
* glibc-devel-static-2.38-150600.14.40.1
* glibc-locale-2.38-150600.14.40.1
* glibc-locale-base-debuginfo-2.38-150600.14.40.1
* glibc-profile-2.38-150600.14.40.1
* libnsl1-debuginfo-2.38-150600.14.40.1
* glibc-extra-2.38-150600.14.40.1
* glibc-devel-debuginfo-2.38-150600.14.40.1
* glibc-utils-src-debugsource-2.38-150600.14.40.1
* nscd-2.38-150600.14.40.1
* glibc-devel-2.38-150600.14.40.1
* nscd-debuginfo-2.38-150600.14.40.1
* libnsl1-2.38-150600.14.40.1
* glibc-locale-base-2.38-150600.14.40.1
* glibc-debugsource-2.38-150600.14.40.1
* glibc-utils-2.38-150600.14.40.1
* glibc-extra-debuginfo-2.38-150600.14.40.1
* glibc-utils-debuginfo-2.38-150600.14.40.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (noarch)
* glibc-info-2.38-150600.14.40.1
* glibc-i18ndata-2.38-150600.14.40.1
* glibc-lang-2.38-150600.14.40.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (x86_64)
* glibc-devel-32bit-debuginfo-2.38-150600.14.40.1
* libnsl1-32bit-debuginfo-2.38-150600.14.40.1
* glibc-devel-32bit-2.38-150600.14.40.1
* glibc-locale-base-32bit-debuginfo-2.38-150600.14.40.1
* glibc-locale-base-32bit-2.38-150600.14.40.1
* glibc-32bit-2.38-150600.14.40.1
* libnsl1-32bit-2.38-150600.14.40.1
* glibc-32bit-debuginfo-2.38-150600.14.40.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64)
* glibc-2.38-150600.14.40.1
* glibc-debuginfo-2.38-150600.14.40.1
* glibc-devel-static-2.38-150600.14.40.1
* glibc-locale-2.38-150600.14.40.1
* glibc-locale-base-debuginfo-2.38-150600.14.40.1
* glibc-profile-2.38-150600.14.40.1
* libnsl1-debuginfo-2.38-150600.14.40.1
* glibc-extra-2.38-150600.14.40.1
* glibc-devel-debuginfo-2.38-150600.14.40.1
* glibc-utils-src-debugsource-2.38-150600.14.40.1
* nscd-2.38-150600.14.40.1
* glibc-devel-2.38-150600.14.40.1
* nscd-debuginfo-2.38-150600.14.40.1
* libnsl1-2.38-150600.14.40.1
* glibc-locale-base-2.38-150600.14.40.1
* glibc-debugsource-2.38-150600.14.40.1
* glibc-utils-2.38-150600.14.40.1
* glibc-extra-debuginfo-2.38-150600.14.40.1
* glibc-utils-debuginfo-2.38-150600.14.40.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch)
* glibc-info-2.38-150600.14.40.1
* glibc-i18ndata-2.38-150600.14.40.1
* glibc-lang-2.38-150600.14.40.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (x86_64)
* glibc-devel-32bit-debuginfo-2.38-150600.14.40.1
* libnsl1-32bit-debuginfo-2.38-150600.14.40.1
* glibc-devel-32bit-2.38-150600.14.40.1
* glibc-locale-base-32bit-debuginfo-2.38-150600.14.40.1
* glibc-locale-base-32bit-2.38-150600.14.40.1
* glibc-32bit-2.38-150600.14.40.1
* libnsl1-32bit-2.38-150600.14.40.1
* glibc-32bit-debuginfo-2.38-150600.14.40.1

## References:

* https://www.suse.com/security/cve/CVE-2025-15281.html
* https://www.suse.com/security/cve/CVE-2026-0861.html
* https://www.suse.com/security/cve/CVE-2026-0915.html
* https://bugzilla.suse.com/show_bug.cgi?id=1256437
* https://bugzilla.suse.com/show_bug.cgi?id=1256766
* https://bugzilla.suse.com/show_bug.cgi?id=1256822
* https://bugzilla.suse.com/show_bug.cgi?id=1257005



openSUSE-SU-2026:0037-1: important: Security update for python-Django


openSUSE Security Update: Security update for python-Django
_______________________________

Announcement ID: openSUSE-SU-2026:0037-1
Rating: important
References: #1257401 #1257405 #1257406 #1257407 #1257408

Cross-References: CVE-2025-13473 CVE-2026-1207 CVE-2026-1285
CVE-2026-1287 CVE-2026-1312
CVSS scores:
CVE-2025-13473 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2026-1207 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2026-1285 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2026-1287 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2026-1312 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products:
openSUSE Backports SLE-15-SP6
_______________________________

An update that fixes 5 vulnerabilities is now available.

Description:

This update for python-Django fixes the following issues:

- CVE-2026-1312: Fixed potential SQL injection via QuerySet.order_by and
FilteredRelation (bsc#1257408).
- CVE-2026-1287: Fixed potential SQL injection in column aliases via
control characters (bsc#1257407).
- CVE-2026-1207: Fixed potential SQL injection via raster lookups on
PostGIS (bsc#1257405).
- CVE-2026-1285: Fixed potential denial-of-service in
django.utils.text.Truncator HTML methods (bsc#1257406).
- CVE-2025-13473: Fixed username enumeration through timing difference in
mod_wsgi authentication handler (bsc#1257401).

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP6:

zypper in -t patch openSUSE-2026-37=1

Package List:

- openSUSE Backports SLE-15-SP6 (noarch):

python3-Django-2.2.28-bp156.30.1

References:

https://www.suse.com/security/cve/CVE-2025-13473.html
https://www.suse.com/security/cve/CVE-2026-1207.html
https://www.suse.com/security/cve/CVE-2026-1285.html
https://www.suse.com/security/cve/CVE-2026-1287.html
https://www.suse.com/security/cve/CVE-2026-1312.html
https://bugzilla.suse.com/1257401
https://bugzilla.suse.com/1257405
https://bugzilla.suse.com/1257406
https://bugzilla.suse.com/1257407
https://bugzilla.suse.com/1257408



SUSE-SU-2026:0374-1: moderate: Security update for protobuf


# Security update for protobuf

Announcement ID: SUSE-SU-2026:0374-1
Release Date: 2026-02-04T07:03:50Z
Rating: moderate
References:

* bsc#1257173

Cross-References:

* CVE-2026-0994

CVSS scores:

* CVE-2026-0994 ( SUSE ): 8.2
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-0994 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-0994 ( NVD ): 8.2
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Affected Products:

* Basesystem Module 15-SP7
* Development Tools Module 15-SP7
* openSUSE Leap 15.6
* Python 3 Module 15-SP7
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP7

An update that solves one vulnerability can now be installed.

## Description:

This update for protobuf fixes the following issues:

* CVE-2026-0994: Fixed google.protobuf.Any recursion depth bypass in Python
json_format.ParseDict (bsc#1257173).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2026-374=1 openSUSE-SLE-15.6-2026-374=1

* Basesystem Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-374=1

* Development Tools Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP7-2026-374=1

* Python 3 Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Python3-15-SP7-2026-374=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* libprotobuf25_1_0-25.1-150600.16.16.1
* libprotoc25_1_0-debuginfo-25.1-150600.16.16.1
* protobuf-debugsource-25.1-150600.16.16.1
* protobuf-devel-debuginfo-25.1-150600.16.16.1
* libprotobuf25_1_0-debuginfo-25.1-150600.16.16.1
* protobuf-devel-25.1-150600.16.16.1
* libprotoc25_1_0-25.1-150600.16.16.1
* libprotobuf-lite25_1_0-debuginfo-25.1-150600.16.16.1
* python311-protobuf-4.25.1-150600.16.16.1
* libprotobuf-lite25_1_0-25.1-150600.16.16.1
* openSUSE Leap 15.6 (x86_64)
* libprotoc25_1_0-32bit-25.1-150600.16.16.1
* libprotobuf-lite25_1_0-32bit-25.1-150600.16.16.1
* libprotoc25_1_0-32bit-debuginfo-25.1-150600.16.16.1
* libprotobuf-lite25_1_0-32bit-debuginfo-25.1-150600.16.16.1
* libprotobuf25_1_0-32bit-25.1-150600.16.16.1
* libprotobuf25_1_0-32bit-debuginfo-25.1-150600.16.16.1
* openSUSE Leap 15.6 (noarch)
* protobuf-java-25.1-150600.16.16.1
* protobuf-java-parent-25.1-150600.16.16.1
* protobuf-java-bom-25.1-150600.16.16.1
* openSUSE Leap 15.6 (aarch64_ilp32)
* libprotoc25_1_0-64bit-25.1-150600.16.16.1
* libprotobuf-lite25_1_0-64bit-debuginfo-25.1-150600.16.16.1
* libprotoc25_1_0-64bit-debuginfo-25.1-150600.16.16.1
* libprotobuf-lite25_1_0-64bit-25.1-150600.16.16.1
* libprotobuf25_1_0-64bit-25.1-150600.16.16.1
* libprotobuf25_1_0-64bit-debuginfo-25.1-150600.16.16.1
* Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* libprotobuf25_1_0-25.1-150600.16.16.1
* libprotoc25_1_0-debuginfo-25.1-150600.16.16.1
* protobuf-debugsource-25.1-150600.16.16.1
* libprotobuf25_1_0-debuginfo-25.1-150600.16.16.1
* libprotoc25_1_0-25.1-150600.16.16.1
* libprotobuf-lite25_1_0-debuginfo-25.1-150600.16.16.1
* libprotobuf-lite25_1_0-25.1-150600.16.16.1
* Development Tools Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* protobuf-devel-debuginfo-25.1-150600.16.16.1
* protobuf-devel-25.1-150600.16.16.1
* protobuf-debugsource-25.1-150600.16.16.1
* Python 3 Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* python311-protobuf-4.25.1-150600.16.16.1

## References:

* https://www.suse.com/security/cve/CVE-2026-0994.html
* https://bugzilla.suse.com/show_bug.cgi?id=1257173



SUSE-SU-2026:0373-1: important: Security update for glib2


# Security update for glib2

Announcement ID: SUSE-SU-2026:0373-1
Release Date: 2026-02-04T02:50:53Z
Rating: important
References:

* bsc#1257353
* bsc#1257354
* bsc#1257355

Cross-References:

* CVE-2026-1484
* CVE-2026-1485
* CVE-2026-1489

CVSS scores:

* CVE-2026-1484 ( SUSE ): 9.2
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-1484 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-1484 ( NVD ): 4.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L
* CVE-2026-1485 ( SUSE ): 4.6
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2026-1485 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2026-1485 ( NVD ): 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
* CVE-2026-1489 ( SUSE ): 9.2
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-1489 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-1489 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L

Affected Products:

* Basesystem Module 15-SP7
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP6 LTSS
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7

An update that solves three vulnerabilities can now be installed.

## Description:

This update for glib2 fixes the following issues:

* CVE-2026-1485: Fixed buffer underflow and out-of-bounds access due to
integer wraparound in content type parsing (bsc#1257354).
* CVE-2026-1484: Fixed buffer underflow and out-of-bounds access due to
miscalculated buffer boundaries in the Base64 encoding routine
(bsc#1257355).
* CVE-2026-1489: Fixed undersized heap allocation followed by out-of-bounds
access due to integer overflow in Unicode case conversion (bsc#1257353).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2026-373=1 openSUSE-SLE-15.6-2026-373=1

* Basesystem Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-373=1

* SUSE Linux Enterprise Server 15 SP6 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-373=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP6
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-373=1

## Package List:

* openSUSE Leap 15.6 (noarch)
* gio-branding-upstream-2.78.6-150600.4.35.1
* glib2-lang-2.78.6-150600.4.35.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* glib2-tools-2.78.6-150600.4.35.1
* glib2-tests-devel-2.78.6-150600.4.35.1
* libgio-2_0-0-debuginfo-2.78.6-150600.4.35.1
* libgmodule-2_0-0-debuginfo-2.78.6-150600.4.35.1
* libgthread-2_0-0-debuginfo-2.78.6-150600.4.35.1
* libgobject-2_0-0-debuginfo-2.78.6-150600.4.35.1
* libgio-2_0-0-2.78.6-150600.4.35.1
* libgmodule-2_0-0-2.78.6-150600.4.35.1
* libgobject-2_0-0-2.78.6-150600.4.35.1
* libgthread-2_0-0-2.78.6-150600.4.35.1
* glib2-doc-2.78.6-150600.4.35.1
* libglib-2_0-0-2.78.6-150600.4.35.1
* glib2-devel-static-2.78.6-150600.4.35.1
* glib2-devel-2.78.6-150600.4.35.1
* libglib-2_0-0-debuginfo-2.78.6-150600.4.35.1
* glib2-tools-debuginfo-2.78.6-150600.4.35.1
* glib2-tests-devel-debuginfo-2.78.6-150600.4.35.1
* glib2-devel-debuginfo-2.78.6-150600.4.35.1
* glib2-debugsource-2.78.6-150600.4.35.1
* openSUSE Leap 15.6 (x86_64)
* libglib-2_0-0-32bit-2.78.6-150600.4.35.1
* libgmodule-2_0-0-32bit-debuginfo-2.78.6-150600.4.35.1
* libgthread-2_0-0-32bit-2.78.6-150600.4.35.1
* libglib-2_0-0-32bit-debuginfo-2.78.6-150600.4.35.1
* libgmodule-2_0-0-32bit-2.78.6-150600.4.35.1
* glib2-devel-32bit-2.78.6-150600.4.35.1
* libgio-2_0-0-32bit-2.78.6-150600.4.35.1
* glib2-tools-32bit-debuginfo-2.78.6-150600.4.35.1
* libgobject-2_0-0-32bit-2.78.6-150600.4.35.1
* libgobject-2_0-0-32bit-debuginfo-2.78.6-150600.4.35.1
* glib2-tools-32bit-2.78.6-150600.4.35.1
* glib2-devel-32bit-debuginfo-2.78.6-150600.4.35.1
* libgio-2_0-0-32bit-debuginfo-2.78.6-150600.4.35.1
* libgthread-2_0-0-32bit-debuginfo-2.78.6-150600.4.35.1
* openSUSE Leap 15.6 (aarch64_ilp32)
* glib2-tools-64bit-2.78.6-150600.4.35.1
* libgmodule-2_0-0-64bit-debuginfo-2.78.6-150600.4.35.1
* libgobject-2_0-0-64bit-2.78.6-150600.4.35.1
* libgio-2_0-0-64bit-2.78.6-150600.4.35.1
* glib2-tools-64bit-debuginfo-2.78.6-150600.4.35.1
* libgthread-2_0-0-64bit-2.78.6-150600.4.35.1
* glib2-devel-64bit-debuginfo-2.78.6-150600.4.35.1
* glib2-devel-64bit-2.78.6-150600.4.35.1
* libgio-2_0-0-64bit-debuginfo-2.78.6-150600.4.35.1
* libglib-2_0-0-64bit-2.78.6-150600.4.35.1
* libgobject-2_0-0-64bit-debuginfo-2.78.6-150600.4.35.1
* libgthread-2_0-0-64bit-debuginfo-2.78.6-150600.4.35.1
* libglib-2_0-0-64bit-debuginfo-2.78.6-150600.4.35.1
* libgmodule-2_0-0-64bit-2.78.6-150600.4.35.1
* Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* glib2-tools-2.78.6-150600.4.35.1
* libgio-2_0-0-debuginfo-2.78.6-150600.4.35.1
* libgmodule-2_0-0-debuginfo-2.78.6-150600.4.35.1
* libgthread-2_0-0-debuginfo-2.78.6-150600.4.35.1
* libgobject-2_0-0-debuginfo-2.78.6-150600.4.35.1
* libgio-2_0-0-2.78.6-150600.4.35.1
* libgmodule-2_0-0-2.78.6-150600.4.35.1
* libgobject-2_0-0-2.78.6-150600.4.35.1
* libgthread-2_0-0-2.78.6-150600.4.35.1
* libglib-2_0-0-2.78.6-150600.4.35.1
* glib2-devel-2.78.6-150600.4.35.1
* glib2-tools-debuginfo-2.78.6-150600.4.35.1
* libglib-2_0-0-debuginfo-2.78.6-150600.4.35.1
* glib2-devel-debuginfo-2.78.6-150600.4.35.1
* glib2-debugsource-2.78.6-150600.4.35.1
* Basesystem Module 15-SP7 (noarch)
* glib2-lang-2.78.6-150600.4.35.1
* Basesystem Module 15-SP7 (x86_64)
* libglib-2_0-0-32bit-2.78.6-150600.4.35.1
* libgmodule-2_0-0-32bit-debuginfo-2.78.6-150600.4.35.1
* libglib-2_0-0-32bit-debuginfo-2.78.6-150600.4.35.1
* libgmodule-2_0-0-32bit-2.78.6-150600.4.35.1
* libgio-2_0-0-32bit-2.78.6-150600.4.35.1
* libgobject-2_0-0-32bit-2.78.6-150600.4.35.1
* libgobject-2_0-0-32bit-debuginfo-2.78.6-150600.4.35.1
* libgio-2_0-0-32bit-debuginfo-2.78.6-150600.4.35.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64)
* glib2-tools-2.78.6-150600.4.35.1
* libgio-2_0-0-debuginfo-2.78.6-150600.4.35.1
* libgmodule-2_0-0-debuginfo-2.78.6-150600.4.35.1
* libgthread-2_0-0-debuginfo-2.78.6-150600.4.35.1
* libgobject-2_0-0-debuginfo-2.78.6-150600.4.35.1
* libgio-2_0-0-2.78.6-150600.4.35.1
* libgmodule-2_0-0-2.78.6-150600.4.35.1
* libgobject-2_0-0-2.78.6-150600.4.35.1
* libgthread-2_0-0-2.78.6-150600.4.35.1
* libglib-2_0-0-2.78.6-150600.4.35.1
* glib2-devel-2.78.6-150600.4.35.1
* glib2-tools-debuginfo-2.78.6-150600.4.35.1
* libglib-2_0-0-debuginfo-2.78.6-150600.4.35.1
* glib2-devel-debuginfo-2.78.6-150600.4.35.1
* glib2-debugsource-2.78.6-150600.4.35.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (noarch)
* glib2-lang-2.78.6-150600.4.35.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (x86_64)
* libglib-2_0-0-32bit-2.78.6-150600.4.35.1
* libgmodule-2_0-0-32bit-debuginfo-2.78.6-150600.4.35.1
* libglib-2_0-0-32bit-debuginfo-2.78.6-150600.4.35.1
* libgmodule-2_0-0-32bit-2.78.6-150600.4.35.1
* libgio-2_0-0-32bit-2.78.6-150600.4.35.1
* libgobject-2_0-0-32bit-2.78.6-150600.4.35.1
* libgobject-2_0-0-32bit-debuginfo-2.78.6-150600.4.35.1
* libgio-2_0-0-32bit-debuginfo-2.78.6-150600.4.35.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64)
* glib2-tools-2.78.6-150600.4.35.1
* libgio-2_0-0-debuginfo-2.78.6-150600.4.35.1
* libgmodule-2_0-0-debuginfo-2.78.6-150600.4.35.1
* libgthread-2_0-0-debuginfo-2.78.6-150600.4.35.1
* libgobject-2_0-0-debuginfo-2.78.6-150600.4.35.1
* libgio-2_0-0-2.78.6-150600.4.35.1
* libgmodule-2_0-0-2.78.6-150600.4.35.1
* libgobject-2_0-0-2.78.6-150600.4.35.1
* libgthread-2_0-0-2.78.6-150600.4.35.1
* libglib-2_0-0-2.78.6-150600.4.35.1
* glib2-devel-2.78.6-150600.4.35.1
* glib2-tools-debuginfo-2.78.6-150600.4.35.1
* libglib-2_0-0-debuginfo-2.78.6-150600.4.35.1
* glib2-devel-debuginfo-2.78.6-150600.4.35.1
* glib2-debugsource-2.78.6-150600.4.35.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch)
* glib2-lang-2.78.6-150600.4.35.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (x86_64)
* libglib-2_0-0-32bit-2.78.6-150600.4.35.1
* libgmodule-2_0-0-32bit-debuginfo-2.78.6-150600.4.35.1
* libglib-2_0-0-32bit-debuginfo-2.78.6-150600.4.35.1
* libgmodule-2_0-0-32bit-2.78.6-150600.4.35.1
* libgio-2_0-0-32bit-2.78.6-150600.4.35.1
* libgobject-2_0-0-32bit-2.78.6-150600.4.35.1
* libgobject-2_0-0-32bit-debuginfo-2.78.6-150600.4.35.1
* libgio-2_0-0-32bit-debuginfo-2.78.6-150600.4.35.1

## References:

* https://www.suse.com/security/cve/CVE-2026-1484.html
* https://www.suse.com/security/cve/CVE-2026-1485.html
* https://www.suse.com/security/cve/CVE-2026-1489.html
* https://bugzilla.suse.com/show_bug.cgi?id=1257353
* https://bugzilla.suse.com/show_bug.cgi?id=1257354
* https://bugzilla.suse.com/show_bug.cgi?id=1257355



SUSE-SU-2026:0377-1: moderate: Security update for libheif


# Security update for libheif

Announcement ID: SUSE-SU-2026:0377-1
Release Date: 2026-02-04T07:37:59Z
Rating: moderate
References:

* bsc#1255735

Cross-References:

* CVE-2025-68431

CVSS scores:

* CVE-2025-68431 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-68431 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2025-68431 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.4
* openSUSE Leap 15.6

An update that solves one vulnerability can now be installed.

## Description:

This update for libheif fixes the following issues:

* CVE-2025-68431: Fixed heap buffer over-read in `HeifPixelImage::overlay()`
via crafted HEIF that exercises the overlay image item (bsc#1255735)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2026-377=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2026-377=1

## Package List:

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* libheif-devel-1.12.0-150400.3.17.1
* libheif1-1.12.0-150400.3.17.1
* libheif-debugsource-1.12.0-150400.3.17.1
* libheif1-debuginfo-1.12.0-150400.3.17.1
* gdk-pixbuf-loader-libheif-debuginfo-1.12.0-150400.3.17.1
* gdk-pixbuf-loader-libheif-1.12.0-150400.3.17.1
* openSUSE Leap 15.4 (x86_64)
* libheif1-32bit-debuginfo-1.12.0-150400.3.17.1
* libheif1-32bit-1.12.0-150400.3.17.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* libheif1-64bit-1.12.0-150400.3.17.1
* libheif1-64bit-debuginfo-1.12.0-150400.3.17.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* libheif-devel-1.12.0-150400.3.17.1
* libheif1-1.12.0-150400.3.17.1
* libheif-debugsource-1.12.0-150400.3.17.1
* libheif1-debuginfo-1.12.0-150400.3.17.1
* gdk-pixbuf-loader-libheif-debuginfo-1.12.0-150400.3.17.1
* gdk-pixbuf-loader-libheif-1.12.0-150400.3.17.1
* openSUSE Leap 15.6 (x86_64)
* libheif1-32bit-debuginfo-1.12.0-150400.3.17.1
* libheif1-32bit-1.12.0-150400.3.17.1

## References:

* https://www.suse.com/security/cve/CVE-2025-68431.html
* https://bugzilla.suse.com/show_bug.cgi?id=1255735



SUSE-SU-2026:0375-1: moderate: Security update for libvirt


# Security update for libvirt

Announcement ID: SUSE-SU-2026:0375-1
Release Date: 2026-02-04T07:37:41Z
Rating: moderate
References:

* bsc#1251822
* bsc#1253278
* bsc#1253703

Cross-References:

* CVE-2025-12748
* CVE-2025-13193

CVSS scores:

* CVE-2025-12748 ( SUSE ): 6.9
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-12748 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-12748 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-13193 ( SUSE ): 5.7
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2025-13193 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2025-13193 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Affected Products:

* openSUSE Leap 15.4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4

An update that solves two vulnerabilities and has one security fix can now be
installed.

## Description:

This update for libvirt fixes the following issues:

Security fixes:

* CVE-2025-13193: Fixed umask for 'qemu-img' when creating external inactive
snapshots (bsc#1253703)
* CVE-2025-12748: Fixed check ACLs before parsing the whole domain XML
(bsc#1253278)

Other fixes:

* libvirt-supportconfig: Add support for supportconfig.rc (bsc#1251822)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2026-375=1

* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2026-375=1

* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2026-375=1

* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2026-375=1

* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2026-375=1

## Package List:

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* libvirt-daemon-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-mpath-debuginfo-8.0.0-150400.7.14.1
* libvirt-lock-sanlock-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-core-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-gluster-8.0.0-150400.7.14.1
* libvirt-daemon-lxc-8.0.0-150400.7.14.1
* libvirt-client-8.0.0-150400.7.14.1
* libvirt-devel-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-logical-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-disk-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-secret-8.0.0-150400.7.14.1
* libvirt-daemon-driver-nodedev-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-iscsi-debuginfo-8.0.0-150400.7.14.1
* wireshark-plugin-libvirt-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.14.1
* libvirt-daemon-driver-network-8.0.0-150400.7.14.1
* libvirt-daemon-driver-nwfilter-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-disk-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.14.1
* libvirt-daemon-driver-interface-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-interface-8.0.0-150400.7.14.1
* libvirt-daemon-config-network-8.0.0-150400.7.14.1
* libvirt-debugsource-8.0.0-150400.7.14.1
* libvirt-daemon-driver-qemu-debuginfo-8.0.0-150400.7.14.1
* libvirt-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-iscsi-direct-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-gluster-debuginfo-8.0.0-150400.7.14.1
* libvirt-nss-8.0.0-150400.7.14.1
* libvirt-daemon-driver-lxc-debuginfo-8.0.0-150400.7.14.1
* libvirt-lock-sanlock-8.0.0-150400.7.14.1
* libvirt-libs-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-8.0.0-150400.7.14.1
* libvirt-daemon-qemu-8.0.0-150400.7.14.1
* libvirt-daemon-driver-nwfilter-8.0.0-150400.7.14.1
* libvirt-daemon-hooks-8.0.0-150400.7.14.1
* libvirt-client-debuginfo-8.0.0-150400.7.14.1
* libvirt-libs-8.0.0-150400.7.14.1
* wireshark-plugin-libvirt-debuginfo-8.0.0-150400.7.14.1
* libvirt-nss-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-logical-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.14.1
* libvirt-daemon-driver-secret-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-network-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-lxc-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-core-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-scsi-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-qemu-8.0.0-150400.7.14.1
* libvirt-daemon-config-nwfilter-8.0.0-150400.7.14.1
* libvirt-daemon-driver-nodedev-8.0.0-150400.7.14.1
* openSUSE Leap 15.4 (x86_64)
* libvirt-client-32bit-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-libxl-8.0.0-150400.7.14.1
* libvirt-daemon-driver-libxl-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-xen-8.0.0-150400.7.14.1
* libvirt-devel-32bit-8.0.0-150400.7.14.1
* openSUSE Leap 15.4 (noarch)
* libvirt-doc-8.0.0-150400.7.14.1
* openSUSE Leap 15.4 (aarch64 x86_64)
* libvirt-daemon-driver-storage-rbd-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.14.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* libvirt-client-64bit-debuginfo-8.0.0-150400.7.14.1
* libvirt-devel-64bit-8.0.0-150400.7.14.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* libvirt-daemon-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-mpath-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-core-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.14.1
* libvirt-client-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-logical-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-disk-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-secret-8.0.0-150400.7.14.1
* libvirt-daemon-driver-nodedev-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-iscsi-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.14.1
* libvirt-daemon-driver-network-8.0.0-150400.7.14.1
* libvirt-daemon-driver-nwfilter-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-disk-8.0.0-150400.7.14.1
* libvirt-daemon-driver-interface-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-interface-8.0.0-150400.7.14.1
* libvirt-debugsource-8.0.0-150400.7.14.1
* libvirt-daemon-driver-qemu-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-iscsi-direct-debuginfo-8.0.0-150400.7.14.1
* libvirt-libs-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-8.0.0-150400.7.14.1
* libvirt-daemon-qemu-8.0.0-150400.7.14.1
* libvirt-daemon-driver-nwfilter-8.0.0-150400.7.14.1
* libvirt-libs-8.0.0-150400.7.14.1
* libvirt-client-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-logical-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.14.1
* libvirt-daemon-driver-secret-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-network-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-core-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-scsi-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-qemu-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.14.1
* libvirt-daemon-driver-nodedev-8.0.0-150400.7.14.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 x86_64)
* libvirt-daemon-driver-storage-rbd-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.14.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* libvirt-daemon-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-mpath-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-core-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.14.1
* libvirt-client-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-logical-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-disk-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-secret-8.0.0-150400.7.14.1
* libvirt-daemon-driver-nodedev-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-iscsi-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.14.1
* libvirt-daemon-driver-network-8.0.0-150400.7.14.1
* libvirt-daemon-driver-nwfilter-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-disk-8.0.0-150400.7.14.1
* libvirt-daemon-driver-interface-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-interface-8.0.0-150400.7.14.1
* libvirt-debugsource-8.0.0-150400.7.14.1
* libvirt-daemon-driver-qemu-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-iscsi-direct-debuginfo-8.0.0-150400.7.14.1
* libvirt-libs-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-8.0.0-150400.7.14.1
* libvirt-daemon-qemu-8.0.0-150400.7.14.1
* libvirt-daemon-driver-nwfilter-8.0.0-150400.7.14.1
* libvirt-libs-8.0.0-150400.7.14.1
* libvirt-client-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-logical-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.14.1
* libvirt-daemon-driver-secret-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-network-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-core-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-scsi-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-qemu-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.14.1
* libvirt-daemon-driver-nodedev-8.0.0-150400.7.14.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 x86_64)
* libvirt-daemon-driver-storage-rbd-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.14.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* libvirt-daemon-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-mpath-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-core-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.14.1
* libvirt-client-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-logical-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-disk-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-secret-8.0.0-150400.7.14.1
* libvirt-daemon-driver-nodedev-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-iscsi-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.14.1
* libvirt-daemon-driver-network-8.0.0-150400.7.14.1
* libvirt-daemon-driver-nwfilter-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-disk-8.0.0-150400.7.14.1
* libvirt-daemon-driver-interface-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-interface-8.0.0-150400.7.14.1
* libvirt-debugsource-8.0.0-150400.7.14.1
* libvirt-daemon-driver-qemu-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-iscsi-direct-debuginfo-8.0.0-150400.7.14.1
* libvirt-libs-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-8.0.0-150400.7.14.1
* libvirt-daemon-qemu-8.0.0-150400.7.14.1
* libvirt-daemon-driver-nwfilter-8.0.0-150400.7.14.1
* libvirt-libs-8.0.0-150400.7.14.1
* libvirt-client-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-logical-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.14.1
* libvirt-daemon-driver-secret-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-network-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-core-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-scsi-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-qemu-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.14.1
* libvirt-daemon-driver-nodedev-8.0.0-150400.7.14.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 x86_64)
* libvirt-daemon-driver-storage-rbd-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.14.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* libvirt-daemon-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-mpath-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-core-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.14.1
* libvirt-client-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-logical-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-disk-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-secret-8.0.0-150400.7.14.1
* libvirt-daemon-driver-nodedev-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-iscsi-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.14.1
* libvirt-daemon-driver-network-8.0.0-150400.7.14.1
* libvirt-daemon-driver-nwfilter-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-disk-8.0.0-150400.7.14.1
* libvirt-daemon-driver-interface-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-interface-8.0.0-150400.7.14.1
* libvirt-debugsource-8.0.0-150400.7.14.1
* libvirt-daemon-driver-qemu-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-iscsi-direct-debuginfo-8.0.0-150400.7.14.1
* libvirt-libs-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-8.0.0-150400.7.14.1
* libvirt-daemon-qemu-8.0.0-150400.7.14.1
* libvirt-daemon-driver-nwfilter-8.0.0-150400.7.14.1
* libvirt-libs-8.0.0-150400.7.14.1
* libvirt-client-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-logical-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.14.1
* libvirt-daemon-driver-secret-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-network-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-core-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-scsi-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-qemu-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.14.1
* libvirt-daemon-driver-nodedev-8.0.0-150400.7.14.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 x86_64)
* libvirt-daemon-driver-storage-rbd-debuginfo-8.0.0-150400.7.14.1
* libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.14.1

## References:

* https://www.suse.com/security/cve/CVE-2025-12748.html
* https://www.suse.com/security/cve/CVE-2025-13193.html
* https://bugzilla.suse.com/show_bug.cgi?id=1251822
* https://bugzilla.suse.com/show_bug.cgi?id=1253278
* https://bugzilla.suse.com/show_bug.cgi?id=1253703



SUSE-SU-2026:0383-1: moderate: Security update for rekor


# Security update for rekor

Announcement ID: SUSE-SU-2026:0383-1
Release Date: 2026-02-04T12:46:33Z
Rating: moderate
References:

* bsc#1241153
* bsc#1248910
* jsc#SLE-23476

Cross-References:

* CVE-2025-29923
* CVE-2025-58058

CVSS scores:

* CVE-2025-29923 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
* CVE-2025-29923 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
* CVE-2025-58058 ( SUSE ): 6.9
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-58058 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-58058 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Affected Products:

* Basesystem Module 15-SP7
* openSUSE Leap 15.4
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP7

An update that solves two vulnerabilities and contains one feature can now be
installed.

## Description:

This update for rekor fixes the following issues:

Security fixes:

* CVE-2025-58058: Fixed github.com/ulikunitz/xz leaks memory (bsc#1248910)
* CVE-2025-29923: Fixed potential out of order responses when `CLIENT SETINFO`
times out during connection establishment (bsc#1241153)

Other fixes:

* Update to version 1.4.3
* Update to version 1.4.2
* Update to version 1.4.1 (jsc#SLE-23476)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* Basesystem Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-383=1

* openSUSE Leap 15.4
zypper in -t patch SUSE-2026-383=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2026-383=1

## Package List:

* Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* rekor-1.4.3-150400.4.28.1
* rekor-debuginfo-1.4.3-150400.4.28.1
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* rekor-1.4.3-150400.4.28.1
* rekor-debuginfo-1.4.3-150400.4.28.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* rekor-1.4.3-150400.4.28.1
* rekor-debuginfo-1.4.3-150400.4.28.1

## References:

* https://www.suse.com/security/cve/CVE-2025-29923.html
* https://www.suse.com/security/cve/CVE-2025-58058.html
* https://bugzilla.suse.com/show_bug.cgi?id=1241153
* https://bugzilla.suse.com/show_bug.cgi?id=1248910
* https://jira.suse.com/browse/SLE-23476



openSUSE-SU-2026:10139-1: moderate: libsoup-3_0-0-3.6.5-12.1 on GA media


# libsoup-3_0-0-3.6.5-12.1 on GA media

Announcement ID: openSUSE-SU-2026:10139-1
Rating: moderate

Cross-References:

* CVE-2026-1536
* CVE-2026-1761

CVSS scores:

* CVE-2026-1536 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
* CVE-2026-1536 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N
* CVE-2026-1761 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-1761 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves 2 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the libsoup-3_0-0-3.6.5-12.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* libsoup-3_0-0 3.6.5-12.1
* libsoup-3_0-0-32bit 3.6.5-12.1
* libsoup-devel 3.6.5-12.1
* libsoup-devel-32bit 3.6.5-12.1
* libsoup-lang 3.6.5-12.1
* typelib-1_0-Soup-3_0 3.6.5-12.1

## References:

* https://www.suse.com/security/cve/CVE-2026-1536.html
* https://www.suse.com/security/cve/CVE-2026-1761.html



openSUSE-SU-2026:10140-1: moderate: patch-2.8-2.1 on GA media


# patch-2.8-2.1 on GA media

Announcement ID: openSUSE-SU-2026:10140-1
Rating: moderate

Cross-References:

* CVE-2021-45261

CVSS scores:

* CVE-2021-45261 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the patch-2.8-2.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* patch 2.8-2.1

## References:

* https://www.suse.com/security/cve/CVE-2021-45261.html



openSUSE-SU-2026:10135-1: moderate: java-1_8_0-openj9-1.8.0.482-1.1 on GA media


# java-1_8_0-openj9-1.8.0.482-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10135-1
Rating: moderate

Cross-References:

* CVE-2026-21925
* CVE-2026-21933

CVSS scores:

* CVE-2026-21925 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2026-21933 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Affected Products:

* openSUSE Tumbleweed

An update that solves 2 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the java-1_8_0-openj9-1.8.0.482-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* java-1_8_0-openj9 1.8.0.482-1.1
* java-1_8_0-openj9-accessibility 1.8.0.482-1.1
* java-1_8_0-openj9-demo 1.8.0.482-1.1
* java-1_8_0-openj9-devel 1.8.0.482-1.1
* java-1_8_0-openj9-headless 1.8.0.482-1.1
* java-1_8_0-openj9-javadoc 1.8.0.482-1.1
* java-1_8_0-openj9-src 1.8.0.482-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-21925.html
* https://www.suse.com/security/cve/CVE-2026-21933.html



openSUSE-SU-2026:10141-1: moderate: rizin-0.8.2-1.1 on GA media


# rizin-0.8.2-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10141-1
Rating: moderate

Cross-References:

* CVE-2026-22780

CVSS scores:

* CVE-2026-22780 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the rizin-0.8.2-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* rizin 0.8.2-1.1
* rizin-common 0.8.2-1.1
* rizin-devel 0.8.2-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-22780.html



openSUSE-SU-2026:10136-1: moderate: java-1_8_0-openjdk-1.8.0.482-1.1 on GA media


# java-1_8_0-openjdk-1.8.0.482-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10136-1
Rating: moderate

Cross-References:

* CVE-2026-21925
* CVE-2026-21932
* CVE-2026-21933
* CVE-2026-21945

CVSS scores:

* CVE-2026-21925 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2026-21932 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
* CVE-2026-21933 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2026-21945 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Tumbleweed

An update that solves 4 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the java-1_8_0-openjdk-1.8.0.482-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* java-1_8_0-openjdk 1.8.0.482-1.1
* java-1_8_0-openjdk-accessibility 1.8.0.482-1.1
* java-1_8_0-openjdk-demo 1.8.0.482-1.1
* java-1_8_0-openjdk-devel 1.8.0.482-1.1
* java-1_8_0-openjdk-headless 1.8.0.482-1.1
* java-1_8_0-openjdk-javadoc 1.8.0.482-1.1
* java-1_8_0-openjdk-src 1.8.0.482-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-21925.html
* https://www.suse.com/security/cve/CVE-2026-21932.html
* https://www.suse.com/security/cve/CVE-2026-21933.html
* https://www.suse.com/security/cve/CVE-2026-21945.html



openSUSE-SU-2026:10134-1: moderate: java-17-openj9-17.0.18.0-1.1 on GA media


# java-17-openj9-17.0.18.0-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10134-1
Rating: moderate

Cross-References:

* CVE-2026-21925
* CVE-2026-21933

CVSS scores:

* CVE-2026-21925 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2026-21933 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Affected Products:

* openSUSE Tumbleweed

An update that solves 2 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the java-17-openj9-17.0.18.0-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* java-17-openj9 17.0.18.0-1.1
* java-17-openj9-demo 17.0.18.0-1.1
* java-17-openj9-devel 17.0.18.0-1.1
* java-17-openj9-headless 17.0.18.0-1.1
* java-17-openj9-javadoc 17.0.18.0-1.1
* java-17-openj9-jmods 17.0.18.0-1.1
* java-17-openj9-src 17.0.18.0-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-21925.html
* https://www.suse.com/security/cve/CVE-2026-21933.html



openSUSE-SU-2026:10133-1: moderate: java-11-openj9-11.0.30.0-1.1 on GA media


# java-11-openj9-11.0.30.0-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10133-1
Rating: moderate

Cross-References:

* CVE-2026-21925
* CVE-2026-21933

CVSS scores:

* CVE-2026-21925 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2026-21933 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Affected Products:

* openSUSE Tumbleweed

An update that solves 2 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the java-11-openj9-11.0.30.0-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* java-11-openj9 11.0.30.0-1.1
* java-11-openj9-demo 11.0.30.0-1.1
* java-11-openj9-devel 11.0.30.0-1.1
* java-11-openj9-headless 11.0.30.0-1.1
* java-11-openj9-javadoc 11.0.30.0-1.1
* java-11-openj9-jmods 11.0.30.0-1.1
* java-11-openj9-src 11.0.30.0-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-21925.html
* https://www.suse.com/security/cve/CVE-2026-21933.html



openSUSE-SU-2026:10137-1: moderate: java-21-openj9-21.0.10.0-1.1 on GA media


# java-21-openj9-21.0.10.0-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10137-1
Rating: moderate

Cross-References:

* CVE-2026-21925
* CVE-2026-21933

CVSS scores:

* CVE-2026-21925 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2026-21933 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Affected Products:

* openSUSE Tumbleweed

An update that solves 2 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the java-21-openj9-21.0.10.0-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* java-21-openj9 21.0.10.0-1.1
* java-21-openj9-demo 21.0.10.0-1.1
* java-21-openj9-devel 21.0.10.0-1.1
* java-21-openj9-headless 21.0.10.0-1.1
* java-21-openj9-javadoc 21.0.10.0-1.1
* java-21-openj9-jmods 21.0.10.0-1.1
* java-21-openj9-src 21.0.10.0-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-21925.html
* https://www.suse.com/security/cve/CVE-2026-21933.html



openSUSE-SU-2026:10132-1: moderate: freerdp-3.22.0-1.1 on GA media


# freerdp-3.22.0-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10132-1
Rating: moderate

Cross-References:

* CVE-2026-23948
* CVE-2026-24491
* CVE-2026-24675
* CVE-2026-24676
* CVE-2026-24677
* CVE-2026-24678
* CVE-2026-24679
* CVE-2026-24680
* CVE-2026-24681
* CVE-2026-24682
* CVE-2026-24683
* CVE-2026-24684

Affected Products:

* openSUSE Tumbleweed

An update that solves 12 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the freerdp-3.22.0-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* freerdp 3.22.0-1.1
* freerdp-devel 3.22.0-1.1
* freerdp-proxy 3.22.0-1.1
* freerdp-proxy-plugins 3.22.0-1.1
* freerdp-sdl 3.22.0-1.1
* freerdp-server 3.22.0-1.1
* freerdp-wayland 3.22.0-1.1
* libfreerdp-server-proxy3-3 3.22.0-1.1
* libfreerdp3-3 3.22.0-1.1
* librdtk0-0 3.22.0-1.1
* libuwac0-0 3.22.0-1.1
* libwinpr3-3 3.22.0-1.1
* rdtk0-devel 3.22.0-1.1
* uwac0-devel 3.22.0-1.1
* winpr-devel 3.22.0-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-23948.html
* https://www.suse.com/security/cve/CVE-2026-24491.html
* https://www.suse.com/security/cve/CVE-2026-24675.html
* https://www.suse.com/security/cve/CVE-2026-24676.html
* https://www.suse.com/security/cve/CVE-2026-24677.html
* https://www.suse.com/security/cve/CVE-2026-24678.html
* https://www.suse.com/security/cve/CVE-2026-24679.html
* https://www.suse.com/security/cve/CVE-2026-24680.html
* https://www.suse.com/security/cve/CVE-2026-24681.html
* https://www.suse.com/security/cve/CVE-2026-24682.html
* https://www.suse.com/security/cve/CVE-2026-24683.html
* https://www.suse.com/security/cve/CVE-2026-24684.html



SUSE-SU-2026:0381-1: moderate: Security update for abseil-cpp


# Security update for abseil-cpp

Announcement ID: SUSE-SU-2026:0381-1
Release Date: 2026-02-04T09:34:54Z
Rating: moderate
References:

* bsc#1237543

Cross-References:

* CVE-2025-0838

CVSS scores:

* CVE-2025-0838 ( SUSE ): 5.9
CVSS:4.0/AV:A/AC:H/AT:P/PR:L/UI:A/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L
* CVE-2025-0838 ( SUSE ): 5.6 CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:L/I:H/A:L
* CVE-2025-0838 ( NVD ): 5.9
CVSS:4.0/AV:A/AC:H/AT:P/PR:L/UI:A/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2025-0838 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* openSUSE Leap 15.5
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Micro for Rancher 5.4

An update that solves one vulnerability can now be installed.

## Description:

This update for abseil-cpp fixes the following issues:

Update to 20240116.3

* CVE-2025-0838: Fixed potential integer overflow in hash container
create/resize (bsc#1237543).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch SUSE-2026-381=1

* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2026-381=1

* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2026-381=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2026-381=1

## Package List:

* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
* abseil-cpp-debugsource-20240116.3-150500.13.10.1
* libabsl2401_0_0-20240116.3-150500.13.10.1
* abseil-cpp-devel-20240116.3-150500.13.10.1
* libabsl2401_0_0-debuginfo-20240116.3-150500.13.10.1
* openSUSE Leap 15.5 (x86_64)
* libabsl2401_0_0-32bit-debuginfo-20240116.3-150500.13.10.1
* libabsl2401_0_0-32bit-20240116.3-150500.13.10.1
* openSUSE Leap 15.5 (aarch64_ilp32)
* libabsl2401_0_0-64bit-20240116.3-150500.13.10.1
* libabsl2401_0_0-64bit-debuginfo-20240116.3-150500.13.10.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* abseil-cpp-debugsource-20240116.3-150500.13.10.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* abseil-cpp-debugsource-20240116.3-150500.13.10.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
* abseil-cpp-debugsource-20240116.3-150500.13.10.1
* libabsl2401_0_0-20240116.3-150500.13.10.1

## References:

* https://www.suse.com/security/cve/CVE-2025-0838.html
* https://bugzilla.suse.com/show_bug.cgi?id=1237543



openSUSE-SU-2026:20167-1: important: Security update for xrdp


openSUSE security update: security update for xrdp
-------------------------------------------------------------

Announcement ID: openSUSE-SU-2026:20167-1
Rating: important
References:

* bsc#1257362

Cross-References:

* CVE-2025-68670

CVSS scores:

* CVE-2025-68670 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-68670 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Products:

openSUSE Leap 16.0

-------------------------------------------------------------

An update that solves one vulnerability and has one bug fix can now be installed.

Description:

This update for xrdp fixes the following issues:

Changes in xrdp:

- CVE-2025-68670: Fixed a potential overflow (bsc#1257362).

Patch instructions:

To install this openSUSE security update use the suse recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

- openSUSE Leap 16.0

zypper in -t patch openSUSE-Leap-16.0-packagehub-105=1

Package List:

- openSUSE Leap 16.0:

libpainter0-0.9.26-bp160.2.1
librfxencode0-0.9.26-bp160.2.1
xrdp-0.9.26-bp160.2.1
xrdp-devel-0.9.26-bp160.2.1

References:

* https://www.suse.com/security/cve/CVE-2025-68670.html


Util-Linux, Python, Kernel, and more updates for Oracle Linux

ImageMagick, MySQL, Emacs, and more updates for Ubuntu Linux

Windows

Linux

macOS

Community

  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...